@GET
@Path("/authorize")
@JiveSignatureValidation
public Response authorize(@Context HttpServletRequest request, @Context UriInfo uriInfo) {
String instanceID = "TODO"; // TODO: HEADER PARAM / QUERY PARAM
String userID = "TODO"; // TODO: HEADER PARAM / QUERY PARAM
// TODO: CAPTURE THE JIVE ID FROM SIGNED FETCH HEADERS
ConsumerCredentials consumerCredentials =
new ConsumerCredentials(serviceConfig.getClientID(), serviceConfig.getClientSecret());
OAuth1AuthorizationFlow flow =
OAuth1ClientSupport.builder(consumerCredentials)
.authorizationFlow(
serviceConfig.getRequestTokenUrl(),
serviceConfig.getAccessTokenUrl(),
serviceConfig.getAuthorizeUrl())
.callbackUri(uriInfo.getBaseUri() + "oauth/" + SERVICE_NAME + "/callback")
.build();
String authorizationUrl = flow.start();
try {
URI authorizationUri = new URI(authorizationUrl);
/** LOAD INTO SESSION FOR FOLLOW-UP HIT * */
request.getSession().setAttribute(getFlowSessionKey(), flow);
request.getSession().setAttribute(getInstanceIDSessionKey(), instanceID);
request.getSession().setAttribute(getUserIDSessionKey(), userID);
// *** NOTE: 303 "See Other" NEEDED FOR JERSEY FLOW TO PICK UP
return Response.seeOther(authorizationUri).build();
} catch (URISyntaxException use) {
log.error("Invalid Authorization URI: " + authorizationUrl);
return Response.serverError().entity("Unable to Process this Request").build();
} // end try/catch
} // end authorize
@GET
@Path("/callback")
public Response callback(
@Context HttpServletRequest request,
@Context UriInfo uriInfo,
@QueryParam("oauth_token") String token,
@QueryParam("oauth_verifier") String verifier) {
if (token == null) {
if (log.isWarnEnabled()) {
log.warn("oauth_token is null, failing request");
}
return Response.status(Response.Status.BAD_REQUEST)
.entity("Missing oauth_token string")
.build();
} // end if
if (verifier == null) {
if (log.isWarnEnabled()) {
log.warn("oauth_verifier is null");
}
return Response.status(Response.Status.BAD_REQUEST)
.entity("Missing oauth_verifier string")
.build();
} // end if
/** * RETRIEVE FROM SESSION TO CLOSE OUT THE FLOW ** */
OAuth1AuthorizationFlow flow =
(OAuth1AuthorizationFlow) request.getSession().getAttribute(getFlowSessionKey());
String instanceID = (String) request.getSession().getAttribute(getInstanceIDSessionKey());
String userID = (String) request.getSession().getAttribute(getUserIDSessionKey());
if (JiveSDKUtils.isAllExist(instanceID, userID, flow, verifier)) {
flow.finish(verifier);
if (log.isDebugEnabled()) {
log.debug(
"Successfully Retrieved OAuth Tokens["
+ SERVICE_NAME
+ "]: instanceID="
+ instanceID
+ ", token="
+ token
+ ", verifier="
+ verifier);
}
fireOAuthEvent(
OAuthEvent.Type.GrantSuccess,
getOAuth1GrantSuccessData(instanceID, userID, token, verifier));
try {
URI uri = new URI("/oauth/" + SERVICE_NAME + "/callback-close.jsp");
return Response.temporaryRedirect(uri).build();
} catch (URISyntaxException use) {
log.error("Invalid Authorization URI: /oauth/" + SERVICE_NAME + "/callback-close.jsp", use);
return Response.serverError().entity("Invalid Close URL").build();
} // end try/catch
} // end if
return Response.status(404).entity("Resource Not Found").build();
} // end callback