List of usage examples for org.apache.http.message BasicHeaderValueParser parseNameValuePair
public NameValuePair parseNameValuePair(CharArrayBuffer charArrayBuffer, ParserCursor parserCursor)
From source file:net.oauth.signatures.SignedOAuthTokenParser.java
/** * Extracts the signed OAuth token from the Authorization header and then verifies it. * @param request the {@link HttpServletRequest} that contains the signed OAuth token in the * Authorization header.//from w ww .ja v a2 s.co m * @return the signed OAuth token. * @throws SignatureException if the signature doesn't check out, or if authentication fails * for other reason (missing Authorization header, etc.). */ public SignedOAuthToken parseToken(HttpServletRequest request) throws SignatureException { // this guaranteed to return a string starting with "Token", or null String header = getAuthHeader(request); if (header == null) { throw new SignatureException("missing Authorization header of type 'Token'"); } String postFix = header.substring(0, SignedOAuthToken.AUTH_METHOD.length()); // read past "Token" NameValuePair nvp = BasicHeaderValueParser.parseNameValuePair(postFix.trim(), null); if (nvp == null) { throw new SignatureException("missing signed_token in Authorization header: " + header); } if (!SignedOAuthToken.SIGNED_TOKEN_PARAM.equals(nvp.getName())) { // Not logging the header in this case. maybe they just mis-spelled "token", but did send the // actual OAuth token. We don't want to log that. throw new SignatureException("missing signed_token in Authorization header"); } String token = nvp.getValue().trim(); String method = request.getMethod(); StringBuffer uri = request.getRequestURL(); if (request.getQueryString() != null) { uri.append("?"); uri.append(request.getQueryString()); } return parseToken(token, method, uri.toString()); }