Example usage for org.springframework.security.oauth.common OAuthProviderParameter oauth_verifier

List of usage examples for org.springframework.security.oauth.common OAuthProviderParameter oauth_verifier

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.oauth.common.*
  5. OAuthProviderParameter
  6. oauth_verifier

Introduction

In this page you can find the example usage for org.springframework.security.oauth.common OAuthProviderParameter oauth_verifier.

Prototype

OAuthProviderParameter oauth_verifier

To view the source code for org.springframework.security.oauth.common OAuthProviderParameter oauth_verifier.

Click Source Link

Document

Verifier

Usage

From source file:org.springframework.security.oauth.consumer.filter.OAuthConsumerContextFilter.java

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;
    OAuthSecurityContextImpl context = new OAuthSecurityContextImpl();
    context.setDetails(request);//from   w w w. j  ava 2s .  co  m

    Map<String, OAuthConsumerToken> rememberedTokens = getRememberMeServices().loadRememberedTokens(request,
            response);
    Map<String, OAuthConsumerToken> accessTokens = new TreeMap<String, OAuthConsumerToken>();
    Map<String, OAuthConsumerToken> requestTokens = new TreeMap<String, OAuthConsumerToken>();
    if (rememberedTokens != null) {
        for (Map.Entry<String, OAuthConsumerToken> tokenEntry : rememberedTokens.entrySet()) {
            OAuthConsumerToken token = tokenEntry.getValue();
            if (token != null) {
                if (token.isAccessToken()) {
                    accessTokens.put(tokenEntry.getKey(), token);
                } else {
                    requestTokens.put(tokenEntry.getKey(), token);
                }
            }
        }
    }

    context.setAccessTokens(accessTokens);
    OAuthSecurityContextHolder.setContext(context);
    if (LOG.isDebugEnabled()) {
        LOG.debug("Storing access tokens in request attribute '" + getAccessTokensRequestAttribute() + "'.");
    }

    try {
        try {
            request.setAttribute(getAccessTokensRequestAttribute(),
                    new ArrayList<OAuthConsumerToken>(accessTokens.values()));
            chain.doFilter(request, response);
        } catch (Exception e) {
            try {
                ProtectedResourceDetails resourceThatNeedsAuthorization = checkForResourceThatNeedsAuthorization(
                        e);
                String neededResourceId = resourceThatNeedsAuthorization.getId();
                while (!accessTokens.containsKey(neededResourceId)) {
                    OAuthConsumerToken token = requestTokens.remove(neededResourceId);
                    if (token == null) {
                        token = getTokenServices().getToken(neededResourceId);
                    }

                    String verifier = request.getParameter(OAuthProviderParameter.oauth_verifier.toString());
                    // if the token is null OR
                    // if there is NO access token and (we're not using 1.0a or the verifier is not null)
                    if (token == null || (!token.isAccessToken()
                            && (!resourceThatNeedsAuthorization.isUse10a() || verifier == null))) {
                        //no token associated with the resource, start the oauth flow.
                        //if there's a request token, but no verifier, we'll assume that a previous oauth request failed and we need to get a new request token.
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Obtaining request token for resource: " + neededResourceId);
                        }

                        //obtain authorization.
                        String callbackURL = response.encodeRedirectURL(getCallbackURL(request));
                        token = getConsumerSupport().getUnauthorizedRequestToken(neededResourceId, callbackURL);
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Request token obtained for resource " + neededResourceId + ": " + token);
                        }

                        //okay, we've got a request token, now we need to authorize it.
                        requestTokens.put(neededResourceId, token);
                        getTokenServices().storeToken(neededResourceId, token);
                        String redirect = getUserAuthorizationRedirectURL(resourceThatNeedsAuthorization, token,
                                callbackURL);

                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Redirecting request to " + redirect
                                    + " for user authorization of the request token for resource "
                                    + neededResourceId + ".");
                        }

                        request.setAttribute(
                                "org.springframework.security.oauth.consumer.AccessTokenRequiredException", e);
                        this.redirectStrategy.sendRedirect(request, response, redirect);
                        return;
                    } else if (!token.isAccessToken()) {
                        //we have a presumably authorized request token, let's try to get an access token with it.
                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Obtaining access token for resource: " + neededResourceId);
                        }

                        //authorize the request token and store it.
                        try {
                            token = getConsumerSupport().getAccessToken(token, verifier);
                        } finally {
                            getTokenServices().removeToken(neededResourceId);
                        }

                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Access token " + token + " obtained for resource " + neededResourceId
                                    + ". Now storing and using.");
                        }

                        getTokenServices().storeToken(neededResourceId, token);
                    }

                    accessTokens.put(neededResourceId, token);

                    try {
                        //try again
                        if (!response.isCommitted()) {
                            request.setAttribute(getAccessTokensRequestAttribute(),
                                    new ArrayList<OAuthConsumerToken>(accessTokens.values()));
                            chain.doFilter(request, response);
                        } else {
                            //dang. what do we do now?
                            throw new IllegalStateException(
                                    "Unable to reprocess filter chain with needed OAuth2 resources because the response is already committed.");
                        }
                    } catch (Exception e1) {
                        resourceThatNeedsAuthorization = checkForResourceThatNeedsAuthorization(e1);
                        neededResourceId = resourceThatNeedsAuthorization.getId();
                    }
                }
            } catch (OAuthRequestFailedException eo) {
                fail(request, response, eo);
            } catch (Exception ex) {
                Throwable[] causeChain = getThrowableAnalyzer().determineCauseChain(ex);
                OAuthRequestFailedException rfe = (OAuthRequestFailedException) getThrowableAnalyzer()
                        .getFirstThrowableOfType(OAuthRequestFailedException.class, causeChain);
                if (rfe != null) {
                    fail(request, response, rfe);
                } else {
                    // Rethrow ServletExceptions and RuntimeExceptions as-is
                    if (ex instanceof ServletException) {
                        throw (ServletException) ex;
                    } else if (ex instanceof RuntimeException) {
                        throw (RuntimeException) ex;
                    }

                    // Wrap other Exceptions. These are not expected to happen
                    throw new RuntimeException(ex);
                }
            }
        }
    } finally {
        OAuthSecurityContextHolder.setContext(null);
        HashMap<String, OAuthConsumerToken> tokensToRemember = new HashMap<String, OAuthConsumerToken>();
        tokensToRemember.putAll(requestTokens);
        tokensToRemember.putAll(accessTokens);
        getRememberMeServices().rememberTokens(tokensToRemember, request, response);
    }
}

From source file:org.springframework.security.oauth.consumer.OAuthConsumerProcessingFilter.java

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain chain)
        throws IOException, ServletException {
    HttpServletRequest request = (HttpServletRequest) servletRequest;
    HttpServletResponse response = (HttpServletResponse) servletResponse;

    Set<String> accessTokenDeps = getAccessTokenDependencies(request, response, chain);
    if (!accessTokenDeps.isEmpty()) {
        try {/*w  ww  .j a  v  a 2 s  .com*/
            Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
            if (requireAuthenticated && !authentication.isAuthenticated()) {
                throw new InsufficientAuthenticationException("An authenticated principal must be present.");
            }

            OAuthConsumerTokenServices tokenServices = getTokenServicesFactory()
                    .getTokenServices(authentication, request);
            List<OAuthConsumerToken> tokens = new ArrayList<OAuthConsumerToken>();
            for (String dependency : accessTokenDeps) {
                OAuthConsumerToken token = tokenServices.getToken(dependency);
                if (token == null) {
                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Obtaining request token for dependency: " + dependency);
                    }

                    //obtain authorization.
                    String callbackURL = response.encodeRedirectURL(getCallbackURL(request));
                    OAuthConsumerToken requestToken = getConsumerSupport()
                            .getUnauthorizedRequestToken(dependency, callbackURL);

                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Request token obtained for dependency " + dependency + ": " + requestToken);
                    }
                    tokenServices.storeToken(dependency, requestToken);
                    String redirect = getUserAuthorizationRedirectURL(requestToken, callbackURL);

                    if (LOG.isDebugEnabled()) {
                        LOG.debug("Redirecting request to " + redirect
                                + " for user authorization of the request token for dependency " + dependency
                                + ".");
                    }
                    response.sendRedirect(redirect);
                    return;
                } else {
                    if (!token.isAccessToken()) {

                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Obtaining access token for dependency: " + dependency);
                        }

                        //authorize the request token and store it.
                        try {
                            token = getConsumerSupport().getAccessToken(token,
                                    request.getParameter(OAuthProviderParameter.oauth_verifier.toString()));
                        } finally {
                            //make sure any request tokens are removed.
                            tokenServices.removeToken(dependency);
                        }

                        if (LOG.isDebugEnabled()) {
                            LOG.debug("Access token " + token + " obtained for dependency " + dependency
                                    + ". Now storing and using.");
                        }

                        tokenServices.storeToken(dependency, token);
                    } else if (LOG.isDebugEnabled()) {
                        LOG.debug("Authorized access token " + token + " loaded for dependency " + dependency
                                + ".");
                    }

                    //token already authorized.
                    tokens.add(token);
                }
            }

            if (LOG.isDebugEnabled()) {
                LOG.debug("Storing access tokens in request attribute '" + getAccessTokensRequestAttribute()
                        + "'.");
            }

            request.setAttribute(getAccessTokensRequestAttribute(), tokens);
            chain.doFilter(request, response);
        } catch (OAuthException ae) {
            fail(request, response, ae);
        } catch (ServletException e) {
            if (e.getRootCause() instanceof OAuthException) {
                fail(request, response, (OAuthException) e.getRootCause());
            } else {
                throw e;
            }
        }
    } else {
        if (LOG.isDebugEnabled()) {
            LOG.debug("No access token dependencies for request.");
        }
        chain.doFilter(servletRequest, servletResponse);
    }
}