List of usage examples for org.springframework.security.oauth.common.signature SharedConsumerSecretImpl SharedConsumerSecretImpl
public SharedConsumerSecretImpl(String consumerSecret)
From source file:ltistarter.oauth.OAuthUtils.java
public static ResponseEntity sendOAuth1Request(String url, String consumerKey, String sharedSecret, Map<String, String> params, Map<String, String> headers) { assert url != null; assert consumerKey != null; assert sharedSecret != null; BaseProtectedResourceDetails prd = new BaseProtectedResourceDetails(); prd.setId("oauth"); prd.setConsumerKey(consumerKey);//from www .j a v a 2 s . c o m prd.setSharedSecret(new SharedConsumerSecretImpl(sharedSecret)); prd.setAdditionalParameters(params); prd.setAdditionalRequestHeaders(headers); OAuthRestTemplate restTemplate = new OAuthRestTemplate(prd); ResponseEntity<String> response = restTemplate.postForEntity(url, params, String.class, (Map<String, ?>) null); return response; }
From source file:ltistarter.oauth.MyConsumerDetailsService.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { BaseConsumerDetails cd;/*w ww. j a v a2 s.c o m*/ // NOTE: really lookup the key and secret, for the sample here we just hardcoded if ("key".equals(consumerKey)) { // allow this oauth request cd = new BaseConsumerDetails(); cd.setConsumerKey(consumerKey); cd.setSignatureSecret(new SharedConsumerSecretImpl("secret")); cd.setConsumerName("Sample"); cd.setRequiredToObtainAuthenticatedToken(false); // no token required (0-legged) cd.getAuthorities().add(new SimpleGrantedAuthority("ROLE_OAUTH")); // add the ROLE_OAUTH (can add others as well) log.info("OAuth check SUCCESS, consumer key: " + consumerKey); } else { // deny - failed to match throw new OAuthException("For this example, key must be 'key'"); } return cd; }
From source file:org.cloudfoundry.identity.uaa.client.OAuthClientAuthenticationFilterTests.java
private void setUpContext(String tokenName, String secretName, String keyName, String sharedName) { resource.setId("foo"); String consumerKey = System.getProperty(keyName); Assume.assumeNotNull(consumerKey);/*ww w . j av a 2 s . c o m*/ String sharedSecret = System.getProperty(sharedName); Assume.assumeNotNull(sharedSecret); String accessToken = System.getProperty(tokenName); Assume.assumeNotNull(accessToken); String secret = System.getProperty(secretName); Assume.assumeNotNull(accessToken); OAuthSecurityContextImpl context = new OAuthSecurityContextImpl(); OAuthConsumerToken token = new OAuthConsumerToken(); resource.setConsumerKey(consumerKey); resource.setSharedSecret(new SharedConsumerSecretImpl(sharedSecret)); token.setValue(accessToken); token.setSecret(secret); context.setAccessTokens(Collections.singletonMap("foo", token)); OAuthSecurityContextHolder.setContext(context); }
From source file:org.awesomeagile.webapp.config.HackpadConfig.java
@Hackpad @Bean/*from w w w . ja v a 2 s . c o m*/ public OAuthRestTemplate getHackpadRestTemplate() { BaseProtectedResourceDetails resource = new BaseProtectedResourceDetails(); resource.setConsumerKey(hackpadClientId); resource.setSharedSecret(new SharedConsumerSecretImpl(hackpadClientSecret)); resource.setAcceptsAuthorizationHeader(false); return new OAuthRestTemplate(resource); }
From source file:ltistarter.lti.LTIConsumerDetailsService.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { consumerKey = StringUtils.trimToNull(consumerKey); assert StringUtils.isNotEmpty(consumerKey) : "consumerKey must be set and not null"; BaseConsumerDetails cd;/*from www. j a v a 2s .co m*/ LtiKeyEntity ltiKey = ltiKeyRepository.findByKeyKey(consumerKey); if (ltiKey == null) { // no matching key found throw new OAuthException("No matching lti key record was found for " + consumerKey); } else { cd = new BaseConsumerDetails(); cd.setConsumerKey(consumerKey); cd.setSignatureSecret(new SharedConsumerSecretImpl(ltiKey.getSecret())); cd.setConsumerName(String.valueOf(ltiKey.getKeyId())); cd.setRequiredToObtainAuthenticatedToken(false); // no token required (0-legged) cd.getAuthorities().add(new SimpleGrantedAuthority("ROLE_OAUTH")); // add the ROLE_OAUTH (can add others as well) cd.getAuthorities().add(new SimpleGrantedAuthority("ROLE_LTI")); log.info("LTI check SUCCESS, consumer key: " + consumerKey); } return cd; }
From source file:nl.surfnet.coin.api.service.MockClientDetailsService.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { final OpenConextConsumerDetails consumerDetails = new OpenConextConsumerDetails(); consumerDetails.setConsumerKey(consumerKey); consumerDetails.setConsumerName("Mock consumer name"); // Can do 2 legged consumerDetails.setRequiredToObtainAuthenticatedToken(false); consumerDetails.setAuthorities(Arrays.<GrantedAuthority>asList(new SimpleGrantedAuthority("ROLE_USER"))); consumerDetails.setSignatureSecret(new SharedConsumerSecretImpl(defaultSecret)); consumerDetails.setClientMetaData(mockMetadata(consumerKey)); ClientMetaDataHolder.setClientMetaData(consumerDetails.getClientMetaData()); LOG.debug("Got request loadClientByClientId({}), will return: {}", consumerKey, consumerDetails); return consumerDetails; }
From source file:nl.surfnet.coin.api.service.JanusClientDetailsService.java
/** * {@inheritDoc}//from ww w. ja va 2s .co m */ @Override @Cacheable(value = { "janus-meta-data" }) public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { EntityMetadata metadata = getJanusMetadataByConsumerKey(consumerKey, new OAuthException(OAuth2Exception.INVALID_CLIENT)); validateMetadata(consumerKey, metadata); final OpenConextConsumerDetails consumerDetails = new OpenConextConsumerDetails(); consumerDetails.setConsumerKey(consumerKey); consumerDetails.setAuthorities(Arrays.<GrantedAuthority>asList(new SimpleGrantedAuthority("ROLE_USER"))); ClientMetaData clientMetaData = new JanusClientMetadata(metadata); consumerDetails.setClientMetaData(clientMetaData); ClientMetaDataHolder.setClientMetaData(clientMetaData); consumerDetails.setSignatureSecret(new SharedConsumerSecretImpl(metadata.getOauthConsumerSecret())); // set to required by default consumerDetails.setRequiredToObtainAuthenticatedToken(true); if (metadata.isTwoLeggedOauthAllowed()) { // two legged allowed consumerDetails.setRequiredToObtainAuthenticatedToken(false); } return consumerDetails; }
From source file:org.jasig.ssp.service.security.lti.impl.LtiConsumerServiceImpl.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { // ConsumerDetailsService contract requires that this method must // not return null. All failures must be represented by OAuthException. final LtiConsumer consumer; try {/*from ww w. ja v a 2s. c om*/ consumer = findByConsumerKey(consumerKey); if (consumer == null) { throw new ObjectNotFoundException(consumerKey, LtiConsumer.class.getName()); } // Technically you might be loading the consumer for other reasons that don't // have to do with processing an authentication request, but in practice that's // all we use this method for. So in order to avoid any possibly holes whereby // a disabled LtiConsumer successfully authenticates requests, we put that sort // of checking here rather than in processLaunch() if (consumer.getObjectStatus() != ObjectStatus.ACTIVE) { throw new ConsumerDetailsDisabledException( "Consumer with key [" + consumerKey + "] has been disabled"); } if (StringUtils.isBlank(consumer.getSecret())) { throw new ConsumerDetailsDisabledException( "Consumer with key [" + consumerKey + "] has been disabled because it has no secret"); } // Wrap in the same try catch b/c there's no semantic collision currently between // the possible exception types thrown by lookup and initialization ops, and // we're doing our best to ensure all failures are represented a OAuthException as // required by the contract BaseConsumerDetails consumerDetails = new BaseConsumerDetails(); consumerDetails.setConsumerKey(consumer.getConsumerKey()); consumerDetails.setSignatureSecret(new SharedConsumerSecretImpl(consumer.getSecret())); consumerDetails.setRequiredToObtainAuthenticatedToken(false); return consumerDetails; } catch (ObjectNotFoundException e) { // contract requires an OAuthException for all failures, including any sort of disabled/missing consumer throw new ConsumerDetailsNotFoundException("Failed to load consumer by key [" + consumerKey + "]", e); } catch (OAuthException e) { throw e; } catch (AuthenticationException e) { // Shouldn't happen, but if it does, it's probably not a InternalAuthenticationServiceException // as handled below. And we can be fairly sure the issue isn't a missing Consumer. So just... disabled. throw new ConsumerDetailsDisabledException("Failed to load consumer by key [" + consumerKey + "]", e); } catch (Exception e) { final InternalAuthenticationServiceException ssWrap = new InternalAuthenticationServiceException( "Failed to load consumer by key [" + consumerKey + "]", e); throw new OAuthException("Failed to load consumer by key [" + consumerKey + "]", ssWrap); } }