Example usage for org.springframework.security.oauth.common.signature UnsupportedSignatureMethodException getMessage

Introduction

In this page you can find the example usage for org.springframework.security.oauth.common.signature UnsupportedSignatureMethodException getMessage.

Prototype

public String getMessage() 

Source Link

Document

Returns the detail message string of this throwable.

Usage

From source file:org.springframework.security.oauth.consumer.client.CoreOAuthConsumerSupport.java

/**
 * Loads the OAuth parameters for the given resource at the given URL and the given token. These parameters include
 * any query parameters on the URL since they are included in the signature. The oauth parameters are NOT encoded.
 *
 * @param details      The resource details.
 * @param requestURL   The request URL.//from w w w .  j  a  v  a2s  . c o m
 * @param requestToken The request token.
 * @param httpMethod   The http method.
 * @param additionalParameters Additional oauth parameters (outside of the core oauth spec).
 * @return The parameters.
 */
protected Map<String, Set<CharSequence>> loadOAuthParameters(ProtectedResourceDetails details, URL requestURL,
        OAuthConsumerToken requestToken, String httpMethod, Map<String, String> additionalParameters) {
    Map<String, Set<CharSequence>> oauthParams = new TreeMap<String, Set<CharSequence>>();

    if (additionalParameters != null) {
        for (Map.Entry<String, String> additionalParam : additionalParameters.entrySet()) {
            Set<CharSequence> values = oauthParams.get(additionalParam.getKey());
            if (values == null) {
                values = new HashSet<CharSequence>();
                oauthParams.put(additionalParam.getKey(), values);
            }
            if (additionalParam.getValue() != null) {
                values.add(additionalParam.getValue());
            }
        }
    }

    String query = requestURL.getQuery();
    if (query != null) {
        StringTokenizer queryTokenizer = new StringTokenizer(query, "&");
        while (queryTokenizer.hasMoreElements()) {
            String token = (String) queryTokenizer.nextElement();
            CharSequence value = null;
            int equalsIndex = token.indexOf('=');
            if (equalsIndex < 0) {
                token = urlDecode(token);
            } else {
                value = new QueryParameterValue(urlDecode(token.substring(equalsIndex + 1)));
                token = urlDecode(token.substring(0, equalsIndex));
            }

            Set<CharSequence> values = oauthParams.get(token);
            if (values == null) {
                values = new HashSet<CharSequence>();
                oauthParams.put(token, values);
            }
            if (value != null) {
                values.add(value);
            }
        }
    }

    String tokenSecret = requestToken == null ? null : requestToken.getSecret();
    String nonce = getNonceFactory().generateNonce();
    oauthParams.put(OAuthConsumerParameter.oauth_consumer_key.toString(),
            Collections.singleton((CharSequence) details.getConsumerKey()));
    if ((requestToken != null) && (requestToken.getValue() != null)) {
        oauthParams.put(OAuthConsumerParameter.oauth_token.toString(),
                Collections.singleton((CharSequence) requestToken.getValue()));
    }

    oauthParams.put(OAuthConsumerParameter.oauth_nonce.toString(), Collections.singleton((CharSequence) nonce));
    oauthParams.put(OAuthConsumerParameter.oauth_signature_method.toString(),
            Collections.singleton((CharSequence) details.getSignatureMethod()));
    oauthParams.put(OAuthConsumerParameter.oauth_timestamp.toString(),
            Collections.singleton((CharSequence) String.valueOf(System.currentTimeMillis() / 1000)));
    oauthParams.put(OAuthConsumerParameter.oauth_version.toString(),
            Collections.singleton((CharSequence) "1.0"));
    String signatureBaseString = getSignatureBaseString(oauthParams, requestURL, httpMethod);
    OAuthSignatureMethod signatureMethod;
    try {
        signatureMethod = getSignatureFactory().getSignatureMethod(details.getSignatureMethod(),
                details.getSharedSecret(), tokenSecret);
    } catch (UnsupportedSignatureMethodException e) {
        throw new OAuthRequestFailedException(e.getMessage(), e);
    }
    String signature = signatureMethod.sign(signatureBaseString);
    oauthParams.put(OAuthConsumerParameter.oauth_signature.toString(),
            Collections.singleton((CharSequence) signature));
    return oauthParams;
}

---

From source file:org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter.java

/**
 * Validate the signature of the request given the authentication request.
 *
 * @param authentication The authentication request.
 *///from w  ww. ja va 2 s.c o  m
protected void validateSignature(ConsumerAuthentication authentication) throws AuthenticationException {
    SignatureSecret secret = authentication.getConsumerDetails().getSignatureSecret();
    String token = authentication.getConsumerCredentials().getToken();
    OAuthProviderToken authToken = null;
    if (token != null && !"".equals(token)) {
        authToken = getTokenServices().getToken(token);
    }

    String signatureMethod = authentication.getConsumerCredentials().getSignatureMethod();
    OAuthSignatureMethod method;
    try {
        method = getSignatureMethodFactory().getSignatureMethod(signatureMethod, secret,
                authToken != null ? authToken.getSecret() : null);
    } catch (UnsupportedSignatureMethodException e) {
        throw new OAuthException(e.getMessage(), e);
    }

    String signatureBaseString = authentication.getConsumerCredentials().getSignatureBaseString();
    String signature = authentication.getConsumerCredentials().getSignature();
    if (log.isDebugEnabled()) {
        log.debug("Verifying signature " + signature + " for signature base string " + signatureBaseString
                + " with method " + method.getName() + ".");
    }
    method.verify(signatureBaseString, signature);
}

---