List of usage examples for org.springframework.security.oauth.consumer OAuthRequestFailedException OAuthRequestFailedException
public OAuthRequestFailedException(String msg)
From source file:org.springframework.security.oauth.consumer.client.CoreOAuthConsumerSupport.java
public InputStream readProtectedResource(URL url, OAuthConsumerToken accessToken, String httpMethod) throws OAuthRequestFailedException { if (accessToken == null) { throw new OAuthRequestFailedException("A valid access token must be supplied."); }/*from ww w . j a va 2 s. c o m*/ ProtectedResourceDetails resourceDetails = getProtectedResourceDetailsService() .loadProtectedResourceDetailsById(accessToken.getResourceId()); if ((!resourceDetails.isAcceptsAuthorizationHeader()) && !"POST".equalsIgnoreCase(httpMethod) && !"PUT".equalsIgnoreCase(httpMethod)) { throw new IllegalArgumentException("Protected resource " + resourceDetails.getId() + " cannot be accessed with HTTP method " + httpMethod + " because the OAuth provider doesn't accept the OAuth Authorization header."); } return readResource(resourceDetails, url, httpMethod, accessToken, resourceDetails.getAdditionalParameters(), null); }
From source file:org.springframework.security.oauth.consumer.client.CoreOAuthConsumerSupport.java
/** * Internal use of configuring the URL for protected access, the resource details already having been loaded. * * @param url The URL./*from w w w. j a va2 s .c o m*/ * @param requestToken The request token. * @param details The details. * @param httpMethod The http method. * @param additionalParameters Any additional request parameters. * @return The configured URL. */ protected URL configureURLForProtectedAccess(URL url, OAuthConsumerToken requestToken, ProtectedResourceDetails details, String httpMethod, Map<String, String> additionalParameters) { String file; if (!"POST".equalsIgnoreCase(httpMethod) && !"PUT".equalsIgnoreCase(httpMethod) && !details.isAcceptsAuthorizationHeader()) { StringBuilder fileb = new StringBuilder(url.getPath()); String queryString = getOAuthQueryString(details, requestToken, url, httpMethod, additionalParameters); fileb.append('?').append(queryString); file = fileb.toString(); } else { file = url.getFile(); } try { if ("http".equalsIgnoreCase(url.getProtocol())) { URLStreamHandler streamHandler = getStreamHandlerFactory().getHttpStreamHandler(details, requestToken, this, httpMethod, additionalParameters); return new URL(url.getProtocol(), url.getHost(), url.getPort(), file, streamHandler); } else if ("https".equalsIgnoreCase(url.getProtocol())) { URLStreamHandler streamHandler = getStreamHandlerFactory().getHttpsStreamHandler(details, requestToken, this, httpMethod, additionalParameters); return new URL(url.getProtocol(), url.getHost(), url.getPort(), file, streamHandler); } else { throw new OAuthRequestFailedException("Unsupported OAuth protocol: " + url.getProtocol()); } } catch (MalformedURLException e) { throw new IllegalStateException(e); } }
From source file:org.springframework.security.oauth.consumer.filter.OAuthConsumerContextFilter.java
/** * Check the given exception for the resource that needs authorization. If the exception was not thrown because a resource needed authorization, then rethrow * the exception./*from w w w . j a va2 s .c o m*/ * * @param ex The exception. * @return The resource that needed authorization (never null). */ protected ProtectedResourceDetails checkForResourceThatNeedsAuthorization(Exception ex) throws ServletException, IOException { Throwable[] causeChain = getThrowableAnalyzer().determineCauseChain(ex); AccessTokenRequiredException ase = (AccessTokenRequiredException) getThrowableAnalyzer() .getFirstThrowableOfType(AccessTokenRequiredException.class, causeChain); ProtectedResourceDetails resourceThatNeedsAuthorization; if (ase != null) { resourceThatNeedsAuthorization = ase.getResource(); if (resourceThatNeedsAuthorization == null) { throw new OAuthRequestFailedException(ase.getMessage()); } } else { // Rethrow ServletExceptions and RuntimeExceptions as-is if (ex instanceof ServletException) { throw (ServletException) ex; } if (ex instanceof IOException) { throw (IOException) ex; } else if (ex instanceof RuntimeException) { throw (RuntimeException) ex; } // Wrap other Exceptions. These are not expected to happen throw new RuntimeException(ex); } return resourceThatNeedsAuthorization; }