List of usage examples for org.springframework.security.oauth.provider BaseConsumerDetails setSignatureSecret
public void setSignatureSecret(SignatureSecret signatureSecret)
From source file:ltistarter.oauth.MyConsumerDetailsService.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { BaseConsumerDetails cd; // NOTE: really lookup the key and secret, for the sample here we just hardcoded if ("key".equals(consumerKey)) { // allow this oauth request cd = new BaseConsumerDetails(); cd.setConsumerKey(consumerKey);//from w ww. jav a2 s .co m cd.setSignatureSecret(new SharedConsumerSecretImpl("secret")); cd.setConsumerName("Sample"); cd.setRequiredToObtainAuthenticatedToken(false); // no token required (0-legged) cd.getAuthorities().add(new SimpleGrantedAuthority("ROLE_OAUTH")); // add the ROLE_OAUTH (can add others as well) log.info("OAuth check SUCCESS, consumer key: " + consumerKey); } else { // deny - failed to match throw new OAuthException("For this example, key must be 'key'"); } return cd; }
From source file:ltistarter.lti.LTIConsumerDetailsService.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { consumerKey = StringUtils.trimToNull(consumerKey); assert StringUtils.isNotEmpty(consumerKey) : "consumerKey must be set and not null"; BaseConsumerDetails cd; LtiKeyEntity ltiKey = ltiKeyRepository.findByKeyKey(consumerKey); if (ltiKey == null) { // no matching key found throw new OAuthException("No matching lti key record was found for " + consumerKey); } else {//from www . j a v a2s .c om cd = new BaseConsumerDetails(); cd.setConsumerKey(consumerKey); cd.setSignatureSecret(new SharedConsumerSecretImpl(ltiKey.getSecret())); cd.setConsumerName(String.valueOf(ltiKey.getKeyId())); cd.setRequiredToObtainAuthenticatedToken(false); // no token required (0-legged) cd.getAuthorities().add(new SimpleGrantedAuthority("ROLE_OAUTH")); // add the ROLE_OAUTH (can add others as well) cd.getAuthorities().add(new SimpleGrantedAuthority("ROLE_LTI")); log.info("LTI check SUCCESS, consumer key: " + consumerKey); } return cd; }
From source file:org.eurekastreams.server.service.security.oauth.ConsumerDetailsServiceImpl.java
/** * {@inheritDoc}//from w w w . j ava 2 s.com */ @Override public ConsumerDetails loadConsumerByConsumerKey(final String inConsumerKey) throws OAuthException { try { ServiceActionContext currentContext = new ServiceActionContext(inConsumerKey, null); OAuthConsumer consumer = (OAuthConsumer) actionController.execute(currentContext, getOAuthConsumerByConsumerKeyAction); BaseConsumerDetails details = new BaseConsumerDetails(); details.setConsumerKey(inConsumerKey); details.setConsumerName(inConsumerKey); details.setSignatureSecret(new SharedConsumerSecret(consumer.consumerSecret)); details.setAuthorities(grantedAuthorities); // NOTE: This line supports OAuth 2-legged only! details.setRequiredToObtainAuthenticatedToken(false); return details; } catch (Exception ex) { log.error("Error occurred retrieving consumer with provided key.", ex); throw new OAuthException("Unable to retrieve consumer with provided information."); } }
From source file:org.jasig.ssp.service.security.lti.impl.LtiConsumerServiceImpl.java
@Override public ConsumerDetails loadConsumerByConsumerKey(String consumerKey) throws OAuthException { // ConsumerDetailsService contract requires that this method must // not return null. All failures must be represented by OAuthException. final LtiConsumer consumer; try {// w w w . ja va 2s.c o m consumer = findByConsumerKey(consumerKey); if (consumer == null) { throw new ObjectNotFoundException(consumerKey, LtiConsumer.class.getName()); } // Technically you might be loading the consumer for other reasons that don't // have to do with processing an authentication request, but in practice that's // all we use this method for. So in order to avoid any possibly holes whereby // a disabled LtiConsumer successfully authenticates requests, we put that sort // of checking here rather than in processLaunch() if (consumer.getObjectStatus() != ObjectStatus.ACTIVE) { throw new ConsumerDetailsDisabledException( "Consumer with key [" + consumerKey + "] has been disabled"); } if (StringUtils.isBlank(consumer.getSecret())) { throw new ConsumerDetailsDisabledException( "Consumer with key [" + consumerKey + "] has been disabled because it has no secret"); } // Wrap in the same try catch b/c there's no semantic collision currently between // the possible exception types thrown by lookup and initialization ops, and // we're doing our best to ensure all failures are represented a OAuthException as // required by the contract BaseConsumerDetails consumerDetails = new BaseConsumerDetails(); consumerDetails.setConsumerKey(consumer.getConsumerKey()); consumerDetails.setSignatureSecret(new SharedConsumerSecretImpl(consumer.getSecret())); consumerDetails.setRequiredToObtainAuthenticatedToken(false); return consumerDetails; } catch (ObjectNotFoundException e) { // contract requires an OAuthException for all failures, including any sort of disabled/missing consumer throw new ConsumerDetailsNotFoundException("Failed to load consumer by key [" + consumerKey + "]", e); } catch (OAuthException e) { throw e; } catch (AuthenticationException e) { // Shouldn't happen, but if it does, it's probably not a InternalAuthenticationServiceException // as handled below. And we can be fairly sure the issue isn't a missing Consumer. So just... disabled. throw new ConsumerDetailsDisabledException("Failed to load consumer by key [" + consumerKey + "]", e); } catch (Exception e) { final InternalAuthenticationServiceException ssWrap = new InternalAuthenticationServiceException( "Failed to load consumer by key [" + consumerKey + "]", e); throw new OAuthException("Failed to load consumer by key [" + consumerKey + "]", ssWrap); } }