List of usage examples for org.springframework.security.oauth.provider.token OAuthProviderToken getSecret
String getSecret();
From source file:org.springframework.security.oauth.provider.filter.OAuthProviderProcessingFilter.java
/** * Validate the signature of the request given the authentication request. * * @param authentication The authentication request. *//*from ww w. ja va 2 s . c om*/ protected void validateSignature(ConsumerAuthentication authentication) throws AuthenticationException { SignatureSecret secret = authentication.getConsumerDetails().getSignatureSecret(); String token = authentication.getConsumerCredentials().getToken(); OAuthProviderToken authToken = null; if (token != null && !"".equals(token)) { authToken = getTokenServices().getToken(token); } String signatureMethod = authentication.getConsumerCredentials().getSignatureMethod(); OAuthSignatureMethod method; try { method = getSignatureMethodFactory().getSignatureMethod(signatureMethod, secret, authToken != null ? authToken.getSecret() : null); } catch (UnsupportedSignatureMethodException e) { throw new OAuthException(e.getMessage(), e); } String signatureBaseString = authentication.getConsumerCredentials().getSignatureBaseString(); String signature = authentication.getConsumerCredentials().getSignature(); if (log.isDebugEnabled()) { log.debug("Verifying signature " + signature + " for signature base string " + signatureBaseString + " with method " + method.getName() + "."); } method.verify(signatureBaseString, signature); }
From source file:org.springframework.security.oauth.provider.OAuthProviderProcessingFilter.java
/** * Validate the signature of the request given the authentication request. * * @param authentication The authentication request. *///from w ww . ja v a 2 s . c om protected void validateSignature(ConsumerAuthentication authentication) throws AuthenticationException { SignatureSecret secret = authentication.getConsumerDetails().getSignatureSecret(); String token = authentication.getConsumerCredentials().getToken(); OAuthProviderToken authToken = null; if (token != null && !"".equals(token)) { authToken = getTokenServices().getToken(token); } String signatureMethod = authentication.getConsumerCredentials().getSignatureMethod(); OAuthSignatureMethod method = getSignatureMethodFactory().getSignatureMethod(signatureMethod, secret, authToken != null ? authToken.getSecret() : null); String signatureBaseString = authentication.getConsumerCredentials().getSignatureBaseString(); String signature = authentication.getConsumerCredentials().getSignature(); if (log.isDebugEnabled()) { log.debug("Verifying signature " + signature + " for signature base string " + signatureBaseString + " with method " + method.getName() + "."); } method.verify(signatureBaseString, signature); }