You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cxf.apache.org by Sergey Beryozkin <sb...@gmail.com> on 2010/06/17 19:31:30 UTC
Re: svn commit: r955511 - in /cxf/sandbox/oauth_1.0a/rt/rs/oauth/src:
main/java/org/apache/cxf/auth/oauth/endpoints/ main/java/org/apache/cxf/auth/oauth/provider/
main/java/org/apache/cxf/auth/oauth/utils/ test/java/org/apache/cxf/auth/oauth/endpoint
Hi - good to see the OAuth project going on - let us know if there's
anything that we can help with.
I've looked through the initial commits, looks good. I was about to tell you
a CXF 'application' code does not explicitly depends on Spring but you've
removed that one :-).
Just for the record, Tomasz's project is also going well....
cheers, Sergey
On Thu, Jun 17, 2010 at 9:50 AM, <lm...@apache.org> wrote:
> Author: lmoren
> Date: Thu Jun 17 08:50:11 2010
> New Revision: 955511
>
> URL: http://svn.apache.org/viewvc?rev=955511&view=rev
> Log:
> Temporary Credentail Request improvements and unit tests added
>
> Modified:
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialService.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceImpl.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfo.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfoImpl.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProviderImpl.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
>
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceTest.java
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/resources/oauth-beans.xml
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialService.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialService.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialService.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialService.java
> Thu Jun 17 08:50:11 2010
> @@ -18,15 +18,16 @@
> */
> package org.apache.cxf.auth.oauth.endpoints;
>
> +import org.springframework.stereotype.Service;
> +
> import javax.servlet.http.HttpServletRequest;
> +import javax.ws.rs.Consumes;
> import javax.ws.rs.POST;
> import javax.ws.rs.Path;
> import javax.ws.rs.Produces;
> import javax.ws.rs.core.Context;
> import javax.ws.rs.core.Response;
>
> -import org.springframework.stereotype.Service;
> -
> /**
> * @author Lukasz Moren
> */
> @@ -35,5 +36,6 @@ import org.springframework.stereotype.Se
> public interface TemporaryCredentialService {
> @POST
> @Produces("application/x-www-form-urlencoded")
> - Response getRequestService(@Context HttpServletRequest request);
> + @Consumes("application/x-www-form-urlencoded")
> + Response getTemporaryCredentials(@Context HttpServletRequest request);
> }
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceImpl.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceImpl.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceImpl.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceImpl.java
> Thu Jun 17 08:50:11 2010
> @@ -19,34 +19,29 @@
>
> package org.apache.cxf.auth.oauth.endpoints;
>
> -import java.util.*;
> -import java.util.logging.Level;
> -import java.util.logging.Logger;
> -import javax.servlet.http.HttpServletRequest;
> -import javax.servlet.http.HttpServletResponse;
> -import javax.ws.rs.POST;
> -import javax.ws.rs.Path;
> -import javax.ws.rs.Produces;
> -import javax.ws.rs.core.Context;
> -import javax.ws.rs.core.Response;
> -
> -import net.oauth.OAuth;
> -import net.oauth.OAuthAccessor;
> -import net.oauth.OAuthConsumer;
> -import net.oauth.OAuthException;
> -import net.oauth.OAuthMessage;
> -import net.oauth.OAuthProblemException;
> -import net.oauth.SimpleOAuthValidator;
> +import net.oauth.*;
> import net.oauth.server.OAuthServlet;
> -import org.apache.cxf.auth.oauth.provider.*;
> +import org.apache.cxf.auth.oauth.provider.ClientAuthenticationInfo;
> import org.apache.cxf.auth.oauth.provider.OAuthDataProvider;
> import org.apache.cxf.auth.oauth.provider.OAuthToken;
> -
> import org.apache.cxf.auth.oauth.validation.OAuthValidatorWrapper;
> import org.apache.cxf.auth.oauth.validation.OAuthValidatorWrapperImpl;
> import org.apache.cxf.common.logging.LogUtils;
> import org.springframework.stereotype.Service;
>
> +import javax.servlet.http.HttpServletRequest;
> +import javax.servlet.http.HttpServletResponse;
> +import javax.ws.rs.Consumes;
> +import javax.ws.rs.POST;
> +import javax.ws.rs.Path;
> +import javax.ws.rs.Produces;
> +import javax.ws.rs.core.Context;
> +import javax.ws.rs.core.Response;
> +import java.util.HashMap;
> +import java.util.Map;
> +import java.util.logging.Level;
> +import java.util.logging.Logger;
> +
> /**
> * @author Lukasz Moren
> */
> @@ -65,31 +60,32 @@ public class TemporaryCredentialServiceI
>
> @POST
> @Produces("application/x-www-form-urlencoded")
> - public Response getRequestService(@Context HttpServletRequest request)
> {
> + @Consumes("application/x-www-form-urlencoded")
> + public Response getTemporaryCredentials(@Context HttpServletRequest
> request) {
> //todo add realm optional parameter
> + //todo check if entity-body single part?
> LOG.log(Level.INFO, "temporary credentails endpoint invoked");
> try {
> OAuthMessage oAuthMessage = OAuthServlet.getMessage(request,
> request.getRequestURL().toString());
>
> oAuthMessage.requireParameters(OAuth.OAUTH_CONSUMER_KEY,
> - OAuth.OAUTH_SIGNATURE_METHOD,
> - OAuth.OAUTH_SIGNATURE,
> - OAuth.OAUTH_TIMESTAMP,
> - OAuth.OAUTH_NONCE,
> - OAuth.OAUTH_CALLBACK);
> + OAuth.OAUTH_SIGNATURE_METHOD,
> + OAuth.OAUTH_SIGNATURE,
> + OAuth.OAUTH_TIMESTAMP,
> + OAuth.OAUTH_NONCE,
> + OAuth.OAUTH_CALLBACK);
>
>
> ClientAuthenticationInfo authenticationInfo = oAuthDataProvider
> -
> .getClientAuthenticationInfo(oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY));
> +
> .getClientAuthenticationInfo(oAuthMessage.getParameter(OAuth.OAUTH_CONSUMER_KEY));
>
> //user credentials not found
> if (authenticationInfo == null) {
> return
> Response.status(HttpServletResponse.SC_UNAUTHORIZED).build();
> }
>
> - //todo add validation and signature checking
> OAuthConsumer consumer = new
> OAuthConsumer(oAuthMessage.getParameter(OAuth.OAUTH_CALLBACK),
> - authenticationInfo.getConsumerKey(),
> authenticationInfo.getSecretKey(), null);
> + authenticationInfo.getConsumerKey(),
> authenticationInfo.getSecretKey(), null);
>
> OAuthAccessor accessor = new OAuthAccessor(consumer);
>
> @@ -98,8 +94,9 @@ public class TemporaryCredentialServiceI
>
>
> OAuthToken oAuthToken = oAuthDataProvider
> -
> .generateOAuthToken(authenticationInfo.getConsumerKey());
> + .generateOAuthToken(authenticationInfo);
>
> + //create response
> Map<String, Object> responseParams = new HashMap<String,
> Object>();
> responseParams.put(OAuth.OAUTH_TOKEN,
> oAuthToken.getOauthToken());
> responseParams.put(OAuth.OAUTH_TOKEN_SECRET,
> oAuthToken.getTokenSecret());
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfo.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfo.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfo.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfo.java
> Thu Jun 17 08:50:11 2010
> @@ -25,4 +25,6 @@ public interface ClientAuthenticationInf
> String getConsumerKey();
>
> String getSecretKey();
> +
> + String getCallbackURL();
> }
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfoImpl.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfoImpl.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfoImpl.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/ClientAuthenticationInfoImpl.java
> Thu Jun 17 08:50:11 2010
> @@ -24,10 +24,16 @@ package org.apache.cxf.auth.oauth.provid
> public class ClientAuthenticationInfoImpl implements
> ClientAuthenticationInfo {
> private String consumerKey;
> private String secretKey;
> + private String callbackURL;
>
> - public ClientAuthenticationInfoImpl(String consumerKey, String
> secretKey) {
> + public ClientAuthenticationInfoImpl(String consumerKey, String
> secretKey, String callbackURL) {
> this.consumerKey = consumerKey;
> this.secretKey = secretKey;
> + this.callbackURL = callbackURL;
> + }
> +
> + public ClientAuthenticationInfoImpl(String consumerKey, String
> secretKey) {
> + this(consumerKey, secretKey, null);
> }
>
> public String getConsumerKey() {
> @@ -37,4 +43,40 @@ public class ClientAuthenticationInfoImp
> public String getSecretKey() {
> return secretKey;
> }
> +
> + public String getCallbackURL() {
> + return callbackURL;
> + }
> +
> + @Override
> + public boolean equals(Object o) {
> + if (this == o) {
> + return true;
> + }
> + if (o == null || getClass() != o.getClass()) {
> + return false;
> + }
> +
> + ClientAuthenticationInfoImpl that =
> (ClientAuthenticationInfoImpl)o;
> +
> + if (callbackURL != null ? !callbackURL.equals(that.callbackURL) :
> that.callbackURL != null) {
> + return false;
> + }
> + if (!consumerKey.equals(that.consumerKey)) {
> + return false;
> + }
> + if (!secretKey.equals(that.secretKey)) {
> + return false;
> + }
> +
> + return true;
> + }
> +
> + @Override
> + public int hashCode() {
> + int result = consumerKey.hashCode();
> + result = 31 * result + secretKey.hashCode();
> + result = 31 * result + (callbackURL != null ?
> callbackURL.hashCode() : 0);
> + return result;
> + }
> }
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProvider.java
> Thu Jun 17 08:50:11 2010
> @@ -25,5 +25,5 @@ package org.apache.cxf.auth.oauth.provid
> public interface OAuthDataProvider {
> ClientAuthenticationInfo getClientAuthenticationInfo(String
> consumerKey);
>
> - OAuthToken generateOAuthToken(String consumerKey);
> + OAuthToken generateOAuthToken(ClientAuthenticationInfo authInfo);
> }
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProviderImpl.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProviderImpl.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProviderImpl.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/provider/OAuthDataProviderImpl.java
> Thu Jun 17 08:50:11 2010
> @@ -22,8 +22,8 @@ package org.apache.cxf.auth.oauth.provid
> import org.apache.cxf.auth.oauth.utils.OAuthUtils;
> import org.springframework.stereotype.Service;
>
> -import java.util.concurrent.ConcurrentHashMap;
> import java.util.Map;
> +import java.util.concurrent.ConcurrentHashMap;
>
>
> /**
> @@ -33,20 +33,21 @@ import java.util.Map;
> public class OAuthDataProviderImpl implements OAuthDataProvider {
>
> private Map<String, ClientAuthenticationInfo> clientAuthInfo
> - = new ConcurrentHashMap<String, ClientAuthenticationInfo>();
> + = new ConcurrentHashMap<String, ClientAuthenticationInfo>();
>
> - private Map<String, OAuthToken> oauthTokens = new
> ConcurrentHashMap<String, OAuthToken>();
> + private Map<ClientAuthenticationInfo, OAuthToken> oauthTokens
> + = new ConcurrentHashMap<ClientAuthenticationInfo, OAuthToken>();
>
> public ClientAuthenticationInfo getClientAuthenticationInfo(String
> consumerKey) {
> return clientAuthInfo.get(consumerKey);
> }
>
> - public OAuthToken generateOAuthToken(String consumerKey) {
> - String token = OAuthUtils.generateToken(consumerKey);
> - String tokenSecret = OAuthUtils.generateToken(consumerKey);
> + public OAuthToken generateOAuthToken(ClientAuthenticationInfo
> clientAuthenticationInfo) {
> + String token = OAuthUtils.generateToken();
> + String tokenSecret = OAuthUtils.generateToken();
>
> OAuthToken oAuthToken = new OAuthToken(token, tokenSecret);
> - oauthTokens.put(consumerKey, oAuthToken);
> + oauthTokens.put(clientAuthenticationInfo, oAuthToken);
> return oAuthToken;
> }
>
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/main/java/org/apache/cxf/auth/oauth/utils/OAuthUtils.java
> Thu Jun 17 08:50:11 2010
> @@ -31,7 +31,7 @@ public final class OAuthUtils {
>
> //todo random enough?
>
> - public static String generateToken(String generatorBase) {
> + public static String generateToken() {
> return UUID.randomUUID().toString();
> }
> }
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceTest.java
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceTest.java?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> ---
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceTest.java
> (original)
> +++
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/java/org/apache/cxf/auth/oauth/endpoints/TemporaryCredentialServiceTest.java
> Thu Jun 17 08:50:11 2010
> @@ -21,14 +21,18 @@
> package org.apache.cxf.auth.oauth.endpoints;
>
> import net.oauth.OAuth;
> +import net.oauth.OAuthProblemException;
> import org.apache.cxf.endpoint.Server;
> import org.apache.cxf.jaxrs.JAXRSServerFactoryBean;
> import org.apache.cxf.jaxrs.client.WebClient;
> +import org.junit.After;
> +import org.junit.Before;
> import org.junit.Test;
>
> import javax.servlet.http.HttpServletResponse;
> import javax.ws.rs.core.Response;
> import javax.ws.rs.core.UriBuilder;
> +import java.io.IOException;
> import java.io.InputStream;
> import java.net.URI;
>
> @@ -37,37 +41,105 @@ import java.net.URI;
> */
> public class TemporaryCredentialServiceTest extends
> JUnit4SpringContextTests {
>
> + static final String TEMPORARY_CREDENTIALS_URL = "
> http://localhost:9001/auth/oauth/initiate";
> + Server s;
> +
> @Test
> - public void testGetRequestService() throws Exception {
> - Server s = null;
> - try {
> - JAXRSServerFactoryBean sf = (JAXRSServerFactoryBean)
> ctx.getBean("oauthServer");
> -
> - s = sf.create();
> -
> - URI uri = UriBuilder.fromUri(new URI("
> http://localhost:9001/auth/oauth/initiate"))
> - .queryParam("oauth_consumer_key",
> 12345678).queryParam("oauth_signature_method", "PLAINTEXT")
> - .queryParam("oauth_callback", "http%3A%2F%
> 2Fprinter.example.com%2Fready")
> - .queryParam("oauth_signature",
> "secret%26").queryParam("oauth_nonce", "sfsdfsdfs")
> - .queryParam("oauth_timestamp",
> String.valueOf(System.currentTimeMillis() / 1000))
> - .buildFromEncoded();
> -
> - WebClient cl = WebClient.create(uri);
> - cl.accept("application/x-www-form-urlencoded");
> -
> - Response r = cl.post(null);
> -
> - OAuthResponseMessage message = new OAuthResponseMessage(null,
> null, null, (InputStream) r.getEntity());
> - message.completeParameters();
> - message.requireParameters(OAuth.OAUTH_CALLBACK_CONFIRMED,
> OAuth.OAUTH_TOKEN, OAuth.OAUTH_TOKEN_SECRET);
> -
> - assertEquals(3, message.getParameters().size());
> - assertEquals(HttpServletResponse.SC_OK, r.getStatus());
> -
> - } finally {
> - if (s != null) {
> - s.destroy();
> - }
> + public void testGetTemporaryCredentialsURIQuery() throws Exception {
> +
> + //test request uri query
> + URI uri = UriBuilder.fromUri(new URI(TEMPORARY_CREDENTIALS_URL))
> + .queryParam("oauth_consumer_key",
> 12345678).queryParam("oauth_signature_method", "PLAINTEXT")
> + .queryParam("oauth_callback", "http%3A%2F%
> 2Fprinter.example.com%2Fready")
> + .queryParam("oauth_signature",
> "secret%26").queryParam("oauth_nonce", "sfsdfsdfs")
> + .queryParam("oauth_timestamp",
> String.valueOf(System.currentTimeMillis() / 1000))
> + .buildFromEncoded();
> +
> + WebClient cl = WebClient.create(uri);
> + cl.accept("application/x-www-form-urlencoded");
> + Response r = cl.post(null);
> +
> + validateOAuthMessage(r);
> +
> + }
> +
> + @Test
> + public void invokeTemporaryCredentialsBody() throws Exception {
> + //test request uri query
> + URI uri = UriBuilder.fromUri(new URI(TEMPORARY_CREDENTIALS_URL))
> + .buildFromEncoded();
> +
> + String timestamp = String.valueOf(System.currentTimeMillis() /
> 1000);
> + StringBuilder formEncodedBody = new
> StringBuilder(OAuth.OAUTH_CONSUMER_KEY)
> + .append("=12345678&").append(OAuth.OAUTH_SIGNATURE_METHOD)
> + .append("=PLAINTEXT&").append(OAuth.OAUTH_SIGNATURE)
> + .append("=secret%26&")
> + .append(OAuth.OAUTH_NONCE).append("=sfsdfsdfs&")
> + .append(OAuth.OAUTH_TIMESTAMP).append("=").append(timestamp)
> + .append("&").append(OAuth.OAUTH_CALLBACK)
> + .append("=http%3A%2F%2Fprinter.example.com%2Fready");
> +
> + WebClient cl = WebClient.create(uri);
> + cl.accept("application/x-www-form-urlencoded");
> +
> +
> + Response r = cl.post(formEncodedBody.toString());
> + assertEquals(HttpServletResponse.SC_UNSUPPORTED_MEDIA_TYPE,
> r.getStatus());
> +
> + cl.header("Content-Type", OAuth.FORM_ENCODED);
> + r = cl.post(formEncodedBody.toString());
> + validateOAuthMessage(r);
> + }
> +
> + @Test
> + public void testGetTemporaryCredentialsAuthHeader() throws Exception {
> +
> +
> + //test request uri query
> + URI uri = UriBuilder.fromUri(new URI(TEMPORARY_CREDENTIALS_URL))
> + .buildFromEncoded();
> +
> + WebClient cl = WebClient.create(uri);
> + cl.accept("application/x-www-form-urlencoded");
> +
> + String timestamp = String.valueOf(System.currentTimeMillis() /
> 1000);
> + StringBuilder authHeader = new StringBuilder("OAuth
> realm=\"Example\",")
> + .append(OAuth.OAUTH_CONSUMER_KEY).append("=\"12345678\",")
> +
> .append(OAuth.OAUTH_SIGNATURE_METHOD).append("=\"PLAINTEXT\",")
> + .append(OAuth.OAUTH_SIGNATURE).append("=\"secret%26\",")
> + .append(OAuth.OAUTH_NONCE).append("=\"sfsdfsdfs\",")
> + .append(OAuth.OAUTH_TIMESTAMP).append("=\"").append(timestamp)
> + .append("\",").append(OAuth.OAUTH_CALLBACK)
> + .append("=\"http%3A%2F%2Fprinter.example.com%2Fready\"");
> +
> + cl.header("Authorization", authHeader.toString());
> + Response r = cl.post(null);
> +
> + validateOAuthMessage(r);
> + }
> +
> + private void validateOAuthMessage(Response r) throws IOException,
> OAuthProblemException {
> + OAuthResponseMessage message = new OAuthResponseMessage(null,
> null, null,
> + (InputStream)r.getEntity());
> + message.completeParameters();
> + message.requireParameters(OAuth.OAUTH_CALLBACK_CONFIRMED,
> OAuth.OAUTH_TOKEN,
> + OAuth.OAUTH_TOKEN_SECRET);
> +
> + assertEquals(3, message.getParameters().size());
> + assertEquals(HttpServletResponse.SC_OK, r.getStatus());
> + }
> +
> +
> + @Before
> + public void initService() {
> + JAXRSServerFactoryBean sf =
> (JAXRSServerFactoryBean)ctx.getBean("oauthServer");
> + s = sf.create();
> + }
> +
> + @After
> + public void stopService() {
> + if (s != null) {
> + s.destroy();
> }
> }
> }
>
> Modified:
> cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/resources/oauth-beans.xml
> URL:
> http://svn.apache.org/viewvc/cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/resources/oauth-beans.xml?rev=955511&r1=955510&r2=955511&view=diff
>
> ==============================================================================
> --- cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/resources/oauth-beans.xml
> (original)
> +++ cxf/sandbox/oauth_1.0a/rt/rs/oauth/src/test/resources/oauth-beans.xml
> Thu Jun 17 08:50:11 2010
> @@ -12,14 +12,16 @@
> </jaxrs:serviceBeans>
> </jaxrs:server>
>
> - <bean id="temporaryCredentialService"
> class="org.apache.cxf.auth.oauth.endpoints.TemporaryCredentialServiceImpl">
> + <bean id="temporaryCredentialService"
> +
> class="org.apache.cxf.auth.oauth.endpoints.TemporaryCredentialServiceImpl">
> <property name="oAuthDataProvider" ref="oauthDataProvider"/>
> </bean>
>
> <bean id="oauthDataProvider"
> class="org.apache.cxf.auth.oauth.provider.OAuthDataProviderImpl">
> <property name="clientAuthInfo">
> - <map key-type="java.lang.String"
> value-type="org.apache.cxf.auth.oauth.provider.ClientAuthenticationInfo">
> - <entry key="12345678" value-ref="clientAuthInfo" />
> + <map key-type="java.lang.String"
> +
> value-type="org.apache.cxf.auth.oauth.provider.ClientAuthenticationInfo">
> + <entry key="12345678" value-ref="clientAuthInfo"/>
> </map>
> </property>
> </bean>
> @@ -27,6 +29,7 @@
> <bean id="clientAuthInfo"
> class="org.apache.cxf.auth.oauth.provider.ClientAuthenticationInfoImpl">
> <constructor-arg value="12345678"/>
> <constructor-arg value="secret"/>
> + <constructor-arg value="http://www.example.com/callback"/>
> </bean>
>
>
>
>
>
Re: svn commit: r955511 - in /cxf/sandbox/oauth_1.0a/rt/rs/oauth/src:
main/java/org/apache/cxf/auth/oauth/endpoints/ main/java/org/apache/cxf/auth/oauth/provider/
main/java/org/apache/cxf/auth/oauth/utils/ test/java/org/apache/cxf/auth/oauth/endpoint
Posted by Łukasz Moreń <lu...@gmail.com>.
>
> Hi - good to see the OAuth project going on - let us know if there's
anything that we can help with.
I've looked through the initial commits, looks good. I was about to tell
you a CXF 'application' code does not explicitly depends on Spring but
you've removed that one :-).
Agreed. Looking good.
Thanks for reviewing and feedback, that helps:).
Commits made so far, cover almost completely specification concerning first
OAuth endpoint called now: Temporary Credential Request.
I keep spring dependency just in test scope as it is quite useful.
I have some further questions, I will post them in separate thread.
Regards,
Lukasz Moren
2010/6/17 Daniel Kulp <dk...@apache.org>
> On Thursday 17 June 2010 1:31:30 pm Sergey Beryozkin wrote:
> > Hi - good to see the OAuth project going on - let us know if there's
> > anything that we can help with.
> > I've looked through the initial commits, looks good. I was about to tell
> > you a CXF 'application' code does not explicitly depends on Spring but
> > you've removed that one :-).
>
> Agreed. Looking good.
>
>
> > Just for the record, Tomasz's project is also going well....
>
> Well, for the record, I haven't seen anything on the dev list about it yet.
> Thus, from CXF/Apache's point of view, it's not going well. Definitely
> encourage him to get involved here and not send you anything off list.
>
>
> --
> Daniel Kulp
> dkulp@apache.org
> http://dankulp.com/blog
>
Re: svn commit: r955511 - in /cxf/sandbox/oauth_1.0a/rt/rs/oauth/src: main/java/org/apache/cxf/auth/oauth/endpoints/ main/java/org/apache/cxf/auth/oauth/provider/ main/java/org/apache/cxf/auth/oauth/utils/ test/java/org/apache/cxf/auth/oauth/endpoint
Posted by Daniel Kulp <dk...@apache.org>.
On Thursday 17 June 2010 1:31:30 pm Sergey Beryozkin wrote:
> Hi - good to see the OAuth project going on - let us know if there's
> anything that we can help with.
> I've looked through the initial commits, looks good. I was about to tell
> you a CXF 'application' code does not explicitly depends on Spring but
> you've removed that one :-).
Agreed. Looking good.
> Just for the record, Tomasz's project is also going well....
Well, for the record, I haven't seen anything on the dev list about it yet.
Thus, from CXF/Apache's point of view, it's not going well. Definitely
encourage him to get involved here and not send you anything off list.
--
Daniel Kulp
dkulp@apache.org
http://dankulp.com/blog