You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by li...@apache.org on 2012/02/13 03:59:39 UTC
svn commit: r1243399 [4/7] - in /shindig/trunk:
content/samplecontainer/examples/ content/samplecontainer/examples/oauth2/
extras/src/main/javascript/features-extras/firebug-lite/
features/src/main/javascript/features/container.site.gadget/ features/sr...
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedRequest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedRequest.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedRequest.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedRequest.java Mon Feb 13 02:59:33 2012
@@ -1,274 +1,274 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.UnsupportedEncodingException;
-import java.net.URI;
-import java.net.URISyntaxException;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.List;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.io.IOUtils;
-import org.apache.http.NameValuePair;
-import org.apache.http.client.utils.URLEncodedUtils;
-import org.apache.shindig.common.logging.i18n.MessageKeys;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.GrantType;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ResponseType;
-
-/**
- * Normalizes an OAuth 2.0 request by extracting OAuth 2.0 related fields.
- *
- * TODO (Eric): implement scope handling.
- */
-public class OAuth2NormalizedRequest extends HashMap<String, Object> {
-
- private static final long serialVersionUID = -7849581704967135322L;
- private HttpServletRequest httpReq = null;
- private static final Pattern FORM_URL_REGEX = Pattern
- .compile("application/(x-www-)?form-url(-)?encoded");
-
- //class name for logging purpose
- private static final String classname = OAuth2NormalizedRequest.class.getName();
- private static final Logger LOG = Logger.getLogger(classname,MessageKeys.MESSAGES);
-
- @SuppressWarnings("unchecked")
- public OAuth2NormalizedRequest(HttpServletRequest request) throws OAuth2Exception {
- super();
- setHttpServletRequest(request);
- String contentType = request.getContentType();
- if (contentType != null) {
- Matcher match = FORM_URL_REGEX.matcher(contentType);
- if (match.matches()) {
- normalizeBody(getBodyAsString(request));
- }
- }
- Enumeration<String> keys = request.getParameterNames();
- while (keys.hasMoreElements()) {
- String key = keys.nextElement();
- put(key, request.getParameter(key));
- }
- normalizeClientSecret(request);
- normalizeAccessToken(request);
- }
-
- // --------------------------- NORMALIZED GETTERS ---------------------------
- public String getClientId() {
- return getString("client_id");
- }
-
- public String getClientSecret() {
- return getString("client_secret");
- }
-
- public String getResponseType() {
- return getString("response_type");
- }
-
- public String getGrantType() {
- return getString("grant_type");
- }
-
- public String getRedirectURI() {
- return getString("redirect_uri");
- }
-
- public String getAccessToken() {
- return getString("access_token");
- }
-
- public String getAuthorizationCode() {
- return getString("code");
- }
-
- public String getState() {
- return getString("state");
- }
-
- public String getScope() {
- return getString("scope");
- }
-
- public ResponseType getEnumeratedResponseType() throws OAuth2Exception {
- String respType = getResponseType();
- if (respType == null)
- return null;
- if (respType.equals("code")) {
- return ResponseType.CODE;
- } else if (respType.equals("token")) {
- return ResponseType.TOKEN;
- } else {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
- resp.setErrorDescription("Unsupported response type");
- resp.setStatus(HttpServletResponse.SC_FOUND);
- resp.setBodyReturned(false);
- resp.setHeader("Location", OAuth2Utils.buildUrl(getRedirectURI(),
- resp.getResponseParameters(), null));
- throw new OAuth2Exception(resp);
- }
- }
-
- public GrantType getEnumeratedGrantType() {
- String grantType = getGrantType();
- if (grantType == null)
- return null;
- if (grantType.equals("refresh_token")) {
- return GrantType.REFRESH_TOKEN;
- } else if (grantType.equals("authorization_code")) {
- return GrantType.AUTHORIZATION_CODE;
- } else if (grantType.equals("password")) {
- return GrantType.PASSWORD;
- } else if (grantType.equals("client_credentials")) {
- return GrantType.CLIENT_CREDENTIALS;
- } else {
- return GrantType.CUSTOM;
- }
- }
-
- public String getString(String key) {
- if (!containsKey(key)) return null;
- return (String) get(key);
- }
-
- public String toString() {
- StringBuilder sb = new StringBuilder();
- for (String key : keySet()) {
- sb.append(key);
- sb.append(": ");
- sb.append(get(key));
- sb.append('\n');
- }
- return sb.toString();
- }
-
- // -------------------------- PRIVATE HELPERS -------------------------------
-
- private void normalizeAccessToken(HttpServletRequest req) {
- String bearerToken = getString("access_token");
- if (bearerToken == null || bearerToken.equals("")) {
- String header = req.getHeader("Authorization");
- if (header != null && header.toLowerCase().startsWith("bearer")) {
- String[] parts = header.split("[ \\t]+");
- bearerToken = parts[parts.length - 1];
- }
- }
- put("access_token", bearerToken);
- }
-
- private void normalizeClientSecret(HttpServletRequest request)
- throws OAuth2Exception {
- String secret = getClientSecret();
- if (secret == null || secret.equals("")) {
- String header = request.getHeader("Authorization");
- if (header != null && header.toLowerCase().startsWith("basic")) {
- String[] parts = header.split("[ \\t]+");
- String temp = parts[parts.length - 1];
- byte[] decodedSecret = Base64.decodeBase64(temp);
- try {
- temp = new String(decodedSecret, "UTF-8");
- parts = temp.split(":");
- if (parts != null && parts.length == 2) {
- secret = parts[1];
- String queryId = getString("client_id");
- if (queryId != null && !queryId.equals(parts[0])) {
- OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
- response.setError(ErrorType.INVALID_REQUEST.toString());
- response
- .setErrorDescription("Request contains mismatched client ids");
- response.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(response);
- }
- // Lets set the client id from the Basic auth header if not already
- // set in query,
- // needed for client_credential flow.
- if (queryId == null) {
- put("client_id", parts[0]);
- }
- }
- } catch (UnsupportedEncodingException e) {
- LOG.logp(Level.WARNING, classname, "normalizeClientSecret", MessageKeys.INVALID_OAUTH, e);
- return;
- }
- }
- }
- put("client_secret", secret);
- }
-
- private void normalizeBody(String body) throws OAuth2Exception {
- if (body == null || body.length() == 0)
- return;
- List<NameValuePair> params;
- try {
- params = URLEncodedUtils.parse(new URI("http://localhost:8080?" + body),
- "UTF-8");
- for (NameValuePair param : params) {
- put(param.getName(), param.getValue());
- }
- } catch (URISyntaxException e) {
- OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
- response.setError(ErrorType.INVALID_REQUEST.toString());
- response.setErrorDescription("The message body's syntax is incorrect");
- response.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(response);
- }
- }
-
- private String getBodyAsString(HttpServletRequest request) {
- if (request.getContentLength() == 0)
- return "";
- InputStream is = null;
- try {
- String line;
- StringBuilder sb = new StringBuilder();
- is = request.getInputStream();
- BufferedReader reader = new BufferedReader(new InputStreamReader(is));
- while ((line = reader.readLine()) != null) {
- sb.append(line);
- }
- is.close();
- return sb.toString();
- } catch (IOException ioe) {
- LOG.logp(Level.WARNING, classname, "getBodyAsString", MessageKeys.INVALID_OAUTH, ioe);
- return null;
- } finally {
- IOUtils.closeQuietly(is);
- }
- }
-
- public void setHttpServletRequest(HttpServletRequest httpReq) {
- this.httpReq = httpReq;
- }
-
- public HttpServletRequest getHttpServletRequest() {
- return httpReq;
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.UnsupportedEncodingException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.List;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.io.IOUtils;
+import org.apache.http.NameValuePair;
+import org.apache.http.client.utils.URLEncodedUtils;
+import org.apache.shindig.common.logging.i18n.MessageKeys;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.GrantType;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ResponseType;
+
+/**
+ * Normalizes an OAuth 2.0 request by extracting OAuth 2.0 related fields.
+ *
+ * TODO (Eric): implement scope handling.
+ */
+public class OAuth2NormalizedRequest extends HashMap<String, Object> {
+
+ private static final long serialVersionUID = -7849581704967135322L;
+ private HttpServletRequest httpReq = null;
+ private static final Pattern FORM_URL_REGEX = Pattern
+ .compile("application/(x-www-)?form-url(-)?encoded");
+
+ //class name for logging purpose
+ private static final String classname = OAuth2NormalizedRequest.class.getName();
+ private static final Logger LOG = Logger.getLogger(classname,MessageKeys.MESSAGES);
+
+ @SuppressWarnings("unchecked")
+ public OAuth2NormalizedRequest(HttpServletRequest request) throws OAuth2Exception {
+ super();
+ setHttpServletRequest(request);
+ String contentType = request.getContentType();
+ if (contentType != null) {
+ Matcher match = FORM_URL_REGEX.matcher(contentType);
+ if (match.matches()) {
+ normalizeBody(getBodyAsString(request));
+ }
+ }
+ Enumeration<String> keys = request.getParameterNames();
+ while (keys.hasMoreElements()) {
+ String key = keys.nextElement();
+ put(key, request.getParameter(key));
+ }
+ normalizeClientSecret(request);
+ normalizeAccessToken(request);
+ }
+
+ // --------------------------- NORMALIZED GETTERS ---------------------------
+ public String getClientId() {
+ return getString("client_id");
+ }
+
+ public String getClientSecret() {
+ return getString("client_secret");
+ }
+
+ public String getResponseType() {
+ return getString("response_type");
+ }
+
+ public String getGrantType() {
+ return getString("grant_type");
+ }
+
+ public String getRedirectURI() {
+ return getString("redirect_uri");
+ }
+
+ public String getAccessToken() {
+ return getString("access_token");
+ }
+
+ public String getAuthorizationCode() {
+ return getString("code");
+ }
+
+ public String getState() {
+ return getString("state");
+ }
+
+ public String getScope() {
+ return getString("scope");
+ }
+
+ public ResponseType getEnumeratedResponseType() throws OAuth2Exception {
+ String respType = getResponseType();
+ if (respType == null)
+ return null;
+ if (respType.equals("code")) {
+ return ResponseType.CODE;
+ } else if (respType.equals("token")) {
+ return ResponseType.TOKEN;
+ } else {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
+ resp.setErrorDescription("Unsupported response type");
+ resp.setStatus(HttpServletResponse.SC_FOUND);
+ resp.setBodyReturned(false);
+ resp.setHeader("Location", OAuth2Utils.buildUrl(getRedirectURI(),
+ resp.getResponseParameters(), null));
+ throw new OAuth2Exception(resp);
+ }
+ }
+
+ public GrantType getEnumeratedGrantType() {
+ String grantType = getGrantType();
+ if (grantType == null)
+ return null;
+ if (grantType.equals("refresh_token")) {
+ return GrantType.REFRESH_TOKEN;
+ } else if (grantType.equals("authorization_code")) {
+ return GrantType.AUTHORIZATION_CODE;
+ } else if (grantType.equals("password")) {
+ return GrantType.PASSWORD;
+ } else if (grantType.equals("client_credentials")) {
+ return GrantType.CLIENT_CREDENTIALS;
+ } else {
+ return GrantType.CUSTOM;
+ }
+ }
+
+ public String getString(String key) {
+ if (!containsKey(key)) return null;
+ return (String) get(key);
+ }
+
+ public String toString() {
+ StringBuilder sb = new StringBuilder();
+ for (String key : keySet()) {
+ sb.append(key);
+ sb.append(": ");
+ sb.append(get(key));
+ sb.append('\n');
+ }
+ return sb.toString();
+ }
+
+ // -------------------------- PRIVATE HELPERS -------------------------------
+
+ private void normalizeAccessToken(HttpServletRequest req) {
+ String bearerToken = getString("access_token");
+ if (bearerToken == null || bearerToken.equals("")) {
+ String header = req.getHeader("Authorization");
+ if (header != null && header.toLowerCase().startsWith("bearer")) {
+ String[] parts = header.split("[ \\t]+");
+ bearerToken = parts[parts.length - 1];
+ }
+ }
+ put("access_token", bearerToken);
+ }
+
+ private void normalizeClientSecret(HttpServletRequest request)
+ throws OAuth2Exception {
+ String secret = getClientSecret();
+ if (secret == null || secret.equals("")) {
+ String header = request.getHeader("Authorization");
+ if (header != null && header.toLowerCase().startsWith("basic")) {
+ String[] parts = header.split("[ \\t]+");
+ String temp = parts[parts.length - 1];
+ byte[] decodedSecret = Base64.decodeBase64(temp);
+ try {
+ temp = new String(decodedSecret, "UTF-8");
+ parts = temp.split(":");
+ if (parts != null && parts.length == 2) {
+ secret = parts[1];
+ String queryId = getString("client_id");
+ if (queryId != null && !queryId.equals(parts[0])) {
+ OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
+ response.setError(ErrorType.INVALID_REQUEST.toString());
+ response
+ .setErrorDescription("Request contains mismatched client ids");
+ response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(response);
+ }
+ // Lets set the client id from the Basic auth header if not already
+ // set in query,
+ // needed for client_credential flow.
+ if (queryId == null) {
+ put("client_id", parts[0]);
+ }
+ }
+ } catch (UnsupportedEncodingException e) {
+ LOG.logp(Level.WARNING, classname, "normalizeClientSecret", MessageKeys.INVALID_OAUTH, e);
+ return;
+ }
+ }
+ }
+ put("client_secret", secret);
+ }
+
+ private void normalizeBody(String body) throws OAuth2Exception {
+ if (body == null || body.length() == 0)
+ return;
+ List<NameValuePair> params;
+ try {
+ params = URLEncodedUtils.parse(new URI("http://localhost:8080?" + body),
+ "UTF-8");
+ for (NameValuePair param : params) {
+ put(param.getName(), param.getValue());
+ }
+ } catch (URISyntaxException e) {
+ OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
+ response.setError(ErrorType.INVALID_REQUEST.toString());
+ response.setErrorDescription("The message body's syntax is incorrect");
+ response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(response);
+ }
+ }
+
+ private String getBodyAsString(HttpServletRequest request) {
+ if (request.getContentLength() == 0)
+ return "";
+ InputStream is = null;
+ try {
+ String line;
+ StringBuilder sb = new StringBuilder();
+ is = request.getInputStream();
+ BufferedReader reader = new BufferedReader(new InputStreamReader(is));
+ while ((line = reader.readLine()) != null) {
+ sb.append(line);
+ }
+ is.close();
+ return sb.toString();
+ } catch (IOException ioe) {
+ LOG.logp(Level.WARNING, classname, "getBodyAsString", MessageKeys.INVALID_OAUTH, ioe);
+ return null;
+ } finally {
+ IOUtils.closeQuietly(is);
+ }
+ }
+
+ public void setHttpServletRequest(HttpServletRequest httpReq) {
+ this.httpReq = httpReq;
+ }
+
+ public HttpServletRequest getHttpServletRequest() {
+ return httpReq;
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedRequest.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedResponse.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedResponse.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedResponse.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedResponse.java Mon Feb 13 02:59:33 2012
@@ -1,171 +1,171 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-import java.util.Map;
-
-import com.google.common.collect.Maps;
-
-/**
- * Wraps OAuth 2.0 response elements including headers and body parameters.
- *
- * TODO (Eric): document this class, including bodyReturned
- */
-public class OAuth2NormalizedResponse {
-
- private Map<String, String> headers;
- private Map<String, String> respParams;
- private int status;
- private boolean bodyReturned;
-
- private static final String ERROR = "error";
- private static final String ERROR_DESCRIPTION = "error_description";
- private static final String ERROR_URI = "error_uri";
- private static final String STATE = "state";
- private static final String CODE = "code";
- private static final String ACCESS_TOKEN = "access_token";
- private static final String TOKEN_TYPE = "token_type";
- private static final String EXPIRES_IN = "expires_in";
- private static final String REFRESH_TOKEN = "refresh_token";
- private static final String SCOPE = "scope";
-
- public OAuth2NormalizedResponse() {
- this.headers = Maps.newHashMap();
- this.respParams = Maps.newHashMap();
- this.status = -1;
- this.bodyReturned = false;
- }
-
- public void setStatus(int status) {
- this.status = status;
- }
-
- public int getStatus() {
- return status;
- }
-
- public void setBodyReturned(boolean bodyReturned) {
- this.bodyReturned = bodyReturned;
- }
-
- public boolean isBodyReturned() {
- return bodyReturned;
- }
-
- // ------------------------------- HEADER FIELDS ----------------------------
- public Map<String, String> getHeaders() {
- return headers;
- }
-
- public void setHeaders(Map<String, String> headers) {
- this.headers = headers;
- }
-
- public void setHeader(String key, String value) {
- headers.put(key, value);
- }
-
- // ------------------------------ RESPONSE FIELDS ---------------------------
- public Map<String, String> getResponseParameters() {
- return respParams;
- }
-
- public void setResponseParameters(Map<String, String> responseParams) {
- this.respParams = responseParams;
- }
-
- public void setError(String error) {
- respParams.put(ERROR, error);
- }
-
- public String getError() {
- return respParams.get(ERROR);
- }
-
- public void setErrorDescription(String errorDescription) {
- respParams.put(ERROR_DESCRIPTION, errorDescription);
- }
-
- public String getErrorDescription() {
- return respParams.get(ERROR_DESCRIPTION);
- }
-
- public void setErrorUri(String errorUri) {
- respParams.put(ERROR_URI, errorUri);
- }
-
- public String getErrorUri() {
- return respParams.get(ERROR_URI);
- }
-
- public void setState(String state) {
- respParams.put(STATE, state);
- }
-
- public String getState() {
- return respParams.get(STATE);
- }
-
- public void setCode(String code) {
- respParams.put(CODE, code);
- }
-
- public String getCode() {
- return respParams.get(CODE);
- }
-
- public void setAccessToken(String accessToken) {
- respParams.put(ACCESS_TOKEN, accessToken);
- }
-
- public String getAccessToken() {
- return respParams.get(ACCESS_TOKEN);
- }
-
- public void setTokenType(String tokenType) {
- respParams.put(TOKEN_TYPE, tokenType);
- }
-
- public String getTokenType() {
- return respParams.get(TOKEN_TYPE);
- }
-
- public void setExpiresIn(String expiresIn) {
- respParams.put(EXPIRES_IN, expiresIn);
- }
-
- public String getExpiresIn() {
- return respParams.get(EXPIRES_IN);
- }
-
- public void setRefreshToken(String refreshToken) {
- respParams.put(REFRESH_TOKEN, refreshToken);
- }
-
- public String getRefreshToken() {
- return respParams.get(REFRESH_TOKEN);
- }
-
- public void setScope(String scope) {
- respParams.put(SCOPE, scope);
- }
-
- public String getScope() {
- return respParams.get(SCOPE);
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+import java.util.Map;
+
+import com.google.common.collect.Maps;
+
+/**
+ * Wraps OAuth 2.0 response elements including headers and body parameters.
+ *
+ * TODO (Eric): document this class, including bodyReturned
+ */
+public class OAuth2NormalizedResponse {
+
+ private Map<String, String> headers;
+ private Map<String, String> respParams;
+ private int status;
+ private boolean bodyReturned;
+
+ private static final String ERROR = "error";
+ private static final String ERROR_DESCRIPTION = "error_description";
+ private static final String ERROR_URI = "error_uri";
+ private static final String STATE = "state";
+ private static final String CODE = "code";
+ private static final String ACCESS_TOKEN = "access_token";
+ private static final String TOKEN_TYPE = "token_type";
+ private static final String EXPIRES_IN = "expires_in";
+ private static final String REFRESH_TOKEN = "refresh_token";
+ private static final String SCOPE = "scope";
+
+ public OAuth2NormalizedResponse() {
+ this.headers = Maps.newHashMap();
+ this.respParams = Maps.newHashMap();
+ this.status = -1;
+ this.bodyReturned = false;
+ }
+
+ public void setStatus(int status) {
+ this.status = status;
+ }
+
+ public int getStatus() {
+ return status;
+ }
+
+ public void setBodyReturned(boolean bodyReturned) {
+ this.bodyReturned = bodyReturned;
+ }
+
+ public boolean isBodyReturned() {
+ return bodyReturned;
+ }
+
+ // ------------------------------- HEADER FIELDS ----------------------------
+ public Map<String, String> getHeaders() {
+ return headers;
+ }
+
+ public void setHeaders(Map<String, String> headers) {
+ this.headers = headers;
+ }
+
+ public void setHeader(String key, String value) {
+ headers.put(key, value);
+ }
+
+ // ------------------------------ RESPONSE FIELDS ---------------------------
+ public Map<String, String> getResponseParameters() {
+ return respParams;
+ }
+
+ public void setResponseParameters(Map<String, String> responseParams) {
+ this.respParams = responseParams;
+ }
+
+ public void setError(String error) {
+ respParams.put(ERROR, error);
+ }
+
+ public String getError() {
+ return respParams.get(ERROR);
+ }
+
+ public void setErrorDescription(String errorDescription) {
+ respParams.put(ERROR_DESCRIPTION, errorDescription);
+ }
+
+ public String getErrorDescription() {
+ return respParams.get(ERROR_DESCRIPTION);
+ }
+
+ public void setErrorUri(String errorUri) {
+ respParams.put(ERROR_URI, errorUri);
+ }
+
+ public String getErrorUri() {
+ return respParams.get(ERROR_URI);
+ }
+
+ public void setState(String state) {
+ respParams.put(STATE, state);
+ }
+
+ public String getState() {
+ return respParams.get(STATE);
+ }
+
+ public void setCode(String code) {
+ respParams.put(CODE, code);
+ }
+
+ public String getCode() {
+ return respParams.get(CODE);
+ }
+
+ public void setAccessToken(String accessToken) {
+ respParams.put(ACCESS_TOKEN, accessToken);
+ }
+
+ public String getAccessToken() {
+ return respParams.get(ACCESS_TOKEN);
+ }
+
+ public void setTokenType(String tokenType) {
+ respParams.put(TOKEN_TYPE, tokenType);
+ }
+
+ public String getTokenType() {
+ return respParams.get(TOKEN_TYPE);
+ }
+
+ public void setExpiresIn(String expiresIn) {
+ respParams.put(EXPIRES_IN, expiresIn);
+ }
+
+ public String getExpiresIn() {
+ return respParams.get(EXPIRES_IN);
+ }
+
+ public void setRefreshToken(String refreshToken) {
+ respParams.put(REFRESH_TOKEN, refreshToken);
+ }
+
+ public String getRefreshToken() {
+ return respParams.get(REFRESH_TOKEN);
+ }
+
+ public void setScope(String scope) {
+ respParams.put(SCOPE, scope);
+ }
+
+ public String getScope() {
+ return respParams.get(SCOPE);
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2NormalizedResponse.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Service.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Service.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Service.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Service.java Mon Feb 13 02:59:33 2012
@@ -1,91 +1,91 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-/**
- * Services to support the OAuth 2.0 specification flows and enforcement.
- *
- * TODO (Eric): include grant methods?
- */
-public interface OAuth2Service {
-
- /**
- * Retrieves the underlying data service.
- */
- public OAuth2DataService getDataService();
-
- // --------------------------- VALIDATION SERVICES --------------------------
- /**
- * Validates a client.
- */
- public void authenticateClient(OAuth2NormalizedRequest req)
- throws OAuth2Exception;
-
- /**
- * Validates a client's request for an authorization token.
- */
- public void validateRequestForAuthCode(OAuth2NormalizedRequest req)
- throws OAuth2Exception;
-
- /**
- * Validates a client's request for an access token.
- */
- public void validateRequestForAccessToken(OAuth2NormalizedRequest req)
- throws OAuth2Exception;
-
- /**
- * Validates a client's request to use access a resource.
- */
- public void validateRequestForResource(OAuth2NormalizedRequest req,
- Object resourceRequest) throws OAuth2Exception;
-
- // ------------------- GENERATION & REGISTRATION OF CODES -------------------
- /**
- * Grants an authorization code to the given client by generating and
- * registering the code.
- */
- public OAuth2Code grantAuthorizationCode(OAuth2NormalizedRequest req);
-
- /**
- * Grants an access token to the given client by generating and registering
- * the access token.
- */
- public OAuth2Code grantAccessToken(OAuth2NormalizedRequest req);
-
- /**
- * Grants a refresh token to the given client by generating and registering
- * the refresh token.
- */
- public OAuth2Code grantRefreshToken(OAuth2NormalizedRequest req);
-
- // ------------------------ TOKEN GENERATION SERVICES -----------------------
- /**
- * Generates an authorization code from a client OAuth 2.0 request.
- */
- public OAuth2Code generateAuthorizationCode(OAuth2NormalizedRequest req);
-
- /**
- * Generates an access token from a client OAuth 2.0 request.
- */
- public OAuth2Code generateAccessToken(OAuth2NormalizedRequest req);
-
- /**
- * Generates a refresh token from a client OAuth 2.0 request.
- */
- public OAuth2Code generateRefreshToken(OAuth2NormalizedRequest req);
-}
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+/**
+ * Services to support the OAuth 2.0 specification flows and enforcement.
+ *
+ * TODO (Eric): include grant methods?
+ */
+public interface OAuth2Service {
+
+ /**
+ * Retrieves the underlying data service.
+ */
+ public OAuth2DataService getDataService();
+
+ // --------------------------- VALIDATION SERVICES --------------------------
+ /**
+ * Validates a client.
+ */
+ public void authenticateClient(OAuth2NormalizedRequest req)
+ throws OAuth2Exception;
+
+ /**
+ * Validates a client's request for an authorization token.
+ */
+ public void validateRequestForAuthCode(OAuth2NormalizedRequest req)
+ throws OAuth2Exception;
+
+ /**
+ * Validates a client's request for an access token.
+ */
+ public void validateRequestForAccessToken(OAuth2NormalizedRequest req)
+ throws OAuth2Exception;
+
+ /**
+ * Validates a client's request to use access a resource.
+ */
+ public void validateRequestForResource(OAuth2NormalizedRequest req,
+ Object resourceRequest) throws OAuth2Exception;
+
+ // ------------------- GENERATION & REGISTRATION OF CODES -------------------
+ /**
+ * Grants an authorization code to the given client by generating and
+ * registering the code.
+ */
+ public OAuth2Code grantAuthorizationCode(OAuth2NormalizedRequest req);
+
+ /**
+ * Grants an access token to the given client by generating and registering
+ * the access token.
+ */
+ public OAuth2Code grantAccessToken(OAuth2NormalizedRequest req);
+
+ /**
+ * Grants a refresh token to the given client by generating and registering
+ * the refresh token.
+ */
+ public OAuth2Code grantRefreshToken(OAuth2NormalizedRequest req);
+
+ // ------------------------ TOKEN GENERATION SERVICES -----------------------
+ /**
+ * Generates an authorization code from a client OAuth 2.0 request.
+ */
+ public OAuth2Code generateAuthorizationCode(OAuth2NormalizedRequest req);
+
+ /**
+ * Generates an access token from a client OAuth 2.0 request.
+ */
+ public OAuth2Code generateAccessToken(OAuth2NormalizedRequest req);
+
+ /**
+ * Generates a refresh token from a client OAuth 2.0 request.
+ */
+ public OAuth2Code generateRefreshToken(OAuth2NormalizedRequest req);
+}
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Service.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2ServiceImpl.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2ServiceImpl.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2ServiceImpl.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2ServiceImpl.java Mon Feb 13 02:59:33 2012
@@ -1,204 +1,204 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Properties;
-import java.util.UUID;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.shindig.common.util.ResourceLoader;
-import org.apache.shindig.social.core.oauth2.OAuth2Client.ClientType;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.CodeType;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-import org.apache.shindig.social.core.oauth2.validators.AccessTokenRequestValidator;
-import org.apache.shindig.social.core.oauth2.validators.AuthorizationCodeRequestValidator;
-import org.apache.shindig.social.core.oauth2.validators.DefaultResourceRequestValidator;
-import org.apache.shindig.social.core.oauth2.validators.OAuth2ProtectedResourceValidator;
-import org.apache.shindig.social.core.oauth2.validators.OAuth2RequestValidator;
-
-import com.google.inject.CreationException;
-import com.google.inject.Inject;
-import com.google.inject.Singleton;
-import com.google.inject.spi.Message;
-
-/**
- * A simple in-memory implementation of the OAuth 2 services.
- */
-@Singleton
-public class OAuth2ServiceImpl implements OAuth2Service {
-
- private OAuth2DataService store; // underlying OAuth data store
-
- private long authCodeExpires;
- private long accessTokenExpires;
-
- // validators
- private OAuth2RequestValidator accessTokenValidator;
- private OAuth2RequestValidator authCodeValidator;
- private OAuth2ProtectedResourceValidator resourceReqValidator;
-
-
- @Inject
- public OAuth2ServiceImpl(OAuth2DataService store) {
- this.store = store;
-
- // TODO (Eric): properties should be injected, but getting "no implementation bound"
- Properties props = readPropertyFile("shindig.properties");
- this.authCodeExpires = Long.valueOf(props.getProperty("shindig.oauth2.authCodeExpiration"));
- this.accessTokenExpires = Long.valueOf(props.getProperty("shindig.oauth2.accessTokenExpiration"));
-
- // TODO (Matt): validators should be injected
- authCodeValidator = new AuthorizationCodeRequestValidator(store);
- accessTokenValidator = new AccessTokenRequestValidator(store);
- resourceReqValidator = new DefaultResourceRequestValidator(store);
- }
-
- public OAuth2DataService getDataService() {
- return store;
- }
-
- public void authenticateClient(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
- OAuth2Client client = store.getClient(req.getClientId());
- if (client == null) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_CLIENT.toString());
- resp.setErrorDescription("The client ID is invalid or not registered");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- throw new OAuth2Exception(resp);
- }
- String realSecret = client.getSecret();
- String reqSecret = req.getClientSecret();
- if (realSecret != null || reqSecret != null
- || client.getType() == ClientType.CONFIDENTIAL) {
- if (realSecret == null || reqSecret == null
- || !realSecret.equals(reqSecret)) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.UNAUTHORIZED_CLIENT.toString());
- resp.setErrorDescription("The client failed to authorize");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- throw new OAuth2Exception(resp);
- }
- }
- }
-
- public void validateRequestForAuthCode(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
- authCodeValidator.validateRequest(req);
- }
-
- public void validateRequestForAccessToken(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
- accessTokenValidator.validateRequest(req);
- }
-
- public void validateRequestForResource(OAuth2NormalizedRequest req,
- Object resourceRequest) throws OAuth2Exception {
- resourceReqValidator.validateRequestForResource(req, resourceRequest);
- }
-
- public OAuth2Code grantAuthorizationCode(OAuth2NormalizedRequest req) {
- OAuth2Code authCode = generateAuthorizationCode(req);
- store.registerAuthorizationCode(req.getClientId(), authCode);
- return authCode;
- }
-
- public OAuth2Code grantAccessToken(OAuth2NormalizedRequest req) {
- OAuth2Code accessToken = generateAccessToken(req);
- OAuth2Code authCode = store.getAuthorizationCode(req.getClientId(),
- req.getAuthorizationCode());
- if (authCode != null) {
- authCode.setRelatedAccessToken(accessToken);
- }
- store.registerAccessToken(req.getClientId(), accessToken);
- return accessToken;
- }
-
- public OAuth2Code grantRefreshToken(OAuth2NormalizedRequest req) {
- OAuth2Code refreshToken = generateRefreshToken(req);
- store.registerRefreshToken(req.getClientId(), refreshToken);
- return refreshToken;
- }
-
- public OAuth2Code generateAuthorizationCode(OAuth2NormalizedRequest req) {
- OAuth2Code authCode = new OAuth2Code();
- authCode.setValue(UUID.randomUUID().toString());
- authCode.setExpiration(System.currentTimeMillis() + authCodeExpires);
- OAuth2Client client = store.getClient(req.getString("client_id"));
- authCode.setClient(client);
- if (req.getRedirectURI() != null) {
- authCode.setRedirectURI(req.getRedirectURI());
- } else {
- authCode.setRedirectURI(client.getRedirectURI());
- }
- return authCode;
- }
-
- public OAuth2Code generateAccessToken(OAuth2NormalizedRequest req) {
- // generate token value
- OAuth2Code accessToken = new OAuth2Code();
- accessToken.setType(CodeType.ACCESS_TOKEN);
- accessToken.setValue(UUID.randomUUID().toString());
- accessToken.setExpiration(System.currentTimeMillis() + accessTokenExpires);
- if (req.getRedirectURI() != null) {
- accessToken.setRedirectURI(req.getRedirectURI());
- } else {
- accessToken.setRedirectURI(store.getClient(req.getClientId()).getRedirectURI());
- }
-
- // associate with existing authorization code, if an auth code exists.
- if (req.getAuthorizationCode() != null) {
- OAuth2Code authCode = store.getAuthorizationCode(req.getClientId(), req.getAuthorizationCode());
- accessToken.setRelatedAuthCode(authCode);
- accessToken.setClient(authCode.getClient());
- if (authCode.getScope() != null) {
- accessToken.setScope(new ArrayList<String>(authCode.getScope()));
- }
- }
-
- return accessToken;
- }
-
- // TODO (Eric): Refresh tokens are not yet supported.
- public OAuth2Code generateRefreshToken(OAuth2NormalizedRequest req) {
- throw new RuntimeException("not yet implemented");
- }
-
- private Properties readPropertyFile(String propertyFile) {
- Properties properties = new Properties();
- InputStream is = null;
- try {
- is = ResourceLoader.openResource(propertyFile);
- properties.load(is);
- } catch (IOException e) {
- throw new CreationException(Arrays.asList(
- new Message("Unable to load properties: " + propertyFile)));
- } finally {
- IOUtils.closeQuietly( is );
- }
- return properties;
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Properties;
+import java.util.UUID;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.shindig.common.util.ResourceLoader;
+import org.apache.shindig.social.core.oauth2.OAuth2Client.ClientType;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.CodeType;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+import org.apache.shindig.social.core.oauth2.validators.AccessTokenRequestValidator;
+import org.apache.shindig.social.core.oauth2.validators.AuthorizationCodeRequestValidator;
+import org.apache.shindig.social.core.oauth2.validators.DefaultResourceRequestValidator;
+import org.apache.shindig.social.core.oauth2.validators.OAuth2ProtectedResourceValidator;
+import org.apache.shindig.social.core.oauth2.validators.OAuth2RequestValidator;
+
+import com.google.inject.CreationException;
+import com.google.inject.Inject;
+import com.google.inject.Singleton;
+import com.google.inject.spi.Message;
+
+/**
+ * A simple in-memory implementation of the OAuth 2 services.
+ */
+@Singleton
+public class OAuth2ServiceImpl implements OAuth2Service {
+
+ private OAuth2DataService store; // underlying OAuth data store
+
+ private long authCodeExpires;
+ private long accessTokenExpires;
+
+ // validators
+ private OAuth2RequestValidator accessTokenValidator;
+ private OAuth2RequestValidator authCodeValidator;
+ private OAuth2ProtectedResourceValidator resourceReqValidator;
+
+
+ @Inject
+ public OAuth2ServiceImpl(OAuth2DataService store) {
+ this.store = store;
+
+ // TODO (Eric): properties should be injected, but getting "no implementation bound"
+ Properties props = readPropertyFile("shindig.properties");
+ this.authCodeExpires = Long.valueOf(props.getProperty("shindig.oauth2.authCodeExpiration"));
+ this.accessTokenExpires = Long.valueOf(props.getProperty("shindig.oauth2.accessTokenExpiration"));
+
+ // TODO (Matt): validators should be injected
+ authCodeValidator = new AuthorizationCodeRequestValidator(store);
+ accessTokenValidator = new AccessTokenRequestValidator(store);
+ resourceReqValidator = new DefaultResourceRequestValidator(store);
+ }
+
+ public OAuth2DataService getDataService() {
+ return store;
+ }
+
+ public void authenticateClient(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+ OAuth2Client client = store.getClient(req.getClientId());
+ if (client == null) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_CLIENT.toString());
+ resp.setErrorDescription("The client ID is invalid or not registered");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ throw new OAuth2Exception(resp);
+ }
+ String realSecret = client.getSecret();
+ String reqSecret = req.getClientSecret();
+ if (realSecret != null || reqSecret != null
+ || client.getType() == ClientType.CONFIDENTIAL) {
+ if (realSecret == null || reqSecret == null
+ || !realSecret.equals(reqSecret)) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.UNAUTHORIZED_CLIENT.toString());
+ resp.setErrorDescription("The client failed to authorize");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ throw new OAuth2Exception(resp);
+ }
+ }
+ }
+
+ public void validateRequestForAuthCode(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+ authCodeValidator.validateRequest(req);
+ }
+
+ public void validateRequestForAccessToken(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+ accessTokenValidator.validateRequest(req);
+ }
+
+ public void validateRequestForResource(OAuth2NormalizedRequest req,
+ Object resourceRequest) throws OAuth2Exception {
+ resourceReqValidator.validateRequestForResource(req, resourceRequest);
+ }
+
+ public OAuth2Code grantAuthorizationCode(OAuth2NormalizedRequest req) {
+ OAuth2Code authCode = generateAuthorizationCode(req);
+ store.registerAuthorizationCode(req.getClientId(), authCode);
+ return authCode;
+ }
+
+ public OAuth2Code grantAccessToken(OAuth2NormalizedRequest req) {
+ OAuth2Code accessToken = generateAccessToken(req);
+ OAuth2Code authCode = store.getAuthorizationCode(req.getClientId(),
+ req.getAuthorizationCode());
+ if (authCode != null) {
+ authCode.setRelatedAccessToken(accessToken);
+ }
+ store.registerAccessToken(req.getClientId(), accessToken);
+ return accessToken;
+ }
+
+ public OAuth2Code grantRefreshToken(OAuth2NormalizedRequest req) {
+ OAuth2Code refreshToken = generateRefreshToken(req);
+ store.registerRefreshToken(req.getClientId(), refreshToken);
+ return refreshToken;
+ }
+
+ public OAuth2Code generateAuthorizationCode(OAuth2NormalizedRequest req) {
+ OAuth2Code authCode = new OAuth2Code();
+ authCode.setValue(UUID.randomUUID().toString());
+ authCode.setExpiration(System.currentTimeMillis() + authCodeExpires);
+ OAuth2Client client = store.getClient(req.getString("client_id"));
+ authCode.setClient(client);
+ if (req.getRedirectURI() != null) {
+ authCode.setRedirectURI(req.getRedirectURI());
+ } else {
+ authCode.setRedirectURI(client.getRedirectURI());
+ }
+ return authCode;
+ }
+
+ public OAuth2Code generateAccessToken(OAuth2NormalizedRequest req) {
+ // generate token value
+ OAuth2Code accessToken = new OAuth2Code();
+ accessToken.setType(CodeType.ACCESS_TOKEN);
+ accessToken.setValue(UUID.randomUUID().toString());
+ accessToken.setExpiration(System.currentTimeMillis() + accessTokenExpires);
+ if (req.getRedirectURI() != null) {
+ accessToken.setRedirectURI(req.getRedirectURI());
+ } else {
+ accessToken.setRedirectURI(store.getClient(req.getClientId()).getRedirectURI());
+ }
+
+ // associate with existing authorization code, if an auth code exists.
+ if (req.getAuthorizationCode() != null) {
+ OAuth2Code authCode = store.getAuthorizationCode(req.getClientId(), req.getAuthorizationCode());
+ accessToken.setRelatedAuthCode(authCode);
+ accessToken.setClient(authCode.getClient());
+ if (authCode.getScope() != null) {
+ accessToken.setScope(new ArrayList<String>(authCode.getScope()));
+ }
+ }
+
+ return accessToken;
+ }
+
+ // TODO (Eric): Refresh tokens are not yet supported.
+ public OAuth2Code generateRefreshToken(OAuth2NormalizedRequest req) {
+ throw new RuntimeException("not yet implemented");
+ }
+
+ private Properties readPropertyFile(String propertyFile) {
+ Properties properties = new Properties();
+ InputStream is = null;
+ try {
+ is = ResourceLoader.openResource(propertyFile);
+ properties.load(is);
+ } catch (IOException e) {
+ throw new CreationException(Arrays.asList(
+ new Message("Unable to load properties: " + propertyFile)));
+ } finally {
+ IOUtils.closeQuietly( is );
+ }
+ return properties;
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2ServiceImpl.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Servlet.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Servlet.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Servlet.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Servlet.java Mon Feb 13 02:59:33 2012
@@ -1,120 +1,120 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Map;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.servlet.ServletConfig;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.io.IOUtils;
-import org.apache.shindig.common.logging.i18n.MessageKeys;
-import org.apache.shindig.common.servlet.HttpUtil;
-import org.apache.shindig.common.servlet.InjectedServlet;
-import org.json.JSONObject;
-
-import com.google.inject.Inject;
-
-/**
- * Main servlet to catch OAuth 2.0 requests.
- */
-public class OAuth2Servlet extends InjectedServlet {
-
- private static final long serialVersionUID = -4257719224664564922L;
- private static OAuth2AuthorizationHandler authorizationHandler;
- private static OAuth2TokenHandler tokenHandler;
-
- //class name for logging purpose
- private static final String classname = OAuth2Servlet.class.getName();
- private static final Logger LOG = Logger.getLogger(classname,MessageKeys.MESSAGES);
-
- @Inject
- public void setOAuth2Service(OAuth2Service oauthService) {
- authorizationHandler = new OAuth2AuthorizationHandler(oauthService);
- tokenHandler = new OAuth2TokenHandler(oauthService);
- }
-
- @Override
- public void init(ServletConfig config) throws ServletException {
- super.init(config);
- }
-
- @Override
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- HttpUtil.setNoCache(response);
- String path = request.getPathInfo();
- if (path.endsWith("authorize")) {
- sendOAuth2Response(response, authorizationHandler.handle(request, response));
- } else if (path.endsWith("token")) {
- sendOAuth2Response(response, tokenHandler.handle(request, response));
- } else {
- response.sendError(HttpServletResponse.SC_NOT_FOUND, "Unknown URL");
- }
- }
-
- @Override
- protected void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- doGet(request, response);
- }
-
- /**
- * Sends an OAuth 2.0 response based on an OAuth2NormalizedResponse object.
- *
- * @param servletResp is the servlet's response object
- * @param normalizedResp maintains the headers and body fields to respond with
- * @param createBody defines whether or not to create a body from the response parameters
- */
- private void sendOAuth2Response(HttpServletResponse servletResp,
- OAuth2NormalizedResponse normalizedResp) {
- // set status
- servletResp.setStatus(normalizedResp.getStatus());
-
- // set body parameters
- Map<String, String> respParams = normalizedResp.getResponseParameters();
- if (normalizedResp.isBodyReturned() && respParams != null) {
- PrintWriter out = null;
- try {
- servletResp.setHeader("Content-Type", "application/json");
- out = servletResp.getWriter();
- out.println(new JSONObject(respParams).toString());
- out.flush();
- } catch (IOException e) {
- LOG.logp(Level.WARNING, classname, "getBodyAsString", MessageKeys.INVALID_OAUTH, e);
- throw new RuntimeException(e);
- } finally {
- IOUtils.closeQuietly(out);
- }
- }
-
- // set headers
- Map<String, String> headers = normalizedResp.getHeaders();
- if (headers != null) {
- for (String key : headers.keySet()) {
- servletResp.setHeader(key, headers.get(key));
- }
- }
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.shindig.common.logging.i18n.MessageKeys;
+import org.apache.shindig.common.servlet.HttpUtil;
+import org.apache.shindig.common.servlet.InjectedServlet;
+import org.json.JSONObject;
+
+import com.google.inject.Inject;
+
+/**
+ * Main servlet to catch OAuth 2.0 requests.
+ */
+public class OAuth2Servlet extends InjectedServlet {
+
+ private static final long serialVersionUID = -4257719224664564922L;
+ private static OAuth2AuthorizationHandler authorizationHandler;
+ private static OAuth2TokenHandler tokenHandler;
+
+ //class name for logging purpose
+ private static final String classname = OAuth2Servlet.class.getName();
+ private static final Logger LOG = Logger.getLogger(classname,MessageKeys.MESSAGES);
+
+ @Inject
+ public void setOAuth2Service(OAuth2Service oauthService) {
+ authorizationHandler = new OAuth2AuthorizationHandler(oauthService);
+ tokenHandler = new OAuth2TokenHandler(oauthService);
+ }
+
+ @Override
+ public void init(ServletConfig config) throws ServletException {
+ super.init(config);
+ }
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ HttpUtil.setNoCache(response);
+ String path = request.getPathInfo();
+ if (path.endsWith("authorize")) {
+ sendOAuth2Response(response, authorizationHandler.handle(request, response));
+ } else if (path.endsWith("token")) {
+ sendOAuth2Response(response, tokenHandler.handle(request, response));
+ } else {
+ response.sendError(HttpServletResponse.SC_NOT_FOUND, "Unknown URL");
+ }
+ }
+
+ @Override
+ protected void doPost(HttpServletRequest request, HttpServletResponse response)
+ throws ServletException, IOException {
+ doGet(request, response);
+ }
+
+ /**
+ * Sends an OAuth 2.0 response based on an OAuth2NormalizedResponse object.
+ *
+ * @param servletResp is the servlet's response object
+ * @param normalizedResp maintains the headers and body fields to respond with
+ * @param createBody defines whether or not to create a body from the response parameters
+ */
+ private void sendOAuth2Response(HttpServletResponse servletResp,
+ OAuth2NormalizedResponse normalizedResp) {
+ // set status
+ servletResp.setStatus(normalizedResp.getStatus());
+
+ // set body parameters
+ Map<String, String> respParams = normalizedResp.getResponseParameters();
+ if (normalizedResp.isBodyReturned() && respParams != null) {
+ PrintWriter out = null;
+ try {
+ servletResp.setHeader("Content-Type", "application/json");
+ out = servletResp.getWriter();
+ out.println(new JSONObject(respParams).toString());
+ out.flush();
+ } catch (IOException e) {
+ LOG.logp(Level.WARNING, classname, "getBodyAsString", MessageKeys.INVALID_OAUTH, e);
+ throw new RuntimeException(e);
+ } finally {
+ IOUtils.closeQuietly(out);
+ }
+ }
+
+ // set headers
+ Map<String, String> headers = normalizedResp.getHeaders();
+ if (headers != null) {
+ for (String key : headers.keySet()) {
+ servletResp.setHeader(key, headers.get(key));
+ }
+ }
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Servlet.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2TokenHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2TokenHandler.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2TokenHandler.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2TokenHandler.java Mon Feb 13 02:59:33 2012
@@ -1,97 +1,97 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-import java.io.IOException;
-import java.util.List;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Types.TokenFormat;
-
-/**
- * Handles operations to the OAuth 2.0 token end point.
- *
- * TODO (Eric): generate refreshToken & associate with accessToken
- */
-public class OAuth2TokenHandler {
-
- private OAuth2Service service;
-
- /**
- * Constructs the token handler with the OAuth2Service.
- *
- * @param service is the service that will support this handler
- */
- public OAuth2TokenHandler(OAuth2Service service) {
- this.service = service;
- }
-
- /**
- * Handles an OAuth 2.0 request to the token endpoint.
- *
- * @param request is the servlet request object
- * @param response is the servlet response object
- * @return OAuth2NormalizedResponse encapsulates the request's response
- *
- * @throws ServletException
- * @throws IOException
- */
- public OAuth2NormalizedResponse handle(HttpServletRequest request,
- HttpServletResponse response) throws ServletException, IOException {
- try {
- // normalize the request
- OAuth2NormalizedRequest normalizedReq = new OAuth2NormalizedRequest(request);
-
- // grant access token
- service.authenticateClient(normalizedReq);
- service.validateRequestForAccessToken(normalizedReq);
- OAuth2Code accessToken = service.grantAccessToken(normalizedReq);
-
- // send response
- OAuth2NormalizedResponse normalizedResp = new OAuth2NormalizedResponse();
- normalizedResp.setAccessToken(accessToken.getValue());
- normalizedResp.setTokenType(TokenFormat.BEARER.toString());
- normalizedResp.setExpiresIn((accessToken.getExpiration() - System.currentTimeMillis() + ""));
- normalizedResp.setScope(listToString(accessToken.getScope()));
- normalizedResp.setStatus(HttpServletResponse.SC_OK);
- normalizedResp.setBodyReturned(true);
- if (normalizedReq.getState() != null) normalizedResp.setState(normalizedReq.getState());
- return normalizedResp;
- } catch (OAuth2Exception oae) {
- return oae.getNormalizedResponse();
- }
- }
-
- /**
- * Private utility to comma-delimit a list of Strings
- */
- private static String listToString(List<String> list) {
- if (list == null || list.isEmpty())
- return "";
- StringBuilder sb = new StringBuilder();
- for (String item : list) {
- sb.append(item);
- sb.append(',');
- }
- sb.deleteCharAt(sb.length());
- return sb.toString();
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+import java.io.IOException;
+import java.util.List;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Types.TokenFormat;
+
+/**
+ * Handles operations to the OAuth 2.0 token end point.
+ *
+ * TODO (Eric): generate refreshToken & associate with accessToken
+ */
+public class OAuth2TokenHandler {
+
+ private OAuth2Service service;
+
+ /**
+ * Constructs the token handler with the OAuth2Service.
+ *
+ * @param service is the service that will support this handler
+ */
+ public OAuth2TokenHandler(OAuth2Service service) {
+ this.service = service;
+ }
+
+ /**
+ * Handles an OAuth 2.0 request to the token endpoint.
+ *
+ * @param request is the servlet request object
+ * @param response is the servlet response object
+ * @return OAuth2NormalizedResponse encapsulates the request's response
+ *
+ * @throws ServletException
+ * @throws IOException
+ */
+ public OAuth2NormalizedResponse handle(HttpServletRequest request,
+ HttpServletResponse response) throws ServletException, IOException {
+ try {
+ // normalize the request
+ OAuth2NormalizedRequest normalizedReq = new OAuth2NormalizedRequest(request);
+
+ // grant access token
+ service.authenticateClient(normalizedReq);
+ service.validateRequestForAccessToken(normalizedReq);
+ OAuth2Code accessToken = service.grantAccessToken(normalizedReq);
+
+ // send response
+ OAuth2NormalizedResponse normalizedResp = new OAuth2NormalizedResponse();
+ normalizedResp.setAccessToken(accessToken.getValue());
+ normalizedResp.setTokenType(TokenFormat.BEARER.toString());
+ normalizedResp.setExpiresIn((accessToken.getExpiration() - System.currentTimeMillis() + ""));
+ normalizedResp.setScope(listToString(accessToken.getScope()));
+ normalizedResp.setStatus(HttpServletResponse.SC_OK);
+ normalizedResp.setBodyReturned(true);
+ if (normalizedReq.getState() != null) normalizedResp.setState(normalizedReq.getState());
+ return normalizedResp;
+ } catch (OAuth2Exception oae) {
+ return oae.getNormalizedResponse();
+ }
+ }
+
+ /**
+ * Private utility to comma-delimit a list of Strings
+ */
+ private static String listToString(List<String> list) {
+ if (list == null || list.isEmpty())
+ return "";
+ StringBuilder sb = new StringBuilder();
+ for (String item : list) {
+ sb.append(item);
+ sb.append(',');
+ }
+ sb.deleteCharAt(sb.length());
+ return sb.toString();
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2TokenHandler.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Types.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Types.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Types.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Types.java Mon Feb 13 02:59:33 2012
@@ -1,124 +1,124 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-/**
- * A collection of OAuth 2.0's enumerated types.
- */
-public class OAuth2Types {
-
- /**
- * Enumerated error types in the OAuth 2.0 specification.
- */
- public static enum ErrorType {
- INVALID_REQUEST("invalid_request"),
- INVALID_CLIENT("invalid_client"),
- INVALID_GRANT("invalid_grant"),
- UNAUTHORIZED_CLIENT("unauthorized_client"),
- UNSUPPORTED_GRANT_TYPE("unsupported_grant_type"),
- INVALID_SCOPE("invalid_scope"), ACCESS_DENIED("access_denied"),
- UNSUPPORTED_RESPONSE_TYPE("unsupported_response_type"),
- SERVER_ERROR("server_error"),
- TEMPORARILY_UNAVAILABLE("temporarily_unavailable");
-
- private final String name;
-
- private ErrorType(String name) {
- this.name = name;
- }
-
- public String toString() {
- return name;
- }
- }
-
- /**
- * Enumerated grant types in the OAuth 2.0 specification.
- */
- public static enum GrantType {
- REFRESH_TOKEN("refresh_token"),
- AUTHORIZATION_CODE("authorization_code"),
- PASSWORD("password"),
- CLIENT_CREDENTIALS("client_credentials"),
- CUSTOM("custom");
-
- private final String name;
-
- private GrantType(String name) {
- this.name = name;
- }
-
- public String toString() {
- return name;
- }
- }
-
- /**
- * Enumerated response types in the OAuth 2.0 specification.
- */
- public static enum ResponseType {
- CODE("code"), TOKEN("token");
-
- private final String name;
-
- private ResponseType(String name) {
- this.name = name;
- }
-
- public String toString() {
- return name;
- }
- }
-
- /**
- * Enumerated token types in the OAuth 2.0 specification.
- */
- public static enum CodeType {
- AUTHORIZATION_CODE("authorization_code"),
- ACCESS_TOKEN("access_token"),
- REFRESH_TOKEN("refresh_token");
-
- private final String name;
-
- private CodeType(String name) {
- this.name = name;
- }
-
- public String toString() {
- return name;
- }
- }
-
- /**
- * Enumerated token types in the OAuth 2.0 specification.
- */
- public static enum TokenFormat {
- BEARER("bearer"),
- MAC("mac");
-
- private final String name;
-
- private TokenFormat(String name) {
- this.name = name;
- }
-
- public String toString() {
- return name;
- }
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+/**
+ * A collection of OAuth 2.0's enumerated types.
+ */
+public class OAuth2Types {
+
+ /**
+ * Enumerated error types in the OAuth 2.0 specification.
+ */
+ public static enum ErrorType {
+ INVALID_REQUEST("invalid_request"),
+ INVALID_CLIENT("invalid_client"),
+ INVALID_GRANT("invalid_grant"),
+ UNAUTHORIZED_CLIENT("unauthorized_client"),
+ UNSUPPORTED_GRANT_TYPE("unsupported_grant_type"),
+ INVALID_SCOPE("invalid_scope"), ACCESS_DENIED("access_denied"),
+ UNSUPPORTED_RESPONSE_TYPE("unsupported_response_type"),
+ SERVER_ERROR("server_error"),
+ TEMPORARILY_UNAVAILABLE("temporarily_unavailable");
+
+ private final String name;
+
+ private ErrorType(String name) {
+ this.name = name;
+ }
+
+ public String toString() {
+ return name;
+ }
+ }
+
+ /**
+ * Enumerated grant types in the OAuth 2.0 specification.
+ */
+ public static enum GrantType {
+ REFRESH_TOKEN("refresh_token"),
+ AUTHORIZATION_CODE("authorization_code"),
+ PASSWORD("password"),
+ CLIENT_CREDENTIALS("client_credentials"),
+ CUSTOM("custom");
+
+ private final String name;
+
+ private GrantType(String name) {
+ this.name = name;
+ }
+
+ public String toString() {
+ return name;
+ }
+ }
+
+ /**
+ * Enumerated response types in the OAuth 2.0 specification.
+ */
+ public static enum ResponseType {
+ CODE("code"), TOKEN("token");
+
+ private final String name;
+
+ private ResponseType(String name) {
+ this.name = name;
+ }
+
+ public String toString() {
+ return name;
+ }
+ }
+
+ /**
+ * Enumerated token types in the OAuth 2.0 specification.
+ */
+ public static enum CodeType {
+ AUTHORIZATION_CODE("authorization_code"),
+ ACCESS_TOKEN("access_token"),
+ REFRESH_TOKEN("refresh_token");
+
+ private final String name;
+
+ private CodeType(String name) {
+ this.name = name;
+ }
+
+ public String toString() {
+ return name;
+ }
+ }
+
+ /**
+ * Enumerated token types in the OAuth 2.0 specification.
+ */
+ public static enum TokenFormat {
+ BEARER("bearer"),
+ MAC("mac");
+
+ private final String name;
+
+ private TokenFormat(String name) {
+ this.name = name;
+ }
+
+ public String toString() {
+ return name;
+ }
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Types.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Utils.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Utils.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
--- shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Utils.java (original)
+++ shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Utils.java Mon Feb 13 02:59:33 2012
@@ -1,59 +1,59 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2;
-
-import java.util.Map;
-
-import org.apache.shindig.common.uri.UriBuilder;
-
-/**
- * Collection of utility classes to support OAuth 2.0 operations.
- */
-public class OAuth2Utils {
-
- /**
- * Converts a Map<String, String> to a URL query string.
- *
- * @param params represents the Map of query parameters
- *
- * @return String is the URL encoded parameter String
- */
- public static String convertQueryString(Map<String, String> params) {
- if (params == null) return "";
- UriBuilder builder = new UriBuilder();
- builder.addQueryParameters(params);
- return builder.getQuery();
- }
-
- /**
- * Normalizes a URL and parameters. If the URL already contains parameters,
- * new parameters will be added properly.
- *
- * @param URL is the base URL to normalize
- * @param queryParams query parameters to add to the URL
- * @param fragmentParams fragment params to add to the URL
- */
- public static String buildUrl(String url, Map<String, String> queryParams,
- Map<String, String> fragmentParams) {
- UriBuilder builder = new UriBuilder();
- builder.setPath(url);
- if (queryParams != null) builder.addQueryParameters(queryParams);
- if (fragmentParams != null) builder.addFragmentParameters(fragmentParams);
- return builder.toString();
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2;
+
+import java.util.Map;
+
+import org.apache.shindig.common.uri.UriBuilder;
+
+/**
+ * Collection of utility classes to support OAuth 2.0 operations.
+ */
+public class OAuth2Utils {
+
+ /**
+ * Converts a Map<String, String> to a URL query string.
+ *
+ * @param params represents the Map of query parameters
+ *
+ * @return String is the URL encoded parameter String
+ */
+ public static String convertQueryString(Map<String, String> params) {
+ if (params == null) return "";
+ UriBuilder builder = new UriBuilder();
+ builder.addQueryParameters(params);
+ return builder.getQuery();
+ }
+
+ /**
+ * Normalizes a URL and parameters. If the URL already contains parameters,
+ * new parameters will be added properly.
+ *
+ * @param URL is the base URL to normalize
+ * @param queryParams query parameters to add to the URL
+ * @param fragmentParams fragment params to add to the URL
+ */
+ public static String buildUrl(String url, Map<String, String> queryParams,
+ Map<String, String> fragmentParams) {
+ UriBuilder builder = new UriBuilder();
+ builder.setPath(url);
+ if (queryParams != null) builder.addQueryParameters(queryParams);
+ if (fragmentParams != null) builder.addFragmentParameters(fragmentParams);
+ return builder.toString();
+ }
}
\ No newline at end of file
Propchange: shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/OAuth2Utils.java
------------------------------------------------------------------------------
svn:eol-style = native