You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by li...@apache.org on 2009/02/23 17:52:16 UTC
svn commit: r747078 -
/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java
Author: lindner
Date: Mon Feb 23 16:52:15 2009
New Revision: 747078
URL: http://svn.apache.org/viewvc?rev=747078&view=rev
Log:
throw 401s when we have invalid OAuth credentials instead of falling through
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java
Modified: incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java?rev=747078&r1=747077&r2=747078&view=diff
==============================================================================
--- incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java (original)
+++ incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth/OAuthAuthenticationHandler.java Mon Feb 23 16:52:15 2009
@@ -59,26 +59,17 @@
OAuthMessage message = OAuthServlet.getMessage(request, null);
OAuthEntry entry;
-
try {
- // no token available...
+ // We only return null if this request
if (message.getToken() == null) return null;
+ // no token available...
entry = store.getEntry(message.getToken());
} catch (IOException e) {
return null;
}
- if (!isValidOAuthRequest(message, entry)) {
- return null;
- }
-
- return new OAuthSecurityToken(entry.userId, entry.callbackUrl, entry.appId,
- entry.domain, entry.container);
- }
-
- private boolean isValidOAuthRequest(OAuthMessage message, OAuthEntry entry) {
- if (entry == null)
+ if (entry == null)
throw new InvalidAuthenticationException("access token not found.", null);
if (entry.type != OAuthEntry.Type.ACCESS)
throw new InvalidAuthenticationException("token is not an access token.", null);
@@ -97,11 +88,12 @@
} catch (OAuthException e) {
throw new InvalidAuthenticationException(e.getMessage(), e);
} catch (IOException e) {
- return false;
+ throw new InvalidAuthenticationException(e.getMessage(), e);
} catch (URISyntaxException e) {
- return false;
+ throw new InvalidAuthenticationException(e.getMessage(), e);
}
- return true;
+ return new OAuthSecurityToken(entry.userId, entry.callbackUrl, entry.appId,
+ entry.domain, entry.container);
}
}