net.oauth.OAuthProblemException Java Examples

public static OAuthAccessor convertToOAuthAccessor(Accessor accessor, OAuthConsumer oAuthConsumer)
        throws OAuthProblemException {
    if (accessor == null)
        return null;
    if (!oAuthConsumer.consumerKey.equals(accessor.getConsumerId()))
        throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
    OAuthAccessor oAuthAccessor = new OAuthAccessor(oAuthConsumer);
    if (accessor.getType() == Accessor.Type.ACCESS)
        oAuthAccessor.accessToken = accessor.getToken();
    else
        oAuthAccessor.requestToken = accessor.getToken();
    oAuthAccessor.tokenSecret = accessor.getSecret();
    // Support Variable Accessor Secret http://wiki.oauth.net/w/page/12238502/AccessorSecret
    if (accessor.getAccessorSecret() != null)
        oAuthConsumer.setProperty(OAuthConsumer.ACCESSOR_SECRET, accessor.getAccessorSecret());
    return oAuthAccessor;
}
 

public void testDoAuthorizeTokenPostRejectsToken() throws Exception {
  when(req.getPathInfo()).thenReturn(AUTHORIZE_TOKEN_PATH);
  when(req.getMethod()).thenReturn("POST");
  when(req.getParameter("cancel")).thenReturn("yes");
  Map<String, String[]> params = getDoAuthorizeTokenParams();
  when(req.getParameterMap()).thenReturn(params);
  String token = servlet.getOrGenerateXsrfToken(ALEX);
  when(req.getParameter("token")).thenReturn(token);

  when(sessionManager.getLoggedInUser(any(HttpSession.class))).thenReturn(ALEX);

  servlet.doPost(req, resp);

  verify(resp).setStatus(HttpServletResponse.SC_OK);
  try {
    tokenContainer.getRequestTokenAccessor(params.get(OAuth.OAUTH_TOKEN)[0]);
    fail("This token should not be present anymore");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

/**
 * Entry point for the Data API Calls.
 */
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  OAuthMessage message = new HttpRequestMessage(req, req.getRequestURL().toString());

  OAuthAccessor accessor;
  try {
    message.requireParameters(OAuth.OAUTH_TOKEN);
    accessor = tokenContainer.getAccessTokenAccessor(message.getParameter(OAuth.OAUTH_TOKEN));
  } catch (OAuthProblemException e) {
    LOG.info("No valid OAuth token present", e);
    // Have to set status here manually, cannot use e.getHttpStatusCode
    // because message.requireParameters doesn't set it in the exception.
    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
    return;
  }
  ParticipantId participant =
      (ParticipantId) accessor.getProperty(DataApiTokenContainer.USER_PROPERTY_NAME);
  
  processOpsRequest(req, resp, message, accessor, participant);
}
 

/**
 * Authorize the {@link OAuthAccessor} by generating a new access token and
 * token secret.
 *
 * @param requestToken the requestToken used for identifying the accessor that
 *        needs to be authorized.
 * @return a new {@link OAuthAccessor} with the access token and token secret
 *         set.
 * @throws OAuthProblemException if the request token in the accessor is not
 *         known.
 */
public OAuthAccessor generateAccessToken(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) == null) {
    // User has not given the consumer permission yet.
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.PERMISSION_UNKNOWN);
  }

  // Token secret does not need to unique so can be generated now.
  accessor.tokenSecret = generateToken();

  do {
    accessor.accessToken = generateToken();
  } while (accessTokenAccessors.putIfAbsent(accessor.accessToken, accessor) != null);
  requestTokenAccessors.remove(accessor.requestToken);

  LOG.info("Generated access token for " + accessor.getProperty(USER_PROPERTY_NAME));
  return accessor.clone();
}
 

/**
 * Authorizes a request token to be exchanged for an access token.
 *
 * @param requestToken the request token used for identification.
 * @param user the user that has authorized the token.
 * @throws OAuthProblemException if the request token does not map to an
 *         accessor or if the token was already used.
 */
public OAuthAccessor authorizeRequestToken(String requestToken, ParticipantId user)
    throws OAuthProblemException {
  Preconditions.checkNotNull(user, "User must not be null");

  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) != null) {
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_USED);
  }

  accessor.setProperty(USER_PROPERTY_NAME, user);
  requestTokenAccessors.put(requestToken, accessor);

  LOG.info("Authorized request token for " + user);
  return accessor.clone();
}
 

protected void validateCallbackURL(Client client,
                                   String oauthCallback) throws OAuthProblemException {
    // the callback must not be empty or null, and it should either match
    // the registered callback URI or have the common root with the
    // the registered application URI (but only if no callback was registered)
    if (!StringUtils.isEmpty(oauthCallback)) {
        boolean registeredCallbackIsEmpty = StringUtils.isEmpty(client.getCallbackURI());
        if (!registeredCallbackIsEmpty
            && oauthCallback.equals(client.getCallbackURI())) {
            return;
        }
        if (registeredCallbackIsEmpty
            && !StringUtils.isEmpty(client.getApplicationURI())
            && oauthCallback.startsWith(client.getApplicationURI())) {
            return;
        }

    }
    OAuthProblemException problemEx = new OAuthProblemException(
        OAuth.Problems.PARAMETER_REJECTED + " - " + OAuth.OAUTH_CALLBACK);
    problemEx
        .setParameter(OAuthProblemException.HTTP_STATUS_CODE,
            HttpServletResponse.SC_BAD_REQUEST);
    throw problemEx;
}
 

public static Response handleException(MessageContext mc,
                                       Exception e,
                                       int status) {
    ResponseBuilder builder = Response.status(status);
    if (PropertyUtils.isTrue(mc.getContextualProperty(REPORT_FAILURE_DETAILS))) {
        boolean asHeader = PropertyUtils.isTrue(
            mc.getContextualProperty(REPORT_FAILURE_DETAILS_AS_HEADER));
        String text = null;
        if (e instanceof OAuthProblemException) {
            OAuthProblemException problem = (OAuthProblemException)e;
            if (asHeader && problem.getProblem() != null) {
                text = problem.getProblem();
            }
        }
        if (text == null) {
            text = e.getMessage();
        }
        if (asHeader) {
            builder.header("oauth_problem", text);
        } else {
            builder.entity(e.getMessage());
        }
    }
    return builder.build();
}
 

@RequestMapping("/callback")
protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams,
                                     HttpServletRequest request) throws Exception {

    OAuthMessage message = OAuthServlet.getMessage(request, request.getRequestURL().toString());

    try {
        message.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_VERIFIER);
        oAuthParams.setOauthToken(message.getToken());
        oAuthParams.setOauthVerifier(message.getParameter(OAuth.OAUTH_VERIFIER));

        oAuthParams.setClientID(Common.findCookieValue(request, "clientID"));
        oAuthParams.setClientSecret(Common.findCookieValue(request, "clientSecret"));
    } catch (OAuthProblemException e) {
        oAuthParams.setErrorMessage("OAuth problem: " + e.getProblem() + e.getParameters().toString());
    }


    return new ModelAndView("tokenRequest");
}
 

public void testDoAuthorizeTokenPostRejectsToken() throws Exception {
  when(req.getPathInfo()).thenReturn(AUTHORIZE_TOKEN_PATH);
  when(req.getMethod()).thenReturn("POST");
  when(req.getParameter("cancel")).thenReturn("yes");
  Map<String, String[]> params = getDoAuthorizeTokenParams();
  when(req.getParameterMap()).thenReturn(params);
  String token = servlet.getOrGenerateXsrfToken(ALEX);
  when(req.getParameter("token")).thenReturn(token);

  when(sessionManager.getLoggedInUser(any(HttpSession.class))).thenReturn(ALEX);

  servlet.doPost(req, resp);

  verify(resp).setStatus(HttpServletResponse.SC_OK);
  try {
    tokenContainer.getRequestTokenAccessor(params.get(OAuth.OAUTH_TOKEN)[0]);
    fail("This token should not be present anymore");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

/**
 * Entry point for the Data API Calls.
 */
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  OAuthMessage message = new HttpRequestMessage(req, req.getRequestURL().toString());

  OAuthAccessor accessor;
  try {
    message.requireParameters(OAuth.OAUTH_TOKEN);
    accessor = tokenContainer.getAccessTokenAccessor(message.getParameter(OAuth.OAUTH_TOKEN));
  } catch (OAuthProblemException e) {
    LOG.info("No valid OAuth token present", e);
    // Have to set status here manually, cannot use e.getHttpStatusCode
    // because message.requireParameters doesn't set it in the exception.
    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
    return;
  }
  ParticipantId participant =
      (ParticipantId) accessor.getProperty(DataApiTokenContainer.USER_PROPERTY_NAME);
  
  processOpsRequest(req, resp, message, accessor, participant);
}
 

/**
 * Authorize the {@link OAuthAccessor} by generating a new access token and
 * token secret.
 *
 * @param requestToken the requestToken used for identifying the accessor that
 *        needs to be authorized.
 * @return a new {@link OAuthAccessor} with the access token and token secret
 *         set.
 * @throws OAuthProblemException if the request token in the accessor is not
 *         known.
 */
public OAuthAccessor generateAccessToken(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) == null) {
    // User has not given the consumer permission yet.
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.PERMISSION_UNKNOWN);
  }

  // Token secret does not need to unique so can be generated now.
  accessor.tokenSecret = generateToken();

  do {
    accessor.accessToken = generateToken();
  } while (accessTokenAccessors.putIfAbsent(accessor.accessToken, accessor) != null);
  requestTokenAccessors.remove(accessor.requestToken);

  LOG.info("Generated access token for " + accessor.getProperty(USER_PROPERTY_NAME));
  return accessor.clone();
}
 

/**
 * Authorizes a request token to be exchanged for an access token.
 *
 * @param requestToken the request token used for identification.
 * @param user the user that has authorized the token.
 * @throws OAuthProblemException if the request token does not map to an
 *         accessor or if the token was already used.
 */
public OAuthAccessor authorizeRequestToken(String requestToken, ParticipantId user)
    throws OAuthProblemException {
  Preconditions.checkNotNull(user, "User must not be null");

  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) != null) {
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_USED);
  }

  accessor.setProperty(USER_PROPERTY_NAME, user);
  requestTokenAccessors.put(requestToken, accessor);

  LOG.info("Authorized request token for " + user);
  return accessor.clone();
}
 

/**
 * Check whether the message has a valid signature.
 * @throws URISyntaxException 
 *
 * @throws OAuthProblemException
 *             the signature is invalid
 */
public void validate(OAuthMessage message)
throws IOException, OAuthException, URISyntaxException {
    message.requireParameters("oauth_signature");
    String signature = message.getSignature();
    String baseString = getBaseString(message);
    if (!isValid(signature, baseString)) {

 // *LAMS* added by LAMS
 log.debug("Error. Signature invalid. oauth_signature=" + signature + ", oauth_signature_base_string="
  + baseString + ", oauth_signature_method=" + message.getSignatureMethod());
     		
        OAuthProblemException problem = new OAuthProblemException(
                "signature_invalid");
        problem.setParameter("oauth_signature", signature);
        problem.setParameter("oauth_signature_base_string", baseString);
        problem.setParameter("oauth_signature_method", message
                .getSignatureMethod());
        throw problem;
    }
}
 

public static OAuthAccessor convertToOAuthAccessor(Accessor accessor, OAuthConsumer oAuthConsumer)
        throws OAuthProblemException {
    if (accessor == null)
        return null;
    if (!oAuthConsumer.consumerKey.equals(accessor.getConsumerId()))
        throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
    OAuthAccessor oAuthAccessor = new OAuthAccessor(oAuthConsumer);
    if (accessor.getType() == Accessor.Type.ACCESS)
        oAuthAccessor.accessToken = accessor.getToken();
    else
        oAuthAccessor.requestToken = accessor.getToken();
    oAuthAccessor.tokenSecret = accessor.getSecret();
    // Support Variable Accessor Secret http://wiki.oauth.net/w/page/12238502/AccessorSecret
    if (accessor.getAccessorSecret() != null)
        oAuthConsumer.setProperty(OAuthConsumer.ACCESSOR_SECRET, accessor.getAccessorSecret());
    return oAuthAccessor;
}
 

public void testGetUnknownAcessTokenAccessorThrowsException() throws Exception {
  try {
    container.getAccessTokenAccessor("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

public void testGetUnknownRequestTokenAccessorThrowsException() throws Exception {
  try {
    container.getRequestTokenAccessor("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

public void validateToken(Token token, OAuthDataProvider provider)
    throws OAuthProblemException {
    if (token == null) {
        throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
    }
    long issuedAt = token.getIssuedAt();
    long lifetime = token.getLifetime();
    if (lifetime != -1
        && (issuedAt + lifetime < (System.currentTimeMillis() / 1000L))) {
        provider.removeToken(token);
        throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
    }
}
 

/**
 * Gets the {@link OAuthAccessor} that is identified by the given request
 * token. Any changes made to the accessor's fields, except the consumer, will
 * not be reflected in this container.
 *
 * @param requestToken the request token used for identification.
 * @throws OAuthProblemException if the token does not map to an accessor.
 */
public OAuthAccessor getRequestTokenAccessor(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = requestTokenAccessors.get(requestToken);
  if (accessor == null) {
    OAuthProblemException exception =
        OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
    exception.setParameter(OAuth.OAUTH_TOKEN, requestToken);
    throw exception;
  }
  return accessor.clone();
}
 

/**
 * Gets the authorized {@link OAuthAccessor} that is identified by the given
 * access token. Any changes made to the accessor's fields, except the
 * consumer, will not be reflected in this container.
 *
 * @param accessToken the access token used for identification.
 * @throws OAuthProblemException if the token does not map to an accessor.
 */
public OAuthAccessor getAccessTokenAccessor(String accessToken) throws OAuthProblemException {
  OAuthAccessor accessor = accessTokenAccessors.get(accessToken);
  if (accessor == null) {
    OAuthProblemException exception =
        OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
    exception.setParameter(OAuth.OAUTH_TOKEN, accessToken);
    throw exception;
  }
  return accessor.clone();
}
 

/**
    * Check whether the message has a valid signature.
    * @throws URISyntaxException 
    *
    * @throws OAuthProblemException
    *             the signature is invalid
    */
   public void validate(OAuthMessage message)
   throws IOException, OAuthException, URISyntaxException {
       message.requireParameters("oauth_signature");
       String signature = message.getSignature();
       String baseString = getBaseString(message);
       String otherBaseString = null;

// Allow for some confusion coming through load balancers
if ( baseString.startsWith(POST_HTTP) ) { 
	otherBaseString = baseString.replaceFirst("^"+POST_HTTP,POST_SECURE);
} else if ( baseString.startsWith(POST_SECURE) ) { 
	otherBaseString = baseString.replaceFirst("^"+POST_SECURE, POST_HTTP);
} else if ( baseString.startsWith(GET_HTTP) ) { 
	otherBaseString = baseString.replaceFirst("^"+GET_HTTP,GET_SECURE);
} else if ( baseString.startsWith(GET_SECURE) ) { 
	otherBaseString = baseString.replaceFirst("^"+GET_SECURE, GET_HTTP);
}

boolean valid = isValid(signature, baseString);
if ( ! valid && otherBaseString != null ) valid = isValid(signature, otherBaseString);

       if (!valid) {
           OAuthProblemException problem = new OAuthProblemException(
                   "signature_invalid");
           problem.setParameter("oauth_signature", signature);
           problem.setParameter("oauth_signature_base_string", baseString);
           problem.setParameter("oauth_signature_method", message
                   .getSignatureMethod());
           throw problem;
       }
   }
 

/**
 * Rejects authorization of a request token.
 *
 * @param requestToken the request token used for identification.
 * @throws OAuthProblemException if the request token does not map to an
 *         accessor or if the token was already used.
 */
public void rejectRequestToken(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) != null) {
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_USED);
  }

  // Can't use remove(String, OAuthAccessor) since equals is not defined.
  requestTokenAccessors.remove(requestToken);
  LOG.info("Rejected request token " + requestToken);
}
 

@Override
public void requireParameters(String... names) throws OAuthProblemException, IOException {
    try {
        super.requireParameters(names);
    } catch (OAuthProblemException problem) {
        problem.getParameters().putAll(getDump());
        throw problem;
    }
}
 

public static void handleException(HttpServletResponse response,
        Exception e, String realm, boolean sendBody) throws IOException,
        ServletException {
    if (e instanceof OAuthProblemException) {
        OAuthProblemException problem = (OAuthProblemException) e;
        Object httpCode = problem.getParameters().get(OAuthProblemException.HTTP_STATUS_CODE);
        if (httpCode == null) {
            httpCode = PROBLEM_TO_HTTP_CODE.get(problem.getProblem());
        }
        if (httpCode == null) {
            httpCode = SC_FORBIDDEN;
        }
        response.reset();
        response.setStatus(Integer.parseInt(httpCode.toString()));
        OAuthMessage message = new OAuthMessage(null, null, problem
                .getParameters().entrySet());
        response.addHeader("WWW-Authenticate", message
                .getAuthorizationHeader(realm));
        if (sendBody) {
            sendForm(response, message.getParameters());
        }
    } else if (e instanceof IOException) {
        throw (IOException) e;
    } else if (e instanceof ServletException) {
        throw (ServletException) e;
    } else if (e instanceof RuntimeException) {
        throw (RuntimeException) e;
    } else {
        throw new ServletException(e);
    }
}
 

public void testGetUnknownRequestTokenAccessorThrowsException() throws Exception {
  try {
    container.getRequestTokenAccessor("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

protected OAuthAuthorizationData addAdditionalParams(OAuthAuthorizationData secData,
                                                     OAuthDataProvider dataProvider,
                                                     RequestToken token) throws OAuthProblemException {
    secData.setOauthToken(token.getTokenKey());
    secData.setApplicationName(token.getClient().getApplicationName());
    secData.setApplicationURI(token.getClient().getApplicationURI());
    secData.setCallbackURI(getCallbackValue(token));
    secData.setApplicationDescription(token.getClient().getApplicationDescription());
    secData.setLogoUri(token.getClient().getLogoUri());
    secData.setPermissions(token.getScopes());

    return secData;
}
 

public void testAuthorizeAlreadyAuthorizedRequestTokenThrowsException() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  container.authorizeRequestToken(unauthorizedRequestToken.requestToken, ALEX);
  try {
    container.authorizeRequestToken(unauthorizedRequestToken.requestToken, ALEX);
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

public void testRejectRequestToken() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  container.rejectRequestToken(unauthorizedRequestToken.requestToken);
  try {
    container.getRequestTokenAccessor(unauthorizedRequestToken.requestToken);
    fail("Retrieving the request token should fail because it was rejected");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

public void testRejectRequestTokenAfterAuthorizationThrowsException() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  container.authorizeRequestToken(unauthorizedRequestToken.requestToken, ALEX);
  try {
    container.rejectRequestToken(unauthorizedRequestToken.requestToken);
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

public void testRejectUnknownRequestTokenThrowsException() throws Exception {
  try {
    container.rejectRequestToken("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 

public void testGenerateAccessTokenForUnauthorizedTokenThrowsException() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  try {
    container.generateAccessToken(unauthorizedRequestToken.requestToken);
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}