Use custom redirect URL for Twitter

RohanNagar · Oct 1, 2017 · 3765bc5 · 3765bc5
1 parent 6545442
commit 3765bc5
Show file tree

Hide file tree

Showing 7 changed files with 30 additions and 16 deletions.
diff --git a/application/src/main/java/com/sanction/lightning/facebook/FacebookService.java b/application/src/main/java/com/sanction/lightning/facebook/FacebookService.java
@@ -188,6 +188,7 @@ public List<FacebookVideo> getFacebookUserVideos() {
    * Builds a URL that sends a user to a Facebook authentication page
    * to request the correct permissions.
    *
+   * @param redirectUrl The URL that Facebook should redirect to after the user authenticates.
    * @return The URL string for the permissions URL.
    */
   public String getOauthUrl(String redirectUrl) {

diff --git a/application/src/main/java/com/sanction/lightning/resources/FacebookResource.java b/application/src/main/java/com/sanction/lightning/resources/FacebookResource.java
@@ -410,6 +410,7 @@ public Response getExtendedToken(@Auth Key key,
    * presented with to approve permissions.
    *
    * @param key The authentication key for the requesting application.
+   * @param redirectUrl The URL that Facebook should redirect to after the user authenticates.
    * @return The URL to redirect the user to.
    */
   @GET

diff --git a/application/src/main/java/com/sanction/lightning/resources/TwitterResource.java b/application/src/main/java/com/sanction/lightning/resources/TwitterResource.java
@@ -198,18 +198,26 @@ public Response publish(@Auth Key key,
    * Generates a Twitter URL that can be used to authenticate a PilotUser.
    *
    * @param key The authentication credentials of the calling application.
+   * @param redirectUrl The URL that Twitter should redirect to after the user authenticates.
    * @return The application authentication URL, if successful.
    */
   @GET
   @Path("/oauthUrl")
-  public Response getOAuthUrl(@Auth Key key) {
+  public Response getOAuthUrl(@Auth Key key,
+                              @QueryParam("redirect") String redirectUrl) {
     oauthRequests.mark();
 
+    if (redirectUrl == null) {
+      LOG.warn("Cannot get OAuth URL without a redirect URL specified.");
+      return Response.status(Response.Status.BAD_REQUEST)
+          .entity("An redirect URL is required to get an OAuth URL.").build();
+    }
+
     LOG.info("Attempting to retrieve Twitter OAuth URL.");
 
     TwitterService service = twitterServiceFactory.newTwitterService();
 
-    String url = service.getAuthorizationUrl();
+    String url = service.getAuthorizationUrl(redirectUrl);
     if (url == null) {
       LOG.error("Unable to build OAuth URL for Twitter.");
       return Response.status(Response.Status.SERVICE_UNAVAILABLE)

diff --git a/application/src/main/java/com/sanction/lightning/twitter/TwitterService.java b/application/src/main/java/com/sanction/lightning/twitter/TwitterService.java
@@ -19,9 +19,6 @@
 public class TwitterService {
   private static final Logger LOG = LoggerFactory.getLogger(TwitterService.class);
 
-  // TODO: replace redirect URL
-  private static final String REDIRECT_URL = "http://example.com";
-
   private final Twitter twitterClient;
 
   /**
@@ -114,11 +111,12 @@ public Long publish(PublishType type, String message, String filename, InputStre
    * Retrieves a new OAuth URL from Twitter.
    * Should only be called if the TwitterService was constructed without an authenticating user.
    *
+   * @param redirectUrl The URL that Twitter should redirect to after the user authenticates.
    * @return The URL to redirect to for authentication or {@code null} if unable to fetch the URL.
    */
-  public String getAuthorizationUrl() {
+  public String getAuthorizationUrl(String redirectUrl) {
     try {
-      return twitterClient.getOAuthRequestToken(REDIRECT_URL).getAuthorizationURL();
+      return twitterClient.getOAuthRequestToken(redirectUrl).getAuthorizationURL();
     } catch (TwitterException e) {
       LOG.error("Unable to get authorization URL from Twitter. "
           + "Twitter error code: {}", e.getErrorCode(), e);

diff --git a/application/src/test/java/com/sanction/lightning/resources/FacebookResourceTest.java b/application/src/test/java/com/sanction/lightning/resources/FacebookResourceTest.java
@@ -529,8 +529,6 @@ public void testGetExtendedToken() {
   @Test
   @SuppressWarnings("unchecked")
   public void testGetOauthUrlWithNullRedirect() {
-    when(facebookService.getOauthUrl(anyString())).thenThrow(FacebookOAuthException.class);
-
     Response response = resource.getOauthUrl(key, null);
 
     assertEquals(response.getStatusInfo(), Response.Status.BAD_REQUEST);
@@ -541,7 +539,7 @@ public void testGetOauthUrlWithNullRedirect() {
   public void testGetOauthUrlWithOauthException() {
     when(facebookService.getOauthUrl(anyString())).thenThrow(FacebookOAuthException.class);
 
-    Response response = resource.getOauthUrl(key, "redirect");
+    Response response = resource.getOauthUrl(key, "example.com");
 
     assertEquals(response.getStatusInfo(), Response.Status.NOT_FOUND);
   }
@@ -550,7 +548,7 @@ public void testGetOauthUrlWithOauthException() {
   public void testGetOauthUrl() {
     when(facebookService.getOauthUrl(anyString())).thenReturn("Test");
 
-    Response response = resource.getOauthUrl(key, "redirect");
+    Response response = resource.getOauthUrl(key, "example.com");
     String string = (String) response.getEntity();
 
     assertEquals(response.getStatusInfo(), Response.Status.OK);

diff --git a/application/src/test/java/com/sanction/lightning/resources/TwitterResourceTest.java b/application/src/test/java/com/sanction/lightning/resources/TwitterResourceTest.java
@@ -192,20 +192,27 @@ public void testPublish() {
   }
 
   /* OAuth Token Tests */
+  @Test
+  public void testGetOAuthTokenWithNullRedirect() {
+    Response response = resource.getOAuthUrl(key, null);
+
+    assertEquals(response.getStatusInfo(), Response.Status.BAD_REQUEST);
+  }
+
   @Test
   public void testGetOAuthTokenFailure() {
-    when(service.getAuthorizationUrl()).thenReturn(null);
+    when(service.getAuthorizationUrl(anyString())).thenReturn(null);
 
-    Response response = resource.getOAuthUrl(key);
+    Response response = resource.getOAuthUrl(key, "example.com");
 
     assertEquals(response.getStatusInfo(), Response.Status.SERVICE_UNAVAILABLE);
   }
 
   @Test
   public void testGetOAuthTokenSuccess() {
-    when(service.getAuthorizationUrl()).thenReturn("URL");
+    when(service.getAuthorizationUrl(anyString())).thenReturn("URL");
 
-    Response response = resource.getOAuthUrl(key);
+    Response response = resource.getOAuthUrl(key, "example.com");
     String url = (String) response.getEntity();
 
     assertEquals(response.getStatusInfo(), Response.Status.OK);

diff --git a/scripts/tester.py b/scripts/tester.py
@@ -129,7 +129,8 @@ def run_all(tests, base_url, verbose=False):
                  expected=requests.codes.created),
 
         # Twitter
-        TestCase('GET', '/twitter/oauthUrl', authentication),
+        TestCase('GET', '/twitter/oauthUrl', authentication,
+                 params={'redirect': 'sample://url'}),
         TestCase('GET', '/twitter/users', authentication,
                  params={'email': args.email},
                  headers={'password': password}),