-
Notifications
You must be signed in to change notification settings - Fork 20
/
SpringOauthService.java
112 lines (97 loc) · 4.12 KB
/
SpringOauthService.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
package com.barryku.test;
import java.util.Map;
import org.scribe.builder.api.Api;
import org.scribe.builder.api.DefaultApi10a;
import org.scribe.model.OAuthConfig;
import org.scribe.model.OAuthConstants;
import org.scribe.model.OAuthRequest;
import org.scribe.model.Token;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuthService;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpMethod;
import org.springframework.http.ResponseEntity;
import org.springframework.web.client.RestTemplate;
public class SpringOauthService implements OAuthService {
private OAuthConfig config;
private DefaultApi10a api;
private OAuthService oauth;
public SpringOauthService(OAuthService oauth) {
this.oauth = oauth;
api = (DefaultApi10a) oauth.getApi();
config = oauth.getConfig();
}
public Token getAccessToken(Token requestToken, Verifier verifier) {
OAuthRequest request = new OAuthRequest(api.getAccessTokenVerb(), api.getAccessTokenEndpoint());
request.addOAuthParameter(OAuthConstants.TOKEN, requestToken.getToken());
request.addOAuthParameter(OAuthConstants.VERIFIER, verifier.getValue());
addOAuthParams(request, requestToken);
addSignature(request);
RestTemplate rest = RestUtil.getRestTemplate();
ResponseEntity<String> response = rest.exchange(request.getUrl(), HttpMethod.POST, toHttpEntity(request), String.class);
return api.getAccessTokenExtractor().extract(response.getBody());
}
public String getAuthorizationUrl(Token requestToken) {
return oauth.getAuthorizationUrl(requestToken);
}
public Token getRequestToken() {
OAuthRequest request = new OAuthRequest(api.getRequestTokenVerb(), api.getRequestTokenEndpoint());
request.addOAuthParameter(OAuthConstants.CALLBACK, config.getCallback());
addOAuthParams(request, OAuthConstants.EMPTY_TOKEN);
addSignature(request);
RestTemplate rest = RestUtil.getRestTemplate();
ResponseEntity<String> response = rest.exchange(request.getUrl(), HttpMethod.POST, toHttpEntity(request),String.class);
return api.getRequestTokenExtractor().extract(response.getBody());
}
public HttpEntity<String> toHttpEntity(OAuthRequest request) {
HttpHeaders headers = new HttpHeaders();
for (Map.Entry<String, String> entry: request.getHeaders().entrySet()) {
headers.add(entry.getKey(), entry.getValue());
}
return new HttpEntity<String>(headers);
}
public String getVersion() {
return oauth.getVersion();
}
public void signRequest(Token accessToken, OAuthRequest request) {
oauth.signRequest(accessToken, request);
}
public Api getApi() {
return api;
}
public OAuthConfig getConfig() {
return config;
}
private void addOAuthParams(OAuthRequest request, Token token)
{
request.addOAuthParameter(OAuthConstants.TIMESTAMP, api.getTimestampService().getTimestampInSeconds());
request.addOAuthParameter(OAuthConstants.NONCE, api.getTimestampService().getNonce());
request.addOAuthParameter(OAuthConstants.CONSUMER_KEY, config.getApiKey());
request.addOAuthParameter(OAuthConstants.SIGN_METHOD, api.getSignatureService().getSignatureMethod());
request.addOAuthParameter(OAuthConstants.VERSION, getVersion());
if(config.hasScope()) request.addOAuthParameter(OAuthConstants.SCOPE, config.getScope());
request.addOAuthParameter(OAuthConstants.SIGNATURE, getSignature(request, token));
}
private void addSignature(OAuthRequest request)
{
switch (config.getSignatureType())
{
case Header:
String oauthHeader = api.getHeaderExtractor().extract(request);
request.addHeader(OAuthConstants.HEADER, oauthHeader);
break;
case QueryString:
for (Map.Entry<String, String> entry : request.getOauthParameters().entrySet())
{
request.addQuerystringParameter(entry.getKey(), entry.getValue());
}
break;
}
}
private String getSignature(OAuthRequest request, Token token)
{
String baseString = api.getBaseStringExtractor().extract(request);
return api.getSignatureService().getSignature(baseString, config.getApiSecret(), token.getSecret());
}
}