Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

fix #10 - wrong key / secret via backoffice for consumers

  • Loading branch information...
commit 53d376bfb7b592e621c9287721aeb9d22fab9f04 1 parent 8805386
William Ghelfi authored April 11, 2012
219  ...es/archetype-resources/src/main/java/org/entando/entando/aps/system/services/oauth/OAuthConsumerDAO.java
... ...
@@ -0,0 +1,219 @@
  1
+/*
  2
+*
  3
+* Copyright 2012 Entando S.r.l. (http://www.entando.com) All rights reserved.
  4
+*
  5
+* This file is part of Entando software.
  6
+* Entando is a free software; 
  7
+* you can redistribute it and/or modify it
  8
+* under the terms of the GNU General Public License (GPL) as published by the Free Software Foundation; version 2.
  9
+* 
  10
+* See the file License for the specific language governing permissions   
  11
+* and limitations under the License
  12
+* 
  13
+* 
  14
+* 
  15
+* Copyright 2012 Entando S.r.l. (http://www.entando.com) All rights reserved.
  16
+*
  17
+*/
  18
+package org.entando.entando.aps.system.services.oauth;
  19
+
  20
+import com.agiletec.aps.system.common.FieldSearchFilter;
  21
+import java.sql.Connection;
  22
+import java.sql.PreparedStatement;
  23
+import java.sql.ResultSet;
  24
+import java.util.Date;
  25
+
  26
+import java.util.List;
  27
+import net.oauth.OAuthConsumer;
  28
+
  29
+import com.agiletec.aps.system.common.AbstractSearcherDAO;
  30
+import java.sql.SQLException;
  31
+import java.sql.Types;
  32
+import org.entando.entando.aps.system.services.oauth.model.ConsumerRecordVO;
  33
+
  34
+/**
  35
+ * Data Access Object for OAuth Consumers.
  36
+ * NOTE: This class already includes the patch of 11 April 2012
  37
+ * @author E.Santoboni
  38
+ */
  39
+public class OAuthConsumerDAO extends AbstractSearcherDAO implements IOAuthConsumerDAO {
  40
+    
  41
+    public List<String> getConsumerKeys(FieldSearchFilter[] filters) {
  42
+        return super.searchId(filters);
  43
+    }
  44
+    
  45
+    public ConsumerRecordVO getConsumerRecord(String consumerKey) {
  46
+        return (ConsumerRecordVO) this.getConsumer(consumerKey, true);
  47
+    }
  48
+    
  49
+    public OAuthConsumer getConsumer(String consumerKey) {
  50
+        return (OAuthConsumer) this.getConsumer(consumerKey, false);
  51
+    }
  52
+    
  53
+    private Object getConsumer(String consumerKey, boolean needRecord) {
  54
+        Connection conn = null;
  55
+        Object consumer = null;
  56
+        PreparedStatement stat = null;
  57
+        ResultSet res = null;
  58
+        try {
  59
+            conn = this.getConnection();
  60
+            String query = (!needRecord) ? SELECT_CONSUMER + SELECT_CONSUMER_EXPIRATION_DATE_FILTER : SELECT_CONSUMER;
  61
+            stat = conn.prepareStatement(query);
  62
+            stat.setString(1, consumerKey);
  63
+            if (!needRecord) {
  64
+                stat.setDate(2, new java.sql.Date(new Date().getTime()));
  65
+            }
  66
+            res = stat.executeQuery();
  67
+            if (res.next()) {
  68
+                //consumersecret, description, callbackurl, expirationdate
  69
+                String consumerSecret = res.getString(1);
  70
+                String description = res.getString(2);
  71
+                String callbackurl = res.getString(3);
  72
+                Date expirationdate = res.getDate(4);
  73
+                if (needRecord) {
  74
+                    ConsumerRecordVO consumerRecord = new ConsumerRecordVO();
  75
+                    consumerRecord.setCallbackUrl(callbackurl);
  76
+                    consumerRecord.setDescription(description);
  77
+                    consumerRecord.setExpirationDate(expirationdate);
  78
+                    consumerRecord.setKey(consumerKey);
  79
+                    consumerRecord.setSecret(consumerSecret);
  80
+                    consumer = consumerRecord;
  81
+                } else {
  82
+                    //if (null != expirationdate && new Date().after(expirationdate)) {
  83
+                        //trace exception
  84
+                    //}
  85
+                    OAuthConsumer oauthConsumer = new OAuthConsumer(callbackurl, consumerKey, consumerSecret, null);
  86
+                    oauthConsumer.setProperty("name", consumerKey);
  87
+                    oauthConsumer.setProperty("description", description);
  88
+                    consumer = oauthConsumer;
  89
+                }
  90
+            }
  91
+        } catch (Throwable t) {
  92
+            processDaoException(t, "Error while loading consumer by key " + consumerKey, "getConsumer");
  93
+        } finally {
  94
+            closeDaoResources(res, stat, conn);
  95
+        }
  96
+        return consumer;
  97
+    }
  98
+    
  99
+    public void addConsumer(ConsumerRecordVO consumer) {
  100
+        Connection conn = null;
  101
+        PreparedStatement stat = null;
  102
+        int index = 1;
  103
+        try {
  104
+            conn = this.getConnection();
  105
+            conn.setAutoCommit(false);
  106
+            stat = conn.prepareStatement(ADD_CONSUMER);
  107
+            stat.setString(index++, consumer.getKey());
  108
+            index = this.fillStatement(consumer, index, stat);
  109
+            stat.executeUpdate();
  110
+            conn.commit();
  111
+        } catch (Throwable t) {
  112
+            this.executeRollback(conn);
  113
+            processDaoException(t, "Error while adding a consumer", "addConsumer");
  114
+        } finally {
  115
+            closeDaoResources(null, stat, conn);
  116
+        }
  117
+    }
  118
+    
  119
+    public void updateConsumer(ConsumerRecordVO consumer) {
  120
+        Connection conn = null;
  121
+        PreparedStatement stat = null;
  122
+        int index = 1;
  123
+        try {
  124
+            conn = this.getConnection();
  125
+            conn.setAutoCommit(false);
  126
+            stat = conn.prepareStatement(UPDATE_CONSUMER);
  127
+            index = this.fillStatement(consumer, index, stat);
  128
+            stat.setString(index++, consumer.getKey());
  129
+            stat.executeUpdate();
  130
+            conn.commit();
  131
+        } catch (Throwable t) {
  132
+            this.executeRollback(conn);
  133
+            processDaoException(t, "Error while updating a consumer", "updateConsumer");
  134
+        } finally {
  135
+            closeDaoResources(null, stat, conn);
  136
+        }
  137
+    }
  138
+    
  139
+    private int fillStatement(ConsumerRecordVO consumer, int index, PreparedStatement stat) throws SQLException {
  140
+        stat.setString(index++, consumer.getSecret());
  141
+        stat.setString(index++, consumer.getDescription());
  142
+        stat.setString(index++, consumer.getCallbackUrl());
  143
+        if (null != consumer.getExpirationDate()) {
  144
+            stat.setDate(index++, new java.sql.Date(consumer.getExpirationDate().getTime()));
  145
+        } else {
  146
+            stat.setNull(index++, Types.DATE);
  147
+        }
  148
+        return index;
  149
+    }
  150
+    
  151
+    public void deleteConsumer(String consumerKey) {
  152
+        Connection conn = null;
  153
+        PreparedStatement stat = null;
  154
+        try {
  155
+            conn = this.getConnection();
  156
+            conn.setAutoCommit(false);
  157
+            this.delete(consumerKey, DELETE_CONSUMER_TOKENS, conn);
  158
+            this.delete(consumerKey, DELETE_CONSUMER, conn);
  159
+            conn.commit();
  160
+        } catch (Throwable t) {
  161
+            this.executeRollback(conn);
  162
+            processDaoException(t, "Error while deleting a consumer and its tokens", "deleteConsumer");
  163
+        } finally {
  164
+            closeDaoResources(null, stat, conn);
  165
+        }
  166
+    }
  167
+    
  168
+    public void delete(String key, String query, Connection conn) {
  169
+        PreparedStatement stat = null;
  170
+        try {
  171
+            stat = conn.prepareStatement(query);
  172
+            stat.setString(1, key);
  173
+            stat.executeUpdate();
  174
+        } catch (Throwable t) {
  175
+            this.executeRollback(conn);
  176
+            processDaoException(t, "Error while deleting records", "delete");
  177
+        } finally {
  178
+            closeDaoResources(null, stat);
  179
+        }
  180
+    }
  181
+    
  182
+    protected String getMasterTableIdFieldName() {
  183
+        return "consumerkey";
  184
+    }
  185
+    
  186
+    protected String getMasterTableName() {
  187
+        return "api_oauth_consumers";
  188
+    }
  189
+    
  190
+    protected String getTableFieldName(String metadataFieldKey) {
  191
+        return metadataFieldKey;
  192
+    }
  193
+    
  194
+    protected boolean isForceCaseInsensitiveLikeSearch() {
  195
+        return true;
  196
+    }
  197
+    
  198
+    private String SELECT_CONSUMER =
  199
+            "SELECT consumersecret, description, callbackurl, expirationdate "
  200
+            + "FROM api_oauth_consumers WHERE consumerkey = ? ";
  201
+    
  202
+    private String ADD_CONSUMER = 
  203
+            "INSERT INTO api_oauth_consumers (consumerkey, "
  204
+            + "consumersecret, description, callbackurl, expirationdate) VALUES (?, ?, ?, ?, ?) ";
  205
+    
  206
+    private String UPDATE_CONSUMER = 
  207
+            "UPDATE api_oauth_consumers SET consumersecret = ? , "
  208
+            + "description = ? , callbackurl = ? , expirationdate = ? WHERE consumerkey = ? ";
  209
+    
  210
+    private String DELETE_CONSUMER = 
  211
+            "DELETE FROM api_oauth_consumers WHERE consumerkey = ? ";
  212
+    
  213
+    private String DELETE_CONSUMER_TOKENS = 
  214
+            "DELETE FROM api_oauth_tokens WHERE consumerkey = ? ";
  215
+    
  216
+    private String SELECT_CONSUMER_EXPIRATION_DATE_FILTER =
  217
+            " AND (expirationdate IS NULL OR expirationdate >= ? )";
  218
+    
  219
+}

0 notes on commit 53d376b

Please sign in to comment.
Something went wrong with that request. Please try again.