org.eclipse.lyo.server.oauth.webapp.services
Class OAuthService

java.lang.Object
  extended by org.eclipse.lyo.server.oauth.webapp.services.OAuthService

public class OAuthService
extends Object

Issues OAuth request tokens, handles authentication, and then exchanges request tokens for access tokens based on the OAuth configuration set in the OAuthConfiguration singleton.

Author:
Samuel Padgett
See Also:
The OAuth 1.0 Protocol

Field Summary
protected  javax.servlet.http.HttpServletRequest httpRequest
           
protected  javax.servlet.http.HttpServletResponse httpResponse
           
 
Constructor Summary
OAuthService()
           
 
Method Summary
 javax.ws.rs.core.Response authorize()
          Responds with a web page to log in.
 javax.ws.rs.core.Response authorize(String requestToken)
           
protected  boolean confirmCallback(OAuthRequest oAuthRequest)
           
 javax.ws.rs.core.Response doGetAccessToken()
           
 javax.ws.rs.core.Response doGetRequestToken()
           
 javax.ws.rs.core.Response doPostAccessToken()
          Responds with an access token and token secret for valid OAuth requests.
 javax.ws.rs.core.Response doPostRequestToken()
          Responds with a request token and token secret.
 javax.ws.rs.core.Response login(String id, String password)
          Validates that the ID and password are for an administrator.
 javax.ws.rs.core.Response login(String id, String password, String requestToken)
          Validates the ID and password on the authorization form.
 javax.ws.rs.core.Response provisionalKey()
          Generates a provisional consumer key.
protected  javax.ws.rs.core.Response respondWithOAuthProblem(net.oauth.OAuthException e)
           
protected  javax.ws.rs.core.Response respondWithToken(String token, String tokenSecret)
           
protected  javax.ws.rs.core.Response respondWithToken(String token, String tokenSecret, boolean callbackConfirmed)
           
 javax.ws.rs.core.Response showApproveKeyPage(String key)
          Shows the approval page for a single provisional consumer.
 javax.ws.rs.core.Response showConsumerKeyManagementPage()
          Shows the consumer management page, which allows administrator to approve or remove OAuth consumers.
protected  OAuthRequest validateRequest()
          Validates this is a known consumer and the request is valid using OAuthValidator.validateMessage(net.oauth.OAuthMessage, OAuthAccessor).
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

httpRequest

@Context
protected javax.servlet.http.HttpServletRequest httpRequest

httpResponse

@Context
protected javax.servlet.http.HttpServletResponse httpResponse
Constructor Detail

OAuthService

public OAuthService()
Method Detail

doGetRequestToken

public javax.ws.rs.core.Response doGetRequestToken()
                                            throws IOException,
                                                   javax.servlet.ServletException
Throws:
IOException
javax.servlet.ServletException

doPostRequestToken

public javax.ws.rs.core.Response doPostRequestToken()
                                             throws IOException,
                                                    javax.servlet.ServletException
Responds with a request token and token secret.

Returns:
the response
Throws:
IOException - on I/O errors
javax.servlet.ServletException - on servlet errors

confirmCallback

protected boolean confirmCallback(OAuthRequest oAuthRequest)
                           throws net.oauth.OAuthException
Throws:
net.oauth.OAuthException

authorize

public javax.ws.rs.core.Response authorize()
                                    throws javax.servlet.ServletException,
                                           IOException
Responds with a web page to log in.

Returns:
the response
Throws:
IOException - on I/O errors
javax.servlet.ServletException - on internal errors validating the request

login

public javax.ws.rs.core.Response login(String id,
                                       String password,
                                       String requestToken)
Validates the ID and password on the authorization form. This is intended to be invoked by an XHR on the login page.

Returns:
the response, 409 if login failed or 204 if successful

authorize

public javax.ws.rs.core.Response authorize(String requestToken)

doGetAccessToken

public javax.ws.rs.core.Response doGetAccessToken()
                                           throws IOException,
                                                  javax.servlet.ServletException
Throws:
IOException
javax.servlet.ServletException

doPostAccessToken

public javax.ws.rs.core.Response doPostAccessToken()
                                            throws IOException,
                                                   javax.servlet.ServletException
Responds with an access token and token secret for valid OAuth requests. The request must be signed and the request token valid.

Returns:
the response
Throws:
IOException - on I/O errors
javax.servlet.ServletException - on servlet errors

provisionalKey

public javax.ws.rs.core.Response provisionalKey()
                                         throws NullPointerException,
                                                IOException
Generates a provisional consumer key. This request must be later approved by an administrator.

Returns:
a JSON response with the provisional key
Throws:
IOException
NullPointerException
See Also:
Jazz Root Services Spec Addendum2

showApproveKeyPage

public javax.ws.rs.core.Response showApproveKeyPage(String key)
                                             throws javax.servlet.ServletException,
                                                    IOException
Shows the approval page for a single provisional consumer. Shows the consumer management page instead if no key is passed in.

Parameters:
key - the consumer
Returns:
the approve consumer page
Throws:
javax.servlet.ServletException - on errors showing the JSP
IOException - on errors showing the JSP
See Also:
showConsumerKeyManagementPage()

showConsumerKeyManagementPage

public javax.ws.rs.core.Response showConsumerKeyManagementPage()
                                                        throws javax.servlet.ServletException,
                                                               IOException
Shows the consumer management page, which allows administrator to approve or remove OAuth consumers.

Returns:
the consumer management page
Throws:
javax.servlet.ServletException - on JSP errors
IOException - on JSP errors

login

public javax.ws.rs.core.Response login(String id,
                                       String password)
Validates that the ID and password are for an administrator. This is used by the admin login page to protect the OAuth administration pages.

Returns:
the response, 409 if login failed or 204 if successful

validateRequest

protected OAuthRequest validateRequest()
                                throws net.oauth.OAuthException,
                                       IOException
Validates this is a known consumer and the request is valid using OAuthValidator.validateMessage(net.oauth.OAuthMessage, OAuthAccessor). Does not check for any tokens.

Returns:
an OAuthRequest
Throws:
net.oauth.OAuthException - if the request fails validation
IOException - on I/O errors

respondWithToken

protected javax.ws.rs.core.Response respondWithToken(String token,
                                                     String tokenSecret)
                                              throws IOException
Throws:
IOException

respondWithToken

protected javax.ws.rs.core.Response respondWithToken(String token,
                                                     String tokenSecret,
                                                     boolean callbackConfirmed)
                                              throws IOException
Throws:
IOException

respondWithOAuthProblem

protected javax.ws.rs.core.Response respondWithOAuthProblem(net.oauth.OAuthException e)
                                                     throws IOException,
                                                            javax.servlet.ServletException
Throws:
IOException
javax.servlet.ServletException


Copyright © 2014. All Rights Reserved.