cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Updating OAuth1 client utils to simplify dealing with RSA SHA1 signatures
Date Fri, 19 Dec 2014 13:46:59 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.0.x-fixes a78d9adb1 -> 4954e7e4c


Updating OAuth1 client utils to simplify dealing with RSA SHA1 signatures


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/4954e7e4
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/4954e7e4
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/4954e7e4

Branch: refs/heads/3.0.x-fixes
Commit: 4954e7e4c1280b41d6e1d95555c0a63b957035fb
Parents: a78d9ad
Author: Sergey Beryozkin <sberyozkin@talend.com>
Authored: Fri Dec 19 13:42:25 2014 +0000
Committer: Sergey Beryozkin <sberyozkin@talend.com>
Committed: Fri Dec 19 13:46:31 2014 +0000

----------------------------------------------------------------------
 .../security/oauth/client/OAuthClientUtils.java | 70 ++++++++++++++++----
 1 file changed, 57 insertions(+), 13 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/4954e7e4/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
b/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
index 8155cb3..cdf3806 100644
--- a/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
+++ b/rt/rs/security/oauth-parent/oauth/src/main/java/org/apache/cxf/rs/security/oauth/client/OAuthClientUtils.java
@@ -19,6 +19,7 @@
 package org.apache.cxf.rs.security.oauth.client;
 
 import java.net.URI;
+import java.security.PrivateKey;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.UUID;
@@ -32,6 +33,7 @@ import net.oauth.OAuth;
 import net.oauth.OAuthAccessor;
 import net.oauth.OAuthConsumer;
 import net.oauth.OAuthMessage;
+import net.oauth.signature.RSA_SHA1;
 
 import org.apache.cxf.jaxrs.client.WebClient;
 import org.apache.cxf.rs.security.oauth.provider.OAuthServiceException;
@@ -71,21 +73,47 @@ public final class OAuthClientUtils {
                              Consumer consumer,
                              URI callback,
                              Map<String, String> extraParams) throws OAuthServiceException
{
+        return getRequestToken(requestTokenService, consumer, callback, extraParams, null);
+    }
+    
+    public static Map<String, Object> prepareOAuthRsaProperties(PrivateKey pk) {
+        Map<String, Object> props = new HashMap<String, Object>();
+        props.put(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1);
+        props.put(RSA_SHA1.PRIVATE_KEY, pk);
+        return props;
+    }
+    
+    public static Token getRequestToken(WebClient requestTokenService,
+                                        Consumer consumer,
+                                        URI callback,
+                                        Map<String, String> extraParams,
+                                        Map<String, Object> oauthConsumerProps) throws
OAuthServiceException {
         Map<String, String> parameters = new HashMap<String, String>();
         if (extraParams != null) {
             parameters.putAll(extraParams);
         }
         parameters.put(OAuth.OAUTH_CALLBACK, callback.toString());
-        parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, "HMAC-SHA1");
+       
+        if (oauthConsumerProps == null || !oauthConsumerProps.containsKey(OAuth.OAUTH_SIGNATURE_METHOD))
{
+            parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1);
+        }
         parameters.put(OAuth.OAUTH_NONCE, UUID.randomUUID().toString());
         parameters.put(OAuth.OAUTH_TIMESTAMP, String.valueOf(System.currentTimeMillis() /
1000));
         parameters.put(OAuth.OAUTH_CONSUMER_KEY, consumer.getKey());
-        
-        OAuthConsumer oAuthConsumer = new OAuthConsumer(null, consumer.getKey(), consumer.getSecret(),

-                null);
-        OAuthAccessor accessor = new OAuthAccessor(oAuthConsumer);
+       
+        OAuthAccessor accessor = createAccessor(consumer, oauthConsumerProps);
         return getToken(requestTokenService, accessor, parameters);
     }
+    private static OAuthAccessor createAccessor(Consumer consumer, Map<String, Object>
props) {
+        OAuthConsumer oAuthConsumer = new OAuthConsumer(null, consumer.getKey(), consumer.getSecret(),

+                                                        null);
+        if (props != null) {
+            for (Map.Entry<String, Object> entry : props.entrySet()) {
+                oAuthConsumer.setProperty(entry.getKey(), entry.getValue());
+            }
+        }
+        return new OAuthAccessor(oAuthConsumer);
+    }
     
     /**
      * Returns a simple representation of the Access token
@@ -98,15 +126,23 @@ public final class OAuthClientUtils {
                                        Consumer consumer,
                                        Token requestToken,
                                        String verifier) throws OAuthServiceException {
+        return getAccessToken(accessTokenService, consumer, requestToken, verifier, null);
+    }
+    
+    public static Token getAccessToken(WebClient accessTokenService,
+                                       Consumer consumer,
+                                       Token requestToken,
+                                       String verifier,
+                                       Map<String, Object> oauthConsumerProps) throws
OAuthServiceException {
         Map<String, String> parameters = new HashMap<String, String>();
         parameters.put(OAuth.OAUTH_CONSUMER_KEY, consumer.getKey());
         parameters.put(OAuth.OAUTH_TOKEN, requestToken.getToken());
         parameters.put(OAuth.OAUTH_VERIFIER, verifier);
-        parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, "HMAC-SHA1");
+        if (oauthConsumerProps == null || !oauthConsumerProps.containsKey(OAuth.OAUTH_SIGNATURE_METHOD))
{
+            parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1);
+        }
         
-        OAuthConsumer oAuthConsumer = new OAuthConsumer(null, consumer.getKey(), 
-                consumer.getSecret(), null);
-        OAuthAccessor accessor = new OAuthAccessor(oAuthConsumer);
+        OAuthAccessor accessor = createAccessor(consumer, oauthConsumerProps);
         accessor.requestToken = requestToken.getToken();
         accessor.tokenSecret = requestToken.getSecret();
         return getToken(accessTokenService, accessor, parameters);
@@ -124,18 +160,26 @@ public final class OAuthClientUtils {
                                             Token accessToken, 
                                             String method, 
                                             String requestURI) {
+        return createAuthorizationHeader(consumer, accessToken, method, requestURI, null);
+    }
+    
+    public static String createAuthorizationHeader(Consumer consumer,
+                                                   Token accessToken, 
+                                                   String method, 
+                                                   String requestURI,
+                                                   Map<String, Object> oauthConsumerProps)
{
         Map<String, String> parameters = new HashMap<String, String>();
         parameters.put(OAuth.OAUTH_CONSUMER_KEY, consumer.getKey());
         if (accessToken != null) {
             parameters.put(OAuth.OAUTH_TOKEN, accessToken.getToken());
         }
-        parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, "HMAC-SHA1");
+        if (oauthConsumerProps == null || !oauthConsumerProps.containsKey(OAuth.OAUTH_SIGNATURE_METHOD))
{
+            parameters.put(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1);
+        }
         parameters.put(OAuth.OAUTH_NONCE, UUID.randomUUID().toString());
         parameters.put(OAuth.OAUTH_TIMESTAMP, String.valueOf(System.currentTimeMillis() /
1000));
         
-        OAuthConsumer oAuthConsumer = 
-            new OAuthConsumer(null, consumer.getKey(), consumer.getSecret(), null);
-        OAuthAccessor accessor = new OAuthAccessor(oAuthConsumer);
+        OAuthAccessor accessor = createAccessor(consumer, oauthConsumerProps);
         if (accessToken != null) {
             accessor.accessToken = accessToken.getToken();
             accessor.tokenSecret = accessToken.getSecret();


Mime
View raw message