incubator-amber-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From tomm...@apache.org
Subject svn commit: r1050674 [1/2] - in /incubator/amber/trunk/oauth-2.0/oauth2-resourceserver: ./ src/ src/main/ src/main/java/ src/main/java/org/ src/main/java/org/apache/ src/main/java/org/apache/amber/ src/main/java/org/apache/amber/oauth2/ src/main/java/o...
Date Sat, 18 Dec 2010 17:06:22 GMT
Author: tommaso
Date: Sat Dec 18 17:06:20 2010
New Revision: 1050674

URL: http://svn.apache.org/viewvc?rev=1050674&view=rev
Log:
[AMBER-12] - import of Leelo OAuth 2.0 implementation - resourceserver module

Added:
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/pom.xml   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractor.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractor.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractor.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/TokenExtractor.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/OAuthAccessResourceRequest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/OAuthRSResponse.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidator.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidator.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidator.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/OAuthAccessResourceRequestTest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractorTest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractorTest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractorTest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidatorTest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidatorTest.java   (with props)
    incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidatorTest.java   (with props)

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Sat Dec 18 17:06:20 2010
@@ -0,0 +1 @@
+target

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/pom.xml
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/pom.xml?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/pom.xml (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/pom.xml Sat Dec 18 17:06:20 2010
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+          Copyright 2010 Newcastle University
+
+             http://research.ncl.ac.uk/smart/
+
+    Licensed to the Apache Software Foundation (ASF) under one or more
+    contributor license agreements.  See the NOTICE file distributed with
+    this work for additional information regarding copyright ownership.
+    The ASF licenses this file to You under the Apache License, Version 2.0
+    (the "License"); you may not use this file except in compliance with
+    the License.  You may obtain a copy of the License at
+
+         http://www.apache.org/licenses/LICENSE-2.0
+
+    Unless required by applicable law or agreed to in writing, software
+    distributed under the License is distributed on an "AS IS" BASIS,
+    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+    See the License for the specific language governing permissions and
+    limitations under the License.
+
+-->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+
+    <parent>
+        <artifactId>amber-oauth2-parent</artifactId>
+        <groupId>org.apache.amber</groupId>
+       <version>0.2-SNAPSHOT</version>
+    </parent>
+
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>oauth2-resourceserver</artifactId>
+    <name>Apache Amber: OAuth 2.0 Implementation - Resource Server</name>
+   <version>0.2-SNAPSHOT</version>
+
+    <build>
+        <finalName>oauth2-resourceserver</finalName>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.5</version>
+                <configuration>
+                    <excludes>
+                        <exclude>**/utils/*</exclude>
+                    </excludes>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+    <dependencies>
+        <dependency>
+            <artifactId>oauth2-common</artifactId>
+            <groupId>org.apache.amber</groupId>
+            <version>${project.version}</version>
+        </dependency>
+    </dependencies>
+
+</project>

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/pom.xml
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractor.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractor.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractor.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractor.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,45 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.OAuth;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class BodyTokenExtractor implements TokenExtractor {
+
+    @Override
+    public String getAccessToken(HttpServletRequest request) {
+        return request.getParameter(OAuth.OAUTH_TOKEN);
+    }
+
+    @Override
+    public String getAccessToken(HttpServletRequest request, String tokenName) {
+        return request.getParameter(tokenName);
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractor.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractor.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractor.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractor.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,51 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.utils.OAuthUtils;
+import org.apache.amber.oauth2.common.OAuth;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class HeaderTokenExtractor implements TokenExtractor {
+
+
+    @Override
+    public String getAccessToken(HttpServletRequest request) {
+        String authzHeader = request.getHeader(OAuth.HeaderType.AUTHORIZATION);
+        return OAuthUtils.getAuthHeaderField(authzHeader);
+    }
+
+    @Override
+    public String getAccessToken(HttpServletRequest request, String tokenName) {
+        String authzHeader = request.getHeader(OAuth.HeaderType.AUTHORIZATION);
+        return OAuthUtils.getAuthHeaderField(authzHeader);
+    }
+
+
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractor.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractor.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractor.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractor.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,45 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.OAuth;
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class QueryTokenExtractor implements TokenExtractor {
+
+    @Override
+    public String getAccessToken(HttpServletRequest request) {
+        return request.getParameter(OAuth.OAUTH_TOKEN);
+    }
+
+    @Override
+    public String getAccessToken(HttpServletRequest request, String tokenName) {
+        return request.getParameter(tokenName);
+    }
+
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/TokenExtractor.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/TokenExtractor.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/TokenExtractor.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/TokenExtractor.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,37 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public interface TokenExtractor {
+
+    String getAccessToken(HttpServletRequest request);
+
+    String getAccessToken(HttpServletRequest request, String tokenName);
+
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/extractor/TokenExtractor.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/OAuthAccessResourceRequest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/OAuthAccessResourceRequest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/OAuthAccessResourceRequest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/OAuthAccessResourceRequest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,148 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.request;
+
+
+import java.util.HashMap;
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.error.OAuthError;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.common.exception.OAuthSystemException;
+import org.apache.amber.oauth2.common.message.types.ParameterStyle;
+import org.apache.amber.oauth2.common.utils.OAuthUtils;
+import org.apache.amber.oauth2.common.validators.OAuthValidator;
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.rs.extractor.HeaderTokenExtractor;
+import org.apache.amber.oauth2.rs.extractor.QueryTokenExtractor;
+import org.apache.amber.oauth2.rs.extractor.TokenExtractor;
+import org.apache.amber.oauth2.rs.validator.BodyOAuthValidator;
+import org.apache.amber.oauth2.rs.validator.HeaderOAuthValidator;
+import org.apache.amber.oauth2.rs.extractor.BodyTokenExtractor;
+import org.apache.amber.oauth2.rs.validator.QueryOAuthValidator;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class OAuthAccessResourceRequest {
+
+    private HttpServletRequest request;
+    private ParameterStyle[] parameterStyles = new ParameterStyle[] {OAuth.DEFAULT_PARAMETER_STYLE};
+    private ParameterStyle usedParameterStyle;
+
+    private Map<ParameterStyle, Class> extractors = new HashMap<ParameterStyle, Class>();
+    private Map<ParameterStyle, Class> validators = new HashMap<ParameterStyle, Class>();
+
+    private TokenExtractor extractor;
+
+    {
+        extractors.put(ParameterStyle.HEADER, HeaderTokenExtractor.class);
+        extractors.put(ParameterStyle.BODY, BodyTokenExtractor.class);
+        extractors.put(ParameterStyle.QUERY, QueryTokenExtractor.class);
+
+        validators.put(ParameterStyle.HEADER, HeaderOAuthValidator.class);
+        validators.put(ParameterStyle.BODY, BodyOAuthValidator.class);
+        validators.put(ParameterStyle.QUERY, QueryOAuthValidator.class);
+    }
+
+    public OAuthAccessResourceRequest(HttpServletRequest request)
+        throws OAuthSystemException, OAuthProblemException {
+        this(request, OAuth.DEFAULT_PARAMETER_STYLE);
+    }
+
+    public OAuthAccessResourceRequest(HttpServletRequest request, ParameterStyle... parameterStyles)
+        throws OAuthSystemException, OAuthProblemException {
+        this.request = request;
+        this.parameterStyles = parameterStyles;
+        this.validate();
+    }
+
+    public String getAccessToken() throws OAuthSystemException {
+        return extractor.getAccessToken(request);
+    }
+
+    private void validate() throws OAuthSystemException, OAuthProblemException {
+
+        int foundValidStyles = 0;
+        boolean lackAuthInfo = false;
+        OAuthProblemException ex = null;
+        for (ParameterStyle style : parameterStyles) {
+            try {
+
+                OAuthValidator validator = instantiateValidator(style);
+                validator.validateContentType(request);
+                validator.validateMethod(request);
+                validator.validateRequiredParameters(request);
+
+                usedParameterStyle = style;
+                foundValidStyles++;
+            } catch (OAuthProblemException e) {
+                //request lacks any authentication information?
+                if (OAuthUtils.isEmpty(e.getError())) {
+                    lackAuthInfo = true;
+                } else {
+                    ex = OAuthProblemException.error(e.getError(), e.getDescription());
+                }
+            }
+        }
+
+        if (foundValidStyles > 1) {
+            throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST,
+                "Found more than one mechanism for authenticating client");
+        }
+
+        if (ex != null) {
+            throw ex;
+        }
+
+        if (foundValidStyles == 0 && lackAuthInfo) {
+            throw OAuthProblemException.error(null, "OAuth parameters were not found");
+        }
+
+        if (foundValidStyles == 0) {
+            throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST,
+                "OAuth parameters were not found");
+        }
+
+        instantiateExtractor(usedParameterStyle);
+    }
+
+    private OAuthValidator instantiateValidator(ParameterStyle ps) throws OAuthSystemException {
+        Class clazz = validators.get(ps);
+        if (clazz == null) {
+            throw new OAuthSystemException("Cannot instantiate a message validator.");
+        }
+        return (OAuthValidator)OAuthUtils.instantiateClass(clazz);
+    }
+
+    private void instantiateExtractor(ParameterStyle ps) throws OAuthSystemException {
+        Class clazz = extractors.get(ps);
+        if (clazz == null) {
+            throw new OAuthSystemException("Cannot instantiate a token extractor.");
+        }
+        extractor = (TokenExtractor)OAuthUtils.instantiateClass(clazz);
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/request/OAuthAccessResourceRequest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/OAuthRSResponse.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/OAuthRSResponse.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/OAuthRSResponse.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/OAuthRSResponse.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,44 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.response;
+
+import org.apache.amber.oauth2.common.message.OAuthResponse;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class OAuthRSResponse extends OAuthResponse {
+
+    protected OAuthRSResponse(String uri, int responseStatus) {
+        super(uri, responseStatus);
+    }
+
+    public static class OAuthRSResponseBuilder extends OAuthResponse.OAuthResponseBuilder {
+
+        public OAuthRSResponseBuilder(int responseCode) {
+            super(responseCode);
+        }
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/response/OAuthRSResponse.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidator.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidator.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidator.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidator.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,88 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.validator;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.error.OAuthError;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.common.utils.OAuthUtils;
+import org.apache.amber.oauth2.common.validators.AbstractValidator;
+import org.apache.amber.oauth2.common.OAuth;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class BodyOAuthValidator extends AbstractValidator {
+
+    @Override
+    public void validateMethod(HttpServletRequest request) throws OAuthProblemException {
+        // Check if the method is POST, PUT, or DELETE
+        String method = request.getMethod();
+        if (!(OAuth.HttpMethod.POST.equals(method) || OAuth.HttpMethod.PUT.equals(method) || OAuth.HttpMethod
+            .DELETE.equals(method))) {
+            throw OAuthProblemException
+                .error(OAuthError.TokenResponse.INVALID_REQUEST)
+                .description("Incorrect method. POST, PUT, DELETE are supported.");
+        }
+    }
+
+    @Override
+    public void validateContentType(HttpServletRequest request) throws OAuthProblemException {
+        if (OAuthUtils.isMultipart(request)) {
+            throw OAuthProblemException.error(OAuthError.CodeResponse.INVALID_REQUEST).
+                description("Request is not single part.");
+        }
+        super.validateContentType(request);
+    }
+
+
+    @Override
+    public void validateRequiredParameters(HttpServletRequest request) throws OAuthProblemException {
+
+        if (OAuthUtils.isMultipart(request)) {
+            throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST).
+                description("Request is not single part.");
+        }
+
+
+        String[] tokens = request.getParameterValues(OAuth.OAUTH_TOKEN);
+        if (OAuthUtils.hasEmptyValues(tokens)) {
+            throw OAuthProblemException.error(null, "Missing OAuth token.");
+        }
+
+        if (tokens.length > 1) {
+            throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST)
+                .description("Multiple tokens attached.");
+        }
+
+        String oauthVersionDiff = request.getParameter(OAuth.OAUTH_VERSION_DIFFER);
+        if (!OAuthUtils.isEmpty(oauthVersionDiff)) {
+            throw OAuthProblemException.error(OAuthError.TokenResponse.INVALID_REQUEST)
+                .description("Incorrect OAuth version. Found OAuth V1.0.");
+        }
+
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidator.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidator.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidator.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidator.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,79 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.validator;
+
+import java.util.Map;
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.common.error.OAuthError;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.common.utils.OAuthUtils;
+import org.apache.amber.oauth2.common.validators.AbstractValidator;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class HeaderOAuthValidator extends AbstractValidator {
+
+    @Override
+    public void validateContentType(HttpServletRequest request) throws OAuthProblemException {
+    }
+
+    @Override
+    public void validateMethod(HttpServletRequest request) throws OAuthProblemException {
+    }
+
+    @Override
+    public void validateRequiredParameters(HttpServletRequest request) throws OAuthProblemException {
+        // Check if there is the Authorization Header
+        String authzHeader = request.getHeader(OAuth.HeaderType.AUTHORIZATION);
+        if (OAuthUtils.isEmpty(authzHeader)) {
+            throw OAuthProblemException.error("", "Missing authorization header.");
+        }
+
+        // See if the authorization method is set to OAuth
+        String authzMethod = OAuthUtils.getAuthzMethod(authzHeader);
+        if (!OAuth.OAUTH_HEADER_NAME.equals(authzMethod)) {
+            throw OAuthProblemException.error("", "Incorrect authorization method.");
+        }
+
+        // Get the header field
+        String headerField = OAuthUtils.getAuthHeaderField(authzHeader);
+        if (OAuthUtils.isEmpty(headerField)) {
+            throw OAuthProblemException
+                .error(OAuthError.TokenResponse.INVALID_REQUEST, "Missing required parameter.");
+        }
+
+        // Check if this OAuth 1.0 or OAuth 2.0
+        Map<String, String> values = OAuthUtils.decodeOAuthHeader(authzHeader);
+        String oauthVersionDiff = values.get(OAuth.OAUTH_VERSION_DIFFER);
+        if (!OAuthUtils.isEmpty(oauthVersionDiff)) {
+            throw OAuthProblemException
+                .error(OAuthError.TokenResponse.INVALID_REQUEST,
+                    "Incorrect OAuth version. Found OAuth V1.0.");
+        }
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidator.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidator.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidator.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidator.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,68 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.validator;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.common.error.OAuthError;
+import org.apache.amber.oauth2.common.utils.OAuthUtils;
+import org.apache.amber.oauth2.common.validators.AbstractValidator;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class QueryOAuthValidator extends AbstractValidator {
+
+    @Override
+    public void validateContentType(HttpServletRequest request) throws OAuthProblemException {
+    }
+
+    @Override
+    public void validateMethod(HttpServletRequest request) throws OAuthProblemException {
+    }
+
+    @Override
+    public void validateRequiredParameters(HttpServletRequest request) throws OAuthProblemException {
+
+
+        String[] tokens = request.getParameterValues(OAuth.OAUTH_TOKEN);
+        if (OAuthUtils.hasEmptyValues(tokens)) {
+            throw OAuthProblemException.error("", "Missing OAuth token.");
+        }
+        if (tokens != null && tokens.length > 1) {
+            throw OAuthProblemException
+                .error(OAuthError.TokenResponse.INVALID_REQUEST, "Multiple tokens attached.");
+        }
+
+        String oauthVersionDiff = request.getParameter(OAuth.OAUTH_VERSION_DIFFER);
+        if (!OAuthUtils.isEmpty(oauthVersionDiff)) {
+            throw OAuthProblemException
+                .error(OAuthError.TokenResponse.INVALID_REQUEST,
+                    "Incorrect OAuth version. Found OAuth V1.0.");
+        }
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/main/java/org/apache/amber/oauth2/rs/validator/QueryOAuthValidator.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/OAuthAccessResourceRequestTest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/OAuthAccessResourceRequestTest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/OAuthAccessResourceRequestTest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/OAuthAccessResourceRequestTest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,537 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.common.message.types.ParameterStyle;
+import org.apache.amber.oauth2.rs.request.OAuthAccessResourceRequest;
+import org.junit.Assert;
+import org.junit.Test;
+import org.apache.amber.oauth2.common.error.OAuthError;
+
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.reset;
+import static org.easymock.EasyMock.verify;
+import static org.junit.Assert.fail;
+
+
+/**
+ * @author Maciej Machulak
+ * @author Lukasz Moren
+ */
+public class OAuthAccessResourceRequestTest {
+
+    public static final String AUTHORIZATION_HEADER_OAUTH2 = "OAuth sometoken";
+
+    @Test
+    public void testCreateNoHeaderRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn(null);
+        replay(request);
+
+
+        OAuthAccessResourceRequest req = null;
+        try {
+            new OAuthAccessResourceRequest(request);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals("OAuth parameters were not found", e.getDescription());
+        }
+
+        verify(request);
+
+    }
+
+    @Test
+    public void testCreateWrongHeaderRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("Basic assdafasfd");
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals("OAuth parameters were not found", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateHeaderMissingFieldRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("OAuth ");
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateHeaderWrongVersionRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION))
+            .andStubReturn("OAuth sadfasfd,oauth_signature_method=\"HMAC-SHA1\"");
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+
+    @Test
+    public void testCreateValidHeaderRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("OAuth token");
+        replay(request);
+        try {
+            new OAuthAccessResourceRequest(request);
+        } catch (OAuthProblemException e) {
+            fail("Exception not expected");
+        }
+        verify(request);
+
+    }
+
+    @Test
+    public void testCreateBodyWrongMethod() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateBodyInvalidEncoding() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateBodyWrongOAuthVersion() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn("HMAC-SHA1");
+        replay(request);
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+            Assert
+                .assertEquals("Incorrect OAuth version. Found OAuth V1.0.",
+                    e.getDescription());
+        }
+    }
+
+    @Test
+    public void testCreateBodyHeaderMixedTokens() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION))
+            .andStubReturn("OAuth sadfasfd,oauth_signature_method=\"HMAC-SHA1\"");
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY, ParameterStyle.HEADER);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateBodyNoToken() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert.assertNotNull(e);
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateBodyMultipleTokens() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"sometoken", "othertoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateBodyValidRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+        } catch (OAuthProblemException e) {
+            fail("Exception not expected");
+        }
+        verify(request);
+
+    }
+
+    @Test
+    public void testCreateQueryNoToken() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert.assertNull(e.getError());
+        }
+        verify(request);
+
+    }
+
+    @Test
+    public void testCreateQueryWrongVersion() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn("HMAC-SHA1");
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateQueryMultipleTokens() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"sometoken", "othertoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testCreateQueryValidRequest() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.GET);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"sometoken"});
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
+        } catch (OAuthProblemException e) {
+            fail("Exception not expected");
+        }
+        verify(request);
+
+    }
+
+    @Test
+    public void testGetAccessTokenWrongQueryRequest() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {null});
+
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert.assertNull(e.getError());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testGetAccessTokenWrongHeaderRequest() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getHeader("Authorization")).andStubReturn(null);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {null});
+
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals("OAuth parameters were not found", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testGetAccessTokenWrongBodyRequest() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {null});
+
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+            fail("Exception expected");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals("OAuth parameters were not found", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testGetAccessCorrectRequest() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+
+        //test body
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn("sometoken");
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"sometoken"});
+
+        replay(request);
+        OAuthAccessResourceRequest req = null;
+        try {
+            req = new OAuthAccessResourceRequest(request, ParameterStyle.BODY);
+        } catch (OAuthProblemException e) {
+            fail("Exception not expected");
+        }
+
+        Assert.assertEquals("sometoken", req.getAccessToken());
+        verify(request);
+
+        reset(request);
+        //test header
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn("sometoken");
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getHeader("Authorization")).andStubReturn(AUTHORIZATION_HEADER_OAUTH2);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"sometoken"});
+
+        replay(request);
+        try {
+            req = new OAuthAccessResourceRequest(request);
+        } catch (OAuthProblemException e) {
+            fail("Exception not expected");
+        }
+
+        Assert.assertEquals("sometoken", req.getAccessToken());
+        verify(request);
+
+        reset(request);
+        //test uri query
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn("sometoken");
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"sometoken"});
+
+        replay(request);
+        req = new OAuthAccessResourceRequest(request, ParameterStyle.QUERY);
+
+        Assert.assertEquals("sometoken", req.getAccessToken());
+        verify(request);
+    }
+
+    @Test
+    public void testMultipleStylesValidRequest() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {null});
+        expect(request.getHeader("Authorization")).andStubReturn(AUTHORIZATION_HEADER_OAUTH2);
+
+        replay(request);
+
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.QUERY, ParameterStyle.BODY,
+                ParameterStyle.HEADER);
+        } catch (OAuthProblemException e) {
+            fail("Exception not expected");
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testMultipleStylesInvalidRequest() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn("sometoken");
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"sometoken"});
+        expect(request.getHeader("Authorization")).andStubReturn(AUTHORIZATION_HEADER_OAUTH2);
+
+        replay(request);
+
+        OAuthAccessResourceRequest req = null;
+        try {
+            new OAuthAccessResourceRequest(request, ParameterStyle.BODY,
+                ParameterStyle.QUERY, ParameterStyle.HEADER);
+            fail("Exception expeted");
+        } catch (OAuthProblemException e) {
+            Assert
+                .assertTrue(
+                    OAuthError.TokenResponse.INVALID_REQUEST.equals(e.getError()));
+        }
+
+
+        verify(request);
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/OAuthAccessResourceRequestTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractorTest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractorTest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractorTest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractorTest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,66 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+import junit.framework.Assert;
+
+import org.apache.amber.oauth2.rs.extractor.BodyTokenExtractor;
+import org.junit.Test;
+import org.apache.amber.oauth2.common.OAuth;
+
+import static org.easymock.EasyMock.createStrictMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class BodyTokenExtractorTest {
+
+    @Test
+    public void testGetAccessToken() throws Exception {
+
+        HttpServletRequest request = createStrictMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn("sometoken");
+        replay(request);
+        BodyTokenExtractor bte = new BodyTokenExtractor();
+        Assert.assertEquals("sometoken", bte.getAccessToken(request));
+        verify(request);
+    }
+
+    @Test
+    public void testGetAccessTokenNull() throws Exception {
+
+        HttpServletRequest request = createStrictMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        replay(request);
+        BodyTokenExtractor bte = new BodyTokenExtractor();
+        Assert.assertNull(bte.getAccessToken(request));
+        verify(request);
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/BodyTokenExtractorTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractorTest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractorTest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractorTest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractorTest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,66 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+import junit.framework.Assert;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.rs.extractor.HeaderTokenExtractor;
+import org.junit.Test;
+
+import static org.easymock.EasyMock.createStrictMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class HeaderTokenExtractorTest {
+
+    @Test
+    public void testGetAccessToken() throws Exception {
+
+        HttpServletRequest request = createStrictMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("OAuth sometoken");
+        replay(request);
+        HeaderTokenExtractor hte = new HeaderTokenExtractor();
+        Assert.assertEquals("sometoken", hte.getAccessToken(request));
+        verify(request);
+    }
+
+    @Test
+    public void testGetAccessTokenNull() throws Exception {
+
+        HttpServletRequest request = createStrictMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn(null);
+        replay(request);
+        HeaderTokenExtractor hte = new HeaderTokenExtractor();
+        Assert.assertNull(hte.getAccessToken(request));
+        verify(request);
+    }
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/HeaderTokenExtractorTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractorTest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractorTest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractorTest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractorTest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,69 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.extractor;
+
+import javax.servlet.http.HttpServletRequest;
+
+import junit.framework.Assert;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.rs.extractor.QueryTokenExtractor;
+import org.junit.Test;
+
+import static org.easymock.EasyMock.createStrictMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class QueryTokenExtractorTest {
+
+    @Test
+    public void testGetAccessToken() throws Exception {
+
+        HttpServletRequest request = createStrictMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn("sometoken");
+        replay(request);
+        QueryTokenExtractor qte = new QueryTokenExtractor();
+        Assert.assertEquals("sometoken", qte.getAccessToken(request));
+        verify(request);
+
+    }
+
+    @Test
+    public void testGetAccessTokenNull() throws Exception {
+
+        HttpServletRequest request = createStrictMock(HttpServletRequest.class);
+        expect(request.getParameter(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        replay(request);
+        QueryTokenExtractor qte = new QueryTokenExtractor();
+        Assert.assertNull(qte.getAccessToken(request));
+        verify(request);
+
+    }
+
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/extractor/QueryTokenExtractorTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidatorTest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidatorTest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidatorTest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidatorTest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,169 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.validator;
+
+import javax.servlet.http.HttpServletRequest;
+
+import junit.framework.Assert;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.common.error.OAuthError;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.rs.validator.BodyOAuthValidator;
+import org.junit.Test;
+
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class BodyOAuthValidatorTest {
+
+    @Test
+    public void testValidateInvalidMethod() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn("GET");
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        replay(request);
+        try {
+            BodyOAuthValidator bov = new BodyOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Incorrect method. POST, PUT, DELETE are supported.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void tesValidateMultipartMessage() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn("multipart/form-data");
+        replay(request);
+        try {
+            BodyOAuthValidator bov = new BodyOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.CodeResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Request is not single part.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void tesValidateInvalidEncoding() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.JSON);
+        replay(request);
+        try {
+            BodyOAuthValidator bov = new BodyOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Bad content type.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void tesValidateInvalidOAuthVersion() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn("HMAC-SHA1");
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"access_token"});
+        replay(request);
+        try {
+            BodyOAuthValidator bov = new BodyOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Incorrect OAuth version. Found OAuth V1.0.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void tesValidateTokenMissing() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(null);
+        replay(request);
+        try {
+            BodyOAuthValidator bov = new BodyOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(null, e.getError());
+            Assert.assertEquals("Missing OAuth token.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void tesValidateMultipleTokens() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN))
+            .andStubReturn(new String[] {"access_token1", "access_token2"});
+        replay(request);
+        try {
+            BodyOAuthValidator bov = new BodyOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Multiple tokens attached.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void tesValidateValidMessage() throws Exception {
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getMethod()).andStubReturn(OAuth.HttpMethod.POST);
+        expect(request.getContentType()).andStubReturn(OAuth.ContentType.URL_ENCODED);
+        expect(request.getParameter(OAuth.OAUTH_VERSION_DIFFER)).andStubReturn(null);
+        expect(request.getParameterValues(OAuth.OAUTH_TOKEN)).andStubReturn(new String[] {"access_token"});
+        replay(request);
+        BodyOAuthValidator bov = new BodyOAuthValidator();
+        bov.performAllValidations(request);
+        verify(request);
+    }
+
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/BodyOAuthValidatorTest.java
------------------------------------------------------------------------------
    svn:eol-style = native

Added: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidatorTest.java
URL: http://svn.apache.org/viewvc/incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidatorTest.java?rev=1050674&view=auto
==============================================================================
--- incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidatorTest.java (added)
+++ incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidatorTest.java Sat Dec 18 17:06:20 2010
@@ -0,0 +1,134 @@
+/**
+ *       Copyright 2010 Newcastle University
+ *
+ *          http://research.ncl.ac.uk/smart/
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.amber.oauth2.rs.validator;
+
+import javax.servlet.http.HttpServletRequest;
+
+import junit.framework.Assert;
+
+import org.apache.amber.oauth2.common.OAuth;
+import org.apache.amber.oauth2.common.error.OAuthError;
+import org.apache.amber.oauth2.common.exception.OAuthProblemException;
+import org.apache.amber.oauth2.rs.validator.HeaderOAuthValidator;
+import org.junit.Test;
+import org.apache.amber.oauth2.common.utils.OAuthUtils;
+
+import static org.easymock.EasyMock.createMock;
+import static org.easymock.EasyMock.expect;
+import static org.easymock.EasyMock.replay;
+import static org.easymock.EasyMock.verify;
+
+/**
+ * @author Maciej Machulak (m.p.machulak@ncl.ac.uk)
+ * @author Lukasz Moren (lukasz.moren@ncl.ac.uk)
+ * @author Aad van Moorsel (aad.vanmoorsel@ncl.ac.uk)
+ */
+public class HeaderOAuthValidatorTest {
+
+
+    @Test
+    public void testValidateNoHeader() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn(null);
+        replay(request);
+        try {
+            HeaderOAuthValidator bov = new HeaderOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            org.junit.Assert.assertTrue(OAuthUtils.isEmpty(e.getError()));
+            Assert.assertEquals("Missing authorization header.", e.getDescription());
+        }
+        verify(request);
+
+    }
+
+    @Test
+    public void testValidateInvalidHeader() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("Basic arawersadf");
+        replay(request);
+        try {
+            HeaderOAuthValidator bov = new HeaderOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            org.junit.Assert.assertTrue(OAuthUtils.isEmpty(e.getError()));
+            Assert.assertEquals("Incorrect authorization method.", e.getDescription());
+        }
+        verify(request);
+
+    }
+
+
+    @Test
+    public void testValidateValidHeaderMissingField() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("OAuth  ");
+        replay(request);
+        try {
+            HeaderOAuthValidator bov = new HeaderOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Missing required parameter.", e.getDescription());
+        }
+        verify(request);
+
+    }
+
+
+    @Test
+    public void testValidateValidHeaderWrongVersion() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION))
+            .andStubReturn("OAuth sdfsadfsadf,oauth_signature_method=\"HMAC-SHA1\"");
+        replay(request);
+        try {
+            HeaderOAuthValidator bov = new HeaderOAuthValidator();
+            bov.performAllValidations(request);
+            Assert.fail("Exception not thrown.");
+        } catch (OAuthProblemException e) {
+            Assert.assertEquals(OAuthError.TokenResponse.INVALID_REQUEST, e.getError());
+            Assert.assertEquals("Incorrect OAuth version. Found OAuth V1.0.", e.getDescription());
+        }
+        verify(request);
+    }
+
+    @Test
+    public void testValidateValidHeader() throws Exception {
+
+        HttpServletRequest request = createMock(HttpServletRequest.class);
+        expect(request.getHeader(OAuth.HeaderType.AUTHORIZATION)).andStubReturn("OAuth sdfsadfsadf");
+        replay(request);
+        HeaderOAuthValidator bov = new HeaderOAuthValidator();
+        bov.performAllValidations(request);
+
+        verify(request);
+    }
+
+}

Propchange: incubator/amber/trunk/oauth-2.0/oauth2-resourceserver/src/test/java/org/apache/amber/oauth2/rs/validator/HeaderOAuthValidatorTest.java
------------------------------------------------------------------------------
    svn:eol-style = native



Mime
View raw message