org.springframework.security.oauth.consumer.client

Class CoreOAuthConsumerSupport

java.lang.Object

org.springframework.security.oauth.consumer.client.CoreOAuthConsumerSupport

All Implemented Interfaces:

InitializingBean, OAuthConsumerSupport

public class CoreOAuthConsumerSupport
extends Object
implements OAuthConsumerSupport, InitializingBean

Consumer-side support for OAuth. This support uses a URLConnection to interface with the OAuth provider. A proxy will be selected, but it is assumed that the TrustManagers and other connection-related environment variables are already set up.

Author:

Ryan Heaton, Andrew McCall

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
static class	CoreOAuthConsumerSupport.QueryParameterValue Marker class for an oauth parameter value that is a query parameter and should therefore not be included in the authorization header.

Constructor Summary

Constructors

Constructor and Description
CoreOAuthConsumerSupport()
CoreOAuthConsumerSupport(OAuthURLStreamHandlerFactory streamHandlerFactory)

Method Summary

Methods

Modifier and Type	Method and Description
void	afterPropertiesSet()
protected URL	configureURLForProtectedAccess(URL url, OAuthConsumerToken requestToken, ProtectedResourceDetails details, String httpMethod, Map<String,String> additionalParameters) Internal use of configuring the URL for protected access, the resource details already having been loaded.
URL	configureURLForProtectedAccess(URL url, OAuthConsumerToken accessToken, String httpMethod, Map<String,String> additionalParameters) Create a configured URL.
protected String	findValidHeaderValue(Set<CharSequence> paramValues) Finds a valid header value that is valid for the OAuth header.
OAuthConsumerToken	getAccessToken(OAuthConsumerToken requestToken, String verifier) Get an access token for a protected resource.
OAuthConsumerToken	getAccessToken(ProtectedResourceDetails details, OAuthConsumerToken requestToken, String verifier) Get an access token for a protected resource.
String	getAuthorizationHeader(ProtectedResourceDetails details, OAuthConsumerToken accessToken, URL url, String httpMethod, Map<String,String> additionalParameters) Get the authorization header using the given access token that should be applied to the specified URL.
int	getConnectionTimeout() The connection timeout (default 60 seconds).
NonceFactory	getNonceFactory() The nonce factory.
String	getOAuthQueryString(ProtectedResourceDetails details, OAuthConsumerToken accessToken, URL url, String httpMethod, Map<String,String> additionalParameters) Get the query string that is to be used in the given request.
ProtectedResourceDetailsService	getProtectedResourceDetailsService() The protected resource details service.
ProxySelector	getProxySelector() The proxy selector to use.
int	getReadTimeout() The read timeout (default 60 seconds).
protected String	getSignatureBaseString(Map<String,Set<CharSequence>> oauthParams, URL requestURL, String httpMethod) Get the signature base string for the specified parameters.
OAuthSignatureMethodFactory	getSignatureFactory() The signature factory to use.
OAuthURLStreamHandlerFactory	getStreamHandlerFactory() The URL stream handler factory for connections to an OAuth resource.
protected OAuthConsumerToken	getTokenFromProvider(ProtectedResourceDetails details, URL tokenURL, String httpMethod, OAuthConsumerToken requestToken, Map<String,String> additionalParameters) Get the consumer token with the given parameters and URL.
OAuthConsumerToken	getUnauthorizedRequestToken(ProtectedResourceDetails details, String callback) Get an unauthorized request token for a protected resource.
OAuthConsumerToken	getUnauthorizedRequestToken(String resourceId, String callback) Get an unauthorized request token for a protected resource.
protected Map<String,Set<CharSequence>>	loadOAuthParameters(ProtectedResourceDetails details, URL requestURL, OAuthConsumerToken requestToken, String httpMethod, Map<String,String> additionalParameters) Loads the OAuth parameters for the given resource at the given URL and the given token.
protected HttpURLConnection	openConnection(URL requestTokenURL) Open a connection to the given URL.
InputStream	readProtectedResource(URL url, OAuthConsumerToken accessToken, String httpMethod) Read a protected resource from the given URL using the specified access token and HTTP method.
protected InputStream	readResource(ProtectedResourceDetails details, URL url, String httpMethod, OAuthConsumerToken token, Map<String,String> additionalParameters, Map<String,String> additionalRequestHeaders) Read a resource.
protected Proxy	selectProxy(URL requestTokenURL) Selects a proxy for the given URL.
void	setConnectionTimeout(int connectionTimeout) The connection timeout.
void	setNonceFactory(NonceFactory nonceFactory) The nonce factory.
void	setProtectedResourceDetailsService(ProtectedResourceDetailsService protectedResourceDetailsService) The protected resource details service.
void	setProxySelector(ProxySelector proxySelector) The proxy selector to use.
void	setReadTimeout(int readTimeout) The read timeout.
void	setSignatureFactory(OAuthSignatureMethodFactory signatureFactory) The signature factory to use.
void	setStreamHandlerFactory(OAuthURLStreamHandlerFactory streamHandlerFactory) The URL stream handler factory for connections to an OAuth resource.
protected String	urlDecode(String token) URL-decode a token.
protected String	urlEncode(String value) URL-encode a value.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

CoreOAuthConsumerSupport

public CoreOAuthConsumerSupport()

CoreOAuthConsumerSupport

public CoreOAuthConsumerSupport(OAuthURLStreamHandlerFactory streamHandlerFactory)

Method Detail

afterPropertiesSet

public void afterPropertiesSet()
                        throws Exception

Specified by:

afterPropertiesSet in interface InitializingBean

Throws:

Exception

getUnauthorizedRequestToken

public OAuthConsumerToken getUnauthorizedRequestToken(String resourceId,
                                             String callback)
                                               throws OAuthRequestFailedException

Description copied from interface: OAuthConsumerSupport

Get an unauthorized request token for a protected resource.

Specified by:

getUnauthorizedRequestToken in interface OAuthConsumerSupport

Parameters:

resourceId - The id of the protected resource for which to get a consumer token.

callback - The callback URL.

Returns:

The unauthorized request token.

Throws:

OAuthRequestFailedException

getUnauthorizedRequestToken

public OAuthConsumerToken getUnauthorizedRequestToken(ProtectedResourceDetails details,
                                             String callback)
                                               throws OAuthRequestFailedException

Description copied from interface: OAuthConsumerSupport

Get an unauthorized request token for a protected resource.

Specified by:

getUnauthorizedRequestToken in interface OAuthConsumerSupport

Parameters:

details - The protected resource for which to get a consumer token.

callback - The callback URL.

Returns:

The unauthorized request token.

Throws:

OAuthRequestFailedException

getAccessToken

public OAuthConsumerToken getAccessToken(OAuthConsumerToken requestToken,
                                String verifier)
                                  throws OAuthRequestFailedException

Description copied from interface: OAuthConsumerSupport

Get an access token for a protected resource.

Specified by:

getAccessToken in interface OAuthConsumerSupport

Parameters:

requestToken - The (presumably authorized) request token.

verifier - The token verifier.

Returns:

The access token.

Throws:

OAuthRequestFailedException

getAccessToken

public OAuthConsumerToken getAccessToken(ProtectedResourceDetails details,
                                OAuthConsumerToken requestToken,
                                String verifier)

Description copied from interface: OAuthConsumerSupport

Get an access token for a protected resource.

Specified by:

getAccessToken in interface OAuthConsumerSupport

Parameters:

details - The resource for which to get the access token.

requestToken - The (presumably authorized) request token.

verifier - The token verifier.

Returns:

The access token.

readProtectedResource

public InputStream readProtectedResource(URL url,
                                OAuthConsumerToken accessToken,
                                String httpMethod)
                                  throws OAuthRequestFailedException

Description copied from interface: OAuthConsumerSupport

Read a protected resource from the given URL using the specified access token and HTTP method.

Specified by:

readProtectedResource in interface OAuthConsumerSupport

Parameters:

url - The URL.

accessToken - The access token.

httpMethod - The HTTP method.

Returns:

The protected resource.

Throws:

OAuthRequestFailedException

readResource

protected InputStream readResource(ProtectedResourceDetails details,
                       URL url,
                       String httpMethod,
                       OAuthConsumerToken token,
                       Map<String,String> additionalParameters,
                       Map<String,String> additionalRequestHeaders)

Read a resource.

Parameters:

details - The details of the resource.

url - The URL of the resource.

httpMethod - The http method.

token - The token.

additionalParameters - Any additional request parameters.

additionalRequestHeaders - Any additional request parameters.

Returns:

The resource.

configureURLForProtectedAccess

public URL configureURLForProtectedAccess(URL url,
                                 OAuthConsumerToken accessToken,
                                 String httpMethod,
                                 Map<String,String> additionalParameters)
                                   throws OAuthRequestFailedException

Create a configured URL. If the HTTP method to access the resource is "POST" or "PUT" and the "Authorization" header isn't supported, then the OAuth parameters will be expected to be sent in the body of the request. Otherwise, you can assume that the given URL is ready to be used without further work.

Specified by:

configureURLForProtectedAccess in interface OAuthConsumerSupport

Parameters:

url - The base URL.

accessToken - The access token.

httpMethod - The HTTP method.

additionalParameters - Any additional request parameters.

Returns:

The configured URL.

Throws:

OAuthRequestFailedException

configureURLForProtectedAccess

protected URL configureURLForProtectedAccess(URL url,
                                 OAuthConsumerToken requestToken,
                                 ProtectedResourceDetails details,
                                 String httpMethod,
                                 Map<String,String> additionalParameters)

Internal use of configuring the URL for protected access, the resource details already having been loaded.

Parameters:

url - The URL.

requestToken - The request token.

details - The details.

httpMethod - The http method.

additionalParameters - Any additional request parameters.

Returns:

The configured URL.

getAuthorizationHeader

public String getAuthorizationHeader(ProtectedResourceDetails details,
                            OAuthConsumerToken accessToken,
                            URL url,
                            String httpMethod,
                            Map<String,String> additionalParameters)

Description copied from interface: OAuthConsumerSupport

Get the authorization header using the given access token that should be applied to the specified URL.

Specified by:

getAuthorizationHeader in interface OAuthConsumerSupport

Parameters:

details - The details of the protected resource.

accessToken - The access token.

url - The URL of the request.

httpMethod - The http method for the protected resource.

additionalParameters - Any additional request parameters.

Returns:

The authorization header, or null if the authorization header isn't supported by the provider of this resource.

findValidHeaderValue

protected String findValidHeaderValue(Set<CharSequence> paramValues)

Finds a valid header value that is valid for the OAuth header.

Parameters:

paramValues - The possible values for the oauth header.

Returns:

The selected value, or null if none were found.

getOAuthQueryString

public String getOAuthQueryString(ProtectedResourceDetails details,
                         OAuthConsumerToken accessToken,
                         URL url,
                         String httpMethod,
                         Map<String,String> additionalParameters)

Description copied from interface: OAuthConsumerSupport

Get the query string that is to be used in the given request. The query string will include any custom query parameters in the URL and any necessary OAuth parameters. Note, however, that an OAuth parameter is not considered "necessary" if the provider of the resource supports the authorization header. Any OAuth parameters will be URL-encoded, but not oauth-encoded, per the OAuth spec. The query string is to be used by either applying it to the URL (for HTTP GET) or putting it in the body of the request (for HTTP POST).

Specified by:

getOAuthQueryString in interface OAuthConsumerSupport

Parameters:

details - The resource details.

accessToken - The access token.

url - The URL

httpMethod - The http method.

additionalParameters - Any additional OAuth request parameters.

Returns:

The query string.

getTokenFromProvider

protected OAuthConsumerToken getTokenFromProvider(ProtectedResourceDetails details,
                                      URL tokenURL,
                                      String httpMethod,
                                      OAuthConsumerToken requestToken,
                                      Map<String,String> additionalParameters)

Get the consumer token with the given parameters and URL. The determination of whether the retrieved token is an access token depends on whether a request token is provided.

Parameters:

details - The resource details.

tokenURL - The token URL.

httpMethod - The http method.

requestToken - The request token, or null if none.

additionalParameters - The additional request parameter.

Returns:

The token.

loadOAuthParameters

protected Map<String,Set<CharSequence>> loadOAuthParameters(ProtectedResourceDetails details,
                                                URL requestURL,
                                                OAuthConsumerToken requestToken,
                                                String httpMethod,
                                                Map<String,String> additionalParameters)

Loads the OAuth parameters for the given resource at the given URL and the given token. These parameters include any query parameters on the URL since they are included in the signature. The oauth parameters are NOT encoded.

Parameters:

details - The resource details.

requestURL - The request URL.

requestToken - The request token.

httpMethod - The http method.

additionalParameters - Additional oauth parameters (outside of the core oauth spec).

Returns:

The parameters.

urlEncode

protected String urlEncode(String value)

URL-encode a value.

Parameters:

value - The value to encode.

Returns:

The URL-encoded value.

urlDecode

protected String urlDecode(String token)

URL-decode a token.

Parameters:

token - The token to URL-decode.

Returns:

The decoded token.

openConnection

protected HttpURLConnection openConnection(URL requestTokenURL)

Open a connection to the given URL.

Parameters:

requestTokenURL - The request token URL.

Returns:

The HTTP URL connection.

selectProxy

protected Proxy selectProxy(URL requestTokenURL)

Selects a proxy for the given URL.

Parameters:

requestTokenURL - The URL

Returns:

The proxy.

getSignatureBaseString

protected String getSignatureBaseString(Map<String,Set<CharSequence>> oauthParams,
                            URL requestURL,
                            String httpMethod)

Get the signature base string for the specified parameters. It is presumed the parameters are NOT OAuth-encoded.

Parameters:

oauthParams - The parameters (NOT oauth-encoded).

requestURL - The request URL.

httpMethod - The http method.

Returns:

The signature base string.

getProtectedResourceDetailsService

public ProtectedResourceDetailsService getProtectedResourceDetailsService()

The protected resource details service.

Returns:

The protected resource details service.

setProtectedResourceDetailsService

@Autowired
public void setProtectedResourceDetailsService(ProtectedResourceDetailsService protectedResourceDetailsService)

The protected resource details service.

Parameters:

protectedResourceDetailsService - The protected resource details service.

getStreamHandlerFactory

public OAuthURLStreamHandlerFactory getStreamHandlerFactory()

The URL stream handler factory for connections to an OAuth resource.

Returns:

The URL stream handler factory for connections to an OAuth resource.

setStreamHandlerFactory

@Autowired(required=false)
public void setStreamHandlerFactory(OAuthURLStreamHandlerFactory streamHandlerFactory)

The URL stream handler factory for connections to an OAuth resource.

Parameters:

streamHandlerFactory - The URL stream handler factory for connections to an OAuth resource.

getNonceFactory

public NonceFactory getNonceFactory()

The nonce factory.

Returns:

The nonce factory.

setNonceFactory

@Autowired(required=false)
public void setNonceFactory(NonceFactory nonceFactory)

The nonce factory.

Parameters:

nonceFactory - The nonce factory.

getSignatureFactory

public OAuthSignatureMethodFactory getSignatureFactory()

The signature factory to use.

Returns:

The signature factory to use.

setSignatureFactory

@Autowired(required=false)
public void setSignatureFactory(OAuthSignatureMethodFactory signatureFactory)

The signature factory to use.

Parameters:

signatureFactory - The signature factory to use.

getProxySelector

public ProxySelector getProxySelector()

The proxy selector to use.

Returns:

The proxy selector to use.

setProxySelector

@Autowired(required=false)
public void setProxySelector(ProxySelector proxySelector)

The proxy selector to use.

Parameters:

proxySelector - The proxy selector to use.

getConnectionTimeout

public int getConnectionTimeout()

The connection timeout (default 60 seconds).

Returns:

The connection timeout.

setConnectionTimeout

public void setConnectionTimeout(int connectionTimeout)

The connection timeout.

Parameters:

connectionTimeout - The connection timeout.

getReadTimeout

public int getReadTimeout()

The read timeout (default 60 seconds).

Returns:

The read timeout.

setReadTimeout

public void setReadTimeout(int readTimeout)

The read timeout.

Parameters:

readTimeout - The read timeout.