1
2
3
4
5
6
7
8
9
10
11
12
13 package org.springframework.security.oauth.config;
14
15 import java.io.IOException;
16 import java.io.InputStream;
17 import java.security.cert.Certificate;
18 import java.security.cert.CertificateException;
19 import java.security.cert.CertificateFactory;
20
21 import org.apache.commons.logging.Log;
22 import org.apache.commons.logging.LogFactory;
23 import org.springframework.beans.factory.BeanCreationException;
24 import org.springframework.beans.factory.FactoryBean;
25 import org.springframework.context.ResourceLoaderAware;
26 import org.springframework.core.io.ResourceLoader;
27 import org.springframework.security.core.authority.AuthorityUtils;
28 import org.springframework.security.oauth.common.signature.RSAKeySecret;
29 import org.springframework.security.oauth.common.signature.SharedConsumerSecretImpl;
30 import org.springframework.security.oauth.common.signature.SignatureSecret;
31 import org.springframework.security.oauth.provider.BaseConsumerDetails;
32 import org.springframework.security.oauth.provider.ConsumerDetails;
33
34
35
36
37
38 public class ConsumerDetailsFactoryBean implements FactoryBean<ConsumerDetails>, ResourceLoaderAware {
39
40 private static final Log logger = LogFactory.getLog(ConsumerDetailsFactoryBean.class);
41 private Object typeOfSecret;
42 private BaseConsumerDetailsder/BaseConsumerDetails.html#BaseConsumerDetails">BaseConsumerDetails consumer = new BaseConsumerDetails();
43 private String secret;
44 private ResourceLoader resourceLoader;
45
46 public void setResourceLoader(ResourceLoader resourceLoader) {
47 this.resourceLoader = resourceLoader;
48 }
49
50 public void setSecret(String secret) {
51 this.secret = secret;
52 }
53
54 public void setConsumerKey(String consumerKey) {
55 consumer.setConsumerKey(consumerKey);
56 }
57
58 public void setConsumerName(String consumerName) {
59 consumer.setConsumerName(consumerName);
60 }
61
62 public void setSignatureSecret(SignatureSecret signatureSecret) {
63 consumer.setSignatureSecret(signatureSecret);
64 }
65
66 public void setAuthorities(String authorities) {
67 consumer.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList(authorities));
68 }
69
70 public void setResourceName(String resourceName) {
71 consumer.setResourceName(resourceName);
72 }
73
74 public void setResourceDescription(String resourceDescription) {
75 consumer.setResourceDescription(resourceDescription);
76 }
77
78 public void setRequiredToObtainAuthenticatedToken(boolean requiredToObtainAuthenticatedToken) {
79 consumer.setRequiredToObtainAuthenticatedToken(requiredToObtainAuthenticatedToken);
80 }
81
82 public void setTypeOfSecret(Object typeOfSecret) {
83 this.typeOfSecret = typeOfSecret;
84 }
85
86 public ConsumerDetails getObject() throws Exception {
87 if ("rsa-cert".equals(typeOfSecret)) {
88 InputStream inputStream = null;
89 try {
90 inputStream = resourceLoader.getResource(secret).getInputStream();
91 Certificate cert = CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
92 consumer.setSignatureSecret(new RSAKeySecret(cert.getPublicKey()));
93 }
94 catch (IOException e) {
95 throw new BeanCreationException("RSA certificate not found at " + secret + ".",
96 e);
97 }
98 catch (CertificateException e) {
99 throw new BeanCreationException("Invalid RSA certificate at " + secret + ".", e);
100 }
101 catch (NullPointerException e) {
102 throw new BeanCreationException("Could not load RSA certificate at " + secret + ".", e);
103 }
104 finally {
105 try {
106 if (inputStream != null) {
107 inputStream.close();
108 }
109 }
110 catch (IOException e) {
111 logger.warn("Cannot close open stream: ", e);
112 }
113 }
114 }
115 else {
116 consumer.setSignatureSecret(new SharedConsumerSecretImpl(secret));
117 }
118 return consumer;
119 }
120
121 public Class<?> getObjectType() {
122 return BaseConsumerDetails.class;
123 }
124
125 public boolean isSingleton() {
126 return true;
127 }
128
129 }