Class OAuthService
java.lang.Object
org.eclipse.lyo.server.oauth.webapp.services.OAuthService
Issues OAuth request tokens, handles authentication, and then exchanges
request tokens for access tokens based on the OAuth configuration set in the
OAuthConfiguration
singleton.- Author:
- Samuel Padgett
- See Also:
-
Field Summary
Modifier and TypeFieldDescriptionprotected jakarta.servlet.http.HttpServletRequest
protected jakarta.servlet.http.HttpServletResponse
-
Constructor Summary
-
Method Summary
Modifier and TypeMethodDescriptionjakarta.ws.rs.core.Response
Responds with a web page to log in.jakarta.ws.rs.core.Response
protected boolean
confirmCallback
(OAuthRequest oAuthRequest) jakarta.ws.rs.core.Response
jakarta.ws.rs.core.Response
jakarta.ws.rs.core.Response
Responds with an access token and token secret for valid OAuth requests.jakarta.ws.rs.core.Response
Responds with a request token and token secret.jakarta.ws.rs.core.Response
Validates that the ID and password are for an administrator.jakarta.ws.rs.core.Response
Validates the ID and password on the authorization form.jakarta.ws.rs.core.Response
Generates a provisional consumer key.protected jakarta.ws.rs.core.Response
respondWithOAuthProblem
(net.oauth.OAuthException e) protected jakarta.ws.rs.core.Response
respondWithToken
(String token, String tokenSecret) protected jakarta.ws.rs.core.Response
respondWithToken
(String token, String tokenSecret, boolean callbackConfirmed) jakarta.ws.rs.core.Response
showApproveKeyPage
(String key) Shows the approval page for a single provisional consumer.jakarta.ws.rs.core.Response
Shows the consumer management page, which allows administrator to approve or remove OAuth consumers.protected OAuthRequest
Validates this is a known consumer and the request is valid usingOAuthValidator.validateMessage(net.oauth.OAuthMessage, OAuthAccessor)
.
-
Field Details
-
httpRequest
@Context protected jakarta.servlet.http.HttpServletRequest httpRequest -
httpResponse
@Context protected jakarta.servlet.http.HttpServletResponse httpResponse
-
-
Constructor Details
-
OAuthService
public OAuthService()
-
-
Method Details
-
doGetRequestToken
@GET @Path("/requestToken") public jakarta.ws.rs.core.Response doGetRequestToken() throws IOException, jakarta.servlet.ServletException- Throws:
IOException
jakarta.servlet.ServletException
-
doPostRequestToken
@POST @Path("/requestToken") public jakarta.ws.rs.core.Response doPostRequestToken() throws IOException, jakarta.servlet.ServletExceptionResponds with a request token and token secret.- Returns:
- the response
- Throws:
IOException
- on I/O errorsjakarta.servlet.ServletException
- on servlet errors
-
authorize
@GET @Path("/authorize") public jakarta.ws.rs.core.Response authorize() throws jakarta.servlet.ServletException, IOExceptionResponds with a web page to log in.- Returns:
- the response
- Throws:
IOException
- on I/O errorsjakarta.servlet.ServletException
- on internal errors validating the request
-
login
@POST @Path("/login") public jakarta.ws.rs.core.Response login(@FormParam("id") String id, @FormParam("password") String password, @FormParam("requestToken") String requestToken) Validates the ID and password on the authorization form. This is intended to be invoked by an XHR on the login page.- Returns:
- the response, 409 if login failed or 204 if successful
-
authorize
@POST @Path("/internal/approveToken") public jakarta.ws.rs.core.Response authorize(@FormParam("requestToken") String requestToken) -
doGetAccessToken
@GET @Path("/accessToken") public jakarta.ws.rs.core.Response doGetAccessToken() throws IOException, jakarta.servlet.ServletException- Throws:
IOException
jakarta.servlet.ServletException
-
doPostAccessToken
@POST @Path("/accessToken") public jakarta.ws.rs.core.Response doPostAccessToken() throws IOException, jakarta.servlet.ServletExceptionResponds with an access token and token secret for valid OAuth requests. The request must be signed and the request token valid.- Returns:
- the response
- Throws:
IOException
- on I/O errorsjakarta.servlet.ServletException
- on servlet errors
-
provisionalKey
@POST @Path("/requestKey") @Produces("application/json") public jakarta.ws.rs.core.Response provisionalKey() throws NullPointerException, IOExceptionGenerates a provisional consumer key. This request must be later approved by an administrator.- Returns:
- a JSON response with the provisional key
- Throws:
IOException
NullPointerException
- See Also:
-
showApproveKeyPage
@GET @Path("/approveKey") @Produces("text/html") public jakarta.ws.rs.core.Response showApproveKeyPage(@QueryParam("key") String key) throws jakarta.servlet.ServletException, IOException Shows the approval page for a single provisional consumer. Shows the consumer management page instead if no key is passed in.- Parameters:
key
- the consumer- Returns:
- the approve consumer page
- Throws:
jakarta.servlet.ServletException
- on errors showing the JSPIOException
- on errors showing the JSP- See Also:
-
showConsumerKeyManagementPage
@GET @Path("/admin") public jakarta.ws.rs.core.Response showConsumerKeyManagementPage() throws jakarta.servlet.ServletException, IOExceptionShows the consumer management page, which allows administrator to approve or remove OAuth consumers.- Returns:
- the consumer management page
- Throws:
jakarta.servlet.ServletException
- on JSP errorsIOException
- on JSP errors
-
login
@POST @Path("/adminLogin") public jakarta.ws.rs.core.Response login(@FormParam("id") String id, @FormParam("password") String password) Validates that the ID and password are for an administrator. This is used by the admin login page to protect the OAuth administration pages.- Returns:
- the response, 409 if login failed or 204 if successful
-
confirmCallback
- Throws:
net.oauth.OAuthException
-
validateRequest
Validates this is a known consumer and the request is valid usingOAuthValidator.validateMessage(net.oauth.OAuthMessage, OAuthAccessor)
. Does not check for any tokens.- Returns:
- an OAuthRequest
- Throws:
net.oauth.OAuthException
- if the request fails validationIOException
- on I/O errors
-
respondWithToken
protected jakarta.ws.rs.core.Response respondWithToken(String token, String tokenSecret) throws IOException - Throws:
IOException
-
respondWithToken
protected jakarta.ws.rs.core.Response respondWithToken(String token, String tokenSecret, boolean callbackConfirmed) throws IOException - Throws:
IOException
-
respondWithOAuthProblem
protected jakarta.ws.rs.core.Response respondWithOAuthProblem(net.oauth.OAuthException e) throws IOException, jakarta.servlet.ServletException - Throws:
IOException
jakarta.servlet.ServletException
-