Package org.eclipse.lyo.server.oauth.webapp.services

Class OAuthService

java.lang.Object
org.eclipse.lyo.server.oauth.webapp.services.OAuthService
@Path("/oauth") public class OAuthService extends Object
Issues OAuth request tokens, handles authentication, and then exchanges request tokens for access tokens based on the OAuth configuration set in the OAuthConfiguration singleton.
Author:
Samuel Padgett
See Also:

  • Field Details

    • httpRequest

      @Context protected jakarta.servlet.http.HttpServletRequest httpRequest

    • httpResponse

      @Context protected jakarta.servlet.http.HttpServletResponse httpResponse

  • Constructor Details

    • OAuthService

      public OAuthService()

  • Method Details

    • doGetRequestToken

      @GET @Path("/requestToken") public jakarta.ws.rs.core.Response doGetRequestToken() throws IOException, jakarta.servlet.ServletException
      Throws:
      IOException
      jakarta.servlet.ServletException

    • doPostRequestToken

      @POST @Path("/requestToken") public jakarta.ws.rs.core.Response doPostRequestToken() throws IOException, jakarta.servlet.ServletException
      Responds with a request token and token secret.
      Returns:
      the response
      Throws:
      IOException - on I/O errors
      jakarta.servlet.ServletException - on servlet errors

    • authorize

      @GET @Path("/authorize") public jakarta.ws.rs.core.Response authorize() throws jakarta.servlet.ServletException, IOException
      Responds with a web page to log in.
      Returns:
      the response
      Throws:
      IOException - on I/O errors
      jakarta.servlet.ServletException - on internal errors validating the request

    • login

      @POST @Path("/login") public jakarta.ws.rs.core.Response login(@FormParam("id") String id, @FormParam("password") String password, @FormParam("requestToken") String requestToken)
      Validates the ID and password on the authorization form. This is intended to be invoked by an XHR on the login page.
      Returns:
      the response, 409 if login failed or 204 if successful

    • authorize

      @POST @Path("/internal/approveToken") public jakarta.ws.rs.core.Response authorize(@FormParam("requestToken") String requestToken)

    • doGetAccessToken

      @GET @Path("/accessToken") public jakarta.ws.rs.core.Response doGetAccessToken() throws IOException, jakarta.servlet.ServletException
      Throws:
      IOException
      jakarta.servlet.ServletException

    • doPostAccessToken

      @POST @Path("/accessToken") public jakarta.ws.rs.core.Response doPostAccessToken() throws IOException, jakarta.servlet.ServletException
      Responds with an access token and token secret for valid OAuth requests. The request must be signed and the request token valid.
      Returns:
      the response
      Throws:
      IOException - on I/O errors
      jakarta.servlet.ServletException - on servlet errors

    • provisionalKey

      @POST @Path("/requestKey") @Produces("application/json") public jakarta.ws.rs.core.Response provisionalKey() throws NullPointerException, IOException
      Generates a provisional consumer key. This request must be later approved by an administrator.
      Returns:
      a JSON response with the provisional key
      Throws:
      IOException
      NullPointerException
      See Also:

    • showApproveKeyPage

      @GET @Path("/approveKey") @Produces("text/html") public jakarta.ws.rs.core.Response showApproveKeyPage(@QueryParam("key") String key) throws jakarta.servlet.ServletException, IOException
      Shows the approval page for a single provisional consumer. Shows the consumer management page instead if no key is passed in.
      Parameters:
      key - the consumer
      Returns:
      the approve consumer page
      Throws:
      jakarta.servlet.ServletException - on errors showing the JSP
      IOException - on errors showing the JSP
      See Also:

    • showConsumerKeyManagementPage

      @GET @Path("/admin") public jakarta.ws.rs.core.Response showConsumerKeyManagementPage() throws jakarta.servlet.ServletException, IOException
      Shows the consumer management page, which allows administrator to approve or remove OAuth consumers.
      Returns:
      the consumer management page
      Throws:
      jakarta.servlet.ServletException - on JSP errors
      IOException - on JSP errors

    • login

      @POST @Path("/adminLogin") public jakarta.ws.rs.core.Response login(@FormParam("id") String id, @FormParam("password") String password)
      Validates that the ID and password are for an administrator. This is used by the admin login page to protect the OAuth administration pages.
      Returns:
      the response, 409 if login failed or 204 if successful

    • confirmCallback

      protected boolean confirmCallback(OAuthRequest oAuthRequest) throws net.oauth.OAuthException
      Throws:
      net.oauth.OAuthException

    • validateRequest

      protected OAuthRequest validateRequest() throws net.oauth.OAuthException, IOException
      Validates this is a known consumer and the request is valid using OAuthValidator.validateMessage(net.oauth.OAuthMessage, OAuthAccessor). Does not check for any tokens.
      Returns:
      an OAuthRequest
      Throws:
      net.oauth.OAuthException - if the request fails validation
      IOException - on I/O errors

    • respondWithToken

      protected jakarta.ws.rs.core.Response respondWithToken(String token, String tokenSecret) throws IOException
      Throws:
      IOException

    • respondWithToken

      protected jakarta.ws.rs.core.Response respondWithToken(String token, String tokenSecret, boolean callbackConfirmed) throws IOException
      Throws:
      IOException

    • respondWithOAuthProblem

      protected jakarta.ws.rs.core.Response respondWithOAuthProblem(net.oauth.OAuthException e) throws IOException, jakarta.servlet.ServletException
      Throws:
      IOException
      jakarta.servlet.ServletException