Java OAuthServlet类代码示例

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
@Override
public String authenticate(HttpServletRequest request) throws IOException, OAuthException,
    URISyntaxException {
  OAuthMessage message = OAuthServlet.getMessage(request, null);

  // Retrieve and set the user info with the OAuth parameters
  Map<UserInfoProperties, Object> oauthParams = new HashMap<UserInfoProperties, Object>();
  oauthParams.put(UserInfoProperties.EMAIL,
      urlDecode(message.getParameter("opensocial_viewer_id")));
  oauthParams.put(UserInfoProperties.VIEWER_ID,
      urlDecode(message.getParameter("opensocial_viewer_id")));
  oauthParams.put(UserInfoProperties.OWNER_EMAIL,
      urlDecode(message.getParameter("opensocial_owner_id")));
  oauthParams.put(UserInfoProperties.OWNER_ID,
      urlDecode(message.getParameter("opensocial_owner_id")));
  oauthParams.put(UserInfoProperties.APPLICATION_ID, message.getParameter("opensocial_app_id"));
  oauthParams.put(UserInfoProperties.APPLICATION_URL, message.getParameter("opensocial_app_url"));

  UserInfo userInfo = new HashMapBasedUserInfo(oauthParams);
  request.setAttribute(AbstractManagedCollectionAdapter.USER_INFO, userInfo);

  return message.getParameter("opensocial_viewer_id");
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
        throws IOException, ServletException {
    
    try{
        OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
        
        OAuthAccessor accessor = SampleOAuthProvider.getAccessor(requestMessage);
       
        if (Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
            // already authorized send the user back
            returnToConsumer(request, response, accessor);
        } else {
            sendToAuthorizePage(request, response, accessor);
        }
    
    } catch (Exception e){
        SampleOAuthProvider.handleException(e, request, response, true);
    }
    
    
    
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
@Override 
public void doPost(HttpServletRequest request, HttpServletResponse response) 
        throws IOException, ServletException{
    
    try{
        OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
        
        OAuthAccessor accessor = SampleOAuthProvider.getAccessor(requestMessage);
        
        String userId = request.getParameter("userId");
        if(userId == null){
            sendToAuthorizePage(request, response, accessor);
        }
        // set userId in accessor and mark it as authorized
        SampleOAuthProvider.markAsAuthorized(accessor, userId);
        
        returnToConsumer(request, response, accessor);
        
    } catch (Exception e){
        SampleOAuthProvider.handleException(e, request, response, true);
    }
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
        throws IOException, ServletException {
    try{
        OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
        OAuthAccessor accessor = SampleOAuthProvider.getAccessor(requestMessage);
        SampleOAuthProvider.VALIDATOR.validateMessage(requestMessage, accessor);
        String userId = (String) accessor.getProperty("user");
        
        response.setContentType("text/plain");
        PrintWriter out = response.getWriter();
        out.println("[Your UserId:" + userId + "]");
        for (Object item : request.getParameterMap().entrySet()) {
            Map.Entry parameter = (Map.Entry) item;
            String[] values = (String[]) parameter.getValue();
            for (String value : values) {
                out.println(parameter.getKey() + ": " + value);
            }
        }
        out.close();
        
    } catch (Exception e){
        SampleOAuthProvider.handleException(e, request, response, false);
    }
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
/**
 * The workaround for Moodle and Canvas OAuth.<br>
 * If we have a duplicate, and it came from Moodle, it's worth presuming a
 * different reality applies. Hopefully by version moodle-3 they'll have
 * fixed this. ext_lms for moodle 2.3, 2.4, 2.5 was literally "moodle-2".
 * Use startsWith in case future moodle 2.x has an extended string. Read:
 * Dodgical hax
 * 
 * @param request
 * @return
 */
@Override
protected OAuthMessage getOAuthMessage(HttpServletRequest request)
{
	boolean dupe = false;
	String extlms = request.getParameter(ExternalToolConstants.EXT_LMS);
	String product = request.getParameter(ExternalToolConstants.TOOL_CONSUMER_INFO_PRODUCT_FAMILY_CODE);

	Set<Entry<String, String[]>> params = request.getParameterMap().entrySet();
	Map<String, String> newParams = Maps.newHashMap();

	if( "canvas".equalsIgnoreCase(product)
		|| (extlms != null && extlms.startsWith("moodle-2") && "moodle".equalsIgnoreCase(product))
		//hack for canvas ContentItemPlacements
		|| (request.getParameter("lti_message_type") != null
			&& request.getParameter("lti_message_type").equals("ContentItemSelectionRequest")) )
	{
		for( Entry<String, String[]> p : params )
		{
			String[] values = p.getValue();
			if( values.length == 2 && Objects.equal(values[0], values[1]) )
			{
				dupe = true;
			}
			newParams.put(p.getKey(), values[0]);
		}

		if( dupe )
		{
			return new OAuthMessage(request.getMethod(), urlService.getUriForRequest(request, null).toString(),
				newParams.entrySet());
		}
	}

	return OAuthServlet.getMessage(request, urlService.getUriForRequest(request, null).toString());
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
protected Map getPayloadAsMap(HttpServletRequest request) {
	Map payload = new HashMap();
	for (Enumeration e = request.getParameterNames(); e.hasMoreElements(); ) {
		String key = (String)e.nextElement();
		payload.put(key, request.getParameter(key));
	}

	String requestURL = SakaiBLTIUtil.getOurServletPath(request);
	payload.put("oauth_message", OAuthServlet.getMessage(request, requestURL));
	payload.put("tool_id", 	request.getPathInfo());
	return payload;
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
private static void handleException(Exception e, HttpServletRequest request,
                                    HttpServletResponse response, boolean sendBody)
        throws IOException, ServletException {
    String realm = (request.isSecure()) ? "https://" : "http://";
    realm += request.getLocalName();
    OAuthServlet.handleException(response, e, realm, sendBody);
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
@Override
public String authenticate(HttpServletRequest request) throws IOException, OAuthException,
    URISyntaxException {

  OAuthMessage message = OAuthServlet.getMessage(request, null);
  String consumerKey = message.getConsumerKey();
  String signatureMethod = message.getSignatureMethod();
  OAuthConsumer consumer = keyManager.getOAuthConsumer(provider, consumerKey, signatureMethod);
  if (null == consumer) {
    logger.info("signed fetch verification failed: consumer is null");
    throw new OAuthException("Unauthorized");
  }
  OAuthAccessor accessor = new OAuthAccessor(consumer);
  message.validateMessage(accessor, validator);

  String viewerEmail = message.getParameter("opensocial_viewer_email");
  if (viewerEmail == null) {
    logger.info("signed fetch verification failed: viewer email is null");
    throw new OAuthException("Missing user identity opensocial_viewer_email");
  }

  // Retrieve and set the user info with the OAuth parameters
  Map<UserInfoProperties, Object> oauthParams = new HashMap<UserInfoProperties, Object>();
  oauthParams.put(UserInfoProperties.EMAIL, urlDecode(viewerEmail));
  oauthParams.put(UserInfoProperties.VIEWER_ID, message.getParameter("opensocial_viewer_id"));
  oauthParams.put(UserInfoProperties.OWNER_EMAIL,
      urlDecode(message.getParameter("opensocial_owner_email")));
  oauthParams.put(UserInfoProperties.OWNER_ID, message.getParameter("opensocial_owner_id"));
  oauthParams.put(UserInfoProperties.APPLICATION_ID, message.getParameter("opensocial_app_id"));
  oauthParams.put(UserInfoProperties.APPLICATION_URL, message.getParameter("opensocial_app_url"));

  UserInfo userInfo = new HashMapBasedUserInfo(oauthParams);
  request.setAttribute(AbstractManagedCollectionAdapter.USER_INFO, userInfo);

  logger.info("signed fetch verified: " + viewerEmail);
  return message.getParameter("opensocial_viewer_id");
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
public static void handleException(Exception e, HttpServletRequest request,
        HttpServletResponse response, boolean sendBody)
        throws IOException, ServletException {
    String realm = (request.isSecure())?"https://":"http://";
    realm += request.getLocalName();
    OAuthServlet.handleException(response, e, realm, sendBody); 
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
/** Reconstruct the requested URL path, complete with query string (if any). */
private static String getRequestPath(HttpServletRequest request)
        throws MalformedURLException {

    URL url = new URL(OAuthServlet.getRequestURL(request));
    StringBuilder path = new StringBuilder(url.getPath());
    String queryString = url.getQuery();
    if (queryString != null) {
        path.append("?").append(queryString);
    }
    return path.toString();
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
public void processRequest(HttpServletRequest request, HttpServletResponse response)
        throws IOException, ServletException {
    try{
        OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
        
        OAuthAccessor accessor = SampleOAuthProvider.getAccessor(requestMessage);
        SampleOAuthProvider.VALIDATOR.validateMessage(requestMessage, accessor);
        
        // make sure token is authorized
        if (!Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
             OAuthProblemException problem = new OAuthProblemException("permission_denied");
            throw problem;
        }
        // generate access token and secret
        SampleOAuthProvider.generateAccessToken(accessor);
        
        response.setContentType("text/plain");
        OutputStream out = response.getOutputStream();
        OAuth.formEncode(OAuth.newList("oauth_token", accessor.accessToken,
                                       "oauth_token_secret", accessor.tokenSecret),
                         out);
        out.close();
        
    } catch (Exception e){
        SampleOAuthProvider.handleException(e, request, response, true);
    }
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
public void processRequest(HttpServletRequest request, HttpServletResponse response)
        throws IOException, ServletException {

    try {
        OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
        
        OAuthConsumer consumer = SampleOAuthProvider.getConsumer(requestMessage);
        
        OAuthAccessor accessor = new OAuthAccessor(consumer);
        SampleOAuthProvider.VALIDATOR.validateMessage(requestMessage, accessor);
        {
            // Support the 'Variable Accessor Secret' extension
            // described in http://oauth.pbwiki.com/AccessorSecret
            String secret = requestMessage.getParameter("oauth_accessor_secret");
            if (secret != null) {
                accessor.setProperty(OAuthConsumer.ACCESSOR_SECRET, secret);
            }
        }
        // generate request_token and secret
        SampleOAuthProvider.generateRequestToken(accessor);
        
        response.setContentType("text/plain");
        OutputStream out = response.getOutputStream();
        OAuth.formEncode(OAuth.newList("oauth_token", accessor.requestToken,
                                       "oauth_token_secret", accessor.tokenSecret),
                         out);
        out.close();
        
    } catch (Exception e){
        SampleOAuthProvider.handleException(e, request, response, true);
    }
    
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
private void readBody(Service service) {

    service.setMessage(OAuthServlet.getMessage(this.b2Context.getRequest(), null));
    try {
      this.response.setData(service.getMessage().readBodyAsString());
    } catch (IOException e) {
    }

  }
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
private void createAccessToken(HttpServletRequest servletRequest,
    HttpServletResponse servletResponse) throws ServletException, IOException, OAuthException, URISyntaxException {
  OAuthMessage requestMessage = OAuthServlet.getMessage(servletRequest, null);

  OAuthEntry entry = getValidatedEntry(requestMessage);
  if (entry == null)
    throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);

  if (entry.callbackToken != null) {
    // We're using the fixed protocol
    String clientCallbackToken = requestMessage.getParameter(OAuthConstants.OAUTH_VERIFIER);
    if (!entry.callbackToken.equals(clientCallbackToken)) {
      dataStore.disableToken(entry);
      servletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "This token is not authorized");
      return;
    }
  } else if (!entry.authorized) {
    // Old protocol.  Catch consumers trying to convert a token to one that's not authorized
    dataStore.disableToken(entry); 
    servletResponse.sendError(HttpServletResponse.SC_FORBIDDEN, "This token is not authorized");
    return;
  }

  // turn request token into access token
  OAuthEntry accessEntry = dataStore.convertToAccessToken(entry);

  sendResponse(servletResponse, OAuth.newList(
      OAuth.OAUTH_TOKEN, accessEntry.token,
      OAuth.OAUTH_TOKEN_SECRET, accessEntry.tokenSecret,
      "user_id", entry.userId));
}
 

import net.oauth.server.OAuthServlet; //导入依赖的package包/类
private static void handleException(Exception e, HttpServletRequest request,
    HttpServletResponse response, boolean sendBody)
    throws IOException, ServletException {
  String realm = (request.isSecure()) ? "https://" : "http://";

  if (request.getHeader("Host") != null) {
    realm += request.getHeader("Host");
  } else {
    realm += request.getLocalName();
  }
  OAuthServlet.handleException(response, e, realm, sendBody);
}