`
sillycat
  • 浏览: 2552486 次
  • 性别: Icon_minigender_1
  • 来自: 成都
社区版块
存档分类
最新评论

OAuth(3)Sample Provider Implementation in JAVA

 
阅读更多
OAuth(3)Sample Provider Implementation in JAVA

The servelts for request_token, access_token, authorize and resources:

AccessTokenHttpRequestHandler.java:
package com.sillycat.easyoauthprovider.servlets;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthMessage;
import net.oauth.OAuthProblemException;
import net.oauth.OAuthValidator;
import net.oauth.server.OAuthServlet;
import org.springframework.web.HttpRequestHandler;
import com.sillycat.easyoauthprovider.plugins.oauth.OAuthProvider;
public class AccessTokenHttpRequestHandler implements HttpRequestHandler {
private OAuthProvider oauthProvider;
private OAuthValidator oauthValidator;
public void setOauthProvider(OAuthProvider oauthProvider) {
this.oauthProvider = oauthProvider;
}
public void setOauthValidator(OAuthValidator oauthValidator) {
this.oauthValidator = oauthValidator;
}
public void handleRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
}
public void processRequest(HttpServletRequest request,
HttpServletResponse response) throws IOException, ServletException {
try {
OAuthMessage requestMessage = OAuthServlet
.getMessage(request, null);
OAuthAccessor accessor = oauthProvider.getAccessor(requestMessage);
oauthValidator.validateMessage(requestMessage, accessor);
// make sure token is authorized
if (!Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
OAuthProblemException problem = new OAuthProblemException(
"permission_denied");
throw problem;
}
// generate access token and secret
oauthProvider.generateAccessToken(accessor);
response.setContentType("text/plain");
OutputStream out = response.getOutputStream();
OAuth.formEncode(OAuth.newList("oauth_token", accessor.accessToken,
"oauth_token_secret", accessor.tokenSecret), out);
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}

AuthorizationHttpRequestHandler.java:
package com.sillycat.easyoauthprovider.servlets;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthMessage;
import net.oauth.server.OAuthServlet;
import org.springframework.web.HttpRequestHandler;
import com.sillycat.easyoauthprovider.model.User;
import com.sillycat.easyoauthprovider.plugins.oauth.OAuthProvider;
public class AuthorizationHttpRequestHandler implements HttpRequestHandler {
private OAuthProvider oauthProvider;
public void setOauthProvider(OAuthProvider oauthProvider) {
this.oauthProvider = oauthProvider;
}
public void handleRequest(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
if ("GET".equals(request.getMethod())) {
try {
OAuthMessage requestMessage = OAuthServlet.getMessage(request,null);
OAuthAccessor accessor = oauthProvider.getAccessor(requestMessage);
if (Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
// already authorized send the user back
returnToConsumer(request, response, accessor);
} else {
sendToAuthorizePage(request, response, accessor);
}

} catch (Exception e) {
e.printStackTrace();
}
} else if ("POST".equals(request.getMethod())) {
try {
OAuthMessage requestMessage = OAuthServlet.getMessage(request,null);
OAuthAccessor accessor = oauthProvider.getAccessor(requestMessage);
String userId = request.getParameter("userId");
String userPwd = request.getParameter("userPwd");
if (userId == null || userPwd == null) {
sendToAuthorizePage(request, response, accessor);
}
//if the userId is not equal to password
if(!userId.equalsIgnoreCase(userPwd)){
sendToAuthorizePage(request, response, accessor);
}
User user = new User();
user.setUserName(userId);
user.setUserPassword(userPwd);
user.setEmailAddress(userId + "@gmail.com");
// set userId in ACCESSOR and mark it as authorized
oauthProvider.markAsAuthorized(accessor, user);
returnToConsumer(request, response, accessor);
} catch (Exception e) {
e.printStackTrace();
}
}
}
private void sendToAuthorizePage(HttpServletRequest request,
HttpServletResponse response, OAuthAccessor accessor)
throws IOException, ServletException {
String callback = request.getParameter("oauth_callback");
if (callback == null || callback.length() <= 0) {
callback = "none";
}
String consumer_description = (String) accessor.consumer.getProperty("description");
request.setAttribute("CONS_DESC", consumer_description);
request.setAttribute("CALLBACK", callback);
request.setAttribute("TOKEN", accessor.requestToken);
request.getRequestDispatcher //
("/authorize.jsp").forward(request, response);
}
private void returnToConsumer(HttpServletRequest request,
HttpServletResponse response, OAuthAccessor accessor)
throws IOException, ServletException {
// send the user back to site's callBackUrl
String callback = request.getParameter("oauth_callback");
if ("none".equals(callback) && accessor.consumer.callbackURL != null
&& accessor.consumer.callbackURL.length() > 0) {
// first check if we have something in our properties file
callback = accessor.consumer.callbackURL;
}
if ("none".equals(callback)) {
// no call back it must be a client
response.setContentType("text/plain");
PrintWriter out = response.getWriter();
out.println("You have successfully authorized '"
+ accessor.consumer.getProperty("description")
+ "'. Please close this browser window and click continue"
+ " in the client.");
out.close();
} else {
// if callback is not passed in, use the callback from config
if (callback == null || callback.length() <= 0)
callback = accessor.consumer.callbackURL;
String token = accessor.requestToken;
if (token != null) {
callback = OAuth.addParameters(callback, "oauth_token", token, OAuth.OAUTH_VERIFIER, "true");
}
response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
response.setHeader("Location", callback);
}
}
}

RequestTokenHttpRequestHandler.java:
package com.sillycat.easyoauthprovider.servlets;
import java.io.IOException;
import java.io.OutputStream;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuth;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthMessage;
import net.oauth.OAuthValidator;
import net.oauth.server.OAuthServlet;
import org.springframework.web.HttpRequestHandler;
import com.sillycat.easyoauthprovider.plugins.oauth.OAuthProvider;
public class RequestTokenHttpRequestHandler implements HttpRequestHandler {
private OAuthProvider oauthProvider;
private OAuthValidator oauthValidator;
public void setOauthProvider(OAuthProvider oauthProvider) {
this.oauthProvider = oauthProvider;
}
public void setOauthValidator(OAuthValidator oauthValidator) {
this.oauthValidator = oauthValidator;
}
public void handleRequest(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
processRequest(request, response);
}
public void processRequest(HttpServletRequest request,
HttpServletResponse response) throws IOException, ServletException {
try {
OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
OAuthConsumer consumer = oauthProvider.getConsumer(requestMessage);
OAuthAccessor accessor = new OAuthAccessor(consumer);
oauthValidator.validateMessage(requestMessage, accessor);
{
// Support the 'Variable ACCESSOR Secret' extension
// described in http://oauth.pbwiki.com/AccessorSecret
String secret = requestMessage.getParameter("oauth_accessor_secret");
if (secret != null) {
accessor.setProperty(OAuthConsumer.ACCESSOR_SECRET, secret);
}
}
// generate request_token and secret
oauthProvider.generateRequestToken(accessor);
response.setContentType("text/plain");
OutputStream out = response.getOutputStream();
OAuth.formEncode(OAuth.newList("oauth_token",accessor.requestToken, "oauth_token_secret",accessor.tokenSecret), out);
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}

UserHttpRequestHandler.java:
package com.sillycat.easyoauthprovider.servlets;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthMessage;
import net.oauth.OAuthValidator;
import net.oauth.server.OAuthServlet;
import org.springframework.web.HttpRequestHandler;
import com.sillycat.easyoauthprovider.model.User;
import com.sillycat.easyoauthprovider.plugins.oauth.OAuthProvider;
public class UserHttpRequestHandler implements HttpRequestHandler {
private OAuthProvider oauthProvider;
private OAuthValidator oauthValidator;
public void setOauthProvider(OAuthProvider oauthProvider) {
this.oauthProvider = oauthProvider;
}
public void setOauthValidator(OAuthValidator oauthValidator) {
this.oauthValidator = oauthValidator;
}
public void handleRequest(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
try {
OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
OAuthAccessor accessor = oauthProvider.getAccessor(requestMessage);
oauthValidator.validateMessage(requestMessage,accessor);
User user = (User) accessor.getProperty("user");
response.setContentType("text/plain");
PrintWriter out = response.getWriter();
out.println(user.getUserName());
out.println(user.getUserPassword());
out.println(user.getEmailAddress());
out.close();
} catch (Exception e) {
e.printStackTrace();
}
}
}

references:


分享到:
评论

相关推荐

    Python库 | oauth2sample-0.1.tar.gz

    **Python库oauth2sample-0.1.tar.gz详解** 在Python开发中,库扮演着至关重要的角色,它们提供了丰富的功能,让开发者能够高效地构建应用程序。`oauth2sample`是这样一个库,它专注于OAuth 2.0协议的实现,这是一种...

    apache-oltu-oauth2-provider-demo, Apache Oltu提供程序服务器演示( Oauth 2.0 ).zip

    apache-oltu-oauth2-provider-demo, Apache Oltu提供程序服务器演示( Oauth 2.0 ) apache-oltu-oauth2-provider-demoApache Oltu提供程序服务器演示( Oauth 2.0 )对于基本OAuth2流程,请阅读以下内容: ...

    Python-djangooauth2provider为Django应用提供OAuth2接入

    **Python-django-oauth2-provider** 是一个用于 Django 框架的开源库,它使得开发者能够轻松地在自己的 Django 应用中实现 OAuth2 认证和授权机制。OAuth2 是一种广泛使用的开放标准,允许第三方应用在用户授权的...

    PyPI 官网下载 | django-oauth2-provider-ng-0.4.tar.gz

    **PyPI 官网下载 | django-oauth2-provider-ng-0.4.tar.gz 知识点详解** 在Python开发中,PyPI(Python Package Index)是官方的第三方Python软件包仓库,开发者可以发布和下载各种Python库。"django-oauth2-...

    OAuth Server和OAuth Client(JAVA实现,eclipse环境)

    资源为在eclipse开发环境中使用Java搭建OAuth Server和OAuth Client 参考代码为http://code.google.com/p/oauth/ OAuth Server为遵守OAuth 1.0协议的OAuth认证服务器 OAuth Client分为Desktop版本和Webapp版本

    PyPI 官网下载 | django-oauth2-provider-0.2.0.tar.gz

    **PyPI官网下载 | django-oauth2-provider-0.2.0.tar.gz** 在Python的世界里,PyPI(Python Package Index)是官方的第三方Python软件包仓库,它为开发者提供了发布和分享自己的Python模块的平台。`django-oauth2-...

    Oauth2实现java

    OAuth2在Java中的实现通常涉及到服务端和客户端两个部分,这两个部分在Java开发中都有相应的库支持。 Apache Oltu是Apache基金会提供的一个针对OAuth2协议的Java实现,它为开发者提供了全面的API来处理OAuth2的授权...

    akka-http-oauth2-provider:使用Akka HTTP中的scala-oauth2-provider启用此库

    libraryDependencies ++ = Seq ( " com.nulab-inc " %% " scala-oauth2-core " % " 1.5.0 " , " com.nulab-inc " %% " akka-http-oauth2-provider " % " 1.4.0 ") 图书馆版本Akka HTTP版本1.4.0 10.1.x 1.3.0 2.4.x

    OAuth WCF Service Sample

    OAuth WCF Service Sample是一个示例项目,展示了如何在Windows Communication Foundation (WCF)服务中实现OAuth,以便为RESTful API提供安全的数据访问控制。OAuth是一种授权框架,允许第三方应用在用户授权的情况...

    java实现oauth2.0服务端+客户端(含JWT)

    在这个Java实现中,我们利用了MAVEN作为项目管理工具和OLTU库来构建OAuth 2.0服务端和客户端。同时,数据加密采用了MD5算法,以增强安全性。 首先,OAuth 2.0的核心概念包括四个角色:资源所有者(Resource Owner)...

    node-oauth2-provider, 一个简单的可以定制 OAuth 2.0提供程序( 服务器) 用于 node.js.zip

    node-oauth2-provider, 一个简单的可以定制 OAuth 2.0提供程序( 服务器) 用于 node.js 用于连接 & Express的OAuth 2提供商这是用于实现支持服务器端( 代码) 和客户端( 令牌) OAuth流的OAuth2服务器( 提供者)的node....

    play2-oauth2-provider:使用Play Framework中的scala-oauth2-provider启用了该库

    play2-oauth2-provider 使用Play Framework中的启用了该库。 设置 将“ play2-oauth2-provider”添加到项目的库依赖项。 libraryDependencies ++ = Seq ( " ...

    Java的oauth2.0 服务端与客户端的实现 (完整源码、demo)

    Java的oauth2.0 服务端与客户端的实现.zip 封装了oauth2.0的基本架构和实现,对照我的博客http://blog.csdn.net/jing12062011/article/details/78147306使用该源码。 下载项目压缩包,解压,里面两个maven项目:...

    纯java实现的OAuth2流程

    在这个"纯Java实现的OAuth2流程"中,我们将深入探讨如何不依赖Spring Boot来独立构建OAuth2的客户端和服务端。 首先,我们要理解OAuth2的基本流程,它通常包括四个角色:资源所有者(Resource Owner)、资源服务器...

    java对微信的OAuth2.0网页授权进行访问授权

    本教程将深入讲解如何使用Java进行微信OAuth2.0网页授权,并涉及Accesstoken、Code的获取与使用,以及如何获取并处理返回的UserInfo数据。 1. **OAuth2.0授权流程概述** OAuth2.0是一种授权框架,允许第三方应用在...

    Java的oauth2.0 服务端与客户端的实现(源码)

    在Java中实现OAuth 2.0,我们可以利用Spring Security OAuth2库,它提供了服务端(Authorization Server)和客户端(Resource Server)的支持。在提供的压缩包中,包含两个Maven项目,一个是`oauthserver`,代表了...

    OAuth2Provider:ZF2 OAuth 2 ServerProvider模块

    用于Zend Framework 2的OAuth 2提供程序模块掌握: 开发: OAuth2Provider模块轻松地将Brent Shaffer的与Zend Framework 2集成在一起。安装最简单的方法是通过作曲家。 ...

    Oauth实例(使用Scribe-java)

    在这个实例中,我们将使用Scribe-java库来实现OAuth与新浪微博的集成。 Scribe-java是一个轻量级的Java库,专门用于处理OAuth 1.0a和OAuth 2.0的身份验证流程。这个库简化了与各种OAuth服务提供商的交互,包括获取...

    Oauth2 Java demo

    在这个"Oauth2 Java demo"中,我们将深入理解OAuth2的核心概念以及如何在Java中实现这些概念。 1. OAuth2核心概念: - 授权码(Authorization Code):用户同意访问其资源后,服务提供者返回给客户端的一个临时...

Global site tag (gtag.js) - Google Analytics