if(!OAuthSignature.verify(request, params, secrets))
/** * Generates and returns an OAuth signature for the given request, * parameters and secrets. * * @param request the request to generate signature for. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @return the OAuth digital signature. * @throws OAuthSignatureException if an error occurred generating the signature. */ public static String generate(OAuthRequest request, OAuthParameters params, OAuthSecrets secrets) throws OAuthSignatureException { return getSignatureMethod(params).sign(elements(request, params), secrets); }
/** * Assembles request elements for which a digital signature is to be * generated/verified, per section 9.1.3 of the OAuth 1.0 specification. * * @param request the request from which to assemble elements. * @param params the OAuth authorization parameters from which to assemble elements. * @return the concetenated elements, ready to sign/verify */ private static String elements(OAuthRequest request, OAuthParameters params) throws OAuthSignatureException { StringBuffer buf = new StringBuffer(URLCodec.encode(request.getRequestMethod().toUpperCase())); buf.append('&').append(URLCodec.encode(constructRequestURL(request))); buf.append('&').append(URLCodec.encode(normalizeParameters(request, params))); return buf.toString(); }
/** * Generates an OAuth signature for the given request, parameters and * secrets, and stores it as a signature parameter, and writes the * OAuth parameters to the request as an Authorization header. * * @param request the request to generate signature for and write header to. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @throws OAuthSignatureException if an error occurred generating the signature. */ public static void sign(OAuthRequest request, OAuthParameters params, OAuthSecrets secrets) throws OAuthSignatureException { params = (OAuthParameters)params.clone(); // don't modify caller's parameters params.setSignature(generate(request, params, secrets)); params.writeRequest(request); }
OAuthSignature.sign(new RequestWrapper(request, providers), p, secrets);
/** * Generates and returns an OAuth signature for the given request, * parameters and secrets. * * @param request the request to generate signature for. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @return the OAuth digital signature. * @throws SignatureException if an error occurred generating the signature. */ public static String generate(OAuthRequest request, OAuthParameters params, OAuthSecrets secrets) throws OAuthSignatureException { return getSignatureMethod(params).sign(elements(request, params), secrets); }
/** * Assembles request elements for which a digital signature is to be * generated/verified, per section 9.1.3 of the OAuth 1.0 specification. * * @param request the request from which to assemble elements. * @param params the OAuth authorization parameters from which to assemble elements. * @return the concatenated elements, ready to sign/verify */ private static String elements(OAuthRequest request, OAuthParameters params) throws OAuthSignatureException { // HTTP request method StringBuilder buf = new StringBuilder(request.getRequestMethod().toUpperCase()); // request URL, see section 3.4.1.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.2 buf.append('&').append(UriComponent.encode(constructRequestURL(request).toASCIIString(), UriComponent.Type.UNRESERVED)); // normalized request parameters, see section 3.4.1.3.2 http://tools.ietf.org/html/draft-hammer-oauth-10#section-3.4.1.3.2 buf.append('&').append(UriComponent.encode(normalizeParameters(request, params), UriComponent.Type.UNRESERVED)); return buf.toString(); }
/** * Generates an OAuth signature for the given request, parameters and * secrets, and stores it as a signature parameter, and writes the * OAuth parameters to the request as an Authorization header. * * @param request the request to generate signature for and write header to. * @param params the OAuth authorization parameters. * @param secrets the secrets used to generate the OAuth signature. * @throws OAuthSignatureException if an error occurred generating the signature. */ public static void sign(OAuthRequest request, OAuthParameters params, OAuthSecrets secrets) throws OAuthSignatureException { params = (OAuthParameters)params.clone(); // don't modify caller's parameters params.setSignature(generate(request, params, secrets)); params.writeRequest(request); }
/** * Verifies the OAuth signature for a given request, parameters and * secrets. * * @param request the request to verify the signature from. * @param params the OAuth authorization parameters * @param secrets the secrets used to verify the OAuth signature. * @return true if the signature is verified. * @throws OAuthSignatureException if an error occurred generating the signature. */ public static boolean verify(OAuthRequest request, OAuthParameters params, OAuthSecrets secrets) throws OAuthSignatureException { return getSignatureMethod(params).verify(elements(request, params), secrets, params.getSignature()); }
/** * Verifies the OAuth signature for a given request, parameters and * secrets. * * @param request the request to verify the signature from. * @param params the OAuth authorization parameters * @param secrets the secrets used to verify the OAuth signature. * @return true if the signature is verified. * @throws OAuthSignatureException if an error occurred generating the signature. */ public static boolean verify(OAuthRequest request, OAuthParameters params, OAuthSecrets secrets) throws OAuthSignatureException { return getSignatureMethod(params).verify(elements(request, params), secrets, params.getSignature()); }