@Inject public OAuthStoreProvider( @Named(OAUTH_SIGNING_KEY_FILE) String signingKeyFile, @Named(OAUTH_SIGNING_KEY_NAME) String signingKeyName, @Named(OAUTH_CALLBACK_URL) String defaultCallbackUrl) { store = new BasicOAuthStore(); loadDefaultKey(signingKeyFile, signingKeyName); store.setDefaultCallbackUrl(defaultCallbackUrl); loadConsumers(); }
@Before public void setUp() throws Exception { store = new BasicOAuthStore(); store.initFromConfigString(SAMPLE_FILE); store.setDefaultCallbackUrl("default callback"); }
private void realStoreConsumerInfo(URI gadgetUri, String serviceName, JSONObject consumerInfo) throws JSONException { String callbackUrl = consumerInfo.optString(CALLBACK_URL, null); String consumerSecret = consumerInfo.getString(CONSUMER_SECRET_KEY); String consumerKey = consumerInfo.getString(CONSUMER_KEY_KEY); String keyTypeStr = consumerInfo.getString(KEY_TYPE_KEY); KeyType keyType = KeyType.HMAC_SYMMETRIC; if ("RSA_PRIVATE".equals(keyTypeStr)) { keyType = KeyType.RSA_PRIVATE; consumerSecret = convertFromOpenSsl(consumerSecret); } BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, keyType, null, callbackUrl); BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(gadgetUri.toASCIIString()); index.setServiceName(serviceName); setConsumerKeyAndSecret(index, kas); }
@Inject public OAuthStoreProvider( @Named(OAUTH_SIGNING_KEY_FILE) String signingKeyFile, @Named(OAUTH_SIGNING_KEY_NAME) String signingKeyName, @Named(OAUTH_CALLBACK_URL) String defaultCallbackUrl, Authority authority) { store = new BasicOAuthStore(); loadDefaultKey(signingKeyFile, signingKeyName); store.setDefaultCallbackUrl(defaultCallbackUrl); store.setAuthority(authority); loadConsumers(); }
@Before public void setUp() throws Exception { backingStore = new BasicOAuthStore(); backingStore.setDefaultKey(new BasicOAuthStoreConsumerKeyAndSecret("key", "secret", KeyType.RSA_PRIVATE, "keyname", null)); backingStore.setDefaultCallbackUrl(DEFAULT_CALLBACK); store = new GadgetOAuthTokenStore(backingStore, new FakeGadgetSpecFactory()); socialToken = new FakeGadgetToken(); socialToken.setOwnerId("owner"); socialToken.setViewerId("viewer"); socialToken.setAppUrl(GADGET_URL); privateToken = new FakeGadgetToken(); privateToken.setOwnerId("owner"); privateToken.setViewerId("owner"); privateToken.setAppUrl(GADGET_URL); stateCrypter = new BasicBlobCrypter("abcdefghijklmnop".getBytes()); clientState = new OAuthClientState(stateCrypter); responseParams = new OAuthResponseParams(socialToken, null, stateCrypter); fetcherConfig = new OAuthFetcherConfig(stateCrypter, store, new FakeTimeSource(), null, false); }
private static void addConsumer( BasicOAuthStore base, String gadgetUrl, String serviceName, String consumerKey, String consumerSecret) { BasicOAuthStoreConsumerIndex providerKey = new BasicOAuthStoreConsumerIndex(); providerKey.setGadgetUri(gadgetUrl); providerKey.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, KeyType.HMAC_SYMMETRIC, null, null); base.setConsumerKeyAndSecret(providerKey, kas); }
@Test public void testNullCallback() throws Exception { store = new BasicOAuthStore(); store.initFromConfigString(SAMPLE_FILE); FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); ConsumerInfo consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); OAuthConsumer consumer = consumerInfo.getConsumer(); assertEquals("gadgetConsumer", consumer.consumerKey); assertNull(consumerInfo.getKeyName()); assertNull(consumerInfo.getCallbackUrl()); } }
@Test public void testGetAndSetAndRemoveToken() { FakeGadgetToken t = new FakeGadgetToken(); ConsumerInfo consumer = new ConsumerInfo(null, null, null); t.setAppUrl("http://localhost:8080/samplecontainer/examples/oauth.xml"); t.setViewerId("viewer-one"); assertNull(store.getTokenInfo(t, consumer, "", "")); TokenInfo info = new TokenInfo("token", "secret", null, 0); store.setTokenInfo(t, consumer, "service", "token", info); info = store.getTokenInfo(t, consumer, "service", "token"); assertEquals("token", info.getAccessToken()); assertEquals("secret", info.getTokenSecret()); FakeGadgetToken t2 = new FakeGadgetToken(); t2.setAppUrl("http://localhost:8080/samplecontainer/examples/oauth.xml"); t2.setViewerId("viewer-two"); assertNull(store.getTokenInfo(t2, consumer, "service", "token")); store.removeToken(t, consumer, "service", "token"); assertNull(store.getTokenInfo(t, consumer, "service", "token")); }
private void loadDefaultKey(String signingKeyFile, String signingKeyName) { BasicOAuthStoreConsumerKeyAndSecret key = null; if (!StringUtils.isBlank(signingKeyFile)) { try { LOG.info("Loading OAuth signing key from " + signingKeyFile); String privateKey = IOUtils.toString(ResourceLoader.open(signingKeyFile), "UTF-8"); privateKey = BasicOAuthStore.convertFromOpenSsl(privateKey); key = new BasicOAuthStoreConsumerKeyAndSecret(null, privateKey, KeyType.RSA_PRIVATE, signingKeyName, null); } catch (Throwable t) { LOG.log(Level.WARNING, "Couldn't load key file " + signingKeyFile, t); } } if (key != null) { store.setDefaultKey(key); } else { LOG.log(Level.WARNING, "Couldn't load OAuth signing key. To create a key, run:\n" + " openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \\\n" + " -out testkey.pem -subj '/CN=mytestkey'\n" + " openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM\n" + '\n' + "Then edit shindig.properties and add these lines:\n" + OAUTH_SIGNING_KEY_FILE + "=<path-to-oauthkey.pem>\n" + OAUTH_SIGNING_KEY_NAME + "=mykey\n"); } }
@Test public void testDefaultKey() throws Exception { FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/not-in-store.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); try { store.getConsumerKeyAndSecret(t, "", provider); fail(); } catch (GadgetException e) { // good } BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret( "somekey", "default", KeyType.RSA_PRIVATE, "keyname", null); store.setDefaultKey(cks); ConsumerInfo consumer = store.getConsumerKeyAndSecret(t, "", provider); assertEquals("somekey", consumer.getConsumer().consumerKey); assertNull(consumer.getConsumer().consumerSecret); assertEquals("RSA-SHA1", consumer.getConsumer().getProperty("oauth_signature_method")); assertEquals("default", consumer.getConsumer().getProperty(RSA_SHA1.PRIVATE_KEY)); assertEquals(provider, consumer.getConsumer().serviceProvider); assertEquals("keyname", consumer.getKeyName()); assertEquals("default callback", consumer.getCallbackUrl()); cks = new BasicOAuthStoreConsumerKeyAndSecret( "somekey", "default", KeyType.RSA_PRIVATE, "keyname", "callback"); store.setDefaultKey(cks); consumer = store.getConsumerKeyAndSecret(t, "", provider); assertEquals("callback", consumer.getCallbackUrl()); }
BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); backingStore.setTokenInfo(privateToken, null, "testservice", "", new TokenInfo("token", "secret", null, 0));
private static void addDefaultKey(BasicOAuthStore base) { BasicOAuthStoreConsumerKeyAndSecret defaultKey = new BasicOAuthStoreConsumerKeyAndSecret( "signedfetch", FakeOAuthServiceProvider.PRIVATE_KEY_TEXT, KeyType.RSA_PRIVATE, "foo", null); base.setDefaultKey(defaultKey); }
private void loadConsumers() { try { String oauthConfigString = ResourceLoader.getContent(OAUTH_CONFIG); store.initFromConfigString(oauthConfigString); } catch (Throwable t) { if (LOG.isLoggable(Level.WARNING)) { LOG.logp(Level.WARNING, classname, "loadConsumers", MessageKeys.FAILED_TO_INIT, new Object[] {OAUTH_CONFIG}); LOG.log(Level.WARNING, "", t); } } }
public TokenInfo getTokenInfo(SecurityToken securityToken, ConsumerInfo consumerInfo, String serviceName, String tokenName) { ++accessTokenLookupCount; BasicOAuthStoreTokenIndex tokenKey = makeBasicOAuthStoreTokenIndex(securityToken, serviceName, tokenName); return tokens.get(tokenKey); }
@Test public void testSignedFetch_error401() throws Exception { assertEquals(0, base.getAccessTokenRemoveCount()); serviceProvider.setConsumerUnauthorized(true); serviceProvider.setVagueErrors(true); MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app"); HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL); assertNull(response.getMetadata().get("oauthError")); String errorText = response.getMetadata().get("oauthErrorText"); checkStringContains("Should return sent request", errorText, "GET /data"); checkStringContains("Should return response", errorText, "HTTP/1.1 401"); checkStringContains("Should return response", errorText, "some vague error"); assertEquals(0, base.getAccessTokenRemoveCount()); }
@Test public void testInit() throws Exception { FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); ConsumerInfo consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); OAuthConsumer consumer = consumerInfo.getConsumer(); assertEquals("gadgetConsumer", consumer.consumerKey); assertEquals("gadgetSecret", consumer.consumerSecret); assertEquals("HMAC-SHA1", consumer.getProperty("oauth_signature_method")); assertEquals(provider, consumer.serviceProvider); assertNull(consumerInfo.getKeyName()); assertEquals("default callback", consumerInfo.getCallbackUrl()); t.setAppUrl("http://rsagadget/test.xml"); consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); consumer = consumerInfo.getConsumer(); assertEquals("rsaconsumer", consumer.consumerKey); assertNull(consumer.consumerSecret); assertEquals("RSA-SHA1", consumer.getProperty("oauth_signature_method")); assertEquals(provider, consumer.serviceProvider); assertEquals("rsaprivate", consumer.getProperty(RSA_SHA1.PRIVATE_KEY)); assertNull(consumerInfo.getKeyName()); assertEquals("callback", consumerInfo.getCallbackUrl()); }
@Before public void setUp() throws Exception { backingStore = new BasicOAuthStore(); backingStore.setDefaultKey(new BasicOAuthStoreConsumerKeyAndSecret("key", "secret", KeyType.RSA_PRIVATE, "keyname", null)); backingStore.setDefaultCallbackUrl(DEFAULT_CALLBACK); store = new GadgetOAuthTokenStore(backingStore, new FakeGadgetSpecFactory()); socialToken = new FakeGadgetToken(); socialToken.setOwnerId("owner"); socialToken.setViewerId("viewer"); socialToken.setAppUrl(GADGET_URL); privateToken = new FakeGadgetToken(); privateToken.setOwnerId("owner"); privateToken.setViewerId("owner"); privateToken.setAppUrl(GADGET_URL); stateCrypter = new BasicBlobCrypter("abcdefghijklmnop".getBytes()); clientState = new OAuthClientState(stateCrypter); responseParams = new OAuthResponseParams(socialToken, null, stateCrypter); fetcherConfig = new OAuthFetcherConfig(stateCrypter, store, new FakeTimeSource(), null, false); }
private static void addConsumer( BasicOAuthStore base, String gadgetUrl, String serviceName, String consumerKey, String consumerSecret) { BasicOAuthStoreConsumerIndex providerKey = new BasicOAuthStoreConsumerIndex(); providerKey.setGadgetUri(gadgetUrl); providerKey.setServiceName(serviceName); BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( consumerKey, consumerSecret, KeyType.HMAC_SYMMETRIC, null, null); base.setConsumerKeyAndSecret(providerKey, kas); }
@Test public void testNullCallback() throws Exception { store = new BasicOAuthStore(); store.initFromConfigString(SAMPLE_FILE); FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); ConsumerInfo consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); OAuthConsumer consumer = consumerInfo.getConsumer(); assertEquals("gadgetConsumer", consumer.consumerKey); assertNull(consumerInfo.getKeyName()); assertNull(consumerInfo.getCallbackUrl()); } }
@Test public void testGetAndSetAndRemoveToken() { FakeGadgetToken t = new FakeGadgetToken(); ConsumerInfo consumer = new ConsumerInfo(null, null, null); t.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); t.setViewerId("viewer-one"); assertNull(store.getTokenInfo(t, consumer, "", "")); TokenInfo info = new TokenInfo("token", "secret", null, 0); store.setTokenInfo(t, consumer, "service", "token", info); info = store.getTokenInfo(t, consumer, "service", "token"); assertEquals("token", info.getAccessToken()); assertEquals("secret", info.getTokenSecret()); FakeGadgetToken t2 = new FakeGadgetToken(); t2.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); t2.setViewerId("viewer-two"); assertNull(store.getTokenInfo(t2, consumer, "service", "token")); store.removeToken(t, consumer, "service", "token"); assertNull(store.getTokenInfo(t, consumer, "service", "token")); }