private String generateCallbackForProvider( OAuthResponseParams responseParams, String callbackForProvider, String gadgetDomainCallback) throws OAuthRequestException { OAuthCallbackState state = new OAuthCallbackState(stateCrypter); state.setRealCallbackUrl(gadgetDomainCallback); UriBuilder callback = UriBuilder.parse(callbackForProvider); try { callback.addQueryParameter(OAuthCallbackServlet.CALLBACK_STATE_PARAM, state.getEncryptedState()); } catch (BlobCrypterException e) { throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM, "Failure generating callback URL", e); } return callback.toString(); } }
@Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { OAuthCallbackState callbackState = new OAuthCallbackState(stateCrypter, req.getParameter(CALLBACK_STATE_PARAM)); if (callbackState.getRealCallbackUrl() != null) { // Copy the query parameters from this URL over to the real URL. UriBuilder realUri = UriBuilder.parse(callbackState.getRealCallbackUrl()); Map<String, List<String>> params = UriBuilder.splitParameters(req.getQueryString()); for (Map.Entry<String, List<String>> entry : params.entrySet()) { realUri.putQueryParameter(entry.getKey(), entry.getValue()); } realUri.removeQueryParameter(CALLBACK_STATE_PARAM); HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS, true); resp.sendRedirect(realUri.toString()); return; } HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS, true); resp.setContentType("text/html; charset=UTF-8"); resp.getWriter().write(RESP_BODY); } }
private String generateCallbackForProvider( OAuthResponseParams responseParams, String callbackForProvider, String gadgetDomainCallback) throws OAuthRequestException { OAuthCallbackState state = new OAuthCallbackState(stateCrypter); state.setRealCallbackUrl(gadgetDomainCallback); UriBuilder callback = UriBuilder.parse(callbackForProvider); try { callback.addQueryParameter(OAuthCallbackServlet.CALLBACK_STATE_PARAM, state.getEncryptedState()); } catch (BlobCrypterException e) { throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM, "Failure generating callback URL", e); } return callback.toString(); } }
@Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { OAuthCallbackState callbackState = new OAuthCallbackState(stateCrypter, req.getParameter(CALLBACK_STATE_PARAM)); if (callbackState.getRealCallbackUrl() != null) { // Copy the query parameters from this URL over to the real URL. UriBuilder realUri = UriBuilder.parse(callbackState.getRealCallbackUrl()); Map<String, List<String>> params = UriBuilder.splitParameters(req.getQueryString()); for (Map.Entry<String, List<String>> entry : params.entrySet()) { realUri.putQueryParameter(entry.getKey(), entry.getValue()); } realUri.removeQueryParameter(CALLBACK_STATE_PARAM); HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS, true); resp.sendRedirect(realUri.toString()); return; } HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS, true); resp.setContentType("text/html; charset=UTF-8"); resp.getWriter().write(RESP_BODY); } }
private String generateCallbackForProvider( OAuthResponseParams responseParams, String callbackForProvider, String gadgetDomainCallback) throws OAuthRequestException { OAuthCallbackState state = new OAuthCallbackState(stateCrypter); state.setRealCallbackUrl(gadgetDomainCallback); UriBuilder callback = UriBuilder.parse(callbackForProvider); try { callback.addQueryParameter(OAuthCallbackServlet.CALLBACK_STATE_PARAM, state.getEncryptedState()); } catch (BlobCrypterException e) { throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM, "Failure generating callback URL", e); } return callback.toString(); } }
@Override protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { OAuthCallbackState callbackState = new OAuthCallbackState(stateCrypter, req.getParameter(CALLBACK_STATE_PARAM)); if (callbackState.getRealCallbackUrl() != null) { // Copy the query parameters from this URL over to the real URL. UriBuilder realUri = UriBuilder.parse(callbackState.getRealCallbackUrl()); Map<String, List<String>> params = UriBuilder.splitParameters(req.getQueryString()); for (Map.Entry<String, List<String>> entry : params.entrySet()) { realUri.putQueryParameter(entry.getKey(), entry.getValue()); } realUri.removeQueryParameter(CALLBACK_STATE_PARAM); HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS, true); resp.sendRedirect(realUri.toString()); return; } HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS, true); resp.setContentType("text/html; charset=UTF-8"); resp.getWriter().write(RESP_BODY); } }
@Test public void testServletWithCallback() throws Exception { BlobCrypter crypter = new BasicBlobCrypter("00000000000000000000".getBytes()); OAuthCallbackState state = new OAuthCallbackState(crypter); OAuthCallbackServlet servlet = new OAuthCallbackServlet(); servlet.setStateCrypter(crypter); state.setRealCallbackUrl("http://www.example.com/callback"); expect(request.getParameter("cs")).andReturn(state.getEncryptedState()); expect(request.getQueryString()).andReturn("cs=foo&bar=baz"); replay(); servlet.doGet(this.request, this.recorder); verify(); assertEquals(302, this.recorder.getHttpStatusCode()); assertEquals("http://www.example.com/callback?bar=baz", this.recorder.getHeader("Location")); String cacheControl = this.recorder.getHeader("Cache-Control"); assertEquals("private,max-age=3600", cacheControl); }
@Test public void testGenerateUrl_schemeRelative() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.isGadgetValidForHost("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("//renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("http://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testServletWithCallback_noQueryParams() throws Exception { BlobCrypter crypter = new BasicBlobCrypter("00000000000000000000".getBytes()); OAuthCallbackState state = new OAuthCallbackState(crypter); OAuthCallbackServlet servlet = new OAuthCallbackServlet(); servlet.setStateCrypter(crypter); state.setRealCallbackUrl("http://www.example.com/callback"); expect(request.getParameter("cs")).andReturn(state.getEncryptedState()); expect(request.getQueryString()).andReturn("cs=foo"); replay(); servlet.doGet(this.request, this.recorder); verify(); assertEquals(302, this.recorder.getHttpStatusCode()); assertEquals("http://www.example.com/callback", this.recorder.getHeader("Location")); String cacheControl = this.recorder.getHeader("Cache-Control"); assertEquals("private,max-age=3600", cacheControl); } }
@Test public void testGenerateUrl_absolute() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.isGadgetValidForHost("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("https://renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("https://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testServletWithCallback_noQueryParams() throws Exception { BlobCrypter crypter = new BasicBlobCrypter("00000000000000000000".getBytes()); OAuthCallbackState state = new OAuthCallbackState(crypter); OAuthCallbackServlet servlet = new OAuthCallbackServlet(); servlet.setStateCrypter(crypter); state.setRealCallbackUrl("http://www.example.com/callback"); expect(request.getParameter("cs")).andReturn(state.getEncryptedState()); expect(request.getQueryString()).andReturn("cs=foo"); replay(); servlet.doGet(this.request, this.recorder); verify(); assertEquals(302, this.recorder.getHttpStatusCode()); assertEquals("http://www.example.com/callback", this.recorder.getHeader("Location")); String cacheControl = this.recorder.getHeader("Cache-Control"); assertEquals("private,max-age=3600", cacheControl); } }
@Test public void testGenerateUrl_schemeRelative() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.gadgetCanRender("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("//renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("http://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testServletWithCallback() throws Exception { BlobCrypter crypter = new BasicBlobCrypter("00000000000000000000".getBytes()); OAuthCallbackState state = new OAuthCallbackState(crypter); OAuthCallbackServlet servlet = new OAuthCallbackServlet(); servlet.setStateCrypter(crypter); state.setRealCallbackUrl("http://www.example.com/callback"); expect(request.getParameter("cs")).andReturn(state.getEncryptedState()); expect(request.getQueryString()).andReturn("cs=foo&bar=baz"); replay(); servlet.doGet(this.request, this.recorder); verify(); assertEquals(302, this.recorder.getHttpStatusCode()); assertEquals("http://www.example.com/callback?bar=baz", this.recorder.getHeader("Location")); String cacheControl = this.recorder.getHeader("Cache-Control"); assertEquals("private,max-age=3600", cacheControl); }
@Test public void testGenerateUrl_schemeRelative() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.isGadgetValidForHost("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("//renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("http://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testServletWithCallback() throws Exception { BlobCrypter crypter = new BasicBlobCrypter("00000000000000000000".getBytes()); OAuthCallbackState state = new OAuthCallbackState(crypter); OAuthCallbackServlet servlet = new OAuthCallbackServlet(); servlet.setStateCrypter(crypter); state.setRealCallbackUrl("http://www.example.com/callback"); expect(request.getParameter("cs")).andReturn(state.getEncryptedState()); expect(request.getQueryString()).andReturn("cs=foo&bar=baz"); replay(); servlet.doGet(this.request, this.recorder); verify(); assertEquals(302, this.recorder.getHttpStatusCode()); assertEquals("http://www.example.com/callback?bar=baz", this.recorder.getHeader("Location")); String cacheControl = this.recorder.getHeader("Cache-Control"); assertEquals("private,max-age=3600", cacheControl); }
@Test public void testGenerateUrl_absolute() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.isGadgetValidForHost("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("https://renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("https://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testServletWithCallback_noQueryParams() throws Exception { BlobCrypter crypter = new BasicBlobCrypter("00000000000000000000".getBytes()); OAuthCallbackState state = new OAuthCallbackState(crypter); OAuthCallbackServlet servlet = new OAuthCallbackServlet(); servlet.setStateCrypter(crypter); state.setRealCallbackUrl("http://www.example.com/callback"); expect(request.getParameter("cs")).andReturn(state.getEncryptedState()); expect(request.getQueryString()).andReturn("cs=foo"); replay(); servlet.doGet(this.request, this.recorder); verify(); assertEquals(302, this.recorder.getHttpStatusCode()); assertEquals("http://www.example.com/callback", this.recorder.getHeader("Location")); String cacheControl = this.recorder.getHeader("Cache-Control"); assertEquals("private,max-age=3600", cacheControl); } }
@Test public void testGenerateUrl_absolute() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.gadgetCanRender("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("https://renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("https://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testGenerateUrl_otherQueryParams() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.isGadgetValidForHost("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("https://renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback?foo=bar%20baz", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); assertEquals("bar baz", callbackUri.getQueryParameter("foo")); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("https://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }
@Test public void testGenerateUrl_otherQueryParams() throws Exception { HttpRequest request = new HttpRequest(DEST_URL); request.setSecurityToken(securityToken); request.setOAuthArguments(new OAuthArguments()); expect(processor.process(eqContext(securityToken, request.getOAuthArguments()))) .andReturn(gadget); expect(lockedDomainService.gadgetCanRender("renderinghost", gadget, "default")) .andReturn(true); expect(oauthUriManager.makeOAuthCallbackUri("default", "renderinghost")) .andReturn(Uri.parse("https://renderinghost/final/callback")); control.replay(); String callback = getGenerator().generateCallback(fetcherConfig, "http://base/basecallback?foo=bar%20baz", request, responseParams); Uri callbackUri = Uri.parse(callback); assertEquals("http", callbackUri.getScheme()); assertEquals("base", callbackUri.getAuthority()); assertEquals("/basecallback", callbackUri.getPath()); assertEquals("bar baz", callbackUri.getQueryParameter("foo")); OAuthCallbackState state = new OAuthCallbackState(stateCrypter, callbackUri.getQueryParameter("cs")); assertEquals("https://renderinghost/final/callback", state.getRealCallbackUrl()); control.verify(); }