public Parameters getRequestToken(String oauthToken) throws IdentityException { Parameters params = new Parameters(); Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; ResultSet resultSet = null; try { prepStmt = connection.prepareStatement(SQLQueries.OAuthConsumerDAOSQLQueries.GET_REQ_TOKEN); prepStmt.setString(1, oauthToken); resultSet = prepStmt.executeQuery(); if (resultSet.next()) { params.setOauthToken(resultSet.getString(1)); params.setOauthTokenSecret(resultSet.getString(2)); params.setOauthConsumerKey(resultSet.getString(3)); params.setOauthCallback(resultSet.getString(4)); params.setScope(resultSet.getString(5)); params.setOauthTokenVerifier(resultSet.getString(7)); params.setAuthorizedbyUserName(resultSet.getString(8)); } else { throw IdentityException.error("Invalid request token : " + oauthToken); } connection.commit(); } catch (SQLException e) { throw IdentityException.error("Error when retrieving request token from the persistence store : " + oauthToken); } finally { IdentityDatabaseUtil.closeAllConnections(connection, resultSet, prepStmt); } return params; }
/** * @param oauthParams * @return * @throws RegistryException * @throws IdentityException */ private Parameters generateOauthToken(Parameters oauthParams) throws IdentityOAuthAdminException { OAuthConsumerDAO dao = new OAuthConsumerDAO(); String oauthToken = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); dao.createOAuthRequestToken(oauthParams.getOauthConsumerKey(), oauthToken, oauthSecret, oauthParams.getOauthCallback(), oauthParams.getScope()); Parameters params = new Parameters(); params.setOauthConsumerKey(oauthParams.getOauthConsumerKey()); params.setOauthToken(oauthToken); params.setOauthTokenSecret(oauthSecret); return params; }
String secretKey = null; validateTimestampAndNonce(params.getOauthTimeStamp(), params.getOauthNonce()); secretKey = dao.getOAuthConsumerSecret(params.getOauthConsumerKey()); if (secretKey == null) { log.debug("Invalid Credentials."); String tokenSecret = dao.getOAuthTokenSecret(params.getOauthToken(), true); String subject = dao.validateAccessToken(params.getOauthConsumerKey(), params.getOauthToken(), params.getScope()); Parameters returnParams = new Parameters(); returnParams.setAuthorizedbyUserName(subject); returnParams.setScope(params.getScope()); return returnParams; } else {
/** * Returns the scope and the web application this particular token been issued to. * * @param oauthToken OAuth request token. * @return * @throws Exception */ public Parameters getScopeAndAppName(String oauthToken) throws Exception { OAuthConsumerDAO consumerDAO = new OAuthConsumerDAO(); Parameters params = consumerDAO.getRequestToken(oauthToken); OAuthAppDAO appDAO = new OAuthAppDAO(); OAuthAppDO oauthAppDO = appDAO.getAppInformation(params.getOauthConsumerKey()); Parameters resp = new Parameters(); resp.setScope(params.getScope()); resp.setAppName(oauthAppDO.getApplicationName()); return resp; }
oauthParameters.setOAuthConsumerKey(oauthParams.getOauthConsumerKey()); oauthParameters.setOAuthConsumerSecret(secretKey); oauthParameters.setOAuthNonce(oauthParams.getOauthNonce()); oauthParameters.setOAuthTimestamp(oauthParams.getOauthTimeStamp()); oauthParameters.setOAuthSignatureMethod(oauthParams.getOauthSignatureMethod()); if (oauthParams.getOauthToken() != null) { oauthParameters.setOAuthToken(oauthParams.getOauthToken()); if (oauthParams.getOauthTokenVerifier() != null) { oauthParameters.setOAuthVerifier((oauthParams.getOauthTokenVerifier())); String signature; try { String baseString = OAuthUtil.getSignatureBaseString(oauthParams.getBaseString(), oauthParams.getHttpMethod(), oauthParameters.getBaseParameters()); signature = signer.getSignature(baseString, oauthParameters); } catch (OAuthException e) { && URLEncoder.encode(signature).equals(oauthParams.getOauthSignature())) { return true; } else if (signature != null && signature.equals(oauthParams.getOauthSignature())) { return true;
secretKey = dao.getOAuthConsumerSecret(params.getOauthConsumerKey()); String tokenSecret = dao.getOAuthTokenSecret(params.getOauthToken(), false); Parameters resp = dao.getRequestToken(params.getOauthToken()); if (resp.getOauthTokenVerifier() == null || !resp.getOauthTokenVerifier().equals(params.getOauthTokenVerifier()) || resp.getAuthorizedbyUserName() == null) { throw new AuthenticationException("Invalid request for OAuth access token"); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); dao.issueAccessToken(params.getOauthConsumerKey(), oauthToken, oauthSecret, params.getOauthToken(), resp.getAuthorizedbyUserName(), resp.getScope()); resp.setOauthToken(oauthToken); resp.setOauthTokenSecret(oauthSecret); return resp;
String tenantUser = MultitenantUtils.getTenantAwareUsername(params.getAuthorizedbyUserName()); String domainName = MultitenantUtils.getTenantDomain(params.getAuthorizedbyUserName()); boolean isAuthenticated = false; try { isAuthenticated = IdentityTenantUtil .getRealm(domainName, params.getAuthorizedbyUserName()).getUserStoreManager() .authenticate(tenantUser, params.getAuthorizedbyUserPassword()); } catch (UserStoreException e) { log.error("Error while authenticating the user", e); OAuthConsumerDAO dao = new OAuthConsumerDAO(); String oauthVerifier = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); Parameters token = dao.authorizeOAuthToken(params.getOauthToken(), tenantUser, oauthVerifier); token.setOauthToken(params.getOauthToken()); token.setOauthTokenVerifier(oauthVerifier); return token; } else {
String secretkey = null; validateTimestampAndNonce(params.getOauthTimeStamp(), params.getOauthNonce()); secretkey = dao.getOAuthConsumerSecret(params.getOauthConsumerKey());
/** * Authorizes the OAuth request token. * * @param oauthToken Authorized OAuth token * @param userName The name of the user who authorized the token. * @param oauthVerifier oauth_verifier - an unique identifier * @throws IdentityException */ public Parameters authorizeOAuthToken(String oauthToken, String userName, String oauthVerifier) throws IdentityException { Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; try { prepStmt = connection.prepareStatement(SQLQueries.OAuthConsumerDAOSQLQueries.AUTHORIZE_REQ_TOKEN); prepStmt.setString(1, Boolean.toString(true)); prepStmt.setString(2, oauthVerifier); prepStmt.setString(3, userName); prepStmt.setString(4, oauthToken); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw new IdentityOAuthAdminException("Error when authorizing the request token : " + oauthToken); } finally { IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt); } Parameters params = new Parameters(); params.setOauthCallback(getCallbackURLOfReqToken(oauthToken)); return params; }
oauthParameters.setOAuthConsumerKey(oauthParams.getOauthConsumerKey()); oauthParameters.setOAuthConsumerSecret(secretKey); oauthParameters.setOAuthNonce(oauthParams.getOauthNonce()); oauthParameters.setOAuthTimestamp(oauthParams.getOauthTimeStamp()); oauthParameters.setOAuthSignatureMethod(oauthParams.getOauthSignatureMethod()); if (oauthParams.getOauthToken() != null) { oauthParameters.setOAuthToken(oauthParams.getOauthToken()); if (oauthParams.getOauthTokenVerifier() != null) { oauthParameters.setOAuthVerifier((oauthParams.getOauthTokenVerifier())); String signature; try { String baseString = OAuthUtil.getSignatureBaseString(oauthParams.getBaseString(), oauthParams.getHttpMethod(), oauthParameters.getBaseParameters()); signature = signer.getSignature(baseString, oauthParameters); } catch (OAuthException e) { && URLEncoder.encode(signature).equals(oauthParams.getOauthSignature())) { return true; } else if (signature != null && signature.equals(oauthParams.getOauthSignature())) { return true;
secretKey = dao.getOAuthConsumerSecret(params.getOauthConsumerKey()); String tokenSecret = dao.getOAuthTokenSecret(params.getOauthToken(), false); Parameters resp = dao.getRequestToken(params.getOauthToken()); if (resp.getOauthTokenVerifier() == null || !resp.getOauthTokenVerifier().equals(params.getOauthTokenVerifier()) || resp.getAuthorizedbyUserName() == null) { throw new AuthenticationException("Invalid request for OAuth access token"); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); dao.issueAccessToken(params.getOauthConsumerKey(), oauthToken, oauthSecret, params.getOauthToken(), resp.getAuthorizedbyUserName(), resp.getScope()); resp.setOauthToken(oauthToken); resp.setOauthTokenSecret(oauthSecret); return resp;
/** * Returns the scope and the web application this particular token been issued to. * * @param oauthToken OAuth request token. * @return * @throws Exception */ public Parameters getScopeAndAppName(String oauthToken) throws Exception { OAuthConsumerDAO consumerDAO = new OAuthConsumerDAO(); Parameters params = consumerDAO.getRequestToken(oauthToken); OAuthAppDAO appDAO = new OAuthAppDAO(); OAuthAppDO oauthAppDO = appDAO.getAppInformation(params.getOauthConsumerKey()); Parameters resp = new Parameters(); resp.setScope(params.getScope()); resp.setAppName(oauthAppDO.getApplicationName()); return resp; }
String tenantUser = MultitenantUtils.getTenantAwareUsername(params.getAuthorizedbyUserName()); String domainName = MultitenantUtils.getTenantDomain(params.getAuthorizedbyUserName()); boolean isAuthenticated = false; try { isAuthenticated = IdentityTenantUtil .getRealm(domainName, params.getAuthorizedbyUserName()).getUserStoreManager() .authenticate(tenantUser, params.getAuthorizedbyUserPassword()); } catch (UserStoreException e) { log.error("Error while authenticating the user", e); OAuthConsumerDAO dao = new OAuthConsumerDAO(); String oauthVerifier = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); Parameters token = dao.authorizeOAuthToken(params.getOauthToken(), tenantUser, oauthVerifier); token.setOauthToken(params.getOauthToken()); token.setOauthTokenVerifier(oauthVerifier); return token; } else {
String secretkey = null; validateTimestampAndNonce(params.getOauthTimeStamp(), params.getOauthNonce()); secretkey = dao.getOAuthConsumerSecret(params.getOauthConsumerKey());
/** * Authorizes the OAuth request token. * * @param oauthToken Authorized OAuth token * @param userName The name of the user who authorized the token. * @param oauthVerifier oauth_verifier - an unique identifier * @throws IdentityException */ public Parameters authorizeOAuthToken(String oauthToken, String userName, String oauthVerifier) throws IdentityException { Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; try { prepStmt = connection.prepareStatement(SQLQueries.OAuthConsumerDAOSQLQueries.AUTHORIZE_REQ_TOKEN); prepStmt.setString(1, Boolean.toString(true)); prepStmt.setString(2, oauthVerifier); prepStmt.setString(3, userName); prepStmt.setString(4, oauthToken); prepStmt.execute(); connection.commit(); } catch (SQLException e) { throw new IdentityOAuthAdminException("Error when authorizing the request token : " + oauthToken); } finally { IdentityDatabaseUtil.closeAllConnections(connection, null, prepStmt); } Parameters params = new Parameters(); params.setOauthCallback(getCallbackURLOfReqToken(oauthToken)); return params; }
public Parameters getRequestToken(String oauthToken) throws IdentityException { Parameters params = new Parameters(); Connection connection = IdentityDatabaseUtil.getDBConnection(); PreparedStatement prepStmt = null; ResultSet resultSet = null; try { prepStmt = connection.prepareStatement(SQLQueries.OAuthConsumerDAOSQLQueries.GET_REQ_TOKEN); prepStmt.setString(1, oauthToken); resultSet = prepStmt.executeQuery(); if (resultSet.next()) { params.setOauthToken(resultSet.getString(1)); params.setOauthTokenSecret(resultSet.getString(2)); params.setOauthConsumerKey(resultSet.getString(3)); params.setOauthCallback(resultSet.getString(4)); params.setScope(resultSet.getString(5)); params.setOauthTokenVerifier(resultSet.getString(7)); params.setAuthorizedbyUserName(resultSet.getString(8)); } else { throw IdentityException.error("Invalid request token : " + oauthToken); } connection.commit(); } catch (SQLException e) { throw IdentityException.error("Error when retrieving request token from the persistence store : " + oauthToken); } finally { IdentityDatabaseUtil.closeAllConnections(connection, resultSet, prepStmt); } return params; }
String secretKey = null; validateTimestampAndNonce(params.getOauthTimeStamp(), params.getOauthNonce()); secretKey = dao.getOAuthConsumerSecret(params.getOauthConsumerKey()); if (secretKey == null) { log.debug("Invalid Credentials."); String tokenSecret = dao.getOAuthTokenSecret(params.getOauthToken(), true); String subject = dao.validateAccessToken(params.getOauthConsumerKey(), params.getOauthToken(), params.getScope()); Parameters returnParams = new Parameters(); returnParams.setAuthorizedbyUserName(subject); returnParams.setScope(params.getScope()); return returnParams; } else {
/** * @param oauthParams * @return * @throws RegistryException * @throws IdentityException */ private Parameters generateOauthToken(Parameters oauthParams) throws IdentityOAuthAdminException { OAuthConsumerDAO dao = new OAuthConsumerDAO(); String oauthToken = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); String oauthSecret = org.wso2.carbon.identity.oauth.OAuthUtil.getRandomNumber(); dao.createOAuthRequestToken(oauthParams.getOauthConsumerKey(), oauthToken, oauthSecret, oauthParams.getOauthCallback(), oauthParams.getScope()); Parameters params = new Parameters(); params.setOauthConsumerKey(oauthParams.getOauthConsumerKey()); params.setOauthToken(oauthToken); params.setOauthTokenSecret(oauthSecret); return params; }