@Override public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException { response.setContentType("application/xml;charset=UTF-8"); Consumer consumer = store.getConsumer(); Map<String, Object> context = ImmutableMap.of( "consumer", consumer, "encodedPublicKey", RSAKeys.toPemEncoding(consumer.getPublicKey()) ); try { renderer.render("view.xml.vm", context, response.getWriter()); } catch (RenderingException e) { throw new ServletException(e); } catch (ConsumerCreationException e) { throw new ServletException(e); } } }
void validate2LOMessage(OAuthMessage message, Consumer consumer) throws OAuthException, IOException, URISyntaxException { final OAuthConsumer oauthConsumer = converter.toOAuthConsumer(consumer); oauthConsumer.setProperty(RSA_SHA1.PUBLIC_KEY, consumer.getPublicKey().getEncoded()); final OAuthAccessor oauthAccessor = new OAuthAccessor(oauthConsumer); printMessageToDebug(message); validator.validateMessage(message, oauthAccessor); }
@Nonnull public ConsumerEntity build() { String publicKey; if (consumer.getPublicKey() != null) { publicKey = RSAKeys.toPemEncoding(consumer.getPublicKey()); } else { publicKey = null; } return new ConsumerEntity(self, consumer.getKey(), consumer.getName(), consumer.getDescription(), consumer.getSignatureMethod().name(), publicKey, consumer.getCallback(), consumer.getTwoLOAllowed(), consumer.getExecutingTwoLOUser(), consumer.getTwoLOImpersonationAllowed() ); } }
private String createEventDataInternal(String pluginKey, String eventType, Optional<OAuthClient> oauthClient) { final Consumer consumer = checkNotNull(consumerService.getConsumer()); // checkNotNull() otherwise we NPE below ConnectAddonEventDataBuilder dataBuilder = newConnectAddonEventData(); String baseUrl = applicationProperties.getBaseUrl(UrlMode.CANONICAL); dataBuilder.withBaseUrl(nullToEmpty(baseUrl)) .withPluginKey(pluginKey) .withClientKey(nullToEmpty(consumer.getKey())) .withPublicKey(nullToEmpty(RSAKeys.toPemEncoding(consumer.getPublicKey()))) .withPluginsVersion(nullToEmpty(getConnectPluginVersion())) .withServerVersion(nullToEmpty(applicationProperties.getBuildNumber())) .withServiceEntitlementNumber(nullToEmpty(licenseRetriever.getServiceEntitlementNumber(pluginKey))) .withProductType(nullToEmpty(productAccessor.getKey())) .withDescription(nullToEmpty(consumer.getDescription())) .withEventType(eventType); if (impersonationIsEnabled()) { dataBuilder.withOauthClient(oauthClient.map(c -> new OAuthClientBean(c.getClientId(), c.getSharedSecret()))); } else { dataBuilder.withSharedSecret(oauthClient.map(OAuthClient::getSharedSecret).orElse(null)); } ConnectAddonEventData data = dataBuilder.build(); return ConnectModulesGsonFactory.toJson(data); }
private String createEventDataInternal(String pluginKey, String eventType, Optional<OAuthClient> oauthClient) { final Consumer consumer = checkNotNull(consumerService.getConsumer()); // checkNotNull() otherwise we NPE below ConnectAddonEventDataBuilder dataBuilder = newConnectAddonEventData(); String baseUrl = applicationProperties.getBaseUrl(UrlMode.CANONICAL); dataBuilder.withBaseUrl(nullToEmpty(baseUrl)) .withPluginKey(pluginKey) .withClientKey(nullToEmpty(consumer.getKey())) .withPublicKey(nullToEmpty(RSAKeys.toPemEncoding(consumer.getPublicKey()))) .withPluginsVersion(nullToEmpty(getConnectPluginVersion())) .withServerVersion(nullToEmpty(applicationProperties.getBuildNumber())) .withServiceEntitlementNumber(nullToEmpty(licenseRetriever.getServiceEntitlementNumber(pluginKey))) .withProductType(nullToEmpty(productAccessor.getKey())) .withDescription(nullToEmpty(consumer.getDescription())) .withEventType(eventType); if (darkFeatureManager.isFeatureEnabledForCurrentUser(DARK_FEATURE_OAUTH2_IMPERSONATION)) { dataBuilder.withOauthClient(oauthClient); } else { dataBuilder.withSharedSecret(oauthClient.map(OAuthClient::getSharedSecret).orElse(null)); } ConnectAddonEventData data = dataBuilder.build(); return ConnectModulesGsonFactory.toJson(data); }
public static Consumer.InstanceBuilder consumerBuilder(@Nonnull Consumer consumer) { checkNotNull(consumer, "consumer"); Consumer.InstanceBuilder builder = new Consumer.InstanceBuilder(consumer.getKey()) .name(consumer.getName()) .description(consumer.getDescription()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback()) .twoLOAllowed(consumer.getTwoLOAllowed()) .executingTwoLOUser(consumer.getExecutingTwoLOUser()) .twoLOImpersonationAllowed(consumer.getTwoLOImpersonationAllowed()); if (consumer.getPublicKey() != null) { builder.publicKey(consumer.getPublicKey()); } return builder; } }
public RestConsumer(@Nonnull Consumer consumer) { checkNotNull(consumer, "consumer"); put(KEY, consumer.getKey()); put(NAME, consumer.getName()); putIfNotNull(DESCRIPTION, consumer.getDescription()); put(SIGNATURE_METHOD, consumer.getSignatureMethod().name()); if (consumer.getPublicKey() != null) { put(PUBLIC_KEY, RSAKeys.toPemEncoding(consumer.getPublicKey())); } putAsString(CALLBACK, consumer.getCallback()); put(TWO_LO_ALLOWED, consumer.getTwoLOAllowed()); putIfNotNull(EXECUTING_TWO_LO_USER, consumer.getExecutingTwoLOUser()); put(TWO_LO_IMPERSONATION_ALLOWED, consumer.getTwoLOImpersonationAllowed()); }
.name(consumer.getName()) .description(consumer.getDescription()) .publicKey(consumer.getPublicKey()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback())
/** * Converts a {@code Consumer} to an {@code OAuthConsumer}, uses the {@code sharedSecret} in the * {@code OAuthConsumer}s constructor so that it is suitable for signing. * * @param consumer {@code Consumer} to be converted to an {@code OAuthConsumer} * @param sharedSecret shared secret to use to sign requests * @param oauthServiceProvider {@code OAuthServiceProvider} to set as the {@link OAuthConsumer#serviceProvider} attribute * @return {@code OAuthConsumer} converted from the {@code Consumer} */ public static OAuthConsumer asOAuthConsumer(Consumer consumer, String sharedSecret, OAuthServiceProvider oauthServiceProvider) { checkNotNull(consumer, "consumer"); checkNotNull(oauthServiceProvider, "oauthServiceProvider"); String callback = consumer.getCallback() != null ? consumer.getCallback().toString() : null; OAuthConsumer oauthConsumer = new OAuthConsumer(callback, consumer.getKey(), sharedSecret, oauthServiceProvider); oauthConsumer.setProperty(ConsumerProperty.NAME, consumer.getName()); oauthConsumer.setProperty(ConsumerProperty.DESCRIPTION, consumer.getDescription()); if (consumer.getSignatureMethod() == SignatureMethod.RSA_SHA1) { oauthConsumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1); oauthConsumer.setProperty(RSA_SHA1.PUBLIC_KEY, consumer.getPublicKey()); } else { oauthConsumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1); } return oauthConsumer; }
/** * Convert a given {@code token} to an {@link net.oauth.OAuthConsumer} * * @param token the {@link com.atlassian.oauth.serviceprovider.ServiceProviderToken} to convert * @return the {@link net.oauth.OAuthConsumer} */ public static OAuthConsumer toOAuthConsumer(ServiceProviderToken token) { String callback = token.getCallback() != null ? token.getCallback().toString() : null; final OAuthConsumer consumer = new OAuthConsumer(callback, token.getConsumer().getKey(), null, null); consumer.setProperty(NAME, token.getConsumer().getName()); consumer.setProperty(DESCRIPTION, token.getConsumer().getDescription()); consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1); consumer.setProperty(RSA_SHA1.PUBLIC_KEY, token.getConsumer().getPublicKey()); return consumer; }
@Test public void testServiceProviderConsumerStoreCanStoreConfiguration() throws Exception { PublicKey publicKey = RSAKeys.fromPemEncodingToPublicKey(CONSUMER_PUBLIC_KEY); final Consumer consumer = Consumer.key(CONSUMER_KEY) .name("Test Consumer Name") .publicKey(publicKey) .description("Consumer Description") .callback(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1")) .build(); consumerStore.put(consumer); final Consumer savedConsumer = consumerStore.get(CONSUMER_KEY); assertEquals(CONSUMER_KEY, savedConsumer.getKey()); assertEquals("Test Consumer Name", savedConsumer.getName()); assertEquals(publicKey, savedConsumer.getPublicKey()); assertEquals("Consumer Description", savedConsumer.getDescription()); assertEquals(URI.create(appProp.getBaseUrl() + "/consumer/oauthcallback1"), savedConsumer.getCallback()); }
@Override protected void doGet(final HttpServletRequest request, final HttpServletResponse response) throws IOException { try { // Enable web sudo protection if needed and if the app we are running in supports it webSudoManager.willExecuteWebSudoRequest(request); final ApplicationLink applicationLink = getRequiredApplicationLink(request); final Consumer consumer = providerStoreService.getConsumer(applicationLink); final RendererContextBuilder builder = createContextBuilder(applicationLink); builder.put("contextPath", request.getContextPath()); builder.put("message", getMessage(request)); if (consumer != null) { builder.put(CONSUMER, consumer); final String publicKey = RSAKeys.toPemEncoding(consumer.getPublicKey()); builder.put(PUBLIC_KEY, publicKey); } builder.put(IS_SYSADMIN, isSysadmin()); render(INCOMING_NON_APPLINKS_TEMPLATE, builder.build(), request, response, applicationLink); } catch (WebSudoSessionException wse) { webSudoManager.enforceWebSudoProtection(request, response); } }
.name(consumer.getName()) .description(consumer.getDescription()) .publicKey(consumer.getPublicKey()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback()) .name(consumer.getName()) .description(consumer.getDescription()) .publicKey(consumer.getPublicKey()) .signatureMethod(consumer.getSignatureMethod()) .callback(consumer.getCallback())
public Consumer updateHostConsumerInformation(String name, String description, URI callback) { ConsumerAndSecret cas = hostCasProvider.get(); Consumer oldConsumer = cas.getConsumer(); Consumer newConsumer = Consumer.key(oldConsumer.getKey()) .signatureMethod(oldConsumer.getSignatureMethod()) .publicKey(oldConsumer.getPublicKey()) .name(name) .description(description) .callback(callback) .build(); if (newConsumer.getSignatureMethod() == SignatureMethod.HMAC_SHA1) { cas = new ConsumerAndSecret(cas.getServiceName(), newConsumer, cas.getSharedSecret()); } else { cas = new ConsumerAndSecret(cas.getServiceName(), newConsumer, cas.getPrivateKey()); } return hostCasProvider.put(cas).getConsumer(); }