/** * Do we need to get the user's approval to access the data? */ private boolean needApproval() { return (realRequest.getOAuthArguments().mustUseToken() && accessorInfo.getAccessor().requestToken == null && accessorInfo.getAccessor().accessToken == null); }
/** * Do we need to get the user's approval to access the data? */ private boolean needApproval() { return (realRequest.getOAuthArguments().mustUseToken() && accessorInfo.getAccessor().requestToken == null && accessorInfo.getAccessor().accessToken == null); }
/** * Do we need to get the user's approval to access the data? */ private boolean needApproval() { return (realRequest.getOAuthArguments().mustUseToken() && accessorInfo.getAccessor().requestToken == null && accessorInfo.getAccessor().accessToken == null); }
/** * Do we need to exchange a request token for an access token? */ private boolean needAccessToken() { if (realRequest.getOAuthArguments().mustUseToken() && accessorInfo.getAccessor().requestToken != null && accessorInfo.getAccessor().accessToken == null) { return true; } return realRequest.getOAuthArguments().mayUseToken() && accessTokenExpired(); }
/** * Do we need to exchange a request token for an access token? */ private boolean needAccessToken() { if (realRequest.getOAuthArguments().mustUseToken() && accessorInfo.getAccessor().requestToken != null && accessorInfo.getAccessor().accessToken == null) { return true; } return realRequest.getOAuthArguments().mayUseToken() && accessTokenExpired(); }
/** * Do we need to exchange a request token for an access token? */ private boolean needAccessToken() { if (realRequest.getOAuthArguments().mustUseToken() && accessorInfo.getAccessor().requestToken != null && accessorInfo.getAccessor().accessToken == null) { return true; } return realRequest.getOAuthArguments().mayUseToken() && accessTokenExpired(); }
/** * Check if a response might be due to an OAuth protocol error. We don't want to intercept * errors for signed fetch, we only care about places where we are dealing with OAuth request * and/or access tokens. */ private boolean couldBeFullOAuthError(HttpResponse response) { // 400, 401 and 403 are likely to be authentication errors. Unfortunately there is // significant overlap with other types of server errors as well, so we can't just assume // that the root cause of these errors is a bad token or a bad consumer key. if (response.getHttpStatusCode() != HttpResponse.SC_BAD_REQUEST && response.getHttpStatusCode() != HttpResponse.SC_UNAUTHORIZED && response.getHttpStatusCode() != HttpResponse.SC_FORBIDDEN) { return false; } // If the client forced us to use full OAuth, this might be OAuth related. if (realRequest.getOAuthArguments().mustUseToken()) { return true; } // If we're using an access token, this might be OAuth related. if (accessorInfo.getAccessor().accessToken != null) { return true; } // Not OAuth related. return false; }
/** * Check if a response might be due to an OAuth protocol error. We don't want to intercept * errors for signed fetch, we only care about places where we are dealing with OAuth request * and/or access tokens. */ private boolean couldBeFullOAuthError(HttpResponse response) { // 400, 401 and 403 are likely to be authentication errors. Unfortunately there is // significant overlap with other types of server errors as well, so we can't just assume // that the root cause of these errors is a bad token or a bad consumer key. if (response.getHttpStatusCode() != HttpResponse.SC_BAD_REQUEST && response.getHttpStatusCode() != HttpResponse.SC_UNAUTHORIZED && response.getHttpStatusCode() != HttpResponse.SC_FORBIDDEN) { return false; } // If the client forced us to use full OAuth, this might be OAuth related. if (realRequest.getOAuthArguments().mustUseToken()) { return true; } // If we're using an access token, this might be OAuth related. if (accessorInfo.getAccessor().accessToken != null) { return true; } // Not OAuth related. return false; }
/** * Check if a response might be due to an OAuth protocol error. We don't want to intercept * errors for signed fetch, we only care about places where we are dealing with OAuth request * and/or access tokens. */ private boolean couldBeFullOAuthError(HttpResponse response) { // 400, 401 and 403 are likely to be authentication errors. Unfortunately there is // significant overlap with other types of server errors as well, so we can't just assume // that the root cause of these errors is a bad token or a bad consumer key. if (response.getHttpStatusCode() != HttpResponse.SC_BAD_REQUEST && response.getHttpStatusCode() != HttpResponse.SC_UNAUTHORIZED && response.getHttpStatusCode() != HttpResponse.SC_FORBIDDEN) { return false; } // If the client forced us to use full OAuth, this might be OAuth related. if (realRequest.getOAuthArguments().mustUseToken()) { return true; } // If we're using an access token, this might be OAuth related. if (accessorInfo.getAccessor().accessToken != null) { return true; } // Not OAuth related. return false; }