/** * Add signature type to the message. */ private void addSignatureParams(List<Parameter> params) { if (accessorInfo.getConsumer().getConsumer().consumerKey == null) { params.add( new Parameter(OAuth.OAUTH_CONSUMER_KEY, realRequest.getSecurityToken().getDomain())); } if (accessorInfo.getConsumer().getKeyName() != null) { params.add(new Parameter(XOAUTH_PUBLIC_KEY_OLD, accessorInfo.getConsumer().getKeyName())); params.add(new Parameter(XOAUTH_PUBLIC_KEY_NEW, accessorInfo.getConsumer().getKeyName())); } params.add(new Parameter(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0)); params.add(new Parameter(OAuth.OAUTH_TIMESTAMP, Long.toString(fetcherConfig.getClock().currentTimeMillis() / 1000L))); // the oauth.net java code uses a clock to generate nonces, which causes nonce collisions // under heavy load. A random nonce is more reliable. params.add(new Parameter(OAuth.OAUTH_NONCE, String.valueOf(Math.abs(Crypto.RAND.nextLong())))); }
/** * Add signature type to the message. */ private void addSignatureParams(List<Parameter> params) { if (accessorInfo.getConsumer().getConsumer().consumerKey == null) { params.add( new Parameter(OAuth.OAUTH_CONSUMER_KEY, realRequest.getSecurityToken().getDomain())); } if (accessorInfo.getConsumer().getKeyName() != null) { params.add(new Parameter(XOAUTH_PUBLIC_KEY_OLD, accessorInfo.getConsumer().getKeyName())); params.add(new Parameter(XOAUTH_PUBLIC_KEY_NEW, accessorInfo.getConsumer().getKeyName())); } params.add(new Parameter(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0)); params.add(new Parameter(OAuth.OAUTH_TIMESTAMP, Long.toString(fetcherConfig.getClock().currentTimeMillis() / 1000))); // the oauth.net java code uses a clock to generate nonces, which causes nonce collisions // under heavy load. A random nonce is more reliable. params.add(new Parameter(OAuth.OAUTH_NONCE, String.valueOf(Math.abs(Crypto.RAND.nextLong())))); }
/** * Add signature type to the message. */ private void addSignatureParams(List<Parameter> params) { if (accessorInfo.getConsumer().getConsumer().consumerKey == null) { params.add( new Parameter(OAuth.OAUTH_CONSUMER_KEY, realRequest.getSecurityToken().getDomain())); } if (accessorInfo.getConsumer().getKeyName() != null) { params.add(new Parameter(XOAUTH_PUBLIC_KEY_OLD, accessorInfo.getConsumer().getKeyName())); params.add(new Parameter(XOAUTH_PUBLIC_KEY_NEW, accessorInfo.getConsumer().getKeyName())); } params.add(new Parameter(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0)); params.add(new Parameter(OAuth.OAUTH_TIMESTAMP, Long.toString(fetcherConfig.getClock().currentTimeMillis() / 1000L))); // the oauth.net java code uses a clock to generate nonces, which causes nonce collisions // under heavy load. A random nonce is more reliable. params.add(new Parameter(OAuth.OAUTH_NONCE, String.valueOf(Math.abs(Crypto.RAND.nextLong())))); }
@Test public void testGetOAuthAccessor_socialOAuth_socialPage() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("testservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.IF_AVAILABLE); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch_defaultHmac() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName(""); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_fullOAuth_socialPage() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("testservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.ALWAYS); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch_hmacKey() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("hmac"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_socialOAuth_socialPage() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("testservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setServiceName("testservice"); arguments.setUseToken(UseToken.IF_AVAILABLE); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch_hmacKey() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("hmac"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch_defaultHmac() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName(""); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch_defaultHmac() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName(""); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); Assert.assertNull(info.getConsumer().getKeyName()); assertEquals("hmac", info.getConsumer().getConsumer().consumerKey); assertEquals("hmacsecret", info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch_badServiceName() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("otherservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); }
@Test public void testGetOAuthAccessor_signedFetch_badServiceName() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("otherservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); }
@Test public void testGetOAuthAccessor_signedFetch_badServiceName() throws Exception { BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); index.setGadgetUri(GADGET_URL); index.setServiceName("otherservice"); BasicOAuthStoreConsumerKeyAndSecret cks = new BasicOAuthStoreConsumerKeyAndSecret("hmac", "hmacsecret", KeyType.HMAC_SYMMETRIC, null, null); backingStore.setConsumerKeyAndSecret(index, cks); OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); arguments.setServiceName("hmac"); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); }
@Test public void testNullCallback() throws Exception { store = new BasicOAuthStore(); store.initFromConfigString(SAMPLE_FILE); FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/samplecontainer/examples/oauth.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); ConsumerInfo consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); OAuthConsumer consumer = consumerInfo.getConsumer(); assertEquals("gadgetConsumer", consumer.consumerKey); assertNull(consumerInfo.getKeyName()); assertNull(consumerInfo.getCallbackUrl()); } }
@Test public void testNullCallback() throws Exception { store = new BasicOAuthStore(); store.initFromConfigString(SAMPLE_FILE); FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); ConsumerInfo consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); OAuthConsumer consumer = consumerInfo.getConsumer(); assertEquals("gadgetConsumer", consumer.consumerKey); assertNull(consumerInfo.getKeyName()); assertNull(consumerInfo.getCallbackUrl()); } }
@Test public void testGetOAuthAccessor_signedFetch() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); assertNull(info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); assertNull(info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testGetOAuthAccessor_signedFetch() throws Exception { OAuthArguments arguments = new OAuthArguments(); arguments.setUseToken(UseToken.NEVER); AccessorInfo info = store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig); assertEquals(OAuthParamLocation.URI_QUERY, info.getParamLocation()); assertEquals("keyname", info.getConsumer().getKeyName()); assertEquals("key", info.getConsumer().getConsumer().consumerKey); assertNull(info.getConsumer().getConsumer().consumerSecret); assertNull(info.getAccessor().requestToken); assertNull(info.getAccessor().accessToken); assertNull(info.getAccessor().tokenSecret); }
@Test public void testNullCallback() throws Exception { store = new BasicOAuthStore(); store.initFromConfigString(SAMPLE_FILE); FakeGadgetToken t = new FakeGadgetToken(); t.setAppUrl("http://localhost:8080/gadgets/oauth.xml"); OAuthServiceProvider provider = new OAuthServiceProvider("req", "authorize", "access"); ConsumerInfo consumerInfo = store.getConsumerKeyAndSecret(t, "", provider); OAuthConsumer consumer = consumerInfo.getConsumer(); assertEquals("gadgetConsumer", consumer.consumerKey); assertNull(consumerInfo.getKeyName()); assertNull(consumerInfo.getCallbackUrl()); } }