Class DefaultOAuth1Provider

  • All Implemented Interfaces:
    OAuth1Provider

    @Provider
    public class DefaultOAuth1Provider
    extends java.lang.Object
    implements OAuth1Provider
    Default in-memory implementation of OAuth1Provider. Stores consumers and tokens in static hash maps. Provides some additional helper methods for consumer and token management (registering new consumers, retrieving a list of all registered consumers per owner, listing the authorized tokens per principal, revoking tokens, etc.)
    • Field Detail

      • consumerByConsumerKey

        private static final java.util.concurrent.ConcurrentHashMap<java.lang.String,​DefaultOAuth1Provider.Consumer> consumerByConsumerKey
      • accessTokenByTokenString

        private static final java.util.concurrent.ConcurrentHashMap<java.lang.String,​DefaultOAuth1Provider.Token> accessTokenByTokenString
      • requestTokenByTokenString

        private static final java.util.concurrent.ConcurrentHashMap<java.lang.String,​DefaultOAuth1Provider.Token> requestTokenByTokenString
      • verifierByTokenString

        private static final java.util.concurrent.ConcurrentHashMap<java.lang.String,​java.lang.String> verifierByTokenString
    • Constructor Detail

      • DefaultOAuth1Provider

        public DefaultOAuth1Provider()
    • Method Detail

      • getConsumer

        public DefaultOAuth1Provider.Consumer getConsumer​(java.lang.String consumerKey)
        Description copied from interface: OAuth1Provider
        Gets consumer corresponding to a given consumer key.
        Specified by:
        getConsumer in interface OAuth1Provider
        Parameters:
        consumerKey - consumer key
        Returns:
        corresponding consumer secret or null if no consumer with the given key is known
      • registerConsumer

        public DefaultOAuth1Provider.Consumer registerConsumer​(java.lang.String owner,
                                                               javax.ws.rs.core.MultivaluedMap<java.lang.String,​java.lang.String> attributes)
        Register a new consumer.
        Parameters:
        owner - Identifier of the owner that registers the consumer (user ID or similar).
        attributes - Additional attributes (name-values pairs - to store additional information about the consumer, such as name, URI, description, etc.)
        Returns:
        DefaultOAuth1Provider.Consumer object for the newly registered consumer.
      • registerConsumer

        public DefaultOAuth1Provider.Consumer registerConsumer​(java.lang.String owner,
                                                               java.lang.String key,
                                                               java.lang.String secret,
                                                               javax.ws.rs.core.MultivaluedMap<java.lang.String,​java.lang.String> attributes)
        Register a new consumer configured with Consumer Key.
        Parameters:
        owner - Identifier of the owner that registers the consumer (user ID or similar).
        key - Consumer key.
        secret - Consumer key secret.
        attributes - Additional attributes (name-values pairs - to store additional information about the consumer, such as name, URI, description, etc.)
        Returns:
        DefaultOAuth1Provider.Consumer object for the newly registered consumer.
      • getConsumers

        public java.util.Set<DefaultOAuth1Provider.Consumer> getConsumers​(java.lang.String owner)
        Returns a set of consumers registered by a given owner.
        Parameters:
        owner - Identifier of the owner that registered the consumers to be retrieved.
        Returns:
        consumers registered by the owner.
      • getAccessTokens

        public java.util.Set<DefaultOAuth1Provider.Token> getAccessTokens​(java.lang.String principalName)
        Returns a list of access tokens authorized with the supplied principal name.
        Parameters:
        principalName - Principal name for which to retrieve the authorized tokens.
        Returns:
        authorized access tokens.
      • authorizeToken

        public java.lang.String authorizeToken​(DefaultOAuth1Provider.Token token,
                                               java.security.Principal userPrincipal,
                                               java.util.Set<java.lang.String> roles)
        Authorizes a request token for given principal and roles and returns verifier.
        Parameters:
        token - Request token to authorize.
        userPrincipal - User principal to authorize the token for.
        roles - Set of roles to authorize the token for.
        Returns:
        OAuth verifier value for exchanging this token for an access token.
      • revokeAccessToken

        public void revokeAccessToken​(java.lang.String token,
                                      java.lang.String principalName)
        Checks if the supplied token is authorized for a given principal name and if so, revokes the authorization.
        Parameters:
        token - Access token to revoke the authorization for.
        principalName - Principal name the token is currently authorized for.
      • newUUIDString

        protected java.lang.String newUUIDString()
        Generates a new non-guessable random string (used for token/customer strings, secrets and verifier.
        Returns:
        Random UUID string.
      • getRequestToken

        public DefaultOAuth1Provider.Token getRequestToken​(java.lang.String token)
        Description copied from interface: OAuth1Provider
        Returns the request token by the consumer key and token value.
        Specified by:
        getRequestToken in interface OAuth1Provider
        Parameters:
        token - request token value
        Returns:
        request token or null if no such token corresponding to a given consumer key is found
      • newRequestToken

        public OAuth1Token newRequestToken​(java.lang.String consumerKey,
                                           java.lang.String callbackUrl,
                                           java.util.Map<java.lang.String,​java.util.List<java.lang.String>> attributes)
        Description copied from interface: OAuth1Provider
        Creates a new request token for a given consumerKey.
        Specified by:
        newRequestToken in interface OAuth1Provider
        Parameters:
        consumerKey - consumer key to create a request token for
        callbackUrl - callback url for this request token request
        attributes - additional service provider-specific parameters (this can be used to indicate what level of access is requested - i.e. readonly, or r/w, etc.)
        Returns:
        new request token
      • newAccessToken

        public OAuth1Token newAccessToken​(OAuth1Token requestToken,
                                          java.lang.String verifier)
        Description copied from interface: OAuth1Provider
        Creates a new access token. This method must validate the passed arguments and return null if any of them is invalid.
        Specified by:
        newAccessToken in interface OAuth1Provider
        Parameters:
        requestToken - authorized request token
        verifier - verifier passed to the callback after authorization
        Returns:
        new access token or null if the arguments are invalid (e.g. there is no such request token as in the argument, or the verifier does not match)
      • addAccessToken

        public void addAccessToken​(java.lang.String token,
                                   java.lang.String secret,
                                   java.lang.String consumerKey,
                                   java.lang.String callbackUrl,
                                   java.security.Principal principal,
                                   java.util.Set<java.lang.String> roles,
                                   javax.ws.rs.core.MultivaluedMap<java.lang.String,​java.lang.String> attributes)
      • getAccessToken

        public OAuth1Token getAccessToken​(java.lang.String token)
        Description copied from interface: OAuth1Provider
        Returns the access token by the consumer key and token value.
        Specified by:
        getAccessToken in interface OAuth1Provider
        Parameters:
        token - access token value
        Returns:
        access token or null if no such found
      • getImmutableMap

        private static javax.ws.rs.core.MultivaluedMap<java.lang.String,​java.lang.String> getImmutableMap​(java.util.Map<java.lang.String,​java.util.List<java.lang.String>> map)