Class OAuth1Signature
- java.lang.Object
-
- org.glassfish.jersey.oauth1.signature.OAuth1Signature
-
public class OAuth1Signature extends java.lang.Object
Injectable class used for processing an OAuth signature (signing or verifying).Example of usage:
// inject the OAuth1Signature @Inject OAuth1Signature oAuthSignature; ... // wrap an existing request with some concrete implementation OAuth1Request request = new ConcreteOAuthRequestImplementation(); // establish the parameters that will be used to sign the request OAuth1Parameters params = new OAuth1Parameters().consumerKey("dpf43f3p2l4k3l03"). token("nnch734d00sl2jdk").signatureMethod(HmaSha1Method.NAME). timestamp().nonce().version(); // establish the secrets that will be used to sign the request OAuth1Secrets secrets = new OAuth1Secrets().consumerSecret("kd94hf93k423kf44"). tokenSecret("pfkkdhi9sl3r4s00"); // generate the digital signature and set in the request oAuthSignature.sign(request, params, secrets);
-
-
Field Summary
Fields Modifier and Type Field Description private java.util.HashMap<java.lang.String,OAuth1SignatureMethod>
methods
-
Constructor Summary
Constructors Constructor Description OAuth1Signature(InjectionManager injectionManager)
Create a new instance of the OAuth signature configured with injectedServiceLocator
.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Modifier and Type Method Description private static void
addParam(java.lang.String key, java.lang.String value, java.util.List<java.lang.String[]> list)
private java.lang.String
baseString(OAuth1Request request, OAuth1Parameters params)
Assembles request base string for which a digital signature is to be generated/verified, per section 9.1.3 of the OAuth 1.0 specification.private java.net.URI
constructRequestURL(OAuth1Request request)
Constructs the request URI, per section 9.1.2 of the OAuth 1.0 specification.java.lang.String
generate(OAuth1Request request, OAuth1Parameters params, OAuth1Secrets secrets)
Generates and returns an OAuth signature for the given request, parameters and secrets.private OAuth1SignatureMethod
getSignatureMethod(OAuth1Parameters params)
Retrieves an instance of a signature method that can be used to generate or verify signatures for data.(package private) static java.lang.String
normalizeParameters(OAuth1Request request, OAuth1Parameters params)
Collects, sorts and concetenates the request parameters into a normalized string, per section 9.1.1.void
sign(OAuth1Request request, OAuth1Parameters params, OAuth1Secrets secrets)
Generates an OAuth signature for the given request, parameters and secrets, and stores it as a signature parameter, and writes the OAuth parameters to the request as an Authorization header.boolean
verify(OAuth1Request request, OAuth1Parameters params, OAuth1Secrets secrets)
Verifies the OAuth signature for a given request, parameters and secrets.
-
-
-
Field Detail
-
methods
private final java.util.HashMap<java.lang.String,OAuth1SignatureMethod> methods
-
-
Constructor Detail
-
OAuth1Signature
@Inject public OAuth1Signature(InjectionManager injectionManager)
Create a new instance of the OAuth signature configured with injectedServiceLocator
.- Parameters:
injectionManager
- injection manager
-
-
Method Detail
-
generate
public java.lang.String generate(OAuth1Request request, OAuth1Parameters params, OAuth1Secrets secrets) throws OAuth1SignatureException
Generates and returns an OAuth signature for the given request, parameters and secrets.- Parameters:
request
- the request to generate signature for.params
- the OAuth authorization parameters.secrets
- the secrets used to generate the OAuth signature.- Returns:
- the OAuth digital signature.
- Throws:
OAuth1SignatureException
- if an error occurred generating the signature.
-
sign
public void sign(OAuth1Request request, OAuth1Parameters params, OAuth1Secrets secrets) throws OAuth1SignatureException
Generates an OAuth signature for the given request, parameters and secrets, and stores it as a signature parameter, and writes the OAuth parameters to the request as an Authorization header.- Parameters:
request
- the request to generate signature for and write header to.params
- the OAuth authorization parameters.secrets
- the secrets used to generate the OAuth signature.- Throws:
OAuth1SignatureException
- if an error occurred generating the signature.
-
verify
public boolean verify(OAuth1Request request, OAuth1Parameters params, OAuth1Secrets secrets) throws OAuth1SignatureException
Verifies the OAuth signature for a given request, parameters and secrets.- Parameters:
request
- the request to verify the signature from.params
- the OAuth authorization parameterssecrets
- the secrets used to verify the OAuth signature.- Returns:
- true if the signature is verified.
- Throws:
OAuth1SignatureException
- if an error occurred generating the signature.
-
normalizeParameters
static java.lang.String normalizeParameters(OAuth1Request request, OAuth1Parameters params)
Collects, sorts and concetenates the request parameters into a normalized string, per section 9.1.1. of the OAuth 1.0 specification.- Parameters:
request
- the request to retreive parameters from.params
- the OAuth authorization parameters to retrieve parameters from.- Returns:
- the normalized parameters string.
-
constructRequestURL
private java.net.URI constructRequestURL(OAuth1Request request) throws OAuth1SignatureException
Constructs the request URI, per section 9.1.2 of the OAuth 1.0 specification.- Parameters:
request
- the incoming request to construct the URI from.- Returns:
- the constructed URI.
- Throws:
OAuth1SignatureException
-
baseString
private java.lang.String baseString(OAuth1Request request, OAuth1Parameters params) throws OAuth1SignatureException
Assembles request base string for which a digital signature is to be generated/verified, per section 9.1.3 of the OAuth 1.0 specification.- Parameters:
request
- the request from which to assemble baseString.params
- the OAuth authorization parameters from which to assemble baseString.- Returns:
- the concatenated baseString, ready to sign/verify
- Throws:
OAuth1SignatureException
-
getSignatureMethod
private OAuth1SignatureMethod getSignatureMethod(OAuth1Parameters params) throws UnsupportedSignatureMethodException
Retrieves an instance of a signature method that can be used to generate or verify signatures for data.- Returns:
- the retrieved signature method.
- Throws:
UnsupportedSignatureMethodException
- if signature method not supported.
-
addParam
private static void addParam(java.lang.String key, java.lang.String value, java.util.List<java.lang.String[]> list)
-
-