org.jboss.resteasy.auth.oauth
Interface OAuthProvider

All Known Implementing Classes:
MyProvider, OAuthDBProvider, OAuthMemoryProvider, OAuthProviderChecker

public interface OAuthProvider

Implement this interface to provide the RESTEasy servlets and filters with the knowledge to load and store OAuth Consumer, Request and Access Tokens.

Author:
Stéphane Épardaud

Method Summary
 java.lang.String authoriseRequestToken(java.lang.String consumerKey, java.lang.String requestToken)
          Authorises the given Request Token for the given Consumer and return a new Verifier to be returned to the Client.
 void checkTimestamp(OAuthToken token, long timestamp)
          Checks that the given timestamp is valid for the given OAuth Token.
 OAuthToken getAccessToken(java.lang.String consumerKey, java.lang.String accessToken)
          Returns the OAuth Access Token for the given Consumer key and Access Token.
 OAuthConsumer getConsumer(java.lang.String consumerKey)
          Returns the OAuth Consumer for the given Consumer key.
 java.lang.String getRealm()
          Returns the Realm of this provider
 OAuthToken getRequestToken(java.lang.String consumerKey, java.lang.String requestToken)
          Returns the OAuth Request Token for the given Consumer key and Request Token.
 OAuthToken makeAccessToken(java.lang.String consumerKey, java.lang.String requestToken, java.lang.String verifier)
          Make a new OAuth Access Token for the given Consumer, using the given Request Token and Verifier.
 OAuthToken makeRequestToken(java.lang.String consumerKey, java.lang.String callback)
          Make a new OAuth Request Token for the given Consumer, using the given callback.
 

Method Detail

getRealm

java.lang.String getRealm()
Returns the Realm of this provider


getConsumer

OAuthConsumer getConsumer(java.lang.String consumerKey)
                          throws OAuthException
Returns the OAuth Consumer for the given Consumer key. If no such Consumer exists, throw an OAuthException.

Parameters:
consumerKey - the Consumer key to load.
Returns:
the OAuth Consumer for the given Consumer key.
Throws:
OAuthException - thrown if the given Consumer does not exist.

getRequestToken

OAuthToken getRequestToken(java.lang.String consumerKey,
                           java.lang.String requestToken)
                           throws OAuthException
Returns the OAuth Request Token for the given Consumer key and Request Token. If no such Consumer or Request Token exist, throw an OAuthException.

Parameters:
consumerKey - the Consumer key whose Request Token we want to load
requestToken - the Request Token to load
Returns:
the OAuth Request Token for the given Consumer key and Request Token
Throws:
OAuthException - thrown if the given Consumer or Request Token do not exist.

getAccessToken

OAuthToken getAccessToken(java.lang.String consumerKey,
                          java.lang.String accessToken)
                          throws OAuthException
Returns the OAuth Access Token for the given Consumer key and Access Token. If no such Consumer or Access Token exist, throw an OAuthException.

Parameters:
consumerKey - the Consumer key whose Access Token we want to load
accesToken - the Access Token to load
Returns:
the OAuth Access Token for the given Consumer key and Access Token
Throws:
OAuthException - thrown if the given Consumer or Access Token do not exist.

makeRequestToken

OAuthToken makeRequestToken(java.lang.String consumerKey,
                            java.lang.String callback)
                            throws OAuthException
Make a new OAuth Request Token for the given Consumer, using the given callback.

Parameters:
consumerKey - the Consumer key for whom to create a new Request Token
callback - the Client-specified callback for this Request Token
Returns:
a new OAuth Request Token for the given Consumer
Throws:
OAuthException - thrown if the given Consumer does not exist

makeAccessToken

OAuthToken makeAccessToken(java.lang.String consumerKey,
                           java.lang.String requestToken,
                           java.lang.String verifier)
                           throws OAuthException
Make a new OAuth Access Token for the given Consumer, using the given Request Token and Verifier. If the Request Token has not yet been authorised and/or does not match the given Specifier, throw an OAuthException.

Parameters:
consumerKey - the Consumer key for whom to create a new Access Token
requestToken - the Request Token to exchange for a new Access Token
verifier - the Client-specified Verifier that must match the Verifier that was given to the Client when the given Request Token was authorised.
Returns:
a new OAuth Access Token for the given Consumer
Throws:
OAuthException - thrown if the given Consumer or Request Token does not exist, if the Request Token is not authorised or if the Verifier is invalid.

authoriseRequestToken

java.lang.String authoriseRequestToken(java.lang.String consumerKey,
                                       java.lang.String requestToken)
                                       throws OAuthException
Authorises the given Request Token for the given Consumer and return a new Verifier to be returned to the Client. If the given Consumer or Request Token do not exist, or if the Request Token has already been authorised, throw an OAuthException.

Parameters:
consumerKey - the Consumer Key whose Request Token we want to authorise
requestToken - the Request Token to authorise
Returns:
a Verifier associated with the newly-authorised Request Token.
Throws:
OAuthException - thrown if the given Consumer or Request Token do not exist, or if the Request Token has already been authorised.

checkTimestamp

void checkTimestamp(OAuthToken token,
                    long timestamp)
                    throws OAuthException
Checks that the given timestamp is valid for the given OAuth Token. The timestamp should always be greater or equal to the last timestamp used for the given OAuth Token. The responsability to know whether the given OAuth Token is a Request or Access Token is left to the implementer. This method should associate and remember the given timestamp for the given Token if it is valid, since the message integrity has already been verified and we are guaranteed that the given timestamp comes from a message signed from the appropriate Consumer.

Parameters:
token - the OAuth Token whose timestamp to check and save if valid
timestamp - the timestamp to check and save if valid
Throws:
OAuthException - thrown if the given timestamp is not greater or equal to the last timestamp associated with the given OAuth Token


Copyright © 2009. All Rights Reserved.