org.jboss.resteasy.auth.oauth

Class OAuthProviderChecker

java.lang.Object

org.jboss.resteasy.auth.oauth.OAuthProviderChecker

All Implemented Interfaces:

OAuthConsumerRegistration, OAuthProvider

public class OAuthProviderChecker
extends Object
implements OAuthProvider

Used to make sure the OAuthProvider implementer does not return null values. If any null is returned, throws a RuntimeException

Author:

Stéphane Épardaud

Constructor Summary

Constructors

Constructor and Description
OAuthProviderChecker(OAuthProvider provider)

Method Summary

Modifier and Type	Method and Description
String	authoriseRequestToken(String consumerKey, String requestKey) Authorises the given Request Token for the given Consumer and return a new Verifier to be returned to the Client.
void	checkTimestamp(OAuthToken token, long timestamp) Checks that the given timestamp is valid for the given OAuth Token.
Set<String>	convertPermissionsToRoles(String[] permissions) Converts custom permissions which may have been associated with consumers or access tokens into domain specific roles, example, given a "printResources" permission this method may return a role name "printerService"
OAuthToken	getAccessToken(String consumerKey, String accessKey) Returns the OAuth Access Token for the given Consumer key and Access Token.
OAuthConsumer	getConsumer(String consumerKey) Returns the OAuth Consumer for the given Consumer key.
String	getRealm() Returns the Realm of this provider.
OAuthRequestToken	getRequestToken(String consumerKey, String requestKey) Returns the OAuth Request Token for the given Consumer key and Request Token.
OAuthToken	makeAccessToken(String consumerKey, String requestKey, String verifier) Make a new OAuth Access Token for the given Consumer, using the given Request Token and Verifier.
OAuthToken	makeRequestToken(String consumerKey, String callback, String[] scopes, String[] permissions) Make a new OAuth Request Token for the given Consumer, using the given callback.
OAuthConsumer	registerConsumer(String consumerKey, String displayName, String connectURI) Creates a new OAuth Consumer
void	registerConsumerPermissions(String consumerKey, String[] permissions) Registers Consumer Permissions
void	registerConsumerScopes(String consumerKey, String[] scopes) Registers Consumer Scopes

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OAuthProviderChecker

public OAuthProviderChecker(OAuthProvider provider)

Method Detail

registerConsumer

public OAuthConsumer registerConsumer(String consumerKey,
                                      String displayName,
                                      String connectURI)
                               throws OAuthException

Description copied from interface: OAuthConsumerRegistration

Creates a new OAuth Consumer

Specified by:

registerConsumer in interface OAuthConsumerRegistration

Parameters:

consumerKey - the Consumer key.

displayName - display name

connectURI - uri

Returns:

OAuthConsumer

Throws:

OAuthException - thrown if Consumer can not be registered.

getConsumer

public OAuthConsumer getConsumer(String consumerKey)
                          throws OAuthException

Description copied from interface: OAuthProvider

Returns the OAuth Consumer for the given Consumer key. If no such Consumer exists, throw an OAuthException.

Specified by:

getConsumer in interface OAuthProvider

Parameters:

consumerKey - the Consumer key to load.

Returns:

the OAuth Consumer for the given Consumer key.

Throws:

OAuthException - thrown if the given Consumer does not exist.

getRealm

public String getRealm()

Description copied from interface: OAuthProvider

Returns the Realm of this provider.

Specified by:

getRealm in interface OAuthProvider

Returns:

Realm of this provider

getRequestToken

public OAuthRequestToken getRequestToken(String consumerKey,
                                         String requestKey)
                                  throws OAuthException

Description copied from interface: OAuthProvider

Returns the OAuth Request Token for the given Consumer key and Request Token. If no such Consumer or Request Token exist, throw an OAuthException.

Specified by:

getRequestToken in interface OAuthProvider

Parameters:

consumerKey - the Consumer key whose Request Token we want to load

requestKey - the Request Token to load

Returns:

the OAuth Request Token for the given Consumer key and Request Token

Throws:

OAuthException - thrown if the given Request Token does not exist.

getAccessToken

public OAuthToken getAccessToken(String consumerKey,
                                 String accessKey)
                          throws OAuthException

Description copied from interface: OAuthProvider

Returns the OAuth Access Token for the given Consumer key and Access Token. If no such Consumer or Access Token exist, throw an OAuthException.

Specified by:

getAccessToken in interface OAuthProvider

Parameters:

consumerKey - the Consumer key whose Access Token we want to load

accessKey - the Access Token to load

Returns:

the OAuth Access Token for the given Consumer key and Access Token

Throws:

OAuthException - thrown if the given Consumer or Access Token do not exist.

checkTimestamp

public void checkTimestamp(OAuthToken token,
                           long timestamp)
                    throws OAuthException

Description copied from interface: OAuthProvider

Checks that the given timestamp is valid for the given OAuth Token. The timestamp should always be greater or equal to the last timestamp used for the given OAuth Token. The responsability to know whether the given OAuth Token is a Request or Access Token is left to the implementer. This method should associate and remember the given timestamp for the given Token if it is valid, since the message integrity has already been verified and we are guaranteed that the given timestamp comes from a message signed from the appropriate Consumer.

Specified by:

checkTimestamp in interface OAuthProvider

Parameters:

token - the OAuth Token whose timestamp to check and save if valid

timestamp - the timestamp to check and save if valid

Throws:

OAuthException - thrown if the given timestamp is not greater or equal to the last timestamp associated with the given OAuth Token

makeAccessToken

public OAuthToken makeAccessToken(String consumerKey,
                                  String requestKey,
                                  String verifier)
                           throws OAuthException

Description copied from interface: OAuthProvider

Make a new OAuth Access Token for the given Consumer, using the given Request Token and Verifier. If the Request Token has not yet been authorised and/or does not match the given Specifier, throw an OAuthException.

Specified by:

makeAccessToken in interface OAuthProvider

Parameters:

consumerKey - the Consumer key for whom to create a new Access Token

requestKey - the Request Token to exchange for a new Access Token

verifier - the Client-specified Verifier that must match the Verifier that was given to the Client when the given Request Token was authorised.

Returns:

a new OAuth Access Token for the given Consumer

Throws:

OAuthException - thrown if the given Consumer or Request Token does not exist, if the Request Token is not authorised or if the Verifier is invalid.

makeRequestToken

public OAuthToken makeRequestToken(String consumerKey,
                                   String callback,
                                   String[] scopes,
                                   String[] permissions)
                            throws OAuthException

Description copied from interface: OAuthProvider

Make a new OAuth Request Token for the given Consumer, using the given callback.

Specified by:

makeRequestToken in interface OAuthProvider

Parameters:

consumerKey - the Consumer key for whom to create a new Request Token

callback - the Client-specified callback for this Request Token

scopes - resource URIs the consumer would like to access

permissions - permissions the consumer is requesting

Returns:

a new OAuth Request Token for the given Consumer

Throws:

OAuthException - thrown if the given Consumer does not exist

authoriseRequestToken

public String authoriseRequestToken(String consumerKey,
                                    String requestKey)
                             throws OAuthException

Description copied from interface: OAuthProvider

Authorises the given Request Token for the given Consumer and return a new Verifier to be returned to the Client. If the given Consumer or Request Token do not exist, or if the Request Token has already been authorised, throw an OAuthException.

Specified by:

authoriseRequestToken in interface OAuthProvider

Parameters:

consumerKey - the Consumer Key whose Request Token we want to authorise

requestKey - the Request Token to authorise

Returns:

a Verifier associated with the newly-authorised Request Token.

Throws:

OAuthException - thrown if the given Consumer or Request Token do not exist, or if the Request Token has already been authorised.

registerConsumerScopes

public void registerConsumerScopes(String consumerKey,
                                   String[] scopes)
                            throws OAuthException

Description copied from interface: OAuthConsumerRegistration

Registers Consumer Scopes

Specified by:

registerConsumerScopes in interface OAuthConsumerRegistration

Parameters:

consumerKey - the Consumer key.

scopes - the consumer scopes

Throws:

OAuthException - thrown if scopes can not be registered.

registerConsumerPermissions

public void registerConsumerPermissions(String consumerKey,
                                        String[] permissions)
                                 throws OAuthException

Description copied from interface: OAuthConsumerRegistration

Registers Consumer Permissions

Specified by:

registerConsumerPermissions in interface OAuthConsumerRegistration

Parameters:

consumerKey - the Consumer key.

permissions - the consumer permissions

Throws:

OAuthException - thrown if permissions can not be registered.

convertPermissionsToRoles

public Set<String> convertPermissionsToRoles(String[] permissions)

Description copied from interface: OAuthProvider

Converts custom permissions which may have been associated with consumers or access tokens into domain specific roles, example, given a "printResources" permission this method may return a role name "printerService"

Specified by:

convertPermissionsToRoles in interface OAuthProvider

Parameters:

permissions - array of permissions

Returns:

roles set of roles