org.apache.oltu.oauth2.client.response.OAuthResourceResponse Java Examples

The following examples show how to use org.apache.oltu.oauth2.client.response.OAuthResourceResponse. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.

Example #1

Source File: OAuthTokenHandler.java From rapidoid with Apache License 2.0

4 votes

@Override
public Object execute(Req req) throws Exception {
	String code = req.param("code");
	String state = req.param("state");

	Log.debug("Received OAuth code", "code", code, "state", state);

	if (code != null && !U.isEmpty(state)) {

		String id = clientId.str().get();
		String secret = clientSecret.str().get();

		char statePrefix = state.charAt(0);
		U.must(statePrefix == 'P' || statePrefix == 'N', "Invalid OAuth state prefix!");
		state = state.substring(1);

		U.must(stateCheck.isValidState(state, secret, req.sessionId()), "Invalid OAuth state!");

		boolean popup = statePrefix == 'P';
		Log.debug("OAuth validated", "popup", popup);

		String domain = oauthDomain.getOrNull();
		String redirectUrl = U.notEmpty(domain) ? domain + callbackPath : HttpUtils.constructUrl(req, callbackPath);

		TokenRequestBuilder reqBuilder = OAuthClientRequest.tokenLocation(provider.getTokenEndpoint())
			.setGrantType(GrantType.AUTHORIZATION_CODE)
			.setClientId(id)
			.setClientSecret(secret)
			.setRedirectURI(redirectUrl)
			.setCode(code);

		OAuthClientRequest request = paramsInBody() ? reqBuilder.buildBodyMessage() : reqBuilder.buildBodyMessage();

		OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());

		String accessToken = token(request, oAuthClient);

		String profileUrl = Msc.fillIn(provider.getProfileEndpoint(), "token", accessToken);

		OAuthClientRequest bearerClientRequest = new OAuthBearerClientRequest(profileUrl).setAccessToken(
			accessToken).buildQueryMessage();

		OAuthResourceResponse res = oAuthClient.resource(bearerClientRequest,
			org.apache.oltu.oauth2.common.OAuth.HttpMethod.GET, OAuthResourceResponse.class);

		U.must(res.getResponseCode() == 200, "OAuth response error!");

		Map<String, Object> auth = JSON.parseMap(res.getBody());

		String email = (String) U.or(auth.get("email"), auth.get("emailAddress"));
		String firstName = (String) U.or(auth.get("firstName"), U.or(auth.get("first_name"), auth.get("given_name")));
		String lastName = (String) U.or(auth.get("lastName"), U.or(auth.get("last_name"), auth.get("family_name")));
		String name = U.or((String) auth.get("name"), firstName + " " + lastName);

		String username = email;
		Set<String> roles = customization.rolesProvider().getRolesForUser(req, username);

		UserInfo user = new UserInfo(username, roles);
		user.name = name;
		user.email = email;
		user.oauthProvider = provider.getName();
		user.oauthId = String.valueOf(auth.get("id"));

		req.response().authorize(user);

		return req.response().redirect("/");

	} else {
		String error = req.param("error");
		if (error != null) {
			Log.warn("OAuth error", "error", error);
			throw U.rte("OAuth error!");
		}
	}

	throw U.rte("Invalid OAuth request!");
}