net.oauth.OAuthProblemException Java Examples

The following examples show how to use net.oauth.OAuthProblemException. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: Util.java    From sakai with Educational Community License v2.0 6 votes vote down vote up
public static OAuthAccessor convertToOAuthAccessor(Accessor accessor, OAuthConsumer oAuthConsumer)
        throws OAuthProblemException {
    if (accessor == null)
        return null;
    if (!oAuthConsumer.consumerKey.equals(accessor.getConsumerId()))
        throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
    OAuthAccessor oAuthAccessor = new OAuthAccessor(oAuthConsumer);
    if (accessor.getType() == Accessor.Type.ACCESS)
        oAuthAccessor.accessToken = accessor.getToken();
    else
        oAuthAccessor.requestToken = accessor.getToken();
    oAuthAccessor.tokenSecret = accessor.getSecret();
    // Support Variable Accessor Secret http://wiki.oauth.net/w/page/12238502/AccessorSecret
    if (accessor.getAccessorSecret() != null)
        oAuthConsumer.setProperty(OAuthConsumer.ACCESSOR_SECRET, accessor.getAccessorSecret());
    return oAuthAccessor;
}
 
Example #2
Source File: DataApiOAuthServletTest.java    From incubator-retired-wave with Apache License 2.0 6 votes vote down vote up
public void testDoAuthorizeTokenPostRejectsToken() throws Exception {
  when(req.getPathInfo()).thenReturn(AUTHORIZE_TOKEN_PATH);
  when(req.getMethod()).thenReturn("POST");
  when(req.getParameter("cancel")).thenReturn("yes");
  Map<String, String[]> params = getDoAuthorizeTokenParams();
  when(req.getParameterMap()).thenReturn(params);
  String token = servlet.getOrGenerateXsrfToken(ALEX);
  when(req.getParameter("token")).thenReturn(token);

  when(sessionManager.getLoggedInUser(any(HttpSession.class))).thenReturn(ALEX);

  servlet.doPost(req, resp);

  verify(resp).setStatus(HttpServletResponse.SC_OK);
  try {
    tokenContainer.getRequestTokenAccessor(params.get(OAuth.OAUTH_TOKEN)[0]);
    fail("This token should not be present anymore");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #3
Source File: DataApiServlet.java    From incubator-retired-wave with Apache License 2.0 6 votes vote down vote up
/**
 * Entry point for the Data API Calls.
 */
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  OAuthMessage message = new HttpRequestMessage(req, req.getRequestURL().toString());

  OAuthAccessor accessor;
  try {
    message.requireParameters(OAuth.OAUTH_TOKEN);
    accessor = tokenContainer.getAccessTokenAccessor(message.getParameter(OAuth.OAUTH_TOKEN));
  } catch (OAuthProblemException e) {
    LOG.info("No valid OAuth token present", e);
    // Have to set status here manually, cannot use e.getHttpStatusCode
    // because message.requireParameters doesn't set it in the exception.
    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
    return;
  }
  ParticipantId participant =
      (ParticipantId) accessor.getProperty(DataApiTokenContainer.USER_PROPERTY_NAME);
  
  processOpsRequest(req, resp, message, accessor, participant);
}
 
Example #4
Source File: DataApiTokenContainer.java    From incubator-retired-wave with Apache License 2.0 6 votes vote down vote up
/**
 * Authorize the {@link OAuthAccessor} by generating a new access token and
 * token secret.
 *
 * @param requestToken the requestToken used for identifying the accessor that
 *        needs to be authorized.
 * @return a new {@link OAuthAccessor} with the access token and token secret
 *         set.
 * @throws OAuthProblemException if the request token in the accessor is not
 *         known.
 */
public OAuthAccessor generateAccessToken(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) == null) {
    // User has not given the consumer permission yet.
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.PERMISSION_UNKNOWN);
  }

  // Token secret does not need to unique so can be generated now.
  accessor.tokenSecret = generateToken();

  do {
    accessor.accessToken = generateToken();
  } while (accessTokenAccessors.putIfAbsent(accessor.accessToken, accessor) != null);
  requestTokenAccessors.remove(accessor.requestToken);

  LOG.info("Generated access token for " + accessor.getProperty(USER_PROPERTY_NAME));
  return accessor.clone();
}
 
Example #5
Source File: DataApiTokenContainer.java    From incubator-retired-wave with Apache License 2.0 6 votes vote down vote up
/**
 * Authorizes a request token to be exchanged for an access token.
 *
 * @param requestToken the request token used for identification.
 * @param user the user that has authorized the token.
 * @throws OAuthProblemException if the request token does not map to an
 *         accessor or if the token was already used.
 */
public OAuthAccessor authorizeRequestToken(String requestToken, ParticipantId user)
    throws OAuthProblemException {
  Preconditions.checkNotNull(user, "User must not be null");

  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) != null) {
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_USED);
  }

  accessor.setProperty(USER_PROPERTY_NAME, user);
  requestTokenAccessors.put(requestToken, accessor);

  LOG.info("Authorized request token for " + user);
  return accessor.clone();
}
 
Example #6
Source File: RequestTokenHandler.java    From cxf with Apache License 2.0 6 votes vote down vote up
protected void validateCallbackURL(Client client,
                                   String oauthCallback) throws OAuthProblemException {
    // the callback must not be empty or null, and it should either match
    // the registered callback URI or have the common root with the
    // the registered application URI (but only if no callback was registered)
    if (!StringUtils.isEmpty(oauthCallback)) {
        boolean registeredCallbackIsEmpty = StringUtils.isEmpty(client.getCallbackURI());
        if (!registeredCallbackIsEmpty
            && oauthCallback.equals(client.getCallbackURI())) {
            return;
        }
        if (registeredCallbackIsEmpty
            && !StringUtils.isEmpty(client.getApplicationURI())
            && oauthCallback.startsWith(client.getApplicationURI())) {
            return;
        }

    }
    OAuthProblemException problemEx = new OAuthProblemException(
        OAuth.Problems.PARAMETER_REJECTED + " - " + OAuth.OAUTH_CALLBACK);
    problemEx
        .setParameter(OAuthProblemException.HTTP_STATUS_CODE,
            HttpServletResponse.SC_BAD_REQUEST);
    throw problemEx;
}
 
Example #7
Source File: OAuthUtils.java    From cxf with Apache License 2.0 6 votes vote down vote up
public static Response handleException(MessageContext mc,
                                       Exception e,
                                       int status) {
    ResponseBuilder builder = Response.status(status);
    if (PropertyUtils.isTrue(mc.getContextualProperty(REPORT_FAILURE_DETAILS))) {
        boolean asHeader = PropertyUtils.isTrue(
            mc.getContextualProperty(REPORT_FAILURE_DETAILS_AS_HEADER));
        String text = null;
        if (e instanceof OAuthProblemException) {
            OAuthProblemException problem = (OAuthProblemException)e;
            if (asHeader && problem.getProblem() != null) {
                text = problem.getProblem();
            }
        }
        if (text == null) {
            text = e.getMessage();
        }
        if (asHeader) {
            builder.header("oauth_problem", text);
        } else {
            builder.entity(e.getMessage());
        }
    }
    return builder.build();
}
 
Example #8
Source File: CallbackURLController.java    From cxf with Apache License 2.0 6 votes vote down vote up
@RequestMapping("/callback")
protected ModelAndView handleRequest(@ModelAttribute("oAuthParams") OAuthParams oAuthParams,
                                     HttpServletRequest request) throws Exception {

    OAuthMessage message = OAuthServlet.getMessage(request, request.getRequestURL().toString());

    try {
        message.requireParameters(OAuth.OAUTH_TOKEN, OAuth.OAUTH_VERIFIER);
        oAuthParams.setOauthToken(message.getToken());
        oAuthParams.setOauthVerifier(message.getParameter(OAuth.OAUTH_VERIFIER));

        oAuthParams.setClientID(Common.findCookieValue(request, "clientID"));
        oAuthParams.setClientSecret(Common.findCookieValue(request, "clientSecret"));
    } catch (OAuthProblemException e) {
        oAuthParams.setErrorMessage("OAuth problem: " + e.getProblem() + e.getParameters().toString());
    }


    return new ModelAndView("tokenRequest");
}
 
Example #9
Source File: DataApiOAuthServletTest.java    From swellrt with Apache License 2.0 6 votes vote down vote up
public void testDoAuthorizeTokenPostRejectsToken() throws Exception {
  when(req.getPathInfo()).thenReturn(AUTHORIZE_TOKEN_PATH);
  when(req.getMethod()).thenReturn("POST");
  when(req.getParameter("cancel")).thenReturn("yes");
  Map<String, String[]> params = getDoAuthorizeTokenParams();
  when(req.getParameterMap()).thenReturn(params);
  String token = servlet.getOrGenerateXsrfToken(ALEX);
  when(req.getParameter("token")).thenReturn(token);

  when(sessionManager.getLoggedInUser(any(HttpSession.class))).thenReturn(ALEX);

  servlet.doPost(req, resp);

  verify(resp).setStatus(HttpServletResponse.SC_OK);
  try {
    tokenContainer.getRequestTokenAccessor(params.get(OAuth.OAUTH_TOKEN)[0]);
    fail("This token should not be present anymore");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #10
Source File: DataApiServlet.java    From swellrt with Apache License 2.0 6 votes vote down vote up
/**
 * Entry point for the Data API Calls.
 */
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
  OAuthMessage message = new HttpRequestMessage(req, req.getRequestURL().toString());

  OAuthAccessor accessor;
  try {
    message.requireParameters(OAuth.OAUTH_TOKEN);
    accessor = tokenContainer.getAccessTokenAccessor(message.getParameter(OAuth.OAUTH_TOKEN));
  } catch (OAuthProblemException e) {
    LOG.info("No valid OAuth token present", e);
    // Have to set status here manually, cannot use e.getHttpStatusCode
    // because message.requireParameters doesn't set it in the exception.
    resp.sendError(HttpServletResponse.SC_UNAUTHORIZED, e.getMessage());
    return;
  }
  ParticipantId participant =
      (ParticipantId) accessor.getProperty(DataApiTokenContainer.USER_PROPERTY_NAME);
  
  processOpsRequest(req, resp, message, accessor, participant);
}
 
Example #11
Source File: DataApiTokenContainer.java    From swellrt with Apache License 2.0 6 votes vote down vote up
/**
 * Authorize the {@link OAuthAccessor} by generating a new access token and
 * token secret.
 *
 * @param requestToken the requestToken used for identifying the accessor that
 *        needs to be authorized.
 * @return a new {@link OAuthAccessor} with the access token and token secret
 *         set.
 * @throws OAuthProblemException if the request token in the accessor is not
 *         known.
 */
public OAuthAccessor generateAccessToken(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) == null) {
    // User has not given the consumer permission yet.
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.PERMISSION_UNKNOWN);
  }

  // Token secret does not need to unique so can be generated now.
  accessor.tokenSecret = generateToken();

  do {
    accessor.accessToken = generateToken();
  } while (accessTokenAccessors.putIfAbsent(accessor.accessToken, accessor) != null);
  requestTokenAccessors.remove(accessor.requestToken);

  LOG.info("Generated access token for " + accessor.getProperty(USER_PROPERTY_NAME));
  return accessor.clone();
}
 
Example #12
Source File: DataApiTokenContainer.java    From swellrt with Apache License 2.0 6 votes vote down vote up
/**
 * Authorizes a request token to be exchanged for an access token.
 *
 * @param requestToken the request token used for identification.
 * @param user the user that has authorized the token.
 * @throws OAuthProblemException if the request token does not map to an
 *         accessor or if the token was already used.
 */
public OAuthAccessor authorizeRequestToken(String requestToken, ParticipantId user)
    throws OAuthProblemException {
  Preconditions.checkNotNull(user, "User must not be null");

  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) != null) {
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_USED);
  }

  accessor.setProperty(USER_PROPERTY_NAME, user);
  requestTokenAccessors.put(requestToken, accessor);

  LOG.info("Authorized request token for " + user);
  return accessor.clone();
}
 
Example #13
Source File: OAuthSignatureMethod.java    From lams with GNU General Public License v2.0 6 votes vote down vote up
/**
 * Check whether the message has a valid signature.
 * @throws URISyntaxException 
 *
 * @throws OAuthProblemException
 *             the signature is invalid
 */
public void validate(OAuthMessage message)
throws IOException, OAuthException, URISyntaxException {
    message.requireParameters("oauth_signature");
    String signature = message.getSignature();
    String baseString = getBaseString(message);
    if (!isValid(signature, baseString)) {

 // *LAMS* added by LAMS
 log.debug("Error. Signature invalid. oauth_signature=" + signature + ", oauth_signature_base_string="
  + baseString + ", oauth_signature_method=" + message.getSignatureMethod());
     		
        OAuthProblemException problem = new OAuthProblemException(
                "signature_invalid");
        problem.setParameter("oauth_signature", signature);
        problem.setParameter("oauth_signature_base_string", baseString);
        problem.setParameter("oauth_signature_method", message
                .getSignatureMethod());
        throw problem;
    }
}
 
Example #14
Source File: Util.java    From sakai with Educational Community License v2.0 6 votes vote down vote up
public static OAuthAccessor convertToOAuthAccessor(Accessor accessor, OAuthConsumer oAuthConsumer)
        throws OAuthProblemException {
    if (accessor == null)
        return null;
    if (!oAuthConsumer.consumerKey.equals(accessor.getConsumerId()))
        throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
    OAuthAccessor oAuthAccessor = new OAuthAccessor(oAuthConsumer);
    if (accessor.getType() == Accessor.Type.ACCESS)
        oAuthAccessor.accessToken = accessor.getToken();
    else
        oAuthAccessor.requestToken = accessor.getToken();
    oAuthAccessor.tokenSecret = accessor.getSecret();
    // Support Variable Accessor Secret http://wiki.oauth.net/w/page/12238502/AccessorSecret
    if (accessor.getAccessorSecret() != null)
        oAuthConsumer.setProperty(OAuthConsumer.ACCESSOR_SECRET, accessor.getAccessorSecret());
    return oAuthAccessor;
}
 
Example #15
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testGetUnknownAcessTokenAccessorThrowsException() throws Exception {
  try {
    container.getAccessTokenAccessor("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #16
Source File: DataApiTokenContainerTest.java    From swellrt with Apache License 2.0 5 votes vote down vote up
public void testGetUnknownRequestTokenAccessorThrowsException() throws Exception {
  try {
    container.getRequestTokenAccessor("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #17
Source File: DefaultOAuthValidator.java    From cxf with Apache License 2.0 5 votes vote down vote up
public void validateToken(Token token, OAuthDataProvider provider)
    throws OAuthProblemException {
    if (token == null) {
        throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
    }
    long issuedAt = token.getIssuedAt();
    long lifetime = token.getLifetime();
    if (lifetime != -1
        && (issuedAt + lifetime < (System.currentTimeMillis() / 1000L))) {
        provider.removeToken(token);
        throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
    }
}
 
Example #18
Source File: DataApiTokenContainer.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
/**
 * Gets the {@link OAuthAccessor} that is identified by the given request
 * token. Any changes made to the accessor's fields, except the consumer, will
 * not be reflected in this container.
 *
 * @param requestToken the request token used for identification.
 * @throws OAuthProblemException if the token does not map to an accessor.
 */
public OAuthAccessor getRequestTokenAccessor(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = requestTokenAccessors.get(requestToken);
  if (accessor == null) {
    OAuthProblemException exception =
        OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
    exception.setParameter(OAuth.OAUTH_TOKEN, requestToken);
    throw exception;
  }
  return accessor.clone();
}
 
Example #19
Source File: DataApiTokenContainer.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
/**
 * Gets the authorized {@link OAuthAccessor} that is identified by the given
 * access token. Any changes made to the accessor's fields, except the
 * consumer, will not be reflected in this container.
 *
 * @param accessToken the access token used for identification.
 * @throws OAuthProblemException if the token does not map to an accessor.
 */
public OAuthAccessor getAccessTokenAccessor(String accessToken) throws OAuthProblemException {
  OAuthAccessor accessor = accessTokenAccessors.get(accessToken);
  if (accessor == null) {
    OAuthProblemException exception =
        OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
    exception.setParameter(OAuth.OAUTH_TOKEN, accessToken);
    throw exception;
  }
  return accessor.clone();
}
 
Example #20
Source File: OAuthSignatureMethod.java    From sakai with Educational Community License v2.0 5 votes vote down vote up
/**
    * Check whether the message has a valid signature.
    * @throws URISyntaxException 
    *
    * @throws OAuthProblemException
    *             the signature is invalid
    */
   public void validate(OAuthMessage message)
   throws IOException, OAuthException, URISyntaxException {
       message.requireParameters("oauth_signature");
       String signature = message.getSignature();
       String baseString = getBaseString(message);
       String otherBaseString = null;

// Allow for some confusion coming through load balancers
if ( baseString.startsWith(POST_HTTP) ) { 
	otherBaseString = baseString.replaceFirst("^"+POST_HTTP,POST_SECURE);
} else if ( baseString.startsWith(POST_SECURE) ) { 
	otherBaseString = baseString.replaceFirst("^"+POST_SECURE, POST_HTTP);
} else if ( baseString.startsWith(GET_HTTP) ) { 
	otherBaseString = baseString.replaceFirst("^"+GET_HTTP,GET_SECURE);
} else if ( baseString.startsWith(GET_SECURE) ) { 
	otherBaseString = baseString.replaceFirst("^"+GET_SECURE, GET_HTTP);
}

boolean valid = isValid(signature, baseString);
if ( ! valid && otherBaseString != null ) valid = isValid(signature, otherBaseString);

       if (!valid) {
           OAuthProblemException problem = new OAuthProblemException(
                   "signature_invalid");
           problem.setParameter("oauth_signature", signature);
           problem.setParameter("oauth_signature_base_string", baseString);
           problem.setParameter("oauth_signature_method", message
                   .getSignatureMethod());
           throw problem;
       }
   }
 
Example #21
Source File: DataApiTokenContainer.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
/**
 * Rejects authorization of a request token.
 *
 * @param requestToken the request token used for identification.
 * @throws OAuthProblemException if the request token does not map to an
 *         accessor or if the token was already used.
 */
public void rejectRequestToken(String requestToken) throws OAuthProblemException {
  OAuthAccessor accessor = getRequestTokenAccessor(requestToken);

  if (accessor.getProperty(USER_PROPERTY_NAME) != null) {
    throw OAuthUtil.newOAuthProblemException(OAuth.Problems.TOKEN_USED);
  }

  // Can't use remove(String, OAuthAccessor) since equals is not defined.
  requestTokenAccessors.remove(requestToken);
  LOG.info("Rejected request token " + requestToken);
}
 
Example #22
Source File: OAuthResponseMessage.java    From sakai with Educational Community License v2.0 5 votes vote down vote up
@Override
public void requireParameters(String... names) throws OAuthProblemException, IOException {
    try {
        super.requireParameters(names);
    } catch (OAuthProblemException problem) {
        problem.getParameters().putAll(getDump());
        throw problem;
    }
}
 
Example #23
Source File: OAuthServlet.java    From lams with GNU General Public License v2.0 5 votes vote down vote up
public static void handleException(HttpServletResponse response,
        Exception e, String realm, boolean sendBody) throws IOException,
        ServletException {
    if (e instanceof OAuthProblemException) {
        OAuthProblemException problem = (OAuthProblemException) e;
        Object httpCode = problem.getParameters().get(OAuthProblemException.HTTP_STATUS_CODE);
        if (httpCode == null) {
            httpCode = PROBLEM_TO_HTTP_CODE.get(problem.getProblem());
        }
        if (httpCode == null) {
            httpCode = SC_FORBIDDEN;
        }
        response.reset();
        response.setStatus(Integer.parseInt(httpCode.toString()));
        OAuthMessage message = new OAuthMessage(null, null, problem
                .getParameters().entrySet());
        response.addHeader("WWW-Authenticate", message
                .getAuthorizationHeader(realm));
        if (sendBody) {
            sendForm(response, message.getParameters());
        }
    } else if (e instanceof IOException) {
        throw (IOException) e;
    } else if (e instanceof ServletException) {
        throw (ServletException) e;
    } else if (e instanceof RuntimeException) {
        throw (RuntimeException) e;
    } else {
        throw new ServletException(e);
    }
}
 
Example #24
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testGetUnknownRequestTokenAccessorThrowsException() throws Exception {
  try {
    container.getRequestTokenAccessor("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #25
Source File: AuthorizationRequestHandler.java    From cxf with Apache License 2.0 5 votes vote down vote up
protected OAuthAuthorizationData addAdditionalParams(OAuthAuthorizationData secData,
                                                     OAuthDataProvider dataProvider,
                                                     RequestToken token) throws OAuthProblemException {
    secData.setOauthToken(token.getTokenKey());
    secData.setApplicationName(token.getClient().getApplicationName());
    secData.setApplicationURI(token.getClient().getApplicationURI());
    secData.setCallbackURI(getCallbackValue(token));
    secData.setApplicationDescription(token.getClient().getApplicationDescription());
    secData.setLogoUri(token.getClient().getLogoUri());
    secData.setPermissions(token.getScopes());

    return secData;
}
 
Example #26
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testAuthorizeAlreadyAuthorizedRequestTokenThrowsException() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  container.authorizeRequestToken(unauthorizedRequestToken.requestToken, ALEX);
  try {
    container.authorizeRequestToken(unauthorizedRequestToken.requestToken, ALEX);
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #27
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testRejectRequestToken() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  container.rejectRequestToken(unauthorizedRequestToken.requestToken);
  try {
    container.getRequestTokenAccessor(unauthorizedRequestToken.requestToken);
    fail("Retrieving the request token should fail because it was rejected");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #28
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testRejectRequestTokenAfterAuthorizationThrowsException() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  container.authorizeRequestToken(unauthorizedRequestToken.requestToken, ALEX);
  try {
    container.rejectRequestToken(unauthorizedRequestToken.requestToken);
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #29
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testRejectUnknownRequestTokenThrowsException() throws Exception {
  try {
    container.rejectRequestToken("unknown");
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}
 
Example #30
Source File: DataApiTokenContainerTest.java    From incubator-retired-wave with Apache License 2.0 5 votes vote down vote up
public void testGenerateAccessTokenForUnauthorizedTokenThrowsException() throws Exception {
  OAuthAccessor unauthorizedRequestToken = container.generateRequestToken(consumer);

  try {
    container.generateAccessToken(unauthorizedRequestToken.requestToken);
    fail("Expected OAuthProblemException");
  } catch (OAuthProblemException e) {
    // expected
  }
}