Coverage Report - org.apache.shindig.social.core.oauth.OAuthConsumerRequestAuthenticationHandler
 
Classes in this File Line Coverage Branch Coverage Complexity
OAuthConsumerRequestAuthenticationHandler
19%
3/16
0%
0/8
0
 
 1   
 /*
 2   
  * Licensed to the Apache Software Foundation (ASF) under one
 3   
  * or more contributor license agreements. See the NOTICE file
 4   
  * distributed with this work for additional information
 5   
  * regarding copyright ownership. The ASF licenses this file
 6   
  * to you under the Apache License, Version 2.0 (the
 7   
  * "License"); you may not use this file except in compliance
 8   
  * with the License. You may obtain a copy of the License at
 9   
  *
 10   
  *     http://www.apache.org/licenses/LICENSE-2.0
 11   
  *
 12   
  * Unless required by applicable law or agreed to in writing,
 13   
  * software distributed under the License is distributed on an
 14   
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 15   
  * KIND, either express or implied. See the License for the
 16   
  * specific language governing permissions and limitations under the License.
 17   
  */
 18   
 package org.apache.shindig.social.core.oauth;
 19   
 
 20   
 import org.apache.shindig.auth.AuthenticationHandler;
 21   
 import org.apache.shindig.auth.SecurityToken;
 22   
 import org.apache.shindig.social.opensocial.oauth.OAuthLookupService;
 23   
 
 24   
 import com.google.inject.Inject;
 25   
 
 26   
 import net.oauth.OAuth;
 27   
 import net.oauth.OAuthMessage;
 28   
 import net.oauth.server.OAuthServlet;
 29   
 
 30   
 import org.apache.commons.lang.StringUtils;
 31   
 
 32   
 import java.io.IOException;
 33   
 
 34   
 import javax.servlet.http.HttpServletRequest;
 35   
 
 36   
 /**
 37   
  * This class only handles "two-legged" OAuth (aka Consumer Request) OAuth requests. The request
 38   
  * must include a xoauth_requestor_id parameter, which will be the userId of the person the
 39   
  * container is requesting information on behalf of.
 40   
  */
 41   
 public class OAuthConsumerRequestAuthenticationHandler implements AuthenticationHandler {
 42   
   public static final String AUTH_OAUTH_CONSUMER_REQUEST = "OAuth-ConsumerRequest";
 43   
   public static final String REQUESTOR_ID_PARAM = "xoauth_requestor_id";
 44   
   private final OAuthLookupService service;
 45   
 
 46   
   @Inject
 47  3 
   public OAuthConsumerRequestAuthenticationHandler(OAuthLookupService service) {
 48  3 
     this.service = service;
 49  3 
   }
 50   
 
 51   
   public String getName() {
 52  0 
     return AUTH_OAUTH_CONSUMER_REQUEST;
 53   
   }
 54   
 
 55   
   public SecurityToken getSecurityTokenFromRequest(HttpServletRequest request) {
 56  0 
     OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
 57   
 
 58  0 
     String containerKey = getParameter(requestMessage, OAuth.OAUTH_CONSUMER_KEY);
 59  0 
     String containerSignature = getParameter(requestMessage, OAuth.OAUTH_SIGNATURE);
 60  0 
     String userId = StringUtils.trim(request.getParameter(REQUESTOR_ID_PARAM));
 61   
 
 62  0 
     if (containerKey == null || containerSignature == null || StringUtils.isBlank(userId)) {
 63   
       // This isn't a proper OAuth request
 64  0 
       return null;
 65   
     }
 66   
 
 67  0 
     if (service.thirdPartyHasAccessToUser(requestMessage, containerKey, userId)) {
 68  0 
       return service.getSecurityToken(containerKey, userId);
 69   
     } else {
 70  0 
       return null;
 71   
     }
 72   
   }
 73   
 
 74   
   private String getParameter(OAuthMessage requestMessage, String key) {
 75   
     try {
 76  0 
       return requestMessage.getParameter(key);
 77  0 
     } catch (IOException e) {
 78  0 
       return null;
 79   
     }
 80   
   }
 81   
 
 82   
 }
Report generated by Cobertura 1.9 on 1/7/09 4:43 PM.