org.gatein.security.oauth.twitter.TwitterProcessorImpl.java Source code

Java tutorial

Introduction

Here is the source code for org.gatein.security.oauth.twitter.TwitterProcessorImpl.java

Source

/*
 * JBoss, a division of Red Hat
 * Copyright 2013, Red Hat Middleware, LLC, and individual
 * contributors as indicated by the @authors tag. See the
 * copyright.txt in the distribution for a full listing of
 * individual contributors.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */

package org.gatein.security.oauth.twitter;

import java.io.IOException;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.exoplatform.container.ExoContainerContext;
import org.exoplatform.container.xml.InitParams;
import org.exoplatform.services.organization.UserProfile;
import org.gatein.security.oauth.spi.InteractionState;
import org.gatein.security.oauth.exception.OAuthException;
import org.gatein.security.oauth.exception.OAuthExceptionCode;
import org.gatein.common.logging.Logger;
import org.gatein.common.logging.LoggerFactory;
import org.gatein.security.oauth.spi.OAuthCodec;
import org.gatein.security.oauth.common.OAuthConstants;
import org.gatein.security.oauth.utils.OAuthPersistenceUtils;
import twitter4j.Twitter;
import twitter4j.TwitterException;
import twitter4j.TwitterFactory;
import twitter4j.auth.AccessToken;
import twitter4j.auth.RequestToken;
import twitter4j.conf.ConfigurationBuilder;

/**
 * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
 */
public class TwitterProcessorImpl implements TwitterProcessor {

    private static Logger log = LoggerFactory.getLogger(TwitterProcessorImpl.class);

    private final String redirectURL;
    private final String clientID;
    private final String clientSecret;
    private final TwitterFactory twitterFactory;
    private final int chunkLength;

    public TwitterProcessorImpl(ExoContainerContext context, InitParams params) {
        this.clientID = params.getValueParam("clientId").getValue();
        this.clientSecret = params.getValueParam("clientSecret").getValue();
        String redirectURLParam = params.getValueParam("redirectURL").getValue();

        if (clientID == null || clientID.length() == 0 || clientID.trim().equals("<<to be replaced>>")) {
            throw new IllegalArgumentException("Property 'clientId' needs to be provided. The value should be "
                    + "clientId of your Twitter application");
        }

        if (clientSecret == null || clientSecret.length() == 0
                || clientSecret.trim().equals("<<to be replaced>>")) {
            throw new IllegalArgumentException("Property 'clientSecret' needs to be provided. The value should be "
                    + "clientSecret of your Twitter application");
        }

        if (redirectURLParam == null || redirectURLParam.length() == 0) {
            this.redirectURL = "http://localhost:8080/" + context.getName()
                    + OAuthConstants.TWITTER_AUTHENTICATION_URL_PATH;
        } else {
            this.redirectURL = redirectURLParam.replaceAll("@@portal.container.name@@", context.getName());
        }

        this.chunkLength = OAuthPersistenceUtils.getChunkLength(params);

        if (log.isDebugEnabled()) {
            log.debug("configuration: clientId=" + clientID + ", clientSecret=" + clientSecret + ", redirectURL="
                    + redirectURL + ", chunkLength=" + chunkLength);
        }
        // Create 'generic' twitterFactory for user authentication to GateIn
        ConfigurationBuilder builder = new ConfigurationBuilder();
        builder.setOAuthConsumerKey(clientID).setOAuthConsumerSecret(clientSecret);
        twitterFactory = new TwitterFactory(builder.build());
    }

    @Override
    public InteractionState<TwitterAccessTokenContext> processOAuthInteraction(HttpServletRequest request,
            HttpServletResponse response) throws IOException, OAuthException {
        Twitter twitter = twitterFactory.getInstance();

        HttpSession session = request.getSession();

        //See if we are a callback
        RequestToken requestToken = (RequestToken) session
                .getAttribute(OAuthConstants.ATTRIBUTE_TWITTER_REQUEST_TOKEN);

        try {
            if (requestToken == null) {
                requestToken = twitter.getOAuthRequestToken(redirectURL);

                // Save requestToken to session, but only temporarily until oauth workflow is finished
                session.setAttribute(OAuthConstants.ATTRIBUTE_TWITTER_REQUEST_TOKEN, requestToken);

                if (log.isTraceEnabled()) {
                    log.trace("RequestToken obtained from twitter. Redirecting to Twitter for authorization");
                }

                // Redirect to twitter to perform authentication
                response.sendRedirect(requestToken.getAuthenticationURL());

                return new InteractionState<TwitterAccessTokenContext>(InteractionState.State.AUTH, null);
            } else {
                String verifier = request.getParameter(OAuthConstants.OAUTH_VERIFIER);

                // User denied scope
                if (request.getParameter(OAuthConstants.OAUTH_DENIED) != null) {
                    throw new OAuthException(OAuthExceptionCode.USER_DENIED_SCOPE,
                            "User denied scope on Twitter authorization page");
                }

                // Obtain accessToken from twitter
                AccessToken accessToken = twitter.getOAuthAccessToken(requestToken, verifier);

                if (log.isTraceEnabled()) {
                    log.trace("Twitter accessToken: " + accessToken);
                }

                // Remove requestToken from session. We don't need it anymore
                session.removeAttribute(OAuthConstants.ATTRIBUTE_TWITTER_REQUEST_TOKEN);
                TwitterAccessTokenContext accessTokenContext = new TwitterAccessTokenContext(accessToken.getToken(),
                        accessToken.getTokenSecret());

                return new InteractionState<TwitterAccessTokenContext>(InteractionState.State.FINISH,
                        accessTokenContext);
            }
        } catch (TwitterException twitterException) {
            throw new OAuthException(OAuthExceptionCode.TWITTER_ERROR, twitterException);
        }
    }

    @Override
    public InteractionState<TwitterAccessTokenContext> processOAuthInteraction(HttpServletRequest httpRequest,
            HttpServletResponse httpResponse, String scope) throws IOException, OAuthException {
        throw new OAuthException(OAuthExceptionCode.TWITTER_ERROR, "This is currently not supported for Twitter");
    }

    @Override
    public <C> C getAuthorizedSocialApiObject(TwitterAccessTokenContext accessToken, Class<C> socialApiObjectType) {
        if (Twitter.class.equals(socialApiObjectType)) {
            return socialApiObjectType.cast(getAuthorizedTwitterInstance(accessToken));
        } else {
            if (log.isDebugEnabled()) {
                log.debug("Class '" + socialApiObjectType + "' not supported by this processor");
            }
            return null;
        }
    }

    @Override
    public Twitter getAuthorizedTwitterInstance(TwitterAccessTokenContext accessTokenContext) {
        ConfigurationBuilder builder = new ConfigurationBuilder();
        builder.setOAuthConsumerKey(clientID).setOAuthConsumerSecret(clientSecret);

        // Now add accessToken properties to builder
        builder.setOAuthAccessToken(accessTokenContext.getAccessToken());
        builder.setOAuthAccessTokenSecret(accessTokenContext.getAccessTokenSecret());

        // Return twitter instance with successfully established accessToken
        return new TwitterFactory(builder.build()).getInstance();
    }

    @Override
    public void saveAccessTokenAttributesToUserProfile(UserProfile userProfile, OAuthCodec codec,
            TwitterAccessTokenContext accessToken) {
        String encodedAccessToken = codec.encodeString(accessToken.getAccessToken());
        String encodedAccessTokenSecret = codec.encodeString(accessToken.getAccessTokenSecret());
        OAuthPersistenceUtils.saveLongAttribute(encodedAccessToken, userProfile,
                OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN, false, chunkLength);
        OAuthPersistenceUtils.saveLongAttribute(encodedAccessTokenSecret, userProfile,
                OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN_SECRET, false, chunkLength);
    }

    @Override
    public TwitterAccessTokenContext getAccessTokenFromUserProfile(UserProfile userProfile, OAuthCodec codec) {
        String encodedAccessToken = OAuthPersistenceUtils.getLongAttribute(userProfile,
                OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN, false);
        String encodedAccessTokenSecret = OAuthPersistenceUtils.getLongAttribute(userProfile,
                OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN_SECRET, false);
        String decodedAccessToken = codec.decodeString(encodedAccessToken);
        String decodedAccessTokenSecret = codec.decodeString(encodedAccessTokenSecret);

        if (decodedAccessToken == null || decodedAccessTokenSecret == null) {
            return null;
        } else {
            return new TwitterAccessTokenContext(decodedAccessToken, decodedAccessTokenSecret);
        }
    }

    @Override
    public TwitterAccessTokenContext validateTokenAndUpdateScopes(TwitterAccessTokenContext accessToken)
            throws OAuthException {
        try {
            // Perform validation by obtaining some info about user
            Twitter twitter = getAuthorizedTwitterInstance(accessToken);
            twitter.verifyCredentials();
            return accessToken;
        } catch (TwitterException tw) {
            if (tw.getStatusCode() == 401) {
                throw new OAuthException(OAuthExceptionCode.ACCESS_TOKEN_ERROR,
                        "Error when verifying twitter access token: " + tw.getMessage(), tw);
            } else {
                throw new OAuthException(OAuthExceptionCode.IO_ERROR,
                        "IO Error when obtaining tokenInfo: " + tw.getClass() + ": " + tw.getMessage(), tw);
            }
        }
    }

    @Override
    public void removeAccessTokenFromUserProfile(UserProfile userProfile) {
        OAuthPersistenceUtils.removeLongAttribute(userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN, false);
        OAuthPersistenceUtils.removeLongAttribute(userProfile, OAuthConstants.PROFILE_TWITTER_ACCESS_TOKEN_SECRET,
                false);
    }

    @Override
    public void revokeToken(TwitterAccessTokenContext accessToken) {
        // TODO: (if it's possible with Twitter... Maybe it's noop)
    }
}