Xinwen Deng / aem-src

Oauth2Helper.java 4.73 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 
/*
 * Decompiled with CFR 0_118.
 * 
 * Could not load the following classes:
 *  javax.servlet.http.HttpServletRequest
 *  javax.servlet.http.HttpServletResponse
 *  org.scribe.model.Token
 *  org.scribe.model.Verifier
 *  org.scribe.oauth.OAuthService
 *  org.scribe.utils.OAuthEncoder
 *  org.slf4j.Logger
 *  org.slf4j.LoggerFactory
 */
package com.adobe.granite.auth.oauth.impl.oauth2;

import com.adobe.granite.auth.oauth.Provider;
import com.adobe.granite.auth.oauth.impl.helper.OAuthHelper;
import com.adobe.granite.auth.oauth.impl.helper.OAuthToken;
import com.adobe.granite.auth.oauth.impl.helper.OAuthUser;
import com.adobe.granite.auth.oauth.impl.helper.OauthTokenManager;
import com.adobe.granite.auth.oauth.impl.helper.ProviderConfig;
import java.io.IOException;
import java.math.BigInteger;
import java.security.SecureRandom;
import java.util.Random;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.scribe.model.Token;
import org.scribe.model.Verifier;
import org.scribe.oauth.OAuthService;
import org.scribe.utils.OAuthEncoder;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class Oauth2Helper
extends OAuthHelper {
    private final Logger log;

    public Oauth2Helper(ProviderConfig config) {
        super(config);
        this.log = LoggerFactory.getLogger(this.getClass());
    }

    public void requestAuthorization(Provider provider, HttpServletRequest request, HttpServletResponse response, String state, boolean isAuthentication) throws IOException {
        try {
            OAuthService service = this.getService(provider, request, isAuthentication, this.config.getPersistRequestParamsCallbackUrl());
            String redirectUrl = service.getAuthorizationUrl(null);
            OAuthToken token = this.config.getOAuthTokenManager().getToken(this.config.getClientId(), request);
            if (token == null || !token.isAuthentic()) {
                token = new OAuthToken(this.config.getClientId(), "", "", 1);
            }
            String stateParameter = state != null && state.length() > 0 ? state : (request.getParameter("state") != null && request.getParameter("state").length() > 0 ? request.getParameter("state") : new BigInteger(130, new SecureRandom()).toString(32));
            redirectUrl = redirectUrl + "&state=" + OAuthEncoder.encode((String)stateParameter);
            token.setAttribute("state", stateParameter);
            request.setAttribute(this.config.getClientId(), (Object)token);
            this.config.getOAuthTokenManager().saveToken(token, request, response);
            response.sendRedirect(redirectUrl);
        }
        catch (Exception e) {
            IOException ex = new IOException("Failed requesting authorization");
            ex.initCause(e);
            throw ex;
        }
    }

    public OAuthUser requestAccessCode(Provider provider, HttpServletRequest request, HttpServletResponse response, boolean isAuthentication, boolean includeExtendedDetails) throws IOException {
        OAuthToken token = this.config.getOAuthTokenManager().getToken(this.config.getClientId(), request);
        if (token != null && (token.isAuthentic() || token.getState() == 1)) {
            if (this.config.getEnableCSRFStateProtection()) {
                this.log.debug("CSRF state protection enabled");
                String state = request.getParameter("state");
                String storedState = (String)token.getAttribute("state");
                if (state == null || state.length() == 0 || storedState == null || storedState.length() == 0) {
                    this.log.warn("the state parameter MUST not be null");
                    return null;
                }
                if (!state.equals(storedState)) {
                    this.log.warn("the received state parameter doesn't match the bounded value");
                    return null;
                }
            }
            String oauthVerifier = request.getParameter("code");
            Verifier verifier = new Verifier(oauthVerifier);
            try {
                Token accessToken = this.getService(provider, request, isAuthentication, this.config.getPersistRequestParamsCallbackUrl()).getAccessToken(null, verifier);
                token = new OAuthToken(this.config.getClientId(), accessToken.getToken(), accessToken.getSecret(), 3);
                request.setAttribute(this.config.getClientId(), (Object)token);
                return this.getUserDetails(provider, request, includeExtendedDetails);
            }
            catch (Exception e) {
                this.log.error(e.getMessage(), (Throwable)e);
            }
        }
        this.log.warn("token was null or not in UNAUTHORIZED state:{}", (Object)(token == null ? null : Integer.valueOf(token.getState())));
        return null;
    }
}