Package oauth.manager

Source Code of oauth.manager.ThirdPartyAccessService

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
/**
* Copyright (C) 2011 Talend Inc. - www.talend.com
*/
package oauth.manager;

import java.util.List;

import javax.ws.rs.FormParam;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.Context;

import oauth.common.Calendar;
import oauth.common.OAuthConstants;
import oauth.service.UserAccounts;

import org.apache.cxf.jaxrs.ext.MessageContext;
import org.apache.cxf.rs.security.oauth.data.OAuthContext;
import org.apache.cxf.rs.security.oauth.data.OAuthPermission;

@Path("/calendar")
public class ThirdPartyAccessService {

    @Context
    private MessageContext mc;
    private UserAccounts accounts;
 
  public void setAccounts(UserAccounts accounts) {
    this.accounts = accounts;
  }
 
  @GET
  public Calendar getUserCalendar() {
      OAuthContext oauth = getOAuthContext();
      String userName = oauth.getSubject().getLogin();
    return accounts.getAccount(userName).getCalendar();
  }
 
  @POST
  public void updateCalendar(@FormParam("hour") int hour,
                             @FormParam("description") String description) {
      // This permission check can be done in a custom filter; it can be simpler to do
      // in the actual service code if the context data (such as an hour in this case)
      // are not available in the request URI but in the message payload
      OAuthContext oauth = getOAuthContext();
      List<OAuthPermission> perms = oauth.getPermissions();
      boolean checkPassed = false;
      for (OAuthPermission perm : perms) {
          if (perm.getPermission().startsWith(OAuthConstants.UPDATE_CALENDAR_SCOPE)) {
              int authorizedHour =
                  Integer.valueOf(perm.getPermission().substring(OAuthConstants.UPDATE_CALENDAR_SCOPE.length()));
              if (authorizedHour == hour) {
                  checkPassed = true;
              }
          }
      }
      if (!checkPassed) {
          throw new WebApplicationException(403);
      }
      // end of the check
     
      Calendar calendar = getUserCalendar();
      calendar.getEntry(hour).setEventDescription(description);
  }
 
  private OAuthContext getOAuthContext() {
      OAuthContext oauth = mc.getContent(OAuthContext.class);
        if (oauth == null || oauth.getSubject() == null || oauth.getSubject().getLogin() == null) {
            throw new WebApplicationException(403);
        }
        return oauth;
  }
 
 
}
TOP

Related Classes of oauth.manager.ThirdPartyAccessService

  • oauth.common.Calendar
  • org.apache.cxf.rs.security.oauth.data.OAuthContext
  • server.SocialApplication
  • server.ThirdPartyAccessApplication
  • javax.ws.rs.WebApplicationException
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.