Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AccessTokenRequestValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AccessTokenRequestValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AccessTokenRequestValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AccessTokenRequestValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,102 +1,102 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Client;
-import org.apache.shindig.social.core.oauth2.OAuth2DataService;
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
-import org.apache.shindig.social.core.oauth2.OAuth2Client.Flow;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-
-import javax.servlet.http.HttpServletResponse;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import com.google.inject.Inject;
-
-public class AccessTokenRequestValidator implements OAuth2RequestValidator {
-
- private OAuth2DataService store = null;
- private List<OAuth2GrantValidator> grantValidators; // grant validators
-
- @Inject
- public AccessTokenRequestValidator(OAuth2DataService store) {
- this.grantValidators = new ArrayList<OAuth2GrantValidator>();
- grantValidators.add(new AuthCodeGrantValidator(store));
- grantValidators.add(new ClientCredentialsGrantValidator(store));
- this.store = store;
- }
-
- public void validateRequest(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
- if (req.getGrantType() != null) {
- for (OAuth2GrantValidator validator : grantValidators) {
- if (validator.getGrantType().equals(req.getGrantType())) {
- validator.validateRequest(req);
- return; // request validated
- }
- }
- OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- response.setError(ErrorType.UNSUPPORTED_GRANT_TYPE.toString());
- response.setErrorDescription("Unsupported grant type");
- response.setBodyReturned(true);
- throw new OAuth2Exception(response);
- } else { // implicit flow does not include grant type
- if (req.getResponseType() == null
- || !req.getResponseType().equals("token")) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
- resp.setErrorDescription("Unsupported response type");
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- OAuth2Client client = store.getClient(req.getClientId());
- if (client == null || client.getFlow() != Flow.IMPLICIT) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_CLIENT.toString());
- resp.setErrorDescription(req.getClientId()
- + " is not a registered implicit client");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- if (req.getRedirectURI() == null && client.getRedirectURI() == null) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_REQUEST.toString());
- resp.setErrorDescription("No redirect_uri registered or received in
request");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- if (req.getRedirectURI() != null
- && !req.getRedirectURI().equals(client.getRedirectURI())) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_REQUEST.toString());
- resp.setErrorDescription("Redirect URI does not match the one
registered for this client");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- return; // request validated
- }
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Client;
+import org.apache.shindig.social.core.oauth2.OAuth2DataService;
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
+import org.apache.shindig.social.core.oauth2.OAuth2Client.Flow;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+
+import javax.servlet.http.HttpServletResponse;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import com.google.inject.Inject;
+
+public class AccessTokenRequestValidator implements OAuth2RequestValidator {
+
+ private OAuth2DataService store = null;
+ private List<OAuth2GrantValidator> grantValidators; // grant validators
+
+ @Inject
+ public AccessTokenRequestValidator(OAuth2DataService store) {
+ this.grantValidators = new ArrayList<OAuth2GrantValidator>();
+ grantValidators.add(new AuthCodeGrantValidator(store));
+ grantValidators.add(new ClientCredentialsGrantValidator(store));
+ this.store = store;
+ }
+
+ public void validateRequest(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+ if (req.getGrantType() != null) {
+ for (OAuth2GrantValidator validator : grantValidators) {
+ if (validator.getGrantType().equals(req.getGrantType())) {
+ validator.validateRequest(req);
+ return; // request validated
+ }
+ }
+ OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ response.setError(ErrorType.UNSUPPORTED_GRANT_TYPE.toString());
+ response.setErrorDescription("Unsupported grant type");
+ response.setBodyReturned(true);
+ throw new OAuth2Exception(response);
+ } else { // implicit flow does not include grant type
+ if (req.getResponseType() == null
+ || !req.getResponseType().equals("token")) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.UNSUPPORTED_RESPONSE_TYPE.toString());
+ resp.setErrorDescription("Unsupported response type");
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ OAuth2Client client = store.getClient(req.getClientId());
+ if (client == null || client.getFlow() != Flow.IMPLICIT) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_CLIENT.toString());
+ resp.setErrorDescription(req.getClientId()
+ + " is not a registered implicit client");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ if (req.getRedirectURI() == null && client.getRedirectURI() == null) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_REQUEST.toString());
+ resp.setErrorDescription("No redirect_uri registered or received in
request");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ if (req.getRedirectURI() != null
+ && !req.getRedirectURI().equals(client.getRedirectURI())) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_REQUEST.toString());
+ resp.setErrorDescription("Redirect URI does not match the one
registered for this client");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ return; // request validated
+ }
+ }
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AccessTokenRequestValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthCodeGrantValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthCodeGrantValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthCodeGrantValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthCodeGrantValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,90 +1,90 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Client;
-import org.apache.shindig.social.core.oauth2.OAuth2Code;
-import org.apache.shindig.social.core.oauth2.OAuth2DataService;
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
-import org.apache.shindig.social.core.oauth2.OAuth2Client.Flow;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-
-import com.google.inject.Inject;
-
-public class AuthCodeGrantValidator implements OAuth2GrantValidator {
-
- private OAuth2DataService service;
-
- @Inject
- public AuthCodeGrantValidator(OAuth2DataService service) {
- this.service = service;
- }
-
- public String getGrantType() {
- return "authorization_code";
- }
-
- public void validateRequest(OAuth2NormalizedRequest servletRequest)
- throws OAuth2Exception {
- OAuth2Client client = service.getClient(servletRequest.getClientId());
- if (client == null || client.getFlow() != Flow.AUTHORIZATION_CODE) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_CLIENT.toString());
- resp.setErrorDescription("Invalid client");
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- OAuth2Code authCode = service.getAuthorizationCode(
- servletRequest.getClientId(), servletRequest.getAuthorizationCode());
- if (authCode == null) {
- OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- response.setError(ErrorType.INVALID_GRANT.toString());
- response.setErrorDescription("Bad authorization code");
- response.setBodyReturned(true);
- throw new OAuth2Exception(response);
- }
- if (servletRequest.getRedirectURI() != null
- && !servletRequest.getRedirectURI().equals(authCode.getRedirectURI()))
{
- OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
- response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
- response.setError(ErrorType.INVALID_GRANT.toString());
- response
- .setErrorDescription("The redirect URI does not match the one used
in the authorization request");
- response.setBodyReturned(true);
- throw new OAuth2Exception(response);
- }
-
- // ensure authorization code has not already been used
- if (authCode.getRelatedAccessToken() != null) {
- service.unregisterAccessToken(client.getId(), authCode
- .getRelatedAccessToken().getValue());
- OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
- response.setStatus(HttpServletResponse.SC_FORBIDDEN);
- response.setError(ErrorType.INVALID_GRANT.toString());
- response
- .setErrorDescription("The authorization code has already been used
to generate an access token");
- response.setBodyReturned(true);
- throw new OAuth2Exception(response);
- }
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Client;
+import org.apache.shindig.social.core.oauth2.OAuth2Code;
+import org.apache.shindig.social.core.oauth2.OAuth2DataService;
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
+import org.apache.shindig.social.core.oauth2.OAuth2Client.Flow;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+
+import com.google.inject.Inject;
+
+public class AuthCodeGrantValidator implements OAuth2GrantValidator {
+
+ private OAuth2DataService service;
+
+ @Inject
+ public AuthCodeGrantValidator(OAuth2DataService service) {
+ this.service = service;
+ }
+
+ public String getGrantType() {
+ return "authorization_code";
+ }
+
+ public void validateRequest(OAuth2NormalizedRequest servletRequest)
+ throws OAuth2Exception {
+ OAuth2Client client = service.getClient(servletRequest.getClientId());
+ if (client == null || client.getFlow() != Flow.AUTHORIZATION_CODE) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_CLIENT.toString());
+ resp.setErrorDescription("Invalid client");
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ OAuth2Code authCode = service.getAuthorizationCode(
+ servletRequest.getClientId(), servletRequest.getAuthorizationCode());
+ if (authCode == null) {
+ OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ response.setError(ErrorType.INVALID_GRANT.toString());
+ response.setErrorDescription("Bad authorization code");
+ response.setBodyReturned(true);
+ throw new OAuth2Exception(response);
+ }
+ if (servletRequest.getRedirectURI() != null
+ && !servletRequest.getRedirectURI().equals(authCode.getRedirectURI()))
{
+ OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ response.setError(ErrorType.INVALID_GRANT.toString());
+ response
+ .setErrorDescription("The redirect URI does not match the one used
in the authorization request");
+ response.setBodyReturned(true);
+ throw new OAuth2Exception(response);
+ }
+
+ // ensure authorization code has not already been used
+ if (authCode.getRelatedAccessToken() != null) {
+ service.unregisterAccessToken(client.getId(), authCode
+ .getRelatedAccessToken().getValue());
+ OAuth2NormalizedResponse response = new OAuth2NormalizedResponse();
+ response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ response.setError(ErrorType.INVALID_GRANT.toString());
+ response
+ .setErrorDescription("The authorization code has already been used
to generate an access token");
+ response.setBodyReturned(true);
+ throw new OAuth2Exception(response);
+ }
+ }
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthCodeGrantValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthorizationCodeRequestValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthorizationCodeRequestValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthorizationCodeRequestValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthorizationCodeRequestValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,73 +1,73 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Client;
-import org.apache.shindig.social.core.oauth2.OAuth2DataService;
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-
-import javax.servlet.http.HttpServletResponse;
-
-import com.google.inject.Inject;
-
-public class AuthorizationCodeRequestValidator implements
- OAuth2RequestValidator {
-
- private OAuth2DataService store = null;
-
- @Inject
- public AuthorizationCodeRequestValidator(OAuth2DataService store) {
- this.store = store;
- }
-
- public void validateRequest(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
-
- OAuth2Client client = store.getClient(req.getClientId());
- if (client == null) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_REQUEST.toString());
- resp.setErrorDescription("The client is invalid or not registered");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- String storedURI = client.getRedirectURI();
- if (storedURI == null && req.getRedirectURI() == null) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_REQUEST.toString());
- resp.setErrorDescription("No redirect_uri registered or received in
request");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- if (req.getRedirectURI() != null && storedURI != null) {
- if (!req.getRedirectURI().equals(storedURI)) {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.INVALID_REQUEST.toString());
- resp.setErrorDescription("Redirect URI does not match the one
registered for this client");
- resp.setBodyReturned(true);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
- }
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Client;
+import org.apache.shindig.social.core.oauth2.OAuth2DataService;
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+
+import javax.servlet.http.HttpServletResponse;
+
+import com.google.inject.Inject;
+
+public class AuthorizationCodeRequestValidator implements
+ OAuth2RequestValidator {
+
+ private OAuth2DataService store = null;
+
+ @Inject
+ public AuthorizationCodeRequestValidator(OAuth2DataService store) {
+ this.store = store;
+ }
+
+ public void validateRequest(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+
+ OAuth2Client client = store.getClient(req.getClientId());
+ if (client == null) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_REQUEST.toString());
+ resp.setErrorDescription("The client is invalid or not registered");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ String storedURI = client.getRedirectURI();
+ if (storedURI == null && req.getRedirectURI() == null) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_REQUEST.toString());
+ resp.setErrorDescription("No redirect_uri registered or received in
request");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ if (req.getRedirectURI() != null && storedURI != null) {
+ if (!req.getRedirectURI().equals(storedURI)) {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.INVALID_REQUEST.toString());
+ resp.setErrorDescription("Redirect URI does not match the one
registered for this client");
+ resp.setBodyReturned(true);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
+ }
+ }
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/AuthorizationCodeRequestValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/ClientCredentialsGrantValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/ClientCredentialsGrantValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/ClientCredentialsGrantValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/ClientCredentialsGrantValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,71 +1,71 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Client;
-import org.apache.shindig.social.core.oauth2.OAuth2DataService;
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
-import org.apache.shindig.social.core.oauth2.OAuth2Client.ClientType;
-import org.apache.shindig.social.core.oauth2.OAuth2Client.Flow;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-
-import com.google.inject.Inject;
-
-public class ClientCredentialsGrantValidator implements OAuth2GrantValidator {
-
- private OAuth2DataService service;
-
- @Inject
- public ClientCredentialsGrantValidator(OAuth2DataService service) {
- this.service = service;
- }
-
- public void setOAuth2DataService(OAuth2DataService service) {
- this.service = service;
- }
-
- public String getGrantType() {
- return "client_credentials";
- }
-
- public void validateRequest(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
- OAuth2Client cl = service.getClient(req.getClientId());
- if (cl == null || cl.getFlow() != Flow.CLIENT_CREDENTIALS) {
- throwAccessDenied("Bad client id or password");
- }
- if (cl.getType() != ClientType.CONFIDENTIAL) {
- throwAccessDenied("Client credentials flow does not support public
clients");
- }
- if (!cl.getSecret().equals(req.getClientSecret())) {
- throwAccessDenied("Bad client id or password");
- }
- }
-
- private void throwAccessDenied(String msg) throws OAuth2Exception {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.ACCESS_DENIED.toString());
- resp.setErrorDescription(msg);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Client;
+import org.apache.shindig.social.core.oauth2.OAuth2DataService;
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
+import org.apache.shindig.social.core.oauth2.OAuth2Client.ClientType;
+import org.apache.shindig.social.core.oauth2.OAuth2Client.Flow;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+
+import com.google.inject.Inject;
+
+public class ClientCredentialsGrantValidator implements OAuth2GrantValidator {
+
+ private OAuth2DataService service;
+
+ @Inject
+ public ClientCredentialsGrantValidator(OAuth2DataService service) {
+ this.service = service;
+ }
+
+ public void setOAuth2DataService(OAuth2DataService service) {
+ this.service = service;
+ }
+
+ public String getGrantType() {
+ return "client_credentials";
+ }
+
+ public void validateRequest(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+ OAuth2Client cl = service.getClient(req.getClientId());
+ if (cl == null || cl.getFlow() != Flow.CLIENT_CREDENTIALS) {
+ throwAccessDenied("Bad client id or password");
+ }
+ if (cl.getType() != ClientType.CONFIDENTIAL) {
+ throwAccessDenied("Client credentials flow does not support public
clients");
+ }
+ if (!cl.getSecret().equals(req.getClientSecret())) {
+ throwAccessDenied("Bad client id or password");
+ }
+ }
+
+ private void throwAccessDenied(String msg) throws OAuth2Exception {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.ACCESS_DENIED.toString());
+ resp.setErrorDescription(msg);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/ClientCredentialsGrantValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/DefaultResourceRequestValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/DefaultResourceRequestValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/DefaultResourceRequestValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/DefaultResourceRequestValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,73 +1,73 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import javax.servlet.http.HttpServletResponse;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Code;
-import org.apache.shindig.social.core.oauth2.OAuth2DataService;
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
-import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
-
-import com.google.inject.Inject;
-
-public class DefaultResourceRequestValidator implements
- OAuth2ProtectedResourceValidator {
-
- private OAuth2DataService store = null;
-
- @Inject
- public DefaultResourceRequestValidator(OAuth2DataService store) {
- this.store = store;
- }
-
- public void validateRequest(OAuth2NormalizedRequest req)
- throws OAuth2Exception {
- validateRequestForResource(req, null);
-
- }
-
- /**
- * TODO (Matt): implement scope handling.
- */
- public void validateRequestForResource(OAuth2NormalizedRequest req,
- Object resourceRequest) throws OAuth2Exception {
-
- OAuth2Code token = store.getAccessToken(req.getAccessToken());
- if (token == null)
- throwAccessDenied("Access token is invalid.");
- if (token.getExpiration() > -1
- && token.getExpiration() < System.currentTimeMillis()) {
- throwAccessDenied("Access token has expired.");
- }
- if (resourceRequest != null) {
- // TODO (Matt): validate that requested resource is within scope
- }
- }
-
- // TODO(plindner): change this into a constructor or .create() on
OAuth2Exception
- private void throwAccessDenied(String msg) throws OAuth2Exception {
- OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
- resp.setError(ErrorType.ACCESS_DENIED.toString());
- resp.setErrorDescription(msg);
- resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
- throw new OAuth2Exception(resp);
- }
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Code;
+import org.apache.shindig.social.core.oauth2.OAuth2DataService;
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedResponse;
+import org.apache.shindig.social.core.oauth2.OAuth2Types.ErrorType;
+
+import com.google.inject.Inject;
+
+public class DefaultResourceRequestValidator implements
+ OAuth2ProtectedResourceValidator {
+
+ private OAuth2DataService store = null;
+
+ @Inject
+ public DefaultResourceRequestValidator(OAuth2DataService store) {
+ this.store = store;
+ }
+
+ public void validateRequest(OAuth2NormalizedRequest req)
+ throws OAuth2Exception {
+ validateRequestForResource(req, null);
+
+ }
+
+ /**
+ * TODO (Matt): implement scope handling.
+ */
+ public void validateRequestForResource(OAuth2NormalizedRequest req,
+ Object resourceRequest) throws OAuth2Exception {
+
+ OAuth2Code token = store.getAccessToken(req.getAccessToken());
+ if (token == null)
+ throwAccessDenied("Access token is invalid.");
+ if (token.getExpiration() > -1
+ && token.getExpiration() < System.currentTimeMillis()) {
+ throwAccessDenied("Access token has expired.");
+ }
+ if (resourceRequest != null) {
+ // TODO (Matt): validate that requested resource is within scope
+ }
+ }
+
+ // TODO(plindner): change this into a constructor or .create() on
OAuth2Exception
+ private void throwAccessDenied(String msg) throws OAuth2Exception {
+ OAuth2NormalizedResponse resp = new OAuth2NormalizedResponse();
+ resp.setError(ErrorType.ACCESS_DENIED.toString());
+ resp.setErrorDescription(msg);
+ resp.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ throw new OAuth2Exception(resp);
+ }
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/DefaultResourceRequestValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2GrantValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2GrantValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2GrantValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2GrantValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,29 +1,29 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-/**
- * Handles the validation of a grant requests for access tokens.
- */
-public interface OAuth2GrantValidator extends OAuth2RequestValidator{
-
- /**
- * Indicates the grant type this handler is registered to handle.
- */
- public String getGrantType();
-}
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+/**
+ * Handles the validation of a grant requests for access tokens.
+ */
+public interface OAuth2GrantValidator extends OAuth2RequestValidator{
+
+ /**
+ * Indicates the grant type this handler is registered to handle.
+ */
+ public String getGrantType();
+}
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2GrantValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2ProtectedResourceValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2ProtectedResourceValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2ProtectedResourceValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2ProtectedResourceValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,39 +1,39 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-
-/**
- * Validator interface for a protected resource.
- */
-public interface OAuth2ProtectedResourceValidator extends
OAuth2RequestValidator {
-
- /**
- * Validates a request for a protected resource.
- *
- * @param req is the normalized OAuth 2.0 request
- * @param resourceRequest identifies the resource being requested
- *
- * @throws OAuth2Exception
- */
- public void validateRequestForResource(OAuth2NormalizedRequest req,
- Object resourceRequest) throws OAuth2Exception;
-
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+
+/**
+ * Validator interface for a protected resource.
+ */
+public interface OAuth2ProtectedResourceValidator extends
OAuth2RequestValidator {
+
+ /**
+ * Validates a request for a protected resource.
+ *
+ * @param req is the normalized OAuth 2.0 request
+ * @param resourceRequest identifies the resource being requested
+ *
+ * @throws OAuth2Exception
+ */
+ public void validateRequestForResource(OAuth2NormalizedRequest req,
+ Object resourceRequest) throws OAuth2Exception;
+
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2ProtectedResourceValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2RequestValidator.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2RequestValidator.java?rev=1243399&r1=1243398&r2=1243399&view=diff
==============================================================================
---
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2RequestValidator.java
(original)
+++
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2RequestValidator.java
Mon Feb 13 02:59:33 2012
@@ -1,36 +1,36 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations under the License.
- */
-package org.apache.shindig.social.core.oauth2.validators;
-
-import org.apache.shindig.social.core.oauth2.OAuth2Exception;
-import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
-
-/**
- * Validator interface for OAuth 2.0 requests.
- */
-public interface OAuth2RequestValidator {
-
- /**
- * Validates an OAuth 2.0 request.
- *
- * @param req is the normalized OAuth 2.0 request to validate
- *
- * @throws OAuth2Exception if the request failed to validate
- */
- public void validateRequest(OAuth2NormalizedRequest req) throws
OAuth2Exception;
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+package org.apache.shindig.social.core.oauth2.validators;
+
+import org.apache.shindig.social.core.oauth2.OAuth2Exception;
+import org.apache.shindig.social.core.oauth2.OAuth2NormalizedRequest;
+
+/**
+ * Validator interface for OAuth 2.0 requests.
+ */
+public interface OAuth2RequestValidator {
+
+ /**
+ * Validates an OAuth 2.0 request.
+ *
+ * @param req is the normalized OAuth 2.0 request to validate
+ *
+ * @throws OAuth2Exception if the request failed to validate
+ */
+ public void validateRequest(OAuth2NormalizedRequest req) throws
OAuth2Exception;
}
\ No newline at end of file
Propchange:
shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/core/oauth2/validators/OAuth2RequestValidator.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/core/oauth/MockServletOutputStream.java
------------------------------------------------------------------------------
svn:eol-style = native
