org.gatein.security.oauth.twitter

Class TwitterProcessorImpl

java.lang.Object

org.gatein.security.oauth.twitter.TwitterProcessorImpl

All Implemented Interfaces:

OAuthProviderProcessor<TwitterAccessTokenContext>, TwitterProcessor

public class TwitterProcessorImpl
extends Object
implements TwitterProcessor

Author:

Marek Posolda

Constructor Summary

Constructors

Constructor and Description
TwitterProcessorImpl(org.exoplatform.container.ExoContainerContext context, org.exoplatform.container.xml.InitParams params)

Method Summary

Modifier and Type	Method and Description
TwitterAccessTokenContext	getAccessTokenFromUserProfile(org.exoplatform.services.organization.UserProfile userProfile, OAuthCodec codec) Obtain needed data from given userProfile and create accessToken from them
<C> C	getAuthorizedSocialApiObject(TwitterAccessTokenContext accessToken, Class<C> socialApiObjectType) Return object, which can be used to call some operations on this Social network.
twitter4j.Twitter	getAuthorizedTwitterInstance(TwitterAccessTokenContext accessTokenContext) Obtain instance of twitter object for given access token.
InteractionState<TwitterAccessTokenContext>	processOAuthInteraction(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response) Process OAuth workflow for this OAuth provider (social network).
InteractionState<TwitterAccessTokenContext>	processOAuthInteraction(javax.servlet.http.HttpServletRequest httpRequest, javax.servlet.http.HttpServletResponse httpResponse, String scope) Possibility to create new OAuth interaction with custom scope (not just the scope which is provided in configuration of this OAuth processor)
void	removeAccessTokenFromUserProfile(org.exoplatform.services.organization.UserProfile userProfile) Remove data about access token from this user profile
void	revokeToken(TwitterAccessTokenContext accessToken) Revoke given access token on OAuth provider side, so application is removed from list of supported applications for given user
void	saveAccessTokenAttributesToUserProfile(org.exoplatform.services.organization.UserProfile userProfile, OAuthCodec codec, TwitterAccessTokenContext accessToken) Save accessToken data to given userProfile.
TwitterAccessTokenContext	validateTokenAndUpdateScopes(TwitterAccessTokenContext accessToken) Send request to OAuth Provider to validate if given access token is valid and ask for scopes, which are available for given accessToken.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

TwitterProcessorImpl

public TwitterProcessorImpl(org.exoplatform.container.ExoContainerContext context,
                            org.exoplatform.container.xml.InitParams params)

Method Detail

processOAuthInteraction

public InteractionState<TwitterAccessTokenContext> processOAuthInteraction(javax.servlet.http.HttpServletRequest request,
                                                                           javax.servlet.http.HttpServletResponse response)
                                                                    throws IOException,
                                                                           OAuthException

Description copied from interface: OAuthProviderProcessor

Process OAuth workflow for this OAuth provider (social network). Workflow is finished if returned InteractionState is in state InteractionState.State.FINISH and in this case, InteractionState should also have accessToken filled. If InteractionState is in state InteractionState.State.AUTH, then more redirections are needed. In this case, given HttpServletResponse should be already committed and prepared for redirection.

Specified by:

processOAuthInteraction in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Returns:

InteractionState with state of OAuth interaction

Throws:

IOException - if IO error occured (for example if httpResponse.sendRedirect failed)

OAuthException - in case of some other error, which may be specific for this OAuth processor (Details are available in error code) Caller should be able to handle at least OAuthExceptionCode.USER_DENIED_SCOPE which happens when user denied scope (authorization screen in web of given social network)

processOAuthInteraction

public InteractionState<TwitterAccessTokenContext> processOAuthInteraction(javax.servlet.http.HttpServletRequest httpRequest,
                                                                           javax.servlet.http.HttpServletResponse httpResponse,
                                                                           String scope)
                                                                    throws IOException,
                                                                           OAuthException

Description copied from interface: OAuthProviderProcessor

Possibility to create new OAuth interaction with custom scope (not just the scope which is provided in configuration of this OAuth processor)

Specified by:

processOAuthInteraction in interface OAuthProviderProcessor<TwitterAccessTokenContext>

scope - custom scope, which contains all scopes in single String divided by AccessTokenContext.DELIMITER

Returns:

Throws:

IOException

OAuthException

See Also:

OAuthProviderProcessor.processOAuthInteraction(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)

getAuthorizedSocialApiObject

public <C> C getAuthorizedSocialApiObject(TwitterAccessTokenContext accessToken,
                                          Class<C> socialApiObjectType)

Description copied from interface: OAuthProviderProcessor

Return object, which can be used to call some operations on this Social network. For example "Plus" object for Google+ network

Specified by:

getAuthorizedSocialApiObject in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Parameters:

accessToken - access token used to initialize object

socialApiObjectType - Type of object, which we wanted to return. Method will return null if this type is not supported by this processor

Returns:

initialized object of required type or null if type wasn't found (supported) by this processor

getAuthorizedTwitterInstance

public twitter4j.Twitter getAuthorizedTwitterInstance(TwitterAccessTokenContext accessTokenContext)

Description copied from interface: TwitterProcessor

Obtain instance of twitter object for given access token. This object can be used to call various operations with Twitter

Specified by:

getAuthorizedTwitterInstance in interface TwitterProcessor

Parameters:

accessTokenContext - twitter access token

Returns:

twitter instance

saveAccessTokenAttributesToUserProfile

public void saveAccessTokenAttributesToUserProfile(org.exoplatform.services.organization.UserProfile userProfile,
                                                   OAuthCodec codec,
                                                   TwitterAccessTokenContext accessToken)

Description copied from interface: OAuthProviderProcessor

Save accessToken data to given userProfile. Note that we are not calling any DB save operations, just filling data into given userProfile

Specified by:

saveAccessTokenAttributesToUserProfile in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Parameters:

userProfile - where data about access token will be filled

codec - to encode some attributes (sensitive data) before save them to user profile

accessToken - specific access token for this OAuth processor

getAccessTokenFromUserProfile

public TwitterAccessTokenContext getAccessTokenFromUserProfile(org.exoplatform.services.organization.UserProfile userProfile,
                                                               OAuthCodec codec)

Description copied from interface: OAuthProviderProcessor

Obtain needed data from given userProfile and create accessToken from them

Specified by:

getAccessTokenFromUserProfile in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Parameters:

userProfile - where data from access token will be obtained

codec - to decode data from userProfile

Returns:

accesstoken or null if accessToken is not found in persistent storage

validateTokenAndUpdateScopes

public TwitterAccessTokenContext validateTokenAndUpdateScopes(TwitterAccessTokenContext accessToken)
                                                       throws OAuthException

Description copied from interface: OAuthProviderProcessor

Send request to OAuth Provider to validate if given access token is valid and ask for scopes, which are available for given accessToken. Returned access token should be always valid and prepared for invoke other operations

Specified by:

validateTokenAndUpdateScopes in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Parameters:

accessToken - accessToken which will be used to ask OAuthProvider about validation and for available scopes

Returns:

accessTokenContext, which will be quite same as the one from accessToken parameter. It could have some info updated (like scopes)

Throws:

OAuthException - usually with codes: - OAuthExceptionCode.ACCESS_TOKEN_ERROR if invalid access is used as argument - OAuthExceptionCode.IO_ERROR if IO error occurs

removeAccessTokenFromUserProfile

public void removeAccessTokenFromUserProfile(org.exoplatform.services.organization.UserProfile userProfile)

Description copied from interface: OAuthProviderProcessor

Remove data about access token from this user profile

Specified by:

removeAccessTokenFromUserProfile in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Parameters:

userProfile - from which data will be removed

revokeToken

public void revokeToken(TwitterAccessTokenContext accessToken)

Description copied from interface: OAuthProviderProcessor

Revoke given access token on OAuth provider side, so application is removed from list of supported applications for given user

Specified by:

revokeToken in interface OAuthProviderProcessor<TwitterAccessTokenContext>

Parameters:

accessToken - access token to revoke