auth ok, access token nope...

Signed-off-by: Luca Fulchir <luca@fulchir.it>
parent 27407ff8
......@@ -3,3 +3,4 @@
.jar
build/
.*.swo
.*.swp
......@@ -20,9 +20,9 @@
***************************************************************************/
include "OAuth2.iol"
include "jolie/net/utils/HTTP.iol"
include "string_utils.iol"
include "console.iol"
include "jolie/net/utils/HTTP.iol"
inputPort OAuth2 {
Location: "local"
......@@ -32,56 +32,34 @@ inputPort OAuth2 {
execution { concurrent}
main {
[Auth (info) (newInfo) {
newInfo << info;
[Auth (info) (answer) {
http_data.URI = info.location_authorize;
toUpperCase@StringUtils (info.method) (http_data.method);
info.method = http_data.method;
newInfo.method = info.method;
http_data.headers[0].name = "userAgent";
http_data.headers[0].name = "User-Agent";
http_data.headers[0].value = "Jolie-OAuth2";
scope (error_handler) {
install(not_found =>
println@Console("error on request") ();
throw(OAuth2_error)
throw(OAuth2_error),
state_mismatch =>
println@Console("wrong state in reply") ();
throw(OAuth2_error)
throw(OAuth2_error),
send_error =>
println@Console("could not send HTTP request")();
throw(OAuth2_error)
);
//make HTTP request
DataAuth@OAuth2Data (info) (data_query);
http_data.query << newInfo.query;
http_data.query << info.query;
//we have to add the OAuth request to the previous data
for (count=#newInfo.query, count < (#newInfo.query + #data_query),
for (count=#info.query, count < (#info.query + #data_query.pair),
count++) {
http_data.query[count] << data_query[count - #newInfo.query]
http_data.query[count] << data_query.pair[count - #info.query]
};
sendRequest@HTTP(http_data) (codes);
buildURI@HTTP(http_data) (answer)
// search for errors
search.pair = codes;
search.search = "code";
getPair@OAuth2Data (search)(res);
newInfo.code = res;
if (info.hasChildren("state")) {
search.search = "state";
getPair@OAuth2Data (search)(res);
//check for equality... really fast this way, uh?
length@StringUtils(res)(ln1);
length@StringUtils(info.state)(ln2);
if (ln1 != ln2) {
throw(state_mismatch)
};
res.startswith=info.state;
startsWith(res)(strTest);
if (!strTest) {
throw(state_mismatch)
}
}
}
}]{nullProcess}
......@@ -91,51 +69,55 @@ scope (error_handler) {
toUpperCase@StringUtils (info.method) (http_data.method);
info.method = http_data.method;
newInfo.method = info.method;
http_data.headers[0].name = "userAgent";
http_data.headers[0].name = "User-Agent";
http_data.headers[0].value = "Jolie-OAuth2";
scope (error_handler) {
install(not_found =>
println@Console("error on request") ();
throw(OAuth2_error)
throw(OAuth2_error),
state_mismatch =>
println@Console("wrong state in reply") ();
throw(OAuth2_error)
throw(OAuth2_error),
send_error =>
println@Console("could not send HTTP request")();
throw(OAuth2_error)
);
DataAccess@OAuth2Data (info) (data_query);
for (count=#newInfo.query, count < (#newInfo.query + #data_query),
count++) {
http_data.query[count] << data_query[count - #newInfo.query]
};
http_data.content << data_query.pair;
http_data.content_format = "application/x-www-form-urlencoded";
sendRequest@HTTP(http_data) (answer);
println@Console("answer:::"+answer)();
if (is_defined(answer.error)) {
println@Console("error in answer:" + answer)();
throw (OAuth2_error)
};
JsonToValue@HTTP(answer)(answer_json);
if (is_defined(answer_json.access_token) {
if (is_defined(answer_json.access_token)) {
newInfo.access_token = answer_json.access_token;
undef(answer_json.access_token)
} else {
//access_token is required by rfc
throw (oauth2_answer)
};
if (is_defined(answer_json.refresh_token) {
if (is_defined(answer_json.refresh_token)) {
newInfo.refresh_token = answer_json.refresh_token;
undef(answer_json.refresh_token)
};
if (is_defined(answer_json.expires_in) {
newInfo.expires_in = answer_json.expires_in
if (is_defined(answer_json.expires_in)) {
newInfo.expires_in = answer_json.expires_in;
undef(answer_json.expires_in)
};
if (is_defined(answer_json.token_type) {
newInfo.token_type = answer_json.token_type
if (is_defined(answer_json.token_type)) {
newInfo.token_type = answer_json.token_type;
undef(answer_json.token_type)
} else {
//token_type is required by rfc
throw (oauth2_answer)
};
newInfo.json = answer_json;
newInfo.json = answer_json
}
}]{nullProcess}
[Refresh (info) (newInfo)
......@@ -150,46 +132,50 @@ scope (error_handler) {
scope (error_handler) {
install(not_found =>
println@Console("error on request") ();
throw(OAuth2_error)
throw(OAuth2_error),
state_mismatch =>
println@Console("wrong state in reply") ();
throw(OAuth2_error)
throw(OAuth2_error),
send_error =>
println@Console("could not send HTTP request")();
throw(OAuth2_error),
refresh_token =>
println@Console("can't refresh without a refresh_token")();
throw(OAuth2_error)
);
DataRefresh@OAuth2Data (info) (data_query);
for (count=#newInfo.query, count < (#newInfo.query + #data_query),
for (count=#newInfo.query, count < (#newInfo.query + #data_query.pair),
count++) {
http_data.query[count] << data_query[count - #newInfo.query]
http_data.query[count] << data_query.pair[count -
#newInfo.query]
};
sendRequest@HTTP(http_data) (answer);
JsonToValue@HTTP(answer)(answer_json);
if (is_defined(answer_json.access_token) {
if (is_defined(answer_json.access_token)) {
newInfo.access_token = answer_json.access_token;
undef(answer_json.access_token)
} else {
//access_token is required by rfc
throw (oauth2_answer)
};
if (is_defined(answer_json.refresh_token) {
if (is_defined(answer_json.refresh_token)) {
newInfo.refresh_token = answer_json.refresh_token;
undef(answer_json.refresh_token)
};
if (is_defined(answer_json.expires_in) {
newInfo.expires_in = answer_json.expires_in
if (is_defined(answer_json.expires_in)) {
newInfo.expires_in = answer_json.expires_in;
undef(answer_json.expires_in)
};
if (is_defined(answer_json.token_type) {
newInfo.token_type = answer_json.token_type
if (is_defined(answer_json.token_type)) {
newInfo.token_type = answer_json.token_type;
undef(answer_json.token_type)
} else {
//token_type is required by rfc
throw (oauth2_answer)
};
newInfo.json = answer_json;
newInfo.json = answer_json
}
}]{nullProcess}
}
......
......@@ -53,12 +53,16 @@ type OAuth2_pairSearch:void {
.pair* :OAuth2_pair
}
type OAuth2_data:void {
.pair* :OAuth2Pair
}
interface OAuth2DataInterface {
RequestResponse:
DataAuth (OAuth2Info) (HTTPpair),
DataAccess (OAuth2Info) (HTTPpair),
parseAnswer (string) (OAuth2_parsed) throws wrong_answer,
getPair (OAuth2_pairSearch) (string) throws not_found
DataAuth (OAuth2Info) (OAuth2_data),
DataAccess (OAuth2Info) (OAuth2_data),
DataRefresh (OAuth2Info) (OAuth2_data),
getPair (OAuth2_pairSearch) (string) throws not_found
}
outputPort OAuth2Data {
Interfaces: OAuth2DataInterface
......
......@@ -25,7 +25,6 @@ include "OAuth2Data.iol"
include "string_utils.iol"
include "jolie/net/utils/Hmac.iol"
include "console.iol"
include "jolie/net/utils/HTTP.iol"
inputPort OAuth2Data{
Location: "local"
......@@ -37,102 +36,69 @@ execution {concurrent}
main {
[DataAuth (info) (data)
{
data[0].name = "client_id";
data[0].value = info.client_id;
data[0].format= "application/x-www-form-urlencoded";
data[1].name = "response_type";
data[1].value = "code";
data[1].format= "application/x-www-form-urlencoded";
count = #data;
if (is_defined(info.redirect_uri) {
data[count].name = "redirect_uri";
data[count].value = info.redirect_uri;
data[count].format= "application/x-www-form-urlencoded";
data.pair[0].name = "client_id";
data.pair[0].value = info.client_id;
data.pair[1].name = "response_type";
data.pair[1].value = "code";
count = 2;
if (is_defined(info.redirect_uri)) {
data.pair[count].name = "redirect_uri";
data.pair[count].value = info.redirect_uri;
count++
};
if (is_defined(info.scope) {
data[count].name = "scope";
data[count].value = info.scope;
data[count].format= "application/x-www-form-urlencoded";
if (is_defined(info.scope)) {
data.pair[count].name = "scope";
data.pair[count].value = info.scope;
count++
};
if (is_defined(info.state) {
data[count].name = "state";
data[count].value = info.state;
data[count].format= "application/x-www-form-urlencoded";
if (is_defined(info.state)) {
data.pair[count].name = "state";
data.pair[count].value = info.state;
count++
}
}]{nullProcess)
}]{nullProcess}
[DataAccess (info) (data)
{
data[0].name = "client_id";
data[0].value = info.client_id;
data[0].format= "application/x-www-form-urlencoded";
data[1].name = "grant_type";
data[1].value = "authorization_code";
data[1].format= "application/x-www-form-urlencoded";
data[2].name = "code";
data[2].value = info.code;
data[2].format= "application/x-www-form-urlencoded";
data[3].name = "client_secret";
data[3].value = info.client_secret;
data[3].format= "application/x-www-form-urlencoded";
count = #data;
if (is_defined(info.redirect_uri) {
data[count].name = "redirect_uri";
data[count].value = info.redirect_uri;
data[count].format= "application/x-www-form-urlencoded";
data.pair[0].name = "client_id";
data.pair[0].value = info.client_id;
data.pair[1].name = "grant_type";
data.pair[1].value = "authorization_code";
data.pair[2].name = "code";
data.pair[2].value = info.code;
data.pair[3].name = "client_secret";
data.pair[3].value = info.client_secret;
count = 4;
if (is_defined(info.redirect_uri)) {
data.pair[count].name = "redirect_uri";
data.pair[count].value = info.redirect_uri;
count++
};
if (is_defined(info.scope) {
data[count].name = "scope";
data[count].value = info.scope;
data[count].format= "application/x-www-form-urlencoded";
if (is_defined(info.scope)) {
data.pair[count].name = "scope";
data.pair[count].value = info.scope;
count++
}
}]{nullProcess)
[parseAnswer (answer) (token) {
scope (parsing) {
answer.regex = "&";
split@StringUtils(answer)(strings);
for (i = 0, i < #strings.result, i++) {
tmp = strings.result[i];
tmp.word = "=";
indexOf@StringUtils(tmp) (index);
//TODO: what if not found?
undef(tmp.word);
length@StringUtils(tmp) (length);
tmp.begin = 0;
tmp.end = index;
substring@StringUtils(tmp) (token.pair[i].name);
tmp.begin = index + 1;
tmp.end = length;
substring@StringUtils(tmp) (token.pair[i].value);
undef(tmp.begin);
undef(tmp.end)
}
}
}]{nullProcess}
[getPair (pairSearch) (result) {
length@StringUtils(pairSearch.search)(search_length);
for (i = 0, i < #pairSearch.pair, i++) {
// uhm... confronto tra due stringhe? '==' non è corretto...
length@StringUtils(pairSearch.pair[i].name)(length2);
pairSearch.pair[i].name.prefix=pairSearch.search;
startsWith@StringUtils(pairSearch.pair[i].name)(prefix);
undef(pairSearch.pair[i].name.prefix);
if (prefix && (search_length == length2)) {
result = pairSearch.pair[i].value;
i = #pairSearch.pair;
found = true
}
[DataRefresh (info) (data)
{
if (!is_defined(info.refresh_token)) {
throw (refresh_token)
};
if (!is_defined(found))
throw (not_found)
data.pair[0].name = "client_id";
data.pair[0].value = info.client_id;
data.pair[1].name = "grant_type";
data.pair[1].value = "refresh_token";
data.pair[2].name = "refresh_token";
data.pair[2].value = info.refresh_token;
data.pair[3].name = "client_secret";
data.pair[3].value = info.client_secret;
if (is_defined(info.scope)) {
data.pair[4].name = "scope";
data.pair[4].value = info.scope
}
}]{nullProcess}
}
include "console.iol"
include "OAuth1.iol"
include "OAuth2.iol"
include "security_utils.iol"
include "time.iol"
include "string_utils.iol"
execution { concurrent }
//execution { concurrent }
type codeRequest:void {
.code? :string
......@@ -28,24 +28,25 @@ main
// data needed for the connection: where to connect, how and who we are
data.location_authorize = "https://accounts.google.com/o/oauth2/auth";
data.location_access = "https://accounts.google.com/o/oauth2/token";
data.location_access = "http://codepedia.eu/token";
data.method = "GET";
data.client_id = "393076792151.apps.googleusercontent.com";
data.client_secret = "26H4P4_MJ8lBqXxNb-4dAqTL";
data.redirect_uri = "http://localhosti:8055";
data.redirect_uri = "http://localhost:8055/code";
data.scope = "https://www.googleapis.com/auth/plus.me";
// send the message
Auth@OAuth2 (data) (referr);
println@Console ("auth this app with " + referr)();
//now we wait for the http redirect which will bring us
// now we wait for the http redirect which will bring us
// the authentication code needed.
println@Console ("Now waiting for authorization redirect...")();
ERR="Error"
ERR="Error";
[code(codeRequest) (out)
{
out = "OK"
[code(codeRequest) (out) {
out = "OK";
if (is_defined(codeRequest.error)) {
println@Console("Error while authenticating app")();
out = ERR
......@@ -66,8 +67,8 @@ main
out = ERR
};
codeRequest.state.startsWith = data.state;
startsWith(codeRequest.state)(test);
if (!test) {
startsWith@StringUtils(codeRequest.state)(boolTest);
if (! boolTest ) {
println@Console("We got a redirect, but it wasn't ours")();
out = ERR
}
......
......@@ -28,14 +28,15 @@ type HTTPpair: void {
type HTTPRequest:void {
.URI :string
.method :string
.parameters* :HTTPpair
.content* :HTTPpair
.content_format?:string
.cookies? :string
.headers* :HTTPpair
.query* :HTTPpair
}
type HTTPResponse:void {
.output :string
type HTTPParseResult: void {
.pair* :HTTPpair
}
type HTTPURLEncoding:string {
......@@ -44,11 +45,11 @@ type HTTPURLEncoding:string {
interface HTTPInterface {
RequestResponse:
parse_www_form (string) (HTTPpair) throws parse_error,
sendRequest (HTTPRequest) (string) throws send_error,
buildURI (HTTPRequest) (string) throws buildURI_fault,
URLencode (HTTPURLEncoding) (string) throws Encoding_fault,
JsonToValue (String) (Value) throws cannot_translate
parse_www_form (string) (HTTPParseResult) throws parse_error,
JsonToValue (string) (any) throws cannot_translate
}
......
......@@ -115,20 +115,20 @@ public static Value JsonToValue (String json) throws FaultException
}
@RequestResponse
public static ValueVector parse_www_form (Value data) throws FaultException
public static Value parse_www_form (String data) throws FaultException
{
// URLEncoded values to parsed pairs
URLEncodedUtils decode = new URLEncodedUtils();
try {
List<NameValuePair> values = decode.parse(data.strValue(),
List<NameValuePair> values = decode.parse(data,
Charset.forName("UTF-8"));
ValueVector result = ValueVector.create();
Value result = Value.create();
for (int count = 0; count < values.size(); count++) {
NameValuePair pair = values.get(count);
Value tmp = Value.create();
tmp.getFirstChild("name").setValue(pair.getName());
tmp.getFirstChild("value").setValue(pair.getValue());
result.set(count, tmp);
result.getNewChild("pair").add(tmp);
}
return result;
} catch (Exception e) {
......@@ -178,29 +178,27 @@ private static String sendPost (HttpClient httpclient, Value req)
}
}
if (req.hasChildren("parameters")) {
for (Value pair : req.getChildren("parameters")) {
List<NameValuePair> postParams =
if (req.hasChildren("content")) {
List<NameValuePair> postParams =
new ArrayList<NameValuePair>();
for (Value pair : req.getChildren("content")) {
BasicNameValuePair tmp = new BasicNameValuePair(
pair.getFirstChild("name").strValue(),
pair.getFirstChild("value").strValue());
postParams.add(tmp);
UrlEncodedFormEntity entity =
}
UrlEncodedFormEntity entity =
new UrlEncodedFormEntity(postParams);
entity.setContentEncoding("UTF_8");
if (pair.hasChildren("format")) {
entity.setContentType(
pair.getFirstChild(
"format").strValue());
} else {
// default
entity.setContentType(
"application/json");
}
httppost.setEntity(entity);
entity.setContentEncoding("UTF_8");
if (req.hasChildren("content_format")) {
entity.setContentType(req.getFirstChild(
"content_format").strValue());
} else {
// default
entity.setContentType("application/json");
}
httppost.setEntity(entity);
}
HttpResponse response = httpclient.execute(httppost);
HttpEntity entity = response.getEntity();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment