oauth1server Ok. Despite jolie.

Signed-off-by: Luca Fulchir <luca@fulchir.it>
parent c3407c71
......@@ -56,7 +56,7 @@ scope (error_handler) {
DataRequestToken@OAuth1Data (info) (http_data.headers[1].value);
sendRequest@HTTP(http_data) (answer);
println@Console(answer)();
token << info;
parseAnswer@OAuth1Data(answer) (tmp);
tmp.search = "oauth_token";
......
......@@ -133,7 +133,7 @@ scope (error_handler) {
URLencode@HTTP (toEncode) (encodedLocation);
tmp = "";
for (i = 0, i < (#toSort.item - 1), i++) {
for (i = 0, i < (#sorted.item - 1), i++) {
tmp = tmp + sorted.item[i] + "&"
};
tmp = tmp + sorted.item[#sorted.item - 1];
......@@ -154,9 +154,8 @@ scope (error_handler) {
"oauth_version=\"1.0\"," +
"oauth_token=\"" + info.token + "\"," +
"oauth_signature=\"" + signature + "\"";
if (is_defined(info.verifier)) {
postString = postString + "oauth_verifier=\"" + info.verifier + "\""
}
if (is_defined(info.verifier))
postString = postString + ",oauth_verifier=\"" + info.verifier + "\""
}]{nullProcess}
[parseAnswer (answer) (token) {
......
......@@ -15,7 +15,7 @@ interface OAuth1_HTTP {
access(accessAnswer)(string)
}
execution{ concurrent }
execution{sequential}
inputPort HTTP_Get {
Location: "socket://localhost:8011/"
......@@ -28,7 +28,7 @@ init
data.location_request = "https://api.dropbox.com/1/oauth/request_token";
data.location_request = "http://localhost:8080/authorize";
data.location_authorize = "https://www.dropbox.com/1/oauth/authorize";
data.location_authorize = "http://localhost:8080/authorize";
data.location_authorize = "http://localhost:8080/authenticate";
data.location_access = "https://api.dropbox.com/1/oauth/access_token";
data.location_access = "http://localhost:8080/access";
data.method = "POST";
......@@ -51,11 +51,11 @@ main
{
[access (access) (response) {
if (is_defined(access.oauth_verifier)) {
data.verifier = access.oauth_verifier
answer.verifier = access.oauth_verifier
};
response = "ok"
}]{
undef(data.callback);
undef(answer.callback);
getAccess@OAuth1 (answer) (tokens);
// use these to sign whatever data in your api calls:
......
......@@ -7,6 +7,7 @@ include "security_utils.iol"
include "jolie/net/OAuth/OAuth1Data.iol"
include "../utils/HTTPTypes.iol"
include "../utils/HTTP.iol"
include "store.iol"
execution{concurrent}
......@@ -60,13 +61,7 @@ scope (errorHTTP) {
addPage@HTTP(page)(asd);
//finally start our HTTP server:
start@HTTP("OAuth1")();
// instead of a database we'll relay on these variables
issued_token = "";
issued_token_secret = "";
issued_verifier="";
last_callback = ""
start@HTTP("OAuth1")()
}
}
......@@ -128,6 +123,11 @@ scope (earlyreturn) {
pairSearch@HTTP (search) (answer);
if (!answer.found || answer != "HMAC-SHA1") // only one supported
throw(missing_parameters);
search.search = "oauth_callback"; // MUST be defined. by RFC
pairSearch@HTTP (search) (answer);
if (!answer.found)
throw(missing_parameters);
last_callback = answer;
search.search = "oauth_nonce";
pairSearch@HTTP (search) (answer);
if (!answer.found)
......@@ -183,6 +183,15 @@ scope (earlyreturn) {
createSecureToken@SecurityUtils(void)(issued_token);
createSecureToken@SecurityUtils(void)(issued_token_secret);
test.sid = "issued_token";
test.var = issued_token;
store@Store(test)();
test.sid = "issued_token_secret";
test.var = issued_token_secret;
store@Store(test)();
test.sid = "last_callback";
test.var = last_callback;
store@Store(test)();
output.code = 200;
// finally communicate the data
......@@ -199,15 +208,15 @@ scope (earlyreturn) {
install (errreturn =>
output.code = int(500);
undef(output.headers);
undef(output.body),
output.body="err 500",
wrong_token =>
output.code = int(401); //unauthorized
undef(output.headers);
undef(output.body),
output.body="err 401",
missing_parameters =>
output.code = int(400); //wrong parameters
undef(output.headers);
undef(output.body)
output.body="err 400"
);
if (input.page != "/authenticate") {
throw(errreturn)
......@@ -221,45 +230,56 @@ scope (earlyreturn) {
// just check that the token is the right one. the user is automatically
// accepted
parse_www_form@HTTP(info.query) (pairs);
pairs.pair << input.query;
pairs.search = "oauth_token";
pairSearch@HTTP(pairs) (answer);
if (!answer.found)
throw(missing_parameters);
test.sid = "issued_token";
get@Store(test)(issued_token);
test.sid = "last_callback";
get@Store(test)(last_callback);
last_callback.encoding="UTF-8";
URLdecode@HTTP(last_callback)(callback);
if (answer != issued_token)
throw(wrong_token);
createSecureToken@SecurityUtils(void)(issued_verifier);
output.code = int(302);
test.sid = "issued_verifier";
test.var = issued_verifier;
store@Store(test)();
output.code = 302;
output.headers[0].name = "Location";
output.headers[0].value = last_callback + "?oauth_token=" + answer +
"&oauth_verifier=" +
issued_verifier
output.headers[0].value = callback + "?oauth_token=" + answer +
"&oauth_verifier=" + issued_verifier +
"&uid=101"
}
}]{nullProcess}
[OAuth1Access (input) (output) {
scope (earlyreturn) {
install (errreturn =>
output.code = int(500);
undef(output.headers);
undef(output.body),
output.body="err 500",
wrong_token =>
output.code = int(401); //unauthorized
undef(output.headers);
undef(output.body),
output.body="err 401",
wrong_header =>
output.code = int(400); //wrong parameters
undef(output.headers);
undef(output.body),
output.body="err 400",
missing_parameters =>
output.code = int(400); //wrong parameters
undef(output.headers);
undef(output.body)
output.body="err 400"
);
scope (earlyreturn) {
if (input.page != "/access") {
throw(errreturn)
};
......@@ -272,6 +292,7 @@ scope (earlyreturn) {
};
undef(answer.found);
parseAuthHeader@OAuth1Data(answer)(pairs);
//check that the required parameters are present:
......@@ -284,14 +305,28 @@ scope (earlyreturn) {
pairSearch@HTTP (search) (answer);
if (!answer.found)
throw(missing_parameters);
//check that the token is the right one:
get.sid="issued_token";
get@Store(get)(issued_token);
if (answer != issued_token)
throw(wrong_signature);
search.search = "oauth_signature_method";
pairSearch@HTTP (search) (answer);
if (!answer.found || answer != "HMAC-SHA1") // only one supported
throw(missing_parameters);
search.search = "oauth_signature";
pairSearch@HTTP (search) (answer);
if (!answer.found)
throw(missing_parameters);
old_signature = answer;
search.search = "oauth_verifier";
pairSearch@HTTP (search) (answer);
if (!answer.found)
throw(missing_parameters);
id.sid="issued_verifier";
get@Store(id)(issued_verifier);
if (answer != issued_verifier) //check that it's the one we issued
throw(wrong_signature);
search.search = "oauth_timestamp";
......@@ -301,26 +336,36 @@ scope (earlyreturn) {
// everyone loves clock synchronization... 5 minutes here :)
// keep your clock synched, all good protocols require that... sure...
getCurrentTimeMillis@Time(void)(tmp_timestamp);
tmp_timestamp = tmp_timestamp / 1000;
if ((answer > (tmp_timestamp + 300)) ||(answer < (tmp_timestamp - 300)))
throw(missing_parameters);
timestamp = tmp_timestamp / 1000;
time_got = int(answer);
time_more = timestamp + 300;
time_less = timestamp - 300;
// ok... 2 hour of tests, and this is what I have to do... -.-''
tmp = string(time_more);
time_more = int(tmp);
tmp2 = string(time_less);
time_less = int(tmp2);
undef(tmp);
undef(tmp2);
if ((time_got > time_more) ||(time_got < time_less))
throw(wrong_header);
search.search = "oauth_version";
pairSearch@HTTP (search) (answer);
if (answer.found) {
if (answer != "1.0") // only this is supported by RFC
throw(missing_parameters)
};
search.search = "oauth_callback"; // MUST be defined.
pairSearch@HTTP (search) (answer);
if (!answer.found)
throw(missing_parameters);
last_callback = answer;
get.sid="issued_token_secret";
get@Store(get)(token_secret);
check.pair << search.pair;
check.location = "http://127.0.0.1:8080/access";
toUpperCase@StringUtils(info.method)(check.method);
check.location = "http://localhost:8080/access";
toUpperCase@StringUtils(input.method)(check.method);
check.signature = old_signature;
check.secret = "6yj3c6mjbdixm6i&" + token_secret;
checkSignature@OAuth1Data(check)(testsignature);
if (!testsignature)
......@@ -329,6 +374,7 @@ scope (earlyreturn) {
// finally communicate the data
// these are the final user-authorized tokens.
// you should generate them at random and add them to your database
output.code = 200;
output.headers[0].name="Content-Type";
output.headers[0].value="application/x-www-form-urlencoded";
output.body = "oauth_token=OKyoureAuthenticated&oauth_token_secret=" +
......
type store_in: void {
.sid :string
.var :string
}
type store_req: void {
.sid :string
}
interface storeInterface {
RequestResponse:
store(store_in)(void),
get(store_req)(string)
OneWay:
stop(void)
}
outputPort Store {
Interfaces:
storeInterface
}
embedded {
Jolie:
"store.ol" in Store
}
/*
* really stupid service to keep track of issued variables.
*/
type store_in: void {
.sid :string
.var :string
}
type store_req: void {
.sid :string
}
interface storeInterface {
RequestResponse:
store(store_in)(void),
get(store_req)(string)
OneWay:
stop(void)
}
inputPort Store {
Location: "local"
Interfaces: storeInterface
}
cset {
sid: store_in.sid
store_req.sid
}
execution{concurrent}
main {
store(in)(out){
cset.sid = in.sid;
running = true;
variable = in.var
};
while (running) {
[store(in)(out){
variable = in.var
}]{nullProcess}
[get(in)(out) {
out = variable
}]{nullProcess}
[stop(in)] {
running = false
}
}
}
......@@ -66,6 +66,17 @@ import java.nio.charset.Charset;
public class HTTP extends JavaService
{
@RequestResponse
public static String URLdecode (Value req) throws FaultException
{
try {
URLCodec codec = new URLCodec(req.getFirstChild("encoding")
.strValue());
return new String(codec.decode(req.strValue().getBytes()));
} catch (Exception e) {
throw new FaultException("Encoding_fault", e);
}
}
@RequestResponse
public static String URLencode (Value req) throws FaultException
{
try {
......@@ -471,7 +482,6 @@ public void handle (HttpExchange xchg) throws IOException {
pair.getNewChild("value").setValue(entry.getValue().get(0)
.toString());
req.getNewChild("headers").deepCopy(pair);
System.out.println("header:" + entry.getKey() + "=>" + entry.getValue().get(0).toString());
}
StringWriter writer = new StringWriter();
......
......@@ -79,7 +79,7 @@ type HTTPCallbackReq:void {
.protocol :string
.method :string
.page :string
.query? :HTTPpair
.query* :HTTPpair
.headers* :HTTPpair
.body :string
}
......@@ -94,6 +94,7 @@ RequestResponse:
sendRequest (HTTPRequest) (string) throws send_error,
buildURI (HTTPRequest) (string) throws buildURI_fault,
URLencode (HTTPURLEncoding) (string) throws Encoding_fault,
URLdecode (HTTPURLEncoding) (string) throws Encoding_fault,
parse_www_form (string) (HTTPParseResult) throws parse_error,
jsonToValue (string) (HTTPJson) throws cannot_translate,
searchJson (HTTPJsonSearch) (HTTPJsonAnswer),
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment