OAuth valid request: one step closer

Signed-off-by: Luca Fulchir <luca@fulchir.it>
parent 0744b476
*~
.class
.jar
build/
......@@ -9,6 +9,7 @@ LIBRARY="httpcore-4.2.2.jar httpclient-4.2.3.jar commons-io-2.4.jar"
java:
- mkdir -p ${BUILDDIR} 2>/dev/null
${JAVAC} -cp ${JOLIEDIR}/jolie.jar -d ${BUILDDIR} jolie/net/utils/URLEncoder.java
${JAVAC} -cp ${JOLIEDIR}/jolie.jar:${JARDIR}/commons-codec-1.6.jar -d ${BUILDDIR} jolie/net/utils/Hmac.java
${JAVAC} -cp ${JOLIEDIR}/jolie.jar:${JARDIR}/httpcore-4.2.2.jar:${JARDIR}/httpclient-4.2.3.jar:${JARDIR}/commons-io-2.4.jar -d ${BUILDDIR} jolie/net/utils/genericHTTP.java
cd ${BUILDDIR} && jar cvf ${PACKAGE_NAME} ./jolie/net/utils/*class && cd ${CWD}
......@@ -16,9 +17,10 @@ java:
clean:
- rm -rf ${BUILDDIR}
javaServices: java
install: java
cp ${BUILDDIR}/utils.jar ${JOLIEDIR}/javaServices/
cp ${JARDIR}/*.jar ${JOLIEDIR}/javaServices/
demo1: javaServices
demo1: install
jolie jolie/net/OAuth/demo.ol
include "OAuth1.iol"
include "console.iol"
include "jolie/net/utils/genericHTTP.iol"
include "string_utils.iol"
inputPort OAuth1 {
Location: "local"
......@@ -12,10 +13,12 @@ RequestToken (where) (answer) {
http_data.URI = where.location;
http_data.method = where.method;
http_data.headers[0].name = "userAgent";
http_data.headers[0].value= "Jolie-OAuth";
http_data.headers[1].name = "Authorization";
toUpperCase@StringUtils (where.method) (http_data.method);
where.method = http_data.method;
http_data.headers[0].name = "userAgent";
http_data.headers[0].value = "Jolie-OAuth";
http_data.headers[1].name = "Authorization";
http_data.headers[1].value = "";
DataRequestToken@OAuth1Data (where) (http_data.headers[1].value);
sendRequest@genericHTTP(http_data) (answer)
......
......@@ -7,8 +7,8 @@ main
{
// data needed for the connection: where to connect, how and who we are
//data.location = "http://api.dropbox.com:80/1/oauth/request_token";
data.location = "http://codepedia.eu:80/oauth";
data.location = "http://api.dropbox.com/1/oauth/request_token";
//data.location = "http://codepedia.eu/oauth";
data.method = "post";
data.callback = "";
createSecureToken@SecurityUtils(void)(data.consumer_key);
......
......@@ -2,6 +2,9 @@ include "security_utils.iol"
include "time.iol"
include "OAuth1Data.iol"
include "string_utils.iol"
include "jolie/net/utils/Hmac.iol"
include "jolie/net/utils/URLEncoder.iol"
include "console.iol"
inputPort OAuth1Data{
Location: "local"
......@@ -9,7 +12,13 @@ inputPort OAuth1Data{
}
main {
DataRequestToken (where) (postString) {
DataRequestToken (where) (postString)
{
scope (error_handler) {
install( Hmac_fault =>
println@Console("HmacError") ();
postString = "ERROR"
);
// getCurrentTimeMillis is a temporary interface, but there's
// nothing better :(
getCurrentTimeMillis@Time(void)(tmp_timestamp);
......@@ -18,14 +27,45 @@ DataRequestToken (where) (postString) {
// a little too much as a nonce, but it's easier this way :p
createSecureToken@SecurityUtils(void)(oauth_nonce);
postString = "oauth_consumer_key=\"" + where.consumer_key + "\"," +
toSort.item[0] = "oauth_consumer_key=" + where.consumer_key;
toSort.item[1] = "oauth_signature_method=HMAC-SHA1";
toSort.item[2] = "oauth_timestamp=" + tmp_timestamp;
toSort.item[3] = "oauth_nonce=" + oauth_nonce;
toSort.item[4] = "oauth_version=1.0";
//toSort.item[5] = "oauth_callback=" + where.callback;
sort@StringUtils (toSort) (sorted);
toEncode.encoding = "UTF8";
toEncode.input = where.location;
encode@URLEncoder (toEncode) (encodedLocation);
toHash.secret = "&";
toHash.data = where.method + "&" + encodedLocation + "&";
tmp = "";
for (i = 0, i < 4, i++) {
tmp = tmp + sorted.item[i] + "&"
};
tmp = tmp + sorted.item[4];
toEncode.input = tmp;
encode@URLEncoder (toEncode) (encodedParams);
toHash.data = toHash.data + encodedParams;
sha1@Hmac (toHash) (tmpSignature);
toEncode.input = tmpSignature;
encode@URLEncoder (toEncode) (signature);
println@Console(">>>>>" + toHash.data + ">>>>" + signature) ();
postString = "OAuth " +
"oauth_consumer_key=\"" + where.consumer_key + "\"," +
"oauth_signature_method=\"HMAC-SHA1\"," +
"oath_timestamp=\"" + tmp_timestamp + "\"," +
"oauth_timestamp=\"" + tmp_timestamp + "\"," +
"oauth_nonce=\"" + oauth_nonce + "\"," +
"oauth_callback=\"" + where.callback + "\"," +
"oauth_version=\"1.0\"," +
"oauth_signature=\"\""
"oauth_signature=\"" + signature + "\""
//"oauth_callback=\"" + where.callback + "\"," +
}
}
}
......
/***************************************************************************
* Copyright (C) 2013 by Luca Fulchir <luca@fulchir.it> *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU Library General Public License as *
* published by the Free Software Foundation; either version 2 of the *
* License, or (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU Library General Public *
* License along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
* *
* For details about the authors of this software, see the AUTHORS file. *
***************************************************************************/
type HmacRequest:void {
.secret :string
.data :string
}
interface HmacInterface {
RequestResponse:
sha1 (HmacRequest) (string) throws Hmac_fault
}
outputPort Hmac {
Interfaces:
HmacInterface
}
embedded {
Java:
"jolie.net.utils.Hmac" in Hmac
}
/* *************************************************************************
* Copyright (C) 2013 by Luca Fulchir <luca@fulchir.it> *
* *
* This program is free software; you can redistribute it and/or modify *
* it under the terms of the GNU Library General Public License as *
* published by the Free Software Foundation; either version 2 of the *
* License, or (at your option) any later version. *
* *
* This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU Library General Public *
* License along with this program; if not, write to the *
* Free Software Foundation, Inc., *
* 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. *
* *
* For details about the authors of this software, see the AUTHORS file. *
***************************************************************************/
package jolie.net.utils;
import org.apache.commons.codec.binary.Base64;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;
import jolie.runtime.JavaService;
import jolie.runtime.Value;
import jolie.runtime.ValueVector;
import jolie.runtime.embedding.RequestResponse;
import jolie.runtime.FaultException;
public class Hmac extends JavaService
{
@RequestResponse
public static String sha1 (Value req) throws FaultException
{
String secret = req.getFirstChild("secret").strValue();
try {
Mac mac = Mac.getInstance("HmacSHA1");
SecretKeySpec hash = new SecretKeySpec(secret.getBytes(),
"HmacSHA1");
mac.init(hash);
byte[] digest = mac.doFinal(req.getFirstChild("data").strValue()
.getBytes());
return Base64.encodeBase64String(digest);
} catch (Exception e) {
throw new FaultException("Hmac_fault", e);
}
}
}
......@@ -26,7 +26,7 @@ type URLEncoderRequest:void {
interface URLEncoderInterface {
RequestResponse:
encode (URLEncoderRequest) (string)
encode (URLEncoderRequest) (string) throws Encoding
}
outputPort URLEncoder {
......
......@@ -38,7 +38,7 @@ public static String encode (Value req) throws FaultException
req.getFirstChild( "input" ).strValue(),
req.getFirstChild( "encoding" ).strValue());
} catch (java.io.UnsupportedEncodingException e) {
throw new FaultException(e.getMessage());
throw new FaultException("Encoding", e);
}
return result;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment