/*
* Copyright 2010 Nabeel Mukhtar
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
*/
package com.appspot.bitlyminous.command.authentication;
import java.util.logging.Logger;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import oauth.signpost.OAuthConsumer;
import oauth.signpost.OAuthProvider;
import oauth.signpost.basic.DefaultOAuthConsumer;
import twitter4j.Twitter;
import twitter4j.TwitterFactory;
import twitter4j.http.AccessToken;
import twitter4j.http.RequestToken;
import com.appspot.bitlyminous.constant.ApplicationConstants;
import com.appspot.bitlyminous.constant.ParameterNames;
import com.appspot.bitlyminous.entity.OAuthAuthentication;
import com.appspot.bitlyminous.entity.User;
import com.appspot.bitlyminous.service.ServiceFactory;
import com.appspot.bitlyminous.service.UserService;
import com.google.appengine.api.datastore.Text;
/**
* The Class AbstractAuthenticationCommand.
*/
public abstract class AbstractAuthenticationCommand implements AuthenticationCommand {
/** The logger. */
protected final Logger logger = Logger.getLogger(getClass().getCanonicalName());
/** The user service. */
protected UserService userService = ServiceFactory.newInstance().createUserService();
/** The provider. */
protected OAuthProvider provider;
/** The callback url. */
protected String callbackUrl;
/**
* Execute o auth flow.
*
* @param req the req
* @param resp the resp
* @param authentication the authentication
*
* @return true, if successful
*
* @throws Exception the exception
*/
protected boolean executeOAuthFlow(HttpServletRequest req, HttpServletResponse resp, OAuthAuthentication authentication) throws Exception {
OAuthConsumer consumer = new DefaultOAuthConsumer(authentication.getConsumerKey(), authentication.getConsumerSecret());
HttpSession session = req.getSession(true);
if (session.getAttribute(ParameterNames.REQUEST_TOKEN_PARAM) == null || session.getAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM) == null) {
String authUrl = provider.retrieveRequestToken(consumer, callbackUrl);
session.setAttribute(ParameterNames.REQUEST_TOKEN_PARAM, consumer.getToken());
session.setAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM, consumer.getTokenSecret());
resp.sendRedirect(authUrl);
return false;
} else {
consumer.setTokenWithSecret((String) session.getAttribute(ParameterNames.REQUEST_TOKEN_PARAM), (String) session.getAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM));
session.removeAttribute(ParameterNames.REQUEST_TOKEN_PARAM);
session.removeAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM);
provider.retrieveAccessToken(consumer, req.getParameter(ParameterNames.OAUTH_VERIFIER));
authentication.setAccessToken(consumer.getToken());
authentication.setAccessTokenSecret(consumer.getTokenSecret());
authentication.setOauthSessionHandle(provider.getResponseParameters().getFirst("oauth_session_handle"));
return true;
}
}
/**
* Execute twitter o auth.
*
* @param req the req
* @param resp the resp
* @param callbackUrl the callback url
*
* @return true, if successful
*
* @throws Exception the exception
*/
protected boolean executeTwitterOAuth(HttpServletRequest req, HttpServletResponse resp, String callbackUrl) throws Exception {
HttpSession session = req.getSession(true);
Twitter twitter = new TwitterFactory().getInstance();
twitter.setOAuthConsumer(ApplicationConstants.TWITTER_CONSUMER_KEY, ApplicationConstants.TWITTER_CONSUMER_SECRET);
if (session.getAttribute(ParameterNames.REQUEST_TOKEN_PARAM) == null || session.getAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM) == null) {
RequestToken requestToken = twitter.getOAuthRequestToken(callbackUrl);
session.setAttribute(ParameterNames.REQUEST_TOKEN_PARAM, requestToken.getToken());
session.setAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM, requestToken.getTokenSecret());
resp.sendRedirect(requestToken.getAuthenticationURL());
return false;
} else {
AccessToken accessToken = twitter.getOAuthAccessToken(new RequestToken((String) session.getAttribute(ParameterNames.REQUEST_TOKEN_PARAM), (String) session.getAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM)), req.getParameter(ParameterNames.OAUTH_VERIFIER));
session.removeAttribute(ParameterNames.REQUEST_TOKEN_PARAM);
session.removeAttribute(ParameterNames.REQUEST_TOKEN_SECRET_PARAM);
User user = userService.getUserByScreenName(accessToken.getScreenName());
if (user == null) {
user = new User();
user.setScreenName(accessToken.getScreenName());
}
user.setTwitterToken(new Text(accessToken.getToken()));
user.setTwitterSecret(new Text(accessToken.getTokenSecret()));
session.setAttribute(ParameterNames.SESSION_USER, user);
return true;
}
}
}