spring oauth reddit submit

This commit is contained in:
DOHA 2015-02-22 11:38:29 +02:00
parent d1d0e0d20b
commit 1dcf4a3b3c
5 changed files with 135 additions and 30 deletions

View File

@ -25,13 +25,14 @@ import org.springframework.security.oauth2.client.token.RequestEnhancer;
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider; import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeAccessTokenProvider;
import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails; import org.springframework.security.oauth2.client.token.grant.code.AuthorizationCodeResourceDetails;
import org.springframework.security.oauth2.common.OAuth2AccessToken; import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2RefreshToken;
import org.springframework.security.oauth2.common.exceptions.InvalidRequestException; import org.springframework.security.oauth2.common.exceptions.InvalidRequestException;
import org.springframework.security.oauth2.common.util.OAuth2Utils; import org.springframework.security.oauth2.common.util.OAuth2Utils;
import org.springframework.util.LinkedMultiValueMap; import org.springframework.util.LinkedMultiValueMap;
import org.springframework.util.MultiValueMap; import org.springframework.util.MultiValueMap;
import org.springframework.web.client.ResponseExtractor; import org.springframework.web.client.ResponseExtractor;
import com.google.common.base.Joiner;
public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAccessTokenProvider { public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAccessTokenProvider {
private StateKeyGenerator stateKeyGenerator = new DefaultStateKeyGenerator(); private StateKeyGenerator stateKeyGenerator = new DefaultStateKeyGenerator();
@ -42,7 +43,6 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
@Override @Override
public String obtainAuthorizationCode(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException, OAuth2AccessDeniedException { public String obtainAuthorizationCode(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) details; AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) details;
HttpHeaders headers = getHeadersForAuthorizationRequest(request); HttpHeaders headers = getHeadersForAuthorizationRequest(request);
@ -97,12 +97,10 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
} }
request.set("code", code); request.set("code", code);
return code; return code;
} }
@Override @Override
public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException, OAuth2AccessDeniedException { public OAuth2AccessToken obtainAccessToken(OAuth2ProtectedResourceDetails details, AccessTokenRequest request) throws UserRedirectRequiredException, UserApprovalRequiredException, AccessDeniedException, OAuth2AccessDeniedException {
AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) details; AuthorizationCodeResourceDetails resource = (AuthorizationCodeResourceDetails) details;
if (request.getAuthorizationCode() == null) { if (request.getAuthorizationCode() == null) {
@ -112,24 +110,10 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
obtainAuthorizationCode(resource, request); obtainAuthorizationCode(resource, request);
} }
return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), getHeadersForTokenRequest(request)); return retrieveToken(request, resource, getParametersForTokenRequest(resource, request), getHeadersForTokenRequest(request));
}
@Override
public OAuth2AccessToken refreshAccessToken(OAuth2ProtectedResourceDetails resource, OAuth2RefreshToken refreshToken, AccessTokenRequest request) throws UserRedirectRequiredException, OAuth2AccessDeniedException {
MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
form.add("grant_type", "refresh_token");
form.add("refresh_token", refreshToken.getValue());
try {
return retrieveToken(request, resource, form, getHeadersForTokenRequest(request));
} catch (OAuth2AccessDeniedException e) {
throw getRedirectForAuthorization((AuthorizationCodeResourceDetails) resource, request);
}
} }
private HttpHeaders getHeadersForTokenRequest(AccessTokenRequest request) { private HttpHeaders getHeadersForTokenRequest(AccessTokenRequest request) {
HttpHeaders headers = new HttpHeaders(); HttpHeaders headers = new HttpHeaders();
// No cookie for token request
return headers; return headers;
} }
@ -143,7 +127,6 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
} }
private MultiValueMap<String, String> getParametersForTokenRequest(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) { private MultiValueMap<String, String> getParametersForTokenRequest(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {
MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>(); MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
form.set("grant_type", "authorization_code"); form.set("grant_type", "authorization_code");
form.set("code", request.getAuthorizationCode()); form.set("code", request.getAuthorizationCode());
@ -167,11 +150,9 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
} }
return form; return form;
} }
private MultiValueMap<String, String> getParametersForAuthorizeRequest(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) { private MultiValueMap<String, String> getParametersForAuthorizeRequest(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {
MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>(); MultiValueMap<String, String> form = new LinkedMultiValueMap<String, String>();
form.set("response_type", "code"); form.set("response_type", "code");
form.set("client_id", resource.getClientId()); form.set("client_id", resource.getClientId());
@ -179,7 +160,7 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
if (request.get("scope") != null) { if (request.get("scope") != null) {
form.set("scope", request.getFirst("scope")); form.set("scope", request.getFirst("scope"));
} else { } else {
form.set("scope", OAuth2Utils.formatParameterList(resource.getScope())); form.set("scope", Joiner.on(',').join(resource.getScope()));
} }
String redirectUri = resource.getPreEstablishedRedirectUri(); String redirectUri = resource.getPreEstablishedRedirectUri();
@ -204,17 +185,13 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
} }
return form; return form;
} }
private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) { private UserRedirectRequiredException getRedirectForAuthorization(AuthorizationCodeResourceDetails resource, AccessTokenRequest request) {
// we don't have an authorization code yet. So first get that.
TreeMap<String, String> requestParameters = new TreeMap<String, String>(); TreeMap<String, String> requestParameters = new TreeMap<String, String>();
requestParameters.put("response_type", "code"); // oauth2 spec, section 3 requestParameters.put("response_type", "code");
requestParameters.put("client_id", resource.getClientId()); requestParameters.put("client_id", resource.getClientId());
requestParameters.put("duration", "permanent"); requestParameters.put("duration", "permanent");
// Client secret is not required in the initial authorization request
String redirectUri = resource.getRedirectUri(request); String redirectUri = resource.getRedirectUri(request);
if (redirectUri != null) { if (redirectUri != null) {
@ -231,7 +208,7 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
while (scopeIt.hasNext()) { while (scopeIt.hasNext()) {
builder.append(scopeIt.next()); builder.append(scopeIt.next());
if (scopeIt.hasNext()) { if (scopeIt.hasNext()) {
builder.append(' '); builder.append(',');
} }
} }
} }
@ -248,7 +225,6 @@ public class MyAuthorizationCodeAccessTokenProvider extends AuthorizationCodeAcc
request.setPreservedState(redirectUri); request.setPreservedState(redirectUri);
return redirectException; return redirectException;
} }
} }

View File

@ -85,7 +85,7 @@ public class WebConfig extends WebMvcConfigurerAdapter {
details.setAccessTokenUri(accessTokenUri); details.setAccessTokenUri(accessTokenUri);
details.setUserAuthorizationUri(userAuthorizationUri); details.setUserAuthorizationUri(userAuthorizationUri);
details.setTokenName("oauth_token"); details.setTokenName("oauth_token");
details.setScope(Arrays.asList("identity")); details.setScope(Arrays.asList("identity", "read", "submit"));
details.setGrantType("authorization_code"); details.setGrantType("authorization_code");
return details; return details;
} }

View File

@ -1,14 +1,26 @@
package org.baeldung.web; package org.baeldung.web;
import java.io.IOException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.oauth2.client.OAuth2RestTemplate; import org.springframework.security.oauth2.client.OAuth2RestTemplate;
import org.springframework.security.oauth2.client.resource.UserApprovalRequiredException; import org.springframework.security.oauth2.client.resource.UserApprovalRequiredException;
import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException; import org.springframework.security.oauth2.client.resource.UserRedirectRequiredException;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.Model; import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
@ -36,6 +48,81 @@ public class RedditController {
return "reddit"; return "reddit";
} }
@RequestMapping("/submit")
public String submit(Model model, @RequestParam Map<String, String> formParams) {
try {
System.out.println(formParams.keySet());
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity req = new HttpEntity(headers);
Map<String, String> param = new HashMap<String, String>();
param.put("api_type", "json");
param.put("kind", "self");
param.put("sr", "api");
// param.put("iden", "XCzyTdJveIcYXNhLJ4a2X9WVDswtx83u");
// param.put("captcha", "BJMGMU");
// param.put("title", "http2 is coming soon");
// param.put("text", "http2 is coming soon what do you think about that");
param.putAll(formParams);
System.out.println(param.keySet());
System.out.println(param.entrySet());
ResponseEntity<String> result = redditRestTemplate.postForEntity("https://oauth.reddit.com/api/submit", req, String.class, param);
model.addAttribute("error", result.getBody());
} catch (UserApprovalRequiredException e) {
throw e;
} catch (UserRedirectRequiredException e) {
throw e;
} catch (Exception e) {
LOGGER.error("Error occurred", e);
model.addAttribute("error", e.getLocalizedMessage());
}
return "reddit";
}
@RequestMapping("/post")
public String showSubmissionForm(Model model) throws JsonProcessingException, IOException {
String needsCaptchaResult = needsCaptcha();
if (needsCaptchaResult.equalsIgnoreCase("true")) {
String newCaptchaResult = getNewCaptcha();
String[] split = newCaptchaResult.split("\"");
String iden = split[split.length - 2];
model.addAttribute("iden", iden.trim());
}
return "submissionForm";
}
//
public List<String> getSubreddit(Model model) throws JsonProcessingException, IOException {
String result = redditRestTemplate.getForObject("https://oauth.reddit.com/subreddits/popular", String.class);
JsonNode node = new ObjectMapper().readTree(result);
node = node.get("data").get("children");
List<String> subreddits = new ArrayList<String>();
for (JsonNode child : node) {
subreddits.add(child.get("data").get("display_name").asText());
}
return subreddits;
}
public String needsCaptcha() {
String result = redditRestTemplate.getForObject("https://oauth.reddit.com/api/needs_captcha.json", String.class);
return result;
}
public String getNewCaptcha() {
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity req = new HttpEntity(headers);
Map<String, String> param = new HashMap<String, String>();
param.put("api_type", "json");
ResponseEntity<String> result = redditRestTemplate.postForEntity("https://oauth.reddit.com/api/new_captcha", req, String.class, param);
return result.getBody();
}
public void setRedditRestTemplate(OAuth2RestTemplate redditRestTemplate) { public void setRedditRestTemplate(OAuth2RestTemplate redditRestTemplate) {
this.redditRestTemplate = redditRestTemplate; this.redditRestTemplate = redditRestTemplate;
} }

View File

@ -9,6 +9,8 @@
<c:when test="${info != null}"> <c:when test="${info != null}">
<h1>Your Reddit Info</h1> <h1>Your Reddit Info</h1>
<b>Your reddit username is </b>${info} <b>Your reddit username is </b>${info}
<br>
<a href="post">Submit to Reddit</a>
</c:when> </c:when>
<c:otherwise> <c:otherwise>
<b>Sorry, error occurred</b> <b>Sorry, error occurred</b>

View File

@ -0,0 +1,40 @@
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>Spring Security OAuth</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
</head>
<body>
<div class="container">
<h1>Submit to Reddit</h1>
<form action="submit" method="post">
<div class="row">
<div class="form-group">
<label class="col-sm-3">Title</label>
<span class="col-sm-9"><input name="title" placeholder="title" class="form-control" /></span>
</div>
<br><br>
<div class="form-group">
<label class="col-sm-3">Content</label>
<span class="col-sm-9"><textarea placeholder="content" class="form-control"></textarea></span>
</div>
<br><br>
<c:if test="${iden != null}">
<input type="hidden" name="iden" value="${iden}"/>
<div class="form-group">
<label class="col-sm-3">Captcha</label>
<span class="col-sm-9"><input name="captcha" placeholder="captcha" class="form-control"/></span>
</div>
<br><br>
<img src="http://www.reddit.com/captcha/${iden}" alt="captcha" width="200"/>
</c:if>
<br><br>
<button type="submit" class="btn btn-primary">Post</button>
</div>
</form>
</div>
</body>
</html>