代码copy的
https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Authorization+Server
项目主页在:http://www.open-open.com/lib/view/home/1340597456342
OAuth 2.0 Authorization Server
Oltu Authorization Server
With Oltu you can easily create OAuth 2.0 compliant applications.
End User Authorization Endpoint
Simplified implementation of the OAuth 2.0 End User Authorization Endpoint using Oltu:
protected
void
doGet(HttpServletRequest request, HttpServletResponse response)
throws
ServletException, IOException {
try
{
//dynamically recognize an OAuth profile based on request characteristic (params,
// method, content type etc.), perform validation
OAuthAuthzRequest oauthRequest =
new
OAuthAuthzRequest(request);
//some code ....
//build OAuth response
OAuthResponse resp = OAuthASResponse
.authorizationResponse(HttpServletResponse.SC_FOUND)
.setCode(oauthIssuerImpl.authorizationCode())
.location(redirectURI)
.buildQueryMessage();
response.sendRedirect(resp.getLocationUri());
//if something goes wrong
}
catch
(OAuthProblemException ex) {
final
OAuthResponse resp = OAuthASResponse
.errorResponse(HttpServletResponse.SC_FOUND)
.error(ex)
.location(redirectUri)
.buildQueryMessage();
response.sendRedirect(resp.getLocationUri());
}
}
|
With this way of building OAuth requests and responses, it does not matter if you are using Java servlets or the JAX-RS specification.
In JAX-RS endpoint, for example, you would do:
Response.status(resp.getResponseStatus()).location(resp.getLocationUri()).build();
|
Token Endpoint
Simplified implementation of the OAuth 2.0 Token Endpoint using Oltu:
protected
void
doPost(HttpServletRequest request, HttpServletResponse response)
throws
ServletException, IOException {
OAuthTokenRequest oauthRequest =
null
;
OAuthIssuer oauthIssuerImpl =
new
OAuthIssuerImpl(
new
MD5Generator());
try
{
oauthRequest =
new
OAuthTokenRequest(request);
String authzCode = oauthRequest.getCode();
// some code
String accessToken = oauthIssuerImpl.accessToken();
String refreshToken = oauthIssuerImpl.refreshToken();
// some code
OAuthResponse r = OAuthASResponse
.tokenResponse(HttpServletResponse.SC_OK)
.setAccessToken(accessToken)
.setExpiresIn(
"3600"
)
.setRefreshToken(refreshToken)
.buildJSONMessage();
response.setStatus(r.getResponseStatus());
PrintWriter pw = response.getWriter();
pw.print(r.getBody());
pw.flush();
pw.close();
//if something goes wrong
}
catch
(OAuthProblemException ex) {
OAuthResponse r = OAuthResponse
.errorResponse(
401
)
.error(ex)
.buildJSONMessage();
response.setStatus(r.getResponseStatus());
PrintWriter pw = response.getWriter();
pw.print(r.getBody());
pw.flush();
pw.close();
response.sendError(
401
);
}
}
|
If you need more advanced examples, then take a look at the integration-tests module which shows all possibilities provided by Oltu API.