OAuth 2.0 Authorization Server 代码copy

代码copy的

   https://cwiki.apache.org/confluence/display/OLTU/OAuth+2.0+Authorization+Server

 项目主页在：http://www.open-open.com/lib/view/home/1340597456342

OAuth 2.0 Authorization Server

Skip to end of metadata

• 
  
• Added by Łukasz Moreń, last edited by Antonio Sanso on Mar 20, 2013  (view change)

Go to start of metadata

Oltu Authorization Server

With Oltu you can easily create OAuth 2.0 compliant applications.

End User Authorization Endpoint

Simplified implementation of the OAuth 2.0 End User Authorization Endpoint using Oltu:

protected void doGet(HttpServletRequest request, HttpServletResponse response)          throws ServletException, IOException {        try {           //dynamically recognize an OAuth profile based on request characteristic (params,           // method, content type etc.), perform validation           OAuthAuthzRequest oauthRequest = new OAuthAuthzRequest(request);               //some code ....               //build OAuth response           OAuthResponse resp = OAuthASResponse               .authorizationResponse(HttpServletResponse.SC_FOUND)               .setCode(oauthIssuerImpl.authorizationCode())               .location(redirectURI)               .buildQueryMessage();             response.sendRedirect(resp.getLocationUri());             //if something goes wrong      } catch (OAuthProblemException ex) {           final OAuthResponse resp = OAuthASResponse               .errorResponse(HttpServletResponse.SC_FOUND)               .error(ex)               .location(redirectUri)               .buildQueryMessage();             response.sendRedirect(resp.getLocationUri());      }   }

With this way of building OAuth requests and responses, it does not matter if you are using Java servlets or the JAX-RS specification.

In JAX-RS endpoint, for example, you would do:

Response.status(resp.getResponseStatus()).location(resp.getLocationUri()).build();

Token Endpoint

Simplified implementation of the OAuth 2.0 Token Endpoint using Oltu:

protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {   OAuthTokenRequest oauthRequest = null ;   OAuthIssuer oauthIssuerImpl = new OAuthIssuerImpl( new MD5Generator());        try {              oauthRequest = new OAuthTokenRequest(request);                String authzCode = oauthRequest.getCode();               // some code               String accessToken = oauthIssuerImpl.accessToken();             String refreshToken = oauthIssuerImpl.refreshToken();               // some code                  OAuthResponse r = OAuthASResponse                  .tokenResponse(HttpServletResponse.SC_OK)                  .setAccessToken(accessToken)                  .setExpiresIn( "3600" )                  .setRefreshToken(refreshToken)                  .buildJSONMessage();            response.setStatus(r.getResponseStatus());          PrintWriter pw = response.getWriter();          pw.print(r.getBody());          pw.flush();          pw.close();             //if something goes wrong      } catch (OAuthProblemException ex) {            OAuthResponse r = OAuthResponse              .errorResponse( 401 )              .error(ex)              .buildJSONMessage();            response.setStatus(r.getResponseStatus());            PrintWriter pw = response.getWriter();          pw.print(r.getBody());          pw.flush();          pw.close();            response.sendError( 401 );      }   }

If you need more advanced examples, then take a look at the integration-tests module which shows all possibilities provided by Oltu API.