2018-01-11 12:13:01 +01:00
|
|
|
package eu.eudat.security.validators.twitter;
|
|
|
|
|
2018-02-07 10:56:30 +01:00
|
|
|
import eu.eudat.exceptions.security.NonValidTokenException;
|
|
|
|
import eu.eudat.exceptions.security.UnauthorisedException;
|
2018-01-11 12:13:01 +01:00
|
|
|
import eu.eudat.models.login.LoginInfo;
|
|
|
|
import eu.eudat.models.loginprovider.LoginProviderUser;
|
|
|
|
import eu.eudat.models.security.Principal;
|
|
|
|
import eu.eudat.security.validators.TokenValidator;
|
|
|
|
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
|
|
|
|
import eu.eudat.services.ApiContext;
|
|
|
|
import eu.eudat.services.AuthenticationService;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
|
|
import org.springframework.core.env.Environment;
|
|
|
|
import org.springframework.social.oauth1.AuthorizedRequestToken;
|
|
|
|
import org.springframework.social.oauth1.OAuthToken;
|
|
|
|
import org.springframework.social.twitter.api.TwitterProfile;
|
|
|
|
import org.springframework.social.twitter.api.impl.TwitterTemplate;
|
|
|
|
import org.springframework.social.twitter.connect.TwitterServiceProvider;
|
|
|
|
import org.springframework.stereotype.Component;
|
|
|
|
|
|
|
|
import java.io.IOException;
|
|
|
|
import java.security.GeneralSecurityException;
|
|
|
|
import java.util.Map;
|
|
|
|
|
2018-02-01 10:08:06 +01:00
|
|
|
|
2018-01-11 12:13:01 +01:00
|
|
|
@Component("twitterTokenValidator")
|
|
|
|
public class TwitterTokenValidator implements TokenValidator {
|
|
|
|
|
|
|
|
private Environment environment;
|
|
|
|
private ApiContext apiContext;
|
|
|
|
private AuthenticationService authenticationService;
|
|
|
|
private TwitterServiceProvider twitterServiceProvider;
|
|
|
|
|
|
|
|
@Autowired
|
|
|
|
public TwitterTokenValidator(Environment environment, ApiContext apiContext, AuthenticationService authenticationService) {
|
|
|
|
this.environment = environment;
|
|
|
|
this.apiContext = apiContext;
|
|
|
|
this.authenticationService = authenticationService;
|
|
|
|
this.twitterServiceProvider = new TwitterServiceProvider(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"));
|
|
|
|
}
|
|
|
|
|
|
|
|
@Override
|
|
|
|
public Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException {
|
|
|
|
String verifier = (String) credentials.getData();
|
2018-02-16 11:34:02 +01:00
|
|
|
OAuthToken oAuthToken = new OAuthToken(credentials.getTicket(), verifier);
|
|
|
|
AuthorizedRequestToken authorizedRequestToken = new AuthorizedRequestToken(oAuthToken, verifier);
|
|
|
|
OAuthToken finalOauthToken = this.twitterServiceProvider.getOAuthOperations().exchangeForAccessToken(authorizedRequestToken, null);
|
|
|
|
TwitterTemplate twitterTemplate = new TwitterTemplate(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"), finalOauthToken.getValue(), finalOauthToken.getSecret());
|
|
|
|
TwitterProfile profile = this.twitterServiceProvider.getApi(finalOauthToken.getValue(), finalOauthToken.getSecret()).userOperations().getUserProfile();
|
2018-01-11 12:13:01 +01:00
|
|
|
LoginProviderUser user = new LoginProviderUser();
|
|
|
|
|
|
|
|
Map values = twitterTemplate.getRestTemplate().getForObject("https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true", Map.class);
|
2018-02-16 11:34:02 +01:00
|
|
|
if (values.get("email") == null)
|
|
|
|
throw new UnauthorisedException("Cannot login user.Twitter account did not provide email");
|
2018-01-11 12:13:01 +01:00
|
|
|
user.setEmail((String) values.get("email"));
|
|
|
|
user.setIsVerified(true); //TODO
|
2018-02-23 11:36:51 +01:00
|
|
|
user.setId(""+profile.getId());
|
2018-01-11 12:13:01 +01:00
|
|
|
user.setName(profile.getName());
|
|
|
|
user.setProvider(TokenValidatorFactoryImpl.LoginProvider.TWITTER);
|
|
|
|
user.setSecret(finalOauthToken.getValue());
|
|
|
|
return this.authenticationService.Touch(user);
|
|
|
|
}
|
|
|
|
|
|
|
|
public OAuthToken getRequestToken() {
|
|
|
|
return this.twitterServiceProvider.getOAuthOperations().fetchRequestToken(this.environment.getProperty("twitter.login.redirect_uri"), null);
|
|
|
|
}
|
|
|
|
}
|