argos/dmp-backend/src/main/java/eu/eudat/security/validators/twitter/TwitterTokenValidator.java

package eu.eudat.security.validators.twitter;

import eu.eudat.exceptions.security.NonValidTokenException;
import eu.eudat.exceptions.security.UnauthorisedException;
import eu.eudat.models.login.LoginInfo;
import eu.eudat.models.loginprovider.LoginProviderUser;
import eu.eudat.models.security.Principal;
import eu.eudat.security.validators.TokenValidator;
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
import eu.eudat.services.ApiContext;
import eu.eudat.services.operations.AuthenticationServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.env.Environment;
import org.springframework.social.oauth1.AuthorizedRequestToken;
import org.springframework.social.oauth1.OAuthToken;
import org.springframework.social.twitter.api.TwitterProfile;
import org.springframework.social.twitter.api.impl.TwitterTemplate;
import org.springframework.social.twitter.connect.TwitterServiceProvider;
import org.springframework.stereotype.Component;

import java.io.IOException;
import java.security.GeneralSecurityException;
import java.util.Map;


@Component("twitterTokenValidator")
public class TwitterTokenValidator implements TokenValidator {

    private Environment environment;
    private ApiContext apiContext;
    private AuthenticationServiceImpl authenticationServiceImpl;
    private TwitterServiceProvider twitterServiceProvider;

    @Autowired
    public TwitterTokenValidator(Environment environment, ApiContext apiContext, AuthenticationServiceImpl authenticationServiceImpl) {
        this.environment = environment;
        this.apiContext = apiContext;
        this.authenticationServiceImpl = authenticationServiceImpl;
        this.twitterServiceProvider = new TwitterServiceProvider(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"));
    }

    @Override
    public Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException {
        String verifier = (String) credentials.getData();
        OAuthToken oAuthToken = new OAuthToken(credentials.getTicket(), verifier);
        AuthorizedRequestToken authorizedRequestToken = new AuthorizedRequestToken(oAuthToken, verifier);
        OAuthToken finalOauthToken = this.twitterServiceProvider.getOAuthOperations().exchangeForAccessToken(authorizedRequestToken, null);
        TwitterTemplate twitterTemplate = new TwitterTemplate(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"), finalOauthToken.getValue(), finalOauthToken.getSecret());
        TwitterProfile profile = this.twitterServiceProvider.getApi(finalOauthToken.getValue(), finalOauthToken.getSecret()).userOperations().getUserProfile();
        LoginProviderUser user = new LoginProviderUser();

        Map values = twitterTemplate.getRestTemplate().getForObject("https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true", Map.class);
        if (values.get("email") == null)
            throw new UnauthorisedException("Cannot login user.Twitter account did not provide email");
        user.setEmail((String) values.get("email"));
        user.setIsVerified(true); //TODO
        user.setId(""+profile.getId());
        user.setName(profile.getName());
        user.setProvider(TokenValidatorFactoryImpl.LoginProvider.TWITTER);
        user.setSecret(finalOauthToken.getValue());
        return this.authenticationServiceImpl.Touch(user);
    }

    public OAuthToken getRequestToken() {
        return this.twitterServiceProvider.getOAuthOperations().fetchRequestToken(this.environment.getProperty("twitter.login.redirect_uri"), null);
    }
}
no message 2018-01-11 12:13:01 +01:00			`package eu.eudat.security.validators.twitter;`

no message 2018-02-07 10:56:30 +01:00			`import eu.eudat.exceptions.security.NonValidTokenException;`
			`import eu.eudat.exceptions.security.UnauthorisedException;`
no message 2018-01-11 12:13:01 +01:00			`import eu.eudat.models.login.LoginInfo;`
			`import eu.eudat.models.loginprovider.LoginProviderUser;`
			`import eu.eudat.models.security.Principal;`
			`import eu.eudat.security.validators.TokenValidator;`
			`import eu.eudat.security.validators.TokenValidatorFactoryImpl;`
			`import eu.eudat.services.ApiContext;`
no message 2018-03-05 17:18:45 +01:00			`import eu.eudat.services.operations.AuthenticationServiceImpl;`
no message 2018-01-11 12:13:01 +01:00			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.core.env.Environment;`
			`import org.springframework.social.oauth1.AuthorizedRequestToken;`
			`import org.springframework.social.oauth1.OAuthToken;`
			`import org.springframework.social.twitter.api.TwitterProfile;`
			`import org.springframework.social.twitter.api.impl.TwitterTemplate;`
			`import org.springframework.social.twitter.connect.TwitterServiceProvider;`
			`import org.springframework.stereotype.Component;`

			`import java.io.IOException;`
			`import java.security.GeneralSecurityException;`
			`import java.util.Map;`

no message 2018-02-01 10:08:06 +01:00
no message 2018-01-11 12:13:01 +01:00			`@Component("twitterTokenValidator")`
			`public class TwitterTokenValidator implements TokenValidator {`

			`private Environment environment;`
			`private ApiContext apiContext;`
no message 2018-03-05 17:18:45 +01:00			`private AuthenticationServiceImpl authenticationServiceImpl;`
no message 2018-01-11 12:13:01 +01:00			`private TwitterServiceProvider twitterServiceProvider;`

			`@Autowired`
no message 2018-03-05 17:18:45 +01:00			`public TwitterTokenValidator(Environment environment, ApiContext apiContext, AuthenticationServiceImpl authenticationServiceImpl) {`
no message 2018-01-11 12:13:01 +01:00			`this.environment = environment;`
			`this.apiContext = apiContext;`
no message 2018-03-05 17:18:45 +01:00			`this.authenticationServiceImpl = authenticationServiceImpl;`
no message 2018-01-11 12:13:01 +01:00			`this.twitterServiceProvider = new TwitterServiceProvider(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"));`
			`}`

			`@Override`
			`public Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException {`
			`String verifier = (String) credentials.getData();`
no message 2018-02-16 11:34:02 +01:00			`OAuthToken oAuthToken = new OAuthToken(credentials.getTicket(), verifier);`
			`AuthorizedRequestToken authorizedRequestToken = new AuthorizedRequestToken(oAuthToken, verifier);`
			`OAuthToken finalOauthToken = this.twitterServiceProvider.getOAuthOperations().exchangeForAccessToken(authorizedRequestToken, null);`
			`TwitterTemplate twitterTemplate = new TwitterTemplate(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"), finalOauthToken.getValue(), finalOauthToken.getSecret());`
			`TwitterProfile profile = this.twitterServiceProvider.getApi(finalOauthToken.getValue(), finalOauthToken.getSecret()).userOperations().getUserProfile();`
no message 2018-01-11 12:13:01 +01:00			`LoginProviderUser user = new LoginProviderUser();`

			`Map values = twitterTemplate.getRestTemplate().getForObject("https://api.twitter.com/1.1/account/verify_credentials.json?include_email=true", Map.class);`
no message 2018-02-16 11:34:02 +01:00			`if (values.get("email") == null)`
			`throw new UnauthorisedException("Cannot login user.Twitter account did not provide email");`
no message 2018-01-11 12:13:01 +01:00			`user.setEmail((String) values.get("email"));`
			`user.setIsVerified(true); //TODO`
no message 2018-02-23 11:36:51 +01:00			`user.setId(""+profile.getId());`
no message 2018-01-11 12:13:01 +01:00			`user.setName(profile.getName());`
			`user.setProvider(TokenValidatorFactoryImpl.LoginProvider.TWITTER);`
			`user.setSecret(finalOauthToken.getValue());`
no message 2018-03-05 17:18:45 +01:00			`return this.authenticationServiceImpl.Touch(user);`
no message 2018-01-11 12:13:01 +01:00			`}`

			`public OAuthToken getRequestToken() {`
			`return this.twitterServiceProvider.getOAuthOperations().fetchRequestToken(this.environment.getProperty("twitter.login.redirect_uri"), null);`
			`}`
			`}`