Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

twitter4j.http
Class OAuth

java.lang.Object
  extended by twitter4j.http.OAuth

public class OAuth
extends java.lang.Object

Author:
Yusuke Yamamoto - yusuke at mac.com
See Also:
OAuth Core 1.0

Field Summary
private  java.lang.String consumerKey
           
private  java.lang.String consumerSecret
           
private static boolean DEBUG
           
private static java.lang.String HMAC_SHA1
           
private static PostParameter OAUTH_SIGNATURE_METHOD
           
private static java.util.Random RAND
           
 
Constructor Summary
OAuth(java.lang.String consumerKey, java.lang.String consumerSecret)
           
 
Method Summary
static java.lang.String constructRequestURL(java.lang.String url)
          The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint.
static java.lang.String encode(java.lang.String value)
           
static java.lang.String encodeParameters(java.util.List<PostParameter> postParams)
           
static java.lang.String encodeParameters(java.util.List<PostParameter> postParams, java.lang.String splitter, boolean quot)
           
(package private)  java.lang.String generateAuthorizationHeader(java.lang.String method, java.lang.String url, PostParameter[] params, OAuthToken token)
           
(package private)  java.lang.String generateAuthorizationHeader(java.lang.String method, java.lang.String url, PostParameter[] params, java.lang.String nonce, java.lang.String timestamp, OAuthToken otoken)
           
(package private)  java.lang.String generateSignature(java.lang.String data)
           
(package private)  java.lang.String generateSignature(java.lang.String data, OAuthToken token)
          Computes RFC 2104-compliant HMAC signature.
private  void log(java.lang.String message)
           
private  void log(java.lang.String message, java.lang.String message2)
           
static java.lang.String normalizeAuthorizationHeaders(java.util.List<PostParameter> params)
           
static java.lang.String normalizeRequestParameters(java.util.List<PostParameter> params)
           
static java.lang.String normalizeRequestParameters(PostParameter[] params)
          The request parameters are collected, sorted and concatenated into a normalized string:
• Parameters in the OAuth HTTP Authorization header excluding the realm parameter.
• Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded).
• HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3).

The oauth_signature parameter MUST be excluded.
The parameters are normalized into a single string as follows:
1.
private  void parseGetParameters(java.lang.String url, java.util.List<PostParameter> signatureBaseParams)
           
 void setConsumerKey(java.lang.String consumerKey)
           
 void setConsumerSecret(java.lang.String consumerSecret)
           
static java.util.List<PostParameter> toParamList(PostParameter[] params)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

HMAC_SHA1

private static final java.lang.String HMAC_SHA1
See Also:
Constant Field Values

OAUTH_SIGNATURE_METHOD

private static final PostParameter OAUTH_SIGNATURE_METHOD

DEBUG

private static final boolean DEBUG

consumerKey

private java.lang.String consumerKey

consumerSecret

private java.lang.String consumerSecret

RAND

private static java.util.Random RAND
Constructor Detail

OAuth

public OAuth(java.lang.String consumerKey,
             java.lang.String consumerSecret)
Method Detail

generateAuthorizationHeader

java.lang.String generateAuthorizationHeader(java.lang.String method,
                                             java.lang.String url,
                                             PostParameter[] params,
                                             java.lang.String nonce,
                                             java.lang.String timestamp,
                                             OAuthToken otoken)

parseGetParameters

private void parseGetParameters(java.lang.String url,
                                java.util.List<PostParameter> signatureBaseParams)

generateAuthorizationHeader

java.lang.String generateAuthorizationHeader(java.lang.String method,
                                             java.lang.String url,
                                             PostParameter[] params,
                                             OAuthToken token)
Returns:
See Also:
OAuth Core - 5.4.1. Authorization Header

generateSignature

java.lang.String generateSignature(java.lang.String data,
                                   OAuthToken token)
Computes RFC 2104-compliant HMAC signature.

Parameters:
data - the data to be signed
Returns:
signature
See Also:
OAuth Core - 9.2.1. Generating Signature

generateSignature

java.lang.String generateSignature(java.lang.String data)

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(PostParameter[] params)
The request parameters are collected, sorted and concatenated into a normalized string:
• Parameters in the OAuth HTTP Authorization header excluding the realm parameter.
• Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded).
• HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3).

The oauth_signature parameter MUST be excluded.
The parameters are normalized into a single string as follows:
1. Parameters are sorted by name, using lexicographical byte value ordering. If two or more parameters share the same name, they are sorted by their value. For example:
2. a=1, c=hi%20there, f=25, f=50, f=a, z=p, z=t
3.
4. Parameters are concatenated in their sorted order into a single string. For each parameter, the name is separated from the corresponding value by an ‘=’ character (ASCII code 61), even if the value is empty. Each name-value pair is separated by an ‘&’ character (ASCII code 38). For example:
5. a=1&c=hi%20there&f=25&f=50&f=a&z=p&z=t
6.

Parameters:
params - parameters to be normalized and concatenated
Returns:
nomarized and concatenated parameters
See Also:
OAuth Core - 9.1.1. Normalize Request Parameters

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(java.util.List<PostParameter> params)

normalizeAuthorizationHeaders

public static java.lang.String normalizeAuthorizationHeaders(java.util.List<PostParameter> params)

toParamList

public static java.util.List<PostParameter> toParamList(PostParameter[] params)

encodeParameters

public static java.lang.String encodeParameters(java.util.List<PostParameter> postParams)
Parameters:
postParams - parameters to be enocded and concatenated
Returns:
eoncoded string
See Also:
OAuth / TestCases, Space encoding - OAuth | Google Groups

encodeParameters

public static java.lang.String encodeParameters(java.util.List<PostParameter> postParams,
                                                java.lang.String splitter,
                                                boolean quot)

encode

public static java.lang.String encode(java.lang.String value)
Parameters:
value - string to be encoded
Returns:
encoded string
See Also:
OAuth / TestCases, Space encoding - OAuth | Google Groups, RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax - 2.1. Percent-Encoding

constructRequestURL

public static java.lang.String constructRequestURL(java.lang.String url)
The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint. The URL used in the Signature Base String MUST include the scheme, authority, and path, and MUST exclude the query and fragment as defined by [RFC3986] section 3.
If the absolute request URL is not available to the Service Provider (it is always available to the Consumer), it can be constructed by combining the scheme being used, the HTTP Host header, and the relative HTTP request URL. If the Host header is not available, the Service Provider SHOULD use the host name communicated to the Consumer in the documentation or other means.
The Service Provider SHOULD document the form of URL used in the Signature Base String to avoid ambiguity due to URL normalization. Unless specified, URL scheme and authority MUST be lowercase and include the port number; http default port 80 and https default port 443 MUST be excluded.

For example, the request:
HTTP://Example.com:80/resource?id=123
Is included in the Signature Base String as:
http://example.com/resource

Parameters:
url - the url to be normalized
Returns:
the Signature Base String
See Also:
OAuth Core - 9.1.2. Construct Request URL

setConsumerKey

public void setConsumerKey(java.lang.String consumerKey)

setConsumerSecret

public void setConsumerSecret(java.lang.String consumerSecret)

log

private void log(java.lang.String message)

log

private void log(java.lang.String message,
                 java.lang.String message2)
Overview  Package   Class  Tree  Deprecated  Index  Help 
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD