twitter4j.http
Class OAuthAuthorization

java.lang.Object
  twitter4j.http.OAuthAuthorization

All Implemented Interfaces:

java.io.Serializable, Authorization, OAuthSupport

public final class OAuthAuthorization
extends java.lang.Object
implements Authorization, java.io.Serializable, OAuthSupport

Author:

Yusuke Yamamoto - yusuke at mac.com

See Also:

OAuth Core 1.0a, Serialized Form

Field Summary

private Configuration	conf
private java.lang.String	consumerKey
private java.lang.String	consumerSecret
private static java.lang.String	HMAC_SHA1
private static HttpClientWrapper	http
private static Logger	logger
private static HttpParameter	OAUTH_SIGNATURE_METHOD
private OAuthToken	oauthToken
private static java.util.Random	RAND
(package private) static long	serialVersionUID

Constructor Summary

OAuthAuthorization(Configuration conf, java.lang.String consumerKey, java.lang.String consumerSecret)

OAuthAuthorization(Configuration conf, java.lang.String consumerKey, java.lang.String consumerSecret, AccessToken accessToken)

Method Summary

static java.lang.String	constructRequestURL(java.lang.String url) The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint.
static java.lang.String	encode(java.lang.String value)
static java.lang.String	encodeParameters(java.util.List<HttpParameter> httpParams)
static java.lang.String	encodeParameters(java.util.List<HttpParameter> httpParams, java.lang.String splitter, boolean quot)
boolean	equals(java.lang.Object o)
(package private) java.lang.String	generateAuthorizationHeader(java.lang.String method, java.lang.String url, HttpParameter[] params, OAuthToken token)
(package private) java.lang.String	generateAuthorizationHeader(java.lang.String method, java.lang.String url, HttpParameter[] params, java.lang.String nonce, java.lang.String timestamp, OAuthToken otoken)
(package private) java.lang.String	generateSignature(java.lang.String data)
(package private) java.lang.String	generateSignature(java.lang.String data, OAuthToken token) Computes RFC 2104-compliant HMAC signature.
AccessToken	getOAuthAccessToken() Retrieves an access token.
AccessToken	getOAuthAccessToken(RequestToken requestToken) Retrieves an access token associated with the supplied request token and sets userId.
AccessToken	getOAuthAccessToken(RequestToken requestToken, java.lang.String oauthVerifier) Retrieves an access token associated with the supplied request token and sets userId.
AccessToken	getOAuthAccessToken(java.lang.String oauthVerifier) Retrieves an access token.
RequestToken	getOAuthRequestToken() Retrieves a request token
RequestToken	getOAuthRequestToken(java.lang.String callbackURL) Retrieves a request token
int	hashCode()
private void	init(java.lang.String consumerKey, java.lang.String consumerSecret)
private void	init(java.lang.String consumerKey, java.lang.String consumerSecret, AccessToken accessToken)
boolean	isEnabled()
static java.lang.String	normalizeAuthorizationHeaders(java.util.List<HttpParameter> params)
static java.lang.String	normalizeRequestParameters(HttpParameter[] params) The request parameters are collected, sorted and concatenated into a normalized string: • Parameters in the OAuth HTTP Authorization header excluding the realm parameter. • Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded). • HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3). The oauth_signature parameter MUST be excluded. The parameters are normalized into a single string as follows: 1.
static java.lang.String	normalizeRequestParameters(java.util.List<HttpParameter> params)
private void	parseGetParameters(java.lang.String url, java.util.List<HttpParameter> signatureBaseParams)
void	setAuthorizationHeader(java.lang.String method, java.lang.String url, HttpParameter[] params, java.net.HttpURLConnection con)
private void	setConsumerKey(java.lang.String consumerKey)
private void	setConsumerSecret(java.lang.String consumerSecret)
void	setOAuthAccessToken(AccessToken accessToken) Sets the access token
static java.util.List<HttpParameter>	toParamList(HttpParameter[] params)
java.lang.String	toString()

Methods inherited from class java.lang.Object

clone, finalize, getClass, notify, notifyAll, wait, wait, wait

Field Detail

conf

private final Configuration conf

http

private static transient HttpClientWrapper http

HMAC_SHA1

private static final java.lang.String HMAC_SHA1

See Also:

Constant Field Values

OAUTH_SIGNATURE_METHOD

private static final HttpParameter OAUTH_SIGNATURE_METHOD

logger

private static final Logger logger

serialVersionUID

static final long serialVersionUID

See Also:

Constant Field Values

consumerKey

private java.lang.String consumerKey

consumerSecret

private java.lang.String consumerSecret

oauthToken

private OAuthToken oauthToken

RAND

private static java.util.Random RAND

Constructor Detail

OAuthAuthorization

public OAuthAuthorization(Configuration conf,
                          java.lang.String consumerKey,
                          java.lang.String consumerSecret)

OAuthAuthorization

public OAuthAuthorization(Configuration conf,
                          java.lang.String consumerKey,
                          java.lang.String consumerSecret,
                          AccessToken accessToken)

Method Detail

init

private void init(java.lang.String consumerKey,
                  java.lang.String consumerSecret)

init

private void init(java.lang.String consumerKey,
                  java.lang.String consumerSecret,
                  AccessToken accessToken)

setAuthorizationHeader

public void setAuthorizationHeader(java.lang.String method,
                                   java.lang.String url,
                                   HttpParameter[] params,
                                   java.net.HttpURLConnection con)

Specified by:

setAuthorizationHeader in interface Authorization

isEnabled

public boolean isEnabled()

Specified by:

isEnabled in interface Authorization

getOAuthRequestToken

public RequestToken getOAuthRequestToken()
                                  throws TwitterException

Retrieves a request token

Specified by:

getOAuthRequestToken in interface OAuthSupport

Returns:

generated request token.

Throws:

TwitterException - when Twitter service or network is unavailable

See Also:

Twitter API Wiki - OAuth FAQ, OAuth Core 1.0a - 6.1. Obtaining an Unauthorized Request Token

getOAuthRequestToken

public RequestToken getOAuthRequestToken(java.lang.String callbackURL)
                                  throws TwitterException

Retrieves a request token

Specified by:

getOAuthRequestToken in interface OAuthSupport

Parameters:

callbackURL - callback URL

Returns:

generated request token

Throws:

TwitterException - when Twitter service or network is unavailable

See Also:

Twitter API Wiki - OAuth FAQ, OAuth Core 1.0a - 6.1. Obtaining an Unauthorized Request Token

getOAuthAccessToken

public AccessToken getOAuthAccessToken()
                                throws TwitterException

Retrieves an access token.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Returns:

access token

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

Twitter API Wiki - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(java.lang.String oauthVerifier)
                                throws TwitterException

Retrieves an access token.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

oauthVerifier - OAuth verifier. AKA pin.

Returns:

access token

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

Twitter API Wiki - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(RequestToken requestToken)
                                throws TwitterException

Retrieves an access token associated with the supplied request token and sets userId.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

requestToken - the request token

Returns:

access token associated with the supplied request token.

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

Twitter API Wiki - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(RequestToken requestToken,
                                       java.lang.String oauthVerifier)
                                throws TwitterException

Retrieves an access token associated with the supplied request token and sets userId.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

requestToken - the request token

oauthVerifier - OAuth verifier. AKA pin.

Returns:

access token associated with the supplied request token.

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

Twitter API Wiki - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

setOAuthAccessToken

public void setOAuthAccessToken(AccessToken accessToken)

Sets the access token

Specified by:

setOAuthAccessToken in interface OAuthSupport

Parameters:

accessToken - accessToken

generateAuthorizationHeader

java.lang.String generateAuthorizationHeader(java.lang.String method,
                                             java.lang.String url,
                                             HttpParameter[] params,
                                             java.lang.String nonce,
                                             java.lang.String timestamp,
                                             OAuthToken otoken)

parseGetParameters

private void parseGetParameters(java.lang.String url,
                                java.util.List<HttpParameter> signatureBaseParams)

generateAuthorizationHeader

java.lang.String generateAuthorizationHeader(java.lang.String method,
                                             java.lang.String url,
                                             HttpParameter[] params,
                                             OAuthToken token)

Returns:

generated authorization header

See Also:

OAuth Core - 5.4.1. Authorization Header

generateSignature

java.lang.String generateSignature(java.lang.String data,
                                   OAuthToken token)

Computes RFC 2104-compliant HMAC signature.

Parameters:

data - the data to be signed

token - the token

Returns:

signature

See Also:

OAuth Core - 9.2.1. Generating Signature

generateSignature

java.lang.String generateSignature(java.lang.String data)

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(HttpParameter[] params)

The request parameters are collected, sorted and concatenated into a normalized string:
• Parameters in the OAuth HTTP Authorization header excluding the realm parameter.
• Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded).
• HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3).

The oauth_signature parameter MUST be excluded.
The parameters are normalized into a single string as follows:
1. Parameters are sorted by name, using lexicographical byte value ordering. If two or more parameters share the same name, they are sorted by their value. For example:
2. a=1, c=hi%20there, f=25, f=50, f=a, z=p, z=t
3.
4. Parameters are concatenated in their sorted order into a single string. For each parameter, the name is separated from the corresponding value by an ‘=’ character (ASCII code 61), even if the value is empty. Each name-value pair is separated by an ‘&’ character (ASCII code 38). For example:
5. a=1&c=hi%20there&f=25&f=50&f=a&z=p&z=t
6.

Parameters:

params - parameters to be normalized and concatenated

Returns:

nomarized and concatenated parameters

See Also:

OAuth Core - 9.1.1. Normalize Request Parameters

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(java.util.List<HttpParameter> params)

normalizeAuthorizationHeaders

public static java.lang.String normalizeAuthorizationHeaders(java.util.List<HttpParameter> params)

toParamList

public static java.util.List<HttpParameter> toParamList(HttpParameter[] params)

encodeParameters

public static java.lang.String encodeParameters(java.util.List<HttpParameter> httpParams)

Parameters:

httpParams - parameters to be enocded and concatenated

Returns:

eoncoded string

See Also:

OAuth / TestCases, Space encoding - OAuth | Google Groups

encodeParameters

public static java.lang.String encodeParameters(java.util.List<HttpParameter> httpParams,
                                                java.lang.String splitter,
                                                boolean quot)

encode

public static java.lang.String encode(java.lang.String value)

Parameters:

value - string to be encoded

Returns:

encoded string

See Also:

OAuth / TestCases, Space encoding - OAuth | Google Groups, RFC 3986 - Uniform Resource Identifier (URI): Generic Syntax - 2.1. Percent-Encoding

constructRequestURL

public static java.lang.String constructRequestURL(java.lang.String url)

The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint. The URL used in the Signature Base String MUST include the scheme, authority, and path, and MUST exclude the query and fragment as defined by [RFC3986] section 3.
If the absolute request URL is not available to the Service Provider (it is always available to the Consumer), it can be constructed by combining the scheme being used, the HTTP Host header, and the relative HTTP request URL. If the Host header is not available, the Service Provider SHOULD use the host name communicated to the Consumer in the documentation or other means.
The Service Provider SHOULD document the form of URL used in the Signature Base String to avoid ambiguity due to URL normalization. Unless specified, URL scheme and authority MUST be lowercase and include the port number; http default port 80 and https default port 443 MUST be excluded.

For example, the request:
HTTP://Example.com:80/resource?id=123
Is included in the Signature Base String as:
http://example.com/resource

Parameters:

url - the url to be normalized

Returns:

the Signature Base String

See Also:

OAuth Core - 9.1.2. Construct Request URL

setConsumerKey

private void setConsumerKey(java.lang.String consumerKey)

setConsumerSecret

private void setConsumerSecret(java.lang.String consumerSecret)

equals

public boolean equals(java.lang.Object o)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object