OAuthAuthorization

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

twitter4j.auth
Class OAuthAuthorization

java.lang.Object
  twitter4j.auth.OAuthAuthorization

All Implemented Interfaces:: java.io.Serializable, Authorization, OAuthSupport

public class OAuthAuthorization
extends java.lang.Object
implements Authorization, java.io.Serializable, OAuthSupport
extends java.lang.Object
implements Authorization, java.io.Serializable, OAuthSupport

Author:: Yusuke Yamamoto - yusuke at mac.com
See Also:: OAuth Core 1.0a, Serialized Form

Field Summary
`private Configuration`	`conf`
`private java.lang.String`	`consumerKey`
`private java.lang.String`	`consumerSecret`
`private static java.lang.String`	`HMAC_SHA1`
`private static twitter4j.internal.http.HttpClientWrapper`	`http`
`private static twitter4j.internal.logging.Logger`	`logger`
`private static twitter4j.internal.http.HttpParameter`	`OAUTH_SIGNATURE_METHOD`
`private OAuthToken`	`oauthToken`
`private static java.util.Random`	`RAND`
`private java.lang.String`	`realm`
`private static long`	`serialVersionUID`

Constructor Summary
`OAuthAuthorization(Configuration conf)`

Method Summary
`static java.lang.String`	`constructRequestURL(java.lang.String url)` The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint.
`static java.lang.String`	`encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams)`
`static java.lang.String`	`encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams, java.lang.String splitter, boolean quot)`
`private void`	`ensureTokenIsAvailable()`
`boolean`	`equals(java.lang.Object o)`
`(package private) java.lang.String`	`generateAuthorizationHeader(java.lang.String method, java.lang.String url, twitter4j.internal.http.HttpParameter[] params, OAuthToken token)`
`(package private) java.lang.String`	`generateAuthorizationHeader(java.lang.String method, java.lang.String url, twitter4j.internal.http.HttpParameter[] params, java.lang.String nonce, java.lang.String timestamp, OAuthToken otoken)`
`java.util.List<twitter4j.internal.http.HttpParameter>`	`generateOAuthSignatureHttpParams(java.lang.String method, java.lang.String url)`
`(package private) java.lang.String`	`generateSignature(java.lang.String data)`
`(package private) java.lang.String`	`generateSignature(java.lang.String data, OAuthToken token)` Computes RFC 2104-compliant HMAC signature.
`java.lang.String`	`getAuthorizationHeader(twitter4j.internal.http.HttpRequest req)`
`AccessToken`	`getOAuthAccessToken()` Returns an access token associated with this instance. If no access token is associated with this instance, this will retrieve a new access token.
`AccessToken`	`getOAuthAccessToken(RequestToken requestToken)` Retrieves an access token associated with the supplied request token and sets userId.
`AccessToken`	`getOAuthAccessToken(RequestToken requestToken, java.lang.String oauthVerifier)` Retrieves an access token associated with the supplied request token and sets userId.
`AccessToken`	`getOAuthAccessToken(java.lang.String oauthVerifier)` Retrieves an access token.
`AccessToken`	`getOAuthAccessToken(java.lang.String screenName, java.lang.String password)` Retrieves an access token associated with the supplied screen name and password using xAuth. In order to get access acquire AccessToken using xAuth, you must apply by sending an email to api@twitter.com — all other applications will receive an HTTP 401 error.
`RequestToken`	`getOAuthRequestToken()` Retrieves a request token
`RequestToken`	`getOAuthRequestToken(java.lang.String callbackURL)` Retrieves a request token
`int`	`hashCode()`
`boolean`	`isEnabled()` #{inheritDoc}
`static java.lang.String`	`normalizeAuthorizationHeaders(java.util.List<twitter4j.internal.http.HttpParameter> params)`
`static java.lang.String`	`normalizeRequestParameters(twitter4j.internal.http.HttpParameter[] params)` The request parameters are collected, sorted and concatenated into a normalized string: • Parameters in the OAuth HTTP Authorization header excluding the realm parameter. • Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded). • HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3). The oauth_signature parameter MUST be excluded. The parameters are normalized into a single string as follows: 1.
`static java.lang.String`	`normalizeRequestParameters(java.util.List<twitter4j.internal.http.HttpParameter> params)`
`private void`	`parseGetParameters(java.lang.String url, java.util.List<twitter4j.internal.http.HttpParameter> signatureBaseParams)`
`void`	`setOAuthAccessToken(AccessToken accessToken)` Sets the access token
`void`	`setOAuthConsumer(java.lang.String consumerKey, java.lang.String consumerSecret)` sets the OAuth consumer key and consumer secret
`void`	`setOAuthRealm(java.lang.String realm)` Sets the OAuth realm
`static java.util.List<twitter4j.internal.http.HttpParameter>`	`toParamList(twitter4j.internal.http.HttpParameter[] params)`
`java.lang.String`	`toString()`

Methods inherited from class java.lang.Object
`clone, finalize, getClass, notify, notifyAll, wait, wait, wait`

Field Detail

conf

private final Configuration conf

http

private static transient twitter4j.internal.http.HttpClientWrapper http

HMAC_SHA1

private static final java.lang.String HMAC_SHA1

See Also:: Constant Field Values

OAUTH_SIGNATURE_METHOD

private static final twitter4j.internal.http.HttpParameter OAUTH_SIGNATURE_METHOD

logger

private static final twitter4j.internal.logging.Logger logger

serialVersionUID

private static final long serialVersionUID

See Also:: Constant Field Values

consumerKey

private java.lang.String consumerKey

consumerSecret

private java.lang.String consumerSecret

realm

private java.lang.String realm

oauthToken

private OAuthToken oauthToken

RAND

private static java.util.Random RAND

Constructor Detail

OAuthAuthorization

public OAuthAuthorization(Configuration conf)

Parameters:: conf - configuration

Method Detail

getAuthorizationHeader

public java.lang.String getAuthorizationHeader(twitter4j.internal.http.HttpRequest req)

Specified by:: getAuthorizationHeader in interface Authorization

ensureTokenIsAvailable

private void ensureTokenIsAvailable()

isEnabled

public boolean isEnabled()

#{inheritDoc}

Specified by:: isEnabled in interface Authorization

Returns:: true if authorization credentials are set

getOAuthRequestToken

public RequestToken getOAuthRequestToken()
                                  throws TwitterException

Retrieves a request token

Specified by:: getOAuthRequestToken in interface OAuthSupport

Returns:: generated request token.
Throws:: TwitterException - when Twitter service or network is unavailable
See Also:: OAuth FAQ | dev.twitter.com, OAuth Core 1.0a - 6.1. Obtaining an Unauthorized Request Token

getOAuthRequestToken

public RequestToken getOAuthRequestToken(java.lang.String callbackURL)
                                  throws TwitterException

Retrieves a request token

Specified by:: getOAuthRequestToken in interface OAuthSupport

Parameters:: callbackURL - callback URL
Returns:: generated request token
Throws:: TwitterException - when Twitter service or network is unavailable
See Also:: OAuth FAQ | dev.twitter.com, OAuth Core 1.0a - 6.1. Obtaining an Unauthorized Request Token

getOAuthAccessToken

public AccessToken getOAuthAccessToken()
                                throws TwitterException

Returns an access token associated with this instance.
If no access token is associated with this instance, this will retrieve a new access token.

Specified by:: getOAuthAccessToken in interface OAuthSupport

Returns:: access token
Throws:: TwitterException - when Twitter service or network is unavailable, or the user has not authorized
See Also:: OAuth FAQ | dev.twitter.com - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(java.lang.String oauthVerifier)
                                throws TwitterException

Retrieves an access token.

Specified by:: getOAuthAccessToken in interface OAuthSupport

Parameters:: oauthVerifier - OAuth verifier. AKA pin.
Returns:: access token
Throws:: TwitterException - when Twitter service or network is unavailable, or the user has not authorized
See Also:: OAuth FAQ | dev.twitter.com - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(RequestToken requestToken)
                                throws TwitterException

Retrieves an access token associated with the supplied request token and sets userId.

Specified by:: getOAuthAccessToken in interface OAuthSupport

Parameters:: requestToken - the request token
Returns:: access token associated with the supplied request token.
Throws:: TwitterException - when Twitter service or network is unavailable, or the user has not authorized
See Also:: OAuth FAQ | dev.twitter.com - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(RequestToken requestToken,
                                       java.lang.String oauthVerifier)
                                throws TwitterException

Retrieves an access token associated with the supplied request token and sets userId.

Specified by:: getOAuthAccessToken in interface OAuthSupport

Parameters:: requestToken - the request token; oauthVerifier - OAuth verifier. AKA pin.
Returns:: access token associated with the supplied request token.
Throws:: TwitterException - when Twitter service or network is unavailable, or the user has not authorized
See Also:: OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(java.lang.String screenName,
                                       java.lang.String password)
                                throws TwitterException

Retrieves an access token associated with the supplied screen name and password using xAuth.
In order to get access acquire AccessToken using xAuth, you must apply by sending an email to api@twitter.com — all other applications will receive an HTTP 401 error. Web-based applications will not be granted access, except on a temporary basis for when they are converting from basic-authentication support to full OAuth support.
Storage of Twitter usernames and passwords is forbidden. By using xAuth, you are required to store only access tokens and access token secrets. If the access token expires or is expunged by a user, you must ask for their login and password again before exchanging the credentials for an access token.

Specified by:: getOAuthAccessToken in interface OAuthSupport

Parameters:: screenName - the screen name; password - the password
Returns:: access token associated with the supplied request token.
Throws:: TwitterException - when Twitter service or network is unavailable, or the user has not authorized
See Also:: OAuth FAQ | dev.twitter.com - How long does an access token last?, Twitter REST API Method: oauth access_token for xAuth

setOAuthAccessToken

public void setOAuthAccessToken(AccessToken accessToken)

Sets the access token

Specified by:: setOAuthAccessToken in interface OAuthSupport

Parameters:: accessToken - accessToken

setOAuthRealm

public void setOAuthRealm(java.lang.String realm)

Sets the OAuth realm

Parameters:: realm - OAuth realm
Since:: Twitter 2.1.4

generateAuthorizationHeader

java.lang.String generateAuthorizationHeader(java.lang.String method,
                                             java.lang.String url,
                                             twitter4j.internal.http.HttpParameter[] params,
                                             java.lang.String nonce,
                                             java.lang.String timestamp,
                                             OAuthToken otoken)

parseGetParameters

private void parseGetParameters(java.lang.String url,
                                java.util.List<twitter4j.internal.http.HttpParameter> signatureBaseParams)

generateAuthorizationHeader

java.lang.String generateAuthorizationHeader(java.lang.String method,
                                             java.lang.String url,
                                             twitter4j.internal.http.HttpParameter[] params,
                                             OAuthToken token)

Returns:: generated authorization header
See Also:: OAuth Core - 5.4.1. Authorization Header

generateOAuthSignatureHttpParams

public java.util.List<twitter4j.internal.http.HttpParameter> generateOAuthSignatureHttpParams(java.lang.String method,
                                                                                              java.lang.String url)

generateSignature

java.lang.String generateSignature(java.lang.String data,
                                   OAuthToken token)

Computes RFC 2104-compliant HMAC signature.

Parameters:: data - the data to be signed; token - the token
Returns:: signature
See Also:: OAuth Core - 9.2.1. Generating Signature

generateSignature

java.lang.String generateSignature(java.lang.String data)

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(twitter4j.internal.http.HttpParameter[] params)

The request parameters are collected, sorted and concatenated into a normalized string:
• Parameters in the OAuth HTTP Authorization header excluding the realm parameter.
• Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded).
• HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3).

The oauth_signature parameter MUST be excluded.
The parameters are normalized into a single string as follows:
1. Parameters are sorted by name, using lexicographical byte value ordering. If two or more parameters share the same name, they are sorted by their value. For example:
2. a=1, c=hi%20there, f=25, f=50, f=a, z=p, z=t
3.
4. Parameters are concatenated in their sorted order into a single string. For each parameter, the name is separated from the corresponding value by an ‘=’ character (ASCII code 61), even if the value is empty. Each name-value pair is separated by an ‘&’ character (ASCII code 38). For example:
5. a=1&c=hi%20there&f=25&f=50&f=a&z=p&z=t
6.

Parameters:: params - parameters to be normalized and concatenated
Returns:: normalized and concatenated parameters
See Also:: OAuth Core - 9.1.1. Normalize Request Parameters

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(java.util.List<twitter4j.internal.http.HttpParameter> params)

normalizeAuthorizationHeaders

public static java.lang.String normalizeAuthorizationHeaders(java.util.List<twitter4j.internal.http.HttpParameter> params)

toParamList

public static java.util.List<twitter4j.internal.http.HttpParameter> toParamList(twitter4j.internal.http.HttpParameter[] params)

encodeParameters

public static java.lang.String encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams)

Parameters:: httpParams - parameters to be encoded and concatenated
Returns:: encoded string
See Also:: OAuth / TestCases, Space encoding - OAuth | Google Groups

encodeParameters

public static java.lang.String encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams,
                                                java.lang.String splitter,
                                                boolean quot)

constructRequestURL

public static java.lang.String constructRequestURL(java.lang.String url)

The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint. The URL used in the Signature Base String MUST include the scheme, authority, and path, and MUST exclude the query and fragment as defined by [RFC3986] section 3.
If the absolute request URL is not available to the Service Provider (it is always available to the Consumer), it can be constructed by combining the scheme being used, the HTTP Host header, and the relative HTTP request URL. If the Host header is not available, the Service Provider SHOULD use the host name communicated to the Consumer in the documentation or other means.
The Service Provider SHOULD document the form of URL used in the Signature Base String to avoid ambiguity due to URL normalization. Unless specified, URL scheme and authority MUST be lowercase and include the port number; http default port 80 and https default port 443 MUST be excluded.

For example, the request:
HTTP://Example.com:80/resource?id=123
Is included in the Signature Base String as:
http://example.com/resource

Parameters:: url - the url to be normalized
Returns:: the Signature Base String
See Also:: OAuth Core - 9.1.2. Construct Request URL

setOAuthConsumer

public void setOAuthConsumer(java.lang.String consumerKey,
                             java.lang.String consumerSecret)

Description copied from interface: OAuthSupport

sets the OAuth consumer key and consumer secret

Specified by:: setOAuthConsumer in interface OAuthSupport

Parameters:: consumerKey - OAuth consumer key; consumerSecret - OAuth consumer secret

equals

public boolean equals(java.lang.Object o)

Overrides:: equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:: hashCode in class java.lang.Object

toString

public java.lang.String toString()

Overrides:: toString in class java.lang.Object

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

twitter4j.auth Class OAuthAuthorization

conf

http

HMAC_SHA1

OAUTH_SIGNATURE_METHOD

logger

serialVersionUID

consumerKey

consumerSecret

realm

oauthToken

RAND

OAuthAuthorization

getAuthorizationHeader

ensureTokenIsAvailable

isEnabled

getOAuthRequestToken

getOAuthRequestToken

getOAuthAccessToken

getOAuthAccessToken

getOAuthAccessToken

getOAuthAccessToken

getOAuthAccessToken

setOAuthAccessToken

setOAuthRealm

generateAuthorizationHeader

parseGetParameters

generateAuthorizationHeader

generateOAuthSignatureHttpParams

generateSignature

generateSignature

normalizeRequestParameters

normalizeRequestParameters

normalizeAuthorizationHeaders

toParamList

encodeParameters

encodeParameters

constructRequestURL

setOAuthConsumer

equals

hashCode

toString

twitter4j.auth
Class OAuthAuthorization