source: josm/trunk/src/oauth/signpost/OAuthConsumer.java@ 7448

Last change on this file since 7448 was 6849, checked in by stoecker, 10 years ago

see #9710 - update oauth library code
File size: 7.1 KB
Line 
1/* Copyright (c) 2009 Matthias Kaeppler
2 *
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15package oauth.signpost;
16
17import java.io.Serializable;
18
19import oauth.signpost.exception.OAuthCommunicationException;
20import oauth.signpost.exception.OAuthExpectationFailedException;
21import oauth.signpost.exception.OAuthMessageSignerException;
22import oauth.signpost.http.HttpParameters;
23import oauth.signpost.http.HttpRequest;
24import oauth.signpost.signature.AuthorizationHeaderSigningStrategy;
25import oauth.signpost.signature.HmacSha1MessageSigner;
26import oauth.signpost.signature.OAuthMessageSigner;
27import oauth.signpost.signature.PlainTextMessageSigner;
28import oauth.signpost.signature.QueryStringSigningStrategy;
29import oauth.signpost.signature.SigningStrategy;
30
31/**
32 * <p>
33 * Exposes a simple interface to sign HTTP requests using a given OAuth token
34 * and secret. Refer to {@link OAuthProvider} how to retrieve a valid token and
35 * token secret.
36 * </p>
37 * <p>
38 * HTTP messages are signed as follows:
39 * <p>
40 *
41 * <pre>
42 * // exchange the arguments with the actual token/secret pair
43 * OAuthConsumer consumer = new DefaultOAuthConsumer(&quot;1234&quot;, &quot;5678&quot;);
44 *
45 * URL url = new URL(&quot;http://example.com/protected.xml&quot;);
46 * HttpURLConnection request = (HttpURLConnection) url.openConnection();
47 *
48 * consumer.sign(request);
49 *
50 * request.connect();
51 * </pre>
52 *
53 * </p>
54 * </p>
55 *
56 * @author Matthias Kaeppler
57 */
58public interface OAuthConsumer extends Serializable {
59
60 /**
61 * Sets the message signer that should be used to generate the OAuth
62 * signature.
63 *
64 * @param messageSigner
65 * the signer
66 * @see HmacSha1MessageSigner
67 * @see PlainTextMessageSigner
68 */
69 public void setMessageSigner(OAuthMessageSigner messageSigner);
70
71 /**
72 * Allows you to add parameters (typically OAuth parameters such as
73 * oauth_callback or oauth_verifier) which will go directly into the signer,
74 * i.e. you don't have to put them into the request first. The consumer's
75 * {@link SigningStrategy} will then take care of writing them to the
76 * correct part of the request before it is sent. This is useful if you want
77 * to pre-set custom OAuth parameters. Note that these parameters are
78 * expected to already be percent encoded -- they will be simply merged
79 * as-is. <b>BE CAREFUL WITH THIS METHOD! Your service provider may decide
80 * to ignore any non-standard OAuth params when computing the signature.</b>
81 *
82 * @param additionalParameters
83 * the parameters
84 */
85 public void setAdditionalParameters(HttpParameters additionalParameters);
86
87 /**
88 * Defines which strategy should be used to write a signature to an HTTP
89 * request.
90 *
91 * @param signingStrategy
92 * the strategy
93 * @see AuthorizationHeaderSigningStrategy
94 * @see QueryStringSigningStrategy
95 */
96 public void setSigningStrategy(SigningStrategy signingStrategy);
97
98 /**
99 * <p>
100 * Causes the consumer to always include the oauth_token parameter to be
101 * sent, even if blank. If you're seeing 401s during calls to
102 * {@link OAuthProvider#retrieveRequestToken}, try setting this to true.
103 * </p>
104 *
105 * @param enable
106 * true or false
107 */
108 public void setSendEmptyTokens(boolean enable);
109
110 /**
111 * Signs the given HTTP request by writing an OAuth signature (and other
112 * required OAuth parameters) to it. Where these parameters are written
113 * depends on the current {@link SigningStrategy}.
114 *
115 * @param request
116 * the request to sign
117 * @return the request object passed as an argument
118 * @throws OAuthMessageSignerException
119 * @throws OAuthExpectationFailedException
120 * @throws OAuthCommunicationException
121 */
122 public HttpRequest sign(HttpRequest request) throws OAuthMessageSignerException,
123 OAuthExpectationFailedException, OAuthCommunicationException;
124
125 /**
126 * <p>
127 * Signs the given HTTP request by writing an OAuth signature (and other
128 * required OAuth parameters) to it. Where these parameters are written
129 * depends on the current {@link SigningStrategy}.
130 * </p>
131 * This method accepts HTTP library specific request objects; the consumer
132 * implementation must ensure that only those request types are passed which
133 * it supports.
134 *
135 * @param request
136 * the request to sign
137 * @return the request object passed as an argument
138 * @throws OAuthMessageSignerException
139 * @throws OAuthExpectationFailedException
140 * @throws OAuthCommunicationException
141 */
142 public HttpRequest sign(Object request) throws OAuthMessageSignerException,
143 OAuthExpectationFailedException, OAuthCommunicationException;
144
145 /**
146 * <p>
147 * "Signs" the given URL by appending all OAuth parameters to it which are
148 * required for message signing. The assumed HTTP method is GET.
149 * Essentially, this is equivalent to signing an HTTP GET request, but it
150 * can be useful if your application requires clickable links to protected
151 * resources, i.e. when your application does not have access to the actual
152 * request that is being sent.
153 * </p>
154 *
155 * @param url
156 * the input URL. May have query parameters.
157 * @return the input URL, with all necessary OAuth parameters attached as a
158 * query string. Existing query parameters are preserved.
159 * @throws OAuthMessageSignerException
160 * @throws OAuthExpectationFailedException
161 * @throws OAuthCommunicationException
162 */
163 public String sign(String url) throws OAuthMessageSignerException,
164 OAuthExpectationFailedException, OAuthCommunicationException;
165
166 /**
167 * Sets the OAuth token and token secret used for message signing.
168 *
169 * @param token
170 * the token
171 * @param tokenSecret
172 * the token secret
173 */
174 public void setTokenWithSecret(String token, String tokenSecret);
175
176 public String getToken();
177
178 public String getTokenSecret();
179
180 public String getConsumerKey();
181
182 public String getConsumerSecret();
183
184 /**
185 * Returns all parameters collected from the HTTP request during message
186 * signing (this means the return value may be NULL before a call to
187 * {@link #sign}), plus all required OAuth parameters that were added
188 * because the request didn't contain them beforehand. In other words, this
189 * is the exact set of parameters that were used for creating the message
190 * signature.
191 *
192 * @return the request parameters used for message signing
193 */
194 public HttpParameters getRequestParameters();
195}
Note: See TracBrowser for help on using the repository browser.