source: josm/trunk/src/oauth/signpost/OAuthConsumer.java@ 6168

Last change on this file since 6168 was 4231, checked in by stoecker, 13 years ago

add signpost and metadata extractor code to repository directly
File size: 6.9 KB
RevLine 
[4231]1/* Copyright (c) 2009 Matthias Kaeppler
2 *
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15package oauth.signpost;
16
17import java.io.Serializable;
18
19import oauth.signpost.exception.OAuthCommunicationException;
20import oauth.signpost.exception.OAuthExpectationFailedException;
21import oauth.signpost.exception.OAuthMessageSignerException;
22import oauth.signpost.http.HttpParameters;
23import oauth.signpost.http.HttpRequest;
24import oauth.signpost.signature.AuthorizationHeaderSigningStrategy;
25import oauth.signpost.signature.HmacSha1MessageSigner;
26import oauth.signpost.signature.OAuthMessageSigner;
27import oauth.signpost.signature.PlainTextMessageSigner;
28import oauth.signpost.signature.QueryStringSigningStrategy;
29import oauth.signpost.signature.SigningStrategy;
30
31/**
32 * <p>
33 * Exposes a simple interface to sign HTTP requests using a given OAuth token
34 * and secret. Refer to {@link OAuthProvider} how to retrieve a valid token and
35 * token secret.
36 * </p>
37 * <p>
38 * HTTP messages are signed as follows:
39 * <p>
40 *
41 * <pre>
42 * // exchange the arguments with the actual token/secret pair
43 * OAuthConsumer consumer = new DefaultOAuthConsumer(&quot;1234&quot;, &quot;5678&quot;);
44 *
45 * URL url = new URL(&quot;http://example.com/protected.xml&quot;);
46 * HttpURLConnection request = (HttpURLConnection) url.openConnection();
47 *
48 * consumer.sign(request);
49 *
50 * request.connect();
51 * </pre>
52 *
53 * </p>
54 * </p>
55 *
56 * @author Matthias Kaeppler
57 */
58public interface OAuthConsumer extends Serializable {
59
60 /**
61 * Sets the message signer that should be used to generate the OAuth
62 * signature.
63 *
64 * @param messageSigner
65 * the signer
66 * @see HmacSha1MessageSigner
67 * @see PlainTextMessageSigner
68 */
69 public void setMessageSigner(OAuthMessageSigner messageSigner);
70
71 /**
72 * Allows you to add parameters (typically OAuth parameters such as
73 * oauth_callback or oauth_verifier) which will go directly into the signer,
74 * i.e. you don't have to put them into the request first. The consumer's
75 * {@link SigningStrategy} will then take care of writing them to the
76 * correct part of the request before it is sent. Note that these parameters
77 * are expected to already be percent encoded -- they will be simply merged
78 * as-is.
79 *
80 * @param additionalParameters
81 * the parameters
82 */
83 public void setAdditionalParameters(HttpParameters additionalParameters);
84
85 /**
86 * Defines which strategy should be used to write a signature to an HTTP
87 * request.
88 *
89 * @param signingStrategy
90 * the strategy
91 * @see AuthorizationHeaderSigningStrategy
92 * @see QueryStringSigningStrategy
93 */
94 public void setSigningStrategy(SigningStrategy signingStrategy);
95
96 /**
97 * <p>
98 * Causes the consumer to always include the oauth_token parameter to be
99 * sent, even if blank. If you're seeing 401s during calls to
100 * {@link OAuthProvider#retrieveRequestToken}, try setting this to true.
101 * </p>
102 *
103 * @param enable
104 * true or false
105 */
106 public void setSendEmptyTokens(boolean enable);
107
108 /**
109 * Signs the given HTTP request by writing an OAuth signature (and other
110 * required OAuth parameters) to it. Where these parameters are written
111 * depends on the current {@link SigningStrategy}.
112 *
113 * @param request
114 * the request to sign
115 * @return the request object passed as an argument
116 * @throws OAuthMessageSignerException
117 * @throws OAuthExpectationFailedException
118 * @throws OAuthCommunicationException
119 */
120 public HttpRequest sign(HttpRequest request) throws OAuthMessageSignerException,
121 OAuthExpectationFailedException, OAuthCommunicationException;
122
123 /**
124 * <p>
125 * Signs the given HTTP request by writing an OAuth signature (and other
126 * required OAuth parameters) to it. Where these parameters are written
127 * depends on the current {@link SigningStrategy}.
128 * </p>
129 * This method accepts HTTP library specific request objects; the consumer
130 * implementation must ensure that only those request types are passed which
131 * it supports.
132 *
133 * @param request
134 * the request to sign
135 * @return the request object passed as an argument
136 * @throws OAuthMessageSignerException
137 * @throws OAuthExpectationFailedException
138 * @throws OAuthCommunicationException
139 */
140 public HttpRequest sign(Object request) throws OAuthMessageSignerException,
141 OAuthExpectationFailedException, OAuthCommunicationException;
142
143 /**
144 * <p>
145 * "Signs" the given URL by appending all OAuth parameters to it which are
146 * required for message signing. The assumed HTTP method is GET.
147 * Essentially, this is equivalent to signing an HTTP GET request, but it
148 * can be useful if your application requires clickable links to protected
149 * resources, i.e. when your application does not have access to the actual
150 * request that is being sent.
151 * </p>
152 *
153 * @param url
154 * the input URL. May have query parameters.
155 * @return the input URL, with all necessary OAuth parameters attached as a
156 * query string. Existing query parameters are preserved.
157 * @throws OAuthMessageSignerException
158 * @throws OAuthExpectationFailedException
159 * @throws OAuthCommunicationException
160 */
161 public String sign(String url) throws OAuthMessageSignerException,
162 OAuthExpectationFailedException, OAuthCommunicationException;
163
164 /**
165 * Sets the OAuth token and token secret used for message signing.
166 *
167 * @param token
168 * the token
169 * @param tokenSecret
170 * the token secret
171 */
172 public void setTokenWithSecret(String token, String tokenSecret);
173
174 public String getToken();
175
176 public String getTokenSecret();
177
178 public String getConsumerKey();
179
180 public String getConsumerSecret();
181
182 /**
183 * Returns all parameters collected from the HTTP request during message
184 * signing (this means the return value may be NULL before a call to
185 * {@link #sign}), plus all required OAuth parameters that were added
186 * because the request didn't contain them beforehand. In other words, this
187 * is the exact set of parameters that were used for creating the message
188 * signature.
189 *
190 * @return the request parameters used for message signing
191 */
192 public HttpParameters getRequestParameters();
193}
Note: See TracBrowser for help on using the repository browser.