/*
* Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.oauth.mediator;
import java.util.Map;
import org.apache.synapse.MessageContext;
import org.apache.synapse.SynapseException;
import org.apache.synapse.core.SynapseEnvironment;
import org.apache.synapse.core.axis2.Axis2MessageContext;
import org.apache.synapse.mediators.AbstractMediator;
import org.apache.synapse.transport.nhttp.NhttpConstants;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.identity.oauth.stub.dto.OAuthConsumerDTO;
public class OAuthMediator extends AbstractMediator {
private static final Log log = LogFactory.getLog(OAuthMediator.class);
private boolean remote = true;
private String remoteServiceUrl;
ConfigurationContext cfgCtx = null;
private String clientRepository = null;
private String axis2xml = null;
public final static String DEFAULT_CLIENT_REPO = "./samples/axis2Client/client_repo";
public final static String DEFAULT_AXIS2_XML = "./samples/axis2Client/client_repo/conf/axis2.xml";
public boolean isRemote() {
return remote;
}
public void setRemote(boolean remote) {
this.remote = remote;
}
public String getRemoteServiceUrl() {
if (remoteServiceUrl != null) {
if (!remoteServiceUrl.endsWith("/")) {
remoteServiceUrl += "/";
}
}
return remoteServiceUrl;
}
public void setRemoteServiceUrl(String remoteServiceUrl) {
this.remoteServiceUrl = remoteServiceUrl;
}
/**
* {@inheritDoc}
*/
public boolean mediate(MessageContext synCtx) {
OAuthServiceClient client = null;
ConfigurationContext configContext = null;
org.apache.axis2.context.MessageContext msgContext;
Axis2MessageContext axis2Msgcontext = null;
axis2Msgcontext = (Axis2MessageContext) synCtx;
msgContext = axis2Msgcontext.getAxis2MessageContext();
Map headersMap = null;
OAuthConsumerDTO consumer = null;
String authHeader = null;
boolean isValidConsumer = false;
if (log.isDebugEnabled()) {
log.debug("Mediation for Entitlement started");
}
String prefix = (String) msgContext.getProperty(NhttpConstants.SERVICE_PREFIX);
String postfix = (String) msgContext.getProperty(NhttpConstants.REST_URL_POSTFIX);
try {
configContext = cfgCtx;
headersMap = (Map) msgContext
.getProperty(org.apache.axis2.context.MessageContext.TRANSPORT_HEADERS);
if (headersMap != null) {
authHeader = (String) headersMap.get("Authorization");
client = new OAuthServiceClient(getRemoteServiceUrl(), configContext);
consumer = new OAuthConsumerDTO();
consumer.setBaseString(prefix + postfix);
if (synCtx.isDoingGET()) {
consumer.setHttpMethod("GET");
}
if (authHeader != null) {
String[] headers = authHeader.split(",");
if (headers != null && headers.length > 0) {
for (int i = 0; i < headers.length; i++) {
String[] elements = headers[i].split("=");
if (elements != null && elements.length > 0) {
if ("oauth_consumer_key".equals(elements[0].trim())) {
consumer.setOauthConsumerKey(removeLeadingAndTrailingQuatation(elements[1]
.trim()));
} else if ("oauth_nonce".equals(elements[0].trim())) {
consumer.setOauthNonce(removeLeadingAndTrailingQuatation(elements[1]
.trim()));
} else if ("oauth_signature".equals(elements[0].trim())) {
consumer.setOauthSignature(removeLeadingAndTrailingQuatation(elements[1]
.trim()));
} else if ("oauth_signature_method".equals(elements[0].trim())) {
consumer.setOauthSignatureMethod(removeLeadingAndTrailingQuatation(elements[1]
.trim()));
} else if ("oauth_timestamp".equals(elements[0].trim())) {
consumer.setOauthTimeStamp(removeLeadingAndTrailingQuatation(elements[1]
.trim()));
}
}
}
}
}
isValidConsumer = client.isOAuthConsumerValid(consumer);
if (!isValidConsumer) {
throw new SynapseException("2-legged oauth authentication failed");
} else {
return true;
}
}
} catch (Exception e) {
log.error("Error occured while validating oauth consumer", e);
throw new SynapseException("Error occured while validating oauth consumer");
}
throw new SynapseException("Request does not include required headers");
}
public void init(SynapseEnvironment synEnv) {
try {
cfgCtx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(
clientRepository != null ? clientRepository : DEFAULT_CLIENT_REPO,
axis2xml != null ? axis2xml : DEFAULT_AXIS2_XML);
} catch (AxisFault e) {
String msg = "Error initializing callout mediator : " + e.getMessage();
log.error(msg, e);
throw new SynapseException(msg, e);
}
}
private String removeLeadingAndTrailingQuatation(String base) {
String result = base;
if (base.startsWith("\"") || base.endsWith("\"")) {
result = base.replace("\"", "");
}
return result.trim();
}
}