diff options
Diffstat (limited to 'juick-www/src/main/java/com/juick/www/TwitterAuth.java')
-rw-r--r-- | juick-www/src/main/java/com/juick/www/TwitterAuth.java | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/juick-www/src/main/java/com/juick/www/TwitterAuth.java b/juick-www/src/main/java/com/juick/www/TwitterAuth.java new file mode 100644 index 00000000..d4be4335 --- /dev/null +++ b/juick-www/src/main/java/com/juick/www/TwitterAuth.java @@ -0,0 +1,87 @@ +package com.juick.www; + +import com.github.scribejava.apis.TwitterApi; +import com.github.scribejava.core.builder.ServiceBuilder; +import com.github.scribejava.core.model.OAuth1AccessToken; +import com.github.scribejava.core.model.OAuth1RequestToken; +import com.github.scribejava.core.model.OAuthRequest; +import com.github.scribejava.core.model.Verb; +import com.github.scribejava.core.oauth.OAuth10aService; +import com.juick.server.UserQueries; +import org.json.JSONObject; +import org.springframework.jdbc.core.JdbcTemplate; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +/** + * Created by vt on 01.12.2015. + */ +public class TwitterAuth { + + private final static String VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json"; + + private String consumerKey, consumerSecret; + + public TwitterAuth(String consumerKey, String consumerSecret) { + this.consumerKey = consumerKey; + this.consumerSecret = consumerSecret; + } + + protected void doGet(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + String hash = "", request_token = "", request_token_secret = ""; + String verifier = request.getParameter("oauth_verifier"); + Cookie[] cookies = request.getCookies(); + for (Cookie cookie : cookies) { + if (cookie.getName().equals("hash")) { + hash = cookie.getValue(); + } + if (cookie.getName().equals("request_token")) { + request_token = cookie.getValue(); + } + if (cookie.getName().equals("request_token_secret")) { + request_token_secret = cookie.getValue(); + } + } + com.juick.User user = UserQueries.getUserByHash(sql, hash); + if ( user == null || user.getUID() == 0) { + response.sendError(403); + return; + } + OAuth10aService oAuthService = new ServiceBuilder() + .apiKey(consumerKey) + .apiSecret(consumerSecret) + .callback("http://juick.com/_twitter") + .build(TwitterApi.instance()); + + if (request_token.isEmpty() && request_token_secret.isEmpty() + && (verifier == null || verifier.isEmpty())) { + OAuth1RequestToken requestToken = oAuthService.getRequestToken(); + String authUrl = oAuthService.getAuthorizationUrl(requestToken); + response.addCookie(new Cookie("request_token", requestToken.getToken())); + response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret())); + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", authUrl); + } else { + if (verifier != null && verifier.length() > 0) { + OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret); + OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier); + OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, VERIFY_URL, oAuthService); + oAuthService.signRequest(accessToken, oAuthRequest); + JSONObject jsonResponse = new JSONObject(oAuthRequest.send().getBody()); + String screenName = jsonResponse.getString("screen_name"); + if (UserQueries.linkTwitterAccount(sql, user, accessToken.getToken(), accessToken.getTokenSecret(), + screenName)) { + response.setStatus(HttpServletResponse.SC_FOUND); + response.setHeader("Location", "http://juick.com/settings"); + } else { + response.sendError(500); + } + } + } + } +} |