From 2f682b5e3cfc3fc5f961b60129be7bc90e0d6a03 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Wed, 28 Dec 2016 22:38:21 +0300
Subject: juick-www: now on spring-webmvc

---
 .../com/juick/www/controllers/TwitterAuth.java     | 103 +++++++++++++++++++++
 1 file changed, 103 insertions(+)
 create mode 100644 juick-www/src/main/java/com/juick/www/controllers/TwitterAuth.java

(limited to 'juick-www/src/main/java/com/juick/www/controllers/TwitterAuth.java')

diff --git a/juick-www/src/main/java/com/juick/www/controllers/TwitterAuth.java b/juick-www/src/main/java/com/juick/www/controllers/TwitterAuth.java
new file mode 100644
index 00000000..901a8362
--- /dev/null
+++ b/juick-www/src/main/java/com/juick/www/controllers/TwitterAuth.java
@@ -0,0 +1,103 @@
+package com.juick.www.controllers;
+
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.scribejava.apis.TwitterApi;
+import com.github.scribejava.core.builder.ServiceBuilder;
+import com.github.scribejava.core.model.OAuth1AccessToken;
+import com.github.scribejava.core.model.OAuth1RequestToken;
+import com.github.scribejava.core.model.OAuthRequest;
+import com.github.scribejava.core.model.Verb;
+import com.github.scribejava.core.oauth.OAuth10aService;
+import com.juick.service.UserService;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.core.env.Environment;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import javax.inject.Inject;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by vt on 01.12.2015.
+ */
+@Controller
+public class TwitterAuth {
+
+    private final static String VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json";
+
+    private String consumerKey, consumerSecret;
+
+    private final ObjectMapper mapper;
+
+    @Inject
+    UserService userService;
+
+    @Inject
+    public TwitterAuth(Environment env) {
+        this.consumerKey = env.getProperty("twitter_consumer_key");
+        this.consumerSecret = env.getProperty("twitter_consumer_secret");
+        mapper = new ObjectMapper();
+        mapper.setSerializationInclusion(JsonInclude.Include.NON_EMPTY);
+        mapper.setSerializationInclusion(JsonInclude.Include.NON_NULL);
+        mapper.setSerializationInclusion(JsonInclude.Include.NON_DEFAULT);
+    }
+
+    @RequestMapping(value = "/_twitter", method = RequestMethod.GET)
+    protected void doGet(HttpServletRequest request, HttpServletResponse response)
+            throws IOException {
+        String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
+        String verifier = request.getParameter("oauth_verifier");
+        Cookie[] cookies = request.getCookies();
+        for (Cookie cookie : cookies) {
+            if (cookie.getName().equals("hash")) {
+                hash = cookie.getValue();
+            }
+            if (cookie.getName().equals("request_token")) {
+                request_token = cookie.getValue();
+            }
+            if (cookie.getName().equals("request_token_secret")) {
+                request_token_secret = cookie.getValue();
+            }
+        }
+        com.juick.User user = userService.getUserByHash(hash);
+        if ( user == null || user.getUid() == 0) {
+            response.sendError(HttpServletResponse.SC_FORBIDDEN);
+            return;
+        }
+        OAuth10aService oAuthService = new ServiceBuilder()
+                .apiKey(consumerKey)
+                .apiSecret(consumerSecret)
+                .callback("http://juick.com/_twitter")
+                .build(TwitterApi.instance());
+
+        if (request_token.isEmpty() && request_token_secret.isEmpty()
+                && (verifier == null || verifier.isEmpty())) {
+            OAuth1RequestToken requestToken = oAuthService.getRequestToken();
+            String authUrl = oAuthService.getAuthorizationUrl(requestToken);
+            response.addCookie(new Cookie("request_token", requestToken.getToken()));
+            response.addCookie(new Cookie("request_token_secret", requestToken.getTokenSecret()));
+            response.setStatus(HttpServletResponse.SC_FOUND);
+            response.setHeader("Location", authUrl);
+        } else {
+            if (verifier != null && verifier.length() > 0) {
+                OAuth1RequestToken requestToken = new OAuth1RequestToken(request_token, request_token_secret);
+                OAuth1AccessToken accessToken = oAuthService.getAccessToken(requestToken, verifier);
+                OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, VERIFY_URL, oAuthService.getConfig());
+                oAuthService.signRequest(accessToken, oAuthRequest);
+                com.juick.www.twitter.User twitterUser = mapper.readValue(oAuthRequest.send().getBody(), com.juick.www.twitter.User.class);
+                if (userService.linkTwitterAccount(user, accessToken.getToken(), accessToken.getTokenSecret(),
+                        twitterUser.getScreenName())) {
+                    response.setStatus(HttpServletResponse.SC_FOUND);
+                    response.setHeader("Location", "http://juick.com/settings");
+                } else {
+                    response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                }
+            }
+        }
+    }
+}
-- 
cgit v1.2.3