From 398d27d64f97195c24b0ae043e3872d51a1b2f39 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Tue, 1 Dec 2015 16:28:10 +0300 Subject: twitter.pl -> TwitterAuth --- src/main/java/com/juick/CrosspostComponent.java | 2 +- src/main/java/com/juick/http/www/Main.java | 6 +- src/main/java/com/juick/http/www/TwitterAuth.java | 84 +++++++++++++++++++++++ 3 files changed, 90 insertions(+), 2 deletions(-) create mode 100644 src/main/java/com/juick/http/www/TwitterAuth.java (limited to 'src/main/java/com') diff --git a/src/main/java/com/juick/CrosspostComponent.java b/src/main/java/com/juick/CrosspostComponent.java index b05dd1be..73791c5e 100644 --- a/src/main/java/com/juick/CrosspostComponent.java +++ b/src/main/java/com/juick/CrosspostComponent.java @@ -77,7 +77,7 @@ public class CrosspostComponent implements ServletContextListener, Stream.Strea public void run() { try { Properties conf = new Properties(); - conf.load(new FileInputStream("/etc/juick/crosspost.conf")); + conf.load(sce.getServletContext().getResourceAsStream("WEB-INF/juick.conf")); twitter_consumer_key = conf.getProperty("twitter_consumer_key", ""); twitter_consumer_secret = conf.getProperty("twitter_consumer_secret", ""); diff --git a/src/main/java/com/juick/http/www/Main.java b/src/main/java/com/juick/http/www/Main.java index ced7fb98..9a22c172 100644 --- a/src/main/java/com/juick/http/www/Main.java +++ b/src/main/java/com/juick/http/www/Main.java @@ -59,6 +59,7 @@ public class Main extends HttpServlet implements Stream.StreamListener { NewMessage pagesNewMessage = new NewMessage(); FacebookLogin loginFacebook = new FacebookLogin(); VKontakteLogin loginVK = new VKontakteLogin(); + TwitterAuth twitterAuth; SignUp signup = new SignUp(); Settings settings = new Settings(); RSS rss = new RSS(); @@ -76,7 +77,8 @@ public class Main extends HttpServlet implements Stream.StreamListener { sqlSearch = null; // init this on search, timeout is too low setupXmppComponent(conf.getProperty("xmpp_password")); - + twitterAuth = new TwitterAuth(conf.getProperty("twitter_consumer_key"), + conf.getProperty("twitter_consumer_secret")); PageTemplates.sape = new Sape(conf.getProperty("sape_user"), "juick.com", 2000, 3600); } catch (Exception e) { log(null, e); @@ -217,6 +219,8 @@ public class Main extends HttpServlet implements Stream.StreamListener { loginFacebook.doGet(sql, request, response); } else if (uri.equals("/_vklogin")) { loginVK.doGet(sql, request, response); + } else if (uri.equals("/_twitter")) { + twitterAuth.doGet(sql, request, response); } else if (uri.equals("/signup")) { signup.doGet(sql, request, response); } else if (uri.equals("/help") || uri.equals("/help/")) { diff --git a/src/main/java/com/juick/http/www/TwitterAuth.java b/src/main/java/com/juick/http/www/TwitterAuth.java new file mode 100644 index 00000000..5c5581d1 --- /dev/null +++ b/src/main/java/com/juick/http/www/TwitterAuth.java @@ -0,0 +1,84 @@ +package com.juick.http.www; + +import com.github.scribejava.apis.TwitterApi; +import com.github.scribejava.core.builder.ServiceBuilder; +import com.github.scribejava.core.model.*; +import com.github.scribejava.core.oauth.OAuthService; +import com.juick.server.UserQueries; +import org.json.JSONObject; + +import javax.servlet.ServletException; +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.sql.Connection; + +/** + * Created by vt on 01.12.2015. + */ +public class TwitterAuth { + + private final static String VERIFY_URL = "https://api.twitter.com/1.1/account/verify_credentials.json"; + + private String consumerKey, consumerSecret; + + public TwitterAuth(String consumerKey, String consumerSecret) { + this.consumerKey = consumerKey; + this.consumerSecret = consumerSecret; + } + + protected void doGet(Connection sql, HttpServletRequest request, HttpServletResponse response) + throws ServletException, IOException { + String hash = "", request_token = "", request_token_secret = ""; + String verifier = request.getParameter("oauth_verifier"); + Cookie[] cookies = request.getCookies(); + for (Cookie cookie : cookies) { + if (cookie.getName().equals("hash")) { + hash = cookie.getValue(); + } + if (cookie.getName().equals("request_token")) { + request_token = cookie.getValue(); + } + if (cookie.getName().equals("request_token_secret")) { + request_token_secret = cookie.getValue(); + } + } + com.juick.User user = UserQueries.getUserByHash(sql, hash); + if ( user == null || user.UID == 0) { + response.sendError(403); + return; + } + OAuthService oAuthService = new ServiceBuilder() + .provider(TwitterApi.class) + .apiKey(consumerKey) + .apiSecret(consumerSecret) + .callback("http://juick.com/_twitter") + .build(); + + if (request_token.isEmpty() && request_token_secret.isEmpty() + && (verifier == null || verifier.isEmpty())) { + Token requestToken = oAuthService.getRequestToken(); + String authUrl = oAuthService.getAuthorizationUrl(requestToken); + response.addCookie(new Cookie("request_token", requestToken.getToken())); + response.addCookie(new Cookie("request_token_secret", requestToken.getSecret())); + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", authUrl); + } else { + if (verifier != null && verifier.length() > 0) { + Token requestToken = new Token(request_token, request_token_secret); + Token accessToken = oAuthService.getAccessToken(requestToken, new Verifier(verifier)); + OAuthRequest oAuthRequest = new OAuthRequest(Verb.GET, VERIFY_URL, oAuthService); + oAuthService.signRequest(accessToken, oAuthRequest); + JSONObject jsonResponse = new JSONObject(oAuthRequest.send().getBody()); + String screenName = jsonResponse.getString("screen_name"); + if (UserQueries.linkTwitterAccount(sql, user, accessToken.getToken(), accessToken.getSecret(), screenName)) { + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", "http://juick.com/settings"); + } else { + response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); + } + } + } + } +} -- cgit v1.2.3