/**
  * Figure out the OAuth token that should be used with this request.  We check for this in three
  * places.  In order of priority:
  *
  * 1) From information we cached on the client.
  *    We encrypt the token and cache on the client for performance.
  *
  * 2) From information we have in our persistent state.
  *    We persist the token server-side so we can look it up if necessary.
  *
  * 3) From information the gadget developer tells us to use (a preapproved request token.)
  *    Gadgets can be initialized with preapproved request tokens.  If the user tells the service
  *    provider they want to add a gadget to a gadget container site, the service provider can
  *    create a preapproved request token for that site and pass it to the gadget as a user
  *    preference.
  * @throws GadgetException
  */
 private void lookupToken(ISecurityToken securityToken, OAuthStore.ConsumerInfo consumerInfo,
                          OAuthArguments arguments, OAuthClientState clientState, AccessorInfoBuilder accessorBuilder, OAuthResponseParams responseParams)
 {
     if (clientState.getRequestToken() != null)
     {
         // We cached the request token on the client.
         accessorBuilder.setRequestToken(clientState.getRequestToken());
         accessorBuilder.setTokenSecret(clientState.getRequestTokenSecret());
     }
     else if (clientState.getAccessToken() != null)
     {
         // We cached the access token on the client
         accessorBuilder.setAccessToken(clientState.getAccessToken());
         accessorBuilder.setTokenSecret(clientState.getAccessTokenSecret());
         accessorBuilder.setSessionHandle(clientState.getSessionHandle());
         accessorBuilder.setTokenExpireMillis(clientState.getTokenExpireMillis());
     }
     else
     {
         // No useful client-side state, check persistent storage
         OAuthStore.TokenInfo tokenInfo;
         try
         {
             tokenInfo = store.getTokenInfo(securityToken, consumerInfo,
                                            arguments.getServiceName(), arguments.getTokenName());
         }
         catch (GadgetException e)
         {
             throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
                                                        "Unable to retrieve access token", e);
         }
         if (tokenInfo != null && tokenInfo.getAccessToken() != null)
         {
             // We have an access token in persistent storage, use that.
             accessorBuilder.setAccessToken(tokenInfo.getAccessToken());
             accessorBuilder.setTokenSecret(tokenInfo.getTokenSecret());
             accessorBuilder.setSessionHandle(tokenInfo.getSessionHandle());
             accessorBuilder.setTokenExpireMillis(tokenInfo.getTokenExpireMillis());
         }
         else
         {
             // We don't have an access token yet, but the client sent us a (hopefully) preapproved
             // request token.
             accessorBuilder.setRequestToken(arguments.getRequestToken());
             accessorBuilder.setTokenSecret(arguments.getRequestTokenSecret());
         }
     }
 }
Example #2
0
 /**
  * Figure out the OAuth token that should be used with this request.  We check for this in three
  * places.  In order of priority:
  * 
  * 1) From information we cached on the client.
  *    We encrypt the token and cache on the client for performance.
  *    
  * 2) From information we have in our persistent state.
  *    We persist the token server-side so we can look it up if necessary.
  *    
  * 3) From information the gadget developer tells us to use (a preapproved request token.)
  *    Gadgets can be initialized with preapproved request tokens.  If the user tells the service
  *    provider they want to add a gadget to a gadget container site, the service provider can
  *    create a preapproved request token for that site and pass it to the gadget as a user
  *    preference.
  * @throws GadgetException 
  */
 private void lookupToken(ISecurityToken securityToken, OAuthStore.ConsumerInfo consumerInfo,
                          OAuthArguments arguments, OAuthClientState clientState, AccessorInfoBuilder accessorBuilder, OAuthResponseParams responseParams)
 {
     if (clientState.getRequestToken() != null)
     {
         // We cached the request token on the client.
         accessorBuilder.setRequestToken(clientState.getRequestToken());
         accessorBuilder.setTokenSecret(clientState.getRequestTokenSecret());
     }
     else if (clientState.getAccessToken() != null)
     {
         // We cached the access token on the client
         accessorBuilder.setAccessToken(clientState.getAccessToken());
         accessorBuilder.setTokenSecret(clientState.getAccessTokenSecret());
         accessorBuilder.setSessionHandle(clientState.getSessionHandle());
         accessorBuilder.setTokenExpireMillis(clientState.getTokenExpireMillis());
     }
     else
     {
         // No useful client-side state, check persistent storage
         OAuthStore.TokenInfo tokenInfo;
         try
         {
             tokenInfo = store.getTokenInfo(securityToken, consumerInfo,
                                            arguments.getServiceName(), arguments.getTokenName());
         }
         catch (GadgetException e)
         {
             throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
                                                        "Unable to retrieve access token", e);
         }
         if (tokenInfo != null && tokenInfo.getAccessToken() != null)
         {
             // We have an access token in persistent storage, use that.
             accessorBuilder.setAccessToken(tokenInfo.getAccessToken());
             accessorBuilder.setTokenSecret(tokenInfo.getTokenSecret());
             accessorBuilder.setSessionHandle(tokenInfo.getSessionHandle());
             accessorBuilder.setTokenExpireMillis(tokenInfo.getTokenExpireMillis());
         }
         else
         {
             // We don't have an access token yet, but the client sent us a (hopefully) preapproved
             // request token.
             accessorBuilder.setRequestToken(arguments.getRequestToken());
             accessorBuilder.setTokenSecret(arguments.getRequestTokenSecret());
         }
     }
 }