001    /**
002     * Licensed to the Apache Software Foundation (ASF) under one or more
003     * contributor license agreements.  See the NOTICE file distributed with
004     * this work for additional information regarding copyright ownership.
005     * The ASF licenses this file to You under the Apache License, Version 2.0
006     * (the "License"); you may not use this file except in compliance with
007     * the License.  You may obtain a copy of the License at
008     *
009     *      http://www.apache.org/licenses/LICENSE-2.0
010     *
011     * Unless required by applicable law or agreed to in writing, software
012     * distributed under the License is distributed on an "AS IS" BASIS,
013     * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
014     * See the License for the specific language governing permissions and
015     * limitations under the License.
016     */
017    package org.apache.camel.component.gae.auth;
018    
019    import com.google.gdata.client.authn.oauth.GoogleOAuthParameters;
020    
021    import org.apache.camel.Exchange;
022    import org.apache.camel.component.gae.bind.OutboundBinding;
023    
024    /**
025     * Binds {@link GoogleOAuthParameters} to a Camel {@link Exchange}. This binding
026     * is used by <code>gauth:authorize</code> endpoints by default.
027     */
028    public class GAuthAuthorizeBinding implements OutboundBinding<GAuthEndpoint, GoogleOAuthParameters, GoogleOAuthParameters> {
029    
030        /**
031         * Name of the Camel header defining the access scope. Overrides the scope
032         * parameter defined in a <code>gauth:authorize</code> endpoint URI.
033         */
034        public static final String GAUTH_SCOPE = "CamelGauthScope";
035    
036        /**
037         * Name of the Camel header containing a callback URL. Overrides the
038         * callback parameter defined in a <code>gauth:authorize</code> endpoint
039         * URI.
040         */
041        public static final String GAUTH_CALLBACK = "CamelGauthCallback";
042    
043        /**
044         * Creates a {@link GoogleOAuthParameters} object from endpoint and
045         * <code>exchange.getIn()</code> data. The created parameter object is
046         * used to fetch an unauthorized request token from Google.
047         * 
048         * @param endpoint
049         * @param exchange
050         * @param request
051         *            ignored.
052         * @return
053         */
054        public GoogleOAuthParameters writeRequest(GAuthEndpoint endpoint, Exchange exchange, GoogleOAuthParameters request) {
055            String callback = exchange.getIn().getHeader(GAUTH_CALLBACK, String.class);
056            if (callback == null) {
057                callback = endpoint.getCallback();
058            }
059            String scope = exchange.getIn().getHeader(GAUTH_SCOPE, String.class);
060            if (scope == null) {
061                scope = endpoint.getScope();
062            }
063            request = new GoogleOAuthParameters();
064            request.setOAuthConsumerKey(endpoint.getConsumerKey());
065            request.setOAuthConsumerSecret(endpoint.getConsumerSecret());
066            request.setOAuthCallback(callback);
067            request.setScope(scope);
068            return request;
069        }
070    
071        /**
072         * Creates an <code>exchange.getOut()</code> message that represents an HTTP
073         * redirect to Google's OAuth confirmation page. Additionally, if the
074         * {@link GAuthComponent} is configured to use the HMAC_SHA1 signature
075         * method, a cookie is created containing the request token secret. It is
076         * needed later to upgrade an authorized request token to an access token.
077         * 
078         * @param endpoint
079         * @param exchange
080         * @param response
081         * @return
082         */
083        public Exchange readResponse(GAuthEndpoint endpoint, Exchange exchange, GoogleOAuthParameters response) throws Exception {
084            String authrUrl = endpoint.newOAuthHelper().createUserAuthorizationUrl(response);
085            exchange.getOut().setHeaders(exchange.getIn().getHeaders());
086            exchange.getOut().setHeader(Exchange.HTTP_RESPONSE_CODE, 302);
087            exchange.getOut().setHeader("Location", authrUrl);
088    
089            if (endpoint.getComponent().getKeyLoader() == null) {
090                // HMAC_SHA1 signature is used and this requires a
091                // token secret. Add it to a cookie because it is
092                // later needed for getting an access token.
093                String secret = response.getOAuthTokenSecret();
094                String cookie = new GAuthTokenSecret(secret).toCookie();
095                exchange.getOut().setHeader("Set-Cookie", cookie);
096            }
097            return exchange;
098        }
099    
100    }