twitter4j.http
Class OAuthAuthorization

java.lang.Object
  twitter4j.http.OAuthAuthorization

All Implemented Interfaces:

java.io.Serializable, Authorization, OAuthSupport

public class OAuthAuthorization
extends java.lang.Object
implements Authorization, java.io.Serializable, OAuthSupport

Author:

Yusuke Yamamoto - yusuke at mac.com

See Also:

OAuth Core 1.0a, Serialized Form

Constructor Summary

OAuthAuthorization(Configuration conf)

OAuthAuthorization(Configuration conf, java.lang.String consumerKey, java.lang.String consumerSecret)

OAuthAuthorization(Configuration conf, java.lang.String consumerKey, java.lang.String consumerSecret, AccessToken accessToken)

Method Summary

static java.lang.String	constructRequestURL(java.lang.String url) The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint.
static java.lang.String	encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams)
static java.lang.String	encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams, java.lang.String splitter, boolean quot)
boolean	equals(java.lang.Object o)
java.util.List<twitter4j.internal.http.HttpParameter>	generateOAuthSignatureHttpParams(java.lang.String method, java.lang.String url)
java.lang.String	getAuthorizationHeader(twitter4j.internal.http.HttpRequest req)
AccessToken	getOAuthAccessToken() Returns an access token associated with this instance. If no access token is associated with this instance, this will retrieve a new access token.
AccessToken	getOAuthAccessToken(RequestToken requestToken) Retrieves an access token associated with the supplied request token and sets userId.
AccessToken	getOAuthAccessToken(RequestToken requestToken, java.lang.String oauthVerifier) Retrieves an access token associated with the supplied request token and sets userId.
AccessToken	getOAuthAccessToken(java.lang.String oauthVerifier) Retrieves an access token.
AccessToken	getOAuthAccessToken(java.lang.String screenName, java.lang.String password) Retrieves an access token associated with the supplied screen name and password using xAuth. In order to get access acquire AccessToken using xAuth, you must apply by sending an email to api@twitter.com — all other applications will receive an HTTP 401 error.
RequestToken	getOAuthRequestToken() Retrieves a request token
RequestToken	getOAuthRequestToken(java.lang.String callbackURL) Retrieves a request token
int	hashCode()
boolean	isEnabled() #{inheritDoc}
static java.lang.String	normalizeAuthorizationHeaders(java.util.List<twitter4j.internal.http.HttpParameter> params)
static java.lang.String	normalizeRequestParameters(twitter4j.internal.http.HttpParameter[] params) The request parameters are collected, sorted and concatenated into a normalized string: • Parameters in the OAuth HTTP Authorization header excluding the realm parameter. • Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded). • HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3). The oauth_signature parameter MUST be excluded. The parameters are normalized into a single string as follows: 1.
static java.lang.String	normalizeRequestParameters(java.util.List<twitter4j.internal.http.HttpParameter> params)
void	setOAuthAccessToken(AccessToken accessToken) Sets the access token
void	setOAuthRealm(java.lang.String realm) Sets the OAuth realm
static java.util.List<twitter4j.internal.http.HttpParameter>	toParamList(twitter4j.internal.http.HttpParameter[] params)
java.lang.String	toString()

Methods inherited from class java.lang.Object

getClass, notify, notifyAll, wait, wait, wait

Constructor Detail

OAuthAuthorization

public OAuthAuthorization(Configuration conf)

OAuthAuthorization

public OAuthAuthorization(Configuration conf,
                          java.lang.String consumerKey,
                          java.lang.String consumerSecret)

OAuthAuthorization

public OAuthAuthorization(Configuration conf,
                          java.lang.String consumerKey,
                          java.lang.String consumerSecret,
                          AccessToken accessToken)

Method Detail

getAuthorizationHeader

public java.lang.String getAuthorizationHeader(twitter4j.internal.http.HttpRequest req)

Specified by:

getAuthorizationHeader in interface Authorization

isEnabled

public boolean isEnabled()

#{inheritDoc}

Specified by:

isEnabled in interface Authorization

Returns:

true if authorization credentials are set

getOAuthRequestToken

public RequestToken getOAuthRequestToken()
                                  throws TwitterException

Retrieves a request token

Specified by:

getOAuthRequestToken in interface OAuthSupport

Returns:

generated request token.

Throws:

TwitterException - when Twitter service or network is unavailable

See Also:

OAuth FAQ | dev.twitter.com, OAuth Core 1.0a - 6.1. Obtaining an Unauthorized Request Token

getOAuthRequestToken

public RequestToken getOAuthRequestToken(java.lang.String callbackURL)
                                  throws TwitterException

Retrieves a request token

Specified by:

getOAuthRequestToken in interface OAuthSupport

Parameters:

callbackURL - callback URL

Returns:

generated request token

Throws:

TwitterException - when Twitter service or network is unavailable

See Also:

OAuth FAQ | dev.twitter.com, OAuth Core 1.0a - 6.1. Obtaining an Unauthorized Request Token

getOAuthAccessToken

public AccessToken getOAuthAccessToken()
                                throws TwitterException

Returns an access token associated with this instance.
If no access token is associated with this instance, this will retrieve a new access token.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Returns:

access token

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

OAuth FAQ | dev.twitter.com - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(java.lang.String oauthVerifier)
                                throws TwitterException

Retrieves an access token.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

oauthVerifier - OAuth verifier. AKA pin.

Returns:

access token

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

OAuth FAQ | dev.twitter.com - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(RequestToken requestToken)
                                throws TwitterException

Retrieves an access token associated with the supplied request token and sets userId.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

requestToken - the request token

Returns:

access token associated with the supplied request token.

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

OAuth FAQ | dev.twitter.com - How long does an access token last?, OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(RequestToken requestToken,
                                       java.lang.String oauthVerifier)
                                throws TwitterException

Retrieves an access token associated with the supplied request token and sets userId.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

requestToken - the request token

oauthVerifier - OAuth verifier. AKA pin.

Returns:

access token associated with the supplied request token.

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

OAuth Core 1.0a - 6.2. Obtaining User Authorization

getOAuthAccessToken

public AccessToken getOAuthAccessToken(java.lang.String screenName,
                                       java.lang.String password)
                                throws TwitterException

Retrieves an access token associated with the supplied screen name and password using xAuth.
In order to get access acquire AccessToken using xAuth, you must apply by sending an email to api@twitter.com — all other applications will receive an HTTP 401 error. Web-based applications will not be granted access, except on a temporary basis for when they are converting from basic-authentication support to full OAuth support.
Storage of Twitter usernames and passwords is forbidden. By using xAuth, you are required to store only access tokens and access token secrets. If the access token expires or is expunged by a user, you must ask for their login and password again before exchanging the credentials for an access token.

Specified by:

getOAuthAccessToken in interface OAuthSupport

Parameters:

screenName - the screen name

password - the password

Returns:

access token associated with the supplied request token.

Throws:

TwitterException - when Twitter service or network is unavailable, or the user has not authorized

See Also:

OAuth FAQ | dev.twitter.com - How long does an access token last?, Twitter REST API Method: oauth access_token for xAuth

setOAuthAccessToken

public void setOAuthAccessToken(AccessToken accessToken)

Sets the access token

Specified by:

setOAuthAccessToken in interface OAuthSupport

Parameters:

accessToken - accessToken

setOAuthRealm

public void setOAuthRealm(java.lang.String realm)

Sets the OAuth realm

Parameters:

realm - OAuth realm

Since:

Twitter 2.1.4

generateOAuthSignatureHttpParams

public java.util.List<twitter4j.internal.http.HttpParameter> generateOAuthSignatureHttpParams(java.lang.String method,
                                                                                              java.lang.String url)

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(twitter4j.internal.http.HttpParameter[] params)

The request parameters are collected, sorted and concatenated into a normalized string:
• Parameters in the OAuth HTTP Authorization header excluding the realm parameter.
• Parameters in the HTTP POST request body (with a content-type of application/x-www-form-urlencoded).
• HTTP GET parameters added to the URLs in the query part (as defined by [RFC3986] section 3).

The oauth_signature parameter MUST be excluded.
The parameters are normalized into a single string as follows:
1. Parameters are sorted by name, using lexicographical byte value ordering. If two or more parameters share the same name, they are sorted by their value. For example:
2. a=1, c=hi%20there, f=25, f=50, f=a, z=p, z=t
3.
4. Parameters are concatenated in their sorted order into a single string. For each parameter, the name is separated from the corresponding value by an ‘=’ character (ASCII code 61), even if the value is empty. Each name-value pair is separated by an ‘&’ character (ASCII code 38). For example:
5. a=1&c=hi%20there&f=25&f=50&f=a&z=p&z=t
6.

Parameters:

params - parameters to be normalized and concatenated

Returns:

normalized and concatenated parameters

See Also:

OAuth Core - 9.1.1. Normalize Request Parameters

normalizeRequestParameters

public static java.lang.String normalizeRequestParameters(java.util.List<twitter4j.internal.http.HttpParameter> params)

normalizeAuthorizationHeaders

public static java.lang.String normalizeAuthorizationHeaders(java.util.List<twitter4j.internal.http.HttpParameter> params)

toParamList

public static java.util.List<twitter4j.internal.http.HttpParameter> toParamList(twitter4j.internal.http.HttpParameter[] params)

encodeParameters

public static java.lang.String encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams)

Parameters:

httpParams - parameters to be encoded and concatenated

Returns:

encoded string

See Also:

OAuth / TestCases, Space encoding - OAuth | Google Groups

encodeParameters

public static java.lang.String encodeParameters(java.util.List<twitter4j.internal.http.HttpParameter> httpParams,
                                                java.lang.String splitter,
                                                boolean quot)

constructRequestURL

public static java.lang.String constructRequestURL(java.lang.String url)

The Signature Base String includes the request absolute URL, tying the signature to a specific endpoint. The URL used in the Signature Base String MUST include the scheme, authority, and path, and MUST exclude the query and fragment as defined by [RFC3986] section 3.
If the absolute request URL is not available to the Service Provider (it is always available to the Consumer), it can be constructed by combining the scheme being used, the HTTP Host header, and the relative HTTP request URL. If the Host header is not available, the Service Provider SHOULD use the host name communicated to the Consumer in the documentation or other means.
The Service Provider SHOULD document the form of URL used in the Signature Base String to avoid ambiguity due to URL normalization. Unless specified, URL scheme and authority MUST be lowercase and include the port number; http default port 80 and https default port 443 MUST be excluded.

For example, the request:
HTTP://Example.com:80/resource?id=123
Is included in the Signature Base String as:
http://example.com/resource

Parameters:

url - the url to be normalized

Returns:

the Signature Base String

See Also:

OAuth Core - 9.1.2. Construct Request URL

equals

public boolean equals(java.lang.Object o)

Overrides:

equals in class java.lang.Object

hashCode

public int hashCode()

Overrides:

hashCode in class java.lang.Object

toString

public java.lang.String toString()

Overrides:

toString in class java.lang.Object