Results 1 to 5 of 5

Thread: OAuth- Dropbox integration problem

  1. Aug 22nd, 2011, 10:27 PM #1
    satsranchuser
    satsranchuser is offline Member
    Join Date
    Nov 2007
    Location
    Sun Prairie, WI
    Posts
    50

    Default OAuth- Dropbox integration problem

    Hello-

    Am trying to do a mini application that integrates dropbox with a web app. Trying to follow the tutorial for integrating oAuth for dropbox authentication. Application is always coming back with an error that says AccessTokenRequiredException: No OAuth security context has been established. Unable to access resource.. System is able to authenticate against Dropbox infra, but after that when it is trying to access the files/folders REST URL, am getting the above exception. I was hoping someone can take a look @ my code and point out what is that am doing wrong with the integration. Thanks in advance. Here are the files am using.
    Security and spring config file code base.

    Code:
    <beans:bean id="sucRate" class="com.company.dropbox.MultiTenantLogoutSuccessHandler"/>
	<http auto-config='true' use-expressions="true" access-denied-page="/login/login">
		<intercept-url pattern="/services/**" access="hasRole('ROLE_USER')"/>
		<intercept-url pattern="/login/index" access="hasRole('ROLE_USER')"/>
		<intercept-url pattern="/services/upload" access="hasRole('ROLE_USER')"/>
		<intercept-url pattern="/login/login" access="permitAll"/>
		<!--Line below will redirect page if there are errors in the submit.-->
		<form-login login-page="/login/login" default-target-url="/"
		            authentication-failure-url="/login/login?error=true"/>
		<!--See note for the sucRate definition. We are invalidating session data.-->
		<logout success-handler-ref="sucRate" invalidate-session="true"/>
	</http>
	<authentication-manager>
		<authentication-provider>
			<user-service>
				<user authorities="ROLE_USER" name="guest" password="guest"/>
			</user-service>
		</authentication-provider>
	</authentication-manager>
	<oauth:consumer resource-details-service-ref="resourceDetails" requireAuthenticated="true">
		<oauth:url pattern="/services/dropBoxAccountInfo" resources="dropbox"/>
	</oauth:consumer>
	<oauth:resource-details-service id="resourceDetails">
		<oauth:resource id="dropbox"
		                key="t"
		                secret="t"
		                request-token-url="http://api.getdropbox.com/0/oauth/request_token"
		                user-authorization-url="https://www.dropbox.com/0/oauth/authorize?oauth_callback=http://localhost:8080"
		                access-token-url="http://api.getdropbox.com/0/oauth/access_token"
		                request-token-method="GET"
		                access-token-method="GET">
			<oauth:addtionalParameter name="oauth_callback" value="http://localhost:8080/"/>
					</oauth:resource>
	</oauth:resource-details-service>
<bean id="dropBoxService" class="com.company.dropbox.DropBoxServiceImpl">
		<property name="dropBoxAccountURL" value="https://api.dropbox.com/0/account/info"/>
		<property name="dropBoxRestTemplate">
			<bean class="org.springframework.security.oauth.consumer.OAuthRestTemplate">
				<constructor-arg ref="dropbox"/>
			</bean>
		</property>
	</bean>
    Here is my web.xml file
    Code:
        <filter>
        <filter-name>springSecurityFilterChain</filter-name>
        <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
    </filter>

    <filter-mapping>
        <filter-name>springSecurityFilterChain</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>

    <context-param>
        <param-name>contextConfigLocation</param-name>
        <param-value>/WEB-INF/applicationContext.xml,/WEB-INF/main-security.xml,classpath:spring-config.xml</param-value>
    </context-param>
    <listener>
        <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
    </listener>
    <servlet>
        <servlet-name>dispatcher</servlet-name>
        <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
        <load-on-startup>1</load-on-startup>
    </servlet>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>/login/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
        <servlet-name>dispatcher</servlet-name>
        <url-pattern>/services/*</url-pattern>
    </servlet-mapping>
    Here is the code for controller
    Code:
    @Autowired
	private DropBoxService dropBoxService;

	@RequestMapping(value = "/trisunkdropBoxAccountInfo", method = RequestMethod.GET)
	protected String returnDropBoxAccountInfo() {
		try {
			dropBoxService.getAccountInfo(null);
		} catch (Exception e) {
			e.printStackTrace();

		}
		return "upload";
	}
    Here is the code for serviceImpl

    Code:
    public class DropBoxServiceImpl implements DropBoxService {
	private String dropBoxAccountURL;
	private OAuthRestTemplate dropBoxRestTemplate;

	public void setDropBoxAccountURL(String dropBoxAccountURL) {
		this.dropBoxAccountURL = dropBoxAccountURL;
	}

	public void setDropBoxRestTemplate(OAuthRestTemplate dropBoxRestTemplate) {
		this.dropBoxRestTemplate = dropBoxRestTemplate;
	}

	public String getDropBoxAccountURL() {
		return dropBoxAccountURL;
	}

	public OAuthRestTemplate getDropBoxRestTemplate() {
		return dropBoxRestTemplate;
	}


	public void getAccountInfo(List params) throws DropboxException {
		try {

			Object ject = dropBoxRestTemplate.getForObject
					("http://localhost:8080/services/dropBoxAccountInfo",
					String.class);
			ject.getClass();
		} catch (Exception e) {
			throw new IllegalStateException(e);
		}
	}
}
    Last edited by satsranchuser; Aug 23rd, 2011 at 09:42 AM.
    satsranchuser
    Reply With Quote Reply With Quote
  2. Aug 27th, 2011, 10:08 AM #2
    stoicflame
    stoicflame is offline Senior Member
    Join Date
    May 2008
    Location
    Salt Lake City
    Posts
    167

    Default

    So requests to "/trisunkdropBoxAccountInfo" aren't passing through the spring security filter chain. I don't see anything immediately obvious as to why not. Do you have any more insight?
    Reply With Quote Reply With Quote
  3. Aug 27th, 2011, 11:10 AM #3
    satsranchuser
    satsranchuser is offline Member
    Join Date
    Nov 2007
    Location
    Sun Prairie, WI
    Posts
    50

    Default

    Quote Originally Posted by stoicflame View Post
    So requests to "/trisunkdropBoxAccountInfo" aren't passing through the spring security filter chain. I don't see anything immediately obvious as to why not. Do you have any more insight?
    I ended up creating a Oauthtokenaccess oject in the controller and setting it up in the controller. The actual code is downlaodable at this link. https://www.sugarsync.com/pf/D6585822_7696332_818987 sorry, replying for this thread away fro my pc to do an actual copy paste. Any tghts if there is a cleaner way of doing this? Thanks.
    satsranchuser
    Reply With Quote Reply With Quote
  4. Aug 29th, 2011, 10:04 AM #4
    satsranchuser
    satsranchuser is offline Member
    Join Date
    Nov 2007
    Location
    Sun Prairie, WI
    Posts
    50

    Default Here is the actual code.,Dropbox with Oauth Integration

    As I mentioned, I ended up creating this Authenticator wrapper module, that is getting the security context and putting the OAuthConsumerToken in the context. I'm hoping there is a cleaner way of doing this. Any thoughts or suggestions that I could leverage??
    Code:
    public class ConsumerTokenAuthenticator implements DropBoxConstants {
	@Autowired
	private OAuthRestTemplate dropBoxRestTemplate;
	@Autowired
	private ProtectedResourceDetails resourceDetails;

	private String dropBoxrequestAuthURL;
	static final Log log = LogFactory.getLog(ConsumerTokenAuthenticator.class);

	/**
	 * Util package method; returns if the securitycontext has a Access Token.
	 * @return
	 */
	public static final Boolean isTokenAvailable() {
		return OAuthSecurityContextHolder.getContext().getAccessTokens().get(DROPBOX) != null ? Boolean.TRUE : Boolean.FALSE;
	}

	/**
	 * Utility class that will be used for parsing consumer token information.
	 * Spings through to make sure that necessary data is put into the OAuthSecurity
	 * Context.
	 * @param params
	 * @throws DropboxException
	 */
	public void ParseConsumerTokenUtil(List params) throws DropboxException {
		try {
			//Set initial token to get secret token
			OAuthConsumerToken consumerToken = new OAuthConsumerToken();
			consumerToken.setAccessToken(true);
			consumerToken.setResourceId(DROPBOX);
			consumerToken.setResourceId((String) params.get(0));//UID from the parameter.
			consumerToken.setValue((String) params.get(1));//oauth_token from parameter
			OAuthSecurityContextHolder.getContext().getAccessTokens().put(DROPBOX, consumerToken);
			//Setup token to get the authorization.
			String access_Token_Resp = dropBoxRestTemplate.getForObject(new URI(dropBoxrequestAuthURL),
					String.class);
			//Logic to get the oAuth Token value and oAuth Token Secret value
			consumerToken.setValue(StringUtils.substringAfter(access_Token_Resp.toString(), "oauth_token="));
			consumerToken.setSecret(StringUtils.substringBetween(access_Token_Resp.toString(), "oauth_token_secret=", "&"));
			OAuthSecurityContextHolder.getContext().getAccessTokens().put(DROPBOX, consumerToken);
		} catch (Exception e) {
			log.fatal(e);
			throw new DropboxException(e);
		}
	}

	public void setDropBoxrequestAuthURL(String dropBoxrequestAuthURL) {
		this.dropBoxrequestAuthURL = dropBoxrequestAuthURL;
	}

}
    satsranchuser
    Reply With Quote Reply With Quote
  5. Mar 25th, 2013, 04:38 AM #5
    sravankumar4rmhyd
    sravankumar4rmhyd is offline Junior Member
    Join Date
    Mar 2013
    Posts
    4

    Default

    Hi,
    Can you please share complete source code.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules