Announcement Announcement Module
Collapse
No announcement yet.
OAuth- Dropbox integration problem Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • OAuth- Dropbox integration problem

    Hello-

    Am trying to do a mini application that integrates dropbox with a web app. Trying to follow the tutorial for integrating oAuth for dropbox authentication. Application is always coming back with an error that says AccessTokenRequiredException: No OAuth security context has been established. Unable to access resource.. System is able to authenticate against Dropbox infra, but after that when it is trying to access the files/folders REST URL, am getting the above exception. I was hoping someone can take a look @ my code and point out what is that am doing wrong with the integration. Thanks in advance. Here are the files am using.
    Security and spring config file code base.

    Code:
    <beans:bean id="sucRate" class="com.company.dropbox.MultiTenantLogoutSuccessHandler"/>
    	<http auto-config='true' use-expressions="true" access-denied-page="/login/login">
    		<intercept-url pattern="/services/**" access="hasRole('ROLE_USER')"/>
    		<intercept-url pattern="/login/index" access="hasRole('ROLE_USER')"/>
    		<intercept-url pattern="/services/upload" access="hasRole('ROLE_USER')"/>
    		<intercept-url pattern="/login/login" access="permitAll"/>
    		<!--Line below will redirect page if there are errors in the submit.-->
    		<form-login login-page="/login/login" default-target-url="/"
    		            authentication-failure-url="/login/login?error=true"/>
    		<!--See note for the sucRate definition. We are invalidating session data.-->
    		<logout success-handler-ref="sucRate" invalidate-session="true"/>
    	</http>
    	<authentication-manager>
    		<authentication-provider>
    			<user-service>
    				<user authorities="ROLE_USER" name="guest" password="guest"/>
    			</user-service>
    		</authentication-provider>
    	</authentication-manager>
    	<oauth:consumer resource-details-service-ref="resourceDetails" requireAuthenticated="true">
    		<oauth:url pattern="/services/dropBoxAccountInfo" resources="dropbox"/>
    	</oauth:consumer>
    	<oauth:resource-details-service id="resourceDetails">
    		<oauth:resource id="dropbox"
    		                key="t"
    		                secret="t"
    		                request-token-url="http://api.getdropbox.com/0/oauth/request_token"
    		                user-authorization-url="https://www.dropbox.com/0/oauth/authorize?oauth_callback=http://localhost:8080"
    		                access-token-url="http://api.getdropbox.com/0/oauth/access_token"
    		                request-token-method="GET"
    		                access-token-method="GET">
    			<oauth:addtionalParameter name="oauth_callback" value="http://localhost:8080/"/>
    					</oauth:resource>
    	</oauth:resource-details-service>
    <bean id="dropBoxService" class="com.company.dropbox.DropBoxServiceImpl">
    		<property name="dropBoxAccountURL" value="https://api.dropbox.com/0/account/info"/>
    		<property name="dropBoxRestTemplate">
    			<bean class="org.springframework.security.oauth.consumer.OAuthRestTemplate">
    				<constructor-arg ref="dropbox"/>
    			</bean>
    		</property>
    	</bean>
    Here is my web.xml file
    Code:
        <filter>
            <filter-name>springSecurityFilterChain</filter-name>
            <filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
        </filter>
    
        <filter-mapping>
            <filter-name>springSecurityFilterChain</filter-name>
            <url-pattern>/*</url-pattern>
        </filter-mapping>
    
        <context-param>
            <param-name>contextConfigLocation</param-name>
            <param-value>/WEB-INF/applicationContext.xml,/WEB-INF/main-security.xml,classpath:spring-config.xml</param-value>
        </context-param>
        <listener>
            <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
        </listener>
        <servlet>
            <servlet-name>dispatcher</servlet-name>
            <servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
            <load-on-startup>1</load-on-startup>
        </servlet>
        <servlet-mapping>
            <servlet-name>dispatcher</servlet-name>
            <url-pattern>/login/*</url-pattern>
        </servlet-mapping>
        <servlet-mapping>
            <servlet-name>dispatcher</servlet-name>
            <url-pattern>/services/*</url-pattern>
        </servlet-mapping>
    Here is the code for controller
    Code:
    @Autowired
    	private DropBoxService dropBoxService;
    
    	@RequestMapping(value = "/trisunkdropBoxAccountInfo", method = RequestMethod.GET)
    	protected String returnDropBoxAccountInfo() {
    		try {
    			dropBoxService.getAccountInfo(null);
    		} catch (Exception e) {
    			e.printStackTrace();
    
    		}
    		return "upload";
    	}
    Here is the code for serviceImpl

    Code:
    public class DropBoxServiceImpl implements DropBoxService {
    	private String dropBoxAccountURL;
    	private OAuthRestTemplate dropBoxRestTemplate;
    
    	public void setDropBoxAccountURL(String dropBoxAccountURL) {
    		this.dropBoxAccountURL = dropBoxAccountURL;
    	}
    
    	public void setDropBoxRestTemplate(OAuthRestTemplate dropBoxRestTemplate) {
    		this.dropBoxRestTemplate = dropBoxRestTemplate;
    	}
    
    	public String getDropBoxAccountURL() {
    		return dropBoxAccountURL;
    	}
    
    	public OAuthRestTemplate getDropBoxRestTemplate() {
    		return dropBoxRestTemplate;
    	}
    
    
    	public void getAccountInfo(List params) throws DropboxException {
    		try {
    
    			Object ject = dropBoxRestTemplate.getForObject
    					("http://localhost:8080/services/dropBoxAccountInfo",
    					String.class);
    			ject.getClass();
    		} catch (Exception e) {
    			throw new IllegalStateException(e);
    		}
    	}
    }
    Last edited by satsranchuser; Aug 23rd, 2011, 10:42 AM.

  • #2
    So requests to "/trisunkdropBoxAccountInfo" aren't passing through the spring security filter chain. I don't see anything immediately obvious as to why not. Do you have any more insight?

    Comment


    • #3
      Originally posted by stoicflame View Post
      So requests to "/trisunkdropBoxAccountInfo" aren't passing through the spring security filter chain. I don't see anything immediately obvious as to why not. Do you have any more insight?
      I ended up creating a Oauthtokenaccess oject in the controller and setting it up in the controller. The actual code is downlaodable at this link. https://www.sugarsync.com/pf/D6585822_7696332_818987 sorry, replying for this thread away fro my pc to do an actual copy paste. Any tghts if there is a cleaner way of doing this? Thanks.

      Comment


      • #4
        Here is the actual code.,Dropbox with Oauth Integration

        As I mentioned, I ended up creating this Authenticator wrapper module, that is getting the security context and putting the OAuthConsumerToken in the context. I'm hoping there is a cleaner way of doing this. Any thoughts or suggestions that I could leverage??
        Code:
        public class ConsumerTokenAuthenticator implements DropBoxConstants {
        	@Autowired
        	private OAuthRestTemplate dropBoxRestTemplate;
        	@Autowired
        	private ProtectedResourceDetails resourceDetails;
        
        	private String dropBoxrequestAuthURL;
        	static final Log log = LogFactory.getLog(ConsumerTokenAuthenticator.class);
        
        	/**
        	 * Util package method; returns if the securitycontext has a Access Token.
        	 * @return
        	 */
        	public static final Boolean isTokenAvailable() {
        		return OAuthSecurityContextHolder.getContext().getAccessTokens().get(DROPBOX) != null ? Boolean.TRUE : Boolean.FALSE;
        	}
        
        	/**
        	 * Utility class that will be used for parsing consumer token information.
        	 * Spings through to make sure that necessary data is put into the OAuthSecurity
        	 * Context.
        	 * @param params
        	 * @throws DropboxException
        	 */
        	public void ParseConsumerTokenUtil(List params) throws DropboxException {
        		try {
        			//Set initial token to get secret token
        			OAuthConsumerToken consumerToken = new OAuthConsumerToken();
        			consumerToken.setAccessToken(true);
        			consumerToken.setResourceId(DROPBOX);
        			consumerToken.setResourceId((String) params.get(0));//UID from the parameter.
        			consumerToken.setValue((String) params.get(1));//oauth_token from parameter
        			OAuthSecurityContextHolder.getContext().getAccessTokens().put(DROPBOX, consumerToken);
        			//Setup token to get the authorization.
        			String access_Token_Resp = dropBoxRestTemplate.getForObject(new URI(dropBoxrequestAuthURL),
        					String.class);
        			//Logic to get the oAuth Token value and oAuth Token Secret value
        			consumerToken.setValue(StringUtils.substringAfter(access_Token_Resp.toString(), "oauth_token="));
        			consumerToken.setSecret(StringUtils.substringBetween(access_Token_Resp.toString(), "oauth_token_secret=", "&"));
        			OAuthSecurityContextHolder.getContext().getAccessTokens().put(DROPBOX, consumerToken);
        		} catch (Exception e) {
        			log.fatal(e);
        			throw new DropboxException(e);
        		}
        	}
        
        	public void setDropBoxrequestAuthURL(String dropBoxrequestAuthURL) {
        		this.dropBoxrequestAuthURL = dropBoxrequestAuthURL;
        	}
        
        }

        Comment


        • #5
          Hi,
          Can you please share complete source code.

          Comment

          Working...
          X