Inject Multimap with POST params through an HttpServletRequestWrapper

oauth-core/pom.xml

@@ -47,10 +47,15 @@
 
         <!-- Generic -->
         <dependency>
-            <groupId>org.glassfish</groupId>
-            <artifactId>javax.servlet</artifactId>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
             <scope>provided</scope>
         </dependency>
+        <dependency>
+            <groupId>javax.ws.rs</groupId>
+            <artifactId>javax.ws.rs-api</artifactId>
+        </dependency>
+
 
         <!-- Test -->
         <dependency>

oauth-core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthConfiguration.java

@@ -1,18 +1,14 @@
-/*******************************************************************************
- * Copyright (c) 2012 IBM Corporation.
+/*
+ * Copyright (c) 2012-2019 IBM Corporation and others
  *
- *  All rights reserved. This program and the accompanying materials
- *  are made available under the terms of the Eclipse Public License v1.0
- *  and Eclipse Distribution License v. 1.0 which accompanies this distribution.
- *  
- *  The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
- *  and the Eclipse Distribution License is available at
- *  http://www.eclipse.org/org/documents/edl-v10.php.
- *  
- *  Contributors:
- *  
- *     IBM Corporation - initial API and implementation
- *******************************************************************************/
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * and Eclipse Distribution License v. 1.0 which accompanies this distribution.
+ *
+ * The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
+ * and the Eclipse Distribution License is available at
+ * http://www.eclipse.org/org/documents/edl-v10.php.
+ */
 package org.eclipse.lyo.server.oauth.core;
 
 import javax.servlet.http.HttpServletResponse;
@@ -24,6 +20,8 @@
 
 import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStore;
 import org.eclipse.lyo.server.oauth.core.consumer.ConsumerStoreException;
+import org.eclipse.lyo.server.oauth.core.token.IJaxTokenStrategy;
+import org.eclipse.lyo.server.oauth.core.token.JaxTokenStrategy;
 import org.eclipse.lyo.server.oauth.core.token.SimpleTokenStrategy;
 import org.eclipse.lyo.server.oauth.core.token.TokenStrategy;
 
@@ -36,6 +34,7 @@
 public class OAuthConfiguration {
 	private OAuthValidator validator;
 	private TokenStrategy tokenStrategy;
+	private IJaxTokenStrategy jaxTokenStrategy;
 	private ConsumerStore consumerStore = null;
 	private Application application = null;
 	private boolean v1_0Allowed = true;
@@ -49,6 +48,7 @@ public static OAuthConfiguration getInstance() {
 	private OAuthConfiguration() {
 		validator = new SimpleOAuthValidator();
 		tokenStrategy = new SimpleTokenStrategy();
+		jaxTokenStrategy = new JaxTokenStrategy(128, 1024);
 	}
 
 	/**
@@ -74,19 +74,37 @@ public void setValidator(OAuthValidator validator) {
 	 * 
 	 * @return the token strategy
 	 */
+	public IJaxTokenStrategy getJaxTokenStrategy() {
+		return jaxTokenStrategy;
+	}
+
+	/**
+	 * Sets the strategy used to generate and verify OAuth tokens.
+	 * 
+	 * @param tokenStrategy the strategy
+	 */
+	public void setJaxTokenStrategy(IJaxTokenStrategy tokenStrategy) {
+		this.jaxTokenStrategy = tokenStrategy;
+	}
+
+    /**
+     * See {@link #getJaxTokenStrategy()}
+     * @return
+     */
 	public TokenStrategy getTokenStrategy() {
 		return tokenStrategy;
 	}
 
 	/**
 	 * Sets the strategy used to generate and verify OAuth tokens.
-	 * 
+	 *
 	 * @param tokenStrategy the strategy
 	 */
 	public void setTokenStrategy(TokenStrategy tokenStrategy) {
 		this.tokenStrategy = tokenStrategy;
 	}
 
+
 	/**
 	 * Gets the store used for managing consumers.
 	 * 

oauth-core/src/main/java/org/eclipse/lyo/server/oauth/core/OAuthRequest.java

@@ -13,9 +13,15 @@
 
 import java.io.IOException;
 import java.net.URISyntaxException;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletRequestWrapper;
+import javax.ws.rs.core.MultivaluedMap;
 
 import net.oauth.OAuth;
 import net.oauth.OAuthAccessor;
@@ -71,15 +77,62 @@ public OAuthRequest(HttpServletRequest request)
 		String token = this.message.getToken();
 		if (token != null) {
 			this.accessor.tokenSecret = OAuthConfiguration.getInstance()
-					.getTokenStrategy().getTokenSecret(this.httpRequest, token);
+					.getJaxTokenStrategy().getTokenSecret(token);
 		}
 	}
-
+
+	public static class OAuthServletRequestWrapper extends HttpServletRequestWrapper {
+
+		private final Map<String, String[]> formParams;
+
+		/**
+		 * Constructs a request object wrapping the given request.
+		 *
+		 * @param request
+		 * @throws IllegalArgumentException if the request is null
+		 */
+		public OAuthServletRequestWrapper(HttpServletRequest request,
+										  MultivaluedMap<String, String> formParams) {
+			super(request);
+			this.formParams = aggregateMultimap(formParams);
+		}
+
+		private Map<String, String[]> aggregateMultimap(MultivaluedMap<String, String> multimap) {
+			HashMap<String, String[]> map = new HashMap<>();
+			multimap.forEach((key, strings) -> map.put(key, strings.toArray(new String[0])));
+			return map;
+		}
+
+		@Override
+		public String getParameter(String name) {
+			String[] values = formParams.get(name);
+			if (values == null || values.length == 0) {
+				return null;
+			}
+			return values[0];
+		}
+
+		@Override
+		public Map<String, String[]> getParameterMap() {
+			return formParams;
+		}
+
+		@Override
+		public Enumeration<String> getParameterNames() {
+			return Collections.enumeration(formParams.keySet());
+		}
+
+		@Override
+		public String[] getParameterValues(String name) {
+			return formParams.get(name);
+		}
+	}
+
 	public HttpServletRequest getHttpRequest() {
 		return httpRequest;
 	}
 
-	public void setHttpRequest(HttpServletRequest httpRequest) {
+	private void setHttpRequest(HttpServletRequest httpRequest) {
 		this.httpRequest = httpRequest;
 	}
 
@@ -112,7 +165,7 @@ public void validate() throws OAuthException, IOException, ServletException {
 		try {
 			OAuthConfiguration config = OAuthConfiguration.getInstance();
 			config.getValidator().validateMessage(message, accessor);
-			config.getTokenStrategy().validateAccessToken(this);
+			config.getJaxTokenStrategy().validateAccessToken(this);
 		} catch (URISyntaxException e) {
 			throw new ServletException(e);
 		}

oauth-core/src/main/java/org/eclipse/lyo/server/oauth/core/token/IJaxTokenStrategy.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright (c) 2019 KTH Royal Institute of Technology and others
+ *
+ * All rights reserved. This program and the accompanying materials
+ * are made available under the terms of the Eclipse Public License v1.0
+ * and Eclipse Distribution License v. 1.0 which accompanies this distribution.
+ *
+ * The Eclipse Public License is available at http://www.eclipse.org/legal/epl-v10.html
+ * and the Eclipse Distribution License is available at
+ * http://www.eclipse.org/org/documents/edl-v10.php.
+ */
+package org.eclipse.lyo.server.oauth.core.token;
+
+import net.oauth.OAuthMessage;
+import net.oauth.OAuthProblemException;
+import org.eclipse.lyo.server.oauth.core.OAuthRequest;
+
+import javax.servlet.http.HttpServletRequest;
+import java.io.IOException;
+
+public interface IJaxTokenStrategy {
+    void generateRequestToken(OAuthRequest oAuthRequest) throws IOException;
+    void validateVerificationCode(OAuthRequest oAuthRequest) throws IOException, OAuthProblemException;
+    void generateAccessToken(OAuthRequest oAuthRequest) throws OAuthProblemException, IOException;
+
+    String validateRequestToken(OAuthMessage message) throws IOException, OAuthProblemException;
+    String getCallback(String requestToken) throws OAuthProblemException;
+    void markRequestTokenAuthorized(HttpServletRequest httpRequest, String requestToken) throws OAuthProblemException;
+    String generateVerificationCode(String requestToken) throws OAuthProblemException;
+    String getTokenSecret(String secretToken) throws OAuthProblemException;
+
+    void validateAccessToken(OAuthRequest oAuthRequest) throws IOException, OAuthProblemException;
+}