/OAuth-App

Java application for OAuth key management and 2-legged OAuth endpoint protection

Primary LanguageJava

The OAuth filter supports validating signed OAuth request that use the following algorithms: HMAC-SHA1 and RSA-SHA1.


Sample usage via web.xml

The follow example applies the OAuth filter to any HTTP PUT and POST requests that access resources exist in the path: /v1/gobLocale

<filter>
    <filter-name>OAuthFilter</filter-name>
    <filter-class>com.ign.oauth.filter.OAuthFilter</filter-class>
    <init-param>
        <param-name>httpMethods</param-name>
        <param-value>PUT,POST</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>OAuthFilter</filter-name>
    <url-pattern>/v1/gobLocale/*</url-pattern>
</filter-mapping>

Note

The OAuthFilter must be declared before the Google GuiceFilter, com.google.inject.servlet.GuiceFilter, if it exist in the web.xml file.

Customization

The current implementation access the consumer data (key/secret/rsakey) via the table, OAUTH_CONSUMER, from the database (datasource=OAuth).  If this is not desirable one can modify the persistence.xml file in the project accordingly.