1

Can anyone tell why this didn't work? The code works great when I run it from my unit tests. Security gets setup perfectly and our service works great just like I expect.

However, when I deployed it to our application server (weblogic), my service fails every time because my tokens are not getting setup. I got it working by setting up the tokens every time my send(final ServiceAPInvoice invoice) method gets called.

My question is why does the tokens not get setup by my constructor when this is deployed in our Weblogic environment? What causes this issue? OAuthSecurityContextHolder is a static class. Is that playing into my issue? Will I still run into issues if I setup the tokens each time my send method is called? I haven't noticed any issues yet but have not done any load testing

I am using Spring's OAuthRestTemplate (1.0) and I have non-expiring tokens that I need to setup.

Here is where the magic happens. I had to rename the code slightly to make it generic so hopefully I don't have any typos:

public class ServiceRestTemplate {

private final OAuthRestTemplate serviceOAuthRestTemplate;

private final String apUri;

private final String arUri;

private final String tokenValue;

private final String tokenSecret;

public ServiceRestTemplate(final OAuthRestTemplate serviceOAuthRestTemplate,
                          final String apUri,
                          final String arUri,
                          final String tokenValue,
                          final String tokenSecret) {
    this.serviceOAuthRestTemplate = serviceOAuthRestTemplate;
    this.apUri = apUri;
    this.arUri = arUri;
    this.tokenSecret = tokenSecret;
    this.tokenValue = tokenValue;
    setContext(tokenValue, tokenSecret); // I expected this to be enough to setup my tokens 1 time
}

private void setContext(final String tokenValue, final String tokenSecret) {
    final OAuthConsumerToken accessToken = new OAuthConsumerToken();
    accessToken.setAccessToken(true);
    accessToken.setResourceId(serviceOAuthRestTemplate.getResource().getId());
    accessToken.setValue(tokenValue);
    accessToken.setSecret(tokenSecret);

    final OAuthSecurityContextImpl securityContext = new OAuthSecurityContextImpl();
    if (securityContext.getAccessTokens() == null) {
        securityContext.setAccessTokens(new HashMap<String, OAuthConsumerToken>());
    }
    if (!securityContext.getAccessTokens().containsKey(accessToken.getResourceId())) {
        securityContext.getAccessTokens().put(accessToken.getResourceId(), accessToken);
    }

    OAuthSecurityContextHolder.setContext(securityContext);
}

@Override
public ServiceWebResponse send(final ServiceAPInvoice invoice) {
    setContext(this.tokenValue, this.tokenSecret); // This line of code is the workaround to fixed my issue. 
    final ServiceWebResponse serviceResponse = serviceOAuthRestTemplate.postForObject(apUri,
                                                                                   invoice,
                                                                               ServiceWebResponse.class);
    return serviceResponse;
}
}
Dan
  • 11
  • 3

0 Answers0