1 files changed, 60 insertions, 0 deletions

diff --git a/src/com/p4square/f1oauth/SecondPartyVerifier.java b/src/com/p4square/f1oauth/SecondPartyVerifier.java
new file mode 100644
index 0000000..870fe3e
--- /dev/null
+++ b/src/com/p4square/f1oauth/SecondPartyVerifier.java
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.f1oauth;
+
+import org.apache.log4j.Logger;
+
+import com.p4square.restlet.oauth.OAuthException;
+import com.p4square.restlet.oauth.OAuthUser;
+
+import org.restlet.Context;
+import org.restlet.Request;
+import org.restlet.Response;
+import org.restlet.security.Verifier;
+
+/**
+ * Restlet Verifier for F1 2nd Party Authentication
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class SecondPartyVerifier implements Verifier {
+    private static final Logger LOG = Logger.getLogger(SecondPartyVerifier.class);
+
+    private final F1OAuthHelper mHelper;
+
+    public SecondPartyVerifier(F1OAuthHelper helper) {
+        if (helper == null) {
+            throw new IllegalArgumentException("Helper can not be null.");
+        }
+
+        mHelper = helper;
+    }
+
+    @Override
+    public int verify(Request request, Response response) {
+        if (request.getChallengeResponse() == null) {
+            return RESULT_MISSING; // no credentials
+        }
+
+        String username = request.getChallengeResponse().getIdentifier();
+        String password = new String(request.getChallengeResponse().getSecret());
+
+        try {
+            OAuthUser user = mHelper.getAccessToken(username, password);
+            user.setIdentifier(username);
+            user.setEmail(username);
+
+            // This seems like a hack... but it'll work
+            request.getClientInfo().setUser(user);
+
+            return RESULT_VALID;
+
+        } catch (OAuthException e) {
+            LOG.info("OAuth Exception: " + e, e);
+        }
+
+        return RESULT_INVALID; // Invalid credentials
+    }
+}