/**
 * Yahoo! Web Services Example: BBAuth Authentication Request
 *
 * @author Daniel Jones www.danieljones.org
 * Copyright 2007  
 *
 * This example shows how to obtain the web service session id (wssid) and
 * Yahoo! cookie used for authenticated calls to SOAP or JSON-RPC endpoints. 
 * This example assumes that you have retrieved the auth token passed 
 * to the callback URL following a successful user authentication.
 * 
 * See the YahooBBAuth example first if you do not have a token.
 *
 * Yahoo! BBAuth Registration page: https://developer.yahoo.com/wsregapp/index.php
 *  
 */


import java.io.InputStream;
import java.math.BigInteger;
import java.net.*;
import java.security.MessageDigest;

import javax.xml.parsers.DocumentBuilderFactory;

import org.apache.commons.httpclient.HttpClient;
import org.apache.commons.httpclient.HttpStatus;
import org.apache.commons.httpclient.methods.GetMethod;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
import org.w3c.dom.NodeList;

public class YahooBBAuthRequest {	
	
	public static void main(String[] args) throws Exception {
		/**
		 * This example assumes that you have authenticated a user and have
		 * retrieved the token passed back to the web application after a 
		 * successful user authentication. See the YahooBBAuth example for
		 * more information.
		 *  
		 * The token can be saved and reused for 14 days.
         */
		
		String appId = "";
		String secret = "";
		String token = "";
		
		// Get the current time. Needed to sign the request.
        long time = System.currentTimeMillis() / 1000;
        
        /**
         * Generate the portion of the URL that's used for signing.
         * More information on BBAuth can be found here: http://developer.yahoo.com/auth/ 
         */
        String authWS = "/WSLogin/V1/wspwtoken_login";
        String sig = authWS + "?appid=" + encode(appId) + "&token=" + encode(token) + "&ts=" + time + secret;
        String signature = MD5(sig);
        String authURL = "https://api.login.yahoo.com" + authWS + "?appid=" + appId + "&token=" + token + "&ts=" + time + "&sig=" + signature;
        System.out.println(authURL);
        
        HttpClient client = new HttpClient();
        GetMethod method = new GetMethod(authURL);
        
        // Send GET request
        int statusCode = client.executeMethod(method);
        
        if (statusCode != HttpStatus.SC_OK) {
        	System.err.println("Method failed: " + method.getStatusLine());
        }
        InputStream rstream = null;
        
        // Get the response body
        rstream = method.getResponseBodyAsStream();
        
        /**
         * Retrieve the XML response to the auth request and get the wssid
         * and cookie values.
         */
        Document response = DocumentBuilderFactory.newInstance().newDocumentBuilder().parse(rstream);
        
        String wssid = null;
        String cookie = null;
        
		// Check if token is in the response
        NodeList wssidResponse = response.getElementsByTagName("WSSID");
        NodeList cookieResponse = response.getElementsByTagName("Cookie");
        Node wssidNode = wssidResponse.item(0);
        Node cookieNode = cookieResponse.item(0);
        if (wssidNode != null) {
        	wssid = wssidNode.getTextContent();
        	cookie = cookieNode.getTextContent();
	        System.out.println("wssid = " + wssid);
	        System.out.println("cookie = " + cookie);
        } else {
        	printBBError(response);
        	return;
        }
        
        /**
         * The web service session id (wssid) and Yahoo! cookie can now be
         * used for calls to the SOAP or JSON-RPC endpoints. 
         * http://developer.yahoo.com/mail/docs/html/index.html
         */	
	}
	
	/**
	 * Get the MD5 hash of a text string
	 */
	public static String MD5(String text)
	{
		String md5Text = "";
		try {
			MessageDigest digest = MessageDigest.getInstance("MD5");
			md5Text = new BigInteger(1, digest.digest((text).getBytes())).toString(16);
		} catch (Exception e) {
			System.out.println("Error in call to MD5");
		}
		
        if (md5Text.length() == 31) {
            md5Text = "0" + md5Text;
        }
		return md5Text;
	}
	
	/**
	 * URL encode a text string
	 */
	public static String encode(String text)
	{
		String etext = "";
		try {
			etext = URLEncoder.encode(text, "UTF-8");
		} catch (Exception e) {
			System.out.println("Error in call to encode");
		}
		return etext;
	}
	
	/**
	 * Print the response error code and message
     * 
	 * <?xml version="1.0" encoding="UTF-8" standalone="no"?>
     * <wspwtoken_login_response>
     * <Error>
     * <ErrorCode>3000</ErrorCode>
     * <ErrorDescription>Invalid (missing) appid</ErrorDescription>
     * </Error>
     * </wspwtoken_login_response>
     *  
	 * @param response The XML error response Document
	 */
	public static void printBBError(Document response) 
	{
		String code = response.getElementsByTagName("ErrorCode").item(0).getTextContent();
    	String msg = response.getElementsByTagName("ErrorDescription").item(0).getTextContent();
    	System.out.println("Flickr request failed with error code " + code + ", " + msg);
	}

}