You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by Gonzalo Aune <go...@gmail.com> on 2008/06/25 02:57:16 UTC
Re: svn commit: r671387 - in /incubator/shindig/trunk/java: common/src/main/java/org/apache/shindig/common/ gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ gadgets/src/test/java/org/apache/shindig/gadgets/oauth/ gadgets/src/test/java/org/ap
Brian,
it seems like the package of ParameterFetcher doesnt match with where it is,
it was added in common/ but is called in common/servlet/ in several classes.
Regards.
G.-
On Tue, Jun 24, 2008 at 9:44 PM, <br...@apache.org> wrote:
> Author: brianm
> Date: Tue Jun 24 17:44:39 2008
> New Revision: 671387
>
> URL: http://svn.apache.org/viewvc?rev=671387&view=rev
> Log:
> Apply patch from Henning Schmiedehausen to llow parameter adaption when
> requesting data from the container (SHINDIG-379)
>
> Added:
>
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
>
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
>
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> Modified:
>
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
>
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
>
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
>
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
>
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
>
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
>
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
>
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
>
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
>
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
>
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
>
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
>
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
>
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
>
> Modified:
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> (original)
> +++
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> Tue Jun 24 17:44:39 2008
> @@ -24,6 +24,7 @@
>
> import java.io.UnsupportedEncodingException;
> import java.net.URLDecoder;
> +import java.util.Map;
>
> /**
> * A SecurityTokenDecoder implementation that just provides dummy data to
> satisfy
> @@ -44,10 +45,16 @@
> *
> * Returns a token with some faked out values.
> */
> - public SecurityToken createToken(String stringToken)
> + public SecurityToken createToken(Map<String, String> parameters)
> throws SecurityTokenException {
> +
> + final String token =
> parameters.get(SecurityTokenDecoder.SECURITY_TOKEN_NAME);
> + if (token == null || token.trim().length() == 0) {
> + throw new SecurityTokenException("Missing security token");
> + }
> +
> try {
> - String[] tokens = stringToken.split(":");
> + String[] tokens = token.split(":");
> return new BasicSecurityToken(
> URLDecoder.decode(tokens[OWNER_INDEX], "UTF-8"),
> URLDecoder.decode(tokens[VIEWER_INDEX], "UTF-8"),
>
> Added:
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java?rev=671387&view=auto
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> (added)
> +++
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> Tue Jun 24 17:44:39 2008
> @@ -0,0 +1,35 @@
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the
> License.
> + */
> +
> +package org.apache.shindig.common.servlet;
> +
> +import java.util.Map;
> +
> +import javax.servlet.http.HttpServletRequest;
> +
> +/**
> + * Maps parameters from a Servlet request into a map. This is used to
> control which
> + * parameters are passed on to other parts of the container. Using this
> Adapter allows
> + * e.g. to pass multiple parameters into the secure token generation
> methods.
> + */
> +
> +public interface ParameterFetcher
> +{
> + Map<String, String> fetch(HttpServletRequest req);
> +}
> +
>
> Modified:
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> (original)
> +++
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> Tue Jun 24 17:44:39 2008
> @@ -18,18 +18,26 @@
> */
> package org.apache.shindig.common;
>
> +import java.util.Map;
> +
> /**
> * Handles verification of gadget security tokens.
> */
> public interface SecurityTokenDecoder {
>
> /**
> + * The security token value must be passed on a map value referenced by
> this key. Additional
> + * parameters can be passed as seen fit.
> + */
> + String SECURITY_TOKEN_NAME = "token";
> +
> + /**
> * Decrypts and verifies a gadget security token to return a gadget
> token.
> *
> * @param tokenString token in wire format (probably encrypted.)
> * @return the decrypted and verified token.
> * @throws SecurityTokenException If tokenString is not a valid token
> */
> - public SecurityToken createToken(String tokenString)
> + SecurityToken createToken(Map<String, String> tokenParameters)
> throws SecurityTokenException;
> }
>
> Modified:
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> (original)
> +++
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> Tue Jun 24 17:44:39 2008
> @@ -29,6 +29,7 @@
>
> import java.net.URI;
> import java.net.URISyntaxException;
> +import java.util.Collections;
> import java.util.Enumeration;
> import java.util.HashMap;
> import java.util.Locale;
> @@ -262,7 +263,7 @@
> return super.getToken();
> } else {
> try {
> - return tokenDecoder.createToken(tokenString);
> + return
> tokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> tokenString));
> } catch (SecurityTokenException e) {
> throw new GadgetException(
> GadgetException.Code.INVALID_SECURITY_TOKEN, e);
>
> Modified:
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> (original)
> +++
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> Tue Jun 24 17:44:39 2008
> @@ -260,7 +260,7 @@
> throws GadgetException {
> String token = getParameter(request, SECURITY_TOKEN_PARAM, "");
> try {
> - return securityTokenDecoder.createToken(token);
> + return
> securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> token));
> } catch (SecurityTokenException e) {
> throw new
> GadgetException(GadgetException.Code.INVALID_SECURITY_TOKEN, e);
> }
>
> Modified:
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> (original)
> +++
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> Tue Jun 24 17:44:39 2008
> @@ -27,6 +27,7 @@
> import net.oauth.OAuthServiceProvider;
> import net.oauth.signature.RSA_SHA1;
>
> +import org.apache.shindig.common.SecurityTokenDecoder;
> import org.easymock.classextension.EasyMock;
> import org.easymock.classextension.IMocksControl;
>
> @@ -331,7 +332,7 @@
> tokenKey.setUserId("test user");
>
> OAuthStore.TokenInfo tokenInfo =
> - new OAuthStore.TokenInfo("token", "secret");
> + new OAuthStore.TokenInfo(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "secret");
>
>
> expect(mockTokens.put(tokenKey, tokenInfo)).andReturn(null);
>
> Modified:
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> (original)
> +++
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> Tue Jun 24 17:44:39 2008
> @@ -22,6 +22,7 @@
> import static org.easymock.EasyMock.expectLastCall;
> import static org.easymock.EasyMock.isA;
>
> +import org.apache.shindig.common.SecurityTokenDecoder;
> import org.apache.shindig.common.testing.FakeGadgetToken;
> import org.apache.shindig.common.util.Utf8UrlCoder;
> import org.apache.shindig.gadgets.ContainerConfig;
> @@ -38,6 +39,7 @@
> import java.net.URI;
> import java.util.Arrays;
> import java.util.Collection;
> +import java.util.Collections;
> import java.util.Enumeration;
> import java.util.List;
>
> @@ -209,7 +211,7 @@
>
> public void testAuthTokenInjection_allparams() throws Exception {
> expect(fixture.request.getParameter("st")).andReturn("fake-token");
> - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> +
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(
> new FakeGadgetToken("updated-token", "{ \"foo\" : \"bar\" }"));
> String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> JSONObject auth = parseShindigAuthConfig(content);
> @@ -219,7 +221,7 @@
>
> public void testAuthTokenInjection_none() throws Exception {
> expect(fixture.request.getParameter("st")).andReturn("fake-token");
> - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> +
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(
> new FakeGadgetToken());
> String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> JSONObject auth = parseShindigAuthConfig(content);
> @@ -228,7 +230,7 @@
>
> public void testAuthTokenInjection_trustedJson() throws Exception {
> expect(fixture.request.getParameter("st")).andReturn("fake-token");
> - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> +
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(
> new FakeGadgetToken(null, "trusted"));
> String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> JSONObject auth = parseShindigAuthConfig(content);
> @@ -238,7 +240,7 @@
>
> public void testAuthTokenInjection_updatedToken() throws Exception {
> expect(fixture.request.getParameter("st")).andReturn("fake-token");
> - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> +
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(
> new FakeGadgetToken("updated-token", null));
> String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> JSONObject auth = parseShindigAuthConfig(content);
>
> Modified:
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> (original)
> +++
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> Tue Jun 24 17:44:39 2008
> @@ -27,6 +27,7 @@
> import static org.junit.Assert.assertTrue;
>
> import org.apache.shindig.common.SecurityToken;
> +import org.apache.shindig.common.SecurityTokenDecoder;
> import org.apache.shindig.common.SecurityTokenException;
> import org.apache.shindig.common.testing.FakeGadgetToken;
> import org.apache.shindig.gadgets.GadgetException;
> @@ -45,6 +46,7 @@
> import org.junit.Test;
>
> import java.net.URI;
> +import java.util.Collections;
> import java.util.List;
>
> import javax.servlet.http.HttpServletResponse;
> @@ -247,7 +249,7 @@
> public void signedGetRequest() throws Exception {
> // Doesn't actually sign since it returns the standard fetcher.
> // Signing tests are in SigningFetcherTest
> -
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(DUMMY_TOKEN);
> +
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(DUMMY_TOKEN);
>
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> .andReturn("fake-token").atLeastOnce();
> expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> @@ -267,7 +269,7 @@
> // Doesn't actually sign since it returns the standard fetcher.
> // Signing tests are in SigningFetcherTest
> expectPostAndReturnBody(fixture.signingFetcher, REQUEST_BODY,
> RESPONSE_BODY);
> -
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(DUMMY_TOKEN);
> +
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(DUMMY_TOKEN);
>
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> .andReturn("fake-token").atLeastOnce();
> expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> @@ -288,7 +290,7 @@
> // Signing tests are in SigningFetcherTest
> expectGetAndReturnBody(fixture.signingFetcher, RESPONSE_BODY);
> FakeGadgetToken authToken = new FakeGadgetToken("updated");
> -
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(authToken);
> +
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(authToken);
>
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> .andReturn("fake-token").atLeastOnce();
> expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> @@ -308,7 +310,7 @@
> // OAuth tests are in OAuthFetcherTest
> expectGetAndReturnBody(fixture.oauthFetcher, RESPONSE_BODY);
> FakeGadgetToken authToken = new FakeGadgetToken("updated");
> -
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(authToken);
> +
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token"))).andReturn(authToken);
>
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> .andReturn("fake-token").atLeastOnce();
> expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> @@ -353,7 +355,7 @@
> .andReturn("fake-token").atLeastOnce();
> expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> .andReturn(Auth.SIGNED.toString()).atLeastOnce();
> - expect(fixture.securityTokenDecoder.createToken("fake-token"))
> +
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> "fake-token")))
> .andThrow(new SecurityTokenException("No!"));
> fixture.replay();
>
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> Tue Jun 24 17:44:39 2008
> @@ -21,22 +21,25 @@
> import org.apache.shindig.common.SecurityTokenDecoder;
> import org.apache.shindig.common.SecurityTokenException;
> import org.apache.shindig.common.servlet.InjectedServlet;
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> import org.apache.shindig.social.opensocial.util.BeanJsonConverter;
> -
> -import com.google.inject.Inject;
> -import com.google.common.collect.Lists;
> import org.json.JSONArray;
> import org.json.JSONException;
> import org.json.JSONObject;
>
> -import javax.servlet.http.HttpServletRequest;
> -import javax.servlet.http.HttpServletResponse;
> +import com.google.common.collect.Lists;
> +import com.google.inject.Inject;
> +import com.google.inject.name.Named;
> +
> import java.io.IOException;
> import java.io.PrintWriter;
> -import java.util.ArrayList;
> import java.util.List;
> +import java.util.Map;
> import java.util.logging.Logger;
>
> +import javax.servlet.http.HttpServletRequest;
> +import javax.servlet.http.HttpServletResponse;
> +
> /**
> * Servlet for handling gadget requests for data. The request accepts one
> json
> * parameter of the format:
> @@ -57,9 +60,12 @@
> private static final Logger logger
> = Logger.getLogger("org.apache.shindig.social");
>
> + public static final String REQUEST_PARAMETER_NAME = "request";
> +
> private List<GadgetDataHandler> handlers;
> private SecurityTokenDecoder securityTokenDecoder;
> private BeanJsonConverter beanJsonConverter;
> + private ParameterFetcher parameterFetcher;
>
> @Inject
> public void setGadgetDataHandlers(List<GadgetDataHandler> handlers) {
> @@ -76,21 +82,24 @@
> this.beanJsonConverter = beanJsonConverter;
> }
>
> + @Inject
> + public void setParameterFetcher(@Named("GadgetDataServlet")
> ParameterFetcher parameterFetcher) {
> + this.parameterFetcher = parameterFetcher;
> + }
> +
> @Override
> protected void doPost(HttpServletRequest req, HttpServletResponse resp)
> throws IOException {
>
> req.setCharacterEncoding("UTF-8");
> - String requestParam = req.getParameter("request");
> - String token = req.getParameter("st");
>
> DataResponse response;
> try {
> - response = new DataResponse(createResponse(requestParam, token));
> + response = new
> DataResponse(createResponse(parameterFetcher.fetch(req)));
> } catch (JSONException e) {
> response = new DataResponse(ResponseError.BAD_REQUEST);
> } catch (SecurityTokenException e) {
> - logger.info("Request was made with invalid security token: " +
> token);
> + logger.info("Request was made with invalid security token: " +
> e.getMessage());
> response = new DataResponse(ResponseError.BAD_REQUEST);
> }
> resp.setContentType("application/json; charset=utf-8");
> @@ -99,12 +108,12 @@
> writer.write(json.toString());
> }
>
> - private List<ResponseItem> createResponse(String requestParam, String
> token)
> + private List<ResponseItem> createResponse(Map<String, String>
> parameters)
> throws JSONException, SecurityTokenException {
> - if (token == null || token.trim().length() == 0) {
> - throw new SecurityTokenException("Missing security token");
> - }
> - SecurityToken securityToken = securityTokenDecoder.createToken(token);
> +
> + final SecurityToken securityToken =
> securityTokenDecoder.createToken(parameters);
> +
> + final String requestParam = parameters.get(REQUEST_PARAMETER_NAME);
>
> // TODO: Improve json input handling. The json request should get auto
> // translated into objects
>
> Added:
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java?rev=671387&view=auto
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> (added)
> +++
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> Tue Jun 24 17:44:39 2008
> @@ -0,0 +1,47 @@
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the
> License.
> + */
> +
> +package org.apache.shindig.social;
> +
> +import org.apache.shindig.common.SecurityTokenDecoder;
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> +
> +import com.google.common.collect.Maps;
> +
> +import java.util.Map;
> +
> +import javax.servlet.http.HttpServletRequest;
> +
> +/**
> + * Default implementation for the GadgetDataServlet parameter fetcher. Do
> not
> + * change unless you have a compelling need to pass more parameters into
> the
> + * createResponse method.
> + */
> +public class GadgetDataServletFetcher
> + implements ParameterFetcher
> +{
> + public Map<String, String> fetch(HttpServletRequest req)
> + {
> + final Map<String, String> params =
> Maps.newHashMapWithExpectedSize(2);
> + params.put(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> req.getParameter("st"));
> + params.put(GadgetDataServlet.REQUEST_PARAMETER_NAME,
> req.getParameter(GadgetDataServlet.REQUEST_PARAMETER_NAME));
> +
> + return params;
> + }
> +}
> +
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> Tue Jun 24 17:44:39 2008
> @@ -18,9 +18,11 @@
> */
> package org.apache.shindig.social;
>
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> import org.apache.shindig.social.abdera.SocialRouteManager;
> import org.apache.shindig.social.dataservice.ActivityService;
> import org.apache.shindig.social.dataservice.AppDataService;
> +import org.apache.shindig.social.dataservice.DataServiceServletFetcher;
> import org.apache.shindig.social.dataservice.PersonService;
> import org.apache.shindig.social.opensocial.ActivitiesService;
> import org.apache.shindig.social.opensocial.DataService;
> @@ -41,6 +43,7 @@
> import com.google.inject.Inject;
> import com.google.inject.Provider;
> import com.google.inject.TypeLiteral;
> +import com.google.inject.name.Names;
>
> import java.util.List;
>
> @@ -65,6 +68,9 @@
>
> bind(SocialRouteManager.class).to(SampleContainerRouteManager.class);
>
> +
> bind(ParameterFetcher.class).annotatedWith(Names.named("GadgetDataServlet")).to(GadgetDataServletFetcher.class);
> +
> bind(ParameterFetcher.class).annotatedWith(Names.named("DataServiceServlet")).to(DataServiceServletFetcher.class);
> +
> bind(Activity.class).to(ActivityImpl.class);
> bind(MediaItem.class).to(MediaItemImpl.class);
> }
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> Tue Jun 24 17:44:39 2008
> @@ -46,6 +46,7 @@
> import
> org.apache.abdera.protocol.server.impl.AbstractEntityCollectionAdapter;
> import org.json.JSONException;
>
> +import java.util.Collections;
> import java.util.Date;
> import java.util.List;
> import java.util.Map;
> @@ -115,7 +116,7 @@
> if (token == null || token.trim().length() == 0) {
> throw new SecurityTokenException("Missing security token");
> }
> - return securityTokenDecoder.createToken(token);
> + return
> securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> token));
> }
>
> /**
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> Tue Jun 24 17:44:39 2008
> @@ -21,6 +21,7 @@
> import org.apache.shindig.common.SecurityTokenDecoder;
> import org.apache.shindig.common.SecurityTokenException;
> import org.apache.shindig.common.servlet.InjectedServlet;
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> import org.apache.shindig.social.ResponseItem;
> import org.apache.shindig.social.opensocial.util.BeanConverter;
> import org.apache.shindig.social.opensocial.util.BeanJsonConverter;
> @@ -29,6 +30,7 @@
> import com.google.common.collect.Maps;
> import com.google.inject.Inject;
> import com.google.inject.Injector;
> +import com.google.inject.name.Named;
> import org.apache.commons.io.IOUtils;
> import org.apache.commons.lang.StringUtils;
> import org.json.JSONException;
> @@ -62,6 +64,7 @@
> private Map<String, Class<? extends DataRequestHandler>> handlers;
> private BeanJsonConverter jsonConverter;
> private BeanXmlConverter xmlConverter;
> + private ParameterFetcher parameterFetcher;
> private static final String JSON_BATCH_ROUTE = "jsonBatch";
>
> @Inject
> @@ -80,6 +83,11 @@
> this.xmlConverter = xmlConverter;
> }
>
> + @Inject
> + public void setParameterFetcher(@Named("DataServiceServlet")
> ParameterFetcher parameterFetcher) {
> + this.parameterFetcher = parameterFetcher;
> + }
> +
> // Only for testing use. Do not override the injector.
> public void setInjector(Injector injector) {
> this.injector = injector;
> @@ -181,7 +189,7 @@
> SecurityToken getSecurityToken(HttpServletRequest servletRequest) {
> SecurityToken token;
> try {
> - token =
> securityTokenDecoder.createToken(servletRequest.getParameter(SECURITY_TOKEN_PARAM));
> + token =
> securityTokenDecoder.createToken(parameterFetcher.fetch(servletRequest));
> } catch (SecurityTokenException e) {
> throw new RuntimeException("Implement error return for bad security
> token.", e);
> }
>
> Added:
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java?rev=671387&view=auto
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> (added)
> +++
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> Tue Jun 24 17:44:39 2008
> @@ -0,0 +1,45 @@
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the
> License.
> + */
> +
> +package org.apache.shindig.social.dataservice;
> +
> +import org.apache.shindig.common.SecurityTokenDecoder;
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> +
> +import com.google.common.collect.Maps;
> +
> +import java.util.Map;
> +
> +import javax.servlet.http.HttpServletRequest;
> +
> +/**
> + * Default implementation for the GadgetDataServlet parameter fetcher. Do
> not
> + * change unless you have a compelling need to pass more parameters into
> the
> + * createResponse method.
> + */
> +public class DataServiceServletFetcher
> + implements ParameterFetcher
> +{
> + public Map<String, String> fetch(HttpServletRequest req)
> + {
> + final Map<String, String> params =
> Maps.newHashMapWithExpectedSize(1);
> + params.put(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> req.getParameter("st"));
> + return params;
> + }
> +}
> +
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> Tue Jun 24 17:44:39 2008
> @@ -20,9 +20,11 @@
>
> import org.apache.shindig.common.BasicSecurityTokenDecoder;
> import org.apache.shindig.common.SecurityTokenDecoder;
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> import org.apache.shindig.social.abdera.SocialRouteManager;
> import org.apache.shindig.social.dataservice.ActivityService;
> import org.apache.shindig.social.dataservice.AppDataService;
> +import org.apache.shindig.social.dataservice.DataServiceServletFetcher;
> import org.apache.shindig.social.dataservice.PersonService;
> import org.apache.shindig.social.opensocial.ActivitiesService;
> import org.apache.shindig.social.opensocial.DataService;
> @@ -57,6 +59,7 @@
> import com.google.common.collect.Maps;
> import com.google.inject.AbstractModule;
> import com.google.inject.Singleton;
> +import com.google.inject.name.Names;
>
> import java.net.URI;
> import java.util.Date;
> @@ -87,6 +90,9 @@
>
> bind(SecurityTokenDecoder.class).to(BasicSecurityTokenDecoder.class);
>
> +
> bind(ParameterFetcher.class).annotatedWith(Names.named("GadgetDataServlet")).to(GadgetDataServletFetcher.class);
> +
> bind(ParameterFetcher.class).annotatedWith(Names.named("DataServiceServlet")).to(DataServiceServletFetcher.class);
> +
> bind(Activity.class).to(ActivityImpl.class);
> bind(MediaItem.class).to(MediaItemImpl.class);
> }
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> Tue Jun 24 17:44:39 2008
> @@ -18,7 +18,9 @@
> package org.apache.shindig.social.dataservice;
>
> import org.apache.shindig.common.BasicSecurityTokenDecoder;
> +import org.apache.shindig.common.SecurityTokenDecoder;
> import org.apache.shindig.common.SecurityTokenException;
> +import org.apache.shindig.common.servlet.ParameterFetcher;
> import org.apache.shindig.common.testing.FakeGadgetToken;
> import org.apache.shindig.social.ResponseItem;
> import org.apache.shindig.social.SocialApiTestsGuiceModule;
> @@ -36,6 +38,7 @@
> import javax.servlet.http.HttpServletResponse;
> import java.io.PrintWriter;
> import java.io.IOException;
> +import java.util.Collections;
> import java.util.Enumeration;
> import java.util.StringTokenizer;
>
> @@ -76,6 +79,8 @@
>
> servlet.setBeanConverters(jsonConverter, xmlConverter);
>
> + servlet.setParameterFetcher(new DataServiceServletFetcher());
> +
> tokenDecoder = EasyMock.createMock(BasicSecurityTokenDecoder.class);
> servlet.setSecurityTokenDecoder(tokenDecoder);
> }
> @@ -135,7 +140,7 @@
> .andReturn(tokenString);
>
> FakeGadgetToken token = new FakeGadgetToken();
> -
> EasyMock.expect(tokenDecoder.createToken(tokenString)).andReturn(token);
> +
> EasyMock.expect(tokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> tokenString))).andReturn(token);
>
> setupInjector();
>
> @@ -171,7 +176,7 @@
> String tokenString = "owner:viewer:app:container.com:foo:bar";
>
> EasyMock.expect(req.getParameter(DataServiceServlet.SECURITY_TOKEN_PARAM))
> .andReturn(tokenString);
> - EasyMock.expect(tokenDecoder.createToken(tokenString)).andThrow(new
> SecurityTokenException(""));
> +
> EasyMock.expect(tokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> tokenString))).andThrow(new SecurityTokenException(""));
>
> EasyMock.replay(req, tokenDecoder);
> try {
>
> Modified:
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> URL:
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java?rev=671387&r1=671386&r2=671387&view=diff
>
> ==============================================================================
> ---
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> (original)
> +++
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> Tue Jun 24 17:44:39 2008
> @@ -18,11 +18,13 @@
> package org.apache.shindig.social.dataservice.integration;
>
> import org.apache.shindig.common.BasicSecurityTokenDecoder;
> +import org.apache.shindig.social.GadgetDataServletFetcher;
> import org.apache.shindig.social.SocialApiTestsGuiceModule;
> import org.apache.shindig.social.dataservice.ActivityHandler;
> import org.apache.shindig.social.dataservice.AppDataHandler;
> import org.apache.shindig.social.dataservice.DataRequestHandler;
> import org.apache.shindig.social.dataservice.DataServiceServlet;
> +import org.apache.shindig.social.dataservice.DataServiceServletFetcher;
> import org.apache.shindig.social.dataservice.HandlerProvider;
> import org.apache.shindig.social.dataservice.PersonHandler;
> import org.apache.shindig.social.opensocial.util.BeanJsonConverter;
> @@ -67,6 +69,7 @@
> servlet.setBeanConverters(new BeanJsonConverter(
> Guice.createInjector(new SocialApiTestsGuiceModule())), new
> BeanXmlConverter());
> servlet.setSecurityTokenDecoder(new BasicSecurityTokenDecoder());
> + servlet.setParameterFetcher(new DataServiceServletFetcher());
>
> req = EasyMock.createMock(HttpServletRequest.class);
> res = EasyMock.createMock(HttpServletResponse.class);
> @@ -162,4 +165,4 @@
> return columns;
> }
>
> -}
> \ No newline at end of file
> +}
>
>
>
Re: svn commit: r671387 - in /incubator/shindig/trunk/java: common/src/main/java/org/apache/shindig/common/ gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ gadgets/src/test/java/org/apache/shindig/gadgets/oauth/ gadgets/src/test/java/org/ap
Posted by Kevin Brown <et...@google.com>.
Indeed -- the packages don't match, and the braces are in the wrong place.
Since this relies on servlets, it definitely belongs in common/servlet, so
the file needs to move rather than the package.
On Tue, Jun 24, 2008 at 5:57 PM, Gonzalo Aune <go...@gmail.com> wrote:
> Brian,
> it seems like the package of ParameterFetcher doesnt match with where it
> is,
> it was added in common/ but is called in common/servlet/ in several
> classes.
>
> Regards.
>
> G.-
>
> On Tue, Jun 24, 2008 at 9:44 PM, <br...@apache.org> wrote:
>
> > Author: brianm
> > Date: Tue Jun 24 17:44:39 2008
> > New Revision: 671387
> >
> > URL: http://svn.apache.org/viewvc?rev=671387&view=rev
> > Log:
> > Apply patch from Henning Schmiedehausen to llow parameter adaption when
> > requesting data from the container (SHINDIG-379)
> >
> > Added:
> >
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> > Modified:
> >
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> >
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> >
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> >
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> >
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> >
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> >
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> >
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> >
> > Modified:
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/BasicSecurityTokenDecoder.java
> > Tue Jun 24 17:44:39 2008
> > @@ -24,6 +24,7 @@
> >
> > import java.io.UnsupportedEncodingException;
> > import java.net.URLDecoder;
> > +import java.util.Map;
> >
> > /**
> > * A SecurityTokenDecoder implementation that just provides dummy data to
> > satisfy
> > @@ -44,10 +45,16 @@
> > *
> > * Returns a token with some faked out values.
> > */
> > - public SecurityToken createToken(String stringToken)
> > + public SecurityToken createToken(Map<String, String> parameters)
> > throws SecurityTokenException {
> > +
> > + final String token =
> > parameters.get(SecurityTokenDecoder.SECURITY_TOKEN_NAME);
> > + if (token == null || token.trim().length() == 0) {
> > + throw new SecurityTokenException("Missing security token");
> > + }
> > +
> > try {
> > - String[] tokens = stringToken.split(":");
> > + String[] tokens = token.split(":");
> > return new BasicSecurityToken(
> > URLDecoder.decode(tokens[OWNER_INDEX], "UTF-8"),
> > URLDecoder.decode(tokens[VIEWER_INDEX], "UTF-8"),
> >
> > Added:
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java?rev=671387&view=auto
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> > (added)
> > +++
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/ParameterFetcher.java
> > Tue Jun 24 17:44:39 2008
> > @@ -0,0 +1,35 @@
> > +/*
> > + * Licensed to the Apache Software Foundation (ASF) under one
> > + * or more contributor license agreements. See the NOTICE file
> > + * distributed with this work for additional information
> > + * regarding copyright ownership. The ASF licenses this file
> > + * to you under the Apache License, Version 2.0 (the
> > + * "License"); you may not use this file except in compliance
> > + * with the License. You may obtain a copy of the License at
> > + *
> > + * http://www.apache.org/licenses/LICENSE-2.0
> > + *
> > + * Unless required by applicable law or agreed to in writing,
> > + * software distributed under the License is distributed on an
> > + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> > + * KIND, either express or implied. See the License for the
> > + * specific language governing permissions and limitations under the
> > License.
> > + */
> > +
> > +package org.apache.shindig.common.servlet;
> > +
> > +import java.util.Map;
> > +
> > +import javax.servlet.http.HttpServletRequest;
> > +
> > +/**
> > + * Maps parameters from a Servlet request into a map. This is used to
> > control which
> > + * parameters are passed on to other parts of the container. Using this
> > Adapter allows
> > + * e.g. to pass multiple parameters into the secure token generation
> > methods.
> > + */
> > +
> > +public interface ParameterFetcher
> > +{
> > + Map<String, String> fetch(HttpServletRequest req);
> > +}
> > +
> >
> > Modified:
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/SecurityTokenDecoder.java
> > Tue Jun 24 17:44:39 2008
> > @@ -18,18 +18,26 @@
> > */
> > package org.apache.shindig.common;
> >
> > +import java.util.Map;
> > +
> > /**
> > * Handles verification of gadget security tokens.
> > */
> > public interface SecurityTokenDecoder {
> >
> > /**
> > + * The security token value must be passed on a map value referenced
> by
> > this key. Additional
> > + * parameters can be passed as seen fit.
> > + */
> > + String SECURITY_TOKEN_NAME = "token";
> > +
> > + /**
> > * Decrypts and verifies a gadget security token to return a gadget
> > token.
> > *
> > * @param tokenString token in wire format (probably encrypted.)
> > * @return the decrypted and verified token.
> > * @throws SecurityTokenException If tokenString is not a valid token
> > */
> > - public SecurityToken createToken(String tokenString)
> > + SecurityToken createToken(Map<String, String> tokenParameters)
> > throws SecurityTokenException;
> > }
> >
> > Modified:
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpGadgetContext.java
> > Tue Jun 24 17:44:39 2008
> > @@ -29,6 +29,7 @@
> >
> > import java.net.URI;
> > import java.net.URISyntaxException;
> > +import java.util.Collections;
> > import java.util.Enumeration;
> > import java.util.HashMap;
> > import java.util.Locale;
> > @@ -262,7 +263,7 @@
> > return super.getToken();
> > } else {
> > try {
> > - return tokenDecoder.createToken(tokenString);
> > + return
> >
> tokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > tokenString));
> > } catch (SecurityTokenException e) {
> > throw new GadgetException(
> > GadgetException.Code.INVALID_SECURITY_TOKEN, e);
> >
> > Modified:
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
> > Tue Jun 24 17:44:39 2008
> > @@ -260,7 +260,7 @@
> > throws GadgetException {
> > String token = getParameter(request, SECURITY_TOKEN_PARAM, "");
> > try {
> > - return securityTokenDecoder.createToken(token);
> > + return
> >
> securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > token));
> > } catch (SecurityTokenException e) {
> > throw new
> > GadgetException(GadgetException.Code.INVALID_SECURITY_TOKEN, e);
> > }
> >
> > Modified:
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/BasicOAuthStoreTest.java
> > Tue Jun 24 17:44:39 2008
> > @@ -27,6 +27,7 @@
> > import net.oauth.OAuthServiceProvider;
> > import net.oauth.signature.RSA_SHA1;
> >
> > +import org.apache.shindig.common.SecurityTokenDecoder;
> > import org.easymock.classextension.EasyMock;
> > import org.easymock.classextension.IMocksControl;
> >
> > @@ -331,7 +332,7 @@
> > tokenKey.setUserId("test user");
> >
> > OAuthStore.TokenInfo tokenInfo =
> > - new OAuthStore.TokenInfo("token", "secret");
> > + new
> OAuthStore.TokenInfo(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "secret");
> >
> >
> > expect(mockTokens.put(tokenKey, tokenInfo)).andReturn(null);
> >
> > Modified:
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetRenderingTaskTest.java
> > Tue Jun 24 17:44:39 2008
> > @@ -22,6 +22,7 @@
> > import static org.easymock.EasyMock.expectLastCall;
> > import static org.easymock.EasyMock.isA;
> >
> > +import org.apache.shindig.common.SecurityTokenDecoder;
> > import org.apache.shindig.common.testing.FakeGadgetToken;
> > import org.apache.shindig.common.util.Utf8UrlCoder;
> > import org.apache.shindig.gadgets.ContainerConfig;
> > @@ -38,6 +39,7 @@
> > import java.net.URI;
> > import java.util.Arrays;
> > import java.util.Collection;
> > +import java.util.Collections;
> > import java.util.Enumeration;
> > import java.util.List;
> >
> > @@ -209,7 +211,7 @@
> >
> > public void testAuthTokenInjection_allparams() throws Exception {
> > expect(fixture.request.getParameter("st")).andReturn("fake-token");
> > - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> > +
> >
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(
> > new FakeGadgetToken("updated-token", "{ \"foo\" : \"bar\" }"));
> > String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> > JSONObject auth = parseShindigAuthConfig(content);
> > @@ -219,7 +221,7 @@
> >
> > public void testAuthTokenInjection_none() throws Exception {
> > expect(fixture.request.getParameter("st")).andReturn("fake-token");
> > - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> > +
> >
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(
> > new FakeGadgetToken());
> > String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> > JSONObject auth = parseShindigAuthConfig(content);
> > @@ -228,7 +230,7 @@
> >
> > public void testAuthTokenInjection_trustedJson() throws Exception {
> > expect(fixture.request.getParameter("st")).andReturn("fake-token");
> > - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> > +
> >
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(
> > new FakeGadgetToken(null, "trusted"));
> > String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> > JSONObject auth = parseShindigAuthConfig(content);
> > @@ -238,7 +240,7 @@
> >
> > public void testAuthTokenInjection_updatedToken() throws Exception {
> > expect(fixture.request.getParameter("st")).andReturn("fake-token");
> > - expect(securityTokenDecoder.createToken("fake-token")).andReturn(
> > +
> >
> expect(securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(
> > new FakeGadgetToken("updated-token", null));
> > String content = parseBasicGadget(GadgetSpec.DEFAULT_VIEW);
> > JSONObject auth = parseShindigAuthConfig(content);
> >
> > Modified:
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java
> > Tue Jun 24 17:44:39 2008
> > @@ -27,6 +27,7 @@
> > import static org.junit.Assert.assertTrue;
> >
> > import org.apache.shindig.common.SecurityToken;
> > +import org.apache.shindig.common.SecurityTokenDecoder;
> > import org.apache.shindig.common.SecurityTokenException;
> > import org.apache.shindig.common.testing.FakeGadgetToken;
> > import org.apache.shindig.gadgets.GadgetException;
> > @@ -45,6 +46,7 @@
> > import org.junit.Test;
> >
> > import java.net.URI;
> > +import java.util.Collections;
> > import java.util.List;
> >
> > import javax.servlet.http.HttpServletResponse;
> > @@ -247,7 +249,7 @@
> > public void signedGetRequest() throws Exception {
> > // Doesn't actually sign since it returns the standard fetcher.
> > // Signing tests are in SigningFetcherTest
> > -
> >
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(DUMMY_TOKEN);
> > +
> >
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(DUMMY_TOKEN);
> >
> >
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> > .andReturn("fake-token").atLeastOnce();
> > expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> > @@ -267,7 +269,7 @@
> > // Doesn't actually sign since it returns the standard fetcher.
> > // Signing tests are in SigningFetcherTest
> > expectPostAndReturnBody(fixture.signingFetcher, REQUEST_BODY,
> > RESPONSE_BODY);
> > -
> >
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(DUMMY_TOKEN);
> > +
> >
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(DUMMY_TOKEN);
> >
> >
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> > .andReturn("fake-token").atLeastOnce();
> > expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> > @@ -288,7 +290,7 @@
> > // Signing tests are in SigningFetcherTest
> > expectGetAndReturnBody(fixture.signingFetcher, RESPONSE_BODY);
> > FakeGadgetToken authToken = new FakeGadgetToken("updated");
> > -
> >
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(authToken);
> > +
> >
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(authToken);
> >
> >
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> > .andReturn("fake-token").atLeastOnce();
> > expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> > @@ -308,7 +310,7 @@
> > // OAuth tests are in OAuthFetcherTest
> > expectGetAndReturnBody(fixture.oauthFetcher, RESPONSE_BODY);
> > FakeGadgetToken authToken = new FakeGadgetToken("updated");
> > -
> >
> expect(fixture.securityTokenDecoder.createToken("fake-token")).andReturn(authToken);
> > +
> >
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token"))).andReturn(authToken);
> >
> >
> expect(fixture.request.getParameter(MakeRequestHandler.SECURITY_TOKEN_PARAM))
> > .andReturn("fake-token").atLeastOnce();
> > expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> > @@ -353,7 +355,7 @@
> > .andReturn("fake-token").atLeastOnce();
> > expect(fixture.request.getParameter(Preload.AUTHZ_ATTR))
> > .andReturn(Auth.SIGNED.toString()).atLeastOnce();
> > - expect(fixture.securityTokenDecoder.createToken("fake-token"))
> > +
> >
> expect(fixture.securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > "fake-token")))
> > .andThrow(new SecurityTokenException("No!"));
> > fixture.replay();
> >
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServlet.java
> > Tue Jun 24 17:44:39 2008
> > @@ -21,22 +21,25 @@
> > import org.apache.shindig.common.SecurityTokenDecoder;
> > import org.apache.shindig.common.SecurityTokenException;
> > import org.apache.shindig.common.servlet.InjectedServlet;
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > import org.apache.shindig.social.opensocial.util.BeanJsonConverter;
> > -
> > -import com.google.inject.Inject;
> > -import com.google.common.collect.Lists;
> > import org.json.JSONArray;
> > import org.json.JSONException;
> > import org.json.JSONObject;
> >
> > -import javax.servlet.http.HttpServletRequest;
> > -import javax.servlet.http.HttpServletResponse;
> > +import com.google.common.collect.Lists;
> > +import com.google.inject.Inject;
> > +import com.google.inject.name.Named;
> > +
> > import java.io.IOException;
> > import java.io.PrintWriter;
> > -import java.util.ArrayList;
> > import java.util.List;
> > +import java.util.Map;
> > import java.util.logging.Logger;
> >
> > +import javax.servlet.http.HttpServletRequest;
> > +import javax.servlet.http.HttpServletResponse;
> > +
> > /**
> > * Servlet for handling gadget requests for data. The request accepts one
> > json
> > * parameter of the format:
> > @@ -57,9 +60,12 @@
> > private static final Logger logger
> > = Logger.getLogger("org.apache.shindig.social");
> >
> > + public static final String REQUEST_PARAMETER_NAME = "request";
> > +
> > private List<GadgetDataHandler> handlers;
> > private SecurityTokenDecoder securityTokenDecoder;
> > private BeanJsonConverter beanJsonConverter;
> > + private ParameterFetcher parameterFetcher;
> >
> > @Inject
> > public void setGadgetDataHandlers(List<GadgetDataHandler> handlers) {
> > @@ -76,21 +82,24 @@
> > this.beanJsonConverter = beanJsonConverter;
> > }
> >
> > + @Inject
> > + public void setParameterFetcher(@Named("GadgetDataServlet")
> > ParameterFetcher parameterFetcher) {
> > + this.parameterFetcher = parameterFetcher;
> > + }
> > +
> > @Override
> > protected void doPost(HttpServletRequest req, HttpServletResponse resp)
> > throws IOException {
> >
> > req.setCharacterEncoding("UTF-8");
> > - String requestParam = req.getParameter("request");
> > - String token = req.getParameter("st");
> >
> > DataResponse response;
> > try {
> > - response = new DataResponse(createResponse(requestParam, token));
> > + response = new
> > DataResponse(createResponse(parameterFetcher.fetch(req)));
> > } catch (JSONException e) {
> > response = new DataResponse(ResponseError.BAD_REQUEST);
> > } catch (SecurityTokenException e) {
> > - logger.info("Request was made with invalid security token: " +
> > token);
> > + logger.info("Request was made with invalid security token: " +
> > e.getMessage());
> > response = new DataResponse(ResponseError.BAD_REQUEST);
> > }
> > resp.setContentType("application/json; charset=utf-8");
> > @@ -99,12 +108,12 @@
> > writer.write(json.toString());
> > }
> >
> > - private List<ResponseItem> createResponse(String requestParam, String
> > token)
> > + private List<ResponseItem> createResponse(Map<String, String>
> > parameters)
> > throws JSONException, SecurityTokenException {
> > - if (token == null || token.trim().length() == 0) {
> > - throw new SecurityTokenException("Missing security token");
> > - }
> > - SecurityToken securityToken =
> securityTokenDecoder.createToken(token);
> > +
> > + final SecurityToken securityToken =
> > securityTokenDecoder.createToken(parameters);
> > +
> > + final String requestParam = parameters.get(REQUEST_PARAMETER_NAME);
> >
> > // TODO: Improve json input handling. The json request should get
> auto
> > // translated into objects
> >
> > Added:
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java?rev=671387&view=auto
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> > (added)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/GadgetDataServletFetcher.java
> > Tue Jun 24 17:44:39 2008
> > @@ -0,0 +1,47 @@
> > +/*
> > + * Licensed to the Apache Software Foundation (ASF) under one
> > + * or more contributor license agreements. See the NOTICE file
> > + * distributed with this work for additional information
> > + * regarding copyright ownership. The ASF licenses this file
> > + * to you under the Apache License, Version 2.0 (the
> > + * "License"); you may not use this file except in compliance
> > + * with the License. You may obtain a copy of the License at
> > + *
> > + * http://www.apache.org/licenses/LICENSE-2.0
> > + *
> > + * Unless required by applicable law or agreed to in writing,
> > + * software distributed under the License is distributed on an
> > + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> > + * KIND, either express or implied. See the License for the
> > + * specific language governing permissions and limitations under the
> > License.
> > + */
> > +
> > +package org.apache.shindig.social;
> > +
> > +import org.apache.shindig.common.SecurityTokenDecoder;
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > +
> > +import com.google.common.collect.Maps;
> > +
> > +import java.util.Map;
> > +
> > +import javax.servlet.http.HttpServletRequest;
> > +
> > +/**
> > + * Default implementation for the GadgetDataServlet parameter fetcher.
> Do
> > not
> > + * change unless you have a compelling need to pass more parameters into
> > the
> > + * createResponse method.
> > + */
> > +public class GadgetDataServletFetcher
> > + implements ParameterFetcher
> > +{
> > + public Map<String, String> fetch(HttpServletRequest req)
> > + {
> > + final Map<String, String> params =
> > Maps.newHashMapWithExpectedSize(2);
> > + params.put(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > req.getParameter("st"));
> > + params.put(GadgetDataServlet.REQUEST_PARAMETER_NAME,
> > req.getParameter(GadgetDataServlet.REQUEST_PARAMETER_NAME));
> > +
> > + return params;
> > + }
> > +}
> > +
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/SocialApiGuiceModule.java
> > Tue Jun 24 17:44:39 2008
> > @@ -18,9 +18,11 @@
> > */
> > package org.apache.shindig.social;
> >
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > import org.apache.shindig.social.abdera.SocialRouteManager;
> > import org.apache.shindig.social.dataservice.ActivityService;
> > import org.apache.shindig.social.dataservice.AppDataService;
> > +import org.apache.shindig.social.dataservice.DataServiceServletFetcher;
> > import org.apache.shindig.social.dataservice.PersonService;
> > import org.apache.shindig.social.opensocial.ActivitiesService;
> > import org.apache.shindig.social.opensocial.DataService;
> > @@ -41,6 +43,7 @@
> > import com.google.inject.Inject;
> > import com.google.inject.Provider;
> > import com.google.inject.TypeLiteral;
> > +import com.google.inject.name.Names;
> >
> > import java.util.List;
> >
> > @@ -65,6 +68,9 @@
> >
> > bind(SocialRouteManager.class).to(SampleContainerRouteManager.class);
> >
> > +
> >
> bind(ParameterFetcher.class).annotatedWith(Names.named("GadgetDataServlet")).to(GadgetDataServletFetcher.class);
> > +
> >
> bind(ParameterFetcher.class).annotatedWith(Names.named("DataServiceServlet")).to(DataServiceServletFetcher.class);
> > +
> > bind(Activity.class).to(ActivityImpl.class);
> > bind(MediaItem.class).to(MediaItemImpl.class);
> > }
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/abdera/AbstractSocialEntityCollectionAdapter.java
> > Tue Jun 24 17:44:39 2008
> > @@ -46,6 +46,7 @@
> > import
> > org.apache.abdera.protocol.server.impl.AbstractEntityCollectionAdapter;
> > import org.json.JSONException;
> >
> > +import java.util.Collections;
> > import java.util.Date;
> > import java.util.List;
> > import java.util.Map;
> > @@ -115,7 +116,7 @@
> > if (token == null || token.trim().length() == 0) {
> > throw new SecurityTokenException("Missing security token");
> > }
> > - return securityTokenDecoder.createToken(token);
> > + return
> >
> securityTokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > token));
> > }
> >
> > /**
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServlet.java
> > Tue Jun 24 17:44:39 2008
> > @@ -21,6 +21,7 @@
> > import org.apache.shindig.common.SecurityTokenDecoder;
> > import org.apache.shindig.common.SecurityTokenException;
> > import org.apache.shindig.common.servlet.InjectedServlet;
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > import org.apache.shindig.social.ResponseItem;
> > import org.apache.shindig.social.opensocial.util.BeanConverter;
> > import org.apache.shindig.social.opensocial.util.BeanJsonConverter;
> > @@ -29,6 +30,7 @@
> > import com.google.common.collect.Maps;
> > import com.google.inject.Inject;
> > import com.google.inject.Injector;
> > +import com.google.inject.name.Named;
> > import org.apache.commons.io.IOUtils;
> > import org.apache.commons.lang.StringUtils;
> > import org.json.JSONException;
> > @@ -62,6 +64,7 @@
> > private Map<String, Class<? extends DataRequestHandler>> handlers;
> > private BeanJsonConverter jsonConverter;
> > private BeanXmlConverter xmlConverter;
> > + private ParameterFetcher parameterFetcher;
> > private static final String JSON_BATCH_ROUTE = "jsonBatch";
> >
> > @Inject
> > @@ -80,6 +83,11 @@
> > this.xmlConverter = xmlConverter;
> > }
> >
> > + @Inject
> > + public void setParameterFetcher(@Named("DataServiceServlet")
> > ParameterFetcher parameterFetcher) {
> > + this.parameterFetcher = parameterFetcher;
> > + }
> > +
> > // Only for testing use. Do not override the injector.
> > public void setInjector(Injector injector) {
> > this.injector = injector;
> > @@ -181,7 +189,7 @@
> > SecurityToken getSecurityToken(HttpServletRequest servletRequest) {
> > SecurityToken token;
> > try {
> > - token =
> >
> securityTokenDecoder.createToken(servletRequest.getParameter(SECURITY_TOKEN_PARAM));
> > + token =
> > securityTokenDecoder.createToken(parameterFetcher.fetch(servletRequest));
> > } catch (SecurityTokenException e) {
> > throw new RuntimeException("Implement error return for bad security
> > token.", e);
> > }
> >
> > Added:
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java?rev=671387&view=auto
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> > (added)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/dataservice/DataServiceServletFetcher.java
> > Tue Jun 24 17:44:39 2008
> > @@ -0,0 +1,45 @@
> > +/*
> > + * Licensed to the Apache Software Foundation (ASF) under one
> > + * or more contributor license agreements. See the NOTICE file
> > + * distributed with this work for additional information
> > + * regarding copyright ownership. The ASF licenses this file
> > + * to you under the Apache License, Version 2.0 (the
> > + * "License"); you may not use this file except in compliance
> > + * with the License. You may obtain a copy of the License at
> > + *
> > + * http://www.apache.org/licenses/LICENSE-2.0
> > + *
> > + * Unless required by applicable law or agreed to in writing,
> > + * software distributed under the License is distributed on an
> > + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> > + * KIND, either express or implied. See the License for the
> > + * specific language governing permissions and limitations under the
> > License.
> > + */
> > +
> > +package org.apache.shindig.social.dataservice;
> > +
> > +import org.apache.shindig.common.SecurityTokenDecoder;
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > +
> > +import com.google.common.collect.Maps;
> > +
> > +import java.util.Map;
> > +
> > +import javax.servlet.http.HttpServletRequest;
> > +
> > +/**
> > + * Default implementation for the GadgetDataServlet parameter fetcher.
> Do
> > not
> > + * change unless you have a compelling need to pass more parameters into
> > the
> > + * createResponse method.
> > + */
> > +public class DataServiceServletFetcher
> > + implements ParameterFetcher
> > +{
> > + public Map<String, String> fetch(HttpServletRequest req)
> > + {
> > + final Map<String, String> params =
> > Maps.newHashMapWithExpectedSize(1);
> > + params.put(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > req.getParameter("st"));
> > + return params;
> > + }
> > +}
> > +
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/SocialApiTestsGuiceModule.java
> > Tue Jun 24 17:44:39 2008
> > @@ -20,9 +20,11 @@
> >
> > import org.apache.shindig.common.BasicSecurityTokenDecoder;
> > import org.apache.shindig.common.SecurityTokenDecoder;
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > import org.apache.shindig.social.abdera.SocialRouteManager;
> > import org.apache.shindig.social.dataservice.ActivityService;
> > import org.apache.shindig.social.dataservice.AppDataService;
> > +import org.apache.shindig.social.dataservice.DataServiceServletFetcher;
> > import org.apache.shindig.social.dataservice.PersonService;
> > import org.apache.shindig.social.opensocial.ActivitiesService;
> > import org.apache.shindig.social.opensocial.DataService;
> > @@ -57,6 +59,7 @@
> > import com.google.common.collect.Maps;
> > import com.google.inject.AbstractModule;
> > import com.google.inject.Singleton;
> > +import com.google.inject.name.Names;
> >
> > import java.net.URI;
> > import java.util.Date;
> > @@ -87,6 +90,9 @@
> >
> > bind(SecurityTokenDecoder.class).to(BasicSecurityTokenDecoder.class);
> >
> > +
> >
> bind(ParameterFetcher.class).annotatedWith(Names.named("GadgetDataServlet")).to(GadgetDataServletFetcher.class);
> > +
> >
> bind(ParameterFetcher.class).annotatedWith(Names.named("DataServiceServlet")).to(DataServiceServletFetcher.class);
> > +
> > bind(Activity.class).to(ActivityImpl.class);
> > bind(MediaItem.class).to(MediaItemImpl.class);
> > }
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/DataServiceServletTest.java
> > Tue Jun 24 17:44:39 2008
> > @@ -18,7 +18,9 @@
> > package org.apache.shindig.social.dataservice;
> >
> > import org.apache.shindig.common.BasicSecurityTokenDecoder;
> > +import org.apache.shindig.common.SecurityTokenDecoder;
> > import org.apache.shindig.common.SecurityTokenException;
> > +import org.apache.shindig.common.servlet.ParameterFetcher;
> > import org.apache.shindig.common.testing.FakeGadgetToken;
> > import org.apache.shindig.social.ResponseItem;
> > import org.apache.shindig.social.SocialApiTestsGuiceModule;
> > @@ -36,6 +38,7 @@
> > import javax.servlet.http.HttpServletResponse;
> > import java.io.PrintWriter;
> > import java.io.IOException;
> > +import java.util.Collections;
> > import java.util.Enumeration;
> > import java.util.StringTokenizer;
> >
> > @@ -76,6 +79,8 @@
> >
> > servlet.setBeanConverters(jsonConverter, xmlConverter);
> >
> > + servlet.setParameterFetcher(new DataServiceServletFetcher());
> > +
> > tokenDecoder = EasyMock.createMock(BasicSecurityTokenDecoder.class);
> > servlet.setSecurityTokenDecoder(tokenDecoder);
> > }
> > @@ -135,7 +140,7 @@
> > .andReturn(tokenString);
> >
> > FakeGadgetToken token = new FakeGadgetToken();
> > -
> > EasyMock.expect(tokenDecoder.createToken(tokenString)).andReturn(token);
> > +
> >
> EasyMock.expect(tokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > tokenString))).andReturn(token);
> >
> > setupInjector();
> >
> > @@ -171,7 +176,7 @@
> > String tokenString = "owner:viewer:app:container.com:foo:bar";
> >
> >
> EasyMock.expect(req.getParameter(DataServiceServlet.SECURITY_TOKEN_PARAM))
> > .andReturn(tokenString);
> > - EasyMock.expect(tokenDecoder.createToken(tokenString)).andThrow(new
> > SecurityTokenException(""));
> > +
> >
> EasyMock.expect(tokenDecoder.createToken(Collections.singletonMap(SecurityTokenDecoder.SECURITY_TOKEN_NAME,
> > tokenString))).andThrow(new SecurityTokenException(""));
> >
> > EasyMock.replay(req, tokenDecoder);
> > try {
> >
> > Modified:
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> > URL:
> >
> http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java?rev=671387&r1=671386&r2=671387&view=diff
> >
> >
> ==============================================================================
> > ---
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> > (original)
> > +++
> >
> incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/dataservice/integration/AbstractLargeRestfulTests.java
> > Tue Jun 24 17:44:39 2008
> > @@ -18,11 +18,13 @@
> > package org.apache.shindig.social.dataservice.integration;
> >
> > import org.apache.shindig.common.BasicSecurityTokenDecoder;
> > +import org.apache.shindig.social.GadgetDataServletFetcher;
> > import org.apache.shindig.social.SocialApiTestsGuiceModule;
> > import org.apache.shindig.social.dataservice.ActivityHandler;
> > import org.apache.shindig.social.dataservice.AppDataHandler;
> > import org.apache.shindig.social.dataservice.DataRequestHandler;
> > import org.apache.shindig.social.dataservice.DataServiceServlet;
> > +import org.apache.shindig.social.dataservice.DataServiceServletFetcher;
> > import org.apache.shindig.social.dataservice.HandlerProvider;
> > import org.apache.shindig.social.dataservice.PersonHandler;
> > import org.apache.shindig.social.opensocial.util.BeanJsonConverter;
> > @@ -67,6 +69,7 @@
> > servlet.setBeanConverters(new BeanJsonConverter(
> > Guice.createInjector(new SocialApiTestsGuiceModule())), new
> > BeanXmlConverter());
> > servlet.setSecurityTokenDecoder(new BasicSecurityTokenDecoder());
> > + servlet.setParameterFetcher(new DataServiceServletFetcher());
> >
> > req = EasyMock.createMock(HttpServletRequest.class);
> > res = EasyMock.createMock(HttpServletResponse.class);
> > @@ -162,4 +165,4 @@
> > return columns;
> > }
> >
> > -}
> > \ No newline at end of file
> > +}
> >
> >
> >
>