You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@shindig.apache.org by "Dan Dumont (Created) (JIRA)" <ji...@apache.org> on 2011/10/21 17:20:32 UTC
[jira] [Created] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
-----------------------------------------------------------------------------------------------------------------------------------------------------------
Key: SHINDIG-1646
URL: https://issues.apache.org/jira/browse/SHINDIG-1646
Project: Shindig
Issue Type: Improvement
Reporter: Dan Dumont
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13139862#comment-13139862 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/#review2935
-----------------------------------------------------------
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js
<https://reviews.apache.org/r/2525/#comment6569>
Are there any cases where the token TTL would not be returned in the metadata? I assume not...
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js
<https://reviews.apache.org/r/2525/#comment6571>
I believe there is a function int he container utils to give you the current ms, probably want to use that
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js
<https://reviews.apache.org/r/2525/#comment6572>
Same as above
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js
<https://reviews.apache.org/r/2525/#comment6573>
here too :)
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java
<https://reviews.apache.org/r/2525/#comment6577>
Seems like it might make sense to update the unit tests which validate the info returned in the metadata request to check for the ttl.
- Ryan
On 2011-10-26 17:46:48, Dan Dumont wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/2525/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-10-26 17:46:48)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This change adds the token TTL to the metadata request for a gadget needing token refresh.
bq. The container uses the token's ttl to manage the refresh cycle of tokens.
bq.
bq. Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
bq. they will *all* be executed in order when able.
bq.
bq. A few TODO's in the code I did not have time to address.
bq. One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
bq.
bq.
bq. This addresses bug SHINDIG-1646.
bq. https://issues.apache.org/jira/browse/SHINDIG-1646
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1189191
bq.
bq. Diff: https://reviews.apache.org/r/2525/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Tests updated to cope with interface changes. All tests pass.
bq.
bq.
bq. Thanks,
bq.
bq. Dan
bq.
bq.
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
> Attachments: upstream.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13141816#comment-13141816 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/#review3004
-----------------------------------------------------------
Ship it!
Committed revision 1196414.
- Ryan
On 2011-11-01 15:51:26, Dan Dumont wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/2525/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-11-01 15:51:26)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This change adds the token TTL to the metadata request for a gadget needing token refresh.
bq. The container uses the token's ttl to manage the refresh cycle of tokens.
bq.
bq. Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
bq. they will *all* be executed in order when able.
bq.
bq. A few TODO's in the code I did not have time to address.
bq. One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
bq.
bq.
bq. This addresses bug SHINDIG-1646.
bq. https://issues.apache.org/jira/browse/SHINDIG-1646
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1195992
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java 1195992
bq.
bq. Diff: https://reviews.apache.org/r/2525/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Tests updated to cope with interface changes. All tests pass.
bq.
bq.
bq. Thanks,
bq.
bq. Dan
bq.
bq.
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
> Attachments: upstream.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Resolved] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "Dan Dumont (Resolved) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Dumont resolved SHINDIG-1646.
---------------------------------
Resolution: Fixed
1196414
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
> Attachments: upstream.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136130#comment-13136130 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
bq. On 2011-10-26 15:27:55, Stanton Sievers wrote:
bq. > http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js, line 115
bq. > <https://reviews.apache.org/r/2525/diff/1/?file=53391#file53391line115>
bq. >
bq. > What happens if TOKEN_REFRESH_INTERVAL is defined to be greater than the TTL for the tokens, i.e., 1 hour? Shouldn't we really take the smallest of the two when figuring out when to refresh?
I will update the comments. Right now, if set to any non-negative number, token ttls will be used.
bq. On 2011-10-26 15:27:55, Stanton Sievers wrote:
bq. > http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java, line 215
bq. > <https://reviews.apache.org/r/2525/diff/1/?file=53400#file53400line215>
bq. >
bq. > Here you use "tokenttl" all lower-case but in the container.js code you use "tokenTTL". I'm assuming this isn't breaking because the code is case insensitive, but it would be nice for consistency.
True, will fix.
- Dan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/#review2859
-----------------------------------------------------------
On 2011-10-26 14:31:43, Dan Dumont wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/2525/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-10-26 14:31:43)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This change adds the token TTL to the metadata request for a gadget needing token refresh.
bq. The container uses the token's ttl to manage the refresh cycle of tokens.
bq.
bq. Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
bq. they will *all* be executed in order when able.
bq.
bq. A few TODO's in the code I did not have time to address.
bq. One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
bq.
bq.
bq. This addresses bug SHINDIG-1646.
bq. https://issues.apache.org/jira/browse/SHINDIG-1646
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1189191
bq.
bq. Diff: https://reviews.apache.org/r/2525/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Tests updated to cope with interface changes. All tests pass.
bq.
bq.
bq. Thanks,
bq.
bq. Dan
bq.
bq.
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13141179#comment-13141179 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
bq. On 2011-10-31 02:09:02, Ryan Baxter wrote:
bq. > http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js, line 609
bq. > <https://reviews.apache.org/r/2525/diff/2/?file=53449#file53449line609>
bq. >
bq. > I believe there is a function int he container utils to give you the current ms, probably want to use that
Ok, but it seems silly to have a function for that... It probably gets inlined by closure anyway.
bq. On 2011-10-31 02:09:02, Ryan Baxter wrote:
bq. > http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java, line 544
bq. > <https://reviews.apache.org/r/2525/diff/2/?file=53458#file53458line544>
bq. >
bq. > Seems like it might make sense to update the unit tests which validate the info returned in the metadata request to check for the ttl.
ok
bq. On 2011-10-31 02:09:02, Ryan Baxter wrote:
bq. > http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js, line 225
bq. > <https://reviews.apache.org/r/2525/diff/2/?file=53449#file53449line225>
bq. >
bq. > Are there any cases where the token TTL would not be returned in the metadata? I assume not...
I'll put a check in the called method just in case.
- Dan
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/#review2935
-----------------------------------------------------------
On 2011-10-26 17:46:48, Dan Dumont wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/2525/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-10-26 17:46:48)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This change adds the token TTL to the metadata request for a gadget needing token refresh.
bq. The container uses the token's ttl to manage the refresh cycle of tokens.
bq.
bq. Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
bq. they will *all* be executed in order when able.
bq.
bq. A few TODO's in the code I did not have time to address.
bq. One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
bq.
bq.
bq. This addresses bug SHINDIG-1646.
bq. https://issues.apache.org/jira/browse/SHINDIG-1646
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1189191
bq.
bq. Diff: https://reviews.apache.org/r/2525/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Tests updated to cope with interface changes. All tests pass.
bq.
bq.
bq. Thanks,
bq.
bq. Dan
bq.
bq.
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
> Attachments: upstream.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136016#comment-13136016 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/
-----------------------------------------------------------
Review request for shindig.
Summary
-------
This change adds the token TTL to the metadata request for a gadget needing token refresh.
The container uses the token's ttl to manage the refresh cycle of tokens.
Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
they will *all* be executed in order when able.
A few TODO's in the code I did not have time to address.
One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
This addresses bug SHINDIG-1646.
https://issues.apache.org/jira/browse/SHINDIG-1646
Diffs
-----
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1189191
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1189191
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1189191
Diff: https://reviews.apache.org/r/2525/diff
Testing
-------
Tests updated to cope with interface changes. All tests pass.
Thanks,
Dan
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136145#comment-13136145 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/
-----------------------------------------------------------
(Updated 2011-10-26 17:46:48.335551)
Review request for shindig.
Changes
-------
Updated with changes from Stanton's review.
Summary
-------
This change adds the token TTL to the metadata request for a gadget needing token refresh.
The container uses the token's ttl to manage the refresh cycle of tokens.
Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
they will *all* be executed in order when able.
A few TODO's in the code I did not have time to address.
One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
This addresses bug SHINDIG-1646.
https://issues.apache.org/jira/browse/SHINDIG-1646
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1189191
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1189191
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1189191
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1189191
Diff: https://reviews.apache.org/r/2525/diff
Testing
-------
Tests updated to cope with interface changes. All tests pass.
Thanks,
Dan
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13141259#comment-13141259 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/
-----------------------------------------------------------
(Updated 2011-11-01 15:51:26.414131)
Review request for shindig.
Changes
-------
Updated with changes from Ryan's feedback.
Summary
-------
This change adds the token TTL to the metadata request for a gadget needing token refresh.
The container uses the token's ttl to manage the refresh cycle of tokens.
Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
they will *all* be executed in order when able.
A few TODO's in the code I did not have time to address.
One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
This addresses bug SHINDIG-1646.
https://issues.apache.org/jira/browse/SHINDIG-1646
Diffs (updated)
-----
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1195992
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1195992
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1195992
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java 1195992
Diff: https://reviews.apache.org/r/2525/diff
Testing
-------
Tests updated to cope with interface changes. All tests pass.
Thanks,
Dan
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
> Attachments: upstream.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Commented] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "jiraposter@reviews.apache.org (Commented) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13136038#comment-13136038 ]
jiraposter@reviews.apache.org commented on SHINDIG-1646:
--------------------------------------------------------
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/2525/#review2859
-----------------------------------------------------------
A couple of questions, but in general this looks good to me.
http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js
<https://reviews.apache.org/r/2525/#comment6392>
What happens if TOKEN_REFRESH_INTERVAL is defined to be greater than the TTL for the tokens, i.e., 1 hour? Shouldn't we really take the smallest of the two when figuring out when to refresh?
http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java
<https://reviews.apache.org/r/2525/#comment6391>
Here you use "tokenttl" all lower-case but in the container.js code you use "tokenTTL". I'm assuming this isn't breaking because the code is case insensitive, but it would be nice for consistency.
- Stanton
On 2011-10-26 14:31:43, Dan Dumont wrote:
bq.
bq. -----------------------------------------------------------
bq. This is an automatically generated e-mail. To reply, visit:
bq. https://reviews.apache.org/r/2525/
bq. -----------------------------------------------------------
bq.
bq. (Updated 2011-10-26 14:31:43)
bq.
bq.
bq. Review request for shindig.
bq.
bq.
bq. Summary
bq. -------
bq.
bq. This change adds the token TTL to the metadata request for a gadget needing token refresh.
bq. The container uses the token's ttl to manage the refresh cycle of tokens.
bq.
bq. Refresh cycle impl was changed from setInterval to setTimeout because if intervals are missed due to inability to schedule them (suspend/sleep/hibernate/busy)
bq. they will *all* be executed in order when able.
bq.
bq. A few TODO's in the code I did not have time to address.
bq. One is configurable token TTL values via ContainerConfig. Another is better managing refresh cycle when using tokens any of which may have varying expirations.
bq.
bq.
bq. This addresses bug SHINDIG-1646.
bq. https://issues.apache.org/jira/browse/SHINDIG-1646
bq.
bq.
bq. Diffs
bq. -----
bq.
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/constant.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container.util/util.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/features/src/main/javascript/features/container/container.js 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerApi.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java 1189191
bq. http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java 1189191
bq.
bq. Diff: https://reviews.apache.org/r/2525/diff
bq.
bq.
bq. Testing
bq. -------
bq.
bq. Tests updated to cope with interface changes. All tests pass.
bq.
bq.
bq. Thanks,
bq.
bq. Dan
bq.
bq.
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
[jira] [Updated] (SHINDIG-1646) Put token expiration in
ContainerConfig and provide token expirys in metadata responses so the
common container can decide when to expire tokens correctly.
Posted by "Dan Dumont (Updated) (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-1646?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Dan Dumont updated SHINDIG-1646:
--------------------------------
Attachment: upstream.patch
> Put token expiration in ContainerConfig and provide token expirys in metadata responses so the common container can decide when to expire tokens correctly.
> -----------------------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: SHINDIG-1646
> URL: https://issues.apache.org/jira/browse/SHINDIG-1646
> Project: Shindig
> Issue Type: Improvement
> Reporter: Dan Dumont
> Attachments: upstream.patch
>
>
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira