You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by ch...@apache.org on 2008/05/21 18:58:53 UTC
svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/
src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/
src/gadgets/samplecontainer/ src/socialdata/http/
Author: chabotc
Date: Wed May 21 09:58:52 2008
New Revision: 658758
URL: http://svn.apache.org/viewvc?rev=658758&view=rev
Log:
Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your great work on this. This patch implements OAuth and signed request support
Added:
incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
incubator/shindig/trunk/php/src/gadgets/oauth/
incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
incubator/shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthRequestParams.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthServiceProvider.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
Modified:
incubator/shindig/trunk/php/config.php
incubator/shindig/trunk/php/index.php
incubator/shindig/trunk/php/src/common/JsMin.php
incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
incubator/shindig/trunk/php/src/common/Zend/Loader.php
incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php
incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
incubator/shindig/trunk/php/src/gadgets/samplecontainer/BasicBlobCrypter.php
incubator/shindig/trunk/php/src/socialdata/http/GadgetDataServlet.php
Modified: incubator/shindig/trunk/php/config.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/config.php (original)
+++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
@@ -1,4 +1,4 @@
-<?
+<?php
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
@@ -45,7 +45,7 @@
// Configurable CSS rules that are injected to the gadget page,
// be careful when adjusting these not to break most gadget's layouts :)
'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} a {color:#0000cc;}a:visited {color:#551a8b;}a:active {color:#ff0000;}body{margin: 0px;padding: 0px;background-color:white;}',
- // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} body {background-color:#ffffff; font-family: arial, sans-serif; padding: 0px; margin: 0px; font-size: 12px; color: #000000;}a, a:visited {color: #3366CC;text-decoration: none; }a:hover {color: #3366CC; text-decoration: underline;} input, select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
+ //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} body {background-color:#ffffff; font-family: arial, sans-serif; padding: 0px; margin: 0px; font-size: 12px; color: #000000;}a, a:visited {color: #3366CC;text-decoration: none; }a:hover {color: #3366CC; text-decoration: underline;} input, select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
// The html / javascript samples use a plain text demo token,
// set this to false on anything resembling a real site
@@ -96,6 +96,13 @@
// global cache age policy and location
'cache_time' => 24 * 60 * 60,
'cache_root' => '/tmp/shindig',
+
+ // OAuth private key Path
+ 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/private.key',
+ // file path to public RSA cert
+ 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/public.crt',
+ // Phrase to decrypt private key. Leave empty if unencrypted
+ 'private_key_phrase' => 'partuza',
// In some cases we need to know the site root (for features forinstance)
'base_path' => realpath(dirname(__FILE__))
Modified: incubator/shindig/trunk/php/index.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/index.php (original)
+++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
@@ -1,4 +1,4 @@
-<?
+<?php
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
@@ -48,7 +48,7 @@
// To load these, we scan our entire directory structure
function __autoload($className)
{
- $locations = array('src/common', 'src/common/samplecontainer', 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http', 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/opensocial/model', 'src/socialdata/http', 'src/socialdata/samplecontainer');
+ $locations = array('src/common', 'src/common/samplecontainer', 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http', 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/opensocial/model', 'src/socialdata/http', 'src/socialdata/samplecontainer', 'src/gadgets/oauth');
// Check for the presense of this class in our all our directories.
$fileName = $className.'.php';
foreach ($locations as $path) {
@@ -65,7 +65,8 @@
Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
Config::get('web_prefix') . '/gadgets/ifr' => 'GadgetRenderingServlet',
Config::get('web_prefix') . '/gadgets/metadata' => 'JsonRpcServlet',
- Config::get('web_prefix') . '/social/data' => 'GadgetDataServlet'
+ Config::get('web_prefix') . '/social/data' => 'GadgetDataServlet',
+ Config::get('web_prefix') . '/public.crt' => 'CertServlet'
);
// Try to match the request url to our servlet mapping
Modified: incubator/shindig/trunk/php/src/common/JsMin.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/common/JsMin.php (original)
+++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21 09:58:52 2008
@@ -1,4 +1,5 @@
<?php
+
/**
* jsmin.php - PHP implementation of Douglas Crockford's JSMin.
*
@@ -48,243 +49,248 @@
class JsMinException extends Exception {}
class JsMin {
- const ORD_LF = 10;
- const ORD_SPACE = 32;
-
- protected $a = '';
- protected $b = '';
- protected $input = '';
- protected $inputIndex = 0;
- protected $inputLength = 0;
- protected $lookAhead = null;
- protected $output = '';
-
- // -- Public Static Methods --------------------------------------------------
-
- public static function minify($js) {
- $jsmin = new JsMin($js);
- return $jsmin->min();
- }
-
- // -- Public Instance Methods ------------------------------------------------
-
- public function __construct($input) {
- $this->input = str_replace("\r\n", "\n", $input);
- $this->inputLength = strlen($this->input);
- }
-
- // -- Protected Instance Methods ---------------------------------------------
-
- protected function action($d) {
- switch($d) {
- case 1:
- $this->output .= $this->a;
-
- case 2:
- $this->a = $this->b;
-
- if ($this->a === "'" || $this->a === '"') {
- for (;;) {
- $this->output .= $this->a;
- $this->a = $this->get();
-
- if ($this->a === $this->b) {
- break;
- }
-
- if (ord($this->a) <= self::ORD_LF) {
- throw new JsMinException('Unterminated string literal.');
- }
-
- if ($this->a === '\\') {
- $this->output .= $this->a;
- $this->a = $this->get();
- }
- }
- }
-
- case 3:
- $this->b = $this->next();
-
- if ($this->b === '/' && (
- $this->a === '(' || $this->a === ',' || $this->a === '=' ||
- $this->a === ':' || $this->a === '[' || $this->a === '!' ||
- $this->a === '&' || $this->a === '|' || $this->a === '?')) {
-
- $this->output .= $this->a . $this->b;
-
- for (;;) {
- $this->a = $this->get();
-
- if ($this->a === '/') {
- break;
- } elseif ($this->a === '\\') {
- $this->output .= $this->a;
- $this->a = $this->get();
- } elseif (ord($this->a) <= self::ORD_LF) {
- throw new JsMinException('Unterminated regular expression '.
- 'literal.');
- }
-
- $this->output .= $this->a;
- }
-
- $this->b = $this->next();
- }
- }
- }
-
- protected function get() {
- $c = $this->lookAhead;
- $this->lookAhead = null;
-
- if ($c === null) {
- if ($this->inputIndex < $this->inputLength) {
- $c = $this->input[$this->inputIndex];
- $this->inputIndex += 1;
- } else {
- $c = null;
- }
- }
-
- if ($c === "\r") {
- return "\n";
- }
-
- if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
- return $c;
- }
-
- return ' ';
- }
-
- protected function isAlphaNum($c) {
- return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/', $c) === 1;
- }
-
- protected function min() {
- $this->a = "\n";
- $this->action(3);
-
- while ($this->a !== null) {
- switch ($this->a) {
- case ' ':
- if ($this->isAlphaNum($this->b)) {
- $this->action(1);
- } else {
- $this->action(2);
- }
- break;
-
- case "\n":
- switch ($this->b) {
- case '{':
- case '[':
- case '(':
- case '+':
- case '-':
- $this->action(1);
- break;
-
- case ' ':
- $this->action(3);
- break;
-
- default:
- if ($this->isAlphaNum($this->b)) {
- $this->action(1);
- }
- else {
- $this->action(2);
- }
- }
- break;
-
- default:
- switch ($this->b) {
- case ' ':
- if ($this->isAlphaNum($this->a)) {
- $this->action(1);
- break;
- }
-
- $this->action(3);
- break;
-
- case "\n":
- switch ($this->a) {
- case '}':
- case ']':
- case ')':
- case '+':
- case '-':
- case '"':
- case "'":
- $this->action(1);
- break;
-
- default:
- if ($this->isAlphaNum($this->a)) {
- $this->action(1);
- }
- else {
- $this->action(3);
- }
- }
- break;
-
- default:
- $this->action(1);
- break;
- }
- }
- }
-
- return $this->output;
- }
-
- protected function next() {
- $c = $this->get();
-
- if ($c === '/') {
- switch($this->peek()) {
- case '/':
- for (;;) {
- $c = $this->get();
-
- if (ord($c) <= self::ORD_LF) {
- return $c;
- }
- }
-
- case '*':
- $this->get();
-
- for (;;) {
- switch($this->get()) {
- case '*':
- if ($this->peek() === '/') {
- $this->get();
- return ' ';
- }
- break;
-
- case null:
- throw new JsMinException('Unterminated comment.');
- }
- }
-
- default:
- return $c;
- }
- }
-
- return $c;
- }
-
- protected function peek() {
- $this->lookAhead = $this->get();
- return $this->lookAhead;
- }
+ const ORD_LF = 10;
+ const ORD_SPACE = 32;
+
+ protected $a = '';
+ protected $b = '';
+ protected $input = '';
+ protected $inputIndex = 0;
+ protected $inputLength = 0;
+ protected $lookAhead = null;
+ protected $output = '';
+
+ // -- Public Static Methods --------------------------------------------------
+
+
+ public static function minify($js)
+ {
+ $jsmin = new JsMin($js);
+ return $jsmin->min();
+ }
+
+ // -- Public Instance Methods ------------------------------------------------
+
+
+ public function __construct($input)
+ {
+ $this->input = str_replace("\r\n", "\n", $input);
+ $this->inputLength = strlen($this->input);
+ }
+
+ // -- Protected Instance Methods ---------------------------------------------
+
+
+ protected function action($d)
+ {
+ switch ($d) {
+ case 1:
+ $this->output .= $this->a;
+
+ case 2:
+ $this->a = $this->b;
+
+ if ($this->a === "'" || $this->a === '"') {
+ for (; ; ) {
+ $this->output .= $this->a;
+ $this->a = $this->get();
+
+ if ($this->a === $this->b) {
+ break;
+ }
+
+ if (ord($this->a) <= self::ORD_LF) {
+ throw new JsMinException('Unterminated string literal.');
+ }
+
+ if ($this->a === '\\') {
+ $this->output .= $this->a;
+ $this->a = $this->get();
+ }
+ }
+ }
+
+ case 3:
+ $this->b = $this->next();
+
+ if ($this->b === '/' && ($this->a === '(' || $this->a === ',' || $this->a === '=' || $this->a === ':' || $this->a === '[' || $this->a === '!' || $this->a === '&' || $this->a === '|' || $this->a === '?')) {
+
+ $this->output .= $this->a . $this->b;
+
+ for (; ; ) {
+ $this->a = $this->get();
+
+ if ($this->a === '/') {
+ break;
+ } elseif ($this->a === '\\') {
+ $this->output .= $this->a;
+ $this->a = $this->get();
+ } elseif (ord($this->a) <= self::ORD_LF) {
+ throw new JsMinException('Unterminated regular expression ' . 'literal.');
+ }
+
+ $this->output .= $this->a;
+ }
+
+ $this->b = $this->next();
+ }
+ }
+ }
+
+ protected function get()
+ {
+ $c = $this->lookAhead;
+ $this->lookAhead = null;
+
+ if ($c === null) {
+ if ($this->inputIndex < $this->inputLength) {
+ $c = $this->input[$this->inputIndex];
+ $this->inputIndex += 1;
+ } else {
+ $c = null;
+ }
+ }
+
+ if ($c === "\r") {
+ return "\n";
+ }
+
+ if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
+ return $c;
+ }
+
+ return ' ';
+ }
+
+ protected function isAlphaNum($c)
+ {
+ return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/', $c) === 1;
+ }
+
+ protected function min()
+ {
+ $this->a = "\n";
+ $this->action(3);
+
+ while ($this->a !== null) {
+ switch ($this->a) {
+ case ' ':
+ if ($this->isAlphaNum($this->b)) {
+ $this->action(1);
+ } else {
+ $this->action(2);
+ }
+ break;
+
+ case "\n":
+ switch ($this->b) {
+ case '{':
+ case '[':
+ case '(':
+ case '+':
+ case '-':
+ $this->action(1);
+ break;
+
+ case ' ':
+ $this->action(3);
+ break;
+
+ default:
+ if ($this->isAlphaNum($this->b)) {
+ $this->action(1);
+ } else {
+ $this->action(2);
+ }
+ }
+ break;
+
+ default:
+ switch ($this->b) {
+ case ' ':
+ if ($this->isAlphaNum($this->a)) {
+ $this->action(1);
+ break;
+ }
+
+ $this->action(3);
+ break;
+
+ case "\n":
+ switch ($this->a) {
+ case '}':
+ case ']':
+ case ')':
+ case '+':
+ case '-':
+ case '"':
+ case "'":
+ $this->action(1);
+ break;
+
+ default:
+ if ($this->isAlphaNum($this->a)) {
+ $this->action(1);
+ } else {
+ $this->action(3);
+ }
+ }
+ break;
+
+ default:
+ $this->action(1);
+ break;
+ }
+ }
+ }
+
+ return $this->output;
+ }
+
+ protected function next()
+ {
+ $c = $this->get();
+
+ if ($c === '/') {
+ switch ($this->peek()) {
+ case '/':
+ for (; ; ) {
+ $c = $this->get();
+
+ if (ord($c) <= self::ORD_LF) {
+ return $c;
+ }
+ }
+
+ case '*':
+ $this->get();
+
+ for (; ; ) {
+ switch ($this->get()) {
+ case '*':
+ if ($this->peek() === '/') {
+ $this->get();
+ return ' ';
+ }
+ break;
+
+ case null:
+ throw new JsMinException('Unterminated comment.');
+ }
+ }
+
+ default:
+ return $c;
+ }
+ }
+
+ return $c;
+ }
+
+ protected function peek()
+ {
+ $this->lookAhead = $this->get();
+ return $this->lookAhead;
+ }
}
Modified: incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php (original)
+++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php Wed May 21 09:58:52 2008
@@ -19,6 +19,18 @@
*/
abstract class RemoteContentFetcher {
+
+ protected $fetcher;
+
+ protected function setNextFetcher($fetcher = null)
+ {
+ $this->fetcher = $fetcher;
+ }
abstract public function fetchRequest($request);
+
+ public function getNextFetcher()
+ {
+ return $this->fetcher;
+ }
}
\ No newline at end of file
Modified: incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php (original)
+++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php Wed May 21 09:58:52 2008
@@ -15,13 +15,14 @@
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations under the License.
- *
+ *
*/
class RemoteContentRequest {
// these are used for making the request
- private $url = '';
- private $headers = false;
+ private $uri = '';
+ private $method = '';
+ private $headers = array();
private $postBody = false;
// these fields are filled in once the request has completed
private $responseContent = false;
@@ -29,20 +30,179 @@
private $responseHeaders = false;
private $httpCode = false;
private $contentType = null;
+ private $options;
public $handle = false;
+ public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded; charset=utf-8";
+ public static $DEFAULT_OPTIONS = array();
- public function __construct($url, $headers = false, $postBody = false)
+ public function __construct($uri, $headers = false, $postBody = false)
{
- $this->url = $url;
+ $this->uri = $uri;
$this->headers = $headers;
$this->postBody = $postBody;
}
+ public function createRemoteContentRequest($method, $uri, $headers, $postBody, $options)
+ {
+ $this->method = $method;
+ $this->uri = $uri;
+ $this->options = $options;
+ // Copy the headers
+ if (! isset($headers)) {
+ $this->headers = '';
+ } else {
+ $setPragmaHeader = false;
+ $tmpHeaders = '';
+ foreach ($headers as $key => $value) {
+ // Proxies should be bypassed with the Pragma: no-cache check.
+ //TODO double check array is good for options
+ if ($key == "Pragma" && @$options['ignoreCache']) {
+ $value = "no-cache";
+ $setPragmaHeader = true;
+ }
+ $tmpHeaders .= $key . ":" . $value . "\n";
+ }
+ // Bypass caching in proxies as well.
+ //TODO double check array is good for options
+ if (! $setPragmaHeader && @$options['ignoreCache']) {
+ $tmpHeaders .= "Pragma:no-cache\n";
+ }
+ $this->headers = $tmpHeaders;
+ }
+ if (! isset($postBody)) {
+ $this->postBody = '';
+ } else {
+ $this->postBody = array_merge($postBody, $this->postBody);
+ }
+ $type = $this->getHeader("Content-Type");
+ if (! isset($type)) {
+ $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
+ } else {
+ $this->contentType = $type;
+ }
+ }
+
+ /**
+ * Creates a new request to a different URL using all request data from
+ * an existing request.
+ *
+ * @param uri
+ * @param base The base request to copy data from.
+ */
+ public static function createRemoteContentRequestWithUriBase($uri, $base)
+ {
+ $this->uri = $uri;
+ $this->method = $base->method;
+ $this->options = $base->options;
+ $this->headers = $base->headers;
+ $this->contentType = $base->contentType;
+ $this->postBody = $base->postBody;
+ }
+
+ /**
+ * Basic GET request.
+ *
+ * @param uri
+ */
+ public function createRemoteContentRequestWithUri($uri)
+ {
+ $this->createRemoteContentRequest("GET", $uri, null, null, RemoteContentRequest::$DEFAULT_OPTIONS);
+ }
+
+ /**
+ * GET with options
+ *
+ * @param uri
+ * @param options
+ */
+ public function createRemoteContentRequestWithUriOptions($uri, $options)
+ {
+ $this->createRemoteContentRequest("GET", $uri, null, null, $options);
+ }
+
+ /**
+ * GET request with custom headers and default options
+ * @param uri
+ * @param headers
+ */
+ public function RemoteContentRequestWithUriHeaders($uri, $headers)
+ {
+ $this->createRemoteContentRequest("GET", $uri, $headers, null, RemoteContentRequest::$DEFAULT_OPTIONS);
+ }
+
+ /**
+ * GET request with custom headers + options
+ * @param uri
+ * @param headers
+ * @param options
+ */
+ public function createRemoteContentRequestWithUriHeadersOptions($uri, $headers, $options)
+ {
+ $this->createRemoteContentRequest("GET", $uri, $headers, null, $options);
+ }
+
+ /**
+ * Basic POST request
+ * @param uri
+ * @param postBody
+ */
+ public function RemoteContentRequestWithUriPostBody($uri, $postBody)
+ {
+ $this->createRemoteContentRequest("POST", $uri, null, $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
+ }
+
+ /**
+ * POST request with options
+ * @param uri
+ * @param postBody
+ * @param options
+ */
+ public function createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody, $options)
+ {
+ $this->createRemoteContentRequest("POST", $uri, null, $postBody, $options);
+ }
+
+ /**
+ * POST request with headers
+ * @param uri
+ * @param headers
+ * @param postBody
+ */
+ public function createRemoteContentRequestWithUriHeadersPostBody($uri, $headers, $postBody)
+ {
+ $this->createRemoteContentRequest("POST", $uri, $headers, $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
+ }
+
+ /**
+ * POST request with options + headers
+ * @param uri
+ * @param headers
+ * @param postBody
+ * @param options
+ */
+ public function createRemoteContentRequestWithUriHeadersPostBodyOptions($uri, $headers, $postBody, $options)
+ {
+ $this->createRemoteContentRequest("POST", $uri, $headers, $postBody, $options);
+ }
+
+ /**
+ * Creates a simple GET request
+ *
+ * @param uri
+ * @param ignoreCache
+ */
+ public function getRequest($uri, $ignoreCache)
+ {
+ $options = new Options();
+ $options->ignoreCache = $ignoreCache;
+ return $this->createRemoteContentRequestWithUriOptions($uri, $options);
+ }
+
// returns a hash code which identifies this request, used for caching
- // takes url and postbody into account for constructing the md5 checksum
+ // takes url and postbody into account for constructing the sha1 checksum
public function toHash()
{
- return md5($this->url . $this->postBody);
+ return md5($this->uri . $this->postBody);
}
public function getContentType()
@@ -92,7 +252,17 @@
public function getUrl()
{
- return $this->url;
+ return $this->uri;
+ }
+
+ public function getMethod()
+ {
+ return $this->method;
+ }
+
+ public function getOptions()
+ {
+ return $this->options;
}
public function setContentType($type)
@@ -125,14 +295,37 @@
$this->headers = $headers;
}
+ //FIXME: Find a better way to do this
+ // The headers can be an array of elements.
+ public function getHeader($headerName)
+ {
+ $headers = explode("\n", $this->headers);
+ foreach ($headers as $header) {
+ $key = explode(":", $header);
+ if ($key[0] == $headerName)
+ return $key[1];
+ }
+ return null;
+ }
+
public function setPostBody($postBody)
{
$this->postBody = $postBody;
}
- public function setUrl($url)
+ public function setUri($uri)
{
- $this->url = $url;
+ $this->uri = $uri;
}
-}
\ No newline at end of file
+}
+
+/**
+ * Bag of options for making a request.
+ *
+ * This object is mutable to keep us sane. Don't mess with it once you've
+ * sent it to RemoteContentRequest or bad things might happen.
+ */
+class Options {
+ public $ignoreCache = false;
+}
Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/common/Zend/Loader.php (original)
+++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May 21 09:58:52 2008
@@ -80,7 +80,7 @@
self::loadFile($file, $dirs, true);
} else {
self::_securityCheck($file);
- include_once $file;
+ include_once 'src/common/'.$file;
}
if (!class_exists($class, false) && !interface_exists($class, false)) {
Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed May 21 09:58:52 2008
@@ -26,21 +26,21 @@
* Server wide variables are stored in config.php
*/
class GadgetContext {
- private $httpFetcher = null;
- private $locale = null;
- private $renderingContext = null;
- private $registry = null;
- private $userPrefs = null;
- private $gadgetId = null;
- private $view = null;
- private $moduleId = null;
- private $url = null;
- private $cache = null;
- private $blacklist = null;
- private $ignoreCache = null;
- private $forcedJsLibs = null;
- private $containerConfig = null;
- private $container = null;
+ protected $httpFetcher = null;
+ protected $locale = null;
+ protected $renderingContext = null;
+ protected $registry = null;
+ protected $userPrefs = null;
+ protected $gadgetId = null;
+ protected $view = null;
+ protected $moduleId = null;
+ protected $url = null;
+ protected $cache = null;
+ protected $blacklist = null;
+ protected $ignoreCache = null;
+ protected $forcedJsLibs = null;
+ protected $containerConfig = null;
+ protected $container = null;
public function __construct($renderingContext)
{
Modified: incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php Wed May 21 09:58:52 2008
@@ -36,7 +36,7 @@
}
$gadget = new Gadget($context->getGadgetId(), $context);
// process ModulePref attributes
- $this->processModulePrefs($gadget, $doc->ModulePrefs);
+ $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
// process UserPrefs, if any
foreach ($doc->UserPref as $pref) {
$this->processUserPref($gadget, $pref);
@@ -54,7 +54,7 @@
return $gadget;
}
- private function processModulePrefs(&$gadget, $ModulePrefs)
+ private function processModulePrefs(&$gadget, $ModulePrefs, $context)
{
$attributes = $ModulePrefs->attributes();
if (empty($attributes['title'])) {
@@ -90,11 +90,11 @@
$gadget->scaling = isset($attributes['scaling']) ? trim($attributes['scaling']) : '';
$gadget->scrolling = isset($attributes['scrolling']) ? trim($attributes['scrolling']) : '';
foreach ($ModulePrefs->Locale as $locale) {
- $gadget->localeSpecs[] = $this->processLocale($locale);
+ $gadget->localeSpecs[] = $this->processLocale($locale, $context);
}
}
- private function processLocale($locale)
+ private function processLocale($locale, $context)
{
$attributes = $locale->attributes();
$messageAttr = isset($attributes['messages']) ? trim($attributes['messages']) : '';
Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May 21 09:58:52 2008
@@ -0,0 +1,70 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ *
+ */
+
+/**
+ * An abstract representation of a signing token.
+ * Use in conjunction with @code GadgetTokenDecoder.
+ */
+abstract class GadgetToken {
+
+ //FIXME Hmm seems php is refusing to let me make abstract static functions? odd
+ static public function createFromToken($token, $maxage) {}
+ static public function createFromValues($owner, $viewer, $app, $domain, $appUrl, $moduleId) {}
+
+
+ /**
+ * Serializes the token into a string. This can be the exact same as
+ * toString; using a different name here is only to force interface
+ * compliance.
+ *
+ * @return A string representation of the token.
+ */
+ abstract public function toSerialForm();
+
+ /**
+ * @return the owner from the token, or null if there is none.
+ */
+ abstract public function getOwnerId();
+
+ /**
+ * @return the viewer from the token, or null if there is none.
+ */
+ abstract public function getViewerId();
+
+ /**
+ * @return the application id from the token, or null if there is none.
+ */
+ abstract public function getAppId();
+
+ /**
+ * @return the domain from the token, or null if there is none.
+ */
+ abstract public function getDomain();
+
+ /**
+ * @return the URL of the application
+ */
+ abstract public function getAppUrl();
+
+ /**
+ * @return the module ID of the application
+ */
+ abstract public function getModuleId();
+}
Added: incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php Wed May 21 09:58:52 2008
@@ -0,0 +1,34 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Handles verification of gadget security tokens.
+ */
+abstract class GadgetTokenDecoder {
+
+ /**
+ * Decrypts and verifies a gadget security token to return a gadget token.
+ *
+ * @param tokenString String representation of the token to be created.
+ * @return The token representation of the input data.
+ * @throws GadgetException If tokenString is not a valid token
+ */
+ abstract public function createToken($tokenString);
+}
Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May 21 09:58:52 2008
@@ -24,7 +24,7 @@
private $content;
private $featureName; // used to track what feature this belongs to
private $loaded = false;
-
+
public function __construct($type, $content, $featureName = '')
{
$this->featureName = $featureName;
@@ -39,11 +39,11 @@
public function getContent()
{
- if (!$this->loaded && $this->type == 'FILE') {
+ if (! $this->loaded && $this->type == 'FILE') {
if (Config::get('compress_javascript')) {
$dataCache = Config::get('data_cache');
$dataCache = new $dataCache();
- if (!($content = $dataCache->get(md5($this->content)))) {
+ if (! ($content = $dataCache->get(md5($this->content)))) {
$content = JsMin::minify(JsLibrary::loadData($this->content, $this->type));
$dataCache->set(md5($this->content), $content);
$this->content = $content;
Modified: incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
@@ -1,10 +1,6 @@
<?php
class JsonRpcGadgetContext extends GadgetContext {
- private $locale = null;
- private $view = null;
- private $url = null;
- private $container = null;
public function __construct($jsonContext, $url)
{
@@ -15,23 +11,8 @@
$this->container = $jsonContext->container;
}
- public function getUrl()
- {
- return $this->url;
- }
-
public function getView()
{
return $this->view;
}
-
- public function getLocale()
- {
- return $this->locale;
- }
-
- public function getContainer()
- {
- return $this->container;
- }
}
\ No newline at end of file
Added: incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php Wed May 21 09:58:52 2008
@@ -0,0 +1,10 @@
+<?php
+
+class ProxyGadgetContext extends GadgetContext {
+
+ public function __construct($url)
+ {
+ parent::__construct('GADGET');
+ $this->url = $url;
+ }
+}
Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed May 21 09:58:52 2008
@@ -29,11 +29,15 @@
*
*/
class ProxyHandler {
- private $context;
+ private $context;
+ private $signingFetcher;
+ private $oauthFetcher;
- public function __construct($context)
+ public function __construct($context, $signingFetcher = null, $oauthFetcher = null)
{
- $this->context = $context;
+ $this->context = $context;
+ $this->signingFetcher = $signingFetcher;
+ $this->oauthFetcher = $oauthFetcher;
}
/**
@@ -51,11 +55,21 @@
$token = '';
// no token given, safe to ignore
}
- $originalUrl = $this->validateUrl($url);
- $signedUrl = $this->signUrl($originalUrl, $token);
+ $url = $this->validateUrl($url);
// Fetch the content and convert it into JSON.
// TODO: Fetcher needs to handle variety of HTTP methods.
- $result = $this->fetchContent($signedUrl, $method);
+ $result = $this->fetchContentDivert($url, $method, $signer);
+ if (!isset($result)) {
+ //OAuthFetcher only
+ $metadata = $this->oauthFetcher->getResponseMetadata();
+ $json = array($url => $metadata);
+ $json = json_encode($json);
+ $output = UNPARSEABLE_CRUFT . $json;
+ $this->setCachingHeaders();
+ header("Content-Type: application/json; charset=utf-8", true);
+ echo $output;
+ die();
+ }
$status = (int)$result->getHttpCode();
//header("HTTP/1.1 $status", true);
if ($status == 200) {
@@ -174,10 +188,9 @@
$token = '';
// no token given, safe to ignore
}
- $originalUrl = $this->validateUrl($url);
- $signedUrl = $this->signUrl($originalUrl, $token);
+ $url = $this->validateUrl($url);
//TODO: Fetcher needs to handle variety of HTTP methods.
- $result = $this->fetchContent($signedUrl, $method);
+ $result = $this->fetchContent($url, $method);
// TODO: Fetcher needs to handle variety of HTTP methods.
$status = (int)$result->getHttpCode();
if ($status == 200) {
@@ -208,11 +221,11 @@
/**
* Both fetch and fetchJson call this function to retrieve the actual content
*
- * @param string $signedUrl the signed url to fetch
+ * @param string $url the url to fetch
* @param string $method either get or post
* @return the filled in request (RemoteContentRequest)
*/
- private function fetchContent($signedUrl, $method)
+ private function fetchContent($url, $method)
{
//TODO get actual character encoding from the request
@@ -250,14 +263,41 @@
}
// even if postData is an empty string, it will still post (since RemoteContentRquest checks if its false)
// so the request to POST is still honored
- $request = new RemoteContentRequest($signedUrl, $headers, $postData);
+ $request = new RemoteContentRequest($url, $headers, $postData);
$request = $this->context->getHttpFetcher()->fetch($request, $context);
} else {
- $request = new RemoteContentRequest($signedUrl, $headers);
+ $request = new RemoteContentRequest($url, $headers);
$request = $this->context->getHttpFetcher()->fetch($request, $context);
}
return $request;
}
+
+ private function fetchContentDivert($url, $method, $signer)
+ {
+ $authz = isset($_GET['authz']) ? $_GET['authz'] : (isset($_POST['authz']) ? $_POST['authz'] : '');
+ $token = $this->extractAndValidateToken($signer);
+ switch (strtoupper($authz)) {
+ case 'SIGNED':
+ $fetcher = $this->signingFetcher->getSigningFetcher(new BasicRemoteContentFetcher(), $token);
+ return $fetcher->fetch($url, $method);
+ case 'AUTHENTICATED':
+ $params = new OAuthRequestParams();
+ $fetcher = $this->signingFetcher->getSigningFetcher(new BasicRemoteContentFetcher(), $token);
+ $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
+ $this->oauthFetcher = $oAuthFetcherFactory->getOAuthFetcher($fetcher, $token, $params);
+ $request = new RemoteContentRequest($url);
+ $request->createRemoteContentRequestWithUri($url);
+ return $this->oauthFetcher->fetchRequest($request);
+ case 'NONE':
+ default:
+ return $this->fetchContent($url, $method);
+ }
+ }
+
+ public function setContentFetcher($contentFetcherFactory)
+ {
+ $this->contentFetcherFactory = $contentFetcherFactory;
+ }
/**
* Sets the caching headers (overwriting anything the remote host set) to force
@@ -282,6 +322,7 @@
private function validateUrl($url)
{
//TODO should really make a PHP version of the URI class and validate in all the locations the java version does
+ // why not use Zend::Uri:
return $url;
}
@@ -293,40 +334,17 @@
* @return string the token to use in the signed url
*/
private function extractAndValidateToken($signer)
- {
- if ($signer == null) {
- return null;
- }
- $token = isset($_GET["st"]) ? $_GET["st"] : false;
- if ($token) {
- $token = isset($_POST['st']) ? $_POST['st'] : '';
- }
+ {
+ if ($signer == null) {
+ return null;
+ }
+ $token = isset($_GET["st"]) ? $_GET["st"] : '';
+ if (!isset($token) || $token == '') {
+ $token = isset($_POST['st']) ? $_POST['st'] : '';
+ }
return $signer->createToken($token);
}
-
- /**
- * Signs a url with the SecurityToken
- *
- * @param string $originalUrl
- * @param SecurityToken $token
- * @return unknown
- */
- private function signUrl($originalUrl, $token)
- {
- $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
- if (! $authz) {
- $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
- }
- if ($token == null || $authz != 'signed') {
- return $originalUrl;
- }
- $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
- if ($method) {
- $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
- }
- return $token->signUrl($originalUrl, $method);
- }
-
+
private function request_headers()
{
// Try to use apache's request headers if available
Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php Wed May 21 09:58:52 2008
@@ -0,0 +1,42 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ *
+ */
+require 'src/common/HttpServlet.php';
+
+/**
+ * This class serves the public certificate, quick and dirty hack to make the certificate publicly accessible
+ * this combined with the hard coded location in SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
+ * for the oauth pub key location makes a working whole
+ */
+class CertServlet extends HttpServlet {
+
+ /**
+ * Handles the get file request, only called on url = /public.crt
+ * so this function has no logic other then to output the cert
+ */
+ public function doGet()
+ {
+ $file = Config::get('public_key_file');
+ if (!file_exists($file) || !is_readable($file)) {
+ throw new Exception("Invalid public key location ($file), check config and file permissions");
+ }
+ $this->setLastModified(filemtime($file));
+ readfile($file);
+ }
+}
Modified: incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php Wed May 21 09:58:52 2008
@@ -25,7 +25,7 @@
* the php version too
*/
class FilesServlet extends HttpServlet {
-
+
/**
* Handles the get file request, if the file exists and is in the correct
* location it's echo'd to the browser (with a basic content type guessing
@@ -46,14 +46,14 @@
die();
}
// if the file doesn't exist or can't be read, give a 404 error
- if (!file_exists($file) || !is_readable($file) || !is_file($file)) {
+ if (! file_exists($file) || ! is_readable($file) || ! is_file($file)) {
header("HTTP/1.0 404 Not Found", true);
echo "<html><body><h1>404 - Not Found</h1></body></html>";
die();
}
$dot = strrpos($file, '.');
if ($dot) {
- $ext = strtolower(substr($file, $dot+1));
+ $ext = strtolower(substr($file, $dot + 1));
if ($ext == 'html' || $ext == 'htm') {
$this->setContentType('text/html');
} elseif ($ext == 'js') {
Modified: incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php Wed May 21 09:58:52 2008
@@ -52,7 +52,7 @@
*/
class GadgetRenderingServlet extends HttpServlet {
private $context;
-
+
/**
* Creates the gadget using the GadgetServer class and calls outputGadget
*
@@ -71,11 +71,11 @@
$gadgetServer = new GadgetServer();
$gadget = $gadgetServer->processGadget($this->context);
$this->outputGadget($gadget, $this->context);
- } catch ( Exception $e ) {
+ } catch (Exception $e) {
$this->outputError($e);
}
}
-
+
/**
* If an error occured (Exception) this function echo's the Exception's message
* and if the config['debug'] is true, shows the debug backtrace in a div
@@ -95,7 +95,7 @@
}
echo "</body></html>";
}
-
+
/**
* Takes the gadget to output, and depending on its content type calls either outputHtml-
* or outputUrlGadget
@@ -107,15 +107,15 @@
{
$view = HttpUtil::getView($gadget, $context);
switch ($view->getType()) {
- case 'HTML' :
+ case 'HTML':
$this->outputHtmlGadget($gadget, $context, $view);
break;
- case 'URL' :
+ case 'URL':
$this->outputUrlGadget($gadget, $context, $view);
break;
}
}
-
+
/**
* Outputs a html content type gadget.
* It creates a html page, with the javascripts from the features inline into the page, plus
@@ -144,16 +144,13 @@
}
// Was a privacy policy header configured? if so set it
if (Config::get('P3P') != '') {
- header("P3P: ".Config::get('P3P'));
+ header("P3P: " . Config::get('P3P'));
}
- if (!$view->getQuirks()) {
+ if (! $view->getQuirks()) {
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n";
}
- echo "<html>\n<head>".
- "<style type=\"text/css\">".Config::get('gadget_css')."</style>".
- "</head><body>".
- "<script><!--\n";
- foreach ( $gadget->getJsLibraries() as $library ) {
+ echo "<html>\n<head>" . "<style type=\"text/css\">" . Config::get('gadget_css') . "</style>" . "</head><body>" . "<script><!--\n";
+ foreach ($gadget->getJsLibraries() as $library) {
$type = $library->getType();
if ($type == 'URL') {
// TODO: This case needs to be handled more gracefully by the js
@@ -173,15 +170,12 @@
// Forced libs first.
if (! empty($forcedLibs)) {
$libs = explode(':', $forcedLibs);
- echo sprintf($externFmt, Config::get('default_js_prefix').$this->getJsUrl($libs, $gadget)) . "\n";
+ echo sprintf($externFmt, Config::get('default_js_prefix') . $this->getJsUrl($libs, $gadget)) . "\n";
}
if (strlen($externJs) > 0) {
echo $externJs;
}
- echo "<script><!--\n".
- $this->appendJsConfig($context, $gadget).
- $this->appendMessages($gadget).
- "-->\n</script>\n";
+ echo "<script><!--\n" . $this->appendJsConfig($context, $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
$gadgetExceptions = array();
$content = $gadget->getSubstitutions()->substitute($view->getContent());
@@ -192,11 +186,9 @@
if (count($gadgetExceptions)) {
throw new GadgetException(print_r($gadgetExceptions, true));
}
- echo $content . "\n".
- "<script>gadgets.util.runOnLoadHandlers();</script>\n".
- "</body>\n</html>";
+ echo $content . "\n" . "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>\n</html>";
}
-
+
/**
* Output's a URL content type gadget, it adds libs=<list:of:js:libraries>.js and user preferences
* to the href url, and redirects the browser to it
@@ -215,7 +207,7 @@
$forcedLibs = Config::get('focedJsLibs');
if ($forcedLibs == null) {
$reqs = $gadget->getRequires();
- foreach ( $reqs as $key => $val ) {
+ foreach ($reqs as $key => $val) {
$libs[] = $key;
}
} else {
@@ -231,7 +223,7 @@
header('Location: ' . $redirURI);
die();
}
-
+
/**
* Returns the requested libs (from getjsUrl) with the libs_param_name prepended
* ie: in libs=core:caja:etc.js format
@@ -248,7 +240,7 @@
$ret .= $this->getJsUrl($libs, $gadget);
return $ret;
}
-
+
/**
* Returns the user preferences in &up_<name>=<val> format
*
@@ -259,7 +251,7 @@
private function getPrefsQueryString($prefVals)
{
$ret = '';
- foreach ( $prefVals->getPrefs() as $key => $val ) {
+ foreach ($prefVals->getPrefs() as $key => $val) {
$ret .= '&';
$ret .= Config::get('userpref_param_prefix');
$ret .= urlencode($key);
@@ -268,10 +260,10 @@
}
return $ret;
}
-
+
/**
* generates the library string (core:caja:etc.js) including a checksum of all the
- * javascript content (?v=<sha1 of js) for cache busting
+ * javascript content (?v=<md5 of js>) for cache busting
*
* @param string $libs
* @param Gadget $gadget
@@ -284,7 +276,7 @@
$buf = 'core';
} else {
$firstDone = false;
- foreach ( $libs as $lib ) {
+ foreach ($libs as $lib) {
if ($firstDone) {
$buf .= ':';
} else {
@@ -296,7 +288,7 @@
// Build a version string from the sha1() checksum of all included javascript
// to ensure the client always has the right version
$inlineJs = '';
- foreach ( $gadget->getJsLibraries() as $library ) {
+ foreach ($gadget->getJsLibraries() as $library) {
$type = $library->getType();
if ($type != 'URL') {
$inlineJs .= $library->getContent() . "\n";
@@ -305,14 +297,14 @@
$buf .= ".js?v=" . md5($inlineJs);
return $buf;
}
-
+
private function appendJsConfig($context, $gadget)
{
$container = $context->getContainer();
$containerConfig = $context->getContainerConfig();
$gadgetConfig = array();
$featureConfig = $containerConfig->getConfig($container, 'gadgets.features');
- foreach ( $gadget->getJsLibraries() as $library ) {
+ foreach ($gadget->getJsLibraries() as $library) {
$feature = $library->getFeatureName();
if (! isset($gadgetConfig[$feature]) && ! empty($featureConfig[$feature])) {
$gadgetConfig[$feature] = $featureConfig[$feature];
@@ -320,7 +312,7 @@
}
return "gadgets.config.init(" . json_encode($gadgetConfig) . ");\n";
}
-
+
private function appendMessages($gadget)
{
$msgs = '';
Modified: incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed May 21 09:58:52 2008
@@ -30,7 +30,7 @@
* to retrieve our features javascript code
*/
class JsServlet extends HttpServlet {
-
+
public function doGet()
{
$this->noHeaders = true;
Modified: incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php Wed May 21 09:58:52 2008
@@ -26,6 +26,8 @@
require 'src/common/RemoteContent.php';
require 'src/common/Cache.php';
require 'src/common/RemoteContentFetcher.php';
+require 'src/gadgets/oauth/OAuth.php';
+require 'src/gadgets/oauth/OAuthStore.php';
class ProxyServlet extends HttpServlet {
@@ -39,6 +41,7 @@
if (! $url) {
$url = isset($_POST['url']) ? $_POST['url'] : false;
}
+ $url = urldecode($url);
$method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
if (! $method) {
$method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
@@ -49,7 +52,8 @@
}
$gadgetSigner = Config::get('security_token_signer');
$gadgetSigner = new $gadgetSigner();
- $proxyHandler = new ProxyHandler($context);
+ $signingFetcherFactory = new SigningFetcherFactory(Config::get("private_key_file"));
+ $proxyHandler = new ProxyHandler($context, $signingFetcherFactory);
if (! empty($_GET['output']) && $_GET['output'] == 'js') {
$proxyHandler->fetchJson($url, $gadgetSigner, $method);
} else {
Added: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php Wed May 21 09:58:52 2008
@@ -0,0 +1,216 @@
+<?php
+/*
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ * Implements signed fetch based on the OAuth request signing algorithm.
+ *
+ * Subclasses can override signMessage to use their own crypto if they don't
+ * like the oauth.net code for some reason.
+ *
+ * Instances of this class are only accessed by a single thread at a time,
+ * but instances may be created by multiple threads.
+ */
+class SigningFetcher extends RemoteContentFetcher {
+
+ protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
+ protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
+ protected static $OPENSOCIAL_APPID = "opensocial_app_id";
+ protected static $XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
+ protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
+
+ //protected final TimeSource clock = new TimeSource();
+
+ /**
+ * Authentication token for the user and gadget making the request.
+ */
+ protected $authToken;
+
+ /**
+ * Private key we pass to the OAuth RSA_SHA1 algorithm.This can be a
+ * PrivateKey object, or a PEM formatted private key, or a DER encoded byte
+ * array for the private key.(No, really, they accept any of them.)
+ */
+ protected $privateKeyObject;
+
+ /**
+ * The name of the key, included in the fetch to help with key rotation.
+ */
+ protected $keyName;
+
+ /**
+ * Constructor based on signing with the given PrivateKey object.
+ *
+ * @param authToken verified gadget security token
+ * @param keyName name of the key to include in the request
+ * @param privateKey the key to use for the signing
+ */
+ public static function makeFromPrivateKey($next, $authToken, $keyName, $privateKey)
+ {
+ return new SigningFetcher($next, $authToken, $keyName, $privateKey);
+ }
+
+ /**
+ * Constructor based on signing with the given PrivateKey object.
+ *
+ * @param authToken verified gadget security token
+ * @param keyName name of the key to include in the request
+ * @param privateKey base64 encoded private key
+ */
+ public static function makeFromB64PrivateKey($next, $authToken, $keyName, $privateKey)
+ {
+ return new SigningFetcher($next, $authToken, $keyName, $privateKey);
+ }
+
+ /**
+ * Constructor based on signing with the given PrivateKey object.
+ *
+ * @param authToken verified gadget security token
+ * @param keyName name of the key to include in the request
+ * @param privateKey DER encoded private key
+ */
+ public static function makeFromPrivateKeyBytes($next, $authToken, $keyName, $privateKey)
+ {
+ return new SigningFetcher($next, $authToken, $keyName, $privateKey);
+ }
+
+ protected function __construct($next, $authToken, $keyName, $privateKeyObject)
+ {
+ parent::setNextFetcher($next);
+ $this->authToken = $authToken;
+ $this->keyName = $keyName;
+ $this->privateKeyObject = $privateKeyObject;
+ }
+
+ public function fetchRequest($request)
+ {
+ return $this->getNextFetcher()->fetchRequest($request);
+ }
+
+ public function fetch($url, $method)
+ {
+ $signed = $this->signRequest($url, $method);
+ return $this->getNextFetcher()->fetchRequest($signed);
+ }
+
+ private function signRequest($url, $method)
+ {
+ try {
+ // Parse the request into parameters for OAuth signing, stripping out
+ // any OAuth or OpenSocial parameters injected by the client
+ ///////////////////////////////////////////////
+ require 'src/common/Zend/Uri.php';
+ $uri = Zend_Uri::factory($url);
+ $resource = $uri->getUri();
+ $queryParams = $this->sanitize($_GET);
+ $postParams = $this->sanitize($_POST);
+ $msgParams = array();
+ $msgParams = array_merge($msgParams, $queryParams);
+ $msgParams = array_merge($msgParams, $postParams);
+
+ // TODO: is this ok?
+ //$msgParams = array();
+ $this->addOpenSocialParams($msgParams);
+ $this->addOAuthParams($msgParams);
+
+ // Build and sign the OAuthMessage; note that the resource here has
+ // no query string, the parameters are all in msgParams
+ //$message = new OAuthMessage($method, $resource, $msgParams);
+
+ ////////////////////////////////////////////////
+ $consumer = new OAuthConsumer(NULL, NULL, NULL);
+ $consumer->setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this->privateKeyObject);
+ $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
+
+ $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL, $method, $resource, $msgParams);
+ $req_req->sign_request($signatureMethod, $consumer, NULL);
+
+ // Rebuild the query string, including all of the parameters we added.
+ // We have to be careful not to copy POST parameters into the query.
+ // If post and query parameters share a name, they end up being removed
+ // from the query.
+ $forPost = array();
+ foreach ($postParams as $key => $param) {
+ $forPost[$key] = $param;
+ }
+ $newQuery = array();
+ foreach ($req_req->get_parameters() as $key => $param) {
+ if (! isset($forPost[$key])) {
+ $newQuery[$key] = $param;
+ }
+ }
+
+ // Careful here; the OAuth form encoding scheme is slightly different than
+ // the normal form encoding scheme, so we have to use the OAuth library
+ // formEncode method.
+ $uri->setQuery($newQuery);
+ return new RemoteContentRequest($uri->getUri());
+ } catch (Exception $e) {
+ throw new GadgetException($e);
+ }
+ }
+
+ private function addOpenSocialParams(&$msgParams)
+ {
+ $owner = $this->authToken->getOwnerId();
+ if ($owner != null) {
+ $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
+ }
+ $viewer = $this->authToken->getViewerId();
+ if ($viewer != null) {
+ $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
+ }
+ $app = $this->authToken->getAppId();
+ if ($app != null) {
+ $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
+ }
+ }
+
+ private function addOAuthParams(&$msgParams)
+ {
+ $msgParams[OAuth::$OAUTH_TOKEN] = '';
+ $domain = $this->authToken->getDomain();
+ if ($domain != null) {
+ $msgParams[OAuth::$OAUTH_CONSUMER_KEY] = 'partuza.chabotc.com'; //$domain;
+ }
+ if ($this->keyName != null) {
+ $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
+ }
+ $nonce = OAuthRequest::generate_nonce();
+ $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
+ $timestamp = time();
+ $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
+ $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
+ }
+
+ /**
+ * Strip out any owner or viewer id passed by the client.
+ */
+ private function sanitize($params)
+ {
+ $list = array();
+ foreach ($params as $key => $p) {
+ if ($this->allowParam($key)) {
+ $list[$key] = $p;
+ }
+ }
+ return $list;
+ }
+
+ private function allowParam($paramName)
+ {
+ $canonParamName = strtolower($paramName);
+ return (! (substr($canonParamName, 0, 5) == "oauth" || substr($canonParamName, 0, 6) == "xoauth" || substr($canonParamName, 0, 9) == "opensocial")) && ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
+ }
+}
Added: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php Wed May 21 09:58:52 2008
@@ -0,0 +1,86 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+/**
+ * Produces Signing content fetchers for input tokens.
+ */
+class SigningFetcherFactory {
+ private $keyName;
+ private $privateKey;
+
+ /**
+ * Produces a signing fetcher that will sign requests and delegate actual
+ * network retrieval to the {@code networkFetcher}
+ *
+ * @param networkFetcher The fetcher that will be doing actual work.
+ * @param token The gadget token used for extracting signing parameters.
+ * @return The signing fetcher.
+ * @throws GadgetException
+ */
+ public function getSigningFetcher($networkFetcher, $token)
+ {
+ return SigningFetcher::makeFromB64PrivateKey($networkFetcher, $token, $this->keyName, $this->privateKey);
+ }
+
+ /**
+ * @param keyFile The file containing your private key for signing requests.
+ */
+ public function __construct($keyFile = null)
+ {
+ $this->keyName = 'http://'.$_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
+ if (! empty($keyFile)) {
+ $privateKey = null;
+ try {
+ // check if the converted from PKCS8 key is in cache, if not, convert it
+ $cache = Config::get('data_cache');
+ $cache = new $cache();
+ if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this->keyName)) !== false) {
+ $rsa_private_key = $cachedKey;
+ } else {
+ if (! $rsa_private_key = @file_get_contents($keyFile)) {
+ throw new Exception("Could not read keyfile ($keyFile), check the file name and permission");
+ }
+ // TODO: sending NULL as a second param to openssl_pkey_get_private works?
+ $phrase = Config::get('private_key_phrase') != '' ? (Config::get('private_key_phrase')) : null;
+ if (($privateKey = @openssl_pkey_get_private($rsa_private_key, $phrase)) == false) {
+ //TODO: double check if can input keyfile -inform PEM
+ if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
+ throw new Exception("Could not create temporary file");
+ }
+ if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
+ throw new Exception("Could not write to temporary file");
+ }
+ if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
+ throw new Exception("Could not create temporary file");
+ }
+ exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
+ if (! $rsa_private_key = @file_get_contents($out)) {
+ throw new Exception("Could not read temporary file");
+ }
+ }
+ $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName), $rsa_private_key);
+ }
+ } catch (Exception $e) {
+ throw new Exception("Error loading private key: " . $e);
+ }
+ $this->privateKey = $rsa_private_key;
+ }
+ }
+}
Added: incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
@@ -0,0 +1,112 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
+
+ /** default location for consumer keys and secrets */
+ private $OAUTH_CONFIG = "../config/oauth.json";
+ private $CONSUMER_SECRET_KEY = "consumer_secret";
+ private $CONSUMER_KEY_KEY = "consumer_key";
+ private $KEY_TYPE_KEY = "key_type";
+
+ public function __construct($store)
+ {
+ parent::__construct($store);
+ }
+
+ public function initFromConfigFile($fetcher)
+ {
+ // Read our consumer keys and secrets from config/oauth.js
+ // This actually involves fetching gadget specs
+ try {
+ $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
+
+ // remove all comments because this confuses the json parser
+ // note: the json parser also crashes on trailing ,'s in records so please don't use them
+ $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '', $oauthConfigStr);
+ $oauthConfig = json_decode($contents, true);
+ foreach ($oauthConfig as $gadgetUri => $value) {
+ $this->storeProviderInfos($fetcher, $gadgetUri);
+ $this->storeConsumerInfos($gadgetUri, $value);
+ }
+ } catch (Exception $e) {
+ throw new GadgetException($e);
+ }
+ }
+
+ private function storeProviderInfos($fetcher, $gadgetUri)
+ {
+ $cache = Config::get('data_cache');
+ $cache = new $cache();
+
+ // determine which requests we can load from cache, and which we have to actually fetch
+ if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
+ $gadget = $cachedRequest;
+ } else {
+ $remoteContentRequest = new RemoteContentRequest($gadgetUri);
+ $remoteContentRequest->getRequest($gadgetUri, false);
+ $response = $fetcher->fetchRequest($remoteContentRequest);
+ $context = new ProxyGadgetContext($gadgetUri);
+ $spec = new GadgetSpecParser();
+ $gadget = $spec->parse($response->getResponseContent(), $context);
+ $cache->set(md5($gadgetUri), $gadget);
+ }
+ parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
+ }
+
+ private function storeConsumerInfos($gadgetUri, $oauthConfig)
+ {
+ foreach ($oauthConfig as $key => $value) {
+ $serviceName = $key;
+ $consumerInfo = $value;
+ $this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
+ }
+ }
+
+ private function storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo)
+ {
+ $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
+ $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
+ $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
+ $keyType = 'HMAC_SYMMETRIC';
+
+ if ($keyTypeStr == "RSA_PRIVATE") {
+ $keyType = 'RSA_PRIVATE';
+ // check if the converted from PKCS8 key is in cache, if not, convert it
+ $cache = Config::get('data_cache');
+ $cache = new $cache();
+
+ if (($cachedRequest = $cache->get(md5("RSA_KEY_" . $serviceName))) !== false) {
+ $consumerSecret = $cachedRequest;
+ } else {
+ $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
+ file_put_contents($in, base64_decode($consumerInfo[$this->CONSUMER_SECRET_KEY]));
+ $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
+ exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
+ $consumerSecret = file_get_contents($out);
+ $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
+ }
+ }
+
+ $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret, $keyType);
+ $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
+ }
+
+}
Added: incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php (added)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php Wed May 21 09:58:52 2008
@@ -0,0 +1,149 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+class OAuthNoDataException extends Exception {}
+
+class BasicOAuthStore implements OAuthStore {
+
+ private $providers = array();
+ private $tokens = array();
+
+ private $defaultConsumerKey;
+ private $defaultConsumerSecret;
+
+ public function __construct($consumerKey = null, $privateKey = null)
+ {
+ $this->defaultConsumerKey = $consumerKey;
+ $this->defaultConsumerSecret = $privateKey;
+ }
+
+ public function setHashMapsForTesting($providers, $tokens)
+ {
+ $this->providers = $providers;
+ $this->tokens = $tokens;
+ }
+
+ public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
+ {
+ $provKey = new ProviderKey();
+ $provKey->setGadgetUri($tokenKey->getGadgetUri());
+ $provKey->setServiceName($tokenKey->getServiceName());
+ //AccesorInfo
+ $result = $this->getOAuthAccessorProviderKey($provKey);
+ //TokenInfo
+ $accessToken = $this->getTokenInfo($tokenKey);
+ if ($accessToken != null) {
+ // maybe convert into methods
+ $result->getAccessor()->accessToken = $accessToken->getAccessToken();
+ $result->getAccessor()->tokenSecret = $accessToken->getTokenSecret();
+ }
+ return $result;
+ }
+
+ private function getOAuthAccessorProviderKey(ProviderKey $providerKey)
+ {
+ //ProviderInfo
+ $provInfo = $this->getProviderInfo($providerKey);
+
+ if ($provInfo == null) {
+ throw new OAuthNoDataException("provider info was null in oauth store");
+ }
+ //AccesorInfo
+ $result = new AccesorInfo();
+ $result->setHttpMethod($provInfo->getHttpMethod());
+ $result->setParamLocation($provInfo->getParamLocation());
+
+ //ConsumerKeyAndSecret
+ $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
+
+ if ($consumerKeyAndSecret == null) {
+ if ($this->defaultConsumerKey == null || $this->defaultConsumerSecret == null) {
+ throw new OAuthNoDataException("ConsumerKeyAndSecret was null in oauth store");
+ } else {
+ $consumerKeyAndSecret = new ConsumerKeyAndSecret($this->defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::$KeyType['RSA_PRIVATE']);
+ }
+ }
+
+ //OAuthServiceProvider
+ $oauthProvider = $provInfo->getProvider();
+
+ if (! isset($oauthProvider)) {
+ throw new OAuthNoDataException("OAuthService provider was null in oauth store");
+ }
+
+ // Accesing the class
+ $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() == OAuthStoreVars::$KeyType['RSA_PRIVATE']);
+
+ //OAuthConsumer
+ $consumer = ($usePublicKeyCrypto) ? new OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null, $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(), $oauthProvider);
+
+ if ($usePublicKeyCrypto) {
+ $consumer->setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $consumerKeyAndSecret->getConsumerSecret());
+ $result->setSignatureType(OAuthStoreVars::$SignatureType['RSA_SHA1']);
+ } else {
+ $result->setSignatureType(OAuthStoreVars::$SignatureType['HMAC_SHA1']);
+ }
+
+ $result->setAccessor(new OAuthAccessor($consumer));
+ return $result;
+ }
+
+ public function getOAuthServiceProviderInfo($providerKey)
+ {
+ $provInfo = $this->providers->get($providerKey);
+
+ if ($provInfo == null) {
+ throw new OAuthNoDataException("provider info was null in oauth store");
+ }
+
+ return $provInfo;
+ }
+
+ public function setOAuthConsumerKeyAndSecret($providerKey, $keyAndSecret)
+ {
+ //ProviderInfo
+ $value = $this->getProviderInfo($providerKey);
+ if ($value == null) {
+ throw new OAuthNoDataException("could not find provider data for token");
+ }
+ $value->setKeyAndSecret($keyAndSecret);
+ }
+
+ public function setOAuthServiceProviderInfo($providerKey, $providerInfo)
+ {
+ $this->providers[md5(serialize($providerKey))] = $providerInfo;
+ }
+
+ public function setTokenAndSecret($tokenKey, $tokenInfo)
+ {
+ $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
+ }
+
+ private function getProviderInfo($providerKey)
+ {
+ $key = md5(serialize($providerKey));
+ return isset($this->providers[$key]) ? $this->providers[$key] : null;
+ }
+
+ private function getTokenInfo($tokenKey)
+ {
+ $key = md5(serialize($tokenKey));
+ return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
+ }
+}
\ No newline at end of file
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Oh and make sure you clean your cache dir with:
rm -rf /tmp/shindig
i see your features javascript is in the wrong order, which i fixed a
bit earlier today and you have to clean your cache for the changes to
take
-- Chris
On May 22, 2008, at 11:11 AM, Lini H - Clarion, India wrote:
> chris,
>
> You can check at http://125.18.107.185/mhr/trunk/php/gadgets/files/container/sample1.html
> . Also the server at http://125.18.107.185/mhr/trunk/php/gadgets/ifr?url=http://www.google.com/ig/modules/horoscope.xml
>
> The same is working with previous one at http://125.18.107.185/mhr/shindig-5-9/php/gadgets/files/container/sample1.html
>
> Regards
> Lini Haridas
> Software Engineer
>
> lini.haridas@clariontechnologies.co.in
> Clarion Technologies
> SEI CMMI Level 3 Company
>
> 4th Floor, Great Eastern Plaza,
> Airport Road,
> Pune- 411 006,
> Maharashtra, India.
> Phone: +91 20 66020289
> Mobile: +91 9823435917
> www.clariontechnologies.co.in
> ----- Original Message -----
> From: "Chris Chabot" <ch...@xs4all.nl>
> To: <sh...@incubator.apache.org>
> Sent: Thursday, May 22, 2008 2:18 PM
> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>
>
>> I cant really think of a meaningful answer on this unless you give me
>> some more info..
>>
>> Did it use to work?
>> Did you clean your cache? (rm -rf /tmp/shindig)
>>
>> What gadgets?
>> Not all gadgets 'just work' (specifically ones that required the
>> gadget writers to enable your domain, or require your keys), oauth/
>> signed request based gadgets requires you to generate keys.. and
>> some
>> gadgets have platform specific stuff in them (hi5/myspace/orkut/etc)
>> or hard coded values that only work on a specific platform ....
>> So 'gadgets' is giving me no info what so ever which of these things
>> could be happening, or if it's really a problem in shindig :)
>>
>> 'Giving errors' it would help a LOT if you could tell me what exact
>> error your receiving, then i could try to make an educated guess
>> towards what might be causing this
>>
>> Since i can't look on your monitor from here, you will have to feed
>> me
>> a bit more info please :)
>>
>> -- Chris
>>
>> On May 22, 2008, at 10:41 AM, Lini H - Clarion, India wrote:
>>
>>> Chris,
>>>
>>> I only mean that the new shindig downloaded is not rendering the
>>> gadgets and is giving errors (after making the config/htaccess
>>> changes). The server is giving gadget errors also the sample html
>>> files.
>>>
>>> Regards
>>> Lini Haridas
>>> Software Engineer
>>>
>>> lini.haridas@clariontechnologies.co.in
>>> Clarion Technologies
>>> SEI CMMI Level 3 Company
>>>
>>> 4th Floor, Great Eastern Plaza,
>>> Airport Road,
>>> Pune- 411 006,
>>> Maharashtra, India.
>>> Phone: +91 20 66020289
>>> Mobile: +91 9823435917
>>> www.clariontechnologies.co.in
>>> ----- Original Message -----
>>> From: "Chris Chabot" <ch...@xs4all.nl>
>>> To: <sh...@incubator.apache.org>
>>> Sent: Thursday, May 22, 2008 2:05 PM
>>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>>> trunk/
>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>>
>>>
>>>> Could you by any chance be more specific?
>>>>
>>>> Things like:
>>>> Where are you trying this
>>>> what are you trying (what gadget/feature/etc)
>>>> what is the result (error messages or anything?)
>>>>
>>>> Would help a lot ! :)
>>>>
>>>> I have a couple of gadgets (horoscope, set title test module,
>>>> opensocial 0.7 tests, social hello world) on my profile on
>>>> partuza.chabotc.com and their working fine for me..
>>>>
>>>> -- Chris
>>>>
>>>> On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
>>>>
>>>>> Hi chris,
>>>>>
>>>>> Sorry, but its still not working..
>>>>>
>>>>> Regards
>>>>> Lini Haridas
>>>>> Software Engineer
>>>>>
>>>>> lini.haridas@clariontechnologies.co.in
>>>>> Clarion Technologies
>>>>> SEI CMMI Level 3 Company
>>>>>
>>>>> 4th Floor, Great Eastern Plaza,
>>>>> Airport Road,
>>>>> Pune- 411 006,
>>>>> Maharashtra, India.
>>>>> Phone: +91 20 66020289
>>>>> Mobile: +91 9823435917
>>>>> www.clariontechnologies.co.in
>>>>> ----- Original Message -----
>>>>> From: "Chris Chabot" <ch...@xs4all.nl>
>>>>> To: <sh...@incubator.apache.org>
>>>>> Sent: Thursday, May 22, 2008 1:32 PM
>>>>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>>>>> trunk/
>>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>>>>> http/
>>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>>> http/
>>>>>
>>>>>
>>>>>> Should be working again
>>>>>>
>>>>>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>>>>>
>>>>>>> Hi Chris,
>>>>>>>
>>>>>>> The shindig is not working after the new code changes. I also
>>>>>>> checked on http://shindig.chabotc.com and none of the samples
>>>>>>> neither the gadget is working. Is any work still missing on
>>>>>>> this?
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>> Lini Haridas
>>>>>>> Software Engineer
>>>>>>>
>>>>>>> lini.haridas@clariontechnologies.co.in
>>>>>>> Clarion Technologies
>>>>>>> SEI CMMI Level 3 Company
>>>>>>>
>>>>>>> 4th Floor, Great Eastern Plaza,
>>>>>>> Airport Road,
>>>>>>> Pune- 411 006,
>>>>>>> Maharashtra, India.
>>>>>>> Phone: +91 20 66020289
>>>>>>> Mobile: +91 9823435917
>>>>>>> www.clariontechnologies.co.in
>>>>>>>
>>>>>>> ----- Original Message -----
>>>>>>> From: <ch...@apache.org>
>>>>>>> To: <sh...@incubator.apache.org>
>>>>>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>>>>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/
>>>>>>> trunk/
>>>>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>>>>>>> http/
>>>>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>>>>> http/
>>>>>>>
>>>>>>>
>>>>>>>> Author: chabotc
>>>>>>>> Date: Wed May 21 09:58:52 2008
>>>>>>>> New Revision: 658758
>>>>>>>>
>>>>>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>>>>>> Log:
>>>>>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>>>>>> great work on this. This patch implements OAuth and signed
>>>>>>>> request
>>>>>>>> support
>>>>>>>>
>>>>>>>> Added:
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> GadgetOAuthTokenStore.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> OAuthFetcherFactory.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> OAuthRequestParams.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> OAuthServiceProvider.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>>>>>> Modified:
>>>>>>>> incubator/shindig/trunk/php/config.php
>>>>>>>> incubator/shindig/trunk/php/index.php
>>>>>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>>>>>> BasicBlobCrypter.php
>>>>>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>>>>>> GadgetDataServlet.php
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/config.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52
>>>>>>>> 2008
>>>>>>>> @@ -1,4 +1,4 @@
>>>>>>>> -<?
>>>>>>>> +<?php
>>>>>>>> /*
>>>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>>>> @@ -45,7 +45,7 @@
>>>>>>>> // Configurable CSS rules that are injected to the gadget page,
>>>>>>>> // be careful when adjusting these not to break most gadget's
>>>>>>>> layouts :)
>>>>>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>>> serif;}
>>>>>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>>>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>>>>>> color:white;}',
>>>>>>>> - // 'gadget_css' => 'body,td,div,span,p{font-
>>>>>>>> family:arial,sans-
>>>>>>>> serif;} body {background-color:#ffffff; font-family: arial,
>>>>>>>> sans-
>>>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>>>> input,
>>>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>>>> 3px;}',
>>>>>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>>> serif;} body {background-color:#ffffff; font-family: arial,
>>>>>>>> sans-
>>>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>>>> input,
>>>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>>>> 3px;}',
>>>>>>>>
>>>>>>>> // The html / javascript samples use a plain text demo token,
>>>>>>>> // set this to false on anything resembling a real site
>>>>>>>> @@ -96,6 +96,13 @@
>>>>>>>> // global cache age policy and location
>>>>>>>> 'cache_time' => 24 * 60 * 60,
>>>>>>>> 'cache_root' => '/tmp/shindig',
>>>>>>>> +
>>>>>>>> + // OAuth private key Path
>>>>>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>>>> private.key',
>>>>>>>> + // file path to public RSA cert
>>>>>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>>>> public.crt',
>>>>>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>>>>>> + 'private_key_phrase' => 'partuza',
>>>>>>>>
>>>>>>>> // In some cases we need to know the site root (for features
>>>>>>>> forinstance)
>>>>>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/index.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52
>>>>>>>> 2008
>>>>>>>> @@ -1,4 +1,4 @@
>>>>>>>> -<?
>>>>>>>> +<?php
>>>>>>>> /*
>>>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>>>> @@ -48,7 +48,7 @@
>>>>>>>> // To load these, we scan our entire directory structure
>>>>>>>> function __autoload($className)
>>>>>>>> {
>>>>>>>> - $locations = array('src/common', 'src/common/
>>>>>>>> samplecontainer',
>>>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/
>>>>>>>> http',
>>>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>>>> samplecontainer');
>>>>>>>> + $locations = array('src/common', 'src/common/
>>>>>>>> samplecontainer',
>>>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/
>>>>>>>> http',
>>>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>>>> samplecontainer', 'src/gadgets/oauth');
>>>>>>>> // Check for the presense of this class in our all our
>>>>>>>> directories.
>>>>>>>> $fileName = $className.'.php';
>>>>>>>> foreach ($locations as $path) {
>>>>>>>> @@ -65,7 +65,8 @@
>>>>>>>> Config::get('web_prefix') . '/gadgets/proxy' =>
>>>>>>>> 'ProxyServlet',
>>>>>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>>>>>> 'GadgetRenderingServlet',
>>>>>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>>>>>> 'JsonRpcServlet',
>>>>>>>> - Config::get('web_prefix') . '/social/data' =>
>>>>>>>> 'GadgetDataServlet'
>>>>>>>> + Config::get('web_prefix') . '/social/data' =>
>>>>>>>> 'GadgetDataServlet',
>>>>>>>> + Config::get('web_prefix') . '/public.crt' =>
>>>>>>>> 'CertServlet'
>>>>>>>> );
>>>>>>>>
>>>>>>>> // Try to match the request url to our servlet mapping
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>>>>>> 09:58:52 2008
>>>>>>>> @@ -1,4 +1,5 @@
>>>>>>>> <?php
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>>>>>> *
>>>>>>>> @@ -48,243 +49,248 @@
>>>>>>>> class JsMinException extends Exception {}
>>>>>>>>
>>>>>>>> class JsMin {
>>>>>>>> - const ORD_LF = 10;
>>>>>>>> - const ORD_SPACE = 32;
>>>>>>>> -
>>>>>>>> - protected $a = '';
>>>>>>>> - protected $b = '';
>>>>>>>> - protected $input = '';
>>>>>>>> - protected $inputIndex = 0;
>>>>>>>> - protected $inputLength = 0;
>>>>>>>> - protected $lookAhead = null;
>>>>>>>> - protected $output = '';
>>>>>>>> -
>>>>>>>> - // -- Public Static Methods
>>>>>>>> --------------------------------------------------
>>>>>>>> -
>>>>>>>> - public static function minify($js) {
>>>>>>>> - $jsmin = new JsMin($js);
>>>>>>>> - return $jsmin->min();
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - // -- Public Instance Methods
>>>>>>>> ------------------------------------------------
>>>>>>>> -
>>>>>>>> - public function __construct($input) {
>>>>>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>>>>>> - $this->inputLength = strlen($this->input);
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - // -- Protected Instance Methods
>>>>>>>> ---------------------------------------------
>>>>>>>> -
>>>>>>>> - protected function action($d) {
>>>>>>>> - switch($d) {
>>>>>>>> - case 1:
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> -
>>>>>>>> - case 2:
>>>>>>>> - $this->a = $this->b;
>>>>>>>> -
>>>>>>>> - if ($this->a === "'" || $this->a === '"') {
>>>>>>>> - for (;;) {
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - $this->a = $this->get();
>>>>>>>> -
>>>>>>>> - if ($this->a === $this->b) {
>>>>>>>> - break;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>>>>>> - throw new JsMinException('Unterminated string
>>>>>>>> literal.');
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if ($this->a === '\\') {
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - $this->a = $this->get();
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - case 3:
>>>>>>>> - $this->b = $this->next();
>>>>>>>> -
>>>>>>>> - if ($this->b === '/' && (
>>>>>>>> - $this->a === '(' || $this->a === ',' || $this->a
>>>>>>>> ===
>>>>>>>> '=' ||
>>>>>>>> - $this->a === ':' || $this->a === '[' || $this->a
>>>>>>>> ===
>>>>>>>> '!' ||
>>>>>>>> - $this->a === '&' || $this->a === '|' || $this->a
>>>>>>>> ===
>>>>>>>> '?')) {
>>>>>>>> -
>>>>>>>> - $this->output .= $this->a . $this->b;
>>>>>>>> -
>>>>>>>> - for (;;) {
>>>>>>>> - $this->a = $this->get();
>>>>>>>> -
>>>>>>>> - if ($this->a === '/') {
>>>>>>>> - break;
>>>>>>>> - } elseif ($this->a === '\\') {
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - $this->a = $this->get();
>>>>>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>>>> - throw new JsMinException('Unterminated regular
>>>>>>>> expression '.
>>>>>>>> - 'literal.');
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - $this->b = $this->next();
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function get() {
>>>>>>>> - $c = $this->lookAhead;
>>>>>>>> - $this->lookAhead = null;
>>>>>>>> -
>>>>>>>> - if ($c === null) {
>>>>>>>> - if ($this->inputIndex < $this->inputLength) {
>>>>>>>> - $c = $this->input[$this->inputIndex];
>>>>>>>> - $this->inputIndex += 1;
>>>>>>>> - } else {
>>>>>>>> - $c = null;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if ($c === "\r") {
>>>>>>>> - return "\n";
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>>>>>> self::ORD_SPACE) {
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - return ' ';
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function isAlphaNum($c) {
>>>>>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\
>>>>>>>> $]
>>>>>>>> $/', $c) === 1;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function min() {
>>>>>>>> - $this->a = "\n";
>>>>>>>> - $this->action(3);
>>>>>>>> -
>>>>>>>> - while ($this->a !== null) {
>>>>>>>> - switch ($this->a) {
>>>>>>>> - case ' ':
>>>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - } else {
>>>>>>>> - $this->action(2);
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case "\n":
>>>>>>>> - switch ($this->b) {
>>>>>>>> - case '{':
>>>>>>>> - case '[':
>>>>>>>> - case '(':
>>>>>>>> - case '+':
>>>>>>>> - case '-':
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case ' ':
>>>>>>>> - $this->action(3);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - }
>>>>>>>> - else {
>>>>>>>> - $this->action(2);
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - switch ($this->b) {
>>>>>>>> - case ' ':
>>>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - $this->action(3);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case "\n":
>>>>>>>> - switch ($this->a) {
>>>>>>>> - case '}':
>>>>>>>> - case ']':
>>>>>>>> - case ')':
>>>>>>>> - case '+':
>>>>>>>> - case '-':
>>>>>>>> - case '"':
>>>>>>>> - case "'":
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - }
>>>>>>>> - else {
>>>>>>>> - $this->action(3);
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - return $this->output;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function next() {
>>>>>>>> - $c = $this->get();
>>>>>>>> -
>>>>>>>> - if ($c === '/') {
>>>>>>>> - switch($this->peek()) {
>>>>>>>> - case '/':
>>>>>>>> - for (;;) {
>>>>>>>> - $c = $this->get();
>>>>>>>> -
>>>>>>>> - if (ord($c) <= self::ORD_LF) {
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - case '*':
>>>>>>>> - $this->get();
>>>>>>>> -
>>>>>>>> - for (;;) {
>>>>>>>> - switch($this->get()) {
>>>>>>>> - case '*':
>>>>>>>> - if ($this->peek() === '/') {
>>>>>>>> - $this->get();
>>>>>>>> - return ' ';
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case null:
>>>>>>>> - throw new JsMinException('Unterminated
>>>>>>>> comment.');
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function peek() {
>>>>>>>> - $this->lookAhead = $this->get();
>>>>>>>> - return $this->lookAhead;
>>>>>>>> - }
>>>>>>>> + const ORD_LF = 10;
>>>>>>>> + const ORD_SPACE = 32;
>>>>>>>> +
>>>>>>>> + protected $a = '';
>>>>>>>> + protected $b = '';
>>>>>>>> + protected $input = '';
>>>>>>>> + protected $inputIndex = 0;
>>>>>>>> + protected $inputLength = 0;
>>>>>>>> + protected $lookAhead = null;
>>>>>>>> + protected $output = '';
>>>>>>>> +
>>>>>>>> + // -- Public Static Methods
>>>>>>>> --------------------------------------------------
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + public static function minify($js)
>>>>>>>> + {
>>>>>>>> + $jsmin = new JsMin($js);
>>>>>>>> + return $jsmin->min();
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // -- Public Instance Methods
>>>>>>>> ------------------------------------------------
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + public function __construct($input)
>>>>>>>> + {
>>>>>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>>>>>> + $this->inputLength = strlen($this->input);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // -- Protected Instance Methods
>>>>>>>> ---------------------------------------------
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + protected function action($d)
>>>>>>>> + {
>>>>>>>> + switch ($d) {
>>>>>>>> + case 1:
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> +
>>>>>>>> + case 2:
>>>>>>>> + $this->a = $this->b;
>>>>>>>> +
>>>>>>>> + if ($this->a === "'" || $this->a === '"') {
>>>>>>>> + for (; ; ) {
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + $this->a = $this->get();
>>>>>>>> +
>>>>>>>> + if ($this->a === $this->b) {
>>>>>>>> + break;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>>>>>> + throw new JsMinException('Unterminated string literal.');
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if ($this->a === '\\') {
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + $this->a = $this->get();
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + case 3:
>>>>>>>> + $this->b = $this->next();
>>>>>>>> +
>>>>>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ','
>>>>>>>> ||
>>>>>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' ||
>>>>>>>> $this-
>>>>>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a
>>>>>>>>> ===
>>>>>>>> '?')) {
>>>>>>>> +
>>>>>>>> + $this->output .= $this->a . $this->b;
>>>>>>>> +
>>>>>>>> + for (; ; ) {
>>>>>>>> + $this->a = $this->get();
>>>>>>>> +
>>>>>>>> + if ($this->a === '/') {
>>>>>>>> + break;
>>>>>>>> + } elseif ($this->a === '\\') {
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + $this->a = $this->get();
>>>>>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>>>>>> 'literal.');
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $this->b = $this->next();
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function get()
>>>>>>>> + {
>>>>>>>> + $c = $this->lookAhead;
>>>>>>>> + $this->lookAhead = null;
>>>>>>>> +
>>>>>>>> + if ($c === null) {
>>>>>>>> + if ($this->inputIndex < $this->inputLength) {
>>>>>>>> + $c = $this->input[$this->inputIndex];
>>>>>>>> + $this->inputIndex += 1;
>>>>>>>> + } else {
>>>>>>>> + $c = null;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if ($c === "\r") {
>>>>>>>> + return "\n";
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if ($c === null || $c === "\n" || ord($c) >=
>>>>>>>> self::ORD_SPACE) {
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return ' ';
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function isAlphaNum($c)
>>>>>>>> + {
>>>>>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>>>>>> $/',
>>>>>>>> $c) === 1;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function min()
>>>>>>>> + {
>>>>>>>> + $this->a = "\n";
>>>>>>>> + $this->action(3);
>>>>>>>> +
>>>>>>>> + while ($this->a !== null) {
>>>>>>>> + switch ($this->a) {
>>>>>>>> + case ' ':
>>>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + } else {
>>>>>>>> + $this->action(2);
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case "\n":
>>>>>>>> + switch ($this->b) {
>>>>>>>> + case '{':
>>>>>>>> + case '[':
>>>>>>>> + case '(':
>>>>>>>> + case '+':
>>>>>>>> + case '-':
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case ' ':
>>>>>>>> + $this->action(3);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + } else {
>>>>>>>> + $this->action(2);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + switch ($this->b) {
>>>>>>>> + case ' ':
>>>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $this->action(3);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case "\n":
>>>>>>>> + switch ($this->a) {
>>>>>>>> + case '}':
>>>>>>>> + case ']':
>>>>>>>> + case ')':
>>>>>>>> + case '+':
>>>>>>>> + case '-':
>>>>>>>> + case '"':
>>>>>>>> + case "'":
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + } else {
>>>>>>>> + $this->action(3);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return $this->output;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function next()
>>>>>>>> + {
>>>>>>>> + $c = $this->get();
>>>>>>>> +
>>>>>>>> + if ($c === '/') {
>>>>>>>> + switch ($this->peek()) {
>>>>>>>> + case '/':
>>>>>>>> + for (; ; ) {
>>>>>>>> + $c = $this->get();
>>>>>>>> +
>>>>>>>> + if (ord($c) <= self::ORD_LF) {
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + case '*':
>>>>>>>> + $this->get();
>>>>>>>> +
>>>>>>>> + for (; ; ) {
>>>>>>>> + switch ($this->get()) {
>>>>>>>> + case '*':
>>>>>>>> + if ($this->peek() === '/') {
>>>>>>>> + $this->get();
>>>>>>>> + return ' ';
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case null:
>>>>>>>> + throw new JsMinException('Unterminated comment.');
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function peek()
>>>>>>>> + {
>>>>>>>> + $this->lookAhead = $this->get();
>>>>>>>> + return $this->lookAhead;
>>>>>>>> + }
>>>>>>>> }
>>>>>>>>
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentFetcher.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentFetcher.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentFetcher.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -19,6 +19,18 @@
>>>>>>>> */
>>>>>>>>
>>>>>>>> abstract class RemoteContentFetcher {
>>>>>>>> +
>>>>>>>> + protected $fetcher;
>>>>>>>> +
>>>>>>>> + protected function setNextFetcher($fetcher = null)
>>>>>>>> + {
>>>>>>>> + $this->fetcher = $fetcher;
>>>>>>>> + }
>>>>>>>>
>>>>>>>> abstract public function fetchRequest($request);
>>>>>>>> +
>>>>>>>> + public function getNextFetcher()
>>>>>>>> + {
>>>>>>>> + return $this->fetcher;
>>>>>>>> + }
>>>>>>>> }
>>>>>>>> \ No newline at end of file
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentRequest.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentRequest.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentRequest.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -15,13 +15,14 @@
>>>>>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> * KIND, either express or implied. See the License for the
>>>>>>>> * specific language governing permissions and limitations under
>>>>>>>> the
>>>>>>>> License.
>>>>>>>> - *
>>>>>>>> + *
>>>>>>>> */
>>>>>>>>
>>>>>>>> class RemoteContentRequest {
>>>>>>>> // these are used for making the request
>>>>>>>> - private $url = '';
>>>>>>>> - private $headers = false;
>>>>>>>> + private $uri = '';
>>>>>>>> + private $method = '';
>>>>>>>> + private $headers = array();
>>>>>>>> private $postBody = false;
>>>>>>>> // these fields are filled in once the request has completed
>>>>>>>> private $responseContent = false;
>>>>>>>> @@ -29,20 +30,179 @@
>>>>>>>> private $responseHeaders = false;
>>>>>>>> private $httpCode = false;
>>>>>>>> private $contentType = null;
>>>>>>>> + private $options;
>>>>>>>> public $handle = false;
>>>>>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-
>>>>>>>> form-
>>>>>>>> urlencoded; charset=utf-8";
>>>>>>>> + public static $DEFAULT_OPTIONS = array();
>>>>>>>>
>>>>>>>> - public function __construct($url, $headers = false,
>>>>>>>> $postBody =
>>>>>>>> false)
>>>>>>>> + public function __construct($uri, $headers = false,
>>>>>>>> $postBody =
>>>>>>>> false)
>>>>>>>> {
>>>>>>>> - $this->url = $url;
>>>>>>>> + $this->uri = $uri;
>>>>>>>> $this->headers = $headers;
>>>>>>>> $this->postBody = $postBody;
>>>>>>>> }
>>>>>>>>
>>>>>>>> + public function createRemoteContentRequest($method, $uri,
>>>>>>>> $headers, $postBody, $options)
>>>>>>>> + {
>>>>>>>> + $this->method = $method;
>>>>>>>> + $this->uri = $uri;
>>>>>>>> + $this->options = $options;
>>>>>>>> + // Copy the headers
>>>>>>>> + if (! isset($headers)) {
>>>>>>>> + $this->headers = '';
>>>>>>>> + } else {
>>>>>>>> + $setPragmaHeader = false;
>>>>>>>> + $tmpHeaders = '';
>>>>>>>> + foreach ($headers as $key => $value) {
>>>>>>>> + // Proxies should be bypassed with the Pragma: no-cache
>>>>>>>> check.
>>>>>>>> + //TODO double check array is good for options
>>>>>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>>>>>> + $value = "no-cache";
>>>>>>>> + $setPragmaHeader = true;
>>>>>>>> + }
>>>>>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>>>>>> + }
>>>>>>>> + // Bypass caching in proxies as well.
>>>>>>>> + //TODO double check array is good for options
>>>>>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>>>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>>>>>> + }
>>>>>>>> + $this->headers = $tmpHeaders;
>>>>>>>> + }
>>>>>>>> + if (! isset($postBody)) {
>>>>>>>> + $this->postBody = '';
>>>>>>>> + } else {
>>>>>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>>>>>> + }
>>>>>>>> + $type = $this->getHeader("Content-Type");
>>>>>>>> + if (! isset($type)) {
>>>>>>>> + $this->contentType = RemoteContentRequest::
>>>>>>>> $DEFAULT_CONTENT_TYPE;
>>>>>>>> + } else {
>>>>>>>> + $this->contentType = $type;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Creates a new request to a different URL using all request
>>>>>>>> data
>>>>>>>> from
>>>>>>>> + * an existing request.
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + * @param base The base request to copy data from.
>>>>>>>> + */
>>>>>>>> + public static function
>>>>>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>>>>>> + {
>>>>>>>> + $this->uri = $uri;
>>>>>>>> + $this->method = $base->method;
>>>>>>>> + $this->options = $base->options;
>>>>>>>> + $this->headers = $base->headers;
>>>>>>>> + $this->contentType = $base->contentType;
>>>>>>>> + $this->postBody = $base->postBody;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Basic GET request.
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + */
>>>>>>>> + public function createRemoteContentRequestWithUri($uri)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * GET with options
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriOptions($uri,
>>>>>>>> $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * GET request with custom headers and default options
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + */
>>>>>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>>>>>> $headers)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers,
>>>>>>>> null,
>>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * GET request with custom headers + options
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>>>>>> $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers,
>>>>>>>> null,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Basic POST request
>>>>>>>> + * @param uri
>>>>>>>> + * @param postBody
>>>>>>>> + */
>>>>>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>>>>>> $postBody)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>>>> $postBody,
>>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * POST request with options
>>>>>>>> + * @param uri
>>>>>>>> + * @param postBody
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriPostBodyOptions($uri,
>>>>>>>> $postBody,
>>>>>>>> $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>>>> $postBody,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * POST request with headers
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + * @param postBody
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriHeadersPostBody($uri,
>>>>>>>> $headers,
>>>>>>>> $postBody)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * POST request with options + headers
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + * @param postBody
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>>>>>> $headers, $postBody, $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>>>> $postBody, $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Creates a simple GET request
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + * @param ignoreCache
>>>>>>>> + */
>>>>>>>> + public function getRequest($uri, $ignoreCache)
>>>>>>>> + {
>>>>>>>> + $options = new Options();
>>>>>>>> + $options->ignoreCache = $ignoreCache;
>>>>>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> // returns a hash code which identifies this request, used for
>>>>>>>> caching
>>>>>>>> - // takes url and postbody into account for constructing the
>>>>>>>> md5
>>>>>>>> checksum
>>>>>>>> + // takes url and postbody into account for constructing the
>>>>>>>> sha1
>>>>>>>> checksum
>>>>>>>> public function toHash()
>>>>>>>> {
>>>>>>>> - return md5($this->url . $this->postBody);
>>>>>>>> + return md5($this->uri . $this->postBody);
>>>>>>>> }
>>>>>>>>
>>>>>>>> public function getContentType()
>>>>>>>> @@ -92,7 +252,17 @@
>>>>>>>>
>>>>>>>> public function getUrl()
>>>>>>>> {
>>>>>>>> - return $this->url;
>>>>>>>> + return $this->uri;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getMethod()
>>>>>>>> + {
>>>>>>>> + return $this->method;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getOptions()
>>>>>>>> + {
>>>>>>>> + return $this->options;
>>>>>>>> }
>>>>>>>>
>>>>>>>> public function setContentType($type)
>>>>>>>> @@ -125,14 +295,37 @@
>>>>>>>> $this->headers = $headers;
>>>>>>>> }
>>>>>>>>
>>>>>>>> + //FIXME: Find a better way to do this
>>>>>>>> + // The headers can be an array of elements.
>>>>>>>> + public function getHeader($headerName)
>>>>>>>> + {
>>>>>>>> + $headers = explode("\n", $this->headers);
>>>>>>>> + foreach ($headers as $header) {
>>>>>>>> + $key = explode(":", $header);
>>>>>>>> + if ($key[0] == $headerName)
>>>>>>>> + return $key[1];
>>>>>>>> + }
>>>>>>>> + return null;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> public function setPostBody($postBody)
>>>>>>>> {
>>>>>>>> $this->postBody = $postBody;
>>>>>>>> }
>>>>>>>>
>>>>>>>> - public function setUrl($url)
>>>>>>>> + public function setUri($uri)
>>>>>>>> {
>>>>>>>> - $this->url = $url;
>>>>>>>> + $this->uri = $uri;
>>>>>>>> }
>>>>>>>>
>>>>>>>> -}
>>>>>>>> \ No newline at end of file
>>>>>>>> +}
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Bag of options for making a request.
>>>>>>>> + *
>>>>>>>> + * This object is mutable to keep us sane. Don't mess with it
>>>>>>>> once
>>>>>>>> you've
>>>>>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>>>>>> + */
>>>>>>>> +class Options {
>>>>>>>> + public $ignoreCache = false;
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/
>>>>>>>> Loader.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed
>>>>>>>> May
>>>>>>>> 21 09:58:52 2008
>>>>>>>> @@ -80,7 +80,7 @@
>>>>>>>> self::loadFile($file, $dirs, true);
>>>>>>>> } else {
>>>>>>>> self::_securityCheck($file);
>>>>>>>> - include_once $file;
>>>>>>>> + include_once 'src/common/'.$file;
>>>>>>>> }
>>>>>>>>
>>>>>>>> if (!class_exists($class, false) && !
>>>>>>>> interface_exists($class, false)) {
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetContext.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>>> Wed
>>>>>>>> May 21 09:58:52 2008
>>>>>>>> @@ -26,21 +26,21 @@
>>>>>>>> * Server wide variables are stored in config.php
>>>>>>>> */
>>>>>>>> class GadgetContext {
>>>>>>>> - private $httpFetcher = null;
>>>>>>>> - private $locale = null;
>>>>>>>> - private $renderingContext = null;
>>>>>>>> - private $registry = null;
>>>>>>>> - private $userPrefs = null;
>>>>>>>> - private $gadgetId = null;
>>>>>>>> - private $view = null;
>>>>>>>> - private $moduleId = null;
>>>>>>>> - private $url = null;
>>>>>>>> - private $cache = null;
>>>>>>>> - private $blacklist = null;
>>>>>>>> - private $ignoreCache = null;
>>>>>>>> - private $forcedJsLibs = null;
>>>>>>>> - private $containerConfig = null;
>>>>>>>> - private $container = null;
>>>>>>>> + protected $httpFetcher = null;
>>>>>>>> + protected $locale = null;
>>>>>>>> + protected $renderingContext = null;
>>>>>>>> + protected $registry = null;
>>>>>>>> + protected $userPrefs = null;
>>>>>>>> + protected $gadgetId = null;
>>>>>>>> + protected $view = null;
>>>>>>>> + protected $moduleId = null;
>>>>>>>> + protected $url = null;
>>>>>>>> + protected $cache = null;
>>>>>>>> + protected $blacklist = null;
>>>>>>>> + protected $ignoreCache = null;
>>>>>>>> + protected $forcedJsLibs = null;
>>>>>>>> + protected $containerConfig = null;
>>>>>>>> + protected $container = null;
>>>>>>>>
>>>>>>>> public function __construct($renderingContext)
>>>>>>>> {
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetSpecParser.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetSpecParser.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetSpecParser.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -36,7 +36,7 @@
>>>>>>>> }
>>>>>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>>>>>> // process ModulePref attributes
>>>>>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>>>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs,
>>>>>>>> $context);
>>>>>>>> // process UserPrefs, if any
>>>>>>>> foreach ($doc->UserPref as $pref) {
>>>>>>>> $this->processUserPref($gadget, $pref);
>>>>>>>> @@ -54,7 +54,7 @@
>>>>>>>> return $gadget;
>>>>>>>> }
>>>>>>>>
>>>>>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>>>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>>>>>> $context)
>>>>>>>> {
>>>>>>>> $attributes = $ModulePrefs->attributes();
>>>>>>>> if (empty($attributes['title'])) {
>>>>>>>> @@ -90,11 +90,11 @@
>>>>>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>>>>>> trim($attributes['scaling']) : '';
>>>>>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>>>>>> trim($attributes['scrolling']) : '';
>>>>>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>>>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>>>>>> + $gadget->localeSpecs[] = $this->processLocale($locale,
>>>>>>>> $context);
>>>>>>>> }
>>>>>>>> }
>>>>>>>>
>>>>>>>> - private function processLocale($locale)
>>>>>>>> + private function processLocale($locale, $context)
>>>>>>>> {
>>>>>>>> $attributes = $locale->attributes();
>>>>>>>> $messageAttr = isset($attributes['messages']) ?
>>>>>>>> trim($attributes['messages']) : '';
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed
>>>>>>>> May
>>>>>>>> 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,70 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> under
>>>>>>>> the License.
>>>>>>>> + *
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * An abstract representation of a signing token.
>>>>>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>>>>>> + */
>>>>>>>> +abstract class GadgetToken {
>>>>>>>> +
>>>>>>>> + //FIXME Hmm seems php is refusing to let me make abstract
>>>>>>>> static
>>>>>>>> functions? odd
>>>>>>>> + static public function createFromToken($token, $maxage) {}
>>>>>>>> + static public function createFromValues($owner, $viewer,
>>>>>>>> $app,
>>>>>>>> $domain, $appUrl, $moduleId) {}
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Serializes the token into a string. This can be the exact
>>>>>>>> same as
>>>>>>>> + * toString; using a different name here is only to force
>>>>>>>> interface
>>>>>>>> + * compliance.
>>>>>>>> + *
>>>>>>>> + * @return A string representation of the token.
>>>>>>>> + */
>>>>>>>> + abstract public function toSerialForm();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the owner from the token, or null if there is
>>>>>>>> none.
>>>>>>>> + */
>>>>>>>> + abstract public function getOwnerId();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the viewer from the token, or null if there is
>>>>>>>> none.
>>>>>>>> + */
>>>>>>>> + abstract public function getViewerId();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the application id from the token, or null if
>>>>>>>> there
>>>>>>>> is none.
>>>>>>>> + */
>>>>>>>> + abstract public function getAppId();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the domain from the token, or null if there is
>>>>>>>> none.
>>>>>>>> + */
>>>>>>>> + abstract public function getDomain();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the URL of the application
>>>>>>>> + */
>>>>>>>> + abstract public function getAppUrl();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the module ID of the application
>>>>>>>> + */
>>>>>>>> + abstract public function getModuleId();
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetTokenDecoder.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetTokenDecoder.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetTokenDecoder.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,34 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE
>>>>>>>> file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> + * under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Handles verification of gadget security tokens.
>>>>>>>> + */
>>>>>>>> +abstract class GadgetTokenDecoder {
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Decrypts and verifies a gadget security token to return a
>>>>>>>> gadget token.
>>>>>>>> + *
>>>>>>>> + * @param tokenString String representation of the token
>>>>>>>> to be
>>>>>>>> created.
>>>>>>>> + * @return The token representation of the input data.
>>>>>>>> + * @throws GadgetException If tokenString is not a valid
>>>>>>>> token
>>>>>>>> + */
>>>>>>>> + abstract public function createToken($tokenString);
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed
>>>>>>>> May
>>>>>>>> 21 09:58:52 2008
>>>>>>>> @@ -24,7 +24,7 @@
>>>>>>>> private $content;
>>>>>>>> private $featureName; // used to track what feature this
>>>>>>>> belongs to
>>>>>>>> private $loaded = false;
>>>>>>>> -
>>>>>>>> +
>>>>>>>> public function __construct($type, $content, $featureName = '')
>>>>>>>> {
>>>>>>>> $this->featureName = $featureName;
>>>>>>>> @@ -39,11 +39,11 @@
>>>>>>>>
>>>>>>>> public function getContent()
>>>>>>>> {
>>>>>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>>>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>>>>>> if (Config::get('compress_javascript')) {
>>>>>>>> $dataCache = Config::get('data_cache');
>>>>>>>> $dataCache = new $dataCache();
>>>>>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>>>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>>>>>> $content = JsMin::minify(JsLibrary::loadData($this->content,
>>>>>>>> $this-
>>>>>>>>> type));
>>>>>>>> $dataCache->set(md5($this->content), $content);
>>>>>>>> $this->content = $content;
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -1,10 +1,6 @@
>>>>>>>> <?php
>>>>>>>>
>>>>>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>>>>>> - private $locale = null;
>>>>>>>> - private $view = null;
>>>>>>>> - private $url = null;
>>>>>>>> - private $container = null;
>>>>>>>>
>>>>>>>> public function __construct($jsonContext, $url)
>>>>>>>> {
>>>>>>>> @@ -15,23 +11,8 @@
>>>>>>>> $this->container = $jsonContext->container;
>>>>>>>> }
>>>>>>>>
>>>>>>>> - public function getUrl()
>>>>>>>> - {
>>>>>>>> - return $this->url;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> public function getView()
>>>>>>>> {
>>>>>>>> return $this->view;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> - public function getLocale()
>>>>>>>> - {
>>>>>>>> - return $this->locale;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - public function getContainer()
>>>>>>>> - {
>>>>>>>> - return $this->container;
>>>>>>>> - }
>>>>>>>> }
>>>>>>>> \ No newline at end of file
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyGadgetContext.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyGadgetContext.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyGadgetContext.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,10 @@
>>>>>>>> +<?php
>>>>>>>> +
>>>>>>>> +class ProxyGadgetContext extends GadgetContext {
>>>>>>>> +
>>>>>>>> + public function __construct($url)
>>>>>>>> + {
>>>>>>>> + parent::__construct('GADGET');
>>>>>>>> + $this->url = $url;
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyHandler.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>>> Wed
>>>>>>>> May 21 09:58:52 2008
>>>>>>>> @@ -29,11 +29,15 @@
>>>>>>>> *
>>>>>>>> */
>>>>>>>> class ProxyHandler {
>>>>>>>> - private $context;
>>>>>>>> + private $context;
>>>>>>>> + private $signingFetcher;
>>>>>>>> + private $oauthFetcher;
>>>>>>>>
>>>>>>>> - public function __construct($context)
>>>>>>>> + public function __construct($context, $signingFetcher = null,
>>>>>>>> $oauthFetcher = null)
>>>>>>>> {
>>>>>>>> - $this->context = $context;
>>>>>>>> + $this->context = $context;
>>>>>>>> + $this->signingFetcher = $signingFetcher;
>>>>>>>> + $this->oauthFetcher = $oauthFetcher;
>>>>>>>> }
>>>>>>>>
>>>>>>>> /**
>>>>>>>> @@ -51,11 +55,21 @@
>>>>>>>> $token = '';
>>>>>>>> // no token given, safe to ignore
>>>>>>>> }
>>>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>>>> + $url = $this->validateUrl($url);
>>>>>>>> // Fetch the content and convert it into JSON.
>>>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>>>>>> + if (!isset($result)) {
>>>>>>>> + //OAuthFetcher only
>>>>>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>>>>>> + $json = array($url => $metadata);
>>>>>>>> + $json = json_encode($json);
>>>>>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>>>>>> + $this->setCachingHeaders();
>>>>>>>> + header("Content-Type: application/json; charset=utf-8",
>>>>>>>> true);
>>>>>>>> + echo $output;
>>>>>>>> + die();
>>>>>>>> + }
>>>>>>>> $status = (int)$result->getHttpCode();
>>>>>>>> //header("HTTP/1.1 $status", true);
>>>>>>>> if ($status == 200) {
>>>>>>>> @@ -174,10 +188,9 @@
>>>>>>>> $token = '';
>>>>>>>> // no token given, safe to ignore
>>>>>>>> }
>>>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>>>> + $url = $this->validateUrl($url);
>>>>>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>>>> + $result = $this->fetchContent($url, $method);
>>>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>>> $status = (int)$result->getHttpCode();
>>>>>>>> if ($status == 200) {
>>>>>>>> @@ -208,11 +221,11 @@
>>>>>>>> /**
>>>>>>>> * Both fetch and fetchJson call this function to retrieve the
>>>>>>>> actual content
>>>>>>>> *
>>>>>>>> - * @param string $signedUrl the signed url to fetch
>>>>>>>> + * @param string $url the url to fetch
>>>>>>>> * @param string $method either get or post
>>>>>>>> * @return the filled in request (RemoteContentRequest)
>>>>>>>> */
>>>>>>>> - private function fetchContent($signedUrl, $method)
>>>>>>>> + private function fetchContent($url, $method)
>>>>>>>> {
>>>>>>>> //TODO get actual character encoding from the request
>>>>>>>>
>>>>>>>> @@ -250,14 +263,41 @@
>>>>>>>> }
>>>>>>>> // even if postData is an empty string, it will still post
>>>>>>>> (since
>>>>>>>> RemoteContentRquest checks if its false)
>>>>>>>> // so the request to POST is still honored
>>>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>>>>>> $postData);
>>>>>>>> + $request = new RemoteContentRequest($url, $headers,
>>>>>>>> $postData);
>>>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>>>> $context);
>>>>>>>> } else {
>>>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>>>>>> + $request = new RemoteContentRequest($url, $headers);
>>>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>>>> $context);
>>>>>>>> }
>>>>>>>> return $request;
>>>>>>>> }
>>>>>>>> +
>>>>>>>> + private function fetchContentDivert($url, $method, $signer)
>>>>>>>> + {
>>>>>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>>>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>>>>>> + $token = $this->extractAndValidateToken($signer);
>>>>>>>> + switch (strtoupper($authz)) {
>>>>>>>> + case 'SIGNED':
>>>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>>>> + return $fetcher->fetch($url, $method);
>>>>>>>> + case 'AUTHENTICATED':
>>>>>>>> + $params = new OAuthRequestParams();
>>>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>>>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>>>>>> + $request = new RemoteContentRequest($url);
>>>>>>>> + $request->createRemoteContentRequestWithUri($url);
>>>>>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>>>>>> + case 'NONE':
>>>>>>>> + default:
>>>>>>>> + return $this->fetchContent($url, $method);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setContentFetcher($contentFetcherFactory)
>>>>>>>> + {
>>>>>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>>>>>> + }
>>>>>>>>
>>>>>>>> /**
>>>>>>>> * Sets the caching headers (overwriting anything the remote
>>>>>>>> host
>>>>>>>> set) to force
>>>>>>>> @@ -282,6 +322,7 @@
>>>>>>>> private function validateUrl($url)
>>>>>>>> {
>>>>>>>> //TODO should really make a PHP version of the URI class and
>>>>>>>> validate in all the locations the java version does
>>>>>>>> + // why not use Zend::Uri:
>>>>>>>> return $url;
>>>>>>>> }
>>>>>>>>
>>>>>>>> @@ -293,40 +334,17 @@
>>>>>>>> * @return string the token to use in the signed url
>>>>>>>> */
>>>>>>>> private function extractAndValidateToken($signer)
>>>>>>>> - {
>>>>>>>> - if ($signer == null) {
>>>>>>>> - return null;
>>>>>>>> - }
>>>>>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>>>>>> - if ($token) {
>>>>>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>>>> - }
>>>>>>>> + {
>>>>>>>> + if ($signer == null) {
>>>>>>>> + return null;
>>>>>>>> + }
>>>>>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>>>>>> + if (!isset($token) || $token == '') {
>>>>>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>>>> + }
>>>>>>>> return $signer->createToken($token);
>>>>>>>> }
>>>>>>>> -
>>>>>>>> - /**
>>>>>>>> - * Signs a url with the SecurityToken
>>>>>>>> - *
>>>>>>>> - * @param string $originalUrl
>>>>>>>> - * @param SecurityToken $token
>>>>>>>> - * @return unknown
>>>>>>>> - */
>>>>>>>> - private function signUrl($originalUrl, $token)
>>>>>>>> - {
>>>>>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>>>>>> - if (! $authz) {
>>>>>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>>>>>> - }
>>>>>>>> - if ($token == null || $authz != 'signed') {
>>>>>>>> - return $originalUrl;
>>>>>>>> - }
>>>>>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>>>> false;
>>>>>>>> - if ($method) {
>>>>>>>> - $method = isset($_POST['httpMethod']) ?
>>>>>>>> $_POST['httpMethod'] :
>>>>>>>> 'GET';
>>>>>>>> - }
>>>>>>>> - return $token->signUrl($originalUrl, $method);
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> private function request_headers()
>>>>>>>> {
>>>>>>>> // Try to use apache's request headers if available
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> CertServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> CertServlet.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> CertServlet.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,42 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> under
>>>>>>>> the License.
>>>>>>>> + *
>>>>>>>> + */
>>>>>>>> +require 'src/common/HttpServlet.php';
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * This class serves the public certificate, quick and dirty
>>>>>>>> hack
>>>>>>>> to make the certificate publicly accessible
>>>>>>>> + * this combined with the hard coded location in
>>>>>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>>>>>> + * for the oauth pub key location makes a working whole
>>>>>>>> + */
>>>>>>>> +class CertServlet extends HttpServlet {
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Handles the get file request, only called on url = /
>>>>>>>> public.crt
>>>>>>>> + * so this function has no logic other then to output the cert
>>>>>>>> + */
>>>>>>>> + public function doGet()
>>>>>>>> + {
>>>>>>>> + $file = Config::get('public_key_file');
>>>>>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>>>>>> + throw new Exception("Invalid public key location ($file),
>>>>>>>> check
>>>>>>>> config and file permissions");
>>>>>>>> + }
>>>>>>>> + $this->setLastModified(filemtime($file));
>>>>>>>> + readfile($file);
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> FilesServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> FilesServlet.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> FilesServlet.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -25,7 +25,7 @@
>>>>>>>> * the php version too
>>>>>>>> */
>>>>>>>> class FilesServlet extends HttpServlet {
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Handles the get file request, if the file exists and is in
>>>>>>>> the
>>>>>>>> correct
>>>>>>>> * location it's echo'd to the browser (with a basic content
>>>>>>>> type
>>>>>>>> guessing
>>>>>>>> @@ -46,14 +46,14 @@
>>>>>>>> die();
>>>>>>>> }
>>>>>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>>>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>>>>>> is_file($file)) {
>>>>>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>>>>>> is_file($file)) {
>>>>>>>> header("HTTP/1.0 404 Not Found", true);
>>>>>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>>>>>> die();
>>>>>>>> }
>>>>>>>> $dot = strrpos($file, '.');
>>>>>>>> if ($dot) {
>>>>>>>> - $ext = strtolower(substr($file, $dot+1));
>>>>>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>>>>>> if ($ext == 'html' || $ext == 'htm') {
>>>>>>>> $this->setContentType('text/html');
>>>>>>>> } elseif ($ext == 'js') {
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -52,7 +52,7 @@
>>>>>>>> */
>>>>>>>> class GadgetRenderingServlet extends HttpServlet {
>>>>>>>> private $context;
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Creates the gadget using the GadgetServer class and calls
>>>>>>>> outputGadget
>>>>>>>> *
>>>>>>>> @@ -71,11 +71,11 @@
>>>>>>>> $gadgetServer = new GadgetServer();
>>>>>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>>>>>> $this->outputGadget($gadget, $this->context);
>>>>>>>> - } catch ( Exception $e ) {
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> $this->outputError($e);
>>>>>>>> }
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * If an error occured (Exception) this function echo's the
>>>>>>>> Exception's message
>>>>>>>> * and if the config['debug'] is true, shows the debug backtrace
>>>>>>>> in
>>>>>>>> a div
>>>>>>>> @@ -95,7 +95,7 @@
>>>>>>>> }
>>>>>>>> echo "</body></html>";
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Takes the gadget to output, and depending on its content type
>>>>>>>> calls either outputHtml-
>>>>>>>> * or outputUrlGadget
>>>>>>>> @@ -107,15 +107,15 @@
>>>>>>>> {
>>>>>>>> $view = HttpUtil::getView($gadget, $context);
>>>>>>>> switch ($view->getType()) {
>>>>>>>> - case 'HTML' :
>>>>>>>> + case 'HTML':
>>>>>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>>>>>> break;
>>>>>>>> - case 'URL' :
>>>>>>>> + case 'URL':
>>>>>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>>>>>> break;
>>>>>>>> }
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Outputs a html content type gadget.
>>>>>>>> * It creates a html page, with the javascripts from the
>>>>>>>> features
>>>>>>>> inline into the page, plus
>>>>>>>> @@ -144,16 +144,13 @@
>>>>>>>> }
>>>>>>>> // Was a privacy policy header configured? if so set it
>>>>>>>> if (Config::get('P3P') != '') {
>>>>>>>> - header("P3P: ".Config::get('P3P'));
>>>>>>>> + header("P3P: " . Config::get('P3P'));
>>>>>>>> }
>>>>>>>> - if (!$view->getQuirks()) {
>>>>>>>> + if (! $view->getQuirks()) {
>>>>>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>>>>>> \">\n";
>>>>>>>> }
>>>>>>>> - echo "<html>\n<head>".
>>>>>>>> - "<style type=\"text/css
>>>>>>>> \">".Config::get('gadget_css')."</
>>>>>>>> style>".
>>>>>>>> - "</head><body>".
>>>>>>>> - "<script><!--\n";
>>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>>>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>>>>>> "<script><!--\n";
>>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>>> $type = $library->getType();
>>>>>>>> if ($type == 'URL') {
>>>>>>>> // TODO: This case needs to be handled more gracefully by the
>>>>>>>> js
>>>>>>>> @@ -173,15 +170,12 @@
>>>>>>>> // Forced libs first.
>>>>>>>> if (! empty($forcedLibs)) {
>>>>>>>> $libs = explode(':', $forcedLibs);
>>>>>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').
>>>>>>>> $this-
>>>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>>>>>> $this-
>>>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>>>> }
>>>>>>>> if (strlen($externJs) > 0) {
>>>>>>>> echo $externJs;
>>>>>>>> }
>>>>>>>> - echo "<script><!--\n".
>>>>>>>> - $this->appendJsConfig($context, $gadget).
>>>>>>>> - $this->appendMessages($gadget).
>>>>>>>> - "-->\n</script>\n";
>>>>>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>>>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>>>>>
>>>>>>>> $gadgetExceptions = array();
>>>>>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>>>>>> getContent());
>>>>>>>> @@ -192,11 +186,9 @@
>>>>>>>> if (count($gadgetExceptions)) {
>>>>>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>>>>>> }
>>>>>>>> - echo $content . "\n".
>>>>>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>>>>>> - "</body>\n</html>";
>>>>>>>> + echo $content . "\n" .
>>>>>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</
>>>>>>>> body>
>>>>>>>> \n</html>";
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Output's a URL content type gadget, it adds
>>>>>>>> libs=<list:of:js:libraries>.js and user preferences
>>>>>>>> * to the href url, and redirects the browser to it
>>>>>>>> @@ -215,7 +207,7 @@
>>>>>>>> $forcedLibs = Config::get('focedJsLibs');
>>>>>>>> if ($forcedLibs == null) {
>>>>>>>> $reqs = $gadget->getRequires();
>>>>>>>> - foreach ( $reqs as $key => $val ) {
>>>>>>>> + foreach ($reqs as $key => $val) {
>>>>>>>> $libs[] = $key;
>>>>>>>> }
>>>>>>>> } else {
>>>>>>>> @@ -231,7 +223,7 @@
>>>>>>>> header('Location: ' . $redirURI);
>>>>>>>> die();
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Returns the requested libs (from getjsUrl) with the
>>>>>>>> libs_param_name prepended
>>>>>>>> * ie: in libs=core:caja:etc.js format
>>>>>>>> @@ -248,7 +240,7 @@
>>>>>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>>>>>> return $ret;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Returns the user preferences in &up_<name>=<val> format
>>>>>>>> *
>>>>>>>> @@ -259,7 +251,7 @@
>>>>>>>> private function getPrefsQueryString($prefVals)
>>>>>>>> {
>>>>>>>> $ret = '';
>>>>>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>>>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>>>>>> $ret .= '&';
>>>>>>>> $ret .= Config::get('userpref_param_prefix');
>>>>>>>> $ret .= urlencode($key);
>>>>>>>> @@ -268,10 +260,10 @@
>>>>>>>> }
>>>>>>>> return $ret;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * generates the library string (core:caja:etc.js) including a
>>>>>>>> checksum of all the
>>>>>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>>>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>>>>>> *
>>>>>>>> * @param string $libs
>>>>>>>> * @param Gadget $gadget
>>>>>>>> @@ -284,7 +276,7 @@
>>>>>>>> $buf = 'core';
>>>>>>>> } else {
>>>>>>>> $firstDone = false;
>>>>>>>> - foreach ( $libs as $lib ) {
>>>>>>>> + foreach ($libs as $lib) {
>>>>>>>> if ($firstDone) {
>>>>>>>> $buf .= ':';
>>>>>>>> } else {
>>>>>>>> @@ -296,7 +288,7 @@
>>>>>>>> // Build a version string from the sha1() checksum of all
>>>>>>>> included
>>>>>>>> javascript
>>>>>>>> // to ensure the client always has the right version
>>>>>>>> $inlineJs = '';
>>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>>> $type = $library->getType();
>>>>>>>> if ($type != 'URL') {
>>>>>>>> $inlineJs .= $library->getContent() . "\n";
>>>>>>>> @@ -305,14 +297,14 @@
>>>>>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>>>>>> return $buf;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> private function appendJsConfig($context, $gadget)
>>>>>>>> {
>>>>>>>> $container = $context->getContainer();
>>>>>>>> $containerConfig = $context->getContainerConfig();
>>>>>>>> $gadgetConfig = array();
>>>>>>>> $featureConfig = $containerConfig->getConfig($container,
>>>>>>>> 'gadgets.features');
>>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>>> $feature = $library->getFeatureName();
>>>>>>>> if (! isset($gadgetConfig[$feature]) && !
>>>>>>>> empty($featureConfig[$feature])) {
>>>>>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>>>>>> @@ -320,7 +312,7 @@
>>>>>>>> }
>>>>>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) .
>>>>>>>> ");
>>>>>>>> \n";
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> private function appendMessages($gadget)
>>>>>>>> {
>>>>>>>> $msgs = '';
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> JsServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>>> Wed
>>>>>>>> May 21 09:58:52 2008
>>>>>>>> @@ -30,7 +30,7 @@
>>>>>>>> * to retrieve our features javascript code
>>>>>>>> */
>>>>>>>> class JsServlet extends HttpServlet {
>>>>>>>> -
>>>>>>>> +
>>>>>>>> public function doGet()
>>>>>>>> {
>>>>>>>> $this->noHeaders = true;
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> ProxyServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> ProxyServlet.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> ProxyServlet.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -26,6 +26,8 @@
>>>>>>>> require 'src/common/RemoteContent.php';
>>>>>>>> require 'src/common/Cache.php';
>>>>>>>> require 'src/common/RemoteContentFetcher.php';
>>>>>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>>>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>>>>>
>>>>>>>> class ProxyServlet extends HttpServlet {
>>>>>>>>
>>>>>>>> @@ -39,6 +41,7 @@
>>>>>>>> if (! $url) {
>>>>>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>>>>>> }
>>>>>>>> + $url = urldecode($url);
>>>>>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>>>> false;
>>>>>>>> if (! $method) {
>>>>>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>>>>> 'GET';
>>>>>>>> @@ -49,7 +52,8 @@
>>>>>>>> }
>>>>>>>> $gadgetSigner = Config::get('security_token_signer');
>>>>>>>> $gadgetSigner = new $gadgetSigner();
>>>>>>>> - $proxyHandler = new ProxyHandler($context);
>>>>>>>> + $signingFetcherFactory = new
>>>>>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>>>>>> + $proxyHandler = new ProxyHandler($context,
>>>>>>>> $signingFetcherFactory);
>>>>>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>>>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>>>>>> } else {
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcher.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcher.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcher.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,216 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed under the Apache License, Version 2.0 (the
>>>>>>>> "License");
>>>>>>>> + * you may not use this file except in compliance with the
>>>>>>>> License.
>>>>>>>> + * You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> software
>>>>>>>> + * distributed under the License is distributed on an "AS IS"
>>>>>>>> BASIS,
>>>>>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
>>>>>>>> express or
>>>>>>>> implied.
>>>>>>>> + * See the License for the specific language governing
>>>>>>>> permissions
>>>>>>>> and
>>>>>>>> + * limitations under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Implements signed fetch based on the OAuth request signing
>>>>>>>> algorithm.
>>>>>>>> + *
>>>>>>>> + * Subclasses can override signMessage to use their own crypto
>>>>>>>> if
>>>>>>>> they don't
>>>>>>>> + * like the oauth.net code for some reason.
>>>>>>>> + *
>>>>>>>> + * Instances of this class are only accessed by a single
>>>>>>>> thread at
>>>>>>>> a time,
>>>>>>>> + * but instances may be created by multiple threads.
>>>>>>>> + */
>>>>>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>>>>>> +
>>>>>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>>>>>> + protected static $OPENSOCIAL_VIEWERID =
>>>>>>>> "opensocial_viewer_id";
>>>>>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>>>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>>>>>> "xoauth_signature_publickey";
>>>>>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>>>>>> +
>>>>>>>> + //protected final TimeSource clock = new TimeSource();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Authentication token for the user and gadget making the
>>>>>>>> request.
>>>>>>>> + */
>>>>>>>> + protected $authToken;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This
>>>>>>>> can
>>>>>>>> be a
>>>>>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>>>>>> encoded byte
>>>>>>>> + * array for the private key.(No, really, they accept any of
>>>>>>>> them.)
>>>>>>>> + */
>>>>>>>> + protected $privateKeyObject;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * The name of the key, included in the fetch to help with key
>>>>>>>> rotation.
>>>>>>>> + */
>>>>>>>> + protected $keyName;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>>> object.
>>>>>>>> + *
>>>>>>>> + * @param authToken verified gadget security token
>>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>>> + * @param privateKey the key to use for the signing
>>>>>>>> + */
>>>>>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>>>>>> $keyName, $privateKey)
>>>>>>>> + {
>>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>>> $privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>>> object.
>>>>>>>> + *
>>>>>>>> + * @param authToken verified gadget security token
>>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>>> + * @param privateKey base64 encoded private key
>>>>>>>> + */
>>>>>>>> + public static function makeFromB64PrivateKey($next,
>>>>>>>> $authToken,
>>>>>>>> $keyName, $privateKey)
>>>>>>>> + {
>>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>>> $privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>>> object.
>>>>>>>> + *
>>>>>>>> + * @param authToken verified gadget security token
>>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>>> + * @param privateKey DER encoded private key
>>>>>>>> + */
>>>>>>>> + public static function makeFromPrivateKeyBytes($next,
>>>>>>>> $authToken,
>>>>>>>> $keyName, $privateKey)
>>>>>>>> + {
>>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>>> $privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function __construct($next, $authToken, $keyName,
>>>>>>>> $privateKeyObject)
>>>>>>>> + {
>>>>>>>> + parent::setNextFetcher($next);
>>>>>>>> + $this->authToken = $authToken;
>>>>>>>> + $this->keyName = $keyName;
>>>>>>>> + $this->privateKeyObject = $privateKeyObject;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function fetchRequest($request)
>>>>>>>> + {
>>>>>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function fetch($url, $method)
>>>>>>>> + {
>>>>>>>> + $signed = $this->signRequest($url, $method);
>>>>>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function signRequest($url, $method)
>>>>>>>> + {
>>>>>>>> + try {
>>>>>>>> + // Parse the request into parameters for OAuth signing,
>>>>>>>> stripping
>>>>>>>> out
>>>>>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>>>>>> + ///////////////////////////////////////////////
>>>>>>>> + require 'src/common/Zend/Uri.php';
>>>>>>>> + $uri = Zend_Uri::factory($url);
>>>>>>>> + $resource = $uri->getUri();
>>>>>>>> + $queryParams = $this->sanitize($_GET);
>>>>>>>> + $postParams = $this->sanitize($_POST);
>>>>>>>> + $msgParams = array();
>>>>>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>>>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>>>>>> +
>>>>>>>> + // TODO: is this ok?
>>>>>>>> + //$msgParams = array();
>>>>>>>> + $this->addOpenSocialParams($msgParams);
>>>>>>>> + $this->addOAuthParams($msgParams);
>>>>>>>> +
>>>>>>>> + // Build and sign the OAuthMessage; note that the resource
>>>>>>>> here
>>>>>>>> has
>>>>>>>> + // no query string, the parameters are all in msgParams
>>>>>>>> + //$message = new OAuthMessage($method, $resource,
>>>>>>>> $msgParams);
>>>>>>>> +
>>>>>>>> + ////////////////////////////////////////////////
>>>>>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>>>>>> + $consumer-
>>>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>>>>>> $this-
>>>>>>>>> privateKeyObject);
>>>>>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>>>>>> +
>>>>>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer,
>>>>>>>> NULL,
>>>>>>>> $method, $resource, $msgParams);
>>>>>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>>>>>> +
>>>>>>>> + // Rebuild the query string, including all of the
>>>>>>>> parameters we
>>>>>>>> added.
>>>>>>>> + // We have to be careful not to copy POST parameters into the
>>>>>>>> query.
>>>>>>>> + // If post and query parameters share a name, they end up
>>>>>>>> being
>>>>>>>> removed
>>>>>>>> + // from the query.
>>>>>>>> + $forPost = array();
>>>>>>>> + foreach ($postParams as $key => $param) {
>>>>>>>> + $forPost[$key] = $param;
>>>>>>>> + }
>>>>>>>> + $newQuery = array();
>>>>>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>>>>>> + if (! isset($forPost[$key])) {
>>>>>>>> + $newQuery[$key] = $param;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>>>>>> different than
>>>>>>>> + // the normal form encoding scheme, so we have to use the
>>>>>>>> OAuth
>>>>>>>> library
>>>>>>>> + // formEncode method.
>>>>>>>> + $uri->setQuery($newQuery);
>>>>>>>> + return new RemoteContentRequest($uri->getUri());
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> + throw new GadgetException($e);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function addOpenSocialParams(&$msgParams)
>>>>>>>> + {
>>>>>>>> + $owner = $this->authToken->getOwnerId();
>>>>>>>> + if ($owner != null) {
>>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>>>>>> + }
>>>>>>>> + $viewer = $this->authToken->getViewerId();
>>>>>>>> + if ($viewer != null) {
>>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>>>>>> + }
>>>>>>>> + $app = $this->authToken->getAppId();
>>>>>>>> + if ($app != null) {
>>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function addOAuthParams(&$msgParams)
>>>>>>>> + {
>>>>>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>>>>>> + $domain = $this->authToken->getDomain();
>>>>>>>> + if ($domain != null) {
>>>>>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>>>>>> 'partuza.chabotc.com'; //
>>>>>>>> $domain;
>>>>>>>> + }
>>>>>>>> + if ($this->keyName != null) {
>>>>>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this-
>>>>>>>>> keyName;
>>>>>>>> + }
>>>>>>>> + $nonce = OAuthRequest::generate_nonce();
>>>>>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>>>>>> + $timestamp = time();
>>>>>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>>>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::
>>>>>>>> $RSA_SHA1;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Strip out any owner or viewer id passed by the client.
>>>>>>>> + */
>>>>>>>> + private function sanitize($params)
>>>>>>>> + {
>>>>>>>> + $list = array();
>>>>>>>> + foreach ($params as $key => $p) {
>>>>>>>> + if ($this->allowParam($key)) {
>>>>>>>> + $list[$key] = $p;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + return $list;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function allowParam($paramName)
>>>>>>>> + {
>>>>>>>> + $canonParamName = strtolower($paramName);
>>>>>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>>>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>>>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>>>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,86 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE
>>>>>>>> file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> + * under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Produces Signing content fetchers for input tokens.
>>>>>>>> + */
>>>>>>>> +class SigningFetcherFactory {
>>>>>>>> + private $keyName;
>>>>>>>> + private $privateKey;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Produces a signing fetcher that will sign requests and
>>>>>>>> delegate
>>>>>>>> actual
>>>>>>>> + * network retrieval to the {@code networkFetcher}
>>>>>>>> + *
>>>>>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>>>>>> work.
>>>>>>>> + * @param token The gadget token used for extracting signing
>>>>>>>> parameters.
>>>>>>>> + * @return The signing fetcher.
>>>>>>>> + * @throws GadgetException
>>>>>>>> + */
>>>>>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>>>>>> + {
>>>>>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>>>>>> $token, $this->keyName, $this->privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @param keyFile The file containing your private key for
>>>>>>>> signing
>>>>>>>> requests.
>>>>>>>> + */
>>>>>>>> + public function __construct($keyFile = null)
>>>>>>>> + {
>>>>>>>> + $this->keyName = 'http://'.
>>>>>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>>>>>> + if (! empty($keyFile)) {
>>>>>>>> + $privateKey = null;
>>>>>>>> + try {
>>>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>>>> convert it
>>>>>>>> + $cache = Config::get('data_cache');
>>>>>>>> + $cache = new $cache();
>>>>>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" .
>>>>>>>> $this-
>>>>>>>>> keyName)) !== false) {
>>>>>>>> + $rsa_private_key = $cachedKey;
>>>>>>>> + } else {
>>>>>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>>>>>> + throw new Exception("Could not read keyfile ($keyFile), check
>>>>>>>> the
>>>>>>>> file name and permission");
>>>>>>>> + }
>>>>>>>> + // TODO: sending NULL as a second param to
>>>>>>>> openssl_pkey_get_private works?
>>>>>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>>>>>> (Config::get('private_key_phrase')) : null;
>>>>>>>> + if (($privateKey =
>>>>>>>> @openssl_pkey_get_private($rsa_private_key,
>>>>>>>> $phrase)) == false) {
>>>>>>>> + //TODO: double check if can input keyfile -inform PEM
>>>>>>>> + if (! $in = @tempnam(sys_get_temp_dir(),
>>>>>>>> "RSA_PRIVATE_KEY_")) {
>>>>>>>> + throw new Exception("Could not create temporary file");
>>>>>>>> + }
>>>>>>>> + if (! @file_put_contents($in,
>>>>>>>> base64_decode($rsa_private_key))) {
>>>>>>>> + throw new Exception("Could not write to temporary file");
>>>>>>>> + }
>>>>>>>> + if (! $out = @tempnam(sys_get_temp_dir(),
>>>>>>>> "RSA_PRIVATE_KEY_")) {
>>>>>>>> + throw new Exception("Could not create temporary file");
>>>>>>>> + }
>>>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>>>> " -
>>>>>>>> nocrypt -in " . $in);
>>>>>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>>>>>> + throw new Exception("Could not read temporary file");
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>>>>>> $rsa_private_key);
>>>>>>>> + }
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> + throw new Exception("Error loading private key: " . $e);
>>>>>>>> + }
>>>>>>>> + $this->privateKey = $rsa_private_key;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,112 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE
>>>>>>>> file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> + * under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +class BasicGadgetOAuthTokenStore extends
>>>>>>>> GadgetOAuthTokenStore {
>>>>>>>> +
>>>>>>>> + /** default location for consumer keys and secrets */
>>>>>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>>>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>>>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>>>>>> + private $KEY_TYPE_KEY = "key_type";
>>>>>>>> +
>>>>>>>> + public function __construct($store)
>>>>>>>> + {
>>>>>>>> + parent::__construct($store);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function initFromConfigFile($fetcher)
>>>>>>>> + {
>>>>>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>>>>>> + // This actually involves fetching gadget specs
>>>>>>>> + try {
>>>>>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>>>>>> +
>>>>>>>> + // remove all comments because this confuses the json parser
>>>>>>>> + // note: the json parser also crashes on trailing ,'s in
>>>>>>>> records
>>>>>>>> so please don't use them
>>>>>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>>>>>> $oauthConfigStr);
>>>>>>>> + $oauthConfig = json_decode($contents, true);
>>>>>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>>>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>>>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>>>>>> + }
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> + throw new GadgetException($e);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>>>>>> + {
>>>>>>>> + $cache = Config::get('data_cache');
>>>>>>>> + $cache = new $cache();
>>>>>>>> +
>>>>>>>> + // determine which requests we can load from cache, and which
>>>>>>>> we
>>>>>>>> have to actually fetch
>>>>>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !==
>>>>>>>> false) {
>>>>>>>> + $gadget = $cachedRequest;
>>>>>>>> + } else {
>>>>>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>>>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>>>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>>>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>>>>>> + $spec = new GadgetSpecParser();
>>>>>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>>>>>> $context);
>>>>>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>>>>>> + }
>>>>>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>>>>>> + {
>>>>>>>> + foreach ($oauthConfig as $key => $value) {
>>>>>>>> + $serviceName = $key;
>>>>>>>> + $consumerInfo = $value;
>>>>>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>>>>>> $consumerInfo);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>>>>>> $consumerInfo)
>>>>>>>> + {
>>>>>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>>>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>>>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>>>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>>>>>> +
>>>>>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>>>>>> + $keyType = 'RSA_PRIVATE';
>>>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>>>> convert it
>>>>>>>> + $cache = Config::get('data_cache');
>>>>>>>> + $cache = new $cache();
>>>>>>>> +
>>>>>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>>>>>> $serviceName))) !== false) {
>>>>>>>> + $consumerSecret = $cachedRequest;
>>>>>>>> + } else {
>>>>>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>>>>>> CONSUMER_SECRET_KEY]));
>>>>>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>>>> " -
>>>>>>>> nocrypt -in " . $in);
>>>>>>>> + $consumerSecret = file_get_contents($out);
>>>>>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $kas = new ConsumerKeyAndSecret($consumerKey,
>>>>>>>> $consumerSecret,
>>>>>>>> $keyType);
>>>>>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
>>>>>>>> $kas);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,149 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> under
>>>>>>>> the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +class OAuthNoDataException extends Exception {}
>>>>>>>> +
>>>>>>>> +class BasicOAuthStore implements OAuthStore {
>>>>>>>> +
>>>>>>>> + private $providers = array();
>>>>>>>> + private $tokens = array();
>>>>>>>> +
>>>>>>>> + private $defaultConsumerKey;
>>>>>>>> + private $defaultConsumerSecret;
>>>>>>>> +
>>>>>>>> + public function __construct($consumerKey = null,
>>>>>>>> $privateKey =
>>>>>>>> null)
>>>>>>>> + {
>>>>>>>> + $this->defaultConsumerKey = $consumerKey;
>>>>>>>> + $this->defaultConsumerSecret = $privateKey;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>>>>>> + {
>>>>>>>> + $this->providers = $providers;
>>>>>>>> + $this->tokens = $tokens;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>>>>>> + {
>>>>>>>> + $provKey = new ProviderKey();
>>>>>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>>>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>>>>>> + //AccesorInfo
>>>>>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>>>>>> + //TokenInfo
>>>>>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>>>>>> + if ($accessToken != null) {
>>>>>>>> + // maybe convert into methods
>>>>>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>>>>>> getAccessToken();
>>>>>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>>>>>> getTokenSecret();
>>>>>>>> + }
>>>>>>>> + return $result;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>>>>>> $providerKey)
>>>>>>>> + {
>>>>>>>> + //ProviderInfo
>>>>>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>>>>>> +
>>>>>>>> + if ($provInfo == null) {
>>>>>>>> + throw new OAuthNoDataException("provider info was null in
>>>>>>>> oauth
>>>>>>>> store");
>>>>>>>> + }
>>>>>>>> + //AccesorInfo
>>>>>>>> + $result = new AccesorInfo();
>>>>>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>>>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>>>>>> +
>>>>>>>> + //ConsumerKeyAndSecret
>>>>>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>>>>>> +
>>>>>>>> + if ($consumerKeyAndSecret == null) {
>>>>>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>>>>>> defaultConsumerSecret == null) {
>>>>>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null
>>>>>>>> in
>>>>>>>> oauth store");
>>>>>>>> + } else {
>>>>>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>>>>>> defaultConsumerKey, $this->defaultConsumerSecret,
>>>>>>>>> OAuthStoreVars::
>>>>>>>> $KeyType['RSA_PRIVATE']);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + //OAuthServiceProvider
>>>>>>>> + $oauthProvider = $provInfo->getProvider();
>>>>>>>> +
>>>>>>>> + if (! isset($oauthProvider)) {
>>>>>>>> + throw new OAuthNoDataException("OAuthService provider was
>>>>>>>> null in
>>>>>>>> oauth store");
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // Accesing the class
>>>>>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>>>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>>>>>> +
>>>>>>>> + //OAuthConsumer
>>>>>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>>>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>>>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>>>>>> $oauthProvider);
>>>>>>>> +
>>>>>>>> + if ($usePublicKeyCrypto) {
>>>>>>>> + $consumer-
>>>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>>>> $SignatureType['RSA_SHA1']);
>>>>>>>> + } else {
>>>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>>>> $SignatureType['HMAC_SHA1']);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>>>>>> + return $result;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>>>>>> + {
>>>>>>>> + $provInfo = $this->providers->get($providerKey);
>>>>>>>> +
>>>>>>>> + if ($provInfo == null) {
>>>>>>>> + throw new OAuthNoDataException("provider info was null in
>>>>>>>> oauth
>>>>>>>> store");
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return $provInfo;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>>>>>> $keyAndSecret)
>>>>>>>> + {
>>>>>>>> + //ProviderInfo
>>>>>>>> + $value = $this->getProviderInfo($providerKey);
>>>>>>>> + if ($value == null) {
>>>>>>>> + throw new OAuthNoDataException("could not find provider data
>>>>>>>> for
>>>>>>>> token");
>>>>>>>> + }
>>>>>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>>>>>> $providerInfo)
>>>>>>>> + {
>>>>>>>> + $this->providers[md5(serialize($providerKey))] =
>>>>>>>> $providerInfo;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>>>>>> + {
>>>>>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function getProviderInfo($providerKey)
>>>>>>>> + {
>>>>>>>> + $key = md5(serialize($providerKey));
>>>>>>>> + return isset($this->providers[$key]) ? $this-
>>>>>>>> >providers[$key] :
>>>>>>>> null;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function getTokenInfo($tokenKey)
>>>>>>>> + {
>>>>>>>> + $key = md5(serialize($tokenKey));
>>>>>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] :
>>>>>>>> null;
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>> \ No newline at end of file
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> This message has been scanned for viruses and
>>>>>>>> dangerous content by MailScanner, and is
>>>>>>>> believed to be clean.
>>>>>>> --
>>>>>>> This message has been scanned for viruses and
>>>>>>> dangerous content by MailScanner, and is
>>>>>>> believed to be clean.
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> This message has been scanned for viruses and
>>>>>> dangerous content by MailScanner, and is
>>>>>> believed to be clean.
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>>>
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Looking at the requests in firebug i see this :
<h1>Internal server error</h1><p>Error loading private key: exception
'Exception' with message 'Could
not read keyfile (/srv/www/htdocs/mhr/trunk/php/certs/private.key),
check the file name and permission'
Just fixed that in the latest commit, svn update and you should be up
and running again. Fingers crossed! :)
-- Chris
On May 22, 2008, at 11:11 AM, Lini H - Clarion, India wrote:
> chris,
>
> You can check at http://125.18.107.185/mhr/trunk/php/gadgets/files/container/sample1.html
> . Also the server at http://125.18.107.185/mhr/trunk/php/gadgets/ifr?url=http://www.google.com/ig/modules/horoscope.xml
>
> The same is working with previous one at http://125.18.107.185/mhr/shindig-5-9/php/gadgets/files/container/sample1.html
>
> Regards
> Lini Haridas
> Software Engineer
>
> lini.haridas@clariontechnologies.co.in
> Clarion Technologies
> SEI CMMI Level 3 Company
>
> 4th Floor, Great Eastern Plaza,
> Airport Road,
> Pune- 411 006,
> Maharashtra, India.
> Phone: +91 20 66020289
> Mobile: +91 9823435917
> www.clariontechnologies.co.in
> ----- Original Message -----
> From: "Chris Chabot" <ch...@xs4all.nl>
> To: <sh...@incubator.apache.org>
> Sent: Thursday, May 22, 2008 2:18 PM
> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>
>
>> I cant really think of a meaningful answer on this unless you give me
>> some more info..
>>
>> Did it use to work?
>> Did you clean your cache? (rm -rf /tmp/shindig)
>>
>> What gadgets?
>> Not all gadgets 'just work' (specifically ones that required the
>> gadget writers to enable your domain, or require your keys), oauth/
>> signed request based gadgets requires you to generate keys.. and
>> some
>> gadgets have platform specific stuff in them (hi5/myspace/orkut/etc)
>> or hard coded values that only work on a specific platform ....
>> So 'gadgets' is giving me no info what so ever which of these things
>> could be happening, or if it's really a problem in shindig :)
>>
>> 'Giving errors' it would help a LOT if you could tell me what exact
>> error your receiving, then i could try to make an educated guess
>> towards what might be causing this
>>
>> Since i can't look on your monitor from here, you will have to feed
>> me
>> a bit more info please :)
>>
>> -- Chris
>>
>> On May 22, 2008, at 10:41 AM, Lini H - Clarion, India wrote:
>>
>>> Chris,
>>>
>>> I only mean that the new shindig downloaded is not rendering the
>>> gadgets and is giving errors (after making the config/htaccess
>>> changes). The server is giving gadget errors also the sample html
>>> files.
>>>
>>> Regards
>>> Lini Haridas
>>> Software Engineer
>>>
>>> lini.haridas@clariontechnologies.co.in
>>> Clarion Technologies
>>> SEI CMMI Level 3 Company
>>>
>>> 4th Floor, Great Eastern Plaza,
>>> Airport Road,
>>> Pune- 411 006,
>>> Maharashtra, India.
>>> Phone: +91 20 66020289
>>> Mobile: +91 9823435917
>>> www.clariontechnologies.co.in
>>> ----- Original Message -----
>>> From: "Chris Chabot" <ch...@xs4all.nl>
>>> To: <sh...@incubator.apache.org>
>>> Sent: Thursday, May 22, 2008 2:05 PM
>>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>>> trunk/
>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>>
>>>
>>>> Could you by any chance be more specific?
>>>>
>>>> Things like:
>>>> Where are you trying this
>>>> what are you trying (what gadget/feature/etc)
>>>> what is the result (error messages or anything?)
>>>>
>>>> Would help a lot ! :)
>>>>
>>>> I have a couple of gadgets (horoscope, set title test module,
>>>> opensocial 0.7 tests, social hello world) on my profile on
>>>> partuza.chabotc.com and their working fine for me..
>>>>
>>>> -- Chris
>>>>
>>>> On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
>>>>
>>>>> Hi chris,
>>>>>
>>>>> Sorry, but its still not working..
>>>>>
>>>>> Regards
>>>>> Lini Haridas
>>>>> Software Engineer
>>>>>
>>>>> lini.haridas@clariontechnologies.co.in
>>>>> Clarion Technologies
>>>>> SEI CMMI Level 3 Company
>>>>>
>>>>> 4th Floor, Great Eastern Plaza,
>>>>> Airport Road,
>>>>> Pune- 411 006,
>>>>> Maharashtra, India.
>>>>> Phone: +91 20 66020289
>>>>> Mobile: +91 9823435917
>>>>> www.clariontechnologies.co.in
>>>>> ----- Original Message -----
>>>>> From: "Chris Chabot" <ch...@xs4all.nl>
>>>>> To: <sh...@incubator.apache.org>
>>>>> Sent: Thursday, May 22, 2008 1:32 PM
>>>>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>>>>> trunk/
>>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>>>>> http/
>>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>>> http/
>>>>>
>>>>>
>>>>>> Should be working again
>>>>>>
>>>>>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>>>>>
>>>>>>> Hi Chris,
>>>>>>>
>>>>>>> The shindig is not working after the new code changes. I also
>>>>>>> checked on http://shindig.chabotc.com and none of the samples
>>>>>>> neither the gadget is working. Is any work still missing on
>>>>>>> this?
>>>>>>>
>>>>>>> Regards
>>>>>>>
>>>>>>> Lini Haridas
>>>>>>> Software Engineer
>>>>>>>
>>>>>>> lini.haridas@clariontechnologies.co.in
>>>>>>> Clarion Technologies
>>>>>>> SEI CMMI Level 3 Company
>>>>>>>
>>>>>>> 4th Floor, Great Eastern Plaza,
>>>>>>> Airport Road,
>>>>>>> Pune- 411 006,
>>>>>>> Maharashtra, India.
>>>>>>> Phone: +91 20 66020289
>>>>>>> Mobile: +91 9823435917
>>>>>>> www.clariontechnologies.co.in
>>>>>>>
>>>>>>> ----- Original Message -----
>>>>>>> From: <ch...@apache.org>
>>>>>>> To: <sh...@incubator.apache.org>
>>>>>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>>>>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/
>>>>>>> trunk/
>>>>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>>>>>>> http/
>>>>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>>>>> http/
>>>>>>>
>>>>>>>
>>>>>>>> Author: chabotc
>>>>>>>> Date: Wed May 21 09:58:52 2008
>>>>>>>> New Revision: 658758
>>>>>>>>
>>>>>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>>>>>> Log:
>>>>>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>>>>>> great work on this. This patch implements OAuth and signed
>>>>>>>> request
>>>>>>>> support
>>>>>>>>
>>>>>>>> Added:
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> GadgetOAuthTokenStore.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> OAuthFetcherFactory.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> OAuthRequestParams.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> OAuthServiceProvider.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>>>>>> Modified:
>>>>>>>> incubator/shindig/trunk/php/config.php
>>>>>>>> incubator/shindig/trunk/php/index.php
>>>>>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>>>>>> BasicBlobCrypter.php
>>>>>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>>>>>> GadgetDataServlet.php
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/config.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52
>>>>>>>> 2008
>>>>>>>> @@ -1,4 +1,4 @@
>>>>>>>> -<?
>>>>>>>> +<?php
>>>>>>>> /*
>>>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>>>> @@ -45,7 +45,7 @@
>>>>>>>> // Configurable CSS rules that are injected to the gadget page,
>>>>>>>> // be careful when adjusting these not to break most gadget's
>>>>>>>> layouts :)
>>>>>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>>> serif;}
>>>>>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>>>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>>>>>> color:white;}',
>>>>>>>> - // 'gadget_css' => 'body,td,div,span,p{font-
>>>>>>>> family:arial,sans-
>>>>>>>> serif;} body {background-color:#ffffff; font-family: arial,
>>>>>>>> sans-
>>>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>>>> input,
>>>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>>>> 3px;}',
>>>>>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>>> serif;} body {background-color:#ffffff; font-family: arial,
>>>>>>>> sans-
>>>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>>>> input,
>>>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>>>> 3px;}',
>>>>>>>>
>>>>>>>> // The html / javascript samples use a plain text demo token,
>>>>>>>> // set this to false on anything resembling a real site
>>>>>>>> @@ -96,6 +96,13 @@
>>>>>>>> // global cache age policy and location
>>>>>>>> 'cache_time' => 24 * 60 * 60,
>>>>>>>> 'cache_root' => '/tmp/shindig',
>>>>>>>> +
>>>>>>>> + // OAuth private key Path
>>>>>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>>>> private.key',
>>>>>>>> + // file path to public RSA cert
>>>>>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>>>> public.crt',
>>>>>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>>>>>> + 'private_key_phrase' => 'partuza',
>>>>>>>>
>>>>>>>> // In some cases we need to know the site root (for features
>>>>>>>> forinstance)
>>>>>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/index.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52
>>>>>>>> 2008
>>>>>>>> @@ -1,4 +1,4 @@
>>>>>>>> -<?
>>>>>>>> +<?php
>>>>>>>> /*
>>>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>>>> @@ -48,7 +48,7 @@
>>>>>>>> // To load these, we scan our entire directory structure
>>>>>>>> function __autoload($className)
>>>>>>>> {
>>>>>>>> - $locations = array('src/common', 'src/common/
>>>>>>>> samplecontainer',
>>>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/
>>>>>>>> http',
>>>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>>>> samplecontainer');
>>>>>>>> + $locations = array('src/common', 'src/common/
>>>>>>>> samplecontainer',
>>>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/
>>>>>>>> http',
>>>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>>>> samplecontainer', 'src/gadgets/oauth');
>>>>>>>> // Check for the presense of this class in our all our
>>>>>>>> directories.
>>>>>>>> $fileName = $className.'.php';
>>>>>>>> foreach ($locations as $path) {
>>>>>>>> @@ -65,7 +65,8 @@
>>>>>>>> Config::get('web_prefix') . '/gadgets/proxy' =>
>>>>>>>> 'ProxyServlet',
>>>>>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>>>>>> 'GadgetRenderingServlet',
>>>>>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>>>>>> 'JsonRpcServlet',
>>>>>>>> - Config::get('web_prefix') . '/social/data' =>
>>>>>>>> 'GadgetDataServlet'
>>>>>>>> + Config::get('web_prefix') . '/social/data' =>
>>>>>>>> 'GadgetDataServlet',
>>>>>>>> + Config::get('web_prefix') . '/public.crt' =>
>>>>>>>> 'CertServlet'
>>>>>>>> );
>>>>>>>>
>>>>>>>> // Try to match the request url to our servlet mapping
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>>>>>> 09:58:52 2008
>>>>>>>> @@ -1,4 +1,5 @@
>>>>>>>> <?php
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>>>>>> *
>>>>>>>> @@ -48,243 +49,248 @@
>>>>>>>> class JsMinException extends Exception {}
>>>>>>>>
>>>>>>>> class JsMin {
>>>>>>>> - const ORD_LF = 10;
>>>>>>>> - const ORD_SPACE = 32;
>>>>>>>> -
>>>>>>>> - protected $a = '';
>>>>>>>> - protected $b = '';
>>>>>>>> - protected $input = '';
>>>>>>>> - protected $inputIndex = 0;
>>>>>>>> - protected $inputLength = 0;
>>>>>>>> - protected $lookAhead = null;
>>>>>>>> - protected $output = '';
>>>>>>>> -
>>>>>>>> - // -- Public Static Methods
>>>>>>>> --------------------------------------------------
>>>>>>>> -
>>>>>>>> - public static function minify($js) {
>>>>>>>> - $jsmin = new JsMin($js);
>>>>>>>> - return $jsmin->min();
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - // -- Public Instance Methods
>>>>>>>> ------------------------------------------------
>>>>>>>> -
>>>>>>>> - public function __construct($input) {
>>>>>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>>>>>> - $this->inputLength = strlen($this->input);
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - // -- Protected Instance Methods
>>>>>>>> ---------------------------------------------
>>>>>>>> -
>>>>>>>> - protected function action($d) {
>>>>>>>> - switch($d) {
>>>>>>>> - case 1:
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> -
>>>>>>>> - case 2:
>>>>>>>> - $this->a = $this->b;
>>>>>>>> -
>>>>>>>> - if ($this->a === "'" || $this->a === '"') {
>>>>>>>> - for (;;) {
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - $this->a = $this->get();
>>>>>>>> -
>>>>>>>> - if ($this->a === $this->b) {
>>>>>>>> - break;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>>>>>> - throw new JsMinException('Unterminated string
>>>>>>>> literal.');
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if ($this->a === '\\') {
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - $this->a = $this->get();
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - case 3:
>>>>>>>> - $this->b = $this->next();
>>>>>>>> -
>>>>>>>> - if ($this->b === '/' && (
>>>>>>>> - $this->a === '(' || $this->a === ',' || $this->a
>>>>>>>> ===
>>>>>>>> '=' ||
>>>>>>>> - $this->a === ':' || $this->a === '[' || $this->a
>>>>>>>> ===
>>>>>>>> '!' ||
>>>>>>>> - $this->a === '&' || $this->a === '|' || $this->a
>>>>>>>> ===
>>>>>>>> '?')) {
>>>>>>>> -
>>>>>>>> - $this->output .= $this->a . $this->b;
>>>>>>>> -
>>>>>>>> - for (;;) {
>>>>>>>> - $this->a = $this->get();
>>>>>>>> -
>>>>>>>> - if ($this->a === '/') {
>>>>>>>> - break;
>>>>>>>> - } elseif ($this->a === '\\') {
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - $this->a = $this->get();
>>>>>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>>>> - throw new JsMinException('Unterminated regular
>>>>>>>> expression '.
>>>>>>>> - 'literal.');
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - $this->output .= $this->a;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - $this->b = $this->next();
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function get() {
>>>>>>>> - $c = $this->lookAhead;
>>>>>>>> - $this->lookAhead = null;
>>>>>>>> -
>>>>>>>> - if ($c === null) {
>>>>>>>> - if ($this->inputIndex < $this->inputLength) {
>>>>>>>> - $c = $this->input[$this->inputIndex];
>>>>>>>> - $this->inputIndex += 1;
>>>>>>>> - } else {
>>>>>>>> - $c = null;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if ($c === "\r") {
>>>>>>>> - return "\n";
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>>>>>> self::ORD_SPACE) {
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - return ' ';
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function isAlphaNum($c) {
>>>>>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\
>>>>>>>> $]
>>>>>>>> $/', $c) === 1;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function min() {
>>>>>>>> - $this->a = "\n";
>>>>>>>> - $this->action(3);
>>>>>>>> -
>>>>>>>> - while ($this->a !== null) {
>>>>>>>> - switch ($this->a) {
>>>>>>>> - case ' ':
>>>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - } else {
>>>>>>>> - $this->action(2);
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case "\n":
>>>>>>>> - switch ($this->b) {
>>>>>>>> - case '{':
>>>>>>>> - case '[':
>>>>>>>> - case '(':
>>>>>>>> - case '+':
>>>>>>>> - case '-':
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case ' ':
>>>>>>>> - $this->action(3);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - }
>>>>>>>> - else {
>>>>>>>> - $this->action(2);
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - switch ($this->b) {
>>>>>>>> - case ' ':
>>>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - $this->action(3);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case "\n":
>>>>>>>> - switch ($this->a) {
>>>>>>>> - case '}':
>>>>>>>> - case ']':
>>>>>>>> - case ')':
>>>>>>>> - case '+':
>>>>>>>> - case '-':
>>>>>>>> - case '"':
>>>>>>>> - case "'":
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>>>> - $this->action(1);
>>>>>>>> - }
>>>>>>>> - else {
>>>>>>>> - $this->action(3);
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - $this->action(1);
>>>>>>>> - break;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - return $this->output;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function next() {
>>>>>>>> - $c = $this->get();
>>>>>>>> -
>>>>>>>> - if ($c === '/') {
>>>>>>>> - switch($this->peek()) {
>>>>>>>> - case '/':
>>>>>>>> - for (;;) {
>>>>>>>> - $c = $this->get();
>>>>>>>> -
>>>>>>>> - if (ord($c) <= self::ORD_LF) {
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - case '*':
>>>>>>>> - $this->get();
>>>>>>>> -
>>>>>>>> - for (;;) {
>>>>>>>> - switch($this->get()) {
>>>>>>>> - case '*':
>>>>>>>> - if ($this->peek() === '/') {
>>>>>>>> - $this->get();
>>>>>>>> - return ' ';
>>>>>>>> - }
>>>>>>>> - break;
>>>>>>>> -
>>>>>>>> - case null:
>>>>>>>> - throw new JsMinException('Unterminated
>>>>>>>> comment.');
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - default:
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - return $c;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - protected function peek() {
>>>>>>>> - $this->lookAhead = $this->get();
>>>>>>>> - return $this->lookAhead;
>>>>>>>> - }
>>>>>>>> + const ORD_LF = 10;
>>>>>>>> + const ORD_SPACE = 32;
>>>>>>>> +
>>>>>>>> + protected $a = '';
>>>>>>>> + protected $b = '';
>>>>>>>> + protected $input = '';
>>>>>>>> + protected $inputIndex = 0;
>>>>>>>> + protected $inputLength = 0;
>>>>>>>> + protected $lookAhead = null;
>>>>>>>> + protected $output = '';
>>>>>>>> +
>>>>>>>> + // -- Public Static Methods
>>>>>>>> --------------------------------------------------
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + public static function minify($js)
>>>>>>>> + {
>>>>>>>> + $jsmin = new JsMin($js);
>>>>>>>> + return $jsmin->min();
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // -- Public Instance Methods
>>>>>>>> ------------------------------------------------
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + public function __construct($input)
>>>>>>>> + {
>>>>>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>>>>>> + $this->inputLength = strlen($this->input);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // -- Protected Instance Methods
>>>>>>>> ---------------------------------------------
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + protected function action($d)
>>>>>>>> + {
>>>>>>>> + switch ($d) {
>>>>>>>> + case 1:
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> +
>>>>>>>> + case 2:
>>>>>>>> + $this->a = $this->b;
>>>>>>>> +
>>>>>>>> + if ($this->a === "'" || $this->a === '"') {
>>>>>>>> + for (; ; ) {
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + $this->a = $this->get();
>>>>>>>> +
>>>>>>>> + if ($this->a === $this->b) {
>>>>>>>> + break;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>>>>>> + throw new JsMinException('Unterminated string literal.');
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if ($this->a === '\\') {
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + $this->a = $this->get();
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + case 3:
>>>>>>>> + $this->b = $this->next();
>>>>>>>> +
>>>>>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ','
>>>>>>>> ||
>>>>>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' ||
>>>>>>>> $this-
>>>>>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a
>>>>>>>>> ===
>>>>>>>> '?')) {
>>>>>>>> +
>>>>>>>> + $this->output .= $this->a . $this->b;
>>>>>>>> +
>>>>>>>> + for (; ; ) {
>>>>>>>> + $this->a = $this->get();
>>>>>>>> +
>>>>>>>> + if ($this->a === '/') {
>>>>>>>> + break;
>>>>>>>> + } elseif ($this->a === '\\') {
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + $this->a = $this->get();
>>>>>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>>>>>> 'literal.');
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $this->output .= $this->a;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $this->b = $this->next();
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function get()
>>>>>>>> + {
>>>>>>>> + $c = $this->lookAhead;
>>>>>>>> + $this->lookAhead = null;
>>>>>>>> +
>>>>>>>> + if ($c === null) {
>>>>>>>> + if ($this->inputIndex < $this->inputLength) {
>>>>>>>> + $c = $this->input[$this->inputIndex];
>>>>>>>> + $this->inputIndex += 1;
>>>>>>>> + } else {
>>>>>>>> + $c = null;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if ($c === "\r") {
>>>>>>>> + return "\n";
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + if ($c === null || $c === "\n" || ord($c) >=
>>>>>>>> self::ORD_SPACE) {
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return ' ';
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function isAlphaNum($c)
>>>>>>>> + {
>>>>>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>>>>>> $/',
>>>>>>>> $c) === 1;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function min()
>>>>>>>> + {
>>>>>>>> + $this->a = "\n";
>>>>>>>> + $this->action(3);
>>>>>>>> +
>>>>>>>> + while ($this->a !== null) {
>>>>>>>> + switch ($this->a) {
>>>>>>>> + case ' ':
>>>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + } else {
>>>>>>>> + $this->action(2);
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case "\n":
>>>>>>>> + switch ($this->b) {
>>>>>>>> + case '{':
>>>>>>>> + case '[':
>>>>>>>> + case '(':
>>>>>>>> + case '+':
>>>>>>>> + case '-':
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case ' ':
>>>>>>>> + $this->action(3);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + } else {
>>>>>>>> + $this->action(2);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + switch ($this->b) {
>>>>>>>> + case ' ':
>>>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $this->action(3);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case "\n":
>>>>>>>> + switch ($this->a) {
>>>>>>>> + case '}':
>>>>>>>> + case ']':
>>>>>>>> + case ')':
>>>>>>>> + case '+':
>>>>>>>> + case '-':
>>>>>>>> + case '"':
>>>>>>>> + case "'":
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>>>> + $this->action(1);
>>>>>>>> + } else {
>>>>>>>> + $this->action(3);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + $this->action(1);
>>>>>>>> + break;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return $this->output;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function next()
>>>>>>>> + {
>>>>>>>> + $c = $this->get();
>>>>>>>> +
>>>>>>>> + if ($c === '/') {
>>>>>>>> + switch ($this->peek()) {
>>>>>>>> + case '/':
>>>>>>>> + for (; ; ) {
>>>>>>>> + $c = $this->get();
>>>>>>>> +
>>>>>>>> + if (ord($c) <= self::ORD_LF) {
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + case '*':
>>>>>>>> + $this->get();
>>>>>>>> +
>>>>>>>> + for (; ; ) {
>>>>>>>> + switch ($this->get()) {
>>>>>>>> + case '*':
>>>>>>>> + if ($this->peek() === '/') {
>>>>>>>> + $this->get();
>>>>>>>> + return ' ';
>>>>>>>> + }
>>>>>>>> + break;
>>>>>>>> +
>>>>>>>> + case null:
>>>>>>>> + throw new JsMinException('Unterminated comment.');
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + default:
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return $c;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function peek()
>>>>>>>> + {
>>>>>>>> + $this->lookAhead = $this->get();
>>>>>>>> + return $this->lookAhead;
>>>>>>>> + }
>>>>>>>> }
>>>>>>>>
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentFetcher.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentFetcher.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentFetcher.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -19,6 +19,18 @@
>>>>>>>> */
>>>>>>>>
>>>>>>>> abstract class RemoteContentFetcher {
>>>>>>>> +
>>>>>>>> + protected $fetcher;
>>>>>>>> +
>>>>>>>> + protected function setNextFetcher($fetcher = null)
>>>>>>>> + {
>>>>>>>> + $this->fetcher = $fetcher;
>>>>>>>> + }
>>>>>>>>
>>>>>>>> abstract public function fetchRequest($request);
>>>>>>>> +
>>>>>>>> + public function getNextFetcher()
>>>>>>>> + {
>>>>>>>> + return $this->fetcher;
>>>>>>>> + }
>>>>>>>> }
>>>>>>>> \ No newline at end of file
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentRequest.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentRequest.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>>>> RemoteContentRequest.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -15,13 +15,14 @@
>>>>>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> * KIND, either express or implied. See the License for the
>>>>>>>> * specific language governing permissions and limitations under
>>>>>>>> the
>>>>>>>> License.
>>>>>>>> - *
>>>>>>>> + *
>>>>>>>> */
>>>>>>>>
>>>>>>>> class RemoteContentRequest {
>>>>>>>> // these are used for making the request
>>>>>>>> - private $url = '';
>>>>>>>> - private $headers = false;
>>>>>>>> + private $uri = '';
>>>>>>>> + private $method = '';
>>>>>>>> + private $headers = array();
>>>>>>>> private $postBody = false;
>>>>>>>> // these fields are filled in once the request has completed
>>>>>>>> private $responseContent = false;
>>>>>>>> @@ -29,20 +30,179 @@
>>>>>>>> private $responseHeaders = false;
>>>>>>>> private $httpCode = false;
>>>>>>>> private $contentType = null;
>>>>>>>> + private $options;
>>>>>>>> public $handle = false;
>>>>>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-
>>>>>>>> form-
>>>>>>>> urlencoded; charset=utf-8";
>>>>>>>> + public static $DEFAULT_OPTIONS = array();
>>>>>>>>
>>>>>>>> - public function __construct($url, $headers = false,
>>>>>>>> $postBody =
>>>>>>>> false)
>>>>>>>> + public function __construct($uri, $headers = false,
>>>>>>>> $postBody =
>>>>>>>> false)
>>>>>>>> {
>>>>>>>> - $this->url = $url;
>>>>>>>> + $this->uri = $uri;
>>>>>>>> $this->headers = $headers;
>>>>>>>> $this->postBody = $postBody;
>>>>>>>> }
>>>>>>>>
>>>>>>>> + public function createRemoteContentRequest($method, $uri,
>>>>>>>> $headers, $postBody, $options)
>>>>>>>> + {
>>>>>>>> + $this->method = $method;
>>>>>>>> + $this->uri = $uri;
>>>>>>>> + $this->options = $options;
>>>>>>>> + // Copy the headers
>>>>>>>> + if (! isset($headers)) {
>>>>>>>> + $this->headers = '';
>>>>>>>> + } else {
>>>>>>>> + $setPragmaHeader = false;
>>>>>>>> + $tmpHeaders = '';
>>>>>>>> + foreach ($headers as $key => $value) {
>>>>>>>> + // Proxies should be bypassed with the Pragma: no-cache
>>>>>>>> check.
>>>>>>>> + //TODO double check array is good for options
>>>>>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>>>>>> + $value = "no-cache";
>>>>>>>> + $setPragmaHeader = true;
>>>>>>>> + }
>>>>>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>>>>>> + }
>>>>>>>> + // Bypass caching in proxies as well.
>>>>>>>> + //TODO double check array is good for options
>>>>>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>>>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>>>>>> + }
>>>>>>>> + $this->headers = $tmpHeaders;
>>>>>>>> + }
>>>>>>>> + if (! isset($postBody)) {
>>>>>>>> + $this->postBody = '';
>>>>>>>> + } else {
>>>>>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>>>>>> + }
>>>>>>>> + $type = $this->getHeader("Content-Type");
>>>>>>>> + if (! isset($type)) {
>>>>>>>> + $this->contentType = RemoteContentRequest::
>>>>>>>> $DEFAULT_CONTENT_TYPE;
>>>>>>>> + } else {
>>>>>>>> + $this->contentType = $type;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Creates a new request to a different URL using all request
>>>>>>>> data
>>>>>>>> from
>>>>>>>> + * an existing request.
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + * @param base The base request to copy data from.
>>>>>>>> + */
>>>>>>>> + public static function
>>>>>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>>>>>> + {
>>>>>>>> + $this->uri = $uri;
>>>>>>>> + $this->method = $base->method;
>>>>>>>> + $this->options = $base->options;
>>>>>>>> + $this->headers = $base->headers;
>>>>>>>> + $this->contentType = $base->contentType;
>>>>>>>> + $this->postBody = $base->postBody;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Basic GET request.
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + */
>>>>>>>> + public function createRemoteContentRequestWithUri($uri)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * GET with options
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriOptions($uri,
>>>>>>>> $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * GET request with custom headers and default options
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + */
>>>>>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>>>>>> $headers)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers,
>>>>>>>> null,
>>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * GET request with custom headers + options
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>>>>>> $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers,
>>>>>>>> null,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Basic POST request
>>>>>>>> + * @param uri
>>>>>>>> + * @param postBody
>>>>>>>> + */
>>>>>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>>>>>> $postBody)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>>>> $postBody,
>>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * POST request with options
>>>>>>>> + * @param uri
>>>>>>>> + * @param postBody
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriPostBodyOptions($uri,
>>>>>>>> $postBody,
>>>>>>>> $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>>>> $postBody,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * POST request with headers
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + * @param postBody
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriHeadersPostBody($uri,
>>>>>>>> $headers,
>>>>>>>> $postBody)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * POST request with options + headers
>>>>>>>> + * @param uri
>>>>>>>> + * @param headers
>>>>>>>> + * @param postBody
>>>>>>>> + * @param options
>>>>>>>> + */
>>>>>>>> + public function
>>>>>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>>>>>> $headers, $postBody, $options)
>>>>>>>> + {
>>>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>>>> $postBody, $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Creates a simple GET request
>>>>>>>> + *
>>>>>>>> + * @param uri
>>>>>>>> + * @param ignoreCache
>>>>>>>> + */
>>>>>>>> + public function getRequest($uri, $ignoreCache)
>>>>>>>> + {
>>>>>>>> + $options = new Options();
>>>>>>>> + $options->ignoreCache = $ignoreCache;
>>>>>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>>>>>> $options);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> // returns a hash code which identifies this request, used for
>>>>>>>> caching
>>>>>>>> - // takes url and postbody into account for constructing the
>>>>>>>> md5
>>>>>>>> checksum
>>>>>>>> + // takes url and postbody into account for constructing the
>>>>>>>> sha1
>>>>>>>> checksum
>>>>>>>> public function toHash()
>>>>>>>> {
>>>>>>>> - return md5($this->url . $this->postBody);
>>>>>>>> + return md5($this->uri . $this->postBody);
>>>>>>>> }
>>>>>>>>
>>>>>>>> public function getContentType()
>>>>>>>> @@ -92,7 +252,17 @@
>>>>>>>>
>>>>>>>> public function getUrl()
>>>>>>>> {
>>>>>>>> - return $this->url;
>>>>>>>> + return $this->uri;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getMethod()
>>>>>>>> + {
>>>>>>>> + return $this->method;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getOptions()
>>>>>>>> + {
>>>>>>>> + return $this->options;
>>>>>>>> }
>>>>>>>>
>>>>>>>> public function setContentType($type)
>>>>>>>> @@ -125,14 +295,37 @@
>>>>>>>> $this->headers = $headers;
>>>>>>>> }
>>>>>>>>
>>>>>>>> + //FIXME: Find a better way to do this
>>>>>>>> + // The headers can be an array of elements.
>>>>>>>> + public function getHeader($headerName)
>>>>>>>> + {
>>>>>>>> + $headers = explode("\n", $this->headers);
>>>>>>>> + foreach ($headers as $header) {
>>>>>>>> + $key = explode(":", $header);
>>>>>>>> + if ($key[0] == $headerName)
>>>>>>>> + return $key[1];
>>>>>>>> + }
>>>>>>>> + return null;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> public function setPostBody($postBody)
>>>>>>>> {
>>>>>>>> $this->postBody = $postBody;
>>>>>>>> }
>>>>>>>>
>>>>>>>> - public function setUrl($url)
>>>>>>>> + public function setUri($uri)
>>>>>>>> {
>>>>>>>> - $this->url = $url;
>>>>>>>> + $this->uri = $uri;
>>>>>>>> }
>>>>>>>>
>>>>>>>> -}
>>>>>>>> \ No newline at end of file
>>>>>>>> +}
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Bag of options for making a request.
>>>>>>>> + *
>>>>>>>> + * This object is mutable to keep us sane. Don't mess with it
>>>>>>>> once
>>>>>>>> you've
>>>>>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>>>>>> + */
>>>>>>>> +class Options {
>>>>>>>> + public $ignoreCache = false;
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/
>>>>>>>> Loader.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed
>>>>>>>> May
>>>>>>>> 21 09:58:52 2008
>>>>>>>> @@ -80,7 +80,7 @@
>>>>>>>> self::loadFile($file, $dirs, true);
>>>>>>>> } else {
>>>>>>>> self::_securityCheck($file);
>>>>>>>> - include_once $file;
>>>>>>>> + include_once 'src/common/'.$file;
>>>>>>>> }
>>>>>>>>
>>>>>>>> if (!class_exists($class, false) && !
>>>>>>>> interface_exists($class, false)) {
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetContext.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>>> Wed
>>>>>>>> May 21 09:58:52 2008
>>>>>>>> @@ -26,21 +26,21 @@
>>>>>>>> * Server wide variables are stored in config.php
>>>>>>>> */
>>>>>>>> class GadgetContext {
>>>>>>>> - private $httpFetcher = null;
>>>>>>>> - private $locale = null;
>>>>>>>> - private $renderingContext = null;
>>>>>>>> - private $registry = null;
>>>>>>>> - private $userPrefs = null;
>>>>>>>> - private $gadgetId = null;
>>>>>>>> - private $view = null;
>>>>>>>> - private $moduleId = null;
>>>>>>>> - private $url = null;
>>>>>>>> - private $cache = null;
>>>>>>>> - private $blacklist = null;
>>>>>>>> - private $ignoreCache = null;
>>>>>>>> - private $forcedJsLibs = null;
>>>>>>>> - private $containerConfig = null;
>>>>>>>> - private $container = null;
>>>>>>>> + protected $httpFetcher = null;
>>>>>>>> + protected $locale = null;
>>>>>>>> + protected $renderingContext = null;
>>>>>>>> + protected $registry = null;
>>>>>>>> + protected $userPrefs = null;
>>>>>>>> + protected $gadgetId = null;
>>>>>>>> + protected $view = null;
>>>>>>>> + protected $moduleId = null;
>>>>>>>> + protected $url = null;
>>>>>>>> + protected $cache = null;
>>>>>>>> + protected $blacklist = null;
>>>>>>>> + protected $ignoreCache = null;
>>>>>>>> + protected $forcedJsLibs = null;
>>>>>>>> + protected $containerConfig = null;
>>>>>>>> + protected $container = null;
>>>>>>>>
>>>>>>>> public function __construct($renderingContext)
>>>>>>>> {
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetSpecParser.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetSpecParser.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetSpecParser.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -36,7 +36,7 @@
>>>>>>>> }
>>>>>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>>>>>> // process ModulePref attributes
>>>>>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>>>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs,
>>>>>>>> $context);
>>>>>>>> // process UserPrefs, if any
>>>>>>>> foreach ($doc->UserPref as $pref) {
>>>>>>>> $this->processUserPref($gadget, $pref);
>>>>>>>> @@ -54,7 +54,7 @@
>>>>>>>> return $gadget;
>>>>>>>> }
>>>>>>>>
>>>>>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>>>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>>>>>> $context)
>>>>>>>> {
>>>>>>>> $attributes = $ModulePrefs->attributes();
>>>>>>>> if (empty($attributes['title'])) {
>>>>>>>> @@ -90,11 +90,11 @@
>>>>>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>>>>>> trim($attributes['scaling']) : '';
>>>>>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>>>>>> trim($attributes['scrolling']) : '';
>>>>>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>>>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>>>>>> + $gadget->localeSpecs[] = $this->processLocale($locale,
>>>>>>>> $context);
>>>>>>>> }
>>>>>>>> }
>>>>>>>>
>>>>>>>> - private function processLocale($locale)
>>>>>>>> + private function processLocale($locale, $context)
>>>>>>>> {
>>>>>>>> $attributes = $locale->attributes();
>>>>>>>> $messageAttr = isset($attributes['messages']) ?
>>>>>>>> trim($attributes['messages']) : '';
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed
>>>>>>>> May
>>>>>>>> 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,70 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> under
>>>>>>>> the License.
>>>>>>>> + *
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * An abstract representation of a signing token.
>>>>>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>>>>>> + */
>>>>>>>> +abstract class GadgetToken {
>>>>>>>> +
>>>>>>>> + //FIXME Hmm seems php is refusing to let me make abstract
>>>>>>>> static
>>>>>>>> functions? odd
>>>>>>>> + static public function createFromToken($token, $maxage) {}
>>>>>>>> + static public function createFromValues($owner, $viewer,
>>>>>>>> $app,
>>>>>>>> $domain, $appUrl, $moduleId) {}
>>>>>>>> +
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Serializes the token into a string. This can be the exact
>>>>>>>> same as
>>>>>>>> + * toString; using a different name here is only to force
>>>>>>>> interface
>>>>>>>> + * compliance.
>>>>>>>> + *
>>>>>>>> + * @return A string representation of the token.
>>>>>>>> + */
>>>>>>>> + abstract public function toSerialForm();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the owner from the token, or null if there is
>>>>>>>> none.
>>>>>>>> + */
>>>>>>>> + abstract public function getOwnerId();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the viewer from the token, or null if there is
>>>>>>>> none.
>>>>>>>> + */
>>>>>>>> + abstract public function getViewerId();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the application id from the token, or null if
>>>>>>>> there
>>>>>>>> is none.
>>>>>>>> + */
>>>>>>>> + abstract public function getAppId();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the domain from the token, or null if there is
>>>>>>>> none.
>>>>>>>> + */
>>>>>>>> + abstract public function getDomain();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the URL of the application
>>>>>>>> + */
>>>>>>>> + abstract public function getAppUrl();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @return the module ID of the application
>>>>>>>> + */
>>>>>>>> + abstract public function getModuleId();
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetTokenDecoder.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetTokenDecoder.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> GadgetTokenDecoder.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,34 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE
>>>>>>>> file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> + * under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Handles verification of gadget security tokens.
>>>>>>>> + */
>>>>>>>> +abstract class GadgetTokenDecoder {
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Decrypts and verifies a gadget security token to return a
>>>>>>>> gadget token.
>>>>>>>> + *
>>>>>>>> + * @param tokenString String representation of the token
>>>>>>>> to be
>>>>>>>> created.
>>>>>>>> + * @return The token representation of the input data.
>>>>>>>> + * @throws GadgetException If tokenString is not a valid
>>>>>>>> token
>>>>>>>> + */
>>>>>>>> + abstract public function createToken($tokenString);
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed
>>>>>>>> May
>>>>>>>> 21 09:58:52 2008
>>>>>>>> @@ -24,7 +24,7 @@
>>>>>>>> private $content;
>>>>>>>> private $featureName; // used to track what feature this
>>>>>>>> belongs to
>>>>>>>> private $loaded = false;
>>>>>>>> -
>>>>>>>> +
>>>>>>>> public function __construct($type, $content, $featureName = '')
>>>>>>>> {
>>>>>>>> $this->featureName = $featureName;
>>>>>>>> @@ -39,11 +39,11 @@
>>>>>>>>
>>>>>>>> public function getContent()
>>>>>>>> {
>>>>>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>>>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>>>>>> if (Config::get('compress_javascript')) {
>>>>>>>> $dataCache = Config::get('data_cache');
>>>>>>>> $dataCache = new $dataCache();
>>>>>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>>>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>>>>>> $content = JsMin::minify(JsLibrary::loadData($this->content,
>>>>>>>> $this-
>>>>>>>>> type));
>>>>>>>> $dataCache->set(md5($this->content), $content);
>>>>>>>> $this->content = $content;
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -1,10 +1,6 @@
>>>>>>>> <?php
>>>>>>>>
>>>>>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>>>>>> - private $locale = null;
>>>>>>>> - private $view = null;
>>>>>>>> - private $url = null;
>>>>>>>> - private $container = null;
>>>>>>>>
>>>>>>>> public function __construct($jsonContext, $url)
>>>>>>>> {
>>>>>>>> @@ -15,23 +11,8 @@
>>>>>>>> $this->container = $jsonContext->container;
>>>>>>>> }
>>>>>>>>
>>>>>>>> - public function getUrl()
>>>>>>>> - {
>>>>>>>> - return $this->url;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> public function getView()
>>>>>>>> {
>>>>>>>> return $this->view;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> - public function getLocale()
>>>>>>>> - {
>>>>>>>> - return $this->locale;
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> - public function getContainer()
>>>>>>>> - {
>>>>>>>> - return $this->container;
>>>>>>>> - }
>>>>>>>> }
>>>>>>>> \ No newline at end of file
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyGadgetContext.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyGadgetContext.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyGadgetContext.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,10 @@
>>>>>>>> +<?php
>>>>>>>> +
>>>>>>>> +class ProxyGadgetContext extends GadgetContext {
>>>>>>>> +
>>>>>>>> + public function __construct($url)
>>>>>>>> + {
>>>>>>>> + parent::__construct('GADGET');
>>>>>>>> + $this->url = $url;
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>>> ProxyHandler.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>>> Wed
>>>>>>>> May 21 09:58:52 2008
>>>>>>>> @@ -29,11 +29,15 @@
>>>>>>>> *
>>>>>>>> */
>>>>>>>> class ProxyHandler {
>>>>>>>> - private $context;
>>>>>>>> + private $context;
>>>>>>>> + private $signingFetcher;
>>>>>>>> + private $oauthFetcher;
>>>>>>>>
>>>>>>>> - public function __construct($context)
>>>>>>>> + public function __construct($context, $signingFetcher = null,
>>>>>>>> $oauthFetcher = null)
>>>>>>>> {
>>>>>>>> - $this->context = $context;
>>>>>>>> + $this->context = $context;
>>>>>>>> + $this->signingFetcher = $signingFetcher;
>>>>>>>> + $this->oauthFetcher = $oauthFetcher;
>>>>>>>> }
>>>>>>>>
>>>>>>>> /**
>>>>>>>> @@ -51,11 +55,21 @@
>>>>>>>> $token = '';
>>>>>>>> // no token given, safe to ignore
>>>>>>>> }
>>>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>>>> + $url = $this->validateUrl($url);
>>>>>>>> // Fetch the content and convert it into JSON.
>>>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>>>>>> + if (!isset($result)) {
>>>>>>>> + //OAuthFetcher only
>>>>>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>>>>>> + $json = array($url => $metadata);
>>>>>>>> + $json = json_encode($json);
>>>>>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>>>>>> + $this->setCachingHeaders();
>>>>>>>> + header("Content-Type: application/json; charset=utf-8",
>>>>>>>> true);
>>>>>>>> + echo $output;
>>>>>>>> + die();
>>>>>>>> + }
>>>>>>>> $status = (int)$result->getHttpCode();
>>>>>>>> //header("HTTP/1.1 $status", true);
>>>>>>>> if ($status == 200) {
>>>>>>>> @@ -174,10 +188,9 @@
>>>>>>>> $token = '';
>>>>>>>> // no token given, safe to ignore
>>>>>>>> }
>>>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>>>> + $url = $this->validateUrl($url);
>>>>>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>>>> + $result = $this->fetchContent($url, $method);
>>>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>>> $status = (int)$result->getHttpCode();
>>>>>>>> if ($status == 200) {
>>>>>>>> @@ -208,11 +221,11 @@
>>>>>>>> /**
>>>>>>>> * Both fetch and fetchJson call this function to retrieve the
>>>>>>>> actual content
>>>>>>>> *
>>>>>>>> - * @param string $signedUrl the signed url to fetch
>>>>>>>> + * @param string $url the url to fetch
>>>>>>>> * @param string $method either get or post
>>>>>>>> * @return the filled in request (RemoteContentRequest)
>>>>>>>> */
>>>>>>>> - private function fetchContent($signedUrl, $method)
>>>>>>>> + private function fetchContent($url, $method)
>>>>>>>> {
>>>>>>>> //TODO get actual character encoding from the request
>>>>>>>>
>>>>>>>> @@ -250,14 +263,41 @@
>>>>>>>> }
>>>>>>>> // even if postData is an empty string, it will still post
>>>>>>>> (since
>>>>>>>> RemoteContentRquest checks if its false)
>>>>>>>> // so the request to POST is still honored
>>>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>>>>>> $postData);
>>>>>>>> + $request = new RemoteContentRequest($url, $headers,
>>>>>>>> $postData);
>>>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>>>> $context);
>>>>>>>> } else {
>>>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>>>>>> + $request = new RemoteContentRequest($url, $headers);
>>>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>>>> $context);
>>>>>>>> }
>>>>>>>> return $request;
>>>>>>>> }
>>>>>>>> +
>>>>>>>> + private function fetchContentDivert($url, $method, $signer)
>>>>>>>> + {
>>>>>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>>>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>>>>>> + $token = $this->extractAndValidateToken($signer);
>>>>>>>> + switch (strtoupper($authz)) {
>>>>>>>> + case 'SIGNED':
>>>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>>>> + return $fetcher->fetch($url, $method);
>>>>>>>> + case 'AUTHENTICATED':
>>>>>>>> + $params = new OAuthRequestParams();
>>>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>>>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>>>>>> + $request = new RemoteContentRequest($url);
>>>>>>>> + $request->createRemoteContentRequestWithUri($url);
>>>>>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>>>>>> + case 'NONE':
>>>>>>>> + default:
>>>>>>>> + return $this->fetchContent($url, $method);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setContentFetcher($contentFetcherFactory)
>>>>>>>> + {
>>>>>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>>>>>> + }
>>>>>>>>
>>>>>>>> /**
>>>>>>>> * Sets the caching headers (overwriting anything the remote
>>>>>>>> host
>>>>>>>> set) to force
>>>>>>>> @@ -282,6 +322,7 @@
>>>>>>>> private function validateUrl($url)
>>>>>>>> {
>>>>>>>> //TODO should really make a PHP version of the URI class and
>>>>>>>> validate in all the locations the java version does
>>>>>>>> + // why not use Zend::Uri:
>>>>>>>> return $url;
>>>>>>>> }
>>>>>>>>
>>>>>>>> @@ -293,40 +334,17 @@
>>>>>>>> * @return string the token to use in the signed url
>>>>>>>> */
>>>>>>>> private function extractAndValidateToken($signer)
>>>>>>>> - {
>>>>>>>> - if ($signer == null) {
>>>>>>>> - return null;
>>>>>>>> - }
>>>>>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>>>>>> - if ($token) {
>>>>>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>>>> - }
>>>>>>>> + {
>>>>>>>> + if ($signer == null) {
>>>>>>>> + return null;
>>>>>>>> + }
>>>>>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>>>>>> + if (!isset($token) || $token == '') {
>>>>>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>>>> + }
>>>>>>>> return $signer->createToken($token);
>>>>>>>> }
>>>>>>>> -
>>>>>>>> - /**
>>>>>>>> - * Signs a url with the SecurityToken
>>>>>>>> - *
>>>>>>>> - * @param string $originalUrl
>>>>>>>> - * @param SecurityToken $token
>>>>>>>> - * @return unknown
>>>>>>>> - */
>>>>>>>> - private function signUrl($originalUrl, $token)
>>>>>>>> - {
>>>>>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>>>>>> - if (! $authz) {
>>>>>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>>>>>> - }
>>>>>>>> - if ($token == null || $authz != 'signed') {
>>>>>>>> - return $originalUrl;
>>>>>>>> - }
>>>>>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>>>> false;
>>>>>>>> - if ($method) {
>>>>>>>> - $method = isset($_POST['httpMethod']) ?
>>>>>>>> $_POST['httpMethod'] :
>>>>>>>> 'GET';
>>>>>>>> - }
>>>>>>>> - return $token->signUrl($originalUrl, $method);
>>>>>>>> - }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> private function request_headers()
>>>>>>>> {
>>>>>>>> // Try to use apache's request headers if available
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> CertServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> CertServlet.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> CertServlet.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,42 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> under
>>>>>>>> the License.
>>>>>>>> + *
>>>>>>>> + */
>>>>>>>> +require 'src/common/HttpServlet.php';
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * This class serves the public certificate, quick and dirty
>>>>>>>> hack
>>>>>>>> to make the certificate publicly accessible
>>>>>>>> + * this combined with the hard coded location in
>>>>>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>>>>>> + * for the oauth pub key location makes a working whole
>>>>>>>> + */
>>>>>>>> +class CertServlet extends HttpServlet {
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Handles the get file request, only called on url = /
>>>>>>>> public.crt
>>>>>>>> + * so this function has no logic other then to output the cert
>>>>>>>> + */
>>>>>>>> + public function doGet()
>>>>>>>> + {
>>>>>>>> + $file = Config::get('public_key_file');
>>>>>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>>>>>> + throw new Exception("Invalid public key location ($file),
>>>>>>>> check
>>>>>>>> config and file permissions");
>>>>>>>> + }
>>>>>>>> + $this->setLastModified(filemtime($file));
>>>>>>>> + readfile($file);
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> FilesServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> FilesServlet.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> FilesServlet.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -25,7 +25,7 @@
>>>>>>>> * the php version too
>>>>>>>> */
>>>>>>>> class FilesServlet extends HttpServlet {
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Handles the get file request, if the file exists and is in
>>>>>>>> the
>>>>>>>> correct
>>>>>>>> * location it's echo'd to the browser (with a basic content
>>>>>>>> type
>>>>>>>> guessing
>>>>>>>> @@ -46,14 +46,14 @@
>>>>>>>> die();
>>>>>>>> }
>>>>>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>>>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>>>>>> is_file($file)) {
>>>>>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>>>>>> is_file($file)) {
>>>>>>>> header("HTTP/1.0 404 Not Found", true);
>>>>>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>>>>>> die();
>>>>>>>> }
>>>>>>>> $dot = strrpos($file, '.');
>>>>>>>> if ($dot) {
>>>>>>>> - $ext = strtolower(substr($file, $dot+1));
>>>>>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>>>>>> if ($ext == 'html' || $ext == 'htm') {
>>>>>>>> $this->setContentType('text/html');
>>>>>>>> } elseif ($ext == 'js') {
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -52,7 +52,7 @@
>>>>>>>> */
>>>>>>>> class GadgetRenderingServlet extends HttpServlet {
>>>>>>>> private $context;
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Creates the gadget using the GadgetServer class and calls
>>>>>>>> outputGadget
>>>>>>>> *
>>>>>>>> @@ -71,11 +71,11 @@
>>>>>>>> $gadgetServer = new GadgetServer();
>>>>>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>>>>>> $this->outputGadget($gadget, $this->context);
>>>>>>>> - } catch ( Exception $e ) {
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> $this->outputError($e);
>>>>>>>> }
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * If an error occured (Exception) this function echo's the
>>>>>>>> Exception's message
>>>>>>>> * and if the config['debug'] is true, shows the debug backtrace
>>>>>>>> in
>>>>>>>> a div
>>>>>>>> @@ -95,7 +95,7 @@
>>>>>>>> }
>>>>>>>> echo "</body></html>";
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Takes the gadget to output, and depending on its content type
>>>>>>>> calls either outputHtml-
>>>>>>>> * or outputUrlGadget
>>>>>>>> @@ -107,15 +107,15 @@
>>>>>>>> {
>>>>>>>> $view = HttpUtil::getView($gadget, $context);
>>>>>>>> switch ($view->getType()) {
>>>>>>>> - case 'HTML' :
>>>>>>>> + case 'HTML':
>>>>>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>>>>>> break;
>>>>>>>> - case 'URL' :
>>>>>>>> + case 'URL':
>>>>>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>>>>>> break;
>>>>>>>> }
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Outputs a html content type gadget.
>>>>>>>> * It creates a html page, with the javascripts from the
>>>>>>>> features
>>>>>>>> inline into the page, plus
>>>>>>>> @@ -144,16 +144,13 @@
>>>>>>>> }
>>>>>>>> // Was a privacy policy header configured? if so set it
>>>>>>>> if (Config::get('P3P') != '') {
>>>>>>>> - header("P3P: ".Config::get('P3P'));
>>>>>>>> + header("P3P: " . Config::get('P3P'));
>>>>>>>> }
>>>>>>>> - if (!$view->getQuirks()) {
>>>>>>>> + if (! $view->getQuirks()) {
>>>>>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>>>>>> \">\n";
>>>>>>>> }
>>>>>>>> - echo "<html>\n<head>".
>>>>>>>> - "<style type=\"text/css
>>>>>>>> \">".Config::get('gadget_css')."</
>>>>>>>> style>".
>>>>>>>> - "</head><body>".
>>>>>>>> - "<script><!--\n";
>>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>>>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>>>>>> "<script><!--\n";
>>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>>> $type = $library->getType();
>>>>>>>> if ($type == 'URL') {
>>>>>>>> // TODO: This case needs to be handled more gracefully by the
>>>>>>>> js
>>>>>>>> @@ -173,15 +170,12 @@
>>>>>>>> // Forced libs first.
>>>>>>>> if (! empty($forcedLibs)) {
>>>>>>>> $libs = explode(':', $forcedLibs);
>>>>>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').
>>>>>>>> $this-
>>>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>>>>>> $this-
>>>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>>>> }
>>>>>>>> if (strlen($externJs) > 0) {
>>>>>>>> echo $externJs;
>>>>>>>> }
>>>>>>>> - echo "<script><!--\n".
>>>>>>>> - $this->appendJsConfig($context, $gadget).
>>>>>>>> - $this->appendMessages($gadget).
>>>>>>>> - "-->\n</script>\n";
>>>>>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>>>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>>>>>
>>>>>>>> $gadgetExceptions = array();
>>>>>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>>>>>> getContent());
>>>>>>>> @@ -192,11 +186,9 @@
>>>>>>>> if (count($gadgetExceptions)) {
>>>>>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>>>>>> }
>>>>>>>> - echo $content . "\n".
>>>>>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>>>>>> - "</body>\n</html>";
>>>>>>>> + echo $content . "\n" .
>>>>>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</
>>>>>>>> body>
>>>>>>>> \n</html>";
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Output's a URL content type gadget, it adds
>>>>>>>> libs=<list:of:js:libraries>.js and user preferences
>>>>>>>> * to the href url, and redirects the browser to it
>>>>>>>> @@ -215,7 +207,7 @@
>>>>>>>> $forcedLibs = Config::get('focedJsLibs');
>>>>>>>> if ($forcedLibs == null) {
>>>>>>>> $reqs = $gadget->getRequires();
>>>>>>>> - foreach ( $reqs as $key => $val ) {
>>>>>>>> + foreach ($reqs as $key => $val) {
>>>>>>>> $libs[] = $key;
>>>>>>>> }
>>>>>>>> } else {
>>>>>>>> @@ -231,7 +223,7 @@
>>>>>>>> header('Location: ' . $redirURI);
>>>>>>>> die();
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Returns the requested libs (from getjsUrl) with the
>>>>>>>> libs_param_name prepended
>>>>>>>> * ie: in libs=core:caja:etc.js format
>>>>>>>> @@ -248,7 +240,7 @@
>>>>>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>>>>>> return $ret;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * Returns the user preferences in &up_<name>=<val> format
>>>>>>>> *
>>>>>>>> @@ -259,7 +251,7 @@
>>>>>>>> private function getPrefsQueryString($prefVals)
>>>>>>>> {
>>>>>>>> $ret = '';
>>>>>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>>>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>>>>>> $ret .= '&';
>>>>>>>> $ret .= Config::get('userpref_param_prefix');
>>>>>>>> $ret .= urlencode($key);
>>>>>>>> @@ -268,10 +260,10 @@
>>>>>>>> }
>>>>>>>> return $ret;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> /**
>>>>>>>> * generates the library string (core:caja:etc.js) including a
>>>>>>>> checksum of all the
>>>>>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>>>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>>>>>> *
>>>>>>>> * @param string $libs
>>>>>>>> * @param Gadget $gadget
>>>>>>>> @@ -284,7 +276,7 @@
>>>>>>>> $buf = 'core';
>>>>>>>> } else {
>>>>>>>> $firstDone = false;
>>>>>>>> - foreach ( $libs as $lib ) {
>>>>>>>> + foreach ($libs as $lib) {
>>>>>>>> if ($firstDone) {
>>>>>>>> $buf .= ':';
>>>>>>>> } else {
>>>>>>>> @@ -296,7 +288,7 @@
>>>>>>>> // Build a version string from the sha1() checksum of all
>>>>>>>> included
>>>>>>>> javascript
>>>>>>>> // to ensure the client always has the right version
>>>>>>>> $inlineJs = '';
>>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>>> $type = $library->getType();
>>>>>>>> if ($type != 'URL') {
>>>>>>>> $inlineJs .= $library->getContent() . "\n";
>>>>>>>> @@ -305,14 +297,14 @@
>>>>>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>>>>>> return $buf;
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> private function appendJsConfig($context, $gadget)
>>>>>>>> {
>>>>>>>> $container = $context->getContainer();
>>>>>>>> $containerConfig = $context->getContainerConfig();
>>>>>>>> $gadgetConfig = array();
>>>>>>>> $featureConfig = $containerConfig->getConfig($container,
>>>>>>>> 'gadgets.features');
>>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>>> $feature = $library->getFeatureName();
>>>>>>>> if (! isset($gadgetConfig[$feature]) && !
>>>>>>>> empty($featureConfig[$feature])) {
>>>>>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>>>>>> @@ -320,7 +312,7 @@
>>>>>>>> }
>>>>>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) .
>>>>>>>> ");
>>>>>>>> \n";
>>>>>>>> }
>>>>>>>> -
>>>>>>>> +
>>>>>>>> private function appendMessages($gadget)
>>>>>>>> {
>>>>>>>> $msgs = '';
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> JsServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>>> Wed
>>>>>>>> May 21 09:58:52 2008
>>>>>>>> @@ -30,7 +30,7 @@
>>>>>>>> * to retrieve our features javascript code
>>>>>>>> */
>>>>>>>> class JsServlet extends HttpServlet {
>>>>>>>> -
>>>>>>>> +
>>>>>>>> public function doGet()
>>>>>>>> {
>>>>>>>> $this->noHeaders = true;
>>>>>>>>
>>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> ProxyServlet.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> ProxyServlet.php
>>>>>>>> (original)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> ProxyServlet.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -26,6 +26,8 @@
>>>>>>>> require 'src/common/RemoteContent.php';
>>>>>>>> require 'src/common/Cache.php';
>>>>>>>> require 'src/common/RemoteContentFetcher.php';
>>>>>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>>>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>>>>>
>>>>>>>> class ProxyServlet extends HttpServlet {
>>>>>>>>
>>>>>>>> @@ -39,6 +41,7 @@
>>>>>>>> if (! $url) {
>>>>>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>>>>>> }
>>>>>>>> + $url = urldecode($url);
>>>>>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>>>> false;
>>>>>>>> if (! $method) {
>>>>>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>>>>> 'GET';
>>>>>>>> @@ -49,7 +52,8 @@
>>>>>>>> }
>>>>>>>> $gadgetSigner = Config::get('security_token_signer');
>>>>>>>> $gadgetSigner = new $gadgetSigner();
>>>>>>>> - $proxyHandler = new ProxyHandler($context);
>>>>>>>> + $signingFetcherFactory = new
>>>>>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>>>>>> + $proxyHandler = new ProxyHandler($context,
>>>>>>>> $signingFetcherFactory);
>>>>>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>>>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>>>>>> } else {
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcher.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcher.php
>>>>>>>> (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcher.php
>>>>>>>> Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,216 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed under the Apache License, Version 2.0 (the
>>>>>>>> "License");
>>>>>>>> + * you may not use this file except in compliance with the
>>>>>>>> License.
>>>>>>>> + * You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> software
>>>>>>>> + * distributed under the License is distributed on an "AS IS"
>>>>>>>> BASIS,
>>>>>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
>>>>>>>> express or
>>>>>>>> implied.
>>>>>>>> + * See the License for the specific language governing
>>>>>>>> permissions
>>>>>>>> and
>>>>>>>> + * limitations under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Implements signed fetch based on the OAuth request signing
>>>>>>>> algorithm.
>>>>>>>> + *
>>>>>>>> + * Subclasses can override signMessage to use their own crypto
>>>>>>>> if
>>>>>>>> they don't
>>>>>>>> + * like the oauth.net code for some reason.
>>>>>>>> + *
>>>>>>>> + * Instances of this class are only accessed by a single
>>>>>>>> thread at
>>>>>>>> a time,
>>>>>>>> + * but instances may be created by multiple threads.
>>>>>>>> + */
>>>>>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>>>>>> +
>>>>>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>>>>>> + protected static $OPENSOCIAL_VIEWERID =
>>>>>>>> "opensocial_viewer_id";
>>>>>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>>>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>>>>>> "xoauth_signature_publickey";
>>>>>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>>>>>> +
>>>>>>>> + //protected final TimeSource clock = new TimeSource();
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Authentication token for the user and gadget making the
>>>>>>>> request.
>>>>>>>> + */
>>>>>>>> + protected $authToken;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This
>>>>>>>> can
>>>>>>>> be a
>>>>>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>>>>>> encoded byte
>>>>>>>> + * array for the private key.(No, really, they accept any of
>>>>>>>> them.)
>>>>>>>> + */
>>>>>>>> + protected $privateKeyObject;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * The name of the key, included in the fetch to help with key
>>>>>>>> rotation.
>>>>>>>> + */
>>>>>>>> + protected $keyName;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>>> object.
>>>>>>>> + *
>>>>>>>> + * @param authToken verified gadget security token
>>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>>> + * @param privateKey the key to use for the signing
>>>>>>>> + */
>>>>>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>>>>>> $keyName, $privateKey)
>>>>>>>> + {
>>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>>> $privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>>> object.
>>>>>>>> + *
>>>>>>>> + * @param authToken verified gadget security token
>>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>>> + * @param privateKey base64 encoded private key
>>>>>>>> + */
>>>>>>>> + public static function makeFromB64PrivateKey($next,
>>>>>>>> $authToken,
>>>>>>>> $keyName, $privateKey)
>>>>>>>> + {
>>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>>> $privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>>> object.
>>>>>>>> + *
>>>>>>>> + * @param authToken verified gadget security token
>>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>>> + * @param privateKey DER encoded private key
>>>>>>>> + */
>>>>>>>> + public static function makeFromPrivateKeyBytes($next,
>>>>>>>> $authToken,
>>>>>>>> $keyName, $privateKey)
>>>>>>>> + {
>>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>>> $privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + protected function __construct($next, $authToken, $keyName,
>>>>>>>> $privateKeyObject)
>>>>>>>> + {
>>>>>>>> + parent::setNextFetcher($next);
>>>>>>>> + $this->authToken = $authToken;
>>>>>>>> + $this->keyName = $keyName;
>>>>>>>> + $this->privateKeyObject = $privateKeyObject;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function fetchRequest($request)
>>>>>>>> + {
>>>>>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function fetch($url, $method)
>>>>>>>> + {
>>>>>>>> + $signed = $this->signRequest($url, $method);
>>>>>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function signRequest($url, $method)
>>>>>>>> + {
>>>>>>>> + try {
>>>>>>>> + // Parse the request into parameters for OAuth signing,
>>>>>>>> stripping
>>>>>>>> out
>>>>>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>>>>>> + ///////////////////////////////////////////////
>>>>>>>> + require 'src/common/Zend/Uri.php';
>>>>>>>> + $uri = Zend_Uri::factory($url);
>>>>>>>> + $resource = $uri->getUri();
>>>>>>>> + $queryParams = $this->sanitize($_GET);
>>>>>>>> + $postParams = $this->sanitize($_POST);
>>>>>>>> + $msgParams = array();
>>>>>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>>>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>>>>>> +
>>>>>>>> + // TODO: is this ok?
>>>>>>>> + //$msgParams = array();
>>>>>>>> + $this->addOpenSocialParams($msgParams);
>>>>>>>> + $this->addOAuthParams($msgParams);
>>>>>>>> +
>>>>>>>> + // Build and sign the OAuthMessage; note that the resource
>>>>>>>> here
>>>>>>>> has
>>>>>>>> + // no query string, the parameters are all in msgParams
>>>>>>>> + //$message = new OAuthMessage($method, $resource,
>>>>>>>> $msgParams);
>>>>>>>> +
>>>>>>>> + ////////////////////////////////////////////////
>>>>>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>>>>>> + $consumer-
>>>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>>>>>> $this-
>>>>>>>>> privateKeyObject);
>>>>>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>>>>>> +
>>>>>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer,
>>>>>>>> NULL,
>>>>>>>> $method, $resource, $msgParams);
>>>>>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>>>>>> +
>>>>>>>> + // Rebuild the query string, including all of the
>>>>>>>> parameters we
>>>>>>>> added.
>>>>>>>> + // We have to be careful not to copy POST parameters into the
>>>>>>>> query.
>>>>>>>> + // If post and query parameters share a name, they end up
>>>>>>>> being
>>>>>>>> removed
>>>>>>>> + // from the query.
>>>>>>>> + $forPost = array();
>>>>>>>> + foreach ($postParams as $key => $param) {
>>>>>>>> + $forPost[$key] = $param;
>>>>>>>> + }
>>>>>>>> + $newQuery = array();
>>>>>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>>>>>> + if (! isset($forPost[$key])) {
>>>>>>>> + $newQuery[$key] = $param;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>>>>>> different than
>>>>>>>> + // the normal form encoding scheme, so we have to use the
>>>>>>>> OAuth
>>>>>>>> library
>>>>>>>> + // formEncode method.
>>>>>>>> + $uri->setQuery($newQuery);
>>>>>>>> + return new RemoteContentRequest($uri->getUri());
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> + throw new GadgetException($e);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function addOpenSocialParams(&$msgParams)
>>>>>>>> + {
>>>>>>>> + $owner = $this->authToken->getOwnerId();
>>>>>>>> + if ($owner != null) {
>>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>>>>>> + }
>>>>>>>> + $viewer = $this->authToken->getViewerId();
>>>>>>>> + if ($viewer != null) {
>>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>>>>>> + }
>>>>>>>> + $app = $this->authToken->getAppId();
>>>>>>>> + if ($app != null) {
>>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function addOAuthParams(&$msgParams)
>>>>>>>> + {
>>>>>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>>>>>> + $domain = $this->authToken->getDomain();
>>>>>>>> + if ($domain != null) {
>>>>>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>>>>>> 'partuza.chabotc.com'; //
>>>>>>>> $domain;
>>>>>>>> + }
>>>>>>>> + if ($this->keyName != null) {
>>>>>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this-
>>>>>>>>> keyName;
>>>>>>>> + }
>>>>>>>> + $nonce = OAuthRequest::generate_nonce();
>>>>>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>>>>>> + $timestamp = time();
>>>>>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>>>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::
>>>>>>>> $RSA_SHA1;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Strip out any owner or viewer id passed by the client.
>>>>>>>> + */
>>>>>>>> + private function sanitize($params)
>>>>>>>> + {
>>>>>>>> + $list = array();
>>>>>>>> + foreach ($params as $key => $p) {
>>>>>>>> + if ($this->allowParam($key)) {
>>>>>>>> + $list[$key] = $p;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + return $list;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function allowParam($paramName)
>>>>>>>> + {
>>>>>>>> + $canonParamName = strtolower($paramName);
>>>>>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>>>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>>>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>>>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,86 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE
>>>>>>>> file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> + * under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +/**
>>>>>>>> + * Produces Signing content fetchers for input tokens.
>>>>>>>> + */
>>>>>>>> +class SigningFetcherFactory {
>>>>>>>> + private $keyName;
>>>>>>>> + private $privateKey;
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * Produces a signing fetcher that will sign requests and
>>>>>>>> delegate
>>>>>>>> actual
>>>>>>>> + * network retrieval to the {@code networkFetcher}
>>>>>>>> + *
>>>>>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>>>>>> work.
>>>>>>>> + * @param token The gadget token used for extracting signing
>>>>>>>> parameters.
>>>>>>>> + * @return The signing fetcher.
>>>>>>>> + * @throws GadgetException
>>>>>>>> + */
>>>>>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>>>>>> + {
>>>>>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>>>>>> $token, $this->keyName, $this->privateKey);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + /**
>>>>>>>> + * @param keyFile The file containing your private key for
>>>>>>>> signing
>>>>>>>> requests.
>>>>>>>> + */
>>>>>>>> + public function __construct($keyFile = null)
>>>>>>>> + {
>>>>>>>> + $this->keyName = 'http://'.
>>>>>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>>>>>> + if (! empty($keyFile)) {
>>>>>>>> + $privateKey = null;
>>>>>>>> + try {
>>>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>>>> convert it
>>>>>>>> + $cache = Config::get('data_cache');
>>>>>>>> + $cache = new $cache();
>>>>>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" .
>>>>>>>> $this-
>>>>>>>>> keyName)) !== false) {
>>>>>>>> + $rsa_private_key = $cachedKey;
>>>>>>>> + } else {
>>>>>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>>>>>> + throw new Exception("Could not read keyfile ($keyFile), check
>>>>>>>> the
>>>>>>>> file name and permission");
>>>>>>>> + }
>>>>>>>> + // TODO: sending NULL as a second param to
>>>>>>>> openssl_pkey_get_private works?
>>>>>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>>>>>> (Config::get('private_key_phrase')) : null;
>>>>>>>> + if (($privateKey =
>>>>>>>> @openssl_pkey_get_private($rsa_private_key,
>>>>>>>> $phrase)) == false) {
>>>>>>>> + //TODO: double check if can input keyfile -inform PEM
>>>>>>>> + if (! $in = @tempnam(sys_get_temp_dir(),
>>>>>>>> "RSA_PRIVATE_KEY_")) {
>>>>>>>> + throw new Exception("Could not create temporary file");
>>>>>>>> + }
>>>>>>>> + if (! @file_put_contents($in,
>>>>>>>> base64_decode($rsa_private_key))) {
>>>>>>>> + throw new Exception("Could not write to temporary file");
>>>>>>>> + }
>>>>>>>> + if (! $out = @tempnam(sys_get_temp_dir(),
>>>>>>>> "RSA_PRIVATE_KEY_")) {
>>>>>>>> + throw new Exception("Could not create temporary file");
>>>>>>>> + }
>>>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>>>> " -
>>>>>>>> nocrypt -in " . $in);
>>>>>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>>>>>> + throw new Exception("Could not read temporary file");
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>>>>>> $rsa_private_key);
>>>>>>>> + }
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> + throw new Exception("Error loading private key: " . $e);
>>>>>>>> + }
>>>>>>>> + $this->privateKey = $rsa_private_key;
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,112 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE
>>>>>>>> file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> + * under the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +class BasicGadgetOAuthTokenStore extends
>>>>>>>> GadgetOAuthTokenStore {
>>>>>>>> +
>>>>>>>> + /** default location for consumer keys and secrets */
>>>>>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>>>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>>>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>>>>>> + private $KEY_TYPE_KEY = "key_type";
>>>>>>>> +
>>>>>>>> + public function __construct($store)
>>>>>>>> + {
>>>>>>>> + parent::__construct($store);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function initFromConfigFile($fetcher)
>>>>>>>> + {
>>>>>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>>>>>> + // This actually involves fetching gadget specs
>>>>>>>> + try {
>>>>>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>>>>>> +
>>>>>>>> + // remove all comments because this confuses the json parser
>>>>>>>> + // note: the json parser also crashes on trailing ,'s in
>>>>>>>> records
>>>>>>>> so please don't use them
>>>>>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>>>>>> $oauthConfigStr);
>>>>>>>> + $oauthConfig = json_decode($contents, true);
>>>>>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>>>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>>>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>>>>>> + }
>>>>>>>> + } catch (Exception $e) {
>>>>>>>> + throw new GadgetException($e);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>>>>>> + {
>>>>>>>> + $cache = Config::get('data_cache');
>>>>>>>> + $cache = new $cache();
>>>>>>>> +
>>>>>>>> + // determine which requests we can load from cache, and which
>>>>>>>> we
>>>>>>>> have to actually fetch
>>>>>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !==
>>>>>>>> false) {
>>>>>>>> + $gadget = $cachedRequest;
>>>>>>>> + } else {
>>>>>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>>>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>>>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>>>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>>>>>> + $spec = new GadgetSpecParser();
>>>>>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>>>>>> $context);
>>>>>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>>>>>> + }
>>>>>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>>>>>> + {
>>>>>>>> + foreach ($oauthConfig as $key => $value) {
>>>>>>>> + $serviceName = $key;
>>>>>>>> + $consumerInfo = $value;
>>>>>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>>>>>> $consumerInfo);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>>>>>> $consumerInfo)
>>>>>>>> + {
>>>>>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>>>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>>>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>>>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>>>>>> +
>>>>>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>>>>>> + $keyType = 'RSA_PRIVATE';
>>>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>>>> convert it
>>>>>>>> + $cache = Config::get('data_cache');
>>>>>>>> + $cache = new $cache();
>>>>>>>> +
>>>>>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>>>>>> $serviceName))) !== false) {
>>>>>>>> + $consumerSecret = $cachedRequest;
>>>>>>>> + } else {
>>>>>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>>>>>> CONSUMER_SECRET_KEY]));
>>>>>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>>>> " -
>>>>>>>> nocrypt -in " . $in);
>>>>>>>> + $consumerSecret = file_get_contents($out);
>>>>>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $kas = new ConsumerKeyAndSecret($consumerKey,
>>>>>>>> $consumerSecret,
>>>>>>>> $keyType);
>>>>>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
>>>>>>>> $kas);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> +}
>>>>>>>>
>>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php
>>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> =
>>>>>>>> ===============================================================
>>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php (added)
>>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>>>>>> @@ -0,0 +1,149 @@
>>>>>>>> +<?php
>>>>>>>> +/*
>>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>>> + * distributed with this work for additional information
>>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>>> + *
>>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>>> + *
>>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>>> + * software distributed under the License is distributed on an
>>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>>> + * specific language governing permissions and limitations
>>>>>>>> under
>>>>>>>> the License.
>>>>>>>> + */
>>>>>>>> +
>>>>>>>> +class OAuthNoDataException extends Exception {}
>>>>>>>> +
>>>>>>>> +class BasicOAuthStore implements OAuthStore {
>>>>>>>> +
>>>>>>>> + private $providers = array();
>>>>>>>> + private $tokens = array();
>>>>>>>> +
>>>>>>>> + private $defaultConsumerKey;
>>>>>>>> + private $defaultConsumerSecret;
>>>>>>>> +
>>>>>>>> + public function __construct($consumerKey = null,
>>>>>>>> $privateKey =
>>>>>>>> null)
>>>>>>>> + {
>>>>>>>> + $this->defaultConsumerKey = $consumerKey;
>>>>>>>> + $this->defaultConsumerSecret = $privateKey;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>>>>>> + {
>>>>>>>> + $this->providers = $providers;
>>>>>>>> + $this->tokens = $tokens;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>>>>>> + {
>>>>>>>> + $provKey = new ProviderKey();
>>>>>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>>>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>>>>>> + //AccesorInfo
>>>>>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>>>>>> + //TokenInfo
>>>>>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>>>>>> + if ($accessToken != null) {
>>>>>>>> + // maybe convert into methods
>>>>>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>>>>>> getAccessToken();
>>>>>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>>>>>> getTokenSecret();
>>>>>>>> + }
>>>>>>>> + return $result;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>>>>>> $providerKey)
>>>>>>>> + {
>>>>>>>> + //ProviderInfo
>>>>>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>>>>>> +
>>>>>>>> + if ($provInfo == null) {
>>>>>>>> + throw new OAuthNoDataException("provider info was null in
>>>>>>>> oauth
>>>>>>>> store");
>>>>>>>> + }
>>>>>>>> + //AccesorInfo
>>>>>>>> + $result = new AccesorInfo();
>>>>>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>>>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>>>>>> +
>>>>>>>> + //ConsumerKeyAndSecret
>>>>>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>>>>>> +
>>>>>>>> + if ($consumerKeyAndSecret == null) {
>>>>>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>>>>>> defaultConsumerSecret == null) {
>>>>>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null
>>>>>>>> in
>>>>>>>> oauth store");
>>>>>>>> + } else {
>>>>>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>>>>>> defaultConsumerKey, $this->defaultConsumerSecret,
>>>>>>>>> OAuthStoreVars::
>>>>>>>> $KeyType['RSA_PRIVATE']);
>>>>>>>> + }
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + //OAuthServiceProvider
>>>>>>>> + $oauthProvider = $provInfo->getProvider();
>>>>>>>> +
>>>>>>>> + if (! isset($oauthProvider)) {
>>>>>>>> + throw new OAuthNoDataException("OAuthService provider was
>>>>>>>> null in
>>>>>>>> oauth store");
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + // Accesing the class
>>>>>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>>>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>>>>>> +
>>>>>>>> + //OAuthConsumer
>>>>>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>>>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>>>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>>>>>> $oauthProvider);
>>>>>>>> +
>>>>>>>> + if ($usePublicKeyCrypto) {
>>>>>>>> + $consumer-
>>>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>>>> $SignatureType['RSA_SHA1']);
>>>>>>>> + } else {
>>>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>>>> $SignatureType['HMAC_SHA1']);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>>>>>> + return $result;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>>>>>> + {
>>>>>>>> + $provInfo = $this->providers->get($providerKey);
>>>>>>>> +
>>>>>>>> + if ($provInfo == null) {
>>>>>>>> + throw new OAuthNoDataException("provider info was null in
>>>>>>>> oauth
>>>>>>>> store");
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + return $provInfo;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>>>>>> $keyAndSecret)
>>>>>>>> + {
>>>>>>>> + //ProviderInfo
>>>>>>>> + $value = $this->getProviderInfo($providerKey);
>>>>>>>> + if ($value == null) {
>>>>>>>> + throw new OAuthNoDataException("could not find provider data
>>>>>>>> for
>>>>>>>> token");
>>>>>>>> + }
>>>>>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>>>>>> $providerInfo)
>>>>>>>> + {
>>>>>>>> + $this->providers[md5(serialize($providerKey))] =
>>>>>>>> $providerInfo;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>>>>>> + {
>>>>>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function getProviderInfo($providerKey)
>>>>>>>> + {
>>>>>>>> + $key = md5(serialize($providerKey));
>>>>>>>> + return isset($this->providers[$key]) ? $this-
>>>>>>>> >providers[$key] :
>>>>>>>> null;
>>>>>>>> + }
>>>>>>>> +
>>>>>>>> + private function getTokenInfo($tokenKey)
>>>>>>>> + {
>>>>>>>> + $key = md5(serialize($tokenKey));
>>>>>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] :
>>>>>>>> null;
>>>>>>>> + }
>>>>>>>> +}
>>>>>>>> \ No newline at end of file
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> This message has been scanned for viruses and
>>>>>>>> dangerous content by MailScanner, and is
>>>>>>>> believed to be clean.
>>>>>>> --
>>>>>>> This message has been scanned for viruses and
>>>>>>> dangerous content by MailScanner, and is
>>>>>>> believed to be clean.
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> This message has been scanned for viruses and
>>>>>> dangerous content by MailScanner, and is
>>>>>> believed to be clean.
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>>>
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by "Lini H - Clarion, India" <li...@clariontechnologies.co.in>.
chris,
You can check at http://125.18.107.185/mhr/trunk/php/gadgets/files/container/sample1.html. Also the server at http://125.18.107.185/mhr/trunk/php/gadgets/ifr?url=http://www.google.com/ig/modules/horoscope.xml
The same is working with previous one at http://125.18.107.185/mhr/shindig-5-9/php/gadgets/files/container/sample1.html
Regards
Lini Haridas
Software Engineer
lini.haridas@clariontechnologies.co.in
Clarion Technologies
SEI CMMI Level 3 Company
4th Floor, Great Eastern Plaza,
Airport Road,
Pune- 411 006,
Maharashtra, India.
Phone: +91 20 66020289
Mobile: +91 9823435917
www.clariontechnologies.co.in
----- Original Message -----
From: "Chris Chabot" <ch...@xs4all.nl>
To: <sh...@incubator.apache.org>
Sent: Thursday, May 22, 2008 2:18 PM
Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>I cant really think of a meaningful answer on this unless you give me
> some more info..
>
> Did it use to work?
> Did you clean your cache? (rm -rf /tmp/shindig)
>
> What gadgets?
> Not all gadgets 'just work' (specifically ones that required the
> gadget writers to enable your domain, or require your keys), oauth/
> signed request based gadgets requires you to generate keys.. and some
> gadgets have platform specific stuff in them (hi5/myspace/orkut/etc)
> or hard coded values that only work on a specific platform ....
> So 'gadgets' is giving me no info what so ever which of these things
> could be happening, or if it's really a problem in shindig :)
>
> 'Giving errors' it would help a LOT if you could tell me what exact
> error your receiving, then i could try to make an educated guess
> towards what might be causing this
>
> Since i can't look on your monitor from here, you will have to feed me
> a bit more info please :)
>
> -- Chris
>
> On May 22, 2008, at 10:41 AM, Lini H - Clarion, India wrote:
>
>> Chris,
>>
>> I only mean that the new shindig downloaded is not rendering the
>> gadgets and is giving errors (after making the config/htaccess
>> changes). The server is giving gadget errors also the sample html
>> files.
>>
>> Regards
>> Lini Haridas
>> Software Engineer
>>
>> lini.haridas@clariontechnologies.co.in
>> Clarion Technologies
>> SEI CMMI Level 3 Company
>>
>> 4th Floor, Great Eastern Plaza,
>> Airport Road,
>> Pune- 411 006,
>> Maharashtra, India.
>> Phone: +91 20 66020289
>> Mobile: +91 9823435917
>> www.clariontechnologies.co.in
>> ----- Original Message -----
>> From: "Chris Chabot" <ch...@xs4all.nl>
>> To: <sh...@incubator.apache.org>
>> Sent: Thursday, May 22, 2008 2:05 PM
>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>
>>
>>> Could you by any chance be more specific?
>>>
>>> Things like:
>>> Where are you trying this
>>> what are you trying (what gadget/feature/etc)
>>> what is the result (error messages or anything?)
>>>
>>> Would help a lot ! :)
>>>
>>> I have a couple of gadgets (horoscope, set title test module,
>>> opensocial 0.7 tests, social hello world) on my profile on
>>> partuza.chabotc.com and their working fine for me..
>>>
>>> -- Chris
>>>
>>> On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
>>>
>>>> Hi chris,
>>>>
>>>> Sorry, but its still not working..
>>>>
>>>> Regards
>>>> Lini Haridas
>>>> Software Engineer
>>>>
>>>> lini.haridas@clariontechnologies.co.in
>>>> Clarion Technologies
>>>> SEI CMMI Level 3 Company
>>>>
>>>> 4th Floor, Great Eastern Plaza,
>>>> Airport Road,
>>>> Pune- 411 006,
>>>> Maharashtra, India.
>>>> Phone: +91 20 66020289
>>>> Mobile: +91 9823435917
>>>> www.clariontechnologies.co.in
>>>> ----- Original Message -----
>>>> From: "Chris Chabot" <ch...@xs4all.nl>
>>>> To: <sh...@incubator.apache.org>
>>>> Sent: Thursday, May 22, 2008 1:32 PM
>>>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>>>> trunk/
>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>>>
>>>>
>>>>> Should be working again
>>>>>
>>>>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>>>>
>>>>>> Hi Chris,
>>>>>>
>>>>>> The shindig is not working after the new code changes. I also
>>>>>> checked on http://shindig.chabotc.com and none of the samples
>>>>>> neither the gadget is working. Is any work still missing on this?
>>>>>>
>>>>>> Regards
>>>>>>
>>>>>> Lini Haridas
>>>>>> Software Engineer
>>>>>>
>>>>>> lini.haridas@clariontechnologies.co.in
>>>>>> Clarion Technologies
>>>>>> SEI CMMI Level 3 Company
>>>>>>
>>>>>> 4th Floor, Great Eastern Plaza,
>>>>>> Airport Road,
>>>>>> Pune- 411 006,
>>>>>> Maharashtra, India.
>>>>>> Phone: +91 20 66020289
>>>>>> Mobile: +91 9823435917
>>>>>> www.clariontechnologies.co.in
>>>>>>
>>>>>> ----- Original Message -----
>>>>>> From: <ch...@apache.org>
>>>>>> To: <sh...@incubator.apache.org>
>>>>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>>>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>>>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>>>>>> http/
>>>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>>>> http/
>>>>>>
>>>>>>
>>>>>>> Author: chabotc
>>>>>>> Date: Wed May 21 09:58:52 2008
>>>>>>> New Revision: 658758
>>>>>>>
>>>>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>>>>> Log:
>>>>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>>>>> great work on this. This patch implements OAuth and signed
>>>>>>> request
>>>>>>> support
>>>>>>>
>>>>>>> Added:
>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcherFactory.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> GadgetOAuthTokenStore.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> OAuthFetcherFactory.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> OAuthRequestParams.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> OAuthServiceProvider.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>>>>> Modified:
>>>>>>> incubator/shindig/trunk/php/config.php
>>>>>>> incubator/shindig/trunk/php/index.php
>>>>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> GadgetRenderingServlet.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>>>>> BasicBlobCrypter.php
>>>>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>>>>> GadgetDataServlet.php
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/config.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52
>>>>>>> 2008
>>>>>>> @@ -1,4 +1,4 @@
>>>>>>> -<?
>>>>>>> +<?php
>>>>>>> /*
>>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>>> @@ -45,7 +45,7 @@
>>>>>>> // Configurable CSS rules that are injected to the gadget page,
>>>>>>> // be careful when adjusting these not to break most gadget's
>>>>>>> layouts :)
>>>>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>> serif;}
>>>>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>>>>> color:white;}',
>>>>>>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>>> input,
>>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>>> 3px;}',
>>>>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>>> input,
>>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>>> 3px;}',
>>>>>>>
>>>>>>> // The html / javascript samples use a plain text demo token,
>>>>>>> // set this to false on anything resembling a real site
>>>>>>> @@ -96,6 +96,13 @@
>>>>>>> // global cache age policy and location
>>>>>>> 'cache_time' => 24 * 60 * 60,
>>>>>>> 'cache_root' => '/tmp/shindig',
>>>>>>> +
>>>>>>> + // OAuth private key Path
>>>>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>>> private.key',
>>>>>>> + // file path to public RSA cert
>>>>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>>> public.crt',
>>>>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>>>>> + 'private_key_phrase' => 'partuza',
>>>>>>>
>>>>>>> // In some cases we need to know the site root (for features
>>>>>>> forinstance)
>>>>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/index.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52
>>>>>>> 2008
>>>>>>> @@ -1,4 +1,4 @@
>>>>>>> -<?
>>>>>>> +<?php
>>>>>>> /*
>>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>>> @@ -48,7 +48,7 @@
>>>>>>> // To load these, we scan our entire directory structure
>>>>>>> function __autoload($className)
>>>>>>> {
>>>>>>> - $locations = array('src/common', 'src/common/samplecontainer',
>>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>>> samplecontainer');
>>>>>>> + $locations = array('src/common', 'src/common/samplecontainer',
>>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>>> samplecontainer', 'src/gadgets/oauth');
>>>>>>> // Check for the presense of this class in our all our
>>>>>>> directories.
>>>>>>> $fileName = $className.'.php';
>>>>>>> foreach ($locations as $path) {
>>>>>>> @@ -65,7 +65,8 @@
>>>>>>> Config::get('web_prefix') . '/gadgets/proxy' =>
>>>>>>> 'ProxyServlet',
>>>>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>>>>> 'GadgetRenderingServlet',
>>>>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>>>>> 'JsonRpcServlet',
>>>>>>> - Config::get('web_prefix') . '/social/data' =>
>>>>>>> 'GadgetDataServlet'
>>>>>>> + Config::get('web_prefix') . '/social/data' =>
>>>>>>> 'GadgetDataServlet',
>>>>>>> + Config::get('web_prefix') . '/public.crt' =>
>>>>>>> 'CertServlet'
>>>>>>> );
>>>>>>>
>>>>>>> // Try to match the request url to our servlet mapping
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>>>>> 09:58:52 2008
>>>>>>> @@ -1,4 +1,5 @@
>>>>>>> <?php
>>>>>>> +
>>>>>>> /**
>>>>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>>>>> *
>>>>>>> @@ -48,243 +49,248 @@
>>>>>>> class JsMinException extends Exception {}
>>>>>>>
>>>>>>> class JsMin {
>>>>>>> - const ORD_LF = 10;
>>>>>>> - const ORD_SPACE = 32;
>>>>>>> -
>>>>>>> - protected $a = '';
>>>>>>> - protected $b = '';
>>>>>>> - protected $input = '';
>>>>>>> - protected $inputIndex = 0;
>>>>>>> - protected $inputLength = 0;
>>>>>>> - protected $lookAhead = null;
>>>>>>> - protected $output = '';
>>>>>>> -
>>>>>>> - // -- Public Static Methods
>>>>>>> --------------------------------------------------
>>>>>>> -
>>>>>>> - public static function minify($js) {
>>>>>>> - $jsmin = new JsMin($js);
>>>>>>> - return $jsmin->min();
>>>>>>> - }
>>>>>>> -
>>>>>>> - // -- Public Instance Methods
>>>>>>> ------------------------------------------------
>>>>>>> -
>>>>>>> - public function __construct($input) {
>>>>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>>>>> - $this->inputLength = strlen($this->input);
>>>>>>> - }
>>>>>>> -
>>>>>>> - // -- Protected Instance Methods
>>>>>>> ---------------------------------------------
>>>>>>> -
>>>>>>> - protected function action($d) {
>>>>>>> - switch($d) {
>>>>>>> - case 1:
>>>>>>> - $this->output .= $this->a;
>>>>>>> -
>>>>>>> - case 2:
>>>>>>> - $this->a = $this->b;
>>>>>>> -
>>>>>>> - if ($this->a === "'" || $this->a === '"') {
>>>>>>> - for (;;) {
>>>>>>> - $this->output .= $this->a;
>>>>>>> - $this->a = $this->get();
>>>>>>> -
>>>>>>> - if ($this->a === $this->b) {
>>>>>>> - break;
>>>>>>> - }
>>>>>>> -
>>>>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>>>>> - throw new JsMinException('Unterminated string
>>>>>>> literal.');
>>>>>>> - }
>>>>>>> -
>>>>>>> - if ($this->a === '\\') {
>>>>>>> - $this->output .= $this->a;
>>>>>>> - $this->a = $this->get();
>>>>>>> - }
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - case 3:
>>>>>>> - $this->b = $this->next();
>>>>>>> -
>>>>>>> - if ($this->b === '/' && (
>>>>>>> - $this->a === '(' || $this->a === ',' || $this->a ===
>>>>>>> '=' ||
>>>>>>> - $this->a === ':' || $this->a === '[' || $this->a ===
>>>>>>> '!' ||
>>>>>>> - $this->a === '&' || $this->a === '|' || $this->a ===
>>>>>>> '?')) {
>>>>>>> -
>>>>>>> - $this->output .= $this->a . $this->b;
>>>>>>> -
>>>>>>> - for (;;) {
>>>>>>> - $this->a = $this->get();
>>>>>>> -
>>>>>>> - if ($this->a === '/') {
>>>>>>> - break;
>>>>>>> - } elseif ($this->a === '\\') {
>>>>>>> - $this->output .= $this->a;
>>>>>>> - $this->a = $this->get();
>>>>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>>> - throw new JsMinException('Unterminated regular
>>>>>>> expression '.
>>>>>>> - 'literal.');
>>>>>>> - }
>>>>>>> -
>>>>>>> - $this->output .= $this->a;
>>>>>>> - }
>>>>>>> -
>>>>>>> - $this->b = $this->next();
>>>>>>> - }
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - protected function get() {
>>>>>>> - $c = $this->lookAhead;
>>>>>>> - $this->lookAhead = null;
>>>>>>> -
>>>>>>> - if ($c === null) {
>>>>>>> - if ($this->inputIndex < $this->inputLength) {
>>>>>>> - $c = $this->input[$this->inputIndex];
>>>>>>> - $this->inputIndex += 1;
>>>>>>> - } else {
>>>>>>> - $c = null;
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - if ($c === "\r") {
>>>>>>> - return "\n";
>>>>>>> - }
>>>>>>> -
>>>>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>>>>> self::ORD_SPACE) {
>>>>>>> - return $c;
>>>>>>> - }
>>>>>>> -
>>>>>>> - return ' ';
>>>>>>> - }
>>>>>>> -
>>>>>>> - protected function isAlphaNum($c) {
>>>>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>>>>> $/', $c) === 1;
>>>>>>> - }
>>>>>>> -
>>>>>>> - protected function min() {
>>>>>>> - $this->a = "\n";
>>>>>>> - $this->action(3);
>>>>>>> -
>>>>>>> - while ($this->a !== null) {
>>>>>>> - switch ($this->a) {
>>>>>>> - case ' ':
>>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>>> - $this->action(1);
>>>>>>> - } else {
>>>>>>> - $this->action(2);
>>>>>>> - }
>>>>>>> - break;
>>>>>>> -
>>>>>>> - case "\n":
>>>>>>> - switch ($this->b) {
>>>>>>> - case '{':
>>>>>>> - case '[':
>>>>>>> - case '(':
>>>>>>> - case '+':
>>>>>>> - case '-':
>>>>>>> - $this->action(1);
>>>>>>> - break;
>>>>>>> -
>>>>>>> - case ' ':
>>>>>>> - $this->action(3);
>>>>>>> - break;
>>>>>>> -
>>>>>>> - default:
>>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>>> - $this->action(1);
>>>>>>> - }
>>>>>>> - else {
>>>>>>> - $this->action(2);
>>>>>>> - }
>>>>>>> - }
>>>>>>> - break;
>>>>>>> -
>>>>>>> - default:
>>>>>>> - switch ($this->b) {
>>>>>>> - case ' ':
>>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>>> - $this->action(1);
>>>>>>> - break;
>>>>>>> - }
>>>>>>> -
>>>>>>> - $this->action(3);
>>>>>>> - break;
>>>>>>> -
>>>>>>> - case "\n":
>>>>>>> - switch ($this->a) {
>>>>>>> - case '}':
>>>>>>> - case ']':
>>>>>>> - case ')':
>>>>>>> - case '+':
>>>>>>> - case '-':
>>>>>>> - case '"':
>>>>>>> - case "'":
>>>>>>> - $this->action(1);
>>>>>>> - break;
>>>>>>> -
>>>>>>> - default:
>>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>>> - $this->action(1);
>>>>>>> - }
>>>>>>> - else {
>>>>>>> - $this->action(3);
>>>>>>> - }
>>>>>>> - }
>>>>>>> - break;
>>>>>>> -
>>>>>>> - default:
>>>>>>> - $this->action(1);
>>>>>>> - break;
>>>>>>> - }
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - return $this->output;
>>>>>>> - }
>>>>>>> -
>>>>>>> - protected function next() {
>>>>>>> - $c = $this->get();
>>>>>>> -
>>>>>>> - if ($c === '/') {
>>>>>>> - switch($this->peek()) {
>>>>>>> - case '/':
>>>>>>> - for (;;) {
>>>>>>> - $c = $this->get();
>>>>>>> -
>>>>>>> - if (ord($c) <= self::ORD_LF) {
>>>>>>> - return $c;
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - case '*':
>>>>>>> - $this->get();
>>>>>>> -
>>>>>>> - for (;;) {
>>>>>>> - switch($this->get()) {
>>>>>>> - case '*':
>>>>>>> - if ($this->peek() === '/') {
>>>>>>> - $this->get();
>>>>>>> - return ' ';
>>>>>>> - }
>>>>>>> - break;
>>>>>>> -
>>>>>>> - case null:
>>>>>>> - throw new JsMinException('Unterminated
>>>>>>> comment.');
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - default:
>>>>>>> - return $c;
>>>>>>> - }
>>>>>>> - }
>>>>>>> -
>>>>>>> - return $c;
>>>>>>> - }
>>>>>>> -
>>>>>>> - protected function peek() {
>>>>>>> - $this->lookAhead = $this->get();
>>>>>>> - return $this->lookAhead;
>>>>>>> - }
>>>>>>> + const ORD_LF = 10;
>>>>>>> + const ORD_SPACE = 32;
>>>>>>> +
>>>>>>> + protected $a = '';
>>>>>>> + protected $b = '';
>>>>>>> + protected $input = '';
>>>>>>> + protected $inputIndex = 0;
>>>>>>> + protected $inputLength = 0;
>>>>>>> + protected $lookAhead = null;
>>>>>>> + protected $output = '';
>>>>>>> +
>>>>>>> + // -- Public Static Methods
>>>>>>> --------------------------------------------------
>>>>>>> +
>>>>>>> +
>>>>>>> + public static function minify($js)
>>>>>>> + {
>>>>>>> + $jsmin = new JsMin($js);
>>>>>>> + return $jsmin->min();
>>>>>>> + }
>>>>>>> +
>>>>>>> + // -- Public Instance Methods
>>>>>>> ------------------------------------------------
>>>>>>> +
>>>>>>> +
>>>>>>> + public function __construct($input)
>>>>>>> + {
>>>>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>>>>> + $this->inputLength = strlen($this->input);
>>>>>>> + }
>>>>>>> +
>>>>>>> + // -- Protected Instance Methods
>>>>>>> ---------------------------------------------
>>>>>>> +
>>>>>>> +
>>>>>>> + protected function action($d)
>>>>>>> + {
>>>>>>> + switch ($d) {
>>>>>>> + case 1:
>>>>>>> + $this->output .= $this->a;
>>>>>>> +
>>>>>>> + case 2:
>>>>>>> + $this->a = $this->b;
>>>>>>> +
>>>>>>> + if ($this->a === "'" || $this->a === '"') {
>>>>>>> + for (; ; ) {
>>>>>>> + $this->output .= $this->a;
>>>>>>> + $this->a = $this->get();
>>>>>>> +
>>>>>>> + if ($this->a === $this->b) {
>>>>>>> + break;
>>>>>>> + }
>>>>>>> +
>>>>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>>>>> + throw new JsMinException('Unterminated string literal.');
>>>>>>> + }
>>>>>>> +
>>>>>>> + if ($this->a === '\\') {
>>>>>>> + $this->output .= $this->a;
>>>>>>> + $this->a = $this->get();
>>>>>>> + }
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + case 3:
>>>>>>> + $this->b = $this->next();
>>>>>>> +
>>>>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ','
>>>>>>> ||
>>>>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' ||
>>>>>>> $this-
>>>>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a
>>>>>>>> ===
>>>>>>> '?')) {
>>>>>>> +
>>>>>>> + $this->output .= $this->a . $this->b;
>>>>>>> +
>>>>>>> + for (; ; ) {
>>>>>>> + $this->a = $this->get();
>>>>>>> +
>>>>>>> + if ($this->a === '/') {
>>>>>>> + break;
>>>>>>> + } elseif ($this->a === '\\') {
>>>>>>> + $this->output .= $this->a;
>>>>>>> + $this->a = $this->get();
>>>>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>>>>> 'literal.');
>>>>>>> + }
>>>>>>> +
>>>>>>> + $this->output .= $this->a;
>>>>>>> + }
>>>>>>> +
>>>>>>> + $this->b = $this->next();
>>>>>>> + }
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + protected function get()
>>>>>>> + {
>>>>>>> + $c = $this->lookAhead;
>>>>>>> + $this->lookAhead = null;
>>>>>>> +
>>>>>>> + if ($c === null) {
>>>>>>> + if ($this->inputIndex < $this->inputLength) {
>>>>>>> + $c = $this->input[$this->inputIndex];
>>>>>>> + $this->inputIndex += 1;
>>>>>>> + } else {
>>>>>>> + $c = null;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + if ($c === "\r") {
>>>>>>> + return "\n";
>>>>>>> + }
>>>>>>> +
>>>>>>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>>>>>> + return $c;
>>>>>>> + }
>>>>>>> +
>>>>>>> + return ' ';
>>>>>>> + }
>>>>>>> +
>>>>>>> + protected function isAlphaNum($c)
>>>>>>> + {
>>>>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>>>>>>> $c) === 1;
>>>>>>> + }
>>>>>>> +
>>>>>>> + protected function min()
>>>>>>> + {
>>>>>>> + $this->a = "\n";
>>>>>>> + $this->action(3);
>>>>>>> +
>>>>>>> + while ($this->a !== null) {
>>>>>>> + switch ($this->a) {
>>>>>>> + case ' ':
>>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>>> + $this->action(1);
>>>>>>> + } else {
>>>>>>> + $this->action(2);
>>>>>>> + }
>>>>>>> + break;
>>>>>>> +
>>>>>>> + case "\n":
>>>>>>> + switch ($this->b) {
>>>>>>> + case '{':
>>>>>>> + case '[':
>>>>>>> + case '(':
>>>>>>> + case '+':
>>>>>>> + case '-':
>>>>>>> + $this->action(1);
>>>>>>> + break;
>>>>>>> +
>>>>>>> + case ' ':
>>>>>>> + $this->action(3);
>>>>>>> + break;
>>>>>>> +
>>>>>>> + default:
>>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>>> + $this->action(1);
>>>>>>> + } else {
>>>>>>> + $this->action(2);
>>>>>>> + }
>>>>>>> + }
>>>>>>> + break;
>>>>>>> +
>>>>>>> + default:
>>>>>>> + switch ($this->b) {
>>>>>>> + case ' ':
>>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>>> + $this->action(1);
>>>>>>> + break;
>>>>>>> + }
>>>>>>> +
>>>>>>> + $this->action(3);
>>>>>>> + break;
>>>>>>> +
>>>>>>> + case "\n":
>>>>>>> + switch ($this->a) {
>>>>>>> + case '}':
>>>>>>> + case ']':
>>>>>>> + case ')':
>>>>>>> + case '+':
>>>>>>> + case '-':
>>>>>>> + case '"':
>>>>>>> + case "'":
>>>>>>> + $this->action(1);
>>>>>>> + break;
>>>>>>> +
>>>>>>> + default:
>>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>>> + $this->action(1);
>>>>>>> + } else {
>>>>>>> + $this->action(3);
>>>>>>> + }
>>>>>>> + }
>>>>>>> + break;
>>>>>>> +
>>>>>>> + default:
>>>>>>> + $this->action(1);
>>>>>>> + break;
>>>>>>> + }
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + return $this->output;
>>>>>>> + }
>>>>>>> +
>>>>>>> + protected function next()
>>>>>>> + {
>>>>>>> + $c = $this->get();
>>>>>>> +
>>>>>>> + if ($c === '/') {
>>>>>>> + switch ($this->peek()) {
>>>>>>> + case '/':
>>>>>>> + for (; ; ) {
>>>>>>> + $c = $this->get();
>>>>>>> +
>>>>>>> + if (ord($c) <= self::ORD_LF) {
>>>>>>> + return $c;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + case '*':
>>>>>>> + $this->get();
>>>>>>> +
>>>>>>> + for (; ; ) {
>>>>>>> + switch ($this->get()) {
>>>>>>> + case '*':
>>>>>>> + if ($this->peek() === '/') {
>>>>>>> + $this->get();
>>>>>>> + return ' ';
>>>>>>> + }
>>>>>>> + break;
>>>>>>> +
>>>>>>> + case null:
>>>>>>> + throw new JsMinException('Unterminated comment.');
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + default:
>>>>>>> + return $c;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + return $c;
>>>>>>> + }
>>>>>>> +
>>>>>>> + protected function peek()
>>>>>>> + {
>>>>>>> + $this->lookAhead = $this->get();
>>>>>>> + return $this->lookAhead;
>>>>>>> + }
>>>>>>> }
>>>>>>>
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>>> RemoteContentFetcher.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>>> RemoteContentFetcher.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>>> RemoteContentFetcher.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -19,6 +19,18 @@
>>>>>>> */
>>>>>>>
>>>>>>> abstract class RemoteContentFetcher {
>>>>>>> +
>>>>>>> + protected $fetcher;
>>>>>>> +
>>>>>>> + protected function setNextFetcher($fetcher = null)
>>>>>>> + {
>>>>>>> + $this->fetcher = $fetcher;
>>>>>>> + }
>>>>>>>
>>>>>>> abstract public function fetchRequest($request);
>>>>>>> +
>>>>>>> + public function getNextFetcher()
>>>>>>> + {
>>>>>>> + return $this->fetcher;
>>>>>>> + }
>>>>>>> }
>>>>>>> \ No newline at end of file
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>>> RemoteContentRequest.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>>> RemoteContentRequest.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>>> RemoteContentRequest.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -15,13 +15,14 @@
>>>>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> * KIND, either express or implied. See the License for the
>>>>>>> * specific language governing permissions and limitations under
>>>>>>> the
>>>>>>> License.
>>>>>>> - *
>>>>>>> + *
>>>>>>> */
>>>>>>>
>>>>>>> class RemoteContentRequest {
>>>>>>> // these are used for making the request
>>>>>>> - private $url = '';
>>>>>>> - private $headers = false;
>>>>>>> + private $uri = '';
>>>>>>> + private $method = '';
>>>>>>> + private $headers = array();
>>>>>>> private $postBody = false;
>>>>>>> // these fields are filled in once the request has completed
>>>>>>> private $responseContent = false;
>>>>>>> @@ -29,20 +30,179 @@
>>>>>>> private $responseHeaders = false;
>>>>>>> private $httpCode = false;
>>>>>>> private $contentType = null;
>>>>>>> + private $options;
>>>>>>> public $handle = false;
>>>>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>>>>>>> urlencoded; charset=utf-8";
>>>>>>> + public static $DEFAULT_OPTIONS = array();
>>>>>>>
>>>>>>> - public function __construct($url, $headers = false, $postBody =
>>>>>>> false)
>>>>>>> + public function __construct($uri, $headers = false, $postBody =
>>>>>>> false)
>>>>>>> {
>>>>>>> - $this->url = $url;
>>>>>>> + $this->uri = $uri;
>>>>>>> $this->headers = $headers;
>>>>>>> $this->postBody = $postBody;
>>>>>>> }
>>>>>>>
>>>>>>> + public function createRemoteContentRequest($method, $uri,
>>>>>>> $headers, $postBody, $options)
>>>>>>> + {
>>>>>>> + $this->method = $method;
>>>>>>> + $this->uri = $uri;
>>>>>>> + $this->options = $options;
>>>>>>> + // Copy the headers
>>>>>>> + if (! isset($headers)) {
>>>>>>> + $this->headers = '';
>>>>>>> + } else {
>>>>>>> + $setPragmaHeader = false;
>>>>>>> + $tmpHeaders = '';
>>>>>>> + foreach ($headers as $key => $value) {
>>>>>>> + // Proxies should be bypassed with the Pragma: no-cache check.
>>>>>>> + //TODO double check array is good for options
>>>>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>>>>> + $value = "no-cache";
>>>>>>> + $setPragmaHeader = true;
>>>>>>> + }
>>>>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>>>>> + }
>>>>>>> + // Bypass caching in proxies as well.
>>>>>>> + //TODO double check array is good for options
>>>>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>>>>> + }
>>>>>>> + $this->headers = $tmpHeaders;
>>>>>>> + }
>>>>>>> + if (! isset($postBody)) {
>>>>>>> + $this->postBody = '';
>>>>>>> + } else {
>>>>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>>>>> + }
>>>>>>> + $type = $this->getHeader("Content-Type");
>>>>>>> + if (! isset($type)) {
>>>>>>> + $this->contentType = RemoteContentRequest::
>>>>>>> $DEFAULT_CONTENT_TYPE;
>>>>>>> + } else {
>>>>>>> + $this->contentType = $type;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Creates a new request to a different URL using all request
>>>>>>> data
>>>>>>> from
>>>>>>> + * an existing request.
>>>>>>> + *
>>>>>>> + * @param uri
>>>>>>> + * @param base The base request to copy data from.
>>>>>>> + */
>>>>>>> + public static function
>>>>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>>>>> + {
>>>>>>> + $this->uri = $uri;
>>>>>>> + $this->method = $base->method;
>>>>>>> + $this->options = $base->options;
>>>>>>> + $this->headers = $base->headers;
>>>>>>> + $this->contentType = $base->contentType;
>>>>>>> + $this->postBody = $base->postBody;
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Basic GET request.
>>>>>>> + *
>>>>>>> + * @param uri
>>>>>>> + */
>>>>>>> + public function createRemoteContentRequestWithUri($uri)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * GET with options
>>>>>>> + *
>>>>>>> + * @param uri
>>>>>>> + * @param options
>>>>>>> + */
>>>>>>> + public function createRemoteContentRequestWithUriOptions($uri,
>>>>>>> $options)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>>> $options);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * GET request with custom headers and default options
>>>>>>> + * @param uri
>>>>>>> + * @param headers
>>>>>>> + */
>>>>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>>>>> $headers)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * GET request with custom headers + options
>>>>>>> + * @param uri
>>>>>>> + * @param headers
>>>>>>> + * @param options
>>>>>>> + */
>>>>>>> + public function
>>>>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>>>>> $options)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>>>> $options);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Basic POST request
>>>>>>> + * @param uri
>>>>>>> + * @param postBody
>>>>>>> + */
>>>>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>>>>> $postBody)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>>> $postBody,
>>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * POST request with options
>>>>>>> + * @param uri
>>>>>>> + * @param postBody
>>>>>>> + * @param options
>>>>>>> + */
>>>>>>> + public function
>>>>>>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>>>>>>> $options)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>>> $postBody,
>>>>>>> $options);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * POST request with headers
>>>>>>> + * @param uri
>>>>>>> + * @param headers
>>>>>>> + * @param postBody
>>>>>>> + */
>>>>>>> + public function
>>>>>>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>>>>>>> $postBody)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * POST request with options + headers
>>>>>>> + * @param uri
>>>>>>> + * @param headers
>>>>>>> + * @param postBody
>>>>>>> + * @param options
>>>>>>> + */
>>>>>>> + public function
>>>>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>>>>> $headers, $postBody, $options)
>>>>>>> + {
>>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>>> $postBody, $options);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Creates a simple GET request
>>>>>>> + *
>>>>>>> + * @param uri
>>>>>>> + * @param ignoreCache
>>>>>>> + */
>>>>>>> + public function getRequest($uri, $ignoreCache)
>>>>>>> + {
>>>>>>> + $options = new Options();
>>>>>>> + $options->ignoreCache = $ignoreCache;
>>>>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>>>>> $options);
>>>>>>> + }
>>>>>>> +
>>>>>>> // returns a hash code which identifies this request, used for
>>>>>>> caching
>>>>>>> - // takes url and postbody into account for constructing the md5
>>>>>>> checksum
>>>>>>> + // takes url and postbody into account for constructing the
>>>>>>> sha1
>>>>>>> checksum
>>>>>>> public function toHash()
>>>>>>> {
>>>>>>> - return md5($this->url . $this->postBody);
>>>>>>> + return md5($this->uri . $this->postBody);
>>>>>>> }
>>>>>>>
>>>>>>> public function getContentType()
>>>>>>> @@ -92,7 +252,17 @@
>>>>>>>
>>>>>>> public function getUrl()
>>>>>>> {
>>>>>>> - return $this->url;
>>>>>>> + return $this->uri;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function getMethod()
>>>>>>> + {
>>>>>>> + return $this->method;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function getOptions()
>>>>>>> + {
>>>>>>> + return $this->options;
>>>>>>> }
>>>>>>>
>>>>>>> public function setContentType($type)
>>>>>>> @@ -125,14 +295,37 @@
>>>>>>> $this->headers = $headers;
>>>>>>> }
>>>>>>>
>>>>>>> + //FIXME: Find a better way to do this
>>>>>>> + // The headers can be an array of elements.
>>>>>>> + public function getHeader($headerName)
>>>>>>> + {
>>>>>>> + $headers = explode("\n", $this->headers);
>>>>>>> + foreach ($headers as $header) {
>>>>>>> + $key = explode(":", $header);
>>>>>>> + if ($key[0] == $headerName)
>>>>>>> + return $key[1];
>>>>>>> + }
>>>>>>> + return null;
>>>>>>> + }
>>>>>>> +
>>>>>>> public function setPostBody($postBody)
>>>>>>> {
>>>>>>> $this->postBody = $postBody;
>>>>>>> }
>>>>>>>
>>>>>>> - public function setUrl($url)
>>>>>>> + public function setUri($uri)
>>>>>>> {
>>>>>>> - $this->url = $url;
>>>>>>> + $this->uri = $uri;
>>>>>>> }
>>>>>>>
>>>>>>> -}
>>>>>>> \ No newline at end of file
>>>>>>> +}
>>>>>>> +
>>>>>>> +/**
>>>>>>> + * Bag of options for making a request.
>>>>>>> + *
>>>>>>> + * This object is mutable to keep us sane. Don't mess with it
>>>>>>> once
>>>>>>> you've
>>>>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>>>>> + */
>>>>>>> +class Options {
>>>>>>> + public $ignoreCache = false;
>>>>>>> +}
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed
>>>>>>> May
>>>>>>> 21 09:58:52 2008
>>>>>>> @@ -80,7 +80,7 @@
>>>>>>> self::loadFile($file, $dirs, true);
>>>>>>> } else {
>>>>>>> self::_securityCheck($file);
>>>>>>> - include_once $file;
>>>>>>> + include_once 'src/common/'.$file;
>>>>>>> }
>>>>>>>
>>>>>>> if (!class_exists($class, false) && !
>>>>>>> interface_exists($class, false)) {
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>> GadgetContext.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>>>>>>> May 21 09:58:52 2008
>>>>>>> @@ -26,21 +26,21 @@
>>>>>>> * Server wide variables are stored in config.php
>>>>>>> */
>>>>>>> class GadgetContext {
>>>>>>> - private $httpFetcher = null;
>>>>>>> - private $locale = null;
>>>>>>> - private $renderingContext = null;
>>>>>>> - private $registry = null;
>>>>>>> - private $userPrefs = null;
>>>>>>> - private $gadgetId = null;
>>>>>>> - private $view = null;
>>>>>>> - private $moduleId = null;
>>>>>>> - private $url = null;
>>>>>>> - private $cache = null;
>>>>>>> - private $blacklist = null;
>>>>>>> - private $ignoreCache = null;
>>>>>>> - private $forcedJsLibs = null;
>>>>>>> - private $containerConfig = null;
>>>>>>> - private $container = null;
>>>>>>> + protected $httpFetcher = null;
>>>>>>> + protected $locale = null;
>>>>>>> + protected $renderingContext = null;
>>>>>>> + protected $registry = null;
>>>>>>> + protected $userPrefs = null;
>>>>>>> + protected $gadgetId = null;
>>>>>>> + protected $view = null;
>>>>>>> + protected $moduleId = null;
>>>>>>> + protected $url = null;
>>>>>>> + protected $cache = null;
>>>>>>> + protected $blacklist = null;
>>>>>>> + protected $ignoreCache = null;
>>>>>>> + protected $forcedJsLibs = null;
>>>>>>> + protected $containerConfig = null;
>>>>>>> + protected $container = null;
>>>>>>>
>>>>>>> public function __construct($renderingContext)
>>>>>>> {
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>> GadgetSpecParser.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -36,7 +36,7 @@
>>>>>>> }
>>>>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>>>>> // process ModulePref attributes
>>>>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs,
>>>>>>> $context);
>>>>>>> // process UserPrefs, if any
>>>>>>> foreach ($doc->UserPref as $pref) {
>>>>>>> $this->processUserPref($gadget, $pref);
>>>>>>> @@ -54,7 +54,7 @@
>>>>>>> return $gadget;
>>>>>>> }
>>>>>>>
>>>>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>>>>> $context)
>>>>>>> {
>>>>>>> $attributes = $ModulePrefs->attributes();
>>>>>>> if (empty($attributes['title'])) {
>>>>>>> @@ -90,11 +90,11 @@
>>>>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>>>>> trim($attributes['scaling']) : '';
>>>>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>>>>> trim($attributes['scrolling']) : '';
>>>>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>>>>> + $gadget->localeSpecs[] = $this->processLocale($locale,
>>>>>>> $context);
>>>>>>> }
>>>>>>> }
>>>>>>>
>>>>>>> - private function processLocale($locale)
>>>>>>> + private function processLocale($locale, $context)
>>>>>>> {
>>>>>>> $attributes = $locale->attributes();
>>>>>>> $messageAttr = isset($attributes['messages']) ?
>>>>>>> trim($attributes['messages']) : '';
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>>> (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed
>>>>>>> May
>>>>>>> 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,70 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>> + * distributed with this work for additional information
>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> + * software distributed under the License is distributed on an
>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>> + * specific language governing permissions and limitations under
>>>>>>> the License.
>>>>>>> + *
>>>>>>> + */
>>>>>>> +
>>>>>>> +/**
>>>>>>> + * An abstract representation of a signing token.
>>>>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>>>>> + */
>>>>>>> +abstract class GadgetToken {
>>>>>>> +
>>>>>>> + //FIXME Hmm seems php is refusing to let me make abstract
>>>>>>> static
>>>>>>> functions? odd
>>>>>>> + static public function createFromToken($token, $maxage) {}
>>>>>>> + static public function createFromValues($owner, $viewer, $app,
>>>>>>> $domain, $appUrl, $moduleId) {}
>>>>>>> +
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Serializes the token into a string. This can be the exact
>>>>>>> same as
>>>>>>> + * toString; using a different name here is only to force
>>>>>>> interface
>>>>>>> + * compliance.
>>>>>>> + *
>>>>>>> + * @return A string representation of the token.
>>>>>>> + */
>>>>>>> + abstract public function toSerialForm();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @return the owner from the token, or null if there is none.
>>>>>>> + */
>>>>>>> + abstract public function getOwnerId();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @return the viewer from the token, or null if there is
>>>>>>> none.
>>>>>>> + */
>>>>>>> + abstract public function getViewerId();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @return the application id from the token, or null if there
>>>>>>> is none.
>>>>>>> + */
>>>>>>> + abstract public function getAppId();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @return the domain from the token, or null if there is
>>>>>>> none.
>>>>>>> + */
>>>>>>> + abstract public function getDomain();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @return the URL of the application
>>>>>>> + */
>>>>>>> + abstract public function getAppUrl();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @return the module ID of the application
>>>>>>> + */
>>>>>>> + abstract public function getModuleId();
>>>>>>> +}
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>>> GadgetTokenDecoder.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>> GadgetTokenDecoder.php
>>>>>>> (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>> GadgetTokenDecoder.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,34 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>> + * distributed with this work for additional information
>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> + * software distributed under the License is distributed on an
>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>> + * specific language governing permissions and limitations
>>>>>>> + * under the License.
>>>>>>> + */
>>>>>>> +
>>>>>>> +/**
>>>>>>> + * Handles verification of gadget security tokens.
>>>>>>> + */
>>>>>>> +abstract class GadgetTokenDecoder {
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Decrypts and verifies a gadget security token to return a
>>>>>>> gadget token.
>>>>>>> + *
>>>>>>> + * @param tokenString String representation of the token to be
>>>>>>> created.
>>>>>>> + * @return The token representation of the input data.
>>>>>>> + * @throws GadgetException If tokenString is not a valid token
>>>>>>> + */
>>>>>>> + abstract public function createToken($tokenString);
>>>>>>> +}
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>>>>>>> 21 09:58:52 2008
>>>>>>> @@ -24,7 +24,7 @@
>>>>>>> private $content;
>>>>>>> private $featureName; // used to track what feature this
>>>>>>> belongs to
>>>>>>> private $loaded = false;
>>>>>>> -
>>>>>>> +
>>>>>>> public function __construct($type, $content, $featureName = '')
>>>>>>> {
>>>>>>> $this->featureName = $featureName;
>>>>>>> @@ -39,11 +39,11 @@
>>>>>>>
>>>>>>> public function getContent()
>>>>>>> {
>>>>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>>>>> if (Config::get('compress_javascript')) {
>>>>>>> $dataCache = Config::get('data_cache');
>>>>>>> $dataCache = new $dataCache();
>>>>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>>>>> $content = JsMin::minify(JsLibrary::loadData($this->content,
>>>>>>> $this-
>>>>>>>> type));
>>>>>>> $dataCache->set(md5($this->content), $content);
>>>>>>> $this->content = $content;
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>> JsonRpcGadgetContext.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>> JsonRpcGadgetContext.php (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>>>>> @@ -1,10 +1,6 @@
>>>>>>> <?php
>>>>>>>
>>>>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>>>>> - private $locale = null;
>>>>>>> - private $view = null;
>>>>>>> - private $url = null;
>>>>>>> - private $container = null;
>>>>>>>
>>>>>>> public function __construct($jsonContext, $url)
>>>>>>> {
>>>>>>> @@ -15,23 +11,8 @@
>>>>>>> $this->container = $jsonContext->container;
>>>>>>> }
>>>>>>>
>>>>>>> - public function getUrl()
>>>>>>> - {
>>>>>>> - return $this->url;
>>>>>>> - }
>>>>>>> -
>>>>>>> public function getView()
>>>>>>> {
>>>>>>> return $this->view;
>>>>>>> }
>>>>>>> -
>>>>>>> - public function getLocale()
>>>>>>> - {
>>>>>>> - return $this->locale;
>>>>>>> - }
>>>>>>> -
>>>>>>> - public function getContainer()
>>>>>>> - {
>>>>>>> - return $this->container;
>>>>>>> - }
>>>>>>> }
>>>>>>> \ No newline at end of file
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>>> ProxyGadgetContext.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>>> ProxyGadgetContext.php
>>>>>>> (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>>> ProxyGadgetContext.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,10 @@
>>>>>>> +<?php
>>>>>>> +
>>>>>>> +class ProxyGadgetContext extends GadgetContext {
>>>>>>> +
>>>>>>> + public function __construct($url)
>>>>>>> + {
>>>>>>> + parent::__construct('GADGET');
>>>>>>> + $this->url = $url;
>>>>>>> + }
>>>>>>> +}
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>>> ProxyHandler.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>>>>>>> May 21 09:58:52 2008
>>>>>>> @@ -29,11 +29,15 @@
>>>>>>> *
>>>>>>> */
>>>>>>> class ProxyHandler {
>>>>>>> - private $context;
>>>>>>> + private $context;
>>>>>>> + private $signingFetcher;
>>>>>>> + private $oauthFetcher;
>>>>>>>
>>>>>>> - public function __construct($context)
>>>>>>> + public function __construct($context, $signingFetcher = null,
>>>>>>> $oauthFetcher = null)
>>>>>>> {
>>>>>>> - $this->context = $context;
>>>>>>> + $this->context = $context;
>>>>>>> + $this->signingFetcher = $signingFetcher;
>>>>>>> + $this->oauthFetcher = $oauthFetcher;
>>>>>>> }
>>>>>>>
>>>>>>> /**
>>>>>>> @@ -51,11 +55,21 @@
>>>>>>> $token = '';
>>>>>>> // no token given, safe to ignore
>>>>>>> }
>>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>>> + $url = $this->validateUrl($url);
>>>>>>> // Fetch the content and convert it into JSON.
>>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>>>>> + if (!isset($result)) {
>>>>>>> + //OAuthFetcher only
>>>>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>>>>> + $json = array($url => $metadata);
>>>>>>> + $json = json_encode($json);
>>>>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>>>>> + $this->setCachingHeaders();
>>>>>>> + header("Content-Type: application/json; charset=utf-8", true);
>>>>>>> + echo $output;
>>>>>>> + die();
>>>>>>> + }
>>>>>>> $status = (int)$result->getHttpCode();
>>>>>>> //header("HTTP/1.1 $status", true);
>>>>>>> if ($status == 200) {
>>>>>>> @@ -174,10 +188,9 @@
>>>>>>> $token = '';
>>>>>>> // no token given, safe to ignore
>>>>>>> }
>>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>>> + $url = $this->validateUrl($url);
>>>>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>>> + $result = $this->fetchContent($url, $method);
>>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>>> $status = (int)$result->getHttpCode();
>>>>>>> if ($status == 200) {
>>>>>>> @@ -208,11 +221,11 @@
>>>>>>> /**
>>>>>>> * Both fetch and fetchJson call this function to retrieve the
>>>>>>> actual content
>>>>>>> *
>>>>>>> - * @param string $signedUrl the signed url to fetch
>>>>>>> + * @param string $url the url to fetch
>>>>>>> * @param string $method either get or post
>>>>>>> * @return the filled in request (RemoteContentRequest)
>>>>>>> */
>>>>>>> - private function fetchContent($signedUrl, $method)
>>>>>>> + private function fetchContent($url, $method)
>>>>>>> {
>>>>>>> //TODO get actual character encoding from the request
>>>>>>>
>>>>>>> @@ -250,14 +263,41 @@
>>>>>>> }
>>>>>>> // even if postData is an empty string, it will still post (since
>>>>>>> RemoteContentRquest checks if its false)
>>>>>>> // so the request to POST is still honored
>>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>>>>> $postData);
>>>>>>> + $request = new RemoteContentRequest($url, $headers, $postData);
>>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>>> $context);
>>>>>>> } else {
>>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>>>>> + $request = new RemoteContentRequest($url, $headers);
>>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>>> $context);
>>>>>>> }
>>>>>>> return $request;
>>>>>>> }
>>>>>>> +
>>>>>>> + private function fetchContentDivert($url, $method, $signer)
>>>>>>> + {
>>>>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>>>>> + $token = $this->extractAndValidateToken($signer);
>>>>>>> + switch (strtoupper($authz)) {
>>>>>>> + case 'SIGNED':
>>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>>> + return $fetcher->fetch($url, $method);
>>>>>>> + case 'AUTHENTICATED':
>>>>>>> + $params = new OAuthRequestParams();
>>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>>>>> + $request = new RemoteContentRequest($url);
>>>>>>> + $request->createRemoteContentRequestWithUri($url);
>>>>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>>>>> + case 'NONE':
>>>>>>> + default:
>>>>>>> + return $this->fetchContent($url, $method);
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function setContentFetcher($contentFetcherFactory)
>>>>>>> + {
>>>>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>>>>> + }
>>>>>>>
>>>>>>> /**
>>>>>>> * Sets the caching headers (overwriting anything the remote host
>>>>>>> set) to force
>>>>>>> @@ -282,6 +322,7 @@
>>>>>>> private function validateUrl($url)
>>>>>>> {
>>>>>>> //TODO should really make a PHP version of the URI class and
>>>>>>> validate in all the locations the java version does
>>>>>>> + // why not use Zend::Uri:
>>>>>>> return $url;
>>>>>>> }
>>>>>>>
>>>>>>> @@ -293,40 +334,17 @@
>>>>>>> * @return string the token to use in the signed url
>>>>>>> */
>>>>>>> private function extractAndValidateToken($signer)
>>>>>>> - {
>>>>>>> - if ($signer == null) {
>>>>>>> - return null;
>>>>>>> - }
>>>>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>>>>> - if ($token) {
>>>>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>>> - }
>>>>>>> + {
>>>>>>> + if ($signer == null) {
>>>>>>> + return null;
>>>>>>> + }
>>>>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>>>>> + if (!isset($token) || $token == '') {
>>>>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>>> + }
>>>>>>> return $signer->createToken($token);
>>>>>>> }
>>>>>>> -
>>>>>>> - /**
>>>>>>> - * Signs a url with the SecurityToken
>>>>>>> - *
>>>>>>> - * @param string $originalUrl
>>>>>>> - * @param SecurityToken $token
>>>>>>> - * @return unknown
>>>>>>> - */
>>>>>>> - private function signUrl($originalUrl, $token)
>>>>>>> - {
>>>>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>>>>> - if (! $authz) {
>>>>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>>>>> - }
>>>>>>> - if ($token == null || $authz != 'signed') {
>>>>>>> - return $originalUrl;
>>>>>>> - }
>>>>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>>> false;
>>>>>>> - if ($method) {
>>>>>>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>>>> 'GET';
>>>>>>> - }
>>>>>>> - return $token->signUrl($originalUrl, $method);
>>>>>>> - }
>>>>>>> -
>>>>>>> +
>>>>>>> private function request_headers()
>>>>>>> {
>>>>>>> // Try to use apache's request headers if available
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> CertServlet.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>>> (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,42 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>> + * distributed with this work for additional information
>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> + * software distributed under the License is distributed on an
>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>> + * specific language governing permissions and limitations under
>>>>>>> the License.
>>>>>>> + *
>>>>>>> + */
>>>>>>> +require 'src/common/HttpServlet.php';
>>>>>>> +
>>>>>>> +/**
>>>>>>> + * This class serves the public certificate, quick and dirty
>>>>>>> hack
>>>>>>> to make the certificate publicly accessible
>>>>>>> + * this combined with the hard coded location in
>>>>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>>>>> + * for the oauth pub key location makes a working whole
>>>>>>> + */
>>>>>>> +class CertServlet extends HttpServlet {
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Handles the get file request, only called on url = /
>>>>>>> public.crt
>>>>>>> + * so this function has no logic other then to output the cert
>>>>>>> + */
>>>>>>> + public function doGet()
>>>>>>> + {
>>>>>>> + $file = Config::get('public_key_file');
>>>>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>>>>> + throw new Exception("Invalid public key location ($file), check
>>>>>>> config and file permissions");
>>>>>>> + }
>>>>>>> + $this->setLastModified(filemtime($file));
>>>>>>> + readfile($file);
>>>>>>> + }
>>>>>>> +}
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> FilesServlet.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -25,7 +25,7 @@
>>>>>>> * the php version too
>>>>>>> */
>>>>>>> class FilesServlet extends HttpServlet {
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Handles the get file request, if the file exists and is in the
>>>>>>> correct
>>>>>>> * location it's echo'd to the browser (with a basic content type
>>>>>>> guessing
>>>>>>> @@ -46,14 +46,14 @@
>>>>>>> die();
>>>>>>> }
>>>>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>>>>> is_file($file)) {
>>>>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>>>>> is_file($file)) {
>>>>>>> header("HTTP/1.0 404 Not Found", true);
>>>>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>>>>> die();
>>>>>>> }
>>>>>>> $dot = strrpos($file, '.');
>>>>>>> if ($dot) {
>>>>>>> - $ext = strtolower(substr($file, $dot+1));
>>>>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>>>>> if ($ext == 'html' || $ext == 'htm') {
>>>>>>> $this->setContentType('text/html');
>>>>>>> } elseif ($ext == 'js') {
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> GadgetRenderingServlet.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> GadgetRenderingServlet.php (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>>>>> @@ -52,7 +52,7 @@
>>>>>>> */
>>>>>>> class GadgetRenderingServlet extends HttpServlet {
>>>>>>> private $context;
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Creates the gadget using the GadgetServer class and calls
>>>>>>> outputGadget
>>>>>>> *
>>>>>>> @@ -71,11 +71,11 @@
>>>>>>> $gadgetServer = new GadgetServer();
>>>>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>>>>> $this->outputGadget($gadget, $this->context);
>>>>>>> - } catch ( Exception $e ) {
>>>>>>> + } catch (Exception $e) {
>>>>>>> $this->outputError($e);
>>>>>>> }
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * If an error occured (Exception) this function echo's the
>>>>>>> Exception's message
>>>>>>> * and if the config['debug'] is true, shows the debug backtrace
>>>>>>> in
>>>>>>> a div
>>>>>>> @@ -95,7 +95,7 @@
>>>>>>> }
>>>>>>> echo "</body></html>";
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Takes the gadget to output, and depending on its content type
>>>>>>> calls either outputHtml-
>>>>>>> * or outputUrlGadget
>>>>>>> @@ -107,15 +107,15 @@
>>>>>>> {
>>>>>>> $view = HttpUtil::getView($gadget, $context);
>>>>>>> switch ($view->getType()) {
>>>>>>> - case 'HTML' :
>>>>>>> + case 'HTML':
>>>>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>>>>> break;
>>>>>>> - case 'URL' :
>>>>>>> + case 'URL':
>>>>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>>>>> break;
>>>>>>> }
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Outputs a html content type gadget.
>>>>>>> * It creates a html page, with the javascripts from the features
>>>>>>> inline into the page, plus
>>>>>>> @@ -144,16 +144,13 @@
>>>>>>> }
>>>>>>> // Was a privacy policy header configured? if so set it
>>>>>>> if (Config::get('P3P') != '') {
>>>>>>> - header("P3P: ".Config::get('P3P'));
>>>>>>> + header("P3P: " . Config::get('P3P'));
>>>>>>> }
>>>>>>> - if (!$view->getQuirks()) {
>>>>>>> + if (! $view->getQuirks()) {
>>>>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>>>>> \">\n";
>>>>>>> }
>>>>>>> - echo "<html>\n<head>".
>>>>>>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>>>>>>> style>".
>>>>>>> - "</head><body>".
>>>>>>> - "<script><!--\n";
>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>>>>> "<script><!--\n";
>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>> $type = $library->getType();
>>>>>>> if ($type == 'URL') {
>>>>>>> // TODO: This case needs to be handled more gracefully by the js
>>>>>>> @@ -173,15 +170,12 @@
>>>>>>> // Forced libs first.
>>>>>>> if (! empty($forcedLibs)) {
>>>>>>> $libs = explode(':', $forcedLibs);
>>>>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').
>>>>>>> $this-
>>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>>>>> $this-
>>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>>> }
>>>>>>> if (strlen($externJs) > 0) {
>>>>>>> echo $externJs;
>>>>>>> }
>>>>>>> - echo "<script><!--\n".
>>>>>>> - $this->appendJsConfig($context, $gadget).
>>>>>>> - $this->appendMessages($gadget).
>>>>>>> - "-->\n</script>\n";
>>>>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>>>>
>>>>>>> $gadgetExceptions = array();
>>>>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>>>>> getContent());
>>>>>>> @@ -192,11 +186,9 @@
>>>>>>> if (count($gadgetExceptions)) {
>>>>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>>>>> }
>>>>>>> - echo $content . "\n".
>>>>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>>>>> - "</body>\n</html>";
>>>>>>> + echo $content . "\n" .
>>>>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>>>>>>> \n</html>";
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Output's a URL content type gadget, it adds
>>>>>>> libs=<list:of:js:libraries>.js and user preferences
>>>>>>> * to the href url, and redirects the browser to it
>>>>>>> @@ -215,7 +207,7 @@
>>>>>>> $forcedLibs = Config::get('focedJsLibs');
>>>>>>> if ($forcedLibs == null) {
>>>>>>> $reqs = $gadget->getRequires();
>>>>>>> - foreach ( $reqs as $key => $val ) {
>>>>>>> + foreach ($reqs as $key => $val) {
>>>>>>> $libs[] = $key;
>>>>>>> }
>>>>>>> } else {
>>>>>>> @@ -231,7 +223,7 @@
>>>>>>> header('Location: ' . $redirURI);
>>>>>>> die();
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Returns the requested libs (from getjsUrl) with the
>>>>>>> libs_param_name prepended
>>>>>>> * ie: in libs=core:caja:etc.js format
>>>>>>> @@ -248,7 +240,7 @@
>>>>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>>>>> return $ret;
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * Returns the user preferences in &up_<name>=<val> format
>>>>>>> *
>>>>>>> @@ -259,7 +251,7 @@
>>>>>>> private function getPrefsQueryString($prefVals)
>>>>>>> {
>>>>>>> $ret = '';
>>>>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>>>>> $ret .= '&';
>>>>>>> $ret .= Config::get('userpref_param_prefix');
>>>>>>> $ret .= urlencode($key);
>>>>>>> @@ -268,10 +260,10 @@
>>>>>>> }
>>>>>>> return $ret;
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> /**
>>>>>>> * generates the library string (core:caja:etc.js) including a
>>>>>>> checksum of all the
>>>>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>>>>> *
>>>>>>> * @param string $libs
>>>>>>> * @param Gadget $gadget
>>>>>>> @@ -284,7 +276,7 @@
>>>>>>> $buf = 'core';
>>>>>>> } else {
>>>>>>> $firstDone = false;
>>>>>>> - foreach ( $libs as $lib ) {
>>>>>>> + foreach ($libs as $lib) {
>>>>>>> if ($firstDone) {
>>>>>>> $buf .= ':';
>>>>>>> } else {
>>>>>>> @@ -296,7 +288,7 @@
>>>>>>> // Build a version string from the sha1() checksum of all
>>>>>>> included
>>>>>>> javascript
>>>>>>> // to ensure the client always has the right version
>>>>>>> $inlineJs = '';
>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>> $type = $library->getType();
>>>>>>> if ($type != 'URL') {
>>>>>>> $inlineJs .= $library->getContent() . "\n";
>>>>>>> @@ -305,14 +297,14 @@
>>>>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>>>>> return $buf;
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> private function appendJsConfig($context, $gadget)
>>>>>>> {
>>>>>>> $container = $context->getContainer();
>>>>>>> $containerConfig = $context->getContainerConfig();
>>>>>>> $gadgetConfig = array();
>>>>>>> $featureConfig = $containerConfig->getConfig($container,
>>>>>>> 'gadgets.features');
>>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>>> $feature = $library->getFeatureName();
>>>>>>> if (! isset($gadgetConfig[$feature]) && !
>>>>>>> empty($featureConfig[$feature])) {
>>>>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>>>>> @@ -320,7 +312,7 @@
>>>>>>> }
>>>>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");
>>>>>>> \n";
>>>>>>> }
>>>>>>> -
>>>>>>> +
>>>>>>> private function appendMessages($gadget)
>>>>>>> {
>>>>>>> $msgs = '';
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> JsServlet.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>>> Wed
>>>>>>> May 21 09:58:52 2008
>>>>>>> @@ -30,7 +30,7 @@
>>>>>>> * to retrieve our features javascript code
>>>>>>> */
>>>>>>> class JsServlet extends HttpServlet {
>>>>>>> -
>>>>>>> +
>>>>>>> public function doGet()
>>>>>>> {
>>>>>>> $this->noHeaders = true;
>>>>>>>
>>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> ProxyServlet.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>>> (original)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -26,6 +26,8 @@
>>>>>>> require 'src/common/RemoteContent.php';
>>>>>>> require 'src/common/Cache.php';
>>>>>>> require 'src/common/RemoteContentFetcher.php';
>>>>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>>>>
>>>>>>> class ProxyServlet extends HttpServlet {
>>>>>>>
>>>>>>> @@ -39,6 +41,7 @@
>>>>>>> if (! $url) {
>>>>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>>>>> }
>>>>>>> + $url = urldecode($url);
>>>>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>>> false;
>>>>>>> if (! $method) {
>>>>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>>>> 'GET';
>>>>>>> @@ -49,7 +52,8 @@
>>>>>>> }
>>>>>>> $gadgetSigner = Config::get('security_token_signer');
>>>>>>> $gadgetSigner = new $gadgetSigner();
>>>>>>> - $proxyHandler = new ProxyHandler($context);
>>>>>>> + $signingFetcherFactory = new
>>>>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>>>>> + $proxyHandler = new ProxyHandler($context,
>>>>>>> $signingFetcherFactory);
>>>>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>>>>> } else {
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcher.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcher.php
>>>>>>> (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcher.php
>>>>>>> Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,216 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed under the Apache License, Version 2.0 (the
>>>>>>> "License");
>>>>>>> + * you may not use this file except in compliance with the
>>>>>>> License.
>>>>>>> + * You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> software
>>>>>>> + * distributed under the License is distributed on an "AS IS"
>>>>>>> BASIS,
>>>>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
>>>>>>> express or
>>>>>>> implied.
>>>>>>> + * See the License for the specific language governing
>>>>>>> permissions
>>>>>>> and
>>>>>>> + * limitations under the License.
>>>>>>> + */
>>>>>>> +
>>>>>>> +/**
>>>>>>> + * Implements signed fetch based on the OAuth request signing
>>>>>>> algorithm.
>>>>>>> + *
>>>>>>> + * Subclasses can override signMessage to use their own crypto
>>>>>>> if
>>>>>>> they don't
>>>>>>> + * like the oauth.net code for some reason.
>>>>>>> + *
>>>>>>> + * Instances of this class are only accessed by a single
>>>>>>> thread at
>>>>>>> a time,
>>>>>>> + * but instances may be created by multiple threads.
>>>>>>> + */
>>>>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>>>>> +
>>>>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>>>>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>>>>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>>>>> "xoauth_signature_publickey";
>>>>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>>>>> +
>>>>>>> + //protected final TimeSource clock = new TimeSource();
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Authentication token for the user and gadget making the
>>>>>>> request.
>>>>>>> + */
>>>>>>> + protected $authToken;
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can
>>>>>>> be a
>>>>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>>>>> encoded byte
>>>>>>> + * array for the private key.(No, really, they accept any of
>>>>>>> them.)
>>>>>>> + */
>>>>>>> + protected $privateKeyObject;
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * The name of the key, included in the fetch to help with key
>>>>>>> rotation.
>>>>>>> + */
>>>>>>> + protected $keyName;
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>> object.
>>>>>>> + *
>>>>>>> + * @param authToken verified gadget security token
>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>> + * @param privateKey the key to use for the signing
>>>>>>> + */
>>>>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>>>>> $keyName, $privateKey)
>>>>>>> + {
>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>> $privateKey);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>> object.
>>>>>>> + *
>>>>>>> + * @param authToken verified gadget security token
>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>> + * @param privateKey base64 encoded private key
>>>>>>> + */
>>>>>>> + public static function makeFromB64PrivateKey($next, $authToken,
>>>>>>> $keyName, $privateKey)
>>>>>>> + {
>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>> $privateKey);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>>> object.
>>>>>>> + *
>>>>>>> + * @param authToken verified gadget security token
>>>>>>> + * @param keyName name of the key to include in the request
>>>>>>> + * @param privateKey DER encoded private key
>>>>>>> + */
>>>>>>> + public static function makeFromPrivateKeyBytes($next,
>>>>>>> $authToken,
>>>>>>> $keyName, $privateKey)
>>>>>>> + {
>>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>>> $privateKey);
>>>>>>> + }
>>>>>>> +
>>>>>>> + protected function __construct($next, $authToken, $keyName,
>>>>>>> $privateKeyObject)
>>>>>>> + {
>>>>>>> + parent::setNextFetcher($next);
>>>>>>> + $this->authToken = $authToken;
>>>>>>> + $this->keyName = $keyName;
>>>>>>> + $this->privateKeyObject = $privateKeyObject;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function fetchRequest($request)
>>>>>>> + {
>>>>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function fetch($url, $method)
>>>>>>> + {
>>>>>>> + $signed = $this->signRequest($url, $method);
>>>>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function signRequest($url, $method)
>>>>>>> + {
>>>>>>> + try {
>>>>>>> + // Parse the request into parameters for OAuth signing,
>>>>>>> stripping
>>>>>>> out
>>>>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>>>>> + ///////////////////////////////////////////////
>>>>>>> + require 'src/common/Zend/Uri.php';
>>>>>>> + $uri = Zend_Uri::factory($url);
>>>>>>> + $resource = $uri->getUri();
>>>>>>> + $queryParams = $this->sanitize($_GET);
>>>>>>> + $postParams = $this->sanitize($_POST);
>>>>>>> + $msgParams = array();
>>>>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>>>>> +
>>>>>>> + // TODO: is this ok?
>>>>>>> + //$msgParams = array();
>>>>>>> + $this->addOpenSocialParams($msgParams);
>>>>>>> + $this->addOAuthParams($msgParams);
>>>>>>> +
>>>>>>> + // Build and sign the OAuthMessage; note that the resource here
>>>>>>> has
>>>>>>> + // no query string, the parameters are all in msgParams
>>>>>>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>>>>>>> +
>>>>>>> + ////////////////////////////////////////////////
>>>>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>>>>> + $consumer-
>>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>>>>>>>> privateKeyObject);
>>>>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>>>>> +
>>>>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer,
>>>>>>> NULL,
>>>>>>> $method, $resource, $msgParams);
>>>>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>>>>> +
>>>>>>> + // Rebuild the query string, including all of the parameters we
>>>>>>> added.
>>>>>>> + // We have to be careful not to copy POST parameters into the
>>>>>>> query.
>>>>>>> + // If post and query parameters share a name, they end up being
>>>>>>> removed
>>>>>>> + // from the query.
>>>>>>> + $forPost = array();
>>>>>>> + foreach ($postParams as $key => $param) {
>>>>>>> + $forPost[$key] = $param;
>>>>>>> + }
>>>>>>> + $newQuery = array();
>>>>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>>>>> + if (! isset($forPost[$key])) {
>>>>>>> + $newQuery[$key] = $param;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>>>>> different than
>>>>>>> + // the normal form encoding scheme, so we have to use the OAuth
>>>>>>> library
>>>>>>> + // formEncode method.
>>>>>>> + $uri->setQuery($newQuery);
>>>>>>> + return new RemoteContentRequest($uri->getUri());
>>>>>>> + } catch (Exception $e) {
>>>>>>> + throw new GadgetException($e);
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function addOpenSocialParams(&$msgParams)
>>>>>>> + {
>>>>>>> + $owner = $this->authToken->getOwnerId();
>>>>>>> + if ($owner != null) {
>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>>>>> + }
>>>>>>> + $viewer = $this->authToken->getViewerId();
>>>>>>> + if ($viewer != null) {
>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>>>>> + }
>>>>>>> + $app = $this->authToken->getAppId();
>>>>>>> + if ($app != null) {
>>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function addOAuthParams(&$msgParams)
>>>>>>> + {
>>>>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>>>>> + $domain = $this->authToken->getDomain();
>>>>>>> + if ($domain != null) {
>>>>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>>>>> 'partuza.chabotc.com'; //
>>>>>>> $domain;
>>>>>>> + }
>>>>>>> + if ($this->keyName != null) {
>>>>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this-
>>>>>>> >keyName;
>>>>>>> + }
>>>>>>> + $nonce = OAuthRequest::generate_nonce();
>>>>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>>>>> + $timestamp = time();
>>>>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Strip out any owner or viewer id passed by the client.
>>>>>>> + */
>>>>>>> + private function sanitize($params)
>>>>>>> + {
>>>>>>> + $list = array();
>>>>>>> + foreach ($params as $key => $p) {
>>>>>>> + if ($this->allowParam($key)) {
>>>>>>> + $list[$key] = $p;
>>>>>>> + }
>>>>>>> + }
>>>>>>> + return $list;
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function allowParam($paramName)
>>>>>>> + {
>>>>>>> + $canonParamName = strtolower($paramName);
>>>>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>>>>> + }
>>>>>>> +}
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcherFactory.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcherFactory.php (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,86 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>> + * distributed with this work for additional information
>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> + * software distributed under the License is distributed on an
>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>> + * specific language governing permissions and limitations
>>>>>>> + * under the License.
>>>>>>> + */
>>>>>>> +
>>>>>>> +/**
>>>>>>> + * Produces Signing content fetchers for input tokens.
>>>>>>> + */
>>>>>>> +class SigningFetcherFactory {
>>>>>>> + private $keyName;
>>>>>>> + private $privateKey;
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * Produces a signing fetcher that will sign requests and
>>>>>>> delegate
>>>>>>> actual
>>>>>>> + * network retrieval to the {@code networkFetcher}
>>>>>>> + *
>>>>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>>>>> work.
>>>>>>> + * @param token The gadget token used for extracting signing
>>>>>>> parameters.
>>>>>>> + * @return The signing fetcher.
>>>>>>> + * @throws GadgetException
>>>>>>> + */
>>>>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>>>>> + {
>>>>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>>>>> $token, $this->keyName, $this->privateKey);
>>>>>>> + }
>>>>>>> +
>>>>>>> + /**
>>>>>>> + * @param keyFile The file containing your private key for
>>>>>>> signing
>>>>>>> requests.
>>>>>>> + */
>>>>>>> + public function __construct($keyFile = null)
>>>>>>> + {
>>>>>>> + $this->keyName = 'http://'.
>>>>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>>>>> + if (! empty($keyFile)) {
>>>>>>> + $privateKey = null;
>>>>>>> + try {
>>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>>> convert it
>>>>>>> + $cache = Config::get('data_cache');
>>>>>>> + $cache = new $cache();
>>>>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" .
>>>>>>> $this-
>>>>>>>> keyName)) !== false) {
>>>>>>> + $rsa_private_key = $cachedKey;
>>>>>>> + } else {
>>>>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>>>>> + throw new Exception("Could not read keyfile ($keyFile), check
>>>>>>> the
>>>>>>> file name and permission");
>>>>>>> + }
>>>>>>> + // TODO: sending NULL as a second param to
>>>>>>> openssl_pkey_get_private works?
>>>>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>>>>> (Config::get('private_key_phrase')) : null;
>>>>>>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>>>>>>> $phrase)) == false) {
>>>>>>> + //TODO: double check if can input keyfile -inform PEM
>>>>>>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>>>>> + throw new Exception("Could not create temporary file");
>>>>>>> + }
>>>>>>> + if (! @file_put_contents($in,
>>>>>>> base64_decode($rsa_private_key))) {
>>>>>>> + throw new Exception("Could not write to temporary file");
>>>>>>> + }
>>>>>>> + if (! $out = @tempnam(sys_get_temp_dir(),
>>>>>>> "RSA_PRIVATE_KEY_")) {
>>>>>>> + throw new Exception("Could not create temporary file");
>>>>>>> + }
>>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>>> " -
>>>>>>> nocrypt -in " . $in);
>>>>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>>>>> + throw new Exception("Could not read temporary file");
>>>>>>> + }
>>>>>>> + }
>>>>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>>>>> $rsa_private_key);
>>>>>>> + }
>>>>>>> + } catch (Exception $e) {
>>>>>>> + throw new Exception("Error loading private key: " . $e);
>>>>>>> + }
>>>>>>> + $this->privateKey = $rsa_private_key;
>>>>>>> + }
>>>>>>> + }
>>>>>>> +}
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicGadgetOAuthTokenStore.php (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,112 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>> + * distributed with this work for additional information
>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> + * software distributed under the License is distributed on an
>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>> + * specific language governing permissions and limitations
>>>>>>> + * under the License.
>>>>>>> + */
>>>>>>> +
>>>>>>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>>>>>>> +
>>>>>>> + /** default location for consumer keys and secrets */
>>>>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>>>>> + private $KEY_TYPE_KEY = "key_type";
>>>>>>> +
>>>>>>> + public function __construct($store)
>>>>>>> + {
>>>>>>> + parent::__construct($store);
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function initFromConfigFile($fetcher)
>>>>>>> + {
>>>>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>>>>> + // This actually involves fetching gadget specs
>>>>>>> + try {
>>>>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>>>>> +
>>>>>>> + // remove all comments because this confuses the json parser
>>>>>>> + // note: the json parser also crashes on trailing ,'s in
>>>>>>> records
>>>>>>> so please don't use them
>>>>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>>>>> $oauthConfigStr);
>>>>>>> + $oauthConfig = json_decode($contents, true);
>>>>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>>>>> + }
>>>>>>> + } catch (Exception $e) {
>>>>>>> + throw new GadgetException($e);
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>>>>> + {
>>>>>>> + $cache = Config::get('data_cache');
>>>>>>> + $cache = new $cache();
>>>>>>> +
>>>>>>> + // determine which requests we can load from cache, and which
>>>>>>> we
>>>>>>> have to actually fetch
>>>>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>>>>>>> + $gadget = $cachedRequest;
>>>>>>> + } else {
>>>>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>>>>> + $spec = new GadgetSpecParser();
>>>>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>>>>> $context);
>>>>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>>>>> + }
>>>>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>>>>> + {
>>>>>>> + foreach ($oauthConfig as $key => $value) {
>>>>>>> + $serviceName = $key;
>>>>>>> + $consumerInfo = $value;
>>>>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>>>>> $consumerInfo);
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>>>>> $consumerInfo)
>>>>>>> + {
>>>>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>>>>> +
>>>>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>>>>> + $keyType = 'RSA_PRIVATE';
>>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>>> convert it
>>>>>>> + $cache = Config::get('data_cache');
>>>>>>> + $cache = new $cache();
>>>>>>> +
>>>>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>>>>> $serviceName))) !== false) {
>>>>>>> + $consumerSecret = $cachedRequest;
>>>>>>> + } else {
>>>>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>>>>> CONSUMER_SECRET_KEY]));
>>>>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>>> " -
>>>>>>> nocrypt -in " . $in);
>>>>>>> + $consumerSecret = file_get_contents($out);
>>>>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>>>>>>> $keyType);
>>>>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
>>>>>>> $kas);
>>>>>>> + }
>>>>>>> +
>>>>>>> +}
>>>>>>>
>>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicOAuthStore.php
>>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =
>>>>>>> =================================================================
>>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicOAuthStore.php (added)
>>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>>>>> @@ -0,0 +1,149 @@
>>>>>>> +<?php
>>>>>>> +/*
>>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>>> + * distributed with this work for additional information
>>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>>> + * "License"); you may not use this file except in compliance
>>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>>> + *
>>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>>> + *
>>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>>> + * software distributed under the License is distributed on an
>>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>>> + * KIND, either express or implied. See the License for the
>>>>>>> + * specific language governing permissions and limitations under
>>>>>>> the License.
>>>>>>> + */
>>>>>>> +
>>>>>>> +class OAuthNoDataException extends Exception {}
>>>>>>> +
>>>>>>> +class BasicOAuthStore implements OAuthStore {
>>>>>>> +
>>>>>>> + private $providers = array();
>>>>>>> + private $tokens = array();
>>>>>>> +
>>>>>>> + private $defaultConsumerKey;
>>>>>>> + private $defaultConsumerSecret;
>>>>>>> +
>>>>>>> + public function __construct($consumerKey = null, $privateKey =
>>>>>>> null)
>>>>>>> + {
>>>>>>> + $this->defaultConsumerKey = $consumerKey;
>>>>>>> + $this->defaultConsumerSecret = $privateKey;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>>>>> + {
>>>>>>> + $this->providers = $providers;
>>>>>>> + $this->tokens = $tokens;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>>>>> + {
>>>>>>> + $provKey = new ProviderKey();
>>>>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>>>>> + //AccesorInfo
>>>>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>>>>> + //TokenInfo
>>>>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>>>>> + if ($accessToken != null) {
>>>>>>> + // maybe convert into methods
>>>>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>>>>> getAccessToken();
>>>>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>>>>> getTokenSecret();
>>>>>>> + }
>>>>>>> + return $result;
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>>>>> $providerKey)
>>>>>>> + {
>>>>>>> + //ProviderInfo
>>>>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>>>>> +
>>>>>>> + if ($provInfo == null) {
>>>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>>>> store");
>>>>>>> + }
>>>>>>> + //AccesorInfo
>>>>>>> + $result = new AccesorInfo();
>>>>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>>>>> +
>>>>>>> + //ConsumerKeyAndSecret
>>>>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>>>>> +
>>>>>>> + if ($consumerKeyAndSecret == null) {
>>>>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>>>>> defaultConsumerSecret == null) {
>>>>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null
>>>>>>> in
>>>>>>> oauth store");
>>>>>>> + } else {
>>>>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>>>>> defaultConsumerKey, $this->defaultConsumerSecret,
>>>>>>>> OAuthStoreVars::
>>>>>>> $KeyType['RSA_PRIVATE']);
>>>>>>> + }
>>>>>>> + }
>>>>>>> +
>>>>>>> + //OAuthServiceProvider
>>>>>>> + $oauthProvider = $provInfo->getProvider();
>>>>>>> +
>>>>>>> + if (! isset($oauthProvider)) {
>>>>>>> + throw new OAuthNoDataException("OAuthService provider was
>>>>>>> null in
>>>>>>> oauth store");
>>>>>>> + }
>>>>>>> +
>>>>>>> + // Accesing the class
>>>>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>>>>> +
>>>>>>> + //OAuthConsumer
>>>>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>>>>> $oauthProvider);
>>>>>>> +
>>>>>>> + if ($usePublicKeyCrypto) {
>>>>>>> + $consumer-
>>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>>> $SignatureType['RSA_SHA1']);
>>>>>>> + } else {
>>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>>> $SignatureType['HMAC_SHA1']);
>>>>>>> + }
>>>>>>> +
>>>>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>>>>> + return $result;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>>>>> + {
>>>>>>> + $provInfo = $this->providers->get($providerKey);
>>>>>>> +
>>>>>>> + if ($provInfo == null) {
>>>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>>>> store");
>>>>>>> + }
>>>>>>> +
>>>>>>> + return $provInfo;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>>>>> $keyAndSecret)
>>>>>>> + {
>>>>>>> + //ProviderInfo
>>>>>>> + $value = $this->getProviderInfo($providerKey);
>>>>>>> + if ($value == null) {
>>>>>>> + throw new OAuthNoDataException("could not find provider data
>>>>>>> for
>>>>>>> token");
>>>>>>> + }
>>>>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>>>>> $providerInfo)
>>>>>>> + {
>>>>>>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>>>>>>> + }
>>>>>>> +
>>>>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>>>>> + {
>>>>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function getProviderInfo($providerKey)
>>>>>>> + {
>>>>>>> + $key = md5(serialize($providerKey));
>>>>>>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>>>>>>> null;
>>>>>>> + }
>>>>>>> +
>>>>>>> + private function getTokenInfo($tokenKey)
>>>>>>> + {
>>>>>>> + $key = md5(serialize($tokenKey));
>>>>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>>>>>>> + }
>>>>>>> +}
>>>>>>> \ No newline at end of file
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> This message has been scanned for viruses and
>>>>>>> dangerous content by MailScanner, and is
>>>>>>> believed to be clean.
>>>>>> --
>>>>>> This message has been scanned for viruses and
>>>>>> dangerous content by MailScanner, and is
>>>>>> believed to be clean.
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>>
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
I cant really think of a meaningful answer on this unless you give me
some more info..
Did it use to work?
Did you clean your cache? (rm -rf /tmp/shindig)
What gadgets?
Not all gadgets 'just work' (specifically ones that required the
gadget writers to enable your domain, or require your keys), oauth/
signed request based gadgets requires you to generate keys.. and some
gadgets have platform specific stuff in them (hi5/myspace/orkut/etc)
or hard coded values that only work on a specific platform ....
So 'gadgets' is giving me no info what so ever which of these things
could be happening, or if it's really a problem in shindig :)
'Giving errors' it would help a LOT if you could tell me what exact
error your receiving, then i could try to make an educated guess
towards what might be causing this
Since i can't look on your monitor from here, you will have to feed me
a bit more info please :)
-- Chris
On May 22, 2008, at 10:41 AM, Lini H - Clarion, India wrote:
> Chris,
>
> I only mean that the new shindig downloaded is not rendering the
> gadgets and is giving errors (after making the config/htaccess
> changes). The server is giving gadget errors also the sample html
> files.
>
> Regards
> Lini Haridas
> Software Engineer
>
> lini.haridas@clariontechnologies.co.in
> Clarion Technologies
> SEI CMMI Level 3 Company
>
> 4th Floor, Great Eastern Plaza,
> Airport Road,
> Pune- 411 006,
> Maharashtra, India.
> Phone: +91 20 66020289
> Mobile: +91 9823435917
> www.clariontechnologies.co.in
> ----- Original Message -----
> From: "Chris Chabot" <ch...@xs4all.nl>
> To: <sh...@incubator.apache.org>
> Sent: Thursday, May 22, 2008 2:05 PM
> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>
>
>> Could you by any chance be more specific?
>>
>> Things like:
>> Where are you trying this
>> what are you trying (what gadget/feature/etc)
>> what is the result (error messages or anything?)
>>
>> Would help a lot ! :)
>>
>> I have a couple of gadgets (horoscope, set title test module,
>> opensocial 0.7 tests, social hello world) on my profile on
>> partuza.chabotc.com and their working fine for me..
>>
>> -- Chris
>>
>> On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
>>
>>> Hi chris,
>>>
>>> Sorry, but its still not working..
>>>
>>> Regards
>>> Lini Haridas
>>> Software Engineer
>>>
>>> lini.haridas@clariontechnologies.co.in
>>> Clarion Technologies
>>> SEI CMMI Level 3 Company
>>>
>>> 4th Floor, Great Eastern Plaza,
>>> Airport Road,
>>> Pune- 411 006,
>>> Maharashtra, India.
>>> Phone: +91 20 66020289
>>> Mobile: +91 9823435917
>>> www.clariontechnologies.co.in
>>> ----- Original Message -----
>>> From: "Chris Chabot" <ch...@xs4all.nl>
>>> To: <sh...@incubator.apache.org>
>>> Sent: Thursday, May 22, 2008 1:32 PM
>>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>>> trunk/
>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>>
>>>
>>>> Should be working again
>>>>
>>>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>>>
>>>>> Hi Chris,
>>>>>
>>>>> The shindig is not working after the new code changes. I also
>>>>> checked on http://shindig.chabotc.com and none of the samples
>>>>> neither the gadget is working. Is any work still missing on this?
>>>>>
>>>>> Regards
>>>>>
>>>>> Lini Haridas
>>>>> Software Engineer
>>>>>
>>>>> lini.haridas@clariontechnologies.co.in
>>>>> Clarion Technologies
>>>>> SEI CMMI Level 3 Company
>>>>>
>>>>> 4th Floor, Great Eastern Plaza,
>>>>> Airport Road,
>>>>> Pune- 411 006,
>>>>> Maharashtra, India.
>>>>> Phone: +91 20 66020289
>>>>> Mobile: +91 9823435917
>>>>> www.clariontechnologies.co.in
>>>>>
>>>>> ----- Original Message -----
>>>>> From: <ch...@apache.org>
>>>>> To: <sh...@incubator.apache.org>
>>>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>>>>> http/
>>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>>> http/
>>>>>
>>>>>
>>>>>> Author: chabotc
>>>>>> Date: Wed May 21 09:58:52 2008
>>>>>> New Revision: 658758
>>>>>>
>>>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>>>> Log:
>>>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>>>> great work on this. This patch implements OAuth and signed
>>>>>> request
>>>>>> support
>>>>>>
>>>>>> Added:
>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcherFactory.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> GadgetOAuthTokenStore.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> OAuthFetcherFactory.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> OAuthRequestParams.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> OAuthServiceProvider.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>>>> Modified:
>>>>>> incubator/shindig/trunk/php/config.php
>>>>>> incubator/shindig/trunk/php/index.php
>>>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> GadgetRenderingServlet.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>>>> BasicBlobCrypter.php
>>>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>>>> GadgetDataServlet.php
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/config.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52
>>>>>> 2008
>>>>>> @@ -1,4 +1,4 @@
>>>>>> -<?
>>>>>> +<?php
>>>>>> /*
>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>> @@ -45,7 +45,7 @@
>>>>>> // Configurable CSS rules that are injected to the gadget page,
>>>>>> // be careful when adjusting these not to break most gadget's
>>>>>> layouts :)
>>>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>> serif;}
>>>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>>>> color:white;}',
>>>>>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>> input,
>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>> 3px;}',
>>>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>>> input,
>>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>>> 3px;}',
>>>>>>
>>>>>> // The html / javascript samples use a plain text demo token,
>>>>>> // set this to false on anything resembling a real site
>>>>>> @@ -96,6 +96,13 @@
>>>>>> // global cache age policy and location
>>>>>> 'cache_time' => 24 * 60 * 60,
>>>>>> 'cache_root' => '/tmp/shindig',
>>>>>> +
>>>>>> + // OAuth private key Path
>>>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>> private.key',
>>>>>> + // file path to public RSA cert
>>>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>>> public.crt',
>>>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>>>> + 'private_key_phrase' => 'partuza',
>>>>>>
>>>>>> // In some cases we need to know the site root (for features
>>>>>> forinstance)
>>>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/index.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52
>>>>>> 2008
>>>>>> @@ -1,4 +1,4 @@
>>>>>> -<?
>>>>>> +<?php
>>>>>> /*
>>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> * or more contributor license agreements. See the NOTICE file
>>>>>> @@ -48,7 +48,7 @@
>>>>>> // To load these, we scan our entire directory structure
>>>>>> function __autoload($className)
>>>>>> {
>>>>>> - $locations = array('src/common', 'src/common/samplecontainer',
>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>> samplecontainer');
>>>>>> + $locations = array('src/common', 'src/common/samplecontainer',
>>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>>> samplecontainer', 'src/gadgets/oauth');
>>>>>> // Check for the presense of this class in our all our
>>>>>> directories.
>>>>>> $fileName = $className.'.php';
>>>>>> foreach ($locations as $path) {
>>>>>> @@ -65,7 +65,8 @@
>>>>>> Config::get('web_prefix') . '/gadgets/proxy' =>
>>>>>> 'ProxyServlet',
>>>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>>>> 'GadgetRenderingServlet',
>>>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>>>> 'JsonRpcServlet',
>>>>>> - Config::get('web_prefix') . '/social/data' =>
>>>>>> 'GadgetDataServlet'
>>>>>> + Config::get('web_prefix') . '/social/data' =>
>>>>>> 'GadgetDataServlet',
>>>>>> + Config::get('web_prefix') . '/public.crt' =>
>>>>>> 'CertServlet'
>>>>>> );
>>>>>>
>>>>>> // Try to match the request url to our servlet mapping
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>>>> 09:58:52 2008
>>>>>> @@ -1,4 +1,5 @@
>>>>>> <?php
>>>>>> +
>>>>>> /**
>>>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>>>> *
>>>>>> @@ -48,243 +49,248 @@
>>>>>> class JsMinException extends Exception {}
>>>>>>
>>>>>> class JsMin {
>>>>>> - const ORD_LF = 10;
>>>>>> - const ORD_SPACE = 32;
>>>>>> -
>>>>>> - protected $a = '';
>>>>>> - protected $b = '';
>>>>>> - protected $input = '';
>>>>>> - protected $inputIndex = 0;
>>>>>> - protected $inputLength = 0;
>>>>>> - protected $lookAhead = null;
>>>>>> - protected $output = '';
>>>>>> -
>>>>>> - // -- Public Static Methods
>>>>>> --------------------------------------------------
>>>>>> -
>>>>>> - public static function minify($js) {
>>>>>> - $jsmin = new JsMin($js);
>>>>>> - return $jsmin->min();
>>>>>> - }
>>>>>> -
>>>>>> - // -- Public Instance Methods
>>>>>> ------------------------------------------------
>>>>>> -
>>>>>> - public function __construct($input) {
>>>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>>>> - $this->inputLength = strlen($this->input);
>>>>>> - }
>>>>>> -
>>>>>> - // -- Protected Instance Methods
>>>>>> ---------------------------------------------
>>>>>> -
>>>>>> - protected function action($d) {
>>>>>> - switch($d) {
>>>>>> - case 1:
>>>>>> - $this->output .= $this->a;
>>>>>> -
>>>>>> - case 2:
>>>>>> - $this->a = $this->b;
>>>>>> -
>>>>>> - if ($this->a === "'" || $this->a === '"') {
>>>>>> - for (;;) {
>>>>>> - $this->output .= $this->a;
>>>>>> - $this->a = $this->get();
>>>>>> -
>>>>>> - if ($this->a === $this->b) {
>>>>>> - break;
>>>>>> - }
>>>>>> -
>>>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>>>> - throw new JsMinException('Unterminated string
>>>>>> literal.');
>>>>>> - }
>>>>>> -
>>>>>> - if ($this->a === '\\') {
>>>>>> - $this->output .= $this->a;
>>>>>> - $this->a = $this->get();
>>>>>> - }
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - case 3:
>>>>>> - $this->b = $this->next();
>>>>>> -
>>>>>> - if ($this->b === '/' && (
>>>>>> - $this->a === '(' || $this->a === ',' || $this->a ===
>>>>>> '=' ||
>>>>>> - $this->a === ':' || $this->a === '[' || $this->a ===
>>>>>> '!' ||
>>>>>> - $this->a === '&' || $this->a === '|' || $this->a ===
>>>>>> '?')) {
>>>>>> -
>>>>>> - $this->output .= $this->a . $this->b;
>>>>>> -
>>>>>> - for (;;) {
>>>>>> - $this->a = $this->get();
>>>>>> -
>>>>>> - if ($this->a === '/') {
>>>>>> - break;
>>>>>> - } elseif ($this->a === '\\') {
>>>>>> - $this->output .= $this->a;
>>>>>> - $this->a = $this->get();
>>>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>> - throw new JsMinException('Unterminated regular
>>>>>> expression '.
>>>>>> - 'literal.');
>>>>>> - }
>>>>>> -
>>>>>> - $this->output .= $this->a;
>>>>>> - }
>>>>>> -
>>>>>> - $this->b = $this->next();
>>>>>> - }
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - protected function get() {
>>>>>> - $c = $this->lookAhead;
>>>>>> - $this->lookAhead = null;
>>>>>> -
>>>>>> - if ($c === null) {
>>>>>> - if ($this->inputIndex < $this->inputLength) {
>>>>>> - $c = $this->input[$this->inputIndex];
>>>>>> - $this->inputIndex += 1;
>>>>>> - } else {
>>>>>> - $c = null;
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - if ($c === "\r") {
>>>>>> - return "\n";
>>>>>> - }
>>>>>> -
>>>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>>>> self::ORD_SPACE) {
>>>>>> - return $c;
>>>>>> - }
>>>>>> -
>>>>>> - return ' ';
>>>>>> - }
>>>>>> -
>>>>>> - protected function isAlphaNum($c) {
>>>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>>>> $/', $c) === 1;
>>>>>> - }
>>>>>> -
>>>>>> - protected function min() {
>>>>>> - $this->a = "\n";
>>>>>> - $this->action(3);
>>>>>> -
>>>>>> - while ($this->a !== null) {
>>>>>> - switch ($this->a) {
>>>>>> - case ' ':
>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>> - $this->action(1);
>>>>>> - } else {
>>>>>> - $this->action(2);
>>>>>> - }
>>>>>> - break;
>>>>>> -
>>>>>> - case "\n":
>>>>>> - switch ($this->b) {
>>>>>> - case '{':
>>>>>> - case '[':
>>>>>> - case '(':
>>>>>> - case '+':
>>>>>> - case '-':
>>>>>> - $this->action(1);
>>>>>> - break;
>>>>>> -
>>>>>> - case ' ':
>>>>>> - $this->action(3);
>>>>>> - break;
>>>>>> -
>>>>>> - default:
>>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>>> - $this->action(1);
>>>>>> - }
>>>>>> - else {
>>>>>> - $this->action(2);
>>>>>> - }
>>>>>> - }
>>>>>> - break;
>>>>>> -
>>>>>> - default:
>>>>>> - switch ($this->b) {
>>>>>> - case ' ':
>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>> - $this->action(1);
>>>>>> - break;
>>>>>> - }
>>>>>> -
>>>>>> - $this->action(3);
>>>>>> - break;
>>>>>> -
>>>>>> - case "\n":
>>>>>> - switch ($this->a) {
>>>>>> - case '}':
>>>>>> - case ']':
>>>>>> - case ')':
>>>>>> - case '+':
>>>>>> - case '-':
>>>>>> - case '"':
>>>>>> - case "'":
>>>>>> - $this->action(1);
>>>>>> - break;
>>>>>> -
>>>>>> - default:
>>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>>> - $this->action(1);
>>>>>> - }
>>>>>> - else {
>>>>>> - $this->action(3);
>>>>>> - }
>>>>>> - }
>>>>>> - break;
>>>>>> -
>>>>>> - default:
>>>>>> - $this->action(1);
>>>>>> - break;
>>>>>> - }
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - return $this->output;
>>>>>> - }
>>>>>> -
>>>>>> - protected function next() {
>>>>>> - $c = $this->get();
>>>>>> -
>>>>>> - if ($c === '/') {
>>>>>> - switch($this->peek()) {
>>>>>> - case '/':
>>>>>> - for (;;) {
>>>>>> - $c = $this->get();
>>>>>> -
>>>>>> - if (ord($c) <= self::ORD_LF) {
>>>>>> - return $c;
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - case '*':
>>>>>> - $this->get();
>>>>>> -
>>>>>> - for (;;) {
>>>>>> - switch($this->get()) {
>>>>>> - case '*':
>>>>>> - if ($this->peek() === '/') {
>>>>>> - $this->get();
>>>>>> - return ' ';
>>>>>> - }
>>>>>> - break;
>>>>>> -
>>>>>> - case null:
>>>>>> - throw new JsMinException('Unterminated
>>>>>> comment.');
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - default:
>>>>>> - return $c;
>>>>>> - }
>>>>>> - }
>>>>>> -
>>>>>> - return $c;
>>>>>> - }
>>>>>> -
>>>>>> - protected function peek() {
>>>>>> - $this->lookAhead = $this->get();
>>>>>> - return $this->lookAhead;
>>>>>> - }
>>>>>> + const ORD_LF = 10;
>>>>>> + const ORD_SPACE = 32;
>>>>>> +
>>>>>> + protected $a = '';
>>>>>> + protected $b = '';
>>>>>> + protected $input = '';
>>>>>> + protected $inputIndex = 0;
>>>>>> + protected $inputLength = 0;
>>>>>> + protected $lookAhead = null;
>>>>>> + protected $output = '';
>>>>>> +
>>>>>> + // -- Public Static Methods
>>>>>> --------------------------------------------------
>>>>>> +
>>>>>> +
>>>>>> + public static function minify($js)
>>>>>> + {
>>>>>> + $jsmin = new JsMin($js);
>>>>>> + return $jsmin->min();
>>>>>> + }
>>>>>> +
>>>>>> + // -- Public Instance Methods
>>>>>> ------------------------------------------------
>>>>>> +
>>>>>> +
>>>>>> + public function __construct($input)
>>>>>> + {
>>>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>>>> + $this->inputLength = strlen($this->input);
>>>>>> + }
>>>>>> +
>>>>>> + // -- Protected Instance Methods
>>>>>> ---------------------------------------------
>>>>>> +
>>>>>> +
>>>>>> + protected function action($d)
>>>>>> + {
>>>>>> + switch ($d) {
>>>>>> + case 1:
>>>>>> + $this->output .= $this->a;
>>>>>> +
>>>>>> + case 2:
>>>>>> + $this->a = $this->b;
>>>>>> +
>>>>>> + if ($this->a === "'" || $this->a === '"') {
>>>>>> + for (; ; ) {
>>>>>> + $this->output .= $this->a;
>>>>>> + $this->a = $this->get();
>>>>>> +
>>>>>> + if ($this->a === $this->b) {
>>>>>> + break;
>>>>>> + }
>>>>>> +
>>>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>>>> + throw new JsMinException('Unterminated string literal.');
>>>>>> + }
>>>>>> +
>>>>>> + if ($this->a === '\\') {
>>>>>> + $this->output .= $this->a;
>>>>>> + $this->a = $this->get();
>>>>>> + }
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + case 3:
>>>>>> + $this->b = $this->next();
>>>>>> +
>>>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ','
>>>>>> ||
>>>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' ||
>>>>>> $this-
>>>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a
>>>>>>> ===
>>>>>> '?')) {
>>>>>> +
>>>>>> + $this->output .= $this->a . $this->b;
>>>>>> +
>>>>>> + for (; ; ) {
>>>>>> + $this->a = $this->get();
>>>>>> +
>>>>>> + if ($this->a === '/') {
>>>>>> + break;
>>>>>> + } elseif ($this->a === '\\') {
>>>>>> + $this->output .= $this->a;
>>>>>> + $this->a = $this->get();
>>>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>>>> 'literal.');
>>>>>> + }
>>>>>> +
>>>>>> + $this->output .= $this->a;
>>>>>> + }
>>>>>> +
>>>>>> + $this->b = $this->next();
>>>>>> + }
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + protected function get()
>>>>>> + {
>>>>>> + $c = $this->lookAhead;
>>>>>> + $this->lookAhead = null;
>>>>>> +
>>>>>> + if ($c === null) {
>>>>>> + if ($this->inputIndex < $this->inputLength) {
>>>>>> + $c = $this->input[$this->inputIndex];
>>>>>> + $this->inputIndex += 1;
>>>>>> + } else {
>>>>>> + $c = null;
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + if ($c === "\r") {
>>>>>> + return "\n";
>>>>>> + }
>>>>>> +
>>>>>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>>>>> + return $c;
>>>>>> + }
>>>>>> +
>>>>>> + return ' ';
>>>>>> + }
>>>>>> +
>>>>>> + protected function isAlphaNum($c)
>>>>>> + {
>>>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>>>>>> $c) === 1;
>>>>>> + }
>>>>>> +
>>>>>> + protected function min()
>>>>>> + {
>>>>>> + $this->a = "\n";
>>>>>> + $this->action(3);
>>>>>> +
>>>>>> + while ($this->a !== null) {
>>>>>> + switch ($this->a) {
>>>>>> + case ' ':
>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>> + $this->action(1);
>>>>>> + } else {
>>>>>> + $this->action(2);
>>>>>> + }
>>>>>> + break;
>>>>>> +
>>>>>> + case "\n":
>>>>>> + switch ($this->b) {
>>>>>> + case '{':
>>>>>> + case '[':
>>>>>> + case '(':
>>>>>> + case '+':
>>>>>> + case '-':
>>>>>> + $this->action(1);
>>>>>> + break;
>>>>>> +
>>>>>> + case ' ':
>>>>>> + $this->action(3);
>>>>>> + break;
>>>>>> +
>>>>>> + default:
>>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>>> + $this->action(1);
>>>>>> + } else {
>>>>>> + $this->action(2);
>>>>>> + }
>>>>>> + }
>>>>>> + break;
>>>>>> +
>>>>>> + default:
>>>>>> + switch ($this->b) {
>>>>>> + case ' ':
>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>> + $this->action(1);
>>>>>> + break;
>>>>>> + }
>>>>>> +
>>>>>> + $this->action(3);
>>>>>> + break;
>>>>>> +
>>>>>> + case "\n":
>>>>>> + switch ($this->a) {
>>>>>> + case '}':
>>>>>> + case ']':
>>>>>> + case ')':
>>>>>> + case '+':
>>>>>> + case '-':
>>>>>> + case '"':
>>>>>> + case "'":
>>>>>> + $this->action(1);
>>>>>> + break;
>>>>>> +
>>>>>> + default:
>>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>>> + $this->action(1);
>>>>>> + } else {
>>>>>> + $this->action(3);
>>>>>> + }
>>>>>> + }
>>>>>> + break;
>>>>>> +
>>>>>> + default:
>>>>>> + $this->action(1);
>>>>>> + break;
>>>>>> + }
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + return $this->output;
>>>>>> + }
>>>>>> +
>>>>>> + protected function next()
>>>>>> + {
>>>>>> + $c = $this->get();
>>>>>> +
>>>>>> + if ($c === '/') {
>>>>>> + switch ($this->peek()) {
>>>>>> + case '/':
>>>>>> + for (; ; ) {
>>>>>> + $c = $this->get();
>>>>>> +
>>>>>> + if (ord($c) <= self::ORD_LF) {
>>>>>> + return $c;
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + case '*':
>>>>>> + $this->get();
>>>>>> +
>>>>>> + for (; ; ) {
>>>>>> + switch ($this->get()) {
>>>>>> + case '*':
>>>>>> + if ($this->peek() === '/') {
>>>>>> + $this->get();
>>>>>> + return ' ';
>>>>>> + }
>>>>>> + break;
>>>>>> +
>>>>>> + case null:
>>>>>> + throw new JsMinException('Unterminated comment.');
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + default:
>>>>>> + return $c;
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + return $c;
>>>>>> + }
>>>>>> +
>>>>>> + protected function peek()
>>>>>> + {
>>>>>> + $this->lookAhead = $this->get();
>>>>>> + return $this->lookAhead;
>>>>>> + }
>>>>>> }
>>>>>>
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>> RemoteContentFetcher.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>> RemoteContentFetcher.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>> RemoteContentFetcher.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -19,6 +19,18 @@
>>>>>> */
>>>>>>
>>>>>> abstract class RemoteContentFetcher {
>>>>>> +
>>>>>> + protected $fetcher;
>>>>>> +
>>>>>> + protected function setNextFetcher($fetcher = null)
>>>>>> + {
>>>>>> + $this->fetcher = $fetcher;
>>>>>> + }
>>>>>>
>>>>>> abstract public function fetchRequest($request);
>>>>>> +
>>>>>> + public function getNextFetcher()
>>>>>> + {
>>>>>> + return $this->fetcher;
>>>>>> + }
>>>>>> }
>>>>>> \ No newline at end of file
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>>> RemoteContentRequest.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>>> RemoteContentRequest.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>>> RemoteContentRequest.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -15,13 +15,14 @@
>>>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> * KIND, either express or implied. See the License for the
>>>>>> * specific language governing permissions and limitations under
>>>>>> the
>>>>>> License.
>>>>>> - *
>>>>>> + *
>>>>>> */
>>>>>>
>>>>>> class RemoteContentRequest {
>>>>>> // these are used for making the request
>>>>>> - private $url = '';
>>>>>> - private $headers = false;
>>>>>> + private $uri = '';
>>>>>> + private $method = '';
>>>>>> + private $headers = array();
>>>>>> private $postBody = false;
>>>>>> // these fields are filled in once the request has completed
>>>>>> private $responseContent = false;
>>>>>> @@ -29,20 +30,179 @@
>>>>>> private $responseHeaders = false;
>>>>>> private $httpCode = false;
>>>>>> private $contentType = null;
>>>>>> + private $options;
>>>>>> public $handle = false;
>>>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>>>>>> urlencoded; charset=utf-8";
>>>>>> + public static $DEFAULT_OPTIONS = array();
>>>>>>
>>>>>> - public function __construct($url, $headers = false, $postBody =
>>>>>> false)
>>>>>> + public function __construct($uri, $headers = false, $postBody =
>>>>>> false)
>>>>>> {
>>>>>> - $this->url = $url;
>>>>>> + $this->uri = $uri;
>>>>>> $this->headers = $headers;
>>>>>> $this->postBody = $postBody;
>>>>>> }
>>>>>>
>>>>>> + public function createRemoteContentRequest($method, $uri,
>>>>>> $headers, $postBody, $options)
>>>>>> + {
>>>>>> + $this->method = $method;
>>>>>> + $this->uri = $uri;
>>>>>> + $this->options = $options;
>>>>>> + // Copy the headers
>>>>>> + if (! isset($headers)) {
>>>>>> + $this->headers = '';
>>>>>> + } else {
>>>>>> + $setPragmaHeader = false;
>>>>>> + $tmpHeaders = '';
>>>>>> + foreach ($headers as $key => $value) {
>>>>>> + // Proxies should be bypassed with the Pragma: no-cache check.
>>>>>> + //TODO double check array is good for options
>>>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>>>> + $value = "no-cache";
>>>>>> + $setPragmaHeader = true;
>>>>>> + }
>>>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>>>> + }
>>>>>> + // Bypass caching in proxies as well.
>>>>>> + //TODO double check array is good for options
>>>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>>>> + }
>>>>>> + $this->headers = $tmpHeaders;
>>>>>> + }
>>>>>> + if (! isset($postBody)) {
>>>>>> + $this->postBody = '';
>>>>>> + } else {
>>>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>>>> + }
>>>>>> + $type = $this->getHeader("Content-Type");
>>>>>> + if (! isset($type)) {
>>>>>> + $this->contentType = RemoteContentRequest::
>>>>>> $DEFAULT_CONTENT_TYPE;
>>>>>> + } else {
>>>>>> + $this->contentType = $type;
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Creates a new request to a different URL using all request
>>>>>> data
>>>>>> from
>>>>>> + * an existing request.
>>>>>> + *
>>>>>> + * @param uri
>>>>>> + * @param base The base request to copy data from.
>>>>>> + */
>>>>>> + public static function
>>>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>>>> + {
>>>>>> + $this->uri = $uri;
>>>>>> + $this->method = $base->method;
>>>>>> + $this->options = $base->options;
>>>>>> + $this->headers = $base->headers;
>>>>>> + $this->contentType = $base->contentType;
>>>>>> + $this->postBody = $base->postBody;
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Basic GET request.
>>>>>> + *
>>>>>> + * @param uri
>>>>>> + */
>>>>>> + public function createRemoteContentRequestWithUri($uri)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * GET with options
>>>>>> + *
>>>>>> + * @param uri
>>>>>> + * @param options
>>>>>> + */
>>>>>> + public function createRemoteContentRequestWithUriOptions($uri,
>>>>>> $options)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>>> $options);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * GET request with custom headers and default options
>>>>>> + * @param uri
>>>>>> + * @param headers
>>>>>> + */
>>>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>>>> $headers)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * GET request with custom headers + options
>>>>>> + * @param uri
>>>>>> + * @param headers
>>>>>> + * @param options
>>>>>> + */
>>>>>> + public function
>>>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>>>> $options)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>>> $options);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Basic POST request
>>>>>> + * @param uri
>>>>>> + * @param postBody
>>>>>> + */
>>>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>>>> $postBody)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>> $postBody,
>>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * POST request with options
>>>>>> + * @param uri
>>>>>> + * @param postBody
>>>>>> + * @param options
>>>>>> + */
>>>>>> + public function
>>>>>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>>>>>> $options)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("POST", $uri, null,
>>>>>> $postBody,
>>>>>> $options);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * POST request with headers
>>>>>> + * @param uri
>>>>>> + * @param headers
>>>>>> + * @param postBody
>>>>>> + */
>>>>>> + public function
>>>>>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>>>>>> $postBody)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * POST request with options + headers
>>>>>> + * @param uri
>>>>>> + * @param headers
>>>>>> + * @param postBody
>>>>>> + * @param options
>>>>>> + */
>>>>>> + public function
>>>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>>>> $headers, $postBody, $options)
>>>>>> + {
>>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>>> $postBody, $options);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Creates a simple GET request
>>>>>> + *
>>>>>> + * @param uri
>>>>>> + * @param ignoreCache
>>>>>> + */
>>>>>> + public function getRequest($uri, $ignoreCache)
>>>>>> + {
>>>>>> + $options = new Options();
>>>>>> + $options->ignoreCache = $ignoreCache;
>>>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>>>> $options);
>>>>>> + }
>>>>>> +
>>>>>> // returns a hash code which identifies this request, used for
>>>>>> caching
>>>>>> - // takes url and postbody into account for constructing the md5
>>>>>> checksum
>>>>>> + // takes url and postbody into account for constructing the
>>>>>> sha1
>>>>>> checksum
>>>>>> public function toHash()
>>>>>> {
>>>>>> - return md5($this->url . $this->postBody);
>>>>>> + return md5($this->uri . $this->postBody);
>>>>>> }
>>>>>>
>>>>>> public function getContentType()
>>>>>> @@ -92,7 +252,17 @@
>>>>>>
>>>>>> public function getUrl()
>>>>>> {
>>>>>> - return $this->url;
>>>>>> + return $this->uri;
>>>>>> + }
>>>>>> +
>>>>>> + public function getMethod()
>>>>>> + {
>>>>>> + return $this->method;
>>>>>> + }
>>>>>> +
>>>>>> + public function getOptions()
>>>>>> + {
>>>>>> + return $this->options;
>>>>>> }
>>>>>>
>>>>>> public function setContentType($type)
>>>>>> @@ -125,14 +295,37 @@
>>>>>> $this->headers = $headers;
>>>>>> }
>>>>>>
>>>>>> + //FIXME: Find a better way to do this
>>>>>> + // The headers can be an array of elements.
>>>>>> + public function getHeader($headerName)
>>>>>> + {
>>>>>> + $headers = explode("\n", $this->headers);
>>>>>> + foreach ($headers as $header) {
>>>>>> + $key = explode(":", $header);
>>>>>> + if ($key[0] == $headerName)
>>>>>> + return $key[1];
>>>>>> + }
>>>>>> + return null;
>>>>>> + }
>>>>>> +
>>>>>> public function setPostBody($postBody)
>>>>>> {
>>>>>> $this->postBody = $postBody;
>>>>>> }
>>>>>>
>>>>>> - public function setUrl($url)
>>>>>> + public function setUri($uri)
>>>>>> {
>>>>>> - $this->url = $url;
>>>>>> + $this->uri = $uri;
>>>>>> }
>>>>>>
>>>>>> -}
>>>>>> \ No newline at end of file
>>>>>> +}
>>>>>> +
>>>>>> +/**
>>>>>> + * Bag of options for making a request.
>>>>>> + *
>>>>>> + * This object is mutable to keep us sane. Don't mess with it
>>>>>> once
>>>>>> you've
>>>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>>>> + */
>>>>>> +class Options {
>>>>>> + public $ignoreCache = false;
>>>>>> +}
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed
>>>>>> May
>>>>>> 21 09:58:52 2008
>>>>>> @@ -80,7 +80,7 @@
>>>>>> self::loadFile($file, $dirs, true);
>>>>>> } else {
>>>>>> self::_securityCheck($file);
>>>>>> - include_once $file;
>>>>>> + include_once 'src/common/'.$file;
>>>>>> }
>>>>>>
>>>>>> if (!class_exists($class, false) && !
>>>>>> interface_exists($class, false)) {
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>> GadgetContext.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>>>>>> May 21 09:58:52 2008
>>>>>> @@ -26,21 +26,21 @@
>>>>>> * Server wide variables are stored in config.php
>>>>>> */
>>>>>> class GadgetContext {
>>>>>> - private $httpFetcher = null;
>>>>>> - private $locale = null;
>>>>>> - private $renderingContext = null;
>>>>>> - private $registry = null;
>>>>>> - private $userPrefs = null;
>>>>>> - private $gadgetId = null;
>>>>>> - private $view = null;
>>>>>> - private $moduleId = null;
>>>>>> - private $url = null;
>>>>>> - private $cache = null;
>>>>>> - private $blacklist = null;
>>>>>> - private $ignoreCache = null;
>>>>>> - private $forcedJsLibs = null;
>>>>>> - private $containerConfig = null;
>>>>>> - private $container = null;
>>>>>> + protected $httpFetcher = null;
>>>>>> + protected $locale = null;
>>>>>> + protected $renderingContext = null;
>>>>>> + protected $registry = null;
>>>>>> + protected $userPrefs = null;
>>>>>> + protected $gadgetId = null;
>>>>>> + protected $view = null;
>>>>>> + protected $moduleId = null;
>>>>>> + protected $url = null;
>>>>>> + protected $cache = null;
>>>>>> + protected $blacklist = null;
>>>>>> + protected $ignoreCache = null;
>>>>>> + protected $forcedJsLibs = null;
>>>>>> + protected $containerConfig = null;
>>>>>> + protected $container = null;
>>>>>>
>>>>>> public function __construct($renderingContext)
>>>>>> {
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>> GadgetSpecParser.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -36,7 +36,7 @@
>>>>>> }
>>>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>>>> // process ModulePref attributes
>>>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs,
>>>>>> $context);
>>>>>> // process UserPrefs, if any
>>>>>> foreach ($doc->UserPref as $pref) {
>>>>>> $this->processUserPref($gadget, $pref);
>>>>>> @@ -54,7 +54,7 @@
>>>>>> return $gadget;
>>>>>> }
>>>>>>
>>>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>>>> $context)
>>>>>> {
>>>>>> $attributes = $ModulePrefs->attributes();
>>>>>> if (empty($attributes['title'])) {
>>>>>> @@ -90,11 +90,11 @@
>>>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>>>> trim($attributes['scaling']) : '';
>>>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>>>> trim($attributes['scrolling']) : '';
>>>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>>>> + $gadget->localeSpecs[] = $this->processLocale($locale,
>>>>>> $context);
>>>>>> }
>>>>>> }
>>>>>>
>>>>>> - private function processLocale($locale)
>>>>>> + private function processLocale($locale, $context)
>>>>>> {
>>>>>> $attributes = $locale->attributes();
>>>>>> $messageAttr = isset($attributes['messages']) ?
>>>>>> trim($attributes['messages']) : '';
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>>> (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed
>>>>>> May
>>>>>> 21 09:58:52 2008
>>>>>> @@ -0,0 +1,70 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>> + * distributed with this work for additional information
>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>> + * "License"); you may not use this file except in compliance
>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> + * software distributed under the License is distributed on an
>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> + * KIND, either express or implied. See the License for the
>>>>>> + * specific language governing permissions and limitations under
>>>>>> the License.
>>>>>> + *
>>>>>> + */
>>>>>> +
>>>>>> +/**
>>>>>> + * An abstract representation of a signing token.
>>>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>>>> + */
>>>>>> +abstract class GadgetToken {
>>>>>> +
>>>>>> + //FIXME Hmm seems php is refusing to let me make abstract
>>>>>> static
>>>>>> functions? odd
>>>>>> + static public function createFromToken($token, $maxage) {}
>>>>>> + static public function createFromValues($owner, $viewer, $app,
>>>>>> $domain, $appUrl, $moduleId) {}
>>>>>> +
>>>>>> +
>>>>>> + /**
>>>>>> + * Serializes the token into a string. This can be the exact
>>>>>> same as
>>>>>> + * toString; using a different name here is only to force
>>>>>> interface
>>>>>> + * compliance.
>>>>>> + *
>>>>>> + * @return A string representation of the token.
>>>>>> + */
>>>>>> + abstract public function toSerialForm();
>>>>>> +
>>>>>> + /**
>>>>>> + * @return the owner from the token, or null if there is none.
>>>>>> + */
>>>>>> + abstract public function getOwnerId();
>>>>>> +
>>>>>> + /**
>>>>>> + * @return the viewer from the token, or null if there is
>>>>>> none.
>>>>>> + */
>>>>>> + abstract public function getViewerId();
>>>>>> +
>>>>>> + /**
>>>>>> + * @return the application id from the token, or null if there
>>>>>> is none.
>>>>>> + */
>>>>>> + abstract public function getAppId();
>>>>>> +
>>>>>> + /**
>>>>>> + * @return the domain from the token, or null if there is
>>>>>> none.
>>>>>> + */
>>>>>> + abstract public function getDomain();
>>>>>> +
>>>>>> + /**
>>>>>> + * @return the URL of the application
>>>>>> + */
>>>>>> + abstract public function getAppUrl();
>>>>>> +
>>>>>> + /**
>>>>>> + * @return the module ID of the application
>>>>>> + */
>>>>>> + abstract public function getModuleId();
>>>>>> +}
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>> GadgetTokenDecoder.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>> GadgetTokenDecoder.php
>>>>>> (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>> GadgetTokenDecoder.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,34 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>> + * distributed with this work for additional information
>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>> + * "License"); you may not use this file except in compliance
>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> + * software distributed under the License is distributed on an
>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> + * KIND, either express or implied. See the License for the
>>>>>> + * specific language governing permissions and limitations
>>>>>> + * under the License.
>>>>>> + */
>>>>>> +
>>>>>> +/**
>>>>>> + * Handles verification of gadget security tokens.
>>>>>> + */
>>>>>> +abstract class GadgetTokenDecoder {
>>>>>> +
>>>>>> + /**
>>>>>> + * Decrypts and verifies a gadget security token to return a
>>>>>> gadget token.
>>>>>> + *
>>>>>> + * @param tokenString String representation of the token to be
>>>>>> created.
>>>>>> + * @return The token representation of the input data.
>>>>>> + * @throws GadgetException If tokenString is not a valid token
>>>>>> + */
>>>>>> + abstract public function createToken($tokenString);
>>>>>> +}
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>>>>>> 21 09:58:52 2008
>>>>>> @@ -24,7 +24,7 @@
>>>>>> private $content;
>>>>>> private $featureName; // used to track what feature this
>>>>>> belongs to
>>>>>> private $loaded = false;
>>>>>> -
>>>>>> +
>>>>>> public function __construct($type, $content, $featureName = '')
>>>>>> {
>>>>>> $this->featureName = $featureName;
>>>>>> @@ -39,11 +39,11 @@
>>>>>>
>>>>>> public function getContent()
>>>>>> {
>>>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>>>> if (Config::get('compress_javascript')) {
>>>>>> $dataCache = Config::get('data_cache');
>>>>>> $dataCache = new $dataCache();
>>>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>>>> $content = JsMin::minify(JsLibrary::loadData($this->content,
>>>>>> $this-
>>>>>>> type));
>>>>>> $dataCache->set(md5($this->content), $content);
>>>>>> $this->content = $content;
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>> JsonRpcGadgetContext.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>> JsonRpcGadgetContext.php (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>>>> @@ -1,10 +1,6 @@
>>>>>> <?php
>>>>>>
>>>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>>>> - private $locale = null;
>>>>>> - private $view = null;
>>>>>> - private $url = null;
>>>>>> - private $container = null;
>>>>>>
>>>>>> public function __construct($jsonContext, $url)
>>>>>> {
>>>>>> @@ -15,23 +11,8 @@
>>>>>> $this->container = $jsonContext->container;
>>>>>> }
>>>>>>
>>>>>> - public function getUrl()
>>>>>> - {
>>>>>> - return $this->url;
>>>>>> - }
>>>>>> -
>>>>>> public function getView()
>>>>>> {
>>>>>> return $this->view;
>>>>>> }
>>>>>> -
>>>>>> - public function getLocale()
>>>>>> - {
>>>>>> - return $this->locale;
>>>>>> - }
>>>>>> -
>>>>>> - public function getContainer()
>>>>>> - {
>>>>>> - return $this->container;
>>>>>> - }
>>>>>> }
>>>>>> \ No newline at end of file
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>>> ProxyGadgetContext.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>>> ProxyGadgetContext.php
>>>>>> (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>>> ProxyGadgetContext.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,10 @@
>>>>>> +<?php
>>>>>> +
>>>>>> +class ProxyGadgetContext extends GadgetContext {
>>>>>> +
>>>>>> + public function __construct($url)
>>>>>> + {
>>>>>> + parent::__construct('GADGET');
>>>>>> + $this->url = $url;
>>>>>> + }
>>>>>> +}
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>>> ProxyHandler.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>>>>>> May 21 09:58:52 2008
>>>>>> @@ -29,11 +29,15 @@
>>>>>> *
>>>>>> */
>>>>>> class ProxyHandler {
>>>>>> - private $context;
>>>>>> + private $context;
>>>>>> + private $signingFetcher;
>>>>>> + private $oauthFetcher;
>>>>>>
>>>>>> - public function __construct($context)
>>>>>> + public function __construct($context, $signingFetcher = null,
>>>>>> $oauthFetcher = null)
>>>>>> {
>>>>>> - $this->context = $context;
>>>>>> + $this->context = $context;
>>>>>> + $this->signingFetcher = $signingFetcher;
>>>>>> + $this->oauthFetcher = $oauthFetcher;
>>>>>> }
>>>>>>
>>>>>> /**
>>>>>> @@ -51,11 +55,21 @@
>>>>>> $token = '';
>>>>>> // no token given, safe to ignore
>>>>>> }
>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>> + $url = $this->validateUrl($url);
>>>>>> // Fetch the content and convert it into JSON.
>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>>>> + if (!isset($result)) {
>>>>>> + //OAuthFetcher only
>>>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>>>> + $json = array($url => $metadata);
>>>>>> + $json = json_encode($json);
>>>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>>>> + $this->setCachingHeaders();
>>>>>> + header("Content-Type: application/json; charset=utf-8", true);
>>>>>> + echo $output;
>>>>>> + die();
>>>>>> + }
>>>>>> $status = (int)$result->getHttpCode();
>>>>>> //header("HTTP/1.1 $status", true);
>>>>>> if ($status == 200) {
>>>>>> @@ -174,10 +188,9 @@
>>>>>> $token = '';
>>>>>> // no token given, safe to ignore
>>>>>> }
>>>>>> - $originalUrl = $this->validateUrl($url);
>>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>>> + $url = $this->validateUrl($url);
>>>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>>> + $result = $this->fetchContent($url, $method);
>>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>>> $status = (int)$result->getHttpCode();
>>>>>> if ($status == 200) {
>>>>>> @@ -208,11 +221,11 @@
>>>>>> /**
>>>>>> * Both fetch and fetchJson call this function to retrieve the
>>>>>> actual content
>>>>>> *
>>>>>> - * @param string $signedUrl the signed url to fetch
>>>>>> + * @param string $url the url to fetch
>>>>>> * @param string $method either get or post
>>>>>> * @return the filled in request (RemoteContentRequest)
>>>>>> */
>>>>>> - private function fetchContent($signedUrl, $method)
>>>>>> + private function fetchContent($url, $method)
>>>>>> {
>>>>>> //TODO get actual character encoding from the request
>>>>>>
>>>>>> @@ -250,14 +263,41 @@
>>>>>> }
>>>>>> // even if postData is an empty string, it will still post (since
>>>>>> RemoteContentRquest checks if its false)
>>>>>> // so the request to POST is still honored
>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>>>> $postData);
>>>>>> + $request = new RemoteContentRequest($url, $headers, $postData);
>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>> $context);
>>>>>> } else {
>>>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>>>> + $request = new RemoteContentRequest($url, $headers);
>>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>>> $context);
>>>>>> }
>>>>>> return $request;
>>>>>> }
>>>>>> +
>>>>>> + private function fetchContentDivert($url, $method, $signer)
>>>>>> + {
>>>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>>>> + $token = $this->extractAndValidateToken($signer);
>>>>>> + switch (strtoupper($authz)) {
>>>>>> + case 'SIGNED':
>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>> + return $fetcher->fetch($url, $method);
>>>>>> + case 'AUTHENTICATED':
>>>>>> + $params = new OAuthRequestParams();
>>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>>> BasicRemoteContentFetcher(), $token);
>>>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>>>> + $request = new RemoteContentRequest($url);
>>>>>> + $request->createRemoteContentRequestWithUri($url);
>>>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>>>> + case 'NONE':
>>>>>> + default:
>>>>>> + return $this->fetchContent($url, $method);
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + public function setContentFetcher($contentFetcherFactory)
>>>>>> + {
>>>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>>>> + }
>>>>>>
>>>>>> /**
>>>>>> * Sets the caching headers (overwriting anything the remote host
>>>>>> set) to force
>>>>>> @@ -282,6 +322,7 @@
>>>>>> private function validateUrl($url)
>>>>>> {
>>>>>> //TODO should really make a PHP version of the URI class and
>>>>>> validate in all the locations the java version does
>>>>>> + // why not use Zend::Uri:
>>>>>> return $url;
>>>>>> }
>>>>>>
>>>>>> @@ -293,40 +334,17 @@
>>>>>> * @return string the token to use in the signed url
>>>>>> */
>>>>>> private function extractAndValidateToken($signer)
>>>>>> - {
>>>>>> - if ($signer == null) {
>>>>>> - return null;
>>>>>> - }
>>>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>>>> - if ($token) {
>>>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>> - }
>>>>>> + {
>>>>>> + if ($signer == null) {
>>>>>> + return null;
>>>>>> + }
>>>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>>>> + if (!isset($token) || $token == '') {
>>>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>>> + }
>>>>>> return $signer->createToken($token);
>>>>>> }
>>>>>> -
>>>>>> - /**
>>>>>> - * Signs a url with the SecurityToken
>>>>>> - *
>>>>>> - * @param string $originalUrl
>>>>>> - * @param SecurityToken $token
>>>>>> - * @return unknown
>>>>>> - */
>>>>>> - private function signUrl($originalUrl, $token)
>>>>>> - {
>>>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>>>> - if (! $authz) {
>>>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>>>> - }
>>>>>> - if ($token == null || $authz != 'signed') {
>>>>>> - return $originalUrl;
>>>>>> - }
>>>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>> false;
>>>>>> - if ($method) {
>>>>>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>>> 'GET';
>>>>>> - }
>>>>>> - return $token->signUrl($originalUrl, $method);
>>>>>> - }
>>>>>> -
>>>>>> +
>>>>>> private function request_headers()
>>>>>> {
>>>>>> // Try to use apache's request headers if available
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> CertServlet.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>> (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,42 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>> + * distributed with this work for additional information
>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>> + * "License"); you may not use this file except in compliance
>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> + * software distributed under the License is distributed on an
>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> + * KIND, either express or implied. See the License for the
>>>>>> + * specific language governing permissions and limitations under
>>>>>> the License.
>>>>>> + *
>>>>>> + */
>>>>>> +require 'src/common/HttpServlet.php';
>>>>>> +
>>>>>> +/**
>>>>>> + * This class serves the public certificate, quick and dirty
>>>>>> hack
>>>>>> to make the certificate publicly accessible
>>>>>> + * this combined with the hard coded location in
>>>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>>>> + * for the oauth pub key location makes a working whole
>>>>>> + */
>>>>>> +class CertServlet extends HttpServlet {
>>>>>> +
>>>>>> + /**
>>>>>> + * Handles the get file request, only called on url = /
>>>>>> public.crt
>>>>>> + * so this function has no logic other then to output the cert
>>>>>> + */
>>>>>> + public function doGet()
>>>>>> + {
>>>>>> + $file = Config::get('public_key_file');
>>>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>>>> + throw new Exception("Invalid public key location ($file), check
>>>>>> config and file permissions");
>>>>>> + }
>>>>>> + $this->setLastModified(filemtime($file));
>>>>>> + readfile($file);
>>>>>> + }
>>>>>> +}
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> FilesServlet.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -25,7 +25,7 @@
>>>>>> * the php version too
>>>>>> */
>>>>>> class FilesServlet extends HttpServlet {
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Handles the get file request, if the file exists and is in the
>>>>>> correct
>>>>>> * location it's echo'd to the browser (with a basic content type
>>>>>> guessing
>>>>>> @@ -46,14 +46,14 @@
>>>>>> die();
>>>>>> }
>>>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>>>> is_file($file)) {
>>>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>>>> is_file($file)) {
>>>>>> header("HTTP/1.0 404 Not Found", true);
>>>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>>>> die();
>>>>>> }
>>>>>> $dot = strrpos($file, '.');
>>>>>> if ($dot) {
>>>>>> - $ext = strtolower(substr($file, $dot+1));
>>>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>>>> if ($ext == 'html' || $ext == 'htm') {
>>>>>> $this->setContentType('text/html');
>>>>>> } elseif ($ext == 'js') {
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> GadgetRenderingServlet.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> GadgetRenderingServlet.php (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>>>> @@ -52,7 +52,7 @@
>>>>>> */
>>>>>> class GadgetRenderingServlet extends HttpServlet {
>>>>>> private $context;
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Creates the gadget using the GadgetServer class and calls
>>>>>> outputGadget
>>>>>> *
>>>>>> @@ -71,11 +71,11 @@
>>>>>> $gadgetServer = new GadgetServer();
>>>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>>>> $this->outputGadget($gadget, $this->context);
>>>>>> - } catch ( Exception $e ) {
>>>>>> + } catch (Exception $e) {
>>>>>> $this->outputError($e);
>>>>>> }
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * If an error occured (Exception) this function echo's the
>>>>>> Exception's message
>>>>>> * and if the config['debug'] is true, shows the debug backtrace
>>>>>> in
>>>>>> a div
>>>>>> @@ -95,7 +95,7 @@
>>>>>> }
>>>>>> echo "</body></html>";
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Takes the gadget to output, and depending on its content type
>>>>>> calls either outputHtml-
>>>>>> * or outputUrlGadget
>>>>>> @@ -107,15 +107,15 @@
>>>>>> {
>>>>>> $view = HttpUtil::getView($gadget, $context);
>>>>>> switch ($view->getType()) {
>>>>>> - case 'HTML' :
>>>>>> + case 'HTML':
>>>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>>>> break;
>>>>>> - case 'URL' :
>>>>>> + case 'URL':
>>>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>>>> break;
>>>>>> }
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Outputs a html content type gadget.
>>>>>> * It creates a html page, with the javascripts from the features
>>>>>> inline into the page, plus
>>>>>> @@ -144,16 +144,13 @@
>>>>>> }
>>>>>> // Was a privacy policy header configured? if so set it
>>>>>> if (Config::get('P3P') != '') {
>>>>>> - header("P3P: ".Config::get('P3P'));
>>>>>> + header("P3P: " . Config::get('P3P'));
>>>>>> }
>>>>>> - if (!$view->getQuirks()) {
>>>>>> + if (! $view->getQuirks()) {
>>>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>>>> \">\n";
>>>>>> }
>>>>>> - echo "<html>\n<head>".
>>>>>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>>>>>> style>".
>>>>>> - "</head><body>".
>>>>>> - "<script><!--\n";
>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>>>> "<script><!--\n";
>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>> $type = $library->getType();
>>>>>> if ($type == 'URL') {
>>>>>> // TODO: This case needs to be handled more gracefully by the js
>>>>>> @@ -173,15 +170,12 @@
>>>>>> // Forced libs first.
>>>>>> if (! empty($forcedLibs)) {
>>>>>> $libs = explode(':', $forcedLibs);
>>>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').
>>>>>> $this-
>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>>>> $this-
>>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>>> }
>>>>>> if (strlen($externJs) > 0) {
>>>>>> echo $externJs;
>>>>>> }
>>>>>> - echo "<script><!--\n".
>>>>>> - $this->appendJsConfig($context, $gadget).
>>>>>> - $this->appendMessages($gadget).
>>>>>> - "-->\n</script>\n";
>>>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>>>
>>>>>> $gadgetExceptions = array();
>>>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>>>> getContent());
>>>>>> @@ -192,11 +186,9 @@
>>>>>> if (count($gadgetExceptions)) {
>>>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>>>> }
>>>>>> - echo $content . "\n".
>>>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>>>> - "</body>\n</html>";
>>>>>> + echo $content . "\n" .
>>>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>>>>>> \n</html>";
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Output's a URL content type gadget, it adds
>>>>>> libs=<list:of:js:libraries>.js and user preferences
>>>>>> * to the href url, and redirects the browser to it
>>>>>> @@ -215,7 +207,7 @@
>>>>>> $forcedLibs = Config::get('focedJsLibs');
>>>>>> if ($forcedLibs == null) {
>>>>>> $reqs = $gadget->getRequires();
>>>>>> - foreach ( $reqs as $key => $val ) {
>>>>>> + foreach ($reqs as $key => $val) {
>>>>>> $libs[] = $key;
>>>>>> }
>>>>>> } else {
>>>>>> @@ -231,7 +223,7 @@
>>>>>> header('Location: ' . $redirURI);
>>>>>> die();
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Returns the requested libs (from getjsUrl) with the
>>>>>> libs_param_name prepended
>>>>>> * ie: in libs=core:caja:etc.js format
>>>>>> @@ -248,7 +240,7 @@
>>>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>>>> return $ret;
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * Returns the user preferences in &up_<name>=<val> format
>>>>>> *
>>>>>> @@ -259,7 +251,7 @@
>>>>>> private function getPrefsQueryString($prefVals)
>>>>>> {
>>>>>> $ret = '';
>>>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>>>> $ret .= '&';
>>>>>> $ret .= Config::get('userpref_param_prefix');
>>>>>> $ret .= urlencode($key);
>>>>>> @@ -268,10 +260,10 @@
>>>>>> }
>>>>>> return $ret;
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> /**
>>>>>> * generates the library string (core:caja:etc.js) including a
>>>>>> checksum of all the
>>>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>>>> *
>>>>>> * @param string $libs
>>>>>> * @param Gadget $gadget
>>>>>> @@ -284,7 +276,7 @@
>>>>>> $buf = 'core';
>>>>>> } else {
>>>>>> $firstDone = false;
>>>>>> - foreach ( $libs as $lib ) {
>>>>>> + foreach ($libs as $lib) {
>>>>>> if ($firstDone) {
>>>>>> $buf .= ':';
>>>>>> } else {
>>>>>> @@ -296,7 +288,7 @@
>>>>>> // Build a version string from the sha1() checksum of all
>>>>>> included
>>>>>> javascript
>>>>>> // to ensure the client always has the right version
>>>>>> $inlineJs = '';
>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>> $type = $library->getType();
>>>>>> if ($type != 'URL') {
>>>>>> $inlineJs .= $library->getContent() . "\n";
>>>>>> @@ -305,14 +297,14 @@
>>>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>>>> return $buf;
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> private function appendJsConfig($context, $gadget)
>>>>>> {
>>>>>> $container = $context->getContainer();
>>>>>> $containerConfig = $context->getContainerConfig();
>>>>>> $gadgetConfig = array();
>>>>>> $featureConfig = $containerConfig->getConfig($container,
>>>>>> 'gadgets.features');
>>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>>> $feature = $library->getFeatureName();
>>>>>> if (! isset($gadgetConfig[$feature]) && !
>>>>>> empty($featureConfig[$feature])) {
>>>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>>>> @@ -320,7 +312,7 @@
>>>>>> }
>>>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");
>>>>>> \n";
>>>>>> }
>>>>>> -
>>>>>> +
>>>>>> private function appendMessages($gadget)
>>>>>> {
>>>>>> $msgs = '';
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> JsServlet.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>>> Wed
>>>>>> May 21 09:58:52 2008
>>>>>> @@ -30,7 +30,7 @@
>>>>>> * to retrieve our features javascript code
>>>>>> */
>>>>>> class JsServlet extends HttpServlet {
>>>>>> -
>>>>>> +
>>>>>> public function doGet()
>>>>>> {
>>>>>> $this->noHeaders = true;
>>>>>>
>>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> ProxyServlet.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>> (original)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -26,6 +26,8 @@
>>>>>> require 'src/common/RemoteContent.php';
>>>>>> require 'src/common/Cache.php';
>>>>>> require 'src/common/RemoteContentFetcher.php';
>>>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>>>
>>>>>> class ProxyServlet extends HttpServlet {
>>>>>>
>>>>>> @@ -39,6 +41,7 @@
>>>>>> if (! $url) {
>>>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>>>> }
>>>>>> + $url = urldecode($url);
>>>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>>> false;
>>>>>> if (! $method) {
>>>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>>> 'GET';
>>>>>> @@ -49,7 +52,8 @@
>>>>>> }
>>>>>> $gadgetSigner = Config::get('security_token_signer');
>>>>>> $gadgetSigner = new $gadgetSigner();
>>>>>> - $proxyHandler = new ProxyHandler($context);
>>>>>> + $signingFetcherFactory = new
>>>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>>>> + $proxyHandler = new ProxyHandler($context,
>>>>>> $signingFetcherFactory);
>>>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>>>> } else {
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcher.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcher.php
>>>>>> (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcher.php
>>>>>> Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,216 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed under the Apache License, Version 2.0 (the
>>>>>> "License");
>>>>>> + * you may not use this file except in compliance with the
>>>>>> License.
>>>>>> + * You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> software
>>>>>> + * distributed under the License is distributed on an "AS IS"
>>>>>> BASIS,
>>>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
>>>>>> express or
>>>>>> implied.
>>>>>> + * See the License for the specific language governing
>>>>>> permissions
>>>>>> and
>>>>>> + * limitations under the License.
>>>>>> + */
>>>>>> +
>>>>>> +/**
>>>>>> + * Implements signed fetch based on the OAuth request signing
>>>>>> algorithm.
>>>>>> + *
>>>>>> + * Subclasses can override signMessage to use their own crypto
>>>>>> if
>>>>>> they don't
>>>>>> + * like the oauth.net code for some reason.
>>>>>> + *
>>>>>> + * Instances of this class are only accessed by a single
>>>>>> thread at
>>>>>> a time,
>>>>>> + * but instances may be created by multiple threads.
>>>>>> + */
>>>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>>>> +
>>>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>>>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>>>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>>>> "xoauth_signature_publickey";
>>>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>>>> +
>>>>>> + //protected final TimeSource clock = new TimeSource();
>>>>>> +
>>>>>> + /**
>>>>>> + * Authentication token for the user and gadget making the
>>>>>> request.
>>>>>> + */
>>>>>> + protected $authToken;
>>>>>> +
>>>>>> + /**
>>>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can
>>>>>> be a
>>>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>>>> encoded byte
>>>>>> + * array for the private key.(No, really, they accept any of
>>>>>> them.)
>>>>>> + */
>>>>>> + protected $privateKeyObject;
>>>>>> +
>>>>>> + /**
>>>>>> + * The name of the key, included in the fetch to help with key
>>>>>> rotation.
>>>>>> + */
>>>>>> + protected $keyName;
>>>>>> +
>>>>>> + /**
>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>> object.
>>>>>> + *
>>>>>> + * @param authToken verified gadget security token
>>>>>> + * @param keyName name of the key to include in the request
>>>>>> + * @param privateKey the key to use for the signing
>>>>>> + */
>>>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>>>> $keyName, $privateKey)
>>>>>> + {
>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>> $privateKey);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>> object.
>>>>>> + *
>>>>>> + * @param authToken verified gadget security token
>>>>>> + * @param keyName name of the key to include in the request
>>>>>> + * @param privateKey base64 encoded private key
>>>>>> + */
>>>>>> + public static function makeFromB64PrivateKey($next, $authToken,
>>>>>> $keyName, $privateKey)
>>>>>> + {
>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>> $privateKey);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Constructor based on signing with the given PrivateKey
>>>>>> object.
>>>>>> + *
>>>>>> + * @param authToken verified gadget security token
>>>>>> + * @param keyName name of the key to include in the request
>>>>>> + * @param privateKey DER encoded private key
>>>>>> + */
>>>>>> + public static function makeFromPrivateKeyBytes($next,
>>>>>> $authToken,
>>>>>> $keyName, $privateKey)
>>>>>> + {
>>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>>> $privateKey);
>>>>>> + }
>>>>>> +
>>>>>> + protected function __construct($next, $authToken, $keyName,
>>>>>> $privateKeyObject)
>>>>>> + {
>>>>>> + parent::setNextFetcher($next);
>>>>>> + $this->authToken = $authToken;
>>>>>> + $this->keyName = $keyName;
>>>>>> + $this->privateKeyObject = $privateKeyObject;
>>>>>> + }
>>>>>> +
>>>>>> + public function fetchRequest($request)
>>>>>> + {
>>>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>>>> + }
>>>>>> +
>>>>>> + public function fetch($url, $method)
>>>>>> + {
>>>>>> + $signed = $this->signRequest($url, $method);
>>>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>>>> + }
>>>>>> +
>>>>>> + private function signRequest($url, $method)
>>>>>> + {
>>>>>> + try {
>>>>>> + // Parse the request into parameters for OAuth signing,
>>>>>> stripping
>>>>>> out
>>>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>>>> + ///////////////////////////////////////////////
>>>>>> + require 'src/common/Zend/Uri.php';
>>>>>> + $uri = Zend_Uri::factory($url);
>>>>>> + $resource = $uri->getUri();
>>>>>> + $queryParams = $this->sanitize($_GET);
>>>>>> + $postParams = $this->sanitize($_POST);
>>>>>> + $msgParams = array();
>>>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>>>> +
>>>>>> + // TODO: is this ok?
>>>>>> + //$msgParams = array();
>>>>>> + $this->addOpenSocialParams($msgParams);
>>>>>> + $this->addOAuthParams($msgParams);
>>>>>> +
>>>>>> + // Build and sign the OAuthMessage; note that the resource here
>>>>>> has
>>>>>> + // no query string, the parameters are all in msgParams
>>>>>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>>>>>> +
>>>>>> + ////////////////////////////////////////////////
>>>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>>>> + $consumer-
>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>>>>>>> privateKeyObject);
>>>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>>>> +
>>>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer,
>>>>>> NULL,
>>>>>> $method, $resource, $msgParams);
>>>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>>>> +
>>>>>> + // Rebuild the query string, including all of the parameters we
>>>>>> added.
>>>>>> + // We have to be careful not to copy POST parameters into the
>>>>>> query.
>>>>>> + // If post and query parameters share a name, they end up being
>>>>>> removed
>>>>>> + // from the query.
>>>>>> + $forPost = array();
>>>>>> + foreach ($postParams as $key => $param) {
>>>>>> + $forPost[$key] = $param;
>>>>>> + }
>>>>>> + $newQuery = array();
>>>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>>>> + if (! isset($forPost[$key])) {
>>>>>> + $newQuery[$key] = $param;
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>>>> different than
>>>>>> + // the normal form encoding scheme, so we have to use the OAuth
>>>>>> library
>>>>>> + // formEncode method.
>>>>>> + $uri->setQuery($newQuery);
>>>>>> + return new RemoteContentRequest($uri->getUri());
>>>>>> + } catch (Exception $e) {
>>>>>> + throw new GadgetException($e);
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + private function addOpenSocialParams(&$msgParams)
>>>>>> + {
>>>>>> + $owner = $this->authToken->getOwnerId();
>>>>>> + if ($owner != null) {
>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>>>> + }
>>>>>> + $viewer = $this->authToken->getViewerId();
>>>>>> + if ($viewer != null) {
>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>>>> + }
>>>>>> + $app = $this->authToken->getAppId();
>>>>>> + if ($app != null) {
>>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + private function addOAuthParams(&$msgParams)
>>>>>> + {
>>>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>>>> + $domain = $this->authToken->getDomain();
>>>>>> + if ($domain != null) {
>>>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>>>> 'partuza.chabotc.com'; //
>>>>>> $domain;
>>>>>> + }
>>>>>> + if ($this->keyName != null) {
>>>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this-
>>>>>> >keyName;
>>>>>> + }
>>>>>> + $nonce = OAuthRequest::generate_nonce();
>>>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>>>> + $timestamp = time();
>>>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * Strip out any owner or viewer id passed by the client.
>>>>>> + */
>>>>>> + private function sanitize($params)
>>>>>> + {
>>>>>> + $list = array();
>>>>>> + foreach ($params as $key => $p) {
>>>>>> + if ($this->allowParam($key)) {
>>>>>> + $list[$key] = $p;
>>>>>> + }
>>>>>> + }
>>>>>> + return $list;
>>>>>> + }
>>>>>> +
>>>>>> + private function allowParam($paramName)
>>>>>> + {
>>>>>> + $canonParamName = strtolower($paramName);
>>>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>>>> + }
>>>>>> +}
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcherFactory.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcherFactory.php (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,86 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>> + * distributed with this work for additional information
>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>> + * "License"); you may not use this file except in compliance
>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> + * software distributed under the License is distributed on an
>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> + * KIND, either express or implied. See the License for the
>>>>>> + * specific language governing permissions and limitations
>>>>>> + * under the License.
>>>>>> + */
>>>>>> +
>>>>>> +/**
>>>>>> + * Produces Signing content fetchers for input tokens.
>>>>>> + */
>>>>>> +class SigningFetcherFactory {
>>>>>> + private $keyName;
>>>>>> + private $privateKey;
>>>>>> +
>>>>>> + /**
>>>>>> + * Produces a signing fetcher that will sign requests and
>>>>>> delegate
>>>>>> actual
>>>>>> + * network retrieval to the {@code networkFetcher}
>>>>>> + *
>>>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>>>> work.
>>>>>> + * @param token The gadget token used for extracting signing
>>>>>> parameters.
>>>>>> + * @return The signing fetcher.
>>>>>> + * @throws GadgetException
>>>>>> + */
>>>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>>>> + {
>>>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>>>> $token, $this->keyName, $this->privateKey);
>>>>>> + }
>>>>>> +
>>>>>> + /**
>>>>>> + * @param keyFile The file containing your private key for
>>>>>> signing
>>>>>> requests.
>>>>>> + */
>>>>>> + public function __construct($keyFile = null)
>>>>>> + {
>>>>>> + $this->keyName = 'http://'.
>>>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>>>> + if (! empty($keyFile)) {
>>>>>> + $privateKey = null;
>>>>>> + try {
>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>> convert it
>>>>>> + $cache = Config::get('data_cache');
>>>>>> + $cache = new $cache();
>>>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" .
>>>>>> $this-
>>>>>>> keyName)) !== false) {
>>>>>> + $rsa_private_key = $cachedKey;
>>>>>> + } else {
>>>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>>>> + throw new Exception("Could not read keyfile ($keyFile), check
>>>>>> the
>>>>>> file name and permission");
>>>>>> + }
>>>>>> + // TODO: sending NULL as a second param to
>>>>>> openssl_pkey_get_private works?
>>>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>>>> (Config::get('private_key_phrase')) : null;
>>>>>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>>>>>> $phrase)) == false) {
>>>>>> + //TODO: double check if can input keyfile -inform PEM
>>>>>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>>>> + throw new Exception("Could not create temporary file");
>>>>>> + }
>>>>>> + if (! @file_put_contents($in,
>>>>>> base64_decode($rsa_private_key))) {
>>>>>> + throw new Exception("Could not write to temporary file");
>>>>>> + }
>>>>>> + if (! $out = @tempnam(sys_get_temp_dir(),
>>>>>> "RSA_PRIVATE_KEY_")) {
>>>>>> + throw new Exception("Could not create temporary file");
>>>>>> + }
>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>> " -
>>>>>> nocrypt -in " . $in);
>>>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>>>> + throw new Exception("Could not read temporary file");
>>>>>> + }
>>>>>> + }
>>>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>>>> $rsa_private_key);
>>>>>> + }
>>>>>> + } catch (Exception $e) {
>>>>>> + throw new Exception("Error loading private key: " . $e);
>>>>>> + }
>>>>>> + $this->privateKey = $rsa_private_key;
>>>>>> + }
>>>>>> + }
>>>>>> +}
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicGadgetOAuthTokenStore.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicGadgetOAuthTokenStore.php (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,112 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>> + * distributed with this work for additional information
>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>> + * "License"); you may not use this file except in compliance
>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> + * software distributed under the License is distributed on an
>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> + * KIND, either express or implied. See the License for the
>>>>>> + * specific language governing permissions and limitations
>>>>>> + * under the License.
>>>>>> + */
>>>>>> +
>>>>>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>>>>>> +
>>>>>> + /** default location for consumer keys and secrets */
>>>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>>>> + private $KEY_TYPE_KEY = "key_type";
>>>>>> +
>>>>>> + public function __construct($store)
>>>>>> + {
>>>>>> + parent::__construct($store);
>>>>>> + }
>>>>>> +
>>>>>> + public function initFromConfigFile($fetcher)
>>>>>> + {
>>>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>>>> + // This actually involves fetching gadget specs
>>>>>> + try {
>>>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>>>> +
>>>>>> + // remove all comments because this confuses the json parser
>>>>>> + // note: the json parser also crashes on trailing ,'s in
>>>>>> records
>>>>>> so please don't use them
>>>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>>>> $oauthConfigStr);
>>>>>> + $oauthConfig = json_decode($contents, true);
>>>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>>>> + }
>>>>>> + } catch (Exception $e) {
>>>>>> + throw new GadgetException($e);
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>>>> + {
>>>>>> + $cache = Config::get('data_cache');
>>>>>> + $cache = new $cache();
>>>>>> +
>>>>>> + // determine which requests we can load from cache, and which
>>>>>> we
>>>>>> have to actually fetch
>>>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>>>>>> + $gadget = $cachedRequest;
>>>>>> + } else {
>>>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>>>> + $spec = new GadgetSpecParser();
>>>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>>>> $context);
>>>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>>>> + }
>>>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>>>> + }
>>>>>> +
>>>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>>>> + {
>>>>>> + foreach ($oauthConfig as $key => $value) {
>>>>>> + $serviceName = $key;
>>>>>> + $consumerInfo = $value;
>>>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>>>> $consumerInfo);
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>>>> $consumerInfo)
>>>>>> + {
>>>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>>>> +
>>>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>>>> + $keyType = 'RSA_PRIVATE';
>>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>>> convert it
>>>>>> + $cache = Config::get('data_cache');
>>>>>> + $cache = new $cache();
>>>>>> +
>>>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>>>> $serviceName))) !== false) {
>>>>>> + $consumerSecret = $cachedRequest;
>>>>>> + } else {
>>>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>>>> CONSUMER_SECRET_KEY]));
>>>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out .
>>>>>> " -
>>>>>> nocrypt -in " . $in);
>>>>>> + $consumerSecret = file_get_contents($out);
>>>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>>>>>> $keyType);
>>>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
>>>>>> $kas);
>>>>>> + }
>>>>>> +
>>>>>> +}
>>>>>>
>>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicOAuthStore.php
>>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =
>>>>>> =================================================================
>>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicOAuthStore.php (added)
>>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>>>> @@ -0,0 +1,149 @@
>>>>>> +<?php
>>>>>> +/*
>>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>>> + * distributed with this work for additional information
>>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>>> + * "License"); you may not use this file except in compliance
>>>>>> + * with the License. You may obtain a copy of the License at
>>>>>> + *
>>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>>> + *
>>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>>> + * software distributed under the License is distributed on an
>>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>>> + * KIND, either express or implied. See the License for the
>>>>>> + * specific language governing permissions and limitations under
>>>>>> the License.
>>>>>> + */
>>>>>> +
>>>>>> +class OAuthNoDataException extends Exception {}
>>>>>> +
>>>>>> +class BasicOAuthStore implements OAuthStore {
>>>>>> +
>>>>>> + private $providers = array();
>>>>>> + private $tokens = array();
>>>>>> +
>>>>>> + private $defaultConsumerKey;
>>>>>> + private $defaultConsumerSecret;
>>>>>> +
>>>>>> + public function __construct($consumerKey = null, $privateKey =
>>>>>> null)
>>>>>> + {
>>>>>> + $this->defaultConsumerKey = $consumerKey;
>>>>>> + $this->defaultConsumerSecret = $privateKey;
>>>>>> + }
>>>>>> +
>>>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>>>> + {
>>>>>> + $this->providers = $providers;
>>>>>> + $this->tokens = $tokens;
>>>>>> + }
>>>>>> +
>>>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>>>> + {
>>>>>> + $provKey = new ProviderKey();
>>>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>>>> + //AccesorInfo
>>>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>>>> + //TokenInfo
>>>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>>>> + if ($accessToken != null) {
>>>>>> + // maybe convert into methods
>>>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>>>> getAccessToken();
>>>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>>>> getTokenSecret();
>>>>>> + }
>>>>>> + return $result;
>>>>>> + }
>>>>>> +
>>>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>>>> $providerKey)
>>>>>> + {
>>>>>> + //ProviderInfo
>>>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>>>> +
>>>>>> + if ($provInfo == null) {
>>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>>> store");
>>>>>> + }
>>>>>> + //AccesorInfo
>>>>>> + $result = new AccesorInfo();
>>>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>>>> +
>>>>>> + //ConsumerKeyAndSecret
>>>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>>>> +
>>>>>> + if ($consumerKeyAndSecret == null) {
>>>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>>>> defaultConsumerSecret == null) {
>>>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null
>>>>>> in
>>>>>> oauth store");
>>>>>> + } else {
>>>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>>>> defaultConsumerKey, $this->defaultConsumerSecret,
>>>>>>> OAuthStoreVars::
>>>>>> $KeyType['RSA_PRIVATE']);
>>>>>> + }
>>>>>> + }
>>>>>> +
>>>>>> + //OAuthServiceProvider
>>>>>> + $oauthProvider = $provInfo->getProvider();
>>>>>> +
>>>>>> + if (! isset($oauthProvider)) {
>>>>>> + throw new OAuthNoDataException("OAuthService provider was
>>>>>> null in
>>>>>> oauth store");
>>>>>> + }
>>>>>> +
>>>>>> + // Accesing the class
>>>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>>>> +
>>>>>> + //OAuthConsumer
>>>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>>>> $oauthProvider);
>>>>>> +
>>>>>> + if ($usePublicKeyCrypto) {
>>>>>> + $consumer-
>>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>> $SignatureType['RSA_SHA1']);
>>>>>> + } else {
>>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>>> $SignatureType['HMAC_SHA1']);
>>>>>> + }
>>>>>> +
>>>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>>>> + return $result;
>>>>>> + }
>>>>>> +
>>>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>>>> + {
>>>>>> + $provInfo = $this->providers->get($providerKey);
>>>>>> +
>>>>>> + if ($provInfo == null) {
>>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>>> store");
>>>>>> + }
>>>>>> +
>>>>>> + return $provInfo;
>>>>>> + }
>>>>>> +
>>>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>>>> $keyAndSecret)
>>>>>> + {
>>>>>> + //ProviderInfo
>>>>>> + $value = $this->getProviderInfo($providerKey);
>>>>>> + if ($value == null) {
>>>>>> + throw new OAuthNoDataException("could not find provider data
>>>>>> for
>>>>>> token");
>>>>>> + }
>>>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>>>> + }
>>>>>> +
>>>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>>>> $providerInfo)
>>>>>> + {
>>>>>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>>>>>> + }
>>>>>> +
>>>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>>>> + {
>>>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>>>> + }
>>>>>> +
>>>>>> + private function getProviderInfo($providerKey)
>>>>>> + {
>>>>>> + $key = md5(serialize($providerKey));
>>>>>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>>>>>> null;
>>>>>> + }
>>>>>> +
>>>>>> + private function getTokenInfo($tokenKey)
>>>>>> + {
>>>>>> + $key = md5(serialize($tokenKey));
>>>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>>>>>> + }
>>>>>> +}
>>>>>> \ No newline at end of file
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> This message has been scanned for viruses and
>>>>>> dangerous content by MailScanner, and is
>>>>>> believed to be clean.
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>>>
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by "Lini H - Clarion, India" <li...@clariontechnologies.co.in>.
Chris,
I only mean that the new shindig downloaded is not rendering the gadgets and is giving errors (after making the config/htaccess changes). The server is giving gadget errors also the sample html files.
Regards
Lini Haridas
Software Engineer
lini.haridas@clariontechnologies.co.in
Clarion Technologies
SEI CMMI Level 3 Company
4th Floor, Great Eastern Plaza,
Airport Road,
Pune- 411 006,
Maharashtra, India.
Phone: +91 20 66020289
Mobile: +91 9823435917
www.clariontechnologies.co.in
----- Original Message -----
From: "Chris Chabot" <ch...@xs4all.nl>
To: <sh...@incubator.apache.org>
Sent: Thursday, May 22, 2008 2:05 PM
Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
> Could you by any chance be more specific?
>
> Things like:
> Where are you trying this
> what are you trying (what gadget/feature/etc)
> what is the result (error messages or anything?)
>
> Would help a lot ! :)
>
> I have a couple of gadgets (horoscope, set title test module,
> opensocial 0.7 tests, social hello world) on my profile on
> partuza.chabotc.com and their working fine for me..
>
> -- Chris
>
> On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
>
>> Hi chris,
>>
>> Sorry, but its still not working..
>>
>> Regards
>> Lini Haridas
>> Software Engineer
>>
>> lini.haridas@clariontechnologies.co.in
>> Clarion Technologies
>> SEI CMMI Level 3 Company
>>
>> 4th Floor, Great Eastern Plaza,
>> Airport Road,
>> Pune- 411 006,
>> Maharashtra, India.
>> Phone: +91 20 66020289
>> Mobile: +91 9823435917
>> www.clariontechnologies.co.in
>> ----- Original Message -----
>> From: "Chris Chabot" <ch...@xs4all.nl>
>> To: <sh...@incubator.apache.org>
>> Sent: Thursday, May 22, 2008 1:32 PM
>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>
>>
>>> Should be working again
>>>
>>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>>
>>>> Hi Chris,
>>>>
>>>> The shindig is not working after the new code changes. I also
>>>> checked on http://shindig.chabotc.com and none of the samples
>>>> neither the gadget is working. Is any work still missing on this?
>>>>
>>>> Regards
>>>>
>>>> Lini Haridas
>>>> Software Engineer
>>>>
>>>> lini.haridas@clariontechnologies.co.in
>>>> Clarion Technologies
>>>> SEI CMMI Level 3 Company
>>>>
>>>> 4th Floor, Great Eastern Plaza,
>>>> Airport Road,
>>>> Pune- 411 006,
>>>> Maharashtra, India.
>>>> Phone: +91 20 66020289
>>>> Mobile: +91 9823435917
>>>> www.clariontechnologies.co.in
>>>>
>>>> ----- Original Message -----
>>>> From: <ch...@apache.org>
>>>> To: <sh...@incubator.apache.org>
>>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>>>
>>>>
>>>>> Author: chabotc
>>>>> Date: Wed May 21 09:58:52 2008
>>>>> New Revision: 658758
>>>>>
>>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>>> Log:
>>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>>> great work on this. This patch implements OAuth and signed request
>>>>> support
>>>>>
>>>>> Added:
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> GadgetOAuthTokenStore.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> OAuthFetcherFactory.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> OAuthRequestParams.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> OAuthServiceProvider.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>>> Modified:
>>>>> incubator/shindig/trunk/php/config.php
>>>>> incubator/shindig/trunk/php/index.php
>>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>>> BasicBlobCrypter.php
>>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>>> GadgetDataServlet.php
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/config.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
>>>>> @@ -1,4 +1,4 @@
>>>>> -<?
>>>>> +<?php
>>>>> /*
>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>> * or more contributor license agreements. See the NOTICE file
>>>>> @@ -45,7 +45,7 @@
>>>>> // Configurable CSS rules that are injected to the gadget page,
>>>>> // be careful when adjusting these not to break most gadget's
>>>>> layouts :)
>>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;}
>>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>>> color:white;}',
>>>>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>>>>
>>>>> // The html / javascript samples use a plain text demo token,
>>>>> // set this to false on anything resembling a real site
>>>>> @@ -96,6 +96,13 @@
>>>>> // global cache age policy and location
>>>>> 'cache_time' => 24 * 60 * 60,
>>>>> 'cache_root' => '/tmp/shindig',
>>>>> +
>>>>> + // OAuth private key Path
>>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>> private.key',
>>>>> + // file path to public RSA cert
>>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>> public.crt',
>>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>>> + 'private_key_phrase' => 'partuza',
>>>>>
>>>>> // In some cases we need to know the site root (for features
>>>>> forinstance)
>>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/index.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
>>>>> @@ -1,4 +1,4 @@
>>>>> -<?
>>>>> +<?php
>>>>> /*
>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>> * or more contributor license agreements. See the NOTICE file
>>>>> @@ -48,7 +48,7 @@
>>>>> // To load these, we scan our entire directory structure
>>>>> function __autoload($className)
>>>>> {
>>>>> - $locations = array('src/common', 'src/common/samplecontainer',
>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>> samplecontainer');
>>>>> + $locations = array('src/common', 'src/common/samplecontainer',
>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>> samplecontainer', 'src/gadgets/oauth');
>>>>> // Check for the presense of this class in our all our directories.
>>>>> $fileName = $className.'.php';
>>>>> foreach ($locations as $path) {
>>>>> @@ -65,7 +65,8 @@
>>>>> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
>>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>>> 'GadgetRenderingServlet',
>>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>>> 'JsonRpcServlet',
>>>>> - Config::get('web_prefix') . '/social/data' =>
>>>>> 'GadgetDataServlet'
>>>>> + Config::get('web_prefix') . '/social/data' =>
>>>>> 'GadgetDataServlet',
>>>>> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
>>>>> );
>>>>>
>>>>> // Try to match the request url to our servlet mapping
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>>> 09:58:52 2008
>>>>> @@ -1,4 +1,5 @@
>>>>> <?php
>>>>> +
>>>>> /**
>>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>>> *
>>>>> @@ -48,243 +49,248 @@
>>>>> class JsMinException extends Exception {}
>>>>>
>>>>> class JsMin {
>>>>> - const ORD_LF = 10;
>>>>> - const ORD_SPACE = 32;
>>>>> -
>>>>> - protected $a = '';
>>>>> - protected $b = '';
>>>>> - protected $input = '';
>>>>> - protected $inputIndex = 0;
>>>>> - protected $inputLength = 0;
>>>>> - protected $lookAhead = null;
>>>>> - protected $output = '';
>>>>> -
>>>>> - // -- Public Static Methods
>>>>> --------------------------------------------------
>>>>> -
>>>>> - public static function minify($js) {
>>>>> - $jsmin = new JsMin($js);
>>>>> - return $jsmin->min();
>>>>> - }
>>>>> -
>>>>> - // -- Public Instance Methods
>>>>> ------------------------------------------------
>>>>> -
>>>>> - public function __construct($input) {
>>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>>> - $this->inputLength = strlen($this->input);
>>>>> - }
>>>>> -
>>>>> - // -- Protected Instance Methods
>>>>> ---------------------------------------------
>>>>> -
>>>>> - protected function action($d) {
>>>>> - switch($d) {
>>>>> - case 1:
>>>>> - $this->output .= $this->a;
>>>>> -
>>>>> - case 2:
>>>>> - $this->a = $this->b;
>>>>> -
>>>>> - if ($this->a === "'" || $this->a === '"') {
>>>>> - for (;;) {
>>>>> - $this->output .= $this->a;
>>>>> - $this->a = $this->get();
>>>>> -
>>>>> - if ($this->a === $this->b) {
>>>>> - break;
>>>>> - }
>>>>> -
>>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>>> - throw new JsMinException('Unterminated string
>>>>> literal.');
>>>>> - }
>>>>> -
>>>>> - if ($this->a === '\\') {
>>>>> - $this->output .= $this->a;
>>>>> - $this->a = $this->get();
>>>>> - }
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - case 3:
>>>>> - $this->b = $this->next();
>>>>> -
>>>>> - if ($this->b === '/' && (
>>>>> - $this->a === '(' || $this->a === ',' || $this->a ===
>>>>> '=' ||
>>>>> - $this->a === ':' || $this->a === '[' || $this->a ===
>>>>> '!' ||
>>>>> - $this->a === '&' || $this->a === '|' || $this->a ===
>>>>> '?')) {
>>>>> -
>>>>> - $this->output .= $this->a . $this->b;
>>>>> -
>>>>> - for (;;) {
>>>>> - $this->a = $this->get();
>>>>> -
>>>>> - if ($this->a === '/') {
>>>>> - break;
>>>>> - } elseif ($this->a === '\\') {
>>>>> - $this->output .= $this->a;
>>>>> - $this->a = $this->get();
>>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>>> - throw new JsMinException('Unterminated regular
>>>>> expression '.
>>>>> - 'literal.');
>>>>> - }
>>>>> -
>>>>> - $this->output .= $this->a;
>>>>> - }
>>>>> -
>>>>> - $this->b = $this->next();
>>>>> - }
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - protected function get() {
>>>>> - $c = $this->lookAhead;
>>>>> - $this->lookAhead = null;
>>>>> -
>>>>> - if ($c === null) {
>>>>> - if ($this->inputIndex < $this->inputLength) {
>>>>> - $c = $this->input[$this->inputIndex];
>>>>> - $this->inputIndex += 1;
>>>>> - } else {
>>>>> - $c = null;
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - if ($c === "\r") {
>>>>> - return "\n";
>>>>> - }
>>>>> -
>>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>>> self::ORD_SPACE) {
>>>>> - return $c;
>>>>> - }
>>>>> -
>>>>> - return ' ';
>>>>> - }
>>>>> -
>>>>> - protected function isAlphaNum($c) {
>>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>>> $/', $c) === 1;
>>>>> - }
>>>>> -
>>>>> - protected function min() {
>>>>> - $this->a = "\n";
>>>>> - $this->action(3);
>>>>> -
>>>>> - while ($this->a !== null) {
>>>>> - switch ($this->a) {
>>>>> - case ' ':
>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>> - $this->action(1);
>>>>> - } else {
>>>>> - $this->action(2);
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - case "\n":
>>>>> - switch ($this->b) {
>>>>> - case '{':
>>>>> - case '[':
>>>>> - case '(':
>>>>> - case '+':
>>>>> - case '-':
>>>>> - $this->action(1);
>>>>> - break;
>>>>> -
>>>>> - case ' ':
>>>>> - $this->action(3);
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>> - $this->action(1);
>>>>> - }
>>>>> - else {
>>>>> - $this->action(2);
>>>>> - }
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - switch ($this->b) {
>>>>> - case ' ':
>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>> - $this->action(1);
>>>>> - break;
>>>>> - }
>>>>> -
>>>>> - $this->action(3);
>>>>> - break;
>>>>> -
>>>>> - case "\n":
>>>>> - switch ($this->a) {
>>>>> - case '}':
>>>>> - case ']':
>>>>> - case ')':
>>>>> - case '+':
>>>>> - case '-':
>>>>> - case '"':
>>>>> - case "'":
>>>>> - $this->action(1);
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>> - $this->action(1);
>>>>> - }
>>>>> - else {
>>>>> - $this->action(3);
>>>>> - }
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - $this->action(1);
>>>>> - break;
>>>>> - }
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - return $this->output;
>>>>> - }
>>>>> -
>>>>> - protected function next() {
>>>>> - $c = $this->get();
>>>>> -
>>>>> - if ($c === '/') {
>>>>> - switch($this->peek()) {
>>>>> - case '/':
>>>>> - for (;;) {
>>>>> - $c = $this->get();
>>>>> -
>>>>> - if (ord($c) <= self::ORD_LF) {
>>>>> - return $c;
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - case '*':
>>>>> - $this->get();
>>>>> -
>>>>> - for (;;) {
>>>>> - switch($this->get()) {
>>>>> - case '*':
>>>>> - if ($this->peek() === '/') {
>>>>> - $this->get();
>>>>> - return ' ';
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - case null:
>>>>> - throw new JsMinException('Unterminated comment.');
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - default:
>>>>> - return $c;
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - return $c;
>>>>> - }
>>>>> -
>>>>> - protected function peek() {
>>>>> - $this->lookAhead = $this->get();
>>>>> - return $this->lookAhead;
>>>>> - }
>>>>> + const ORD_LF = 10;
>>>>> + const ORD_SPACE = 32;
>>>>> +
>>>>> + protected $a = '';
>>>>> + protected $b = '';
>>>>> + protected $input = '';
>>>>> + protected $inputIndex = 0;
>>>>> + protected $inputLength = 0;
>>>>> + protected $lookAhead = null;
>>>>> + protected $output = '';
>>>>> +
>>>>> + // -- Public Static Methods
>>>>> --------------------------------------------------
>>>>> +
>>>>> +
>>>>> + public static function minify($js)
>>>>> + {
>>>>> + $jsmin = new JsMin($js);
>>>>> + return $jsmin->min();
>>>>> + }
>>>>> +
>>>>> + // -- Public Instance Methods
>>>>> ------------------------------------------------
>>>>> +
>>>>> +
>>>>> + public function __construct($input)
>>>>> + {
>>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>>> + $this->inputLength = strlen($this->input);
>>>>> + }
>>>>> +
>>>>> + // -- Protected Instance Methods
>>>>> ---------------------------------------------
>>>>> +
>>>>> +
>>>>> + protected function action($d)
>>>>> + {
>>>>> + switch ($d) {
>>>>> + case 1:
>>>>> + $this->output .= $this->a;
>>>>> +
>>>>> + case 2:
>>>>> + $this->a = $this->b;
>>>>> +
>>>>> + if ($this->a === "'" || $this->a === '"') {
>>>>> + for (; ; ) {
>>>>> + $this->output .= $this->a;
>>>>> + $this->a = $this->get();
>>>>> +
>>>>> + if ($this->a === $this->b) {
>>>>> + break;
>>>>> + }
>>>>> +
>>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>>> + throw new JsMinException('Unterminated string literal.');
>>>>> + }
>>>>> +
>>>>> + if ($this->a === '\\') {
>>>>> + $this->output .= $this->a;
>>>>> + $this->a = $this->get();
>>>>> + }
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + case 3:
>>>>> + $this->b = $this->next();
>>>>> +
>>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' ||
>>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' || $this-
>>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a ===
>>>>> '?')) {
>>>>> +
>>>>> + $this->output .= $this->a . $this->b;
>>>>> +
>>>>> + for (; ; ) {
>>>>> + $this->a = $this->get();
>>>>> +
>>>>> + if ($this->a === '/') {
>>>>> + break;
>>>>> + } elseif ($this->a === '\\') {
>>>>> + $this->output .= $this->a;
>>>>> + $this->a = $this->get();
>>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>>> 'literal.');
>>>>> + }
>>>>> +
>>>>> + $this->output .= $this->a;
>>>>> + }
>>>>> +
>>>>> + $this->b = $this->next();
>>>>> + }
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + protected function get()
>>>>> + {
>>>>> + $c = $this->lookAhead;
>>>>> + $this->lookAhead = null;
>>>>> +
>>>>> + if ($c === null) {
>>>>> + if ($this->inputIndex < $this->inputLength) {
>>>>> + $c = $this->input[$this->inputIndex];
>>>>> + $this->inputIndex += 1;
>>>>> + } else {
>>>>> + $c = null;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + if ($c === "\r") {
>>>>> + return "\n";
>>>>> + }
>>>>> +
>>>>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>>>> + return $c;
>>>>> + }
>>>>> +
>>>>> + return ' ';
>>>>> + }
>>>>> +
>>>>> + protected function isAlphaNum($c)
>>>>> + {
>>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>>>>> $c) === 1;
>>>>> + }
>>>>> +
>>>>> + protected function min()
>>>>> + {
>>>>> + $this->a = "\n";
>>>>> + $this->action(3);
>>>>> +
>>>>> + while ($this->a !== null) {
>>>>> + switch ($this->a) {
>>>>> + case ' ':
>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>> + $this->action(1);
>>>>> + } else {
>>>>> + $this->action(2);
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + case "\n":
>>>>> + switch ($this->b) {
>>>>> + case '{':
>>>>> + case '[':
>>>>> + case '(':
>>>>> + case '+':
>>>>> + case '-':
>>>>> + $this->action(1);
>>>>> + break;
>>>>> +
>>>>> + case ' ':
>>>>> + $this->action(3);
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>> + $this->action(1);
>>>>> + } else {
>>>>> + $this->action(2);
>>>>> + }
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + switch ($this->b) {
>>>>> + case ' ':
>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>> + $this->action(1);
>>>>> + break;
>>>>> + }
>>>>> +
>>>>> + $this->action(3);
>>>>> + break;
>>>>> +
>>>>> + case "\n":
>>>>> + switch ($this->a) {
>>>>> + case '}':
>>>>> + case ']':
>>>>> + case ')':
>>>>> + case '+':
>>>>> + case '-':
>>>>> + case '"':
>>>>> + case "'":
>>>>> + $this->action(1);
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>> + $this->action(1);
>>>>> + } else {
>>>>> + $this->action(3);
>>>>> + }
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + $this->action(1);
>>>>> + break;
>>>>> + }
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + return $this->output;
>>>>> + }
>>>>> +
>>>>> + protected function next()
>>>>> + {
>>>>> + $c = $this->get();
>>>>> +
>>>>> + if ($c === '/') {
>>>>> + switch ($this->peek()) {
>>>>> + case '/':
>>>>> + for (; ; ) {
>>>>> + $c = $this->get();
>>>>> +
>>>>> + if (ord($c) <= self::ORD_LF) {
>>>>> + return $c;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + case '*':
>>>>> + $this->get();
>>>>> +
>>>>> + for (; ; ) {
>>>>> + switch ($this->get()) {
>>>>> + case '*':
>>>>> + if ($this->peek() === '/') {
>>>>> + $this->get();
>>>>> + return ' ';
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + case null:
>>>>> + throw new JsMinException('Unterminated comment.');
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + default:
>>>>> + return $c;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + return $c;
>>>>> + }
>>>>> +
>>>>> + protected function peek()
>>>>> + {
>>>>> + $this->lookAhead = $this->get();
>>>>> + return $this->lookAhead;
>>>>> + }
>>>>> }
>>>>>
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentFetcher.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -19,6 +19,18 @@
>>>>> */
>>>>>
>>>>> abstract class RemoteContentFetcher {
>>>>> +
>>>>> + protected $fetcher;
>>>>> +
>>>>> + protected function setNextFetcher($fetcher = null)
>>>>> + {
>>>>> + $this->fetcher = $fetcher;
>>>>> + }
>>>>>
>>>>> abstract public function fetchRequest($request);
>>>>> +
>>>>> + public function getNextFetcher()
>>>>> + {
>>>>> + return $this->fetcher;
>>>>> + }
>>>>> }
>>>>> \ No newline at end of file
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentRequest.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -15,13 +15,14 @@
>>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> * KIND, either express or implied. See the License for the
>>>>> * specific language governing permissions and limitations under the
>>>>> License.
>>>>> - *
>>>>> + *
>>>>> */
>>>>>
>>>>> class RemoteContentRequest {
>>>>> // these are used for making the request
>>>>> - private $url = '';
>>>>> - private $headers = false;
>>>>> + private $uri = '';
>>>>> + private $method = '';
>>>>> + private $headers = array();
>>>>> private $postBody = false;
>>>>> // these fields are filled in once the request has completed
>>>>> private $responseContent = false;
>>>>> @@ -29,20 +30,179 @@
>>>>> private $responseHeaders = false;
>>>>> private $httpCode = false;
>>>>> private $contentType = null;
>>>>> + private $options;
>>>>> public $handle = false;
>>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>>>>> urlencoded; charset=utf-8";
>>>>> + public static $DEFAULT_OPTIONS = array();
>>>>>
>>>>> - public function __construct($url, $headers = false, $postBody =
>>>>> false)
>>>>> + public function __construct($uri, $headers = false, $postBody =
>>>>> false)
>>>>> {
>>>>> - $this->url = $url;
>>>>> + $this->uri = $uri;
>>>>> $this->headers = $headers;
>>>>> $this->postBody = $postBody;
>>>>> }
>>>>>
>>>>> + public function createRemoteContentRequest($method, $uri,
>>>>> $headers, $postBody, $options)
>>>>> + {
>>>>> + $this->method = $method;
>>>>> + $this->uri = $uri;
>>>>> + $this->options = $options;
>>>>> + // Copy the headers
>>>>> + if (! isset($headers)) {
>>>>> + $this->headers = '';
>>>>> + } else {
>>>>> + $setPragmaHeader = false;
>>>>> + $tmpHeaders = '';
>>>>> + foreach ($headers as $key => $value) {
>>>>> + // Proxies should be bypassed with the Pragma: no-cache check.
>>>>> + //TODO double check array is good for options
>>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>>> + $value = "no-cache";
>>>>> + $setPragmaHeader = true;
>>>>> + }
>>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>>> + }
>>>>> + // Bypass caching in proxies as well.
>>>>> + //TODO double check array is good for options
>>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>>> + }
>>>>> + $this->headers = $tmpHeaders;
>>>>> + }
>>>>> + if (! isset($postBody)) {
>>>>> + $this->postBody = '';
>>>>> + } else {
>>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>>> + }
>>>>> + $type = $this->getHeader("Content-Type");
>>>>> + if (! isset($type)) {
>>>>> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
>>>>> + } else {
>>>>> + $this->contentType = $type;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Creates a new request to a different URL using all request data
>>>>> from
>>>>> + * an existing request.
>>>>> + *
>>>>> + * @param uri
>>>>> + * @param base The base request to copy data from.
>>>>> + */
>>>>> + public static function
>>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>>> + {
>>>>> + $this->uri = $uri;
>>>>> + $this->method = $base->method;
>>>>> + $this->options = $base->options;
>>>>> + $this->headers = $base->headers;
>>>>> + $this->contentType = $base->contentType;
>>>>> + $this->postBody = $base->postBody;
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Basic GET request.
>>>>> + *
>>>>> + * @param uri
>>>>> + */
>>>>> + public function createRemoteContentRequestWithUri($uri)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * GET with options
>>>>> + *
>>>>> + * @param uri
>>>>> + * @param options
>>>>> + */
>>>>> + public function createRemoteContentRequestWithUriOptions($uri,
>>>>> $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * GET request with custom headers and default options
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + */
>>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>>> $headers)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * GET request with custom headers + options
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + * @param options
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>>> $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Basic POST request
>>>>> + * @param uri
>>>>> + * @param postBody
>>>>> + */
>>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>>> $postBody)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * POST request with options
>>>>> + * @param uri
>>>>> + * @param postBody
>>>>> + * @param options
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>>>>> $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * POST request with headers
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + * @param postBody
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>>>>> $postBody)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * POST request with options + headers
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + * @param postBody
>>>>> + * @param options
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>>> $headers, $postBody, $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>> $postBody, $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Creates a simple GET request
>>>>> + *
>>>>> + * @param uri
>>>>> + * @param ignoreCache
>>>>> + */
>>>>> + public function getRequest($uri, $ignoreCache)
>>>>> + {
>>>>> + $options = new Options();
>>>>> + $options->ignoreCache = $ignoreCache;
>>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> // returns a hash code which identifies this request, used for
>>>>> caching
>>>>> - // takes url and postbody into account for constructing the md5
>>>>> checksum
>>>>> + // takes url and postbody into account for constructing the sha1
>>>>> checksum
>>>>> public function toHash()
>>>>> {
>>>>> - return md5($this->url . $this->postBody);
>>>>> + return md5($this->uri . $this->postBody);
>>>>> }
>>>>>
>>>>> public function getContentType()
>>>>> @@ -92,7 +252,17 @@
>>>>>
>>>>> public function getUrl()
>>>>> {
>>>>> - return $this->url;
>>>>> + return $this->uri;
>>>>> + }
>>>>> +
>>>>> + public function getMethod()
>>>>> + {
>>>>> + return $this->method;
>>>>> + }
>>>>> +
>>>>> + public function getOptions()
>>>>> + {
>>>>> + return $this->options;
>>>>> }
>>>>>
>>>>> public function setContentType($type)
>>>>> @@ -125,14 +295,37 @@
>>>>> $this->headers = $headers;
>>>>> }
>>>>>
>>>>> + //FIXME: Find a better way to do this
>>>>> + // The headers can be an array of elements.
>>>>> + public function getHeader($headerName)
>>>>> + {
>>>>> + $headers = explode("\n", $this->headers);
>>>>> + foreach ($headers as $header) {
>>>>> + $key = explode(":", $header);
>>>>> + if ($key[0] == $headerName)
>>>>> + return $key[1];
>>>>> + }
>>>>> + return null;
>>>>> + }
>>>>> +
>>>>> public function setPostBody($postBody)
>>>>> {
>>>>> $this->postBody = $postBody;
>>>>> }
>>>>>
>>>>> - public function setUrl($url)
>>>>> + public function setUri($uri)
>>>>> {
>>>>> - $this->url = $url;
>>>>> + $this->uri = $uri;
>>>>> }
>>>>>
>>>>> -}
>>>>> \ No newline at end of file
>>>>> +}
>>>>> +
>>>>> +/**
>>>>> + * Bag of options for making a request.
>>>>> + *
>>>>> + * This object is mutable to keep us sane. Don't mess with it once
>>>>> you've
>>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>>> + */
>>>>> +class Options {
>>>>> + public $ignoreCache = false;
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May
>>>>> 21 09:58:52 2008
>>>>> @@ -80,7 +80,7 @@
>>>>> self::loadFile($file, $dirs, true);
>>>>> } else {
>>>>> self::_securityCheck($file);
>>>>> - include_once $file;
>>>>> + include_once 'src/common/'.$file;
>>>>> }
>>>>>
>>>>> if (!class_exists($class, false) && !
>>>>> interface_exists($class, false)) {
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>>>>> May 21 09:58:52 2008
>>>>> @@ -26,21 +26,21 @@
>>>>> * Server wide variables are stored in config.php
>>>>> */
>>>>> class GadgetContext {
>>>>> - private $httpFetcher = null;
>>>>> - private $locale = null;
>>>>> - private $renderingContext = null;
>>>>> - private $registry = null;
>>>>> - private $userPrefs = null;
>>>>> - private $gadgetId = null;
>>>>> - private $view = null;
>>>>> - private $moduleId = null;
>>>>> - private $url = null;
>>>>> - private $cache = null;
>>>>> - private $blacklist = null;
>>>>> - private $ignoreCache = null;
>>>>> - private $forcedJsLibs = null;
>>>>> - private $containerConfig = null;
>>>>> - private $container = null;
>>>>> + protected $httpFetcher = null;
>>>>> + protected $locale = null;
>>>>> + protected $renderingContext = null;
>>>>> + protected $registry = null;
>>>>> + protected $userPrefs = null;
>>>>> + protected $gadgetId = null;
>>>>> + protected $view = null;
>>>>> + protected $moduleId = null;
>>>>> + protected $url = null;
>>>>> + protected $cache = null;
>>>>> + protected $blacklist = null;
>>>>> + protected $ignoreCache = null;
>>>>> + protected $forcedJsLibs = null;
>>>>> + protected $containerConfig = null;
>>>>> + protected $container = null;
>>>>>
>>>>> public function __construct($renderingContext)
>>>>> {
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>> GadgetSpecParser.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -36,7 +36,7 @@
>>>>> }
>>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>>> // process ModulePref attributes
>>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
>>>>> // process UserPrefs, if any
>>>>> foreach ($doc->UserPref as $pref) {
>>>>> $this->processUserPref($gadget, $pref);
>>>>> @@ -54,7 +54,7 @@
>>>>> return $gadget;
>>>>> }
>>>>>
>>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>>> $context)
>>>>> {
>>>>> $attributes = $ModulePrefs->attributes();
>>>>> if (empty($attributes['title'])) {
>>>>> @@ -90,11 +90,11 @@
>>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>>> trim($attributes['scaling']) : '';
>>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>>> trim($attributes['scrolling']) : '';
>>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>>> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
>>>>> }
>>>>> }
>>>>>
>>>>> - private function processLocale($locale)
>>>>> + private function processLocale($locale, $context)
>>>>> {
>>>>> $attributes = $locale->attributes();
>>>>> $messageAttr = isset($attributes['messages']) ?
>>>>> trim($attributes['messages']) : '';
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May
>>>>> 21 09:58:52 2008
>>>>> @@ -0,0 +1,70 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations under
>>>>> the License.
>>>>> + *
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * An abstract representation of a signing token.
>>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>>> + */
>>>>> +abstract class GadgetToken {
>>>>> +
>>>>> + //FIXME Hmm seems php is refusing to let me make abstract static
>>>>> functions? odd
>>>>> + static public function createFromToken($token, $maxage) {}
>>>>> + static public function createFromValues($owner, $viewer, $app,
>>>>> $domain, $appUrl, $moduleId) {}
>>>>> +
>>>>> +
>>>>> + /**
>>>>> + * Serializes the token into a string. This can be the exact
>>>>> same as
>>>>> + * toString; using a different name here is only to force
>>>>> interface
>>>>> + * compliance.
>>>>> + *
>>>>> + * @return A string representation of the token.
>>>>> + */
>>>>> + abstract public function toSerialForm();
>>>>> +
>>>>> + /**
>>>>> + * @return the owner from the token, or null if there is none.
>>>>> + */
>>>>> + abstract public function getOwnerId();
>>>>> +
>>>>> + /**
>>>>> + * @return the viewer from the token, or null if there is none.
>>>>> + */
>>>>> + abstract public function getViewerId();
>>>>> +
>>>>> + /**
>>>>> + * @return the application id from the token, or null if there
>>>>> is none.
>>>>> + */
>>>>> + abstract public function getAppId();
>>>>> +
>>>>> + /**
>>>>> + * @return the domain from the token, or null if there is none.
>>>>> + */
>>>>> + abstract public function getDomain();
>>>>> +
>>>>> + /**
>>>>> + * @return the URL of the application
>>>>> + */
>>>>> + abstract public function getAppUrl();
>>>>> +
>>>>> + /**
>>>>> + * @return the module ID of the application
>>>>> + */
>>>>> + abstract public function getModuleId();
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>> GadgetTokenDecoder.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,34 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations
>>>>> + * under the License.
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * Handles verification of gadget security tokens.
>>>>> + */
>>>>> +abstract class GadgetTokenDecoder {
>>>>> +
>>>>> + /**
>>>>> + * Decrypts and verifies a gadget security token to return a
>>>>> gadget token.
>>>>> + *
>>>>> + * @param tokenString String representation of the token to be
>>>>> created.
>>>>> + * @return The token representation of the input data.
>>>>> + * @throws GadgetException If tokenString is not a valid token
>>>>> + */
>>>>> + abstract public function createToken($tokenString);
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>>>>> 21 09:58:52 2008
>>>>> @@ -24,7 +24,7 @@
>>>>> private $content;
>>>>> private $featureName; // used to track what feature this belongs to
>>>>> private $loaded = false;
>>>>> -
>>>>> +
>>>>> public function __construct($type, $content, $featureName = '')
>>>>> {
>>>>> $this->featureName = $featureName;
>>>>> @@ -39,11 +39,11 @@
>>>>>
>>>>> public function getContent()
>>>>> {
>>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>>> if (Config::get('compress_javascript')) {
>>>>> $dataCache = Config::get('data_cache');
>>>>> $dataCache = new $dataCache();
>>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>>> $content = JsMin::minify(JsLibrary::loadData($this->content, $this-
>>>>>> type));
>>>>> $dataCache->set(md5($this->content), $content);
>>>>> $this->content = $content;
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>> JsonRpcGadgetContext.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>> JsonRpcGadgetContext.php (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>>> @@ -1,10 +1,6 @@
>>>>> <?php
>>>>>
>>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>>> - private $locale = null;
>>>>> - private $view = null;
>>>>> - private $url = null;
>>>>> - private $container = null;
>>>>>
>>>>> public function __construct($jsonContext, $url)
>>>>> {
>>>>> @@ -15,23 +11,8 @@
>>>>> $this->container = $jsonContext->container;
>>>>> }
>>>>>
>>>>> - public function getUrl()
>>>>> - {
>>>>> - return $this->url;
>>>>> - }
>>>>> -
>>>>> public function getView()
>>>>> {
>>>>> return $this->view;
>>>>> }
>>>>> -
>>>>> - public function getLocale()
>>>>> - {
>>>>> - return $this->locale;
>>>>> - }
>>>>> -
>>>>> - public function getContainer()
>>>>> - {
>>>>> - return $this->container;
>>>>> - }
>>>>> }
>>>>> \ No newline at end of file
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>> ProxyGadgetContext.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,10 @@
>>>>> +<?php
>>>>> +
>>>>> +class ProxyGadgetContext extends GadgetContext {
>>>>> +
>>>>> + public function __construct($url)
>>>>> + {
>>>>> + parent::__construct('GADGET');
>>>>> + $this->url = $url;
>>>>> + }
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>>>>> May 21 09:58:52 2008
>>>>> @@ -29,11 +29,15 @@
>>>>> *
>>>>> */
>>>>> class ProxyHandler {
>>>>> - private $context;
>>>>> + private $context;
>>>>> + private $signingFetcher;
>>>>> + private $oauthFetcher;
>>>>>
>>>>> - public function __construct($context)
>>>>> + public function __construct($context, $signingFetcher = null,
>>>>> $oauthFetcher = null)
>>>>> {
>>>>> - $this->context = $context;
>>>>> + $this->context = $context;
>>>>> + $this->signingFetcher = $signingFetcher;
>>>>> + $this->oauthFetcher = $oauthFetcher;
>>>>> }
>>>>>
>>>>> /**
>>>>> @@ -51,11 +55,21 @@
>>>>> $token = '';
>>>>> // no token given, safe to ignore
>>>>> }
>>>>> - $originalUrl = $this->validateUrl($url);
>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>> + $url = $this->validateUrl($url);
>>>>> // Fetch the content and convert it into JSON.
>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>>> + if (!isset($result)) {
>>>>> + //OAuthFetcher only
>>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>>> + $json = array($url => $metadata);
>>>>> + $json = json_encode($json);
>>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>>> + $this->setCachingHeaders();
>>>>> + header("Content-Type: application/json; charset=utf-8", true);
>>>>> + echo $output;
>>>>> + die();
>>>>> + }
>>>>> $status = (int)$result->getHttpCode();
>>>>> //header("HTTP/1.1 $status", true);
>>>>> if ($status == 200) {
>>>>> @@ -174,10 +188,9 @@
>>>>> $token = '';
>>>>> // no token given, safe to ignore
>>>>> }
>>>>> - $originalUrl = $this->validateUrl($url);
>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>> + $url = $this->validateUrl($url);
>>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>> + $result = $this->fetchContent($url, $method);
>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>> $status = (int)$result->getHttpCode();
>>>>> if ($status == 200) {
>>>>> @@ -208,11 +221,11 @@
>>>>> /**
>>>>> * Both fetch and fetchJson call this function to retrieve the
>>>>> actual content
>>>>> *
>>>>> - * @param string $signedUrl the signed url to fetch
>>>>> + * @param string $url the url to fetch
>>>>> * @param string $method either get or post
>>>>> * @return the filled in request (RemoteContentRequest)
>>>>> */
>>>>> - private function fetchContent($signedUrl, $method)
>>>>> + private function fetchContent($url, $method)
>>>>> {
>>>>> //TODO get actual character encoding from the request
>>>>>
>>>>> @@ -250,14 +263,41 @@
>>>>> }
>>>>> // even if postData is an empty string, it will still post (since
>>>>> RemoteContentRquest checks if its false)
>>>>> // so the request to POST is still honored
>>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>>> $postData);
>>>>> + $request = new RemoteContentRequest($url, $headers, $postData);
>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>> $context);
>>>>> } else {
>>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>>> + $request = new RemoteContentRequest($url, $headers);
>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>> $context);
>>>>> }
>>>>> return $request;
>>>>> }
>>>>> +
>>>>> + private function fetchContentDivert($url, $method, $signer)
>>>>> + {
>>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>>> + $token = $this->extractAndValidateToken($signer);
>>>>> + switch (strtoupper($authz)) {
>>>>> + case 'SIGNED':
>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>> BasicRemoteContentFetcher(), $token);
>>>>> + return $fetcher->fetch($url, $method);
>>>>> + case 'AUTHENTICATED':
>>>>> + $params = new OAuthRequestParams();
>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>> BasicRemoteContentFetcher(), $token);
>>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>>> + $request = new RemoteContentRequest($url);
>>>>> + $request->createRemoteContentRequestWithUri($url);
>>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>>> + case 'NONE':
>>>>> + default:
>>>>> + return $this->fetchContent($url, $method);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + public function setContentFetcher($contentFetcherFactory)
>>>>> + {
>>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>>> + }
>>>>>
>>>>> /**
>>>>> * Sets the caching headers (overwriting anything the remote host
>>>>> set) to force
>>>>> @@ -282,6 +322,7 @@
>>>>> private function validateUrl($url)
>>>>> {
>>>>> //TODO should really make a PHP version of the URI class and
>>>>> validate in all the locations the java version does
>>>>> + // why not use Zend::Uri:
>>>>> return $url;
>>>>> }
>>>>>
>>>>> @@ -293,40 +334,17 @@
>>>>> * @return string the token to use in the signed url
>>>>> */
>>>>> private function extractAndValidateToken($signer)
>>>>> - {
>>>>> - if ($signer == null) {
>>>>> - return null;
>>>>> - }
>>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>>> - if ($token) {
>>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>> - }
>>>>> + {
>>>>> + if ($signer == null) {
>>>>> + return null;
>>>>> + }
>>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>>> + if (!isset($token) || $token == '') {
>>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>> + }
>>>>> return $signer->createToken($token);
>>>>> }
>>>>> -
>>>>> - /**
>>>>> - * Signs a url with the SecurityToken
>>>>> - *
>>>>> - * @param string $originalUrl
>>>>> - * @param SecurityToken $token
>>>>> - * @return unknown
>>>>> - */
>>>>> - private function signUrl($originalUrl, $token)
>>>>> - {
>>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>>> - if (! $authz) {
>>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>>> - }
>>>>> - if ($token == null || $authz != 'signed') {
>>>>> - return $originalUrl;
>>>>> - }
>>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>> false;
>>>>> - if ($method) {
>>>>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>> 'GET';
>>>>> - }
>>>>> - return $token->signUrl($originalUrl, $method);
>>>>> - }
>>>>> -
>>>>> +
>>>>> private function request_headers()
>>>>> {
>>>>> // Try to use apache's request headers if available
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,42 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations under
>>>>> the License.
>>>>> + *
>>>>> + */
>>>>> +require 'src/common/HttpServlet.php';
>>>>> +
>>>>> +/**
>>>>> + * This class serves the public certificate, quick and dirty hack
>>>>> to make the certificate publicly accessible
>>>>> + * this combined with the hard coded location in
>>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>>> + * for the oauth pub key location makes a working whole
>>>>> + */
>>>>> +class CertServlet extends HttpServlet {
>>>>> +
>>>>> + /**
>>>>> + * Handles the get file request, only called on url = /public.crt
>>>>> + * so this function has no logic other then to output the cert
>>>>> + */
>>>>> + public function doGet()
>>>>> + {
>>>>> + $file = Config::get('public_key_file');
>>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>>> + throw new Exception("Invalid public key location ($file), check
>>>>> config and file permissions");
>>>>> + }
>>>>> + $this->setLastModified(filemtime($file));
>>>>> + readfile($file);
>>>>> + }
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> FilesServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -25,7 +25,7 @@
>>>>> * the php version too
>>>>> */
>>>>> class FilesServlet extends HttpServlet {
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Handles the get file request, if the file exists and is in the
>>>>> correct
>>>>> * location it's echo'd to the browser (with a basic content type
>>>>> guessing
>>>>> @@ -46,14 +46,14 @@
>>>>> die();
>>>>> }
>>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>>> is_file($file)) {
>>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>>> is_file($file)) {
>>>>> header("HTTP/1.0 404 Not Found", true);
>>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>>> die();
>>>>> }
>>>>> $dot = strrpos($file, '.');
>>>>> if ($dot) {
>>>>> - $ext = strtolower(substr($file, $dot+1));
>>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>>> if ($ext == 'html' || $ext == 'htm') {
>>>>> $this->setContentType('text/html');
>>>>> } elseif ($ext == 'js') {
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>>> @@ -52,7 +52,7 @@
>>>>> */
>>>>> class GadgetRenderingServlet extends HttpServlet {
>>>>> private $context;
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Creates the gadget using the GadgetServer class and calls
>>>>> outputGadget
>>>>> *
>>>>> @@ -71,11 +71,11 @@
>>>>> $gadgetServer = new GadgetServer();
>>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>>> $this->outputGadget($gadget, $this->context);
>>>>> - } catch ( Exception $e ) {
>>>>> + } catch (Exception $e) {
>>>>> $this->outputError($e);
>>>>> }
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * If an error occured (Exception) this function echo's the
>>>>> Exception's message
>>>>> * and if the config['debug'] is true, shows the debug backtrace in
>>>>> a div
>>>>> @@ -95,7 +95,7 @@
>>>>> }
>>>>> echo "</body></html>";
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Takes the gadget to output, and depending on its content type
>>>>> calls either outputHtml-
>>>>> * or outputUrlGadget
>>>>> @@ -107,15 +107,15 @@
>>>>> {
>>>>> $view = HttpUtil::getView($gadget, $context);
>>>>> switch ($view->getType()) {
>>>>> - case 'HTML' :
>>>>> + case 'HTML':
>>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>>> break;
>>>>> - case 'URL' :
>>>>> + case 'URL':
>>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>>> break;
>>>>> }
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Outputs a html content type gadget.
>>>>> * It creates a html page, with the javascripts from the features
>>>>> inline into the page, plus
>>>>> @@ -144,16 +144,13 @@
>>>>> }
>>>>> // Was a privacy policy header configured? if so set it
>>>>> if (Config::get('P3P') != '') {
>>>>> - header("P3P: ".Config::get('P3P'));
>>>>> + header("P3P: " . Config::get('P3P'));
>>>>> }
>>>>> - if (!$view->getQuirks()) {
>>>>> + if (! $view->getQuirks()) {
>>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>>> \">\n";
>>>>> }
>>>>> - echo "<html>\n<head>".
>>>>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>>>>> style>".
>>>>> - "</head><body>".
>>>>> - "<script><!--\n";
>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>>> "<script><!--\n";
>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>> $type = $library->getType();
>>>>> if ($type == 'URL') {
>>>>> // TODO: This case needs to be handled more gracefully by the js
>>>>> @@ -173,15 +170,12 @@
>>>>> // Forced libs first.
>>>>> if (! empty($forcedLibs)) {
>>>>> $libs = explode(':', $forcedLibs);
>>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').$this-
>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>>> $this-
>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>> }
>>>>> if (strlen($externJs) > 0) {
>>>>> echo $externJs;
>>>>> }
>>>>> - echo "<script><!--\n".
>>>>> - $this->appendJsConfig($context, $gadget).
>>>>> - $this->appendMessages($gadget).
>>>>> - "-->\n</script>\n";
>>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>>
>>>>> $gadgetExceptions = array();
>>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>>> getContent());
>>>>> @@ -192,11 +186,9 @@
>>>>> if (count($gadgetExceptions)) {
>>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>>> }
>>>>> - echo $content . "\n".
>>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>>> - "</body>\n</html>";
>>>>> + echo $content . "\n" .
>>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>>>>> \n</html>";
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Output's a URL content type gadget, it adds
>>>>> libs=<list:of:js:libraries>.js and user preferences
>>>>> * to the href url, and redirects the browser to it
>>>>> @@ -215,7 +207,7 @@
>>>>> $forcedLibs = Config::get('focedJsLibs');
>>>>> if ($forcedLibs == null) {
>>>>> $reqs = $gadget->getRequires();
>>>>> - foreach ( $reqs as $key => $val ) {
>>>>> + foreach ($reqs as $key => $val) {
>>>>> $libs[] = $key;
>>>>> }
>>>>> } else {
>>>>> @@ -231,7 +223,7 @@
>>>>> header('Location: ' . $redirURI);
>>>>> die();
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Returns the requested libs (from getjsUrl) with the
>>>>> libs_param_name prepended
>>>>> * ie: in libs=core:caja:etc.js format
>>>>> @@ -248,7 +240,7 @@
>>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>>> return $ret;
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Returns the user preferences in &up_<name>=<val> format
>>>>> *
>>>>> @@ -259,7 +251,7 @@
>>>>> private function getPrefsQueryString($prefVals)
>>>>> {
>>>>> $ret = '';
>>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>>> $ret .= '&';
>>>>> $ret .= Config::get('userpref_param_prefix');
>>>>> $ret .= urlencode($key);
>>>>> @@ -268,10 +260,10 @@
>>>>> }
>>>>> return $ret;
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * generates the library string (core:caja:etc.js) including a
>>>>> checksum of all the
>>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>>> *
>>>>> * @param string $libs
>>>>> * @param Gadget $gadget
>>>>> @@ -284,7 +276,7 @@
>>>>> $buf = 'core';
>>>>> } else {
>>>>> $firstDone = false;
>>>>> - foreach ( $libs as $lib ) {
>>>>> + foreach ($libs as $lib) {
>>>>> if ($firstDone) {
>>>>> $buf .= ':';
>>>>> } else {
>>>>> @@ -296,7 +288,7 @@
>>>>> // Build a version string from the sha1() checksum of all included
>>>>> javascript
>>>>> // to ensure the client always has the right version
>>>>> $inlineJs = '';
>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>> $type = $library->getType();
>>>>> if ($type != 'URL') {
>>>>> $inlineJs .= $library->getContent() . "\n";
>>>>> @@ -305,14 +297,14 @@
>>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>>> return $buf;
>>>>> }
>>>>> -
>>>>> +
>>>>> private function appendJsConfig($context, $gadget)
>>>>> {
>>>>> $container = $context->getContainer();
>>>>> $containerConfig = $context->getContainerConfig();
>>>>> $gadgetConfig = array();
>>>>> $featureConfig = $containerConfig->getConfig($container,
>>>>> 'gadgets.features');
>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>> $feature = $library->getFeatureName();
>>>>> if (! isset($gadgetConfig[$feature]) && !
>>>>> empty($featureConfig[$feature])) {
>>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>>> @@ -320,7 +312,7 @@
>>>>> }
>>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");
>>>>> \n";
>>>>> }
>>>>> -
>>>>> +
>>>>> private function appendMessages($gadget)
>>>>> {
>>>>> $msgs = '';
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> JsServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed
>>>>> May 21 09:58:52 2008
>>>>> @@ -30,7 +30,7 @@
>>>>> * to retrieve our features javascript code
>>>>> */
>>>>> class JsServlet extends HttpServlet {
>>>>> -
>>>>> +
>>>>> public function doGet()
>>>>> {
>>>>> $this->noHeaders = true;
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> ProxyServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -26,6 +26,8 @@
>>>>> require 'src/common/RemoteContent.php';
>>>>> require 'src/common/Cache.php';
>>>>> require 'src/common/RemoteContentFetcher.php';
>>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>>
>>>>> class ProxyServlet extends HttpServlet {
>>>>>
>>>>> @@ -39,6 +41,7 @@
>>>>> if (! $url) {
>>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>>> }
>>>>> + $url = urldecode($url);
>>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>>>>> if (! $method) {
>>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>> 'GET';
>>>>> @@ -49,7 +52,8 @@
>>>>> }
>>>>> $gadgetSigner = Config::get('security_token_signer');
>>>>> $gadgetSigner = new $gadgetSigner();
>>>>> - $proxyHandler = new ProxyHandler($context);
>>>>> + $signingFetcherFactory = new
>>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>>> + $proxyHandler = new ProxyHandler($context,
>>>>> $signingFetcherFactory);
>>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>>> } else {
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcher.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,216 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed under the Apache License, Version 2.0 (the "License");
>>>>> + * you may not use this file except in compliance with the
>>>>> License.
>>>>> + * You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> software
>>>>> + * distributed under the License is distributed on an "AS IS"
>>>>> BASIS,
>>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>>>> implied.
>>>>> + * See the License for the specific language governing permissions
>>>>> and
>>>>> + * limitations under the License.
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * Implements signed fetch based on the OAuth request signing
>>>>> algorithm.
>>>>> + *
>>>>> + * Subclasses can override signMessage to use their own crypto if
>>>>> they don't
>>>>> + * like the oauth.net code for some reason.
>>>>> + *
>>>>> + * Instances of this class are only accessed by a single thread at
>>>>> a time,
>>>>> + * but instances may be created by multiple threads.
>>>>> + */
>>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>>> +
>>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>>> "xoauth_signature_publickey";
>>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>>> +
>>>>> + //protected final TimeSource clock = new TimeSource();
>>>>> +
>>>>> + /**
>>>>> + * Authentication token for the user and gadget making the
>>>>> request.
>>>>> + */
>>>>> + protected $authToken;
>>>>> +
>>>>> + /**
>>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can
>>>>> be a
>>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>>> encoded byte
>>>>> + * array for the private key.(No, really, they accept any of
>>>>> them.)
>>>>> + */
>>>>> + protected $privateKeyObject;
>>>>> +
>>>>> + /**
>>>>> + * The name of the key, included in the fetch to help with key
>>>>> rotation.
>>>>> + */
>>>>> + protected $keyName;
>>>>> +
>>>>> + /**
>>>>> + * Constructor based on signing with the given PrivateKey object.
>>>>> + *
>>>>> + * @param authToken verified gadget security token
>>>>> + * @param keyName name of the key to include in the request
>>>>> + * @param privateKey the key to use for the signing
>>>>> + */
>>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>>> $keyName, $privateKey)
>>>>> + {
>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>> $privateKey);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Constructor based on signing with the given PrivateKey object.
>>>>> + *
>>>>> + * @param authToken verified gadget security token
>>>>> + * @param keyName name of the key to include in the request
>>>>> + * @param privateKey base64 encoded private key
>>>>> + */
>>>>> + public static function makeFromB64PrivateKey($next, $authToken,
>>>>> $keyName, $privateKey)
>>>>> + {
>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>> $privateKey);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Constructor based on signing with the given PrivateKey object.
>>>>> + *
>>>>> + * @param authToken verified gadget security token
>>>>> + * @param keyName name of the key to include in the request
>>>>> + * @param privateKey DER encoded private key
>>>>> + */
>>>>> + public static function makeFromPrivateKeyBytes($next, $authToken,
>>>>> $keyName, $privateKey)
>>>>> + {
>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>> $privateKey);
>>>>> + }
>>>>> +
>>>>> + protected function __construct($next, $authToken, $keyName,
>>>>> $privateKeyObject)
>>>>> + {
>>>>> + parent::setNextFetcher($next);
>>>>> + $this->authToken = $authToken;
>>>>> + $this->keyName = $keyName;
>>>>> + $this->privateKeyObject = $privateKeyObject;
>>>>> + }
>>>>> +
>>>>> + public function fetchRequest($request)
>>>>> + {
>>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>>> + }
>>>>> +
>>>>> + public function fetch($url, $method)
>>>>> + {
>>>>> + $signed = $this->signRequest($url, $method);
>>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>>> + }
>>>>> +
>>>>> + private function signRequest($url, $method)
>>>>> + {
>>>>> + try {
>>>>> + // Parse the request into parameters for OAuth signing, stripping
>>>>> out
>>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>>> + ///////////////////////////////////////////////
>>>>> + require 'src/common/Zend/Uri.php';
>>>>> + $uri = Zend_Uri::factory($url);
>>>>> + $resource = $uri->getUri();
>>>>> + $queryParams = $this->sanitize($_GET);
>>>>> + $postParams = $this->sanitize($_POST);
>>>>> + $msgParams = array();
>>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>>> +
>>>>> + // TODO: is this ok?
>>>>> + //$msgParams = array();
>>>>> + $this->addOpenSocialParams($msgParams);
>>>>> + $this->addOAuthParams($msgParams);
>>>>> +
>>>>> + // Build and sign the OAuthMessage; note that the resource here
>>>>> has
>>>>> + // no query string, the parameters are all in msgParams
>>>>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>>>>> +
>>>>> + ////////////////////////////////////////////////
>>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>>> + $consumer-
>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>>>>>> privateKeyObject);
>>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>>> +
>>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL,
>>>>> $method, $resource, $msgParams);
>>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>>> +
>>>>> + // Rebuild the query string, including all of the parameters we
>>>>> added.
>>>>> + // We have to be careful not to copy POST parameters into the
>>>>> query.
>>>>> + // If post and query parameters share a name, they end up being
>>>>> removed
>>>>> + // from the query.
>>>>> + $forPost = array();
>>>>> + foreach ($postParams as $key => $param) {
>>>>> + $forPost[$key] = $param;
>>>>> + }
>>>>> + $newQuery = array();
>>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>>> + if (! isset($forPost[$key])) {
>>>>> + $newQuery[$key] = $param;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>>> different than
>>>>> + // the normal form encoding scheme, so we have to use the OAuth
>>>>> library
>>>>> + // formEncode method.
>>>>> + $uri->setQuery($newQuery);
>>>>> + return new RemoteContentRequest($uri->getUri());
>>>>> + } catch (Exception $e) {
>>>>> + throw new GadgetException($e);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function addOpenSocialParams(&$msgParams)
>>>>> + {
>>>>> + $owner = $this->authToken->getOwnerId();
>>>>> + if ($owner != null) {
>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>>> + }
>>>>> + $viewer = $this->authToken->getViewerId();
>>>>> + if ($viewer != null) {
>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>>> + }
>>>>> + $app = $this->authToken->getAppId();
>>>>> + if ($app != null) {
>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function addOAuthParams(&$msgParams)
>>>>> + {
>>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>>> + $domain = $this->authToken->getDomain();
>>>>> + if ($domain != null) {
>>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>>> 'partuza.chabotc.com'; //
>>>>> $domain;
>>>>> + }
>>>>> + if ($this->keyName != null) {
>>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
>>>>> + }
>>>>> + $nonce = OAuthRequest::generate_nonce();
>>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>>> + $timestamp = time();
>>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Strip out any owner or viewer id passed by the client.
>>>>> + */
>>>>> + private function sanitize($params)
>>>>> + {
>>>>> + $list = array();
>>>>> + foreach ($params as $key => $p) {
>>>>> + if ($this->allowParam($key)) {
>>>>> + $list[$key] = $p;
>>>>> + }
>>>>> + }
>>>>> + return $list;
>>>>> + }
>>>>> +
>>>>> + private function allowParam($paramName)
>>>>> + {
>>>>> + $canonParamName = strtolower($paramName);
>>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>>> + }
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,86 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations
>>>>> + * under the License.
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * Produces Signing content fetchers for input tokens.
>>>>> + */
>>>>> +class SigningFetcherFactory {
>>>>> + private $keyName;
>>>>> + private $privateKey;
>>>>> +
>>>>> + /**
>>>>> + * Produces a signing fetcher that will sign requests and delegate
>>>>> actual
>>>>> + * network retrieval to the {@code networkFetcher}
>>>>> + *
>>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>>> work.
>>>>> + * @param token The gadget token used for extracting signing
>>>>> parameters.
>>>>> + * @return The signing fetcher.
>>>>> + * @throws GadgetException
>>>>> + */
>>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>>> + {
>>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>>> $token, $this->keyName, $this->privateKey);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * @param keyFile The file containing your private key for signing
>>>>> requests.
>>>>> + */
>>>>> + public function __construct($keyFile = null)
>>>>> + {
>>>>> + $this->keyName = 'http://'.
>>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>>> + if (! empty($keyFile)) {
>>>>> + $privateKey = null;
>>>>> + try {
>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>> convert it
>>>>> + $cache = Config::get('data_cache');
>>>>> + $cache = new $cache();
>>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this-
>>>>>> keyName)) !== false) {
>>>>> + $rsa_private_key = $cachedKey;
>>>>> + } else {
>>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>>> + throw new Exception("Could not read keyfile ($keyFile), check the
>>>>> file name and permission");
>>>>> + }
>>>>> + // TODO: sending NULL as a second param to
>>>>> openssl_pkey_get_private works?
>>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>>> (Config::get('private_key_phrase')) : null;
>>>>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>>>>> $phrase)) == false) {
>>>>> + //TODO: double check if can input keyfile -inform PEM
>>>>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>>> + throw new Exception("Could not create temporary file");
>>>>> + }
>>>>> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
>>>>> + throw new Exception("Could not write to temporary file");
>>>>> + }
>>>>> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>>> + throw new Exception("Could not create temporary file");
>>>>> + }
>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>>>> nocrypt -in " . $in);
>>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>>> + throw new Exception("Could not read temporary file");
>>>>> + }
>>>>> + }
>>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>>> $rsa_private_key);
>>>>> + }
>>>>> + } catch (Exception $e) {
>>>>> + throw new Exception("Error loading private key: " . $e);
>>>>> + }
>>>>> + $this->privateKey = $rsa_private_key;
>>>>> + }
>>>>> + }
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,112 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations
>>>>> + * under the License.
>>>>> + */
>>>>> +
>>>>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>>>>> +
>>>>> + /** default location for consumer keys and secrets */
>>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>>> + private $KEY_TYPE_KEY = "key_type";
>>>>> +
>>>>> + public function __construct($store)
>>>>> + {
>>>>> + parent::__construct($store);
>>>>> + }
>>>>> +
>>>>> + public function initFromConfigFile($fetcher)
>>>>> + {
>>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>>> + // This actually involves fetching gadget specs
>>>>> + try {
>>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>>> +
>>>>> + // remove all comments because this confuses the json parser
>>>>> + // note: the json parser also crashes on trailing ,'s in records
>>>>> so please don't use them
>>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>>> $oauthConfigStr);
>>>>> + $oauthConfig = json_decode($contents, true);
>>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>>> + }
>>>>> + } catch (Exception $e) {
>>>>> + throw new GadgetException($e);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>>> + {
>>>>> + $cache = Config::get('data_cache');
>>>>> + $cache = new $cache();
>>>>> +
>>>>> + // determine which requests we can load from cache, and which we
>>>>> have to actually fetch
>>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>>>>> + $gadget = $cachedRequest;
>>>>> + } else {
>>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>>> + $spec = new GadgetSpecParser();
>>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>>> $context);
>>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>>> + }
>>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>>> + }
>>>>> +
>>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>>> + {
>>>>> + foreach ($oauthConfig as $key => $value) {
>>>>> + $serviceName = $key;
>>>>> + $consumerInfo = $value;
>>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>>> $consumerInfo);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>>> $consumerInfo)
>>>>> + {
>>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>>> +
>>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>>> + $keyType = 'RSA_PRIVATE';
>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>> convert it
>>>>> + $cache = Config::get('data_cache');
>>>>> + $cache = new $cache();
>>>>> +
>>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>>> $serviceName))) !== false) {
>>>>> + $consumerSecret = $cachedRequest;
>>>>> + } else {
>>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>>> CONSUMER_SECRET_KEY]));
>>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>>>> nocrypt -in " . $in);
>>>>> + $consumerSecret = file_get_contents($out);
>>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>>>>> $keyType);
>>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
>>>>> + }
>>>>> +
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicOAuthStore.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ===================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicOAuthStore.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,149 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations under
>>>>> the License.
>>>>> + */
>>>>> +
>>>>> +class OAuthNoDataException extends Exception {}
>>>>> +
>>>>> +class BasicOAuthStore implements OAuthStore {
>>>>> +
>>>>> + private $providers = array();
>>>>> + private $tokens = array();
>>>>> +
>>>>> + private $defaultConsumerKey;
>>>>> + private $defaultConsumerSecret;
>>>>> +
>>>>> + public function __construct($consumerKey = null, $privateKey =
>>>>> null)
>>>>> + {
>>>>> + $this->defaultConsumerKey = $consumerKey;
>>>>> + $this->defaultConsumerSecret = $privateKey;
>>>>> + }
>>>>> +
>>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>>> + {
>>>>> + $this->providers = $providers;
>>>>> + $this->tokens = $tokens;
>>>>> + }
>>>>> +
>>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>>> + {
>>>>> + $provKey = new ProviderKey();
>>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>>> + //AccesorInfo
>>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>>> + //TokenInfo
>>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>>> + if ($accessToken != null) {
>>>>> + // maybe convert into methods
>>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>>> getAccessToken();
>>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>>> getTokenSecret();
>>>>> + }
>>>>> + return $result;
>>>>> + }
>>>>> +
>>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>>> $providerKey)
>>>>> + {
>>>>> + //ProviderInfo
>>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>>> +
>>>>> + if ($provInfo == null) {
>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>> store");
>>>>> + }
>>>>> + //AccesorInfo
>>>>> + $result = new AccesorInfo();
>>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>>> +
>>>>> + //ConsumerKeyAndSecret
>>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>>> +
>>>>> + if ($consumerKeyAndSecret == null) {
>>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>>> defaultConsumerSecret == null) {
>>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in
>>>>> oauth store");
>>>>> + } else {
>>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>>> defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::
>>>>> $KeyType['RSA_PRIVATE']);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + //OAuthServiceProvider
>>>>> + $oauthProvider = $provInfo->getProvider();
>>>>> +
>>>>> + if (! isset($oauthProvider)) {
>>>>> + throw new OAuthNoDataException("OAuthService provider was null in
>>>>> oauth store");
>>>>> + }
>>>>> +
>>>>> + // Accesing the class
>>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>>> +
>>>>> + //OAuthConsumer
>>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>>> $oauthProvider);
>>>>> +
>>>>> + if ($usePublicKeyCrypto) {
>>>>> + $consumer-
>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>> $SignatureType['RSA_SHA1']);
>>>>> + } else {
>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>> $SignatureType['HMAC_SHA1']);
>>>>> + }
>>>>> +
>>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>>> + return $result;
>>>>> + }
>>>>> +
>>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>>> + {
>>>>> + $provInfo = $this->providers->get($providerKey);
>>>>> +
>>>>> + if ($provInfo == null) {
>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>> store");
>>>>> + }
>>>>> +
>>>>> + return $provInfo;
>>>>> + }
>>>>> +
>>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>>> $keyAndSecret)
>>>>> + {
>>>>> + //ProviderInfo
>>>>> + $value = $this->getProviderInfo($providerKey);
>>>>> + if ($value == null) {
>>>>> + throw new OAuthNoDataException("could not find provider data for
>>>>> token");
>>>>> + }
>>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>>> + }
>>>>> +
>>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>>> $providerInfo)
>>>>> + {
>>>>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>>>>> + }
>>>>> +
>>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>>> + {
>>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>>> + }
>>>>> +
>>>>> + private function getProviderInfo($providerKey)
>>>>> + {
>>>>> + $key = md5(serialize($providerKey));
>>>>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>>>>> null;
>>>>> + }
>>>>> +
>>>>> + private function getTokenInfo($tokenKey)
>>>>> + {
>>>>> + $key = md5(serialize($tokenKey));
>>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>>>>> + }
>>>>> +}
>>>>> \ No newline at end of file
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>>
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Ps the result features libs parsing is cached for performance reasons.
So when the logic of it is changed you need to do a rm -rf /tmp/
shindig to force a refresh of that information .. that might already
fix your problem
-- Chris
On May 22, 2008, at 10:35 AM, Chris Chabot wrote:
> Could you by any chance be more specific?
>
> Things like:
> Where are you trying this
> what are you trying (what gadget/feature/etc)
> what is the result (error messages or anything?)
>
> Would help a lot ! :)
>
> I have a couple of gadgets (horoscope, set title test module,
> opensocial 0.7 tests, social hello world) on my profile on
> partuza.chabotc.com and their working fine for me..
>
> -- Chris
>
> On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
>
>> Hi chris,
>>
>> Sorry, but its still not working..
>>
>> Regards
>> Lini Haridas
>> Software Engineer
>>
>> lini.haridas@clariontechnologies.co.in
>> Clarion Technologies
>> SEI CMMI Level 3 Company
>>
>> 4th Floor, Great Eastern Plaza,
>> Airport Road,
>> Pune- 411 006,
>> Maharashtra, India.
>> Phone: +91 20 66020289
>> Mobile: +91 9823435917
>> www.clariontechnologies.co.in
>> ----- Original Message -----
>> From: "Chris Chabot" <ch...@xs4all.nl>
>> To: <sh...@incubator.apache.org>
>> Sent: Thursday, May 22, 2008 1:32 PM
>> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/
>> trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/
>> http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/
>> socialdata/http/
>>
>>
>>> Should be working again
>>>
>>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>>
>>>> Hi Chris,
>>>>
>>>> The shindig is not working after the new code changes. I also
>>>> checked on http://shindig.chabotc.com and none of the samples
>>>> neither the gadget is working. Is any work still missing on this?
>>>>
>>>> Regards
>>>>
>>>> Lini Haridas
>>>> Software Engineer
>>>>
>>>> lini.haridas@clariontechnologies.co.in
>>>> Clarion Technologies
>>>> SEI CMMI Level 3 Company
>>>>
>>>> 4th Floor, Great Eastern Plaza,
>>>> Airport Road,
>>>> Pune- 411 006,
>>>> Maharashtra, India.
>>>> Phone: +91 20 66020289
>>>> Mobile: +91 9823435917
>>>> www.clariontechnologies.co.in
>>>>
>>>> ----- Original Message -----
>>>> From: <ch...@apache.org>
>>>> To: <sh...@incubator.apache.org>
>>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/
>>>> http/
>>>>
>>>>
>>>>> Author: chabotc
>>>>> Date: Wed May 21 09:58:52 2008
>>>>> New Revision: 658758
>>>>>
>>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>>> Log:
>>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>>> great work on this. This patch implements OAuth and signed request
>>>>> support
>>>>>
>>>>> Added:
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> GadgetOAuthTokenStore.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> OAuthFetcherFactory.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> OAuthRequestParams.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> OAuthServiceProvider.php
>>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>>> Modified:
>>>>> incubator/shindig/trunk/php/config.php
>>>>> incubator/shindig/trunk/php/index.php
>>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>>> BasicBlobCrypter.php
>>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>>> GadgetDataServlet.php
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/config.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52
>>>>> 2008
>>>>> @@ -1,4 +1,4 @@
>>>>> -<?
>>>>> +<?php
>>>>> /*
>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>> * or more contributor license agreements. See the NOTICE file
>>>>> @@ -45,7 +45,7 @@
>>>>> // Configurable CSS rules that are injected to the gadget page,
>>>>> // be careful when adjusting these not to break most gadget's
>>>>> layouts :)
>>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;}
>>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>>> color:white;}',
>>>>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>> input,
>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>> 3px;}',
>>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>>> none; }a:hover {color: #3366CC; text-decoration: underline;}
>>>>> input,
>>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding:
>>>>> 3px;}',
>>>>>
>>>>> // The html / javascript samples use a plain text demo token,
>>>>> // set this to false on anything resembling a real site
>>>>> @@ -96,6 +96,13 @@
>>>>> // global cache age policy and location
>>>>> 'cache_time' => 24 * 60 * 60,
>>>>> 'cache_root' => '/tmp/shindig',
>>>>> +
>>>>> + // OAuth private key Path
>>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>> private.key',
>>>>> + // file path to public RSA cert
>>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>>> public.crt',
>>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>>> + 'private_key_phrase' => 'partuza',
>>>>>
>>>>> // In some cases we need to know the site root (for features
>>>>> forinstance)
>>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/index.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
>>>>> @@ -1,4 +1,4 @@
>>>>> -<?
>>>>> +<?php
>>>>> /*
>>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>>> * or more contributor license agreements. See the NOTICE file
>>>>> @@ -48,7 +48,7 @@
>>>>> // To load these, we scan our entire directory structure
>>>>> function __autoload($className)
>>>>> {
>>>>> - $locations = array('src/common', 'src/common/samplecontainer',
>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>> samplecontainer');
>>>>> + $locations = array('src/common', 'src/common/samplecontainer',
>>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>>> samplecontainer', 'src/gadgets/oauth');
>>>>> // Check for the presense of this class in our all our
>>>>> directories.
>>>>> $fileName = $className.'.php';
>>>>> foreach ($locations as $path) {
>>>>> @@ -65,7 +65,8 @@
>>>>> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
>>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>>> 'GadgetRenderingServlet',
>>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>>> 'JsonRpcServlet',
>>>>> - Config::get('web_prefix') . '/social/data' =>
>>>>> 'GadgetDataServlet'
>>>>> + Config::get('web_prefix') . '/social/data' =>
>>>>> 'GadgetDataServlet',
>>>>> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
>>>>> );
>>>>>
>>>>> // Try to match the request url to our servlet mapping
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>>> 09:58:52 2008
>>>>> @@ -1,4 +1,5 @@
>>>>> <?php
>>>>> +
>>>>> /**
>>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>>> *
>>>>> @@ -48,243 +49,248 @@
>>>>> class JsMinException extends Exception {}
>>>>>
>>>>> class JsMin {
>>>>> - const ORD_LF = 10;
>>>>> - const ORD_SPACE = 32;
>>>>> -
>>>>> - protected $a = '';
>>>>> - protected $b = '';
>>>>> - protected $input = '';
>>>>> - protected $inputIndex = 0;
>>>>> - protected $inputLength = 0;
>>>>> - protected $lookAhead = null;
>>>>> - protected $output = '';
>>>>> -
>>>>> - // -- Public Static Methods
>>>>> --------------------------------------------------
>>>>> -
>>>>> - public static function minify($js) {
>>>>> - $jsmin = new JsMin($js);
>>>>> - return $jsmin->min();
>>>>> - }
>>>>> -
>>>>> - // -- Public Instance Methods
>>>>> ------------------------------------------------
>>>>> -
>>>>> - public function __construct($input) {
>>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>>> - $this->inputLength = strlen($this->input);
>>>>> - }
>>>>> -
>>>>> - // -- Protected Instance Methods
>>>>> ---------------------------------------------
>>>>> -
>>>>> - protected function action($d) {
>>>>> - switch($d) {
>>>>> - case 1:
>>>>> - $this->output .= $this->a;
>>>>> -
>>>>> - case 2:
>>>>> - $this->a = $this->b;
>>>>> -
>>>>> - if ($this->a === "'" || $this->a === '"') {
>>>>> - for (;;) {
>>>>> - $this->output .= $this->a;
>>>>> - $this->a = $this->get();
>>>>> -
>>>>> - if ($this->a === $this->b) {
>>>>> - break;
>>>>> - }
>>>>> -
>>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>>> - throw new JsMinException('Unterminated string
>>>>> literal.');
>>>>> - }
>>>>> -
>>>>> - if ($this->a === '\\') {
>>>>> - $this->output .= $this->a;
>>>>> - $this->a = $this->get();
>>>>> - }
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - case 3:
>>>>> - $this->b = $this->next();
>>>>> -
>>>>> - if ($this->b === '/' && (
>>>>> - $this->a === '(' || $this->a === ',' || $this->a ===
>>>>> '=' ||
>>>>> - $this->a === ':' || $this->a === '[' || $this->a ===
>>>>> '!' ||
>>>>> - $this->a === '&' || $this->a === '|' || $this->a ===
>>>>> '?')) {
>>>>> -
>>>>> - $this->output .= $this->a . $this->b;
>>>>> -
>>>>> - for (;;) {
>>>>> - $this->a = $this->get();
>>>>> -
>>>>> - if ($this->a === '/') {
>>>>> - break;
>>>>> - } elseif ($this->a === '\\') {
>>>>> - $this->output .= $this->a;
>>>>> - $this->a = $this->get();
>>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>>> - throw new JsMinException('Unterminated regular
>>>>> expression '.
>>>>> - 'literal.');
>>>>> - }
>>>>> -
>>>>> - $this->output .= $this->a;
>>>>> - }
>>>>> -
>>>>> - $this->b = $this->next();
>>>>> - }
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - protected function get() {
>>>>> - $c = $this->lookAhead;
>>>>> - $this->lookAhead = null;
>>>>> -
>>>>> - if ($c === null) {
>>>>> - if ($this->inputIndex < $this->inputLength) {
>>>>> - $c = $this->input[$this->inputIndex];
>>>>> - $this->inputIndex += 1;
>>>>> - } else {
>>>>> - $c = null;
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - if ($c === "\r") {
>>>>> - return "\n";
>>>>> - }
>>>>> -
>>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>>> self::ORD_SPACE) {
>>>>> - return $c;
>>>>> - }
>>>>> -
>>>>> - return ' ';
>>>>> - }
>>>>> -
>>>>> - protected function isAlphaNum($c) {
>>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>>> $/', $c) === 1;
>>>>> - }
>>>>> -
>>>>> - protected function min() {
>>>>> - $this->a = "\n";
>>>>> - $this->action(3);
>>>>> -
>>>>> - while ($this->a !== null) {
>>>>> - switch ($this->a) {
>>>>> - case ' ':
>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>> - $this->action(1);
>>>>> - } else {
>>>>> - $this->action(2);
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - case "\n":
>>>>> - switch ($this->b) {
>>>>> - case '{':
>>>>> - case '[':
>>>>> - case '(':
>>>>> - case '+':
>>>>> - case '-':
>>>>> - $this->action(1);
>>>>> - break;
>>>>> -
>>>>> - case ' ':
>>>>> - $this->action(3);
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - if ($this->isAlphaNum($this->b)) {
>>>>> - $this->action(1);
>>>>> - }
>>>>> - else {
>>>>> - $this->action(2);
>>>>> - }
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - switch ($this->b) {
>>>>> - case ' ':
>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>> - $this->action(1);
>>>>> - break;
>>>>> - }
>>>>> -
>>>>> - $this->action(3);
>>>>> - break;
>>>>> -
>>>>> - case "\n":
>>>>> - switch ($this->a) {
>>>>> - case '}':
>>>>> - case ']':
>>>>> - case ')':
>>>>> - case '+':
>>>>> - case '-':
>>>>> - case '"':
>>>>> - case "'":
>>>>> - $this->action(1);
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - if ($this->isAlphaNum($this->a)) {
>>>>> - $this->action(1);
>>>>> - }
>>>>> - else {
>>>>> - $this->action(3);
>>>>> - }
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - default:
>>>>> - $this->action(1);
>>>>> - break;
>>>>> - }
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - return $this->output;
>>>>> - }
>>>>> -
>>>>> - protected function next() {
>>>>> - $c = $this->get();
>>>>> -
>>>>> - if ($c === '/') {
>>>>> - switch($this->peek()) {
>>>>> - case '/':
>>>>> - for (;;) {
>>>>> - $c = $this->get();
>>>>> -
>>>>> - if (ord($c) <= self::ORD_LF) {
>>>>> - return $c;
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - case '*':
>>>>> - $this->get();
>>>>> -
>>>>> - for (;;) {
>>>>> - switch($this->get()) {
>>>>> - case '*':
>>>>> - if ($this->peek() === '/') {
>>>>> - $this->get();
>>>>> - return ' ';
>>>>> - }
>>>>> - break;
>>>>> -
>>>>> - case null:
>>>>> - throw new JsMinException('Unterminated
>>>>> comment.');
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - default:
>>>>> - return $c;
>>>>> - }
>>>>> - }
>>>>> -
>>>>> - return $c;
>>>>> - }
>>>>> -
>>>>> - protected function peek() {
>>>>> - $this->lookAhead = $this->get();
>>>>> - return $this->lookAhead;
>>>>> - }
>>>>> + const ORD_LF = 10;
>>>>> + const ORD_SPACE = 32;
>>>>> +
>>>>> + protected $a = '';
>>>>> + protected $b = '';
>>>>> + protected $input = '';
>>>>> + protected $inputIndex = 0;
>>>>> + protected $inputLength = 0;
>>>>> + protected $lookAhead = null;
>>>>> + protected $output = '';
>>>>> +
>>>>> + // -- Public Static Methods
>>>>> --------------------------------------------------
>>>>> +
>>>>> +
>>>>> + public static function minify($js)
>>>>> + {
>>>>> + $jsmin = new JsMin($js);
>>>>> + return $jsmin->min();
>>>>> + }
>>>>> +
>>>>> + // -- Public Instance Methods
>>>>> ------------------------------------------------
>>>>> +
>>>>> +
>>>>> + public function __construct($input)
>>>>> + {
>>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>>> + $this->inputLength = strlen($this->input);
>>>>> + }
>>>>> +
>>>>> + // -- Protected Instance Methods
>>>>> ---------------------------------------------
>>>>> +
>>>>> +
>>>>> + protected function action($d)
>>>>> + {
>>>>> + switch ($d) {
>>>>> + case 1:
>>>>> + $this->output .= $this->a;
>>>>> +
>>>>> + case 2:
>>>>> + $this->a = $this->b;
>>>>> +
>>>>> + if ($this->a === "'" || $this->a === '"') {
>>>>> + for (; ; ) {
>>>>> + $this->output .= $this->a;
>>>>> + $this->a = $this->get();
>>>>> +
>>>>> + if ($this->a === $this->b) {
>>>>> + break;
>>>>> + }
>>>>> +
>>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>>> + throw new JsMinException('Unterminated string literal.');
>>>>> + }
>>>>> +
>>>>> + if ($this->a === '\\') {
>>>>> + $this->output .= $this->a;
>>>>> + $this->a = $this->get();
>>>>> + }
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + case 3:
>>>>> + $this->b = $this->next();
>>>>> +
>>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' ||
>>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' || $this-
>>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a ===
>>>>> '?')) {
>>>>> +
>>>>> + $this->output .= $this->a . $this->b;
>>>>> +
>>>>> + for (; ; ) {
>>>>> + $this->a = $this->get();
>>>>> +
>>>>> + if ($this->a === '/') {
>>>>> + break;
>>>>> + } elseif ($this->a === '\\') {
>>>>> + $this->output .= $this->a;
>>>>> + $this->a = $this->get();
>>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>>> 'literal.');
>>>>> + }
>>>>> +
>>>>> + $this->output .= $this->a;
>>>>> + }
>>>>> +
>>>>> + $this->b = $this->next();
>>>>> + }
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + protected function get()
>>>>> + {
>>>>> + $c = $this->lookAhead;
>>>>> + $this->lookAhead = null;
>>>>> +
>>>>> + if ($c === null) {
>>>>> + if ($this->inputIndex < $this->inputLength) {
>>>>> + $c = $this->input[$this->inputIndex];
>>>>> + $this->inputIndex += 1;
>>>>> + } else {
>>>>> + $c = null;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + if ($c === "\r") {
>>>>> + return "\n";
>>>>> + }
>>>>> +
>>>>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>>>> + return $c;
>>>>> + }
>>>>> +
>>>>> + return ' ';
>>>>> + }
>>>>> +
>>>>> + protected function isAlphaNum($c)
>>>>> + {
>>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>>>>> $c) === 1;
>>>>> + }
>>>>> +
>>>>> + protected function min()
>>>>> + {
>>>>> + $this->a = "\n";
>>>>> + $this->action(3);
>>>>> +
>>>>> + while ($this->a !== null) {
>>>>> + switch ($this->a) {
>>>>> + case ' ':
>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>> + $this->action(1);
>>>>> + } else {
>>>>> + $this->action(2);
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + case "\n":
>>>>> + switch ($this->b) {
>>>>> + case '{':
>>>>> + case '[':
>>>>> + case '(':
>>>>> + case '+':
>>>>> + case '-':
>>>>> + $this->action(1);
>>>>> + break;
>>>>> +
>>>>> + case ' ':
>>>>> + $this->action(3);
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + if ($this->isAlphaNum($this->b)) {
>>>>> + $this->action(1);
>>>>> + } else {
>>>>> + $this->action(2);
>>>>> + }
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + switch ($this->b) {
>>>>> + case ' ':
>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>> + $this->action(1);
>>>>> + break;
>>>>> + }
>>>>> +
>>>>> + $this->action(3);
>>>>> + break;
>>>>> +
>>>>> + case "\n":
>>>>> + switch ($this->a) {
>>>>> + case '}':
>>>>> + case ']':
>>>>> + case ')':
>>>>> + case '+':
>>>>> + case '-':
>>>>> + case '"':
>>>>> + case "'":
>>>>> + $this->action(1);
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + if ($this->isAlphaNum($this->a)) {
>>>>> + $this->action(1);
>>>>> + } else {
>>>>> + $this->action(3);
>>>>> + }
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + default:
>>>>> + $this->action(1);
>>>>> + break;
>>>>> + }
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + return $this->output;
>>>>> + }
>>>>> +
>>>>> + protected function next()
>>>>> + {
>>>>> + $c = $this->get();
>>>>> +
>>>>> + if ($c === '/') {
>>>>> + switch ($this->peek()) {
>>>>> + case '/':
>>>>> + for (; ; ) {
>>>>> + $c = $this->get();
>>>>> +
>>>>> + if (ord($c) <= self::ORD_LF) {
>>>>> + return $c;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + case '*':
>>>>> + $this->get();
>>>>> +
>>>>> + for (; ; ) {
>>>>> + switch ($this->get()) {
>>>>> + case '*':
>>>>> + if ($this->peek() === '/') {
>>>>> + $this->get();
>>>>> + return ' ';
>>>>> + }
>>>>> + break;
>>>>> +
>>>>> + case null:
>>>>> + throw new JsMinException('Unterminated comment.');
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + default:
>>>>> + return $c;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + return $c;
>>>>> + }
>>>>> +
>>>>> + protected function peek()
>>>>> + {
>>>>> + $this->lookAhead = $this->get();
>>>>> + return $this->lookAhead;
>>>>> + }
>>>>> }
>>>>>
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentFetcher.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentFetcher.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentFetcher.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -19,6 +19,18 @@
>>>>> */
>>>>>
>>>>> abstract class RemoteContentFetcher {
>>>>> +
>>>>> + protected $fetcher;
>>>>> +
>>>>> + protected function setNextFetcher($fetcher = null)
>>>>> + {
>>>>> + $this->fetcher = $fetcher;
>>>>> + }
>>>>>
>>>>> abstract public function fetchRequest($request);
>>>>> +
>>>>> + public function getNextFetcher()
>>>>> + {
>>>>> + return $this->fetcher;
>>>>> + }
>>>>> }
>>>>> \ No newline at end of file
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentRequest.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentRequest.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/
>>>>> RemoteContentRequest.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -15,13 +15,14 @@
>>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> * KIND, either express or implied. See the License for the
>>>>> * specific language governing permissions and limitations under
>>>>> the
>>>>> License.
>>>>> - *
>>>>> + *
>>>>> */
>>>>>
>>>>> class RemoteContentRequest {
>>>>> // these are used for making the request
>>>>> - private $url = '';
>>>>> - private $headers = false;
>>>>> + private $uri = '';
>>>>> + private $method = '';
>>>>> + private $headers = array();
>>>>> private $postBody = false;
>>>>> // these fields are filled in once the request has completed
>>>>> private $responseContent = false;
>>>>> @@ -29,20 +30,179 @@
>>>>> private $responseHeaders = false;
>>>>> private $httpCode = false;
>>>>> private $contentType = null;
>>>>> + private $options;
>>>>> public $handle = false;
>>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>>>>> urlencoded; charset=utf-8";
>>>>> + public static $DEFAULT_OPTIONS = array();
>>>>>
>>>>> - public function __construct($url, $headers = false, $postBody =
>>>>> false)
>>>>> + public function __construct($uri, $headers = false, $postBody =
>>>>> false)
>>>>> {
>>>>> - $this->url = $url;
>>>>> + $this->uri = $uri;
>>>>> $this->headers = $headers;
>>>>> $this->postBody = $postBody;
>>>>> }
>>>>>
>>>>> + public function createRemoteContentRequest($method, $uri,
>>>>> $headers, $postBody, $options)
>>>>> + {
>>>>> + $this->method = $method;
>>>>> + $this->uri = $uri;
>>>>> + $this->options = $options;
>>>>> + // Copy the headers
>>>>> + if (! isset($headers)) {
>>>>> + $this->headers = '';
>>>>> + } else {
>>>>> + $setPragmaHeader = false;
>>>>> + $tmpHeaders = '';
>>>>> + foreach ($headers as $key => $value) {
>>>>> + // Proxies should be bypassed with the Pragma: no-cache check.
>>>>> + //TODO double check array is good for options
>>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>>> + $value = "no-cache";
>>>>> + $setPragmaHeader = true;
>>>>> + }
>>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>>> + }
>>>>> + // Bypass caching in proxies as well.
>>>>> + //TODO double check array is good for options
>>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>>> + }
>>>>> + $this->headers = $tmpHeaders;
>>>>> + }
>>>>> + if (! isset($postBody)) {
>>>>> + $this->postBody = '';
>>>>> + } else {
>>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>>> + }
>>>>> + $type = $this->getHeader("Content-Type");
>>>>> + if (! isset($type)) {
>>>>> + $this->contentType = RemoteContentRequest::
>>>>> $DEFAULT_CONTENT_TYPE;
>>>>> + } else {
>>>>> + $this->contentType = $type;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Creates a new request to a different URL using all request
>>>>> data
>>>>> from
>>>>> + * an existing request.
>>>>> + *
>>>>> + * @param uri
>>>>> + * @param base The base request to copy data from.
>>>>> + */
>>>>> + public static function
>>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>>> + {
>>>>> + $this->uri = $uri;
>>>>> + $this->method = $base->method;
>>>>> + $this->options = $base->options;
>>>>> + $this->headers = $base->headers;
>>>>> + $this->contentType = $base->contentType;
>>>>> + $this->postBody = $base->postBody;
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Basic GET request.
>>>>> + *
>>>>> + * @param uri
>>>>> + */
>>>>> + public function createRemoteContentRequestWithUri($uri)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * GET with options
>>>>> + *
>>>>> + * @param uri
>>>>> + * @param options
>>>>> + */
>>>>> + public function createRemoteContentRequestWithUriOptions($uri,
>>>>> $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * GET request with custom headers and default options
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + */
>>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>>> $headers)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * GET request with custom headers + options
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + * @param options
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>>> $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Basic POST request
>>>>> + * @param uri
>>>>> + * @param postBody
>>>>> + */
>>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>>> $postBody)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * POST request with options
>>>>> + * @param uri
>>>>> + * @param postBody
>>>>> + * @param options
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>>>>> $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * POST request with headers
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + * @param postBody
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>>>>> $postBody)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * POST request with options + headers
>>>>> + * @param uri
>>>>> + * @param headers
>>>>> + * @param postBody
>>>>> + * @param options
>>>>> + */
>>>>> + public function
>>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>>> $headers, $postBody, $options)
>>>>> + {
>>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>>> $postBody, $options);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Creates a simple GET request
>>>>> + *
>>>>> + * @param uri
>>>>> + * @param ignoreCache
>>>>> + */
>>>>> + public function getRequest($uri, $ignoreCache)
>>>>> + {
>>>>> + $options = new Options();
>>>>> + $options->ignoreCache = $ignoreCache;
>>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>>> $options);
>>>>> + }
>>>>> +
>>>>> // returns a hash code which identifies this request, used for
>>>>> caching
>>>>> - // takes url and postbody into account for constructing the md5
>>>>> checksum
>>>>> + // takes url and postbody into account for constructing the sha1
>>>>> checksum
>>>>> public function toHash()
>>>>> {
>>>>> - return md5($this->url . $this->postBody);
>>>>> + return md5($this->uri . $this->postBody);
>>>>> }
>>>>>
>>>>> public function getContentType()
>>>>> @@ -92,7 +252,17 @@
>>>>>
>>>>> public function getUrl()
>>>>> {
>>>>> - return $this->url;
>>>>> + return $this->uri;
>>>>> + }
>>>>> +
>>>>> + public function getMethod()
>>>>> + {
>>>>> + return $this->method;
>>>>> + }
>>>>> +
>>>>> + public function getOptions()
>>>>> + {
>>>>> + return $this->options;
>>>>> }
>>>>>
>>>>> public function setContentType($type)
>>>>> @@ -125,14 +295,37 @@
>>>>> $this->headers = $headers;
>>>>> }
>>>>>
>>>>> + //FIXME: Find a better way to do this
>>>>> + // The headers can be an array of elements.
>>>>> + public function getHeader($headerName)
>>>>> + {
>>>>> + $headers = explode("\n", $this->headers);
>>>>> + foreach ($headers as $header) {
>>>>> + $key = explode(":", $header);
>>>>> + if ($key[0] == $headerName)
>>>>> + return $key[1];
>>>>> + }
>>>>> + return null;
>>>>> + }
>>>>> +
>>>>> public function setPostBody($postBody)
>>>>> {
>>>>> $this->postBody = $postBody;
>>>>> }
>>>>>
>>>>> - public function setUrl($url)
>>>>> + public function setUri($uri)
>>>>> {
>>>>> - $this->url = $url;
>>>>> + $this->uri = $uri;
>>>>> }
>>>>>
>>>>> -}
>>>>> \ No newline at end of file
>>>>> +}
>>>>> +
>>>>> +/**
>>>>> + * Bag of options for making a request.
>>>>> + *
>>>>> + * This object is mutable to keep us sane. Don't mess with it
>>>>> once
>>>>> you've
>>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>>> + */
>>>>> +class Options {
>>>>> + public $ignoreCache = false;
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May
>>>>> 21 09:58:52 2008
>>>>> @@ -80,7 +80,7 @@
>>>>> self::loadFile($file, $dirs, true);
>>>>> } else {
>>>>> self::_securityCheck($file);
>>>>> - include_once $file;
>>>>> + include_once 'src/common/'.$file;
>>>>> }
>>>>>
>>>>> if (!class_exists($class, false) && !
>>>>> interface_exists($class, false)) {
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>> GadgetContext.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>>>>> May 21 09:58:52 2008
>>>>> @@ -26,21 +26,21 @@
>>>>> * Server wide variables are stored in config.php
>>>>> */
>>>>> class GadgetContext {
>>>>> - private $httpFetcher = null;
>>>>> - private $locale = null;
>>>>> - private $renderingContext = null;
>>>>> - private $registry = null;
>>>>> - private $userPrefs = null;
>>>>> - private $gadgetId = null;
>>>>> - private $view = null;
>>>>> - private $moduleId = null;
>>>>> - private $url = null;
>>>>> - private $cache = null;
>>>>> - private $blacklist = null;
>>>>> - private $ignoreCache = null;
>>>>> - private $forcedJsLibs = null;
>>>>> - private $containerConfig = null;
>>>>> - private $container = null;
>>>>> + protected $httpFetcher = null;
>>>>> + protected $locale = null;
>>>>> + protected $renderingContext = null;
>>>>> + protected $registry = null;
>>>>> + protected $userPrefs = null;
>>>>> + protected $gadgetId = null;
>>>>> + protected $view = null;
>>>>> + protected $moduleId = null;
>>>>> + protected $url = null;
>>>>> + protected $cache = null;
>>>>> + protected $blacklist = null;
>>>>> + protected $ignoreCache = null;
>>>>> + protected $forcedJsLibs = null;
>>>>> + protected $containerConfig = null;
>>>>> + protected $container = null;
>>>>>
>>>>> public function __construct($renderingContext)
>>>>> {
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>> GadgetSpecParser.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -36,7 +36,7 @@
>>>>> }
>>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>>> // process ModulePref attributes
>>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
>>>>> // process UserPrefs, if any
>>>>> foreach ($doc->UserPref as $pref) {
>>>>> $this->processUserPref($gadget, $pref);
>>>>> @@ -54,7 +54,7 @@
>>>>> return $gadget;
>>>>> }
>>>>>
>>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>>> $context)
>>>>> {
>>>>> $attributes = $ModulePrefs->attributes();
>>>>> if (empty($attributes['title'])) {
>>>>> @@ -90,11 +90,11 @@
>>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>>> trim($attributes['scaling']) : '';
>>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>>> trim($attributes['scrolling']) : '';
>>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>>> + $gadget->localeSpecs[] = $this->processLocale($locale,
>>>>> $context);
>>>>> }
>>>>> }
>>>>>
>>>>> - private function processLocale($locale)
>>>>> + private function processLocale($locale, $context)
>>>>> {
>>>>> $attributes = $locale->attributes();
>>>>> $messageAttr = isset($attributes['messages']) ?
>>>>> trim($attributes['messages']) : '';
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed
>>>>> May
>>>>> 21 09:58:52 2008
>>>>> @@ -0,0 +1,70 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations under
>>>>> the License.
>>>>> + *
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * An abstract representation of a signing token.
>>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>>> + */
>>>>> +abstract class GadgetToken {
>>>>> +
>>>>> + //FIXME Hmm seems php is refusing to let me make abstract
>>>>> static
>>>>> functions? odd
>>>>> + static public function createFromToken($token, $maxage) {}
>>>>> + static public function createFromValues($owner, $viewer, $app,
>>>>> $domain, $appUrl, $moduleId) {}
>>>>> +
>>>>> +
>>>>> + /**
>>>>> + * Serializes the token into a string. This can be the exact
>>>>> same as
>>>>> + * toString; using a different name here is only to force
>>>>> interface
>>>>> + * compliance.
>>>>> + *
>>>>> + * @return A string representation of the token.
>>>>> + */
>>>>> + abstract public function toSerialForm();
>>>>> +
>>>>> + /**
>>>>> + * @return the owner from the token, or null if there is none.
>>>>> + */
>>>>> + abstract public function getOwnerId();
>>>>> +
>>>>> + /**
>>>>> + * @return the viewer from the token, or null if there is none.
>>>>> + */
>>>>> + abstract public function getViewerId();
>>>>> +
>>>>> + /**
>>>>> + * @return the application id from the token, or null if there
>>>>> is none.
>>>>> + */
>>>>> + abstract public function getAppId();
>>>>> +
>>>>> + /**
>>>>> + * @return the domain from the token, or null if there is none.
>>>>> + */
>>>>> + abstract public function getDomain();
>>>>> +
>>>>> + /**
>>>>> + * @return the URL of the application
>>>>> + */
>>>>> + abstract public function getAppUrl();
>>>>> +
>>>>> + /**
>>>>> + * @return the module ID of the application
>>>>> + */
>>>>> + abstract public function getModuleId();
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>> GadgetTokenDecoder.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,34 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations
>>>>> + * under the License.
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * Handles verification of gadget security tokens.
>>>>> + */
>>>>> +abstract class GadgetTokenDecoder {
>>>>> +
>>>>> + /**
>>>>> + * Decrypts and verifies a gadget security token to return a
>>>>> gadget token.
>>>>> + *
>>>>> + * @param tokenString String representation of the token to be
>>>>> created.
>>>>> + * @return The token representation of the input data.
>>>>> + * @throws GadgetException If tokenString is not a valid token
>>>>> + */
>>>>> + abstract public function createToken($tokenString);
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>>>>> 21 09:58:52 2008
>>>>> @@ -24,7 +24,7 @@
>>>>> private $content;
>>>>> private $featureName; // used to track what feature this belongs
>>>>> to
>>>>> private $loaded = false;
>>>>> -
>>>>> +
>>>>> public function __construct($type, $content, $featureName = '')
>>>>> {
>>>>> $this->featureName = $featureName;
>>>>> @@ -39,11 +39,11 @@
>>>>>
>>>>> public function getContent()
>>>>> {
>>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>>> if (Config::get('compress_javascript')) {
>>>>> $dataCache = Config::get('data_cache');
>>>>> $dataCache = new $dataCache();
>>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>>> $content = JsMin::minify(JsLibrary::loadData($this->content,
>>>>> $this-
>>>>>> type));
>>>>> $dataCache->set(md5($this->content), $content);
>>>>> $this->content = $content;
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>>> JsonRpcGadgetContext.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>>> JsonRpcGadgetContext.php (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>>> @@ -1,10 +1,6 @@
>>>>> <?php
>>>>>
>>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>>> - private $locale = null;
>>>>> - private $view = null;
>>>>> - private $url = null;
>>>>> - private $container = null;
>>>>>
>>>>> public function __construct($jsonContext, $url)
>>>>> {
>>>>> @@ -15,23 +11,8 @@
>>>>> $this->container = $jsonContext->container;
>>>>> }
>>>>>
>>>>> - public function getUrl()
>>>>> - {
>>>>> - return $this->url;
>>>>> - }
>>>>> -
>>>>> public function getView()
>>>>> {
>>>>> return $this->view;
>>>>> }
>>>>> -
>>>>> - public function getLocale()
>>>>> - {
>>>>> - return $this->locale;
>>>>> - }
>>>>> -
>>>>> - public function getContainer()
>>>>> - {
>>>>> - return $this->container;
>>>>> - }
>>>>> }
>>>>> \ No newline at end of file
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>>> ProxyGadgetContext.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,10 @@
>>>>> +<?php
>>>>> +
>>>>> +class ProxyGadgetContext extends GadgetContext {
>>>>> +
>>>>> + public function __construct($url)
>>>>> + {
>>>>> + parent::__construct('GADGET');
>>>>> + $this->url = $url;
>>>>> + }
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>>>>> May 21 09:58:52 2008
>>>>> @@ -29,11 +29,15 @@
>>>>> *
>>>>> */
>>>>> class ProxyHandler {
>>>>> - private $context;
>>>>> + private $context;
>>>>> + private $signingFetcher;
>>>>> + private $oauthFetcher;
>>>>>
>>>>> - public function __construct($context)
>>>>> + public function __construct($context, $signingFetcher = null,
>>>>> $oauthFetcher = null)
>>>>> {
>>>>> - $this->context = $context;
>>>>> + $this->context = $context;
>>>>> + $this->signingFetcher = $signingFetcher;
>>>>> + $this->oauthFetcher = $oauthFetcher;
>>>>> }
>>>>>
>>>>> /**
>>>>> @@ -51,11 +55,21 @@
>>>>> $token = '';
>>>>> // no token given, safe to ignore
>>>>> }
>>>>> - $originalUrl = $this->validateUrl($url);
>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>> + $url = $this->validateUrl($url);
>>>>> // Fetch the content and convert it into JSON.
>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>>> + if (!isset($result)) {
>>>>> + //OAuthFetcher only
>>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>>> + $json = array($url => $metadata);
>>>>> + $json = json_encode($json);
>>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>>> + $this->setCachingHeaders();
>>>>> + header("Content-Type: application/json; charset=utf-8", true);
>>>>> + echo $output;
>>>>> + die();
>>>>> + }
>>>>> $status = (int)$result->getHttpCode();
>>>>> //header("HTTP/1.1 $status", true);
>>>>> if ($status == 200) {
>>>>> @@ -174,10 +188,9 @@
>>>>> $token = '';
>>>>> // no token given, safe to ignore
>>>>> }
>>>>> - $originalUrl = $this->validateUrl($url);
>>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>>> + $url = $this->validateUrl($url);
>>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>>> + $result = $this->fetchContent($url, $method);
>>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>>> $status = (int)$result->getHttpCode();
>>>>> if ($status == 200) {
>>>>> @@ -208,11 +221,11 @@
>>>>> /**
>>>>> * Both fetch and fetchJson call this function to retrieve the
>>>>> actual content
>>>>> *
>>>>> - * @param string $signedUrl the signed url to fetch
>>>>> + * @param string $url the url to fetch
>>>>> * @param string $method either get or post
>>>>> * @return the filled in request (RemoteContentRequest)
>>>>> */
>>>>> - private function fetchContent($signedUrl, $method)
>>>>> + private function fetchContent($url, $method)
>>>>> {
>>>>> //TODO get actual character encoding from the request
>>>>>
>>>>> @@ -250,14 +263,41 @@
>>>>> }
>>>>> // even if postData is an empty string, it will still post (since
>>>>> RemoteContentRquest checks if its false)
>>>>> // so the request to POST is still honored
>>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>>> $postData);
>>>>> + $request = new RemoteContentRequest($url, $headers, $postData);
>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>> $context);
>>>>> } else {
>>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>>> + $request = new RemoteContentRequest($url, $headers);
>>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>>> $context);
>>>>> }
>>>>> return $request;
>>>>> }
>>>>> +
>>>>> + private function fetchContentDivert($url, $method, $signer)
>>>>> + {
>>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>>> + $token = $this->extractAndValidateToken($signer);
>>>>> + switch (strtoupper($authz)) {
>>>>> + case 'SIGNED':
>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>> BasicRemoteContentFetcher(), $token);
>>>>> + return $fetcher->fetch($url, $method);
>>>>> + case 'AUTHENTICATED':
>>>>> + $params = new OAuthRequestParams();
>>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>>> BasicRemoteContentFetcher(), $token);
>>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>>> + $request = new RemoteContentRequest($url);
>>>>> + $request->createRemoteContentRequestWithUri($url);
>>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>>> + case 'NONE':
>>>>> + default:
>>>>> + return $this->fetchContent($url, $method);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + public function setContentFetcher($contentFetcherFactory)
>>>>> + {
>>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>>> + }
>>>>>
>>>>> /**
>>>>> * Sets the caching headers (overwriting anything the remote host
>>>>> set) to force
>>>>> @@ -282,6 +322,7 @@
>>>>> private function validateUrl($url)
>>>>> {
>>>>> //TODO should really make a PHP version of the URI class and
>>>>> validate in all the locations the java version does
>>>>> + // why not use Zend::Uri:
>>>>> return $url;
>>>>> }
>>>>>
>>>>> @@ -293,40 +334,17 @@
>>>>> * @return string the token to use in the signed url
>>>>> */
>>>>> private function extractAndValidateToken($signer)
>>>>> - {
>>>>> - if ($signer == null) {
>>>>> - return null;
>>>>> - }
>>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>>> - if ($token) {
>>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>> - }
>>>>> + {
>>>>> + if ($signer == null) {
>>>>> + return null;
>>>>> + }
>>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>>> + if (!isset($token) || $token == '') {
>>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>>> + }
>>>>> return $signer->createToken($token);
>>>>> }
>>>>> -
>>>>> - /**
>>>>> - * Signs a url with the SecurityToken
>>>>> - *
>>>>> - * @param string $originalUrl
>>>>> - * @param SecurityToken $token
>>>>> - * @return unknown
>>>>> - */
>>>>> - private function signUrl($originalUrl, $token)
>>>>> - {
>>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>>> - if (! $authz) {
>>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>>> - }
>>>>> - if ($token == null || $authz != 'signed') {
>>>>> - return $originalUrl;
>>>>> - }
>>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>> false;
>>>>> - if ($method) {
>>>>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>> 'GET';
>>>>> - }
>>>>> - return $token->signUrl($originalUrl, $method);
>>>>> - }
>>>>> -
>>>>> +
>>>>> private function request_headers()
>>>>> {
>>>>> // Try to use apache's request headers if available
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> CertServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,42 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations under
>>>>> the License.
>>>>> + *
>>>>> + */
>>>>> +require 'src/common/HttpServlet.php';
>>>>> +
>>>>> +/**
>>>>> + * This class serves the public certificate, quick and dirty hack
>>>>> to make the certificate publicly accessible
>>>>> + * this combined with the hard coded location in
>>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>>> + * for the oauth pub key location makes a working whole
>>>>> + */
>>>>> +class CertServlet extends HttpServlet {
>>>>> +
>>>>> + /**
>>>>> + * Handles the get file request, only called on url = /public.crt
>>>>> + * so this function has no logic other then to output the cert
>>>>> + */
>>>>> + public function doGet()
>>>>> + {
>>>>> + $file = Config::get('public_key_file');
>>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>>> + throw new Exception("Invalid public key location ($file), check
>>>>> config and file permissions");
>>>>> + }
>>>>> + $this->setLastModified(filemtime($file));
>>>>> + readfile($file);
>>>>> + }
>>>>> +}
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> FilesServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -25,7 +25,7 @@
>>>>> * the php version too
>>>>> */
>>>>> class FilesServlet extends HttpServlet {
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Handles the get file request, if the file exists and is in the
>>>>> correct
>>>>> * location it's echo'd to the browser (with a basic content type
>>>>> guessing
>>>>> @@ -46,14 +46,14 @@
>>>>> die();
>>>>> }
>>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>>> is_file($file)) {
>>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>>> is_file($file)) {
>>>>> header("HTTP/1.0 404 Not Found", true);
>>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>>> die();
>>>>> }
>>>>> $dot = strrpos($file, '.');
>>>>> if ($dot) {
>>>>> - $ext = strtolower(substr($file, $dot+1));
>>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>>> if ($ext == 'html' || $ext == 'htm') {
>>>>> $this->setContentType('text/html');
>>>>> } elseif ($ext == 'js') {
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>>> @@ -52,7 +52,7 @@
>>>>> */
>>>>> class GadgetRenderingServlet extends HttpServlet {
>>>>> private $context;
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Creates the gadget using the GadgetServer class and calls
>>>>> outputGadget
>>>>> *
>>>>> @@ -71,11 +71,11 @@
>>>>> $gadgetServer = new GadgetServer();
>>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>>> $this->outputGadget($gadget, $this->context);
>>>>> - } catch ( Exception $e ) {
>>>>> + } catch (Exception $e) {
>>>>> $this->outputError($e);
>>>>> }
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * If an error occured (Exception) this function echo's the
>>>>> Exception's message
>>>>> * and if the config['debug'] is true, shows the debug backtrace in
>>>>> a div
>>>>> @@ -95,7 +95,7 @@
>>>>> }
>>>>> echo "</body></html>";
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Takes the gadget to output, and depending on its content type
>>>>> calls either outputHtml-
>>>>> * or outputUrlGadget
>>>>> @@ -107,15 +107,15 @@
>>>>> {
>>>>> $view = HttpUtil::getView($gadget, $context);
>>>>> switch ($view->getType()) {
>>>>> - case 'HTML' :
>>>>> + case 'HTML':
>>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>>> break;
>>>>> - case 'URL' :
>>>>> + case 'URL':
>>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>>> break;
>>>>> }
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Outputs a html content type gadget.
>>>>> * It creates a html page, with the javascripts from the features
>>>>> inline into the page, plus
>>>>> @@ -144,16 +144,13 @@
>>>>> }
>>>>> // Was a privacy policy header configured? if so set it
>>>>> if (Config::get('P3P') != '') {
>>>>> - header("P3P: ".Config::get('P3P'));
>>>>> + header("P3P: " . Config::get('P3P'));
>>>>> }
>>>>> - if (!$view->getQuirks()) {
>>>>> + if (! $view->getQuirks()) {
>>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>>> \">\n";
>>>>> }
>>>>> - echo "<html>\n<head>".
>>>>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>>>>> style>".
>>>>> - "</head><body>".
>>>>> - "<script><!--\n";
>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>>> "<script><!--\n";
>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>> $type = $library->getType();
>>>>> if ($type == 'URL') {
>>>>> // TODO: This case needs to be handled more gracefully by the js
>>>>> @@ -173,15 +170,12 @@
>>>>> // Forced libs first.
>>>>> if (! empty($forcedLibs)) {
>>>>> $libs = explode(':', $forcedLibs);
>>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').$this-
>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>>> $this-
>>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>>> }
>>>>> if (strlen($externJs) > 0) {
>>>>> echo $externJs;
>>>>> }
>>>>> - echo "<script><!--\n".
>>>>> - $this->appendJsConfig($context, $gadget).
>>>>> - $this->appendMessages($gadget).
>>>>> - "-->\n</script>\n";
>>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>>
>>>>> $gadgetExceptions = array();
>>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>>> getContent());
>>>>> @@ -192,11 +186,9 @@
>>>>> if (count($gadgetExceptions)) {
>>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>>> }
>>>>> - echo $content . "\n".
>>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>>> - "</body>\n</html>";
>>>>> + echo $content . "\n" .
>>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>>>>> \n</html>";
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Output's a URL content type gadget, it adds
>>>>> libs=<list:of:js:libraries>.js and user preferences
>>>>> * to the href url, and redirects the browser to it
>>>>> @@ -215,7 +207,7 @@
>>>>> $forcedLibs = Config::get('focedJsLibs');
>>>>> if ($forcedLibs == null) {
>>>>> $reqs = $gadget->getRequires();
>>>>> - foreach ( $reqs as $key => $val ) {
>>>>> + foreach ($reqs as $key => $val) {
>>>>> $libs[] = $key;
>>>>> }
>>>>> } else {
>>>>> @@ -231,7 +223,7 @@
>>>>> header('Location: ' . $redirURI);
>>>>> die();
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Returns the requested libs (from getjsUrl) with the
>>>>> libs_param_name prepended
>>>>> * ie: in libs=core:caja:etc.js format
>>>>> @@ -248,7 +240,7 @@
>>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>>> return $ret;
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * Returns the user preferences in &up_<name>=<val> format
>>>>> *
>>>>> @@ -259,7 +251,7 @@
>>>>> private function getPrefsQueryString($prefVals)
>>>>> {
>>>>> $ret = '';
>>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>>> $ret .= '&';
>>>>> $ret .= Config::get('userpref_param_prefix');
>>>>> $ret .= urlencode($key);
>>>>> @@ -268,10 +260,10 @@
>>>>> }
>>>>> return $ret;
>>>>> }
>>>>> -
>>>>> +
>>>>> /**
>>>>> * generates the library string (core:caja:etc.js) including a
>>>>> checksum of all the
>>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>>> *
>>>>> * @param string $libs
>>>>> * @param Gadget $gadget
>>>>> @@ -284,7 +276,7 @@
>>>>> $buf = 'core';
>>>>> } else {
>>>>> $firstDone = false;
>>>>> - foreach ( $libs as $lib ) {
>>>>> + foreach ($libs as $lib) {
>>>>> if ($firstDone) {
>>>>> $buf .= ':';
>>>>> } else {
>>>>> @@ -296,7 +288,7 @@
>>>>> // Build a version string from the sha1() checksum of all included
>>>>> javascript
>>>>> // to ensure the client always has the right version
>>>>> $inlineJs = '';
>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>> $type = $library->getType();
>>>>> if ($type != 'URL') {
>>>>> $inlineJs .= $library->getContent() . "\n";
>>>>> @@ -305,14 +297,14 @@
>>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>>> return $buf;
>>>>> }
>>>>> -
>>>>> +
>>>>> private function appendJsConfig($context, $gadget)
>>>>> {
>>>>> $container = $context->getContainer();
>>>>> $containerConfig = $context->getContainerConfig();
>>>>> $gadgetConfig = array();
>>>>> $featureConfig = $containerConfig->getConfig($container,
>>>>> 'gadgets.features');
>>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>>> $feature = $library->getFeatureName();
>>>>> if (! isset($gadgetConfig[$feature]) && !
>>>>> empty($featureConfig[$feature])) {
>>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>>> @@ -320,7 +312,7 @@
>>>>> }
>>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");
>>>>> \n";
>>>>> }
>>>>> -
>>>>> +
>>>>> private function appendMessages($gadget)
>>>>> {
>>>>> $msgs = '';
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> JsServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed
>>>>> May 21 09:58:52 2008
>>>>> @@ -30,7 +30,7 @@
>>>>> * to retrieve our features javascript code
>>>>> */
>>>>> class JsServlet extends HttpServlet {
>>>>> -
>>>>> +
>>>>> public function doGet()
>>>>> {
>>>>> $this->noHeaders = true;
>>>>>
>>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> ProxyServlet.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>> (original)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -26,6 +26,8 @@
>>>>> require 'src/common/RemoteContent.php';
>>>>> require 'src/common/Cache.php';
>>>>> require 'src/common/RemoteContentFetcher.php';
>>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>>
>>>>> class ProxyServlet extends HttpServlet {
>>>>>
>>>>> @@ -39,6 +41,7 @@
>>>>> if (! $url) {
>>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>>> }
>>>>> + $url = urldecode($url);
>>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>>> false;
>>>>> if (! $method) {
>>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>>> 'GET';
>>>>> @@ -49,7 +52,8 @@
>>>>> }
>>>>> $gadgetSigner = Config::get('security_token_signer');
>>>>> $gadgetSigner = new $gadgetSigner();
>>>>> - $proxyHandler = new ProxyHandler($context);
>>>>> + $signingFetcherFactory = new
>>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>>> + $proxyHandler = new ProxyHandler($context,
>>>>> $signingFetcherFactory);
>>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>>> } else {
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcher.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcher.php
>>>>> (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcher.php
>>>>> Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,216 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed under the Apache License, Version 2.0 (the
>>>>> "License");
>>>>> + * you may not use this file except in compliance with the
>>>>> License.
>>>>> + * You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> software
>>>>> + * distributed under the License is distributed on an "AS IS"
>>>>> BASIS,
>>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
>>>>> or
>>>>> implied.
>>>>> + * See the License for the specific language governing
>>>>> permissions
>>>>> and
>>>>> + * limitations under the License.
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * Implements signed fetch based on the OAuth request signing
>>>>> algorithm.
>>>>> + *
>>>>> + * Subclasses can override signMessage to use their own crypto if
>>>>> they don't
>>>>> + * like the oauth.net code for some reason.
>>>>> + *
>>>>> + * Instances of this class are only accessed by a single thread
>>>>> at
>>>>> a time,
>>>>> + * but instances may be created by multiple threads.
>>>>> + */
>>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>>> +
>>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>>> "xoauth_signature_publickey";
>>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>>> +
>>>>> + //protected final TimeSource clock = new TimeSource();
>>>>> +
>>>>> + /**
>>>>> + * Authentication token for the user and gadget making the
>>>>> request.
>>>>> + */
>>>>> + protected $authToken;
>>>>> +
>>>>> + /**
>>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can
>>>>> be a
>>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>>> encoded byte
>>>>> + * array for the private key.(No, really, they accept any of
>>>>> them.)
>>>>> + */
>>>>> + protected $privateKeyObject;
>>>>> +
>>>>> + /**
>>>>> + * The name of the key, included in the fetch to help with key
>>>>> rotation.
>>>>> + */
>>>>> + protected $keyName;
>>>>> +
>>>>> + /**
>>>>> + * Constructor based on signing with the given PrivateKey object.
>>>>> + *
>>>>> + * @param authToken verified gadget security token
>>>>> + * @param keyName name of the key to include in the request
>>>>> + * @param privateKey the key to use for the signing
>>>>> + */
>>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>>> $keyName, $privateKey)
>>>>> + {
>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>> $privateKey);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Constructor based on signing with the given PrivateKey object.
>>>>> + *
>>>>> + * @param authToken verified gadget security token
>>>>> + * @param keyName name of the key to include in the request
>>>>> + * @param privateKey base64 encoded private key
>>>>> + */
>>>>> + public static function makeFromB64PrivateKey($next, $authToken,
>>>>> $keyName, $privateKey)
>>>>> + {
>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>> $privateKey);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Constructor based on signing with the given PrivateKey object.
>>>>> + *
>>>>> + * @param authToken verified gadget security token
>>>>> + * @param keyName name of the key to include in the request
>>>>> + * @param privateKey DER encoded private key
>>>>> + */
>>>>> + public static function makeFromPrivateKeyBytes($next,
>>>>> $authToken,
>>>>> $keyName, $privateKey)
>>>>> + {
>>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>>> $privateKey);
>>>>> + }
>>>>> +
>>>>> + protected function __construct($next, $authToken, $keyName,
>>>>> $privateKeyObject)
>>>>> + {
>>>>> + parent::setNextFetcher($next);
>>>>> + $this->authToken = $authToken;
>>>>> + $this->keyName = $keyName;
>>>>> + $this->privateKeyObject = $privateKeyObject;
>>>>> + }
>>>>> +
>>>>> + public function fetchRequest($request)
>>>>> + {
>>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>>> + }
>>>>> +
>>>>> + public function fetch($url, $method)
>>>>> + {
>>>>> + $signed = $this->signRequest($url, $method);
>>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>>> + }
>>>>> +
>>>>> + private function signRequest($url, $method)
>>>>> + {
>>>>> + try {
>>>>> + // Parse the request into parameters for OAuth signing,
>>>>> stripping
>>>>> out
>>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>>> + ///////////////////////////////////////////////
>>>>> + require 'src/common/Zend/Uri.php';
>>>>> + $uri = Zend_Uri::factory($url);
>>>>> + $resource = $uri->getUri();
>>>>> + $queryParams = $this->sanitize($_GET);
>>>>> + $postParams = $this->sanitize($_POST);
>>>>> + $msgParams = array();
>>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>>> +
>>>>> + // TODO: is this ok?
>>>>> + //$msgParams = array();
>>>>> + $this->addOpenSocialParams($msgParams);
>>>>> + $this->addOAuthParams($msgParams);
>>>>> +
>>>>> + // Build and sign the OAuthMessage; note that the resource
>>>>> here has
>>>>> + // no query string, the parameters are all in msgParams
>>>>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>>>>> +
>>>>> + ////////////////////////////////////////////////
>>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>>> + $consumer-
>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>>>>>> privateKeyObject);
>>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>>> +
>>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer,
>>>>> NULL,
>>>>> $method, $resource, $msgParams);
>>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>>> +
>>>>> + // Rebuild the query string, including all of the parameters we
>>>>> added.
>>>>> + // We have to be careful not to copy POST parameters into the
>>>>> query.
>>>>> + // If post and query parameters share a name, they end up being
>>>>> removed
>>>>> + // from the query.
>>>>> + $forPost = array();
>>>>> + foreach ($postParams as $key => $param) {
>>>>> + $forPost[$key] = $param;
>>>>> + }
>>>>> + $newQuery = array();
>>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>>> + if (! isset($forPost[$key])) {
>>>>> + $newQuery[$key] = $param;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>>> different than
>>>>> + // the normal form encoding scheme, so we have to use the OAuth
>>>>> library
>>>>> + // formEncode method.
>>>>> + $uri->setQuery($newQuery);
>>>>> + return new RemoteContentRequest($uri->getUri());
>>>>> + } catch (Exception $e) {
>>>>> + throw new GadgetException($e);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function addOpenSocialParams(&$msgParams)
>>>>> + {
>>>>> + $owner = $this->authToken->getOwnerId();
>>>>> + if ($owner != null) {
>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>>> + }
>>>>> + $viewer = $this->authToken->getViewerId();
>>>>> + if ($viewer != null) {
>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>>> + }
>>>>> + $app = $this->authToken->getAppId();
>>>>> + if ($app != null) {
>>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function addOAuthParams(&$msgParams)
>>>>> + {
>>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>>> + $domain = $this->authToken->getDomain();
>>>>> + if ($domain != null) {
>>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>>> 'partuza.chabotc.com'; //
>>>>> $domain;
>>>>> + }
>>>>> + if ($this->keyName != null) {
>>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
>>>>> + }
>>>>> + $nonce = OAuthRequest::generate_nonce();
>>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>>> + $timestamp = time();
>>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * Strip out any owner or viewer id passed by the client.
>>>>> + */
>>>>> + private function sanitize($params)
>>>>> + {
>>>>> + $list = array();
>>>>> + foreach ($params as $key => $p) {
>>>>> + if ($this->allowParam($key)) {
>>>>> + $list[$key] = $p;
>>>>> + }
>>>>> + }
>>>>> + return $list;
>>>>> + }
>>>>> +
>>>>> + private function allowParam($paramName)
>>>>> + {
>>>>> + $canonParamName = strtolower($paramName);
>>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>>> + }
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,86 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations
>>>>> + * under the License.
>>>>> + */
>>>>> +
>>>>> +/**
>>>>> + * Produces Signing content fetchers for input tokens.
>>>>> + */
>>>>> +class SigningFetcherFactory {
>>>>> + private $keyName;
>>>>> + private $privateKey;
>>>>> +
>>>>> + /**
>>>>> + * Produces a signing fetcher that will sign requests and
>>>>> delegate
>>>>> actual
>>>>> + * network retrieval to the {@code networkFetcher}
>>>>> + *
>>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>>> work.
>>>>> + * @param token The gadget token used for extracting signing
>>>>> parameters.
>>>>> + * @return The signing fetcher.
>>>>> + * @throws GadgetException
>>>>> + */
>>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>>> + {
>>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>>> $token, $this->keyName, $this->privateKey);
>>>>> + }
>>>>> +
>>>>> + /**
>>>>> + * @param keyFile The file containing your private key for
>>>>> signing
>>>>> requests.
>>>>> + */
>>>>> + public function __construct($keyFile = null)
>>>>> + {
>>>>> + $this->keyName = 'http://'.
>>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>>> + if (! empty($keyFile)) {
>>>>> + $privateKey = null;
>>>>> + try {
>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>> convert it
>>>>> + $cache = Config::get('data_cache');
>>>>> + $cache = new $cache();
>>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" .
>>>>> $this-
>>>>>> keyName)) !== false) {
>>>>> + $rsa_private_key = $cachedKey;
>>>>> + } else {
>>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>>> + throw new Exception("Could not read keyfile ($keyFile), check
>>>>> the
>>>>> file name and permission");
>>>>> + }
>>>>> + // TODO: sending NULL as a second param to
>>>>> openssl_pkey_get_private works?
>>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>>> (Config::get('private_key_phrase')) : null;
>>>>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>>>>> $phrase)) == false) {
>>>>> + //TODO: double check if can input keyfile -inform PEM
>>>>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>>> + throw new Exception("Could not create temporary file");
>>>>> + }
>>>>> + if (! @file_put_contents($in,
>>>>> base64_decode($rsa_private_key))) {
>>>>> + throw new Exception("Could not write to temporary file");
>>>>> + }
>>>>> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>>> + throw new Exception("Could not create temporary file");
>>>>> + }
>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>>>> nocrypt -in " . $in);
>>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>>> + throw new Exception("Could not read temporary file");
>>>>> + }
>>>>> + }
>>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>>> $rsa_private_key);
>>>>> + }
>>>>> + } catch (Exception $e) {
>>>>> + throw new Exception("Error loading private key: " . $e);
>>>>> + }
>>>>> + $this->privateKey = $rsa_private_key;
>>>>> + }
>>>>> + }
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,112 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations
>>>>> + * under the License.
>>>>> + */
>>>>> +
>>>>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>>>>> +
>>>>> + /** default location for consumer keys and secrets */
>>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>>> + private $KEY_TYPE_KEY = "key_type";
>>>>> +
>>>>> + public function __construct($store)
>>>>> + {
>>>>> + parent::__construct($store);
>>>>> + }
>>>>> +
>>>>> + public function initFromConfigFile($fetcher)
>>>>> + {
>>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>>> + // This actually involves fetching gadget specs
>>>>> + try {
>>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>>> +
>>>>> + // remove all comments because this confuses the json parser
>>>>> + // note: the json parser also crashes on trailing ,'s in records
>>>>> so please don't use them
>>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>>> $oauthConfigStr);
>>>>> + $oauthConfig = json_decode($contents, true);
>>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>>> + }
>>>>> + } catch (Exception $e) {
>>>>> + throw new GadgetException($e);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>>> + {
>>>>> + $cache = Config::get('data_cache');
>>>>> + $cache = new $cache();
>>>>> +
>>>>> + // determine which requests we can load from cache, and which we
>>>>> have to actually fetch
>>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>>>>> + $gadget = $cachedRequest;
>>>>> + } else {
>>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>>> + $spec = new GadgetSpecParser();
>>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>>> $context);
>>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>>> + }
>>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>>> + }
>>>>> +
>>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>>> + {
>>>>> + foreach ($oauthConfig as $key => $value) {
>>>>> + $serviceName = $key;
>>>>> + $consumerInfo = $value;
>>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>>> $consumerInfo);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>>> $consumerInfo)
>>>>> + {
>>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>>> +
>>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>>> + $keyType = 'RSA_PRIVATE';
>>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>>> convert it
>>>>> + $cache = Config::get('data_cache');
>>>>> + $cache = new $cache();
>>>>> +
>>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>>> $serviceName))) !== false) {
>>>>> + $consumerSecret = $cachedRequest;
>>>>> + } else {
>>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>>> CONSUMER_SECRET_KEY]));
>>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>>>> nocrypt -in " . $in);
>>>>> + $consumerSecret = file_get_contents($out);
>>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>>>>> $keyType);
>>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
>>>>> $kas);
>>>>> + }
>>>>> +
>>>>> +}
>>>>>
>>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicOAuthStore.php
>>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> =
>>>>> ==================================================================
>>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicOAuthStore.php (added)
>>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>>> @@ -0,0 +1,149 @@
>>>>> +<?php
>>>>> +/*
>>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>>> + * or more contributor license agreements. See the NOTICE file
>>>>> + * distributed with this work for additional information
>>>>> + * regarding copyright ownership. The ASF licenses this file
>>>>> + * to you under the Apache License, Version 2.0 (the
>>>>> + * "License"); you may not use this file except in compliance
>>>>> + * with the License. You may obtain a copy of the License at
>>>>> + *
>>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>>> + *
>>>>> + * Unless required by applicable law or agreed to in writing,
>>>>> + * software distributed under the License is distributed on an
>>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>>> + * KIND, either express or implied. See the License for the
>>>>> + * specific language governing permissions and limitations under
>>>>> the License.
>>>>> + */
>>>>> +
>>>>> +class OAuthNoDataException extends Exception {}
>>>>> +
>>>>> +class BasicOAuthStore implements OAuthStore {
>>>>> +
>>>>> + private $providers = array();
>>>>> + private $tokens = array();
>>>>> +
>>>>> + private $defaultConsumerKey;
>>>>> + private $defaultConsumerSecret;
>>>>> +
>>>>> + public function __construct($consumerKey = null, $privateKey =
>>>>> null)
>>>>> + {
>>>>> + $this->defaultConsumerKey = $consumerKey;
>>>>> + $this->defaultConsumerSecret = $privateKey;
>>>>> + }
>>>>> +
>>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>>> + {
>>>>> + $this->providers = $providers;
>>>>> + $this->tokens = $tokens;
>>>>> + }
>>>>> +
>>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>>> + {
>>>>> + $provKey = new ProviderKey();
>>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>>> + //AccesorInfo
>>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>>> + //TokenInfo
>>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>>> + if ($accessToken != null) {
>>>>> + // maybe convert into methods
>>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>>> getAccessToken();
>>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>>> getTokenSecret();
>>>>> + }
>>>>> + return $result;
>>>>> + }
>>>>> +
>>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>>> $providerKey)
>>>>> + {
>>>>> + //ProviderInfo
>>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>>> +
>>>>> + if ($provInfo == null) {
>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>> store");
>>>>> + }
>>>>> + //AccesorInfo
>>>>> + $result = new AccesorInfo();
>>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>>> +
>>>>> + //ConsumerKeyAndSecret
>>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>>> +
>>>>> + if ($consumerKeyAndSecret == null) {
>>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>>> defaultConsumerSecret == null) {
>>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in
>>>>> oauth store");
>>>>> + } else {
>>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>>> defaultConsumerKey, $this->defaultConsumerSecret,
>>>>>> OAuthStoreVars::
>>>>> $KeyType['RSA_PRIVATE']);
>>>>> + }
>>>>> + }
>>>>> +
>>>>> + //OAuthServiceProvider
>>>>> + $oauthProvider = $provInfo->getProvider();
>>>>> +
>>>>> + if (! isset($oauthProvider)) {
>>>>> + throw new OAuthNoDataException("OAuthService provider was null
>>>>> in
>>>>> oauth store");
>>>>> + }
>>>>> +
>>>>> + // Accesing the class
>>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>>> +
>>>>> + //OAuthConsumer
>>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>>> $oauthProvider);
>>>>> +
>>>>> + if ($usePublicKeyCrypto) {
>>>>> + $consumer-
>>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>> $SignatureType['RSA_SHA1']);
>>>>> + } else {
>>>>> + $result->setSignatureType(OAuthStoreVars::
>>>>> $SignatureType['HMAC_SHA1']);
>>>>> + }
>>>>> +
>>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>>> + return $result;
>>>>> + }
>>>>> +
>>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>>> + {
>>>>> + $provInfo = $this->providers->get($providerKey);
>>>>> +
>>>>> + if ($provInfo == null) {
>>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>>> store");
>>>>> + }
>>>>> +
>>>>> + return $provInfo;
>>>>> + }
>>>>> +
>>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>>> $keyAndSecret)
>>>>> + {
>>>>> + //ProviderInfo
>>>>> + $value = $this->getProviderInfo($providerKey);
>>>>> + if ($value == null) {
>>>>> + throw new OAuthNoDataException("could not find provider data for
>>>>> token");
>>>>> + }
>>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>>> + }
>>>>> +
>>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>>> $providerInfo)
>>>>> + {
>>>>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>>>>> + }
>>>>> +
>>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>>> + {
>>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>>> + }
>>>>> +
>>>>> + private function getProviderInfo($providerKey)
>>>>> + {
>>>>> + $key = md5(serialize($providerKey));
>>>>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>>>>> null;
>>>>> + }
>>>>> +
>>>>> + private function getTokenInfo($tokenKey)
>>>>> + {
>>>>> + $key = md5(serialize($tokenKey));
>>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>>>>> + }
>>>>> +}
>>>>> \ No newline at end of file
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> This message has been scanned for viruses and
>>>>> dangerous content by MailScanner, and is
>>>>> believed to be clean.
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>>>
>>>
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Could you by any chance be more specific?
Things like:
Where are you trying this
what are you trying (what gadget/feature/etc)
what is the result (error messages or anything?)
Would help a lot ! :)
I have a couple of gadgets (horoscope, set title test module,
opensocial 0.7 tests, social hello world) on my profile on
partuza.chabotc.com and their working fine for me..
-- Chris
On May 22, 2008, at 10:29 AM, Lini H - Clarion, India wrote:
> Hi chris,
>
> Sorry, but its still not working..
>
> Regards
> Lini Haridas
> Software Engineer
>
> lini.haridas@clariontechnologies.co.in
> Clarion Technologies
> SEI CMMI Level 3 Company
>
> 4th Floor, Great Eastern Plaza,
> Airport Road,
> Pune- 411 006,
> Maharashtra, India.
> Phone: +91 20 66020289
> Mobile: +91 9823435917
> www.clariontechnologies.co.in
> ----- Original Message -----
> From: "Chris Chabot" <ch...@xs4all.nl>
> To: <sh...@incubator.apache.org>
> Sent: Thursday, May 22, 2008 1:32 PM
> Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>
>
>> Should be working again
>>
>> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>>
>>> Hi Chris,
>>>
>>> The shindig is not working after the new code changes. I also
>>> checked on http://shindig.chabotc.com and none of the samples
>>> neither the gadget is working. Is any work still missing on this?
>>>
>>> Regards
>>>
>>> Lini Haridas
>>> Software Engineer
>>>
>>> lini.haridas@clariontechnologies.co.in
>>> Clarion Technologies
>>> SEI CMMI Level 3 Company
>>>
>>> 4th Floor, Great Eastern Plaza,
>>> Airport Road,
>>> Pune- 411 006,
>>> Maharashtra, India.
>>> Phone: +91 20 66020289
>>> Mobile: +91 9823435917
>>> www.clariontechnologies.co.in
>>>
>>> ----- Original Message -----
>>> From: <ch...@apache.org>
>>> To: <sh...@incubator.apache.org>
>>> Sent: Wednesday, May 21, 2008 10:28 PM
>>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>>
>>>
>>>> Author: chabotc
>>>> Date: Wed May 21 09:58:52 2008
>>>> New Revision: 658758
>>>>
>>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>>> Log:
>>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>>> great work on this. This patch implements OAuth and signed request
>>>> support
>>>>
>>>> Added:
>>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>> SigningFetcherFactory.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicGadgetOAuthTokenStore.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> GadgetOAuthTokenStore.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> OAuthFetcherFactory.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> OAuthRequestParams.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> OAuthServiceProvider.php
>>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>>> Modified:
>>>> incubator/shindig/trunk/php/config.php
>>>> incubator/shindig/trunk/php/index.php
>>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/
>>>> GadgetRenderingServlet.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>>> BasicBlobCrypter.php
>>>> incubator/shindig/trunk/php/src/socialdata/http/
>>>> GadgetDataServlet.php
>>>>
>>>> Modified: incubator/shindig/trunk/php/config.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/config.php (original)
>>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
>>>> @@ -1,4 +1,4 @@
>>>> -<?
>>>> +<?php
>>>> /*
>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>> * or more contributor license agreements. See the NOTICE file
>>>> @@ -45,7 +45,7 @@
>>>> // Configurable CSS rules that are injected to the gadget page,
>>>> // be careful when adjusting these not to break most gadget's
>>>> layouts :)
>>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;}
>>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>>> color:white;}',
>>>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>>>
>>>> // The html / javascript samples use a plain text demo token,
>>>> // set this to false on anything resembling a real site
>>>> @@ -96,6 +96,13 @@
>>>> // global cache age policy and location
>>>> 'cache_time' => 24 * 60 * 60,
>>>> 'cache_root' => '/tmp/shindig',
>>>> +
>>>> + // OAuth private key Path
>>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>> private.key',
>>>> + // file path to public RSA cert
>>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>>> public.crt',
>>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>>> + 'private_key_phrase' => 'partuza',
>>>>
>>>> // In some cases we need to know the site root (for features
>>>> forinstance)
>>>> 'base_path' => realpath(dirname(__FILE__))
>>>>
>>>> Modified: incubator/shindig/trunk/php/index.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/index.php (original)
>>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
>>>> @@ -1,4 +1,4 @@
>>>> -<?
>>>> +<?php
>>>> /*
>>>> * Licensed to the Apache Software Foundation (ASF) under one
>>>> * or more contributor license agreements. See the NOTICE file
>>>> @@ -48,7 +48,7 @@
>>>> // To load these, we scan our entire directory structure
>>>> function __autoload($className)
>>>> {
>>>> - $locations = array('src/common', 'src/common/samplecontainer',
>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>> samplecontainer');
>>>> + $locations = array('src/common', 'src/common/samplecontainer',
>>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>>> samplecontainer', 'src/gadgets/oauth');
>>>> // Check for the presense of this class in our all our directories.
>>>> $fileName = $className.'.php';
>>>> foreach ($locations as $path) {
>>>> @@ -65,7 +65,8 @@
>>>> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
>>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>>> 'GadgetRenderingServlet',
>>>> Config::get('web_prefix') . '/gadgets/metadata' =>
>>>> 'JsonRpcServlet',
>>>> - Config::get('web_prefix') . '/social/data' =>
>>>> 'GadgetDataServlet'
>>>> + Config::get('web_prefix') . '/social/data' =>
>>>> 'GadgetDataServlet',
>>>> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
>>>> );
>>>>
>>>> // Try to match the request url to our servlet mapping
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>>> 09:58:52 2008
>>>> @@ -1,4 +1,5 @@
>>>> <?php
>>>> +
>>>> /**
>>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>>> *
>>>> @@ -48,243 +49,248 @@
>>>> class JsMinException extends Exception {}
>>>>
>>>> class JsMin {
>>>> - const ORD_LF = 10;
>>>> - const ORD_SPACE = 32;
>>>> -
>>>> - protected $a = '';
>>>> - protected $b = '';
>>>> - protected $input = '';
>>>> - protected $inputIndex = 0;
>>>> - protected $inputLength = 0;
>>>> - protected $lookAhead = null;
>>>> - protected $output = '';
>>>> -
>>>> - // -- Public Static Methods
>>>> --------------------------------------------------
>>>> -
>>>> - public static function minify($js) {
>>>> - $jsmin = new JsMin($js);
>>>> - return $jsmin->min();
>>>> - }
>>>> -
>>>> - // -- Public Instance Methods
>>>> ------------------------------------------------
>>>> -
>>>> - public function __construct($input) {
>>>> - $this->input = str_replace("\r\n", "\n", $input);
>>>> - $this->inputLength = strlen($this->input);
>>>> - }
>>>> -
>>>> - // -- Protected Instance Methods
>>>> ---------------------------------------------
>>>> -
>>>> - protected function action($d) {
>>>> - switch($d) {
>>>> - case 1:
>>>> - $this->output .= $this->a;
>>>> -
>>>> - case 2:
>>>> - $this->a = $this->b;
>>>> -
>>>> - if ($this->a === "'" || $this->a === '"') {
>>>> - for (;;) {
>>>> - $this->output .= $this->a;
>>>> - $this->a = $this->get();
>>>> -
>>>> - if ($this->a === $this->b) {
>>>> - break;
>>>> - }
>>>> -
>>>> - if (ord($this->a) <= self::ORD_LF) {
>>>> - throw new JsMinException('Unterminated string
>>>> literal.');
>>>> - }
>>>> -
>>>> - if ($this->a === '\\') {
>>>> - $this->output .= $this->a;
>>>> - $this->a = $this->get();
>>>> - }
>>>> - }
>>>> - }
>>>> -
>>>> - case 3:
>>>> - $this->b = $this->next();
>>>> -
>>>> - if ($this->b === '/' && (
>>>> - $this->a === '(' || $this->a === ',' || $this->a ===
>>>> '=' ||
>>>> - $this->a === ':' || $this->a === '[' || $this->a ===
>>>> '!' ||
>>>> - $this->a === '&' || $this->a === '|' || $this->a ===
>>>> '?')) {
>>>> -
>>>> - $this->output .= $this->a . $this->b;
>>>> -
>>>> - for (;;) {
>>>> - $this->a = $this->get();
>>>> -
>>>> - if ($this->a === '/') {
>>>> - break;
>>>> - } elseif ($this->a === '\\') {
>>>> - $this->output .= $this->a;
>>>> - $this->a = $this->get();
>>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>>> - throw new JsMinException('Unterminated regular
>>>> expression '.
>>>> - 'literal.');
>>>> - }
>>>> -
>>>> - $this->output .= $this->a;
>>>> - }
>>>> -
>>>> - $this->b = $this->next();
>>>> - }
>>>> - }
>>>> - }
>>>> -
>>>> - protected function get() {
>>>> - $c = $this->lookAhead;
>>>> - $this->lookAhead = null;
>>>> -
>>>> - if ($c === null) {
>>>> - if ($this->inputIndex < $this->inputLength) {
>>>> - $c = $this->input[$this->inputIndex];
>>>> - $this->inputIndex += 1;
>>>> - } else {
>>>> - $c = null;
>>>> - }
>>>> - }
>>>> -
>>>> - if ($c === "\r") {
>>>> - return "\n";
>>>> - }
>>>> -
>>>> - if ($c === null || $c === "\n" || ord($c) >=
>>>> self::ORD_SPACE) {
>>>> - return $c;
>>>> - }
>>>> -
>>>> - return ' ';
>>>> - }
>>>> -
>>>> - protected function isAlphaNum($c) {
>>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>>> $/', $c) === 1;
>>>> - }
>>>> -
>>>> - protected function min() {
>>>> - $this->a = "\n";
>>>> - $this->action(3);
>>>> -
>>>> - while ($this->a !== null) {
>>>> - switch ($this->a) {
>>>> - case ' ':
>>>> - if ($this->isAlphaNum($this->b)) {
>>>> - $this->action(1);
>>>> - } else {
>>>> - $this->action(2);
>>>> - }
>>>> - break;
>>>> -
>>>> - case "\n":
>>>> - switch ($this->b) {
>>>> - case '{':
>>>> - case '[':
>>>> - case '(':
>>>> - case '+':
>>>> - case '-':
>>>> - $this->action(1);
>>>> - break;
>>>> -
>>>> - case ' ':
>>>> - $this->action(3);
>>>> - break;
>>>> -
>>>> - default:
>>>> - if ($this->isAlphaNum($this->b)) {
>>>> - $this->action(1);
>>>> - }
>>>> - else {
>>>> - $this->action(2);
>>>> - }
>>>> - }
>>>> - break;
>>>> -
>>>> - default:
>>>> - switch ($this->b) {
>>>> - case ' ':
>>>> - if ($this->isAlphaNum($this->a)) {
>>>> - $this->action(1);
>>>> - break;
>>>> - }
>>>> -
>>>> - $this->action(3);
>>>> - break;
>>>> -
>>>> - case "\n":
>>>> - switch ($this->a) {
>>>> - case '}':
>>>> - case ']':
>>>> - case ')':
>>>> - case '+':
>>>> - case '-':
>>>> - case '"':
>>>> - case "'":
>>>> - $this->action(1);
>>>> - break;
>>>> -
>>>> - default:
>>>> - if ($this->isAlphaNum($this->a)) {
>>>> - $this->action(1);
>>>> - }
>>>> - else {
>>>> - $this->action(3);
>>>> - }
>>>> - }
>>>> - break;
>>>> -
>>>> - default:
>>>> - $this->action(1);
>>>> - break;
>>>> - }
>>>> - }
>>>> - }
>>>> -
>>>> - return $this->output;
>>>> - }
>>>> -
>>>> - protected function next() {
>>>> - $c = $this->get();
>>>> -
>>>> - if ($c === '/') {
>>>> - switch($this->peek()) {
>>>> - case '/':
>>>> - for (;;) {
>>>> - $c = $this->get();
>>>> -
>>>> - if (ord($c) <= self::ORD_LF) {
>>>> - return $c;
>>>> - }
>>>> - }
>>>> -
>>>> - case '*':
>>>> - $this->get();
>>>> -
>>>> - for (;;) {
>>>> - switch($this->get()) {
>>>> - case '*':
>>>> - if ($this->peek() === '/') {
>>>> - $this->get();
>>>> - return ' ';
>>>> - }
>>>> - break;
>>>> -
>>>> - case null:
>>>> - throw new JsMinException('Unterminated comment.');
>>>> - }
>>>> - }
>>>> -
>>>> - default:
>>>> - return $c;
>>>> - }
>>>> - }
>>>> -
>>>> - return $c;
>>>> - }
>>>> -
>>>> - protected function peek() {
>>>> - $this->lookAhead = $this->get();
>>>> - return $this->lookAhead;
>>>> - }
>>>> + const ORD_LF = 10;
>>>> + const ORD_SPACE = 32;
>>>> +
>>>> + protected $a = '';
>>>> + protected $b = '';
>>>> + protected $input = '';
>>>> + protected $inputIndex = 0;
>>>> + protected $inputLength = 0;
>>>> + protected $lookAhead = null;
>>>> + protected $output = '';
>>>> +
>>>> + // -- Public Static Methods
>>>> --------------------------------------------------
>>>> +
>>>> +
>>>> + public static function minify($js)
>>>> + {
>>>> + $jsmin = new JsMin($js);
>>>> + return $jsmin->min();
>>>> + }
>>>> +
>>>> + // -- Public Instance Methods
>>>> ------------------------------------------------
>>>> +
>>>> +
>>>> + public function __construct($input)
>>>> + {
>>>> + $this->input = str_replace("\r\n", "\n", $input);
>>>> + $this->inputLength = strlen($this->input);
>>>> + }
>>>> +
>>>> + // -- Protected Instance Methods
>>>> ---------------------------------------------
>>>> +
>>>> +
>>>> + protected function action($d)
>>>> + {
>>>> + switch ($d) {
>>>> + case 1:
>>>> + $this->output .= $this->a;
>>>> +
>>>> + case 2:
>>>> + $this->a = $this->b;
>>>> +
>>>> + if ($this->a === "'" || $this->a === '"') {
>>>> + for (; ; ) {
>>>> + $this->output .= $this->a;
>>>> + $this->a = $this->get();
>>>> +
>>>> + if ($this->a === $this->b) {
>>>> + break;
>>>> + }
>>>> +
>>>> + if (ord($this->a) <= self::ORD_LF) {
>>>> + throw new JsMinException('Unterminated string literal.');
>>>> + }
>>>> +
>>>> + if ($this->a === '\\') {
>>>> + $this->output .= $this->a;
>>>> + $this->a = $this->get();
>>>> + }
>>>> + }
>>>> + }
>>>> +
>>>> + case 3:
>>>> + $this->b = $this->next();
>>>> +
>>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' ||
>>>> $this->a === '=' || $this->a === ':' || $this->a === '[' || $this-
>>>>> a === '!' || $this->a === '&' || $this->a === '|' || $this->a ===
>>>> '?')) {
>>>> +
>>>> + $this->output .= $this->a . $this->b;
>>>> +
>>>> + for (; ; ) {
>>>> + $this->a = $this->get();
>>>> +
>>>> + if ($this->a === '/') {
>>>> + break;
>>>> + } elseif ($this->a === '\\') {
>>>> + $this->output .= $this->a;
>>>> + $this->a = $this->get();
>>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>>> + throw new JsMinException('Unterminated regular expression ' .
>>>> 'literal.');
>>>> + }
>>>> +
>>>> + $this->output .= $this->a;
>>>> + }
>>>> +
>>>> + $this->b = $this->next();
>>>> + }
>>>> + }
>>>> + }
>>>> +
>>>> + protected function get()
>>>> + {
>>>> + $c = $this->lookAhead;
>>>> + $this->lookAhead = null;
>>>> +
>>>> + if ($c === null) {
>>>> + if ($this->inputIndex < $this->inputLength) {
>>>> + $c = $this->input[$this->inputIndex];
>>>> + $this->inputIndex += 1;
>>>> + } else {
>>>> + $c = null;
>>>> + }
>>>> + }
>>>> +
>>>> + if ($c === "\r") {
>>>> + return "\n";
>>>> + }
>>>> +
>>>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>>> + return $c;
>>>> + }
>>>> +
>>>> + return ' ';
>>>> + }
>>>> +
>>>> + protected function isAlphaNum($c)
>>>> + {
>>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>>>> $c) === 1;
>>>> + }
>>>> +
>>>> + protected function min()
>>>> + {
>>>> + $this->a = "\n";
>>>> + $this->action(3);
>>>> +
>>>> + while ($this->a !== null) {
>>>> + switch ($this->a) {
>>>> + case ' ':
>>>> + if ($this->isAlphaNum($this->b)) {
>>>> + $this->action(1);
>>>> + } else {
>>>> + $this->action(2);
>>>> + }
>>>> + break;
>>>> +
>>>> + case "\n":
>>>> + switch ($this->b) {
>>>> + case '{':
>>>> + case '[':
>>>> + case '(':
>>>> + case '+':
>>>> + case '-':
>>>> + $this->action(1);
>>>> + break;
>>>> +
>>>> + case ' ':
>>>> + $this->action(3);
>>>> + break;
>>>> +
>>>> + default:
>>>> + if ($this->isAlphaNum($this->b)) {
>>>> + $this->action(1);
>>>> + } else {
>>>> + $this->action(2);
>>>> + }
>>>> + }
>>>> + break;
>>>> +
>>>> + default:
>>>> + switch ($this->b) {
>>>> + case ' ':
>>>> + if ($this->isAlphaNum($this->a)) {
>>>> + $this->action(1);
>>>> + break;
>>>> + }
>>>> +
>>>> + $this->action(3);
>>>> + break;
>>>> +
>>>> + case "\n":
>>>> + switch ($this->a) {
>>>> + case '}':
>>>> + case ']':
>>>> + case ')':
>>>> + case '+':
>>>> + case '-':
>>>> + case '"':
>>>> + case "'":
>>>> + $this->action(1);
>>>> + break;
>>>> +
>>>> + default:
>>>> + if ($this->isAlphaNum($this->a)) {
>>>> + $this->action(1);
>>>> + } else {
>>>> + $this->action(3);
>>>> + }
>>>> + }
>>>> + break;
>>>> +
>>>> + default:
>>>> + $this->action(1);
>>>> + break;
>>>> + }
>>>> + }
>>>> + }
>>>> +
>>>> + return $this->output;
>>>> + }
>>>> +
>>>> + protected function next()
>>>> + {
>>>> + $c = $this->get();
>>>> +
>>>> + if ($c === '/') {
>>>> + switch ($this->peek()) {
>>>> + case '/':
>>>> + for (; ; ) {
>>>> + $c = $this->get();
>>>> +
>>>> + if (ord($c) <= self::ORD_LF) {
>>>> + return $c;
>>>> + }
>>>> + }
>>>> +
>>>> + case '*':
>>>> + $this->get();
>>>> +
>>>> + for (; ; ) {
>>>> + switch ($this->get()) {
>>>> + case '*':
>>>> + if ($this->peek() === '/') {
>>>> + $this->get();
>>>> + return ' ';
>>>> + }
>>>> + break;
>>>> +
>>>> + case null:
>>>> + throw new JsMinException('Unterminated comment.');
>>>> + }
>>>> + }
>>>> +
>>>> + default:
>>>> + return $c;
>>>> + }
>>>> + }
>>>> +
>>>> + return $c;
>>>> + }
>>>> +
>>>> + protected function peek()
>>>> + {
>>>> + $this->lookAhead = $this->get();
>>>> + return $this->lookAhead;
>>>> + }
>>>> }
>>>>
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>> RemoteContentFetcher.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -19,6 +19,18 @@
>>>> */
>>>>
>>>> abstract class RemoteContentFetcher {
>>>> +
>>>> + protected $fetcher;
>>>> +
>>>> + protected function setNextFetcher($fetcher = null)
>>>> + {
>>>> + $this->fetcher = $fetcher;
>>>> + }
>>>>
>>>> abstract public function fetchRequest($request);
>>>> +
>>>> + public function getNextFetcher()
>>>> + {
>>>> + return $this->fetcher;
>>>> + }
>>>> }
>>>> \ No newline at end of file
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/common/
>>>> RemoteContentRequest.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -15,13 +15,14 @@
>>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> * KIND, either express or implied. See the License for the
>>>> * specific language governing permissions and limitations under the
>>>> License.
>>>> - *
>>>> + *
>>>> */
>>>>
>>>> class RemoteContentRequest {
>>>> // these are used for making the request
>>>> - private $url = '';
>>>> - private $headers = false;
>>>> + private $uri = '';
>>>> + private $method = '';
>>>> + private $headers = array();
>>>> private $postBody = false;
>>>> // these fields are filled in once the request has completed
>>>> private $responseContent = false;
>>>> @@ -29,20 +30,179 @@
>>>> private $responseHeaders = false;
>>>> private $httpCode = false;
>>>> private $contentType = null;
>>>> + private $options;
>>>> public $handle = false;
>>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>>>> urlencoded; charset=utf-8";
>>>> + public static $DEFAULT_OPTIONS = array();
>>>>
>>>> - public function __construct($url, $headers = false, $postBody =
>>>> false)
>>>> + public function __construct($uri, $headers = false, $postBody =
>>>> false)
>>>> {
>>>> - $this->url = $url;
>>>> + $this->uri = $uri;
>>>> $this->headers = $headers;
>>>> $this->postBody = $postBody;
>>>> }
>>>>
>>>> + public function createRemoteContentRequest($method, $uri,
>>>> $headers, $postBody, $options)
>>>> + {
>>>> + $this->method = $method;
>>>> + $this->uri = $uri;
>>>> + $this->options = $options;
>>>> + // Copy the headers
>>>> + if (! isset($headers)) {
>>>> + $this->headers = '';
>>>> + } else {
>>>> + $setPragmaHeader = false;
>>>> + $tmpHeaders = '';
>>>> + foreach ($headers as $key => $value) {
>>>> + // Proxies should be bypassed with the Pragma: no-cache check.
>>>> + //TODO double check array is good for options
>>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>>> + $value = "no-cache";
>>>> + $setPragmaHeader = true;
>>>> + }
>>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>>> + }
>>>> + // Bypass caching in proxies as well.
>>>> + //TODO double check array is good for options
>>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>>> + }
>>>> + $this->headers = $tmpHeaders;
>>>> + }
>>>> + if (! isset($postBody)) {
>>>> + $this->postBody = '';
>>>> + } else {
>>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>>> + }
>>>> + $type = $this->getHeader("Content-Type");
>>>> + if (! isset($type)) {
>>>> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
>>>> + } else {
>>>> + $this->contentType = $type;
>>>> + }
>>>> + }
>>>> +
>>>> + /**
>>>> + * Creates a new request to a different URL using all request data
>>>> from
>>>> + * an existing request.
>>>> + *
>>>> + * @param uri
>>>> + * @param base The base request to copy data from.
>>>> + */
>>>> + public static function
>>>> createRemoteContentRequestWithUriBase($uri, $base)
>>>> + {
>>>> + $this->uri = $uri;
>>>> + $this->method = $base->method;
>>>> + $this->options = $base->options;
>>>> + $this->headers = $base->headers;
>>>> + $this->contentType = $base->contentType;
>>>> + $this->postBody = $base->postBody;
>>>> + }
>>>> +
>>>> + /**
>>>> + * Basic GET request.
>>>> + *
>>>> + * @param uri
>>>> + */
>>>> + public function createRemoteContentRequestWithUri($uri)
>>>> + {
>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>> + }
>>>> +
>>>> + /**
>>>> + * GET with options
>>>> + *
>>>> + * @param uri
>>>> + * @param options
>>>> + */
>>>> + public function createRemoteContentRequestWithUriOptions($uri,
>>>> $options)
>>>> + {
>>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>>> $options);
>>>> + }
>>>> +
>>>> + /**
>>>> + * GET request with custom headers and default options
>>>> + * @param uri
>>>> + * @param headers
>>>> + */
>>>> + public function RemoteContentRequestWithUriHeaders($uri,
>>>> $headers)
>>>> + {
>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>> + }
>>>> +
>>>> + /**
>>>> + * GET request with custom headers + options
>>>> + * @param uri
>>>> + * @param headers
>>>> + * @param options
>>>> + */
>>>> + public function
>>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>>> $options)
>>>> + {
>>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>>> $options);
>>>> + }
>>>> +
>>>> + /**
>>>> + * Basic POST request
>>>> + * @param uri
>>>> + * @param postBody
>>>> + */
>>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>>> $postBody)
>>>> + {
>>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>>> + }
>>>> +
>>>> + /**
>>>> + * POST request with options
>>>> + * @param uri
>>>> + * @param postBody
>>>> + * @param options
>>>> + */
>>>> + public function
>>>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>>>> $options)
>>>> + {
>>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>>> $options);
>>>> + }
>>>> +
>>>> + /**
>>>> + * POST request with headers
>>>> + * @param uri
>>>> + * @param headers
>>>> + * @param postBody
>>>> + */
>>>> + public function
>>>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>>>> $postBody)
>>>> + {
>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>>> + }
>>>> +
>>>> + /**
>>>> + * POST request with options + headers
>>>> + * @param uri
>>>> + * @param headers
>>>> + * @param postBody
>>>> + * @param options
>>>> + */
>>>> + public function
>>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>>> $headers, $postBody, $options)
>>>> + {
>>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>>> $postBody, $options);
>>>> + }
>>>> +
>>>> + /**
>>>> + * Creates a simple GET request
>>>> + *
>>>> + * @param uri
>>>> + * @param ignoreCache
>>>> + */
>>>> + public function getRequest($uri, $ignoreCache)
>>>> + {
>>>> + $options = new Options();
>>>> + $options->ignoreCache = $ignoreCache;
>>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>>> $options);
>>>> + }
>>>> +
>>>> // returns a hash code which identifies this request, used for
>>>> caching
>>>> - // takes url and postbody into account for constructing the md5
>>>> checksum
>>>> + // takes url and postbody into account for constructing the sha1
>>>> checksum
>>>> public function toHash()
>>>> {
>>>> - return md5($this->url . $this->postBody);
>>>> + return md5($this->uri . $this->postBody);
>>>> }
>>>>
>>>> public function getContentType()
>>>> @@ -92,7 +252,17 @@
>>>>
>>>> public function getUrl()
>>>> {
>>>> - return $this->url;
>>>> + return $this->uri;
>>>> + }
>>>> +
>>>> + public function getMethod()
>>>> + {
>>>> + return $this->method;
>>>> + }
>>>> +
>>>> + public function getOptions()
>>>> + {
>>>> + return $this->options;
>>>> }
>>>>
>>>> public function setContentType($type)
>>>> @@ -125,14 +295,37 @@
>>>> $this->headers = $headers;
>>>> }
>>>>
>>>> + //FIXME: Find a better way to do this
>>>> + // The headers can be an array of elements.
>>>> + public function getHeader($headerName)
>>>> + {
>>>> + $headers = explode("\n", $this->headers);
>>>> + foreach ($headers as $header) {
>>>> + $key = explode(":", $header);
>>>> + if ($key[0] == $headerName)
>>>> + return $key[1];
>>>> + }
>>>> + return null;
>>>> + }
>>>> +
>>>> public function setPostBody($postBody)
>>>> {
>>>> $this->postBody = $postBody;
>>>> }
>>>>
>>>> - public function setUrl($url)
>>>> + public function setUri($uri)
>>>> {
>>>> - $this->url = $url;
>>>> + $this->uri = $uri;
>>>> }
>>>>
>>>> -}
>>>> \ No newline at end of file
>>>> +}
>>>> +
>>>> +/**
>>>> + * Bag of options for making a request.
>>>> + *
>>>> + * This object is mutable to keep us sane. Don't mess with it once
>>>> you've
>>>> + * sent it to RemoteContentRequest or bad things might happen.
>>>> + */
>>>> +class Options {
>>>> + public $ignoreCache = false;
>>>> +}
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May
>>>> 21 09:58:52 2008
>>>> @@ -80,7 +80,7 @@
>>>> self::loadFile($file, $dirs, true);
>>>> } else {
>>>> self::_securityCheck($file);
>>>> - include_once $file;
>>>> + include_once 'src/common/'.$file;
>>>> }
>>>>
>>>> if (!class_exists($class, false) && !
>>>> interface_exists($class, false)) {
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>>>> May 21 09:58:52 2008
>>>> @@ -26,21 +26,21 @@
>>>> * Server wide variables are stored in config.php
>>>> */
>>>> class GadgetContext {
>>>> - private $httpFetcher = null;
>>>> - private $locale = null;
>>>> - private $renderingContext = null;
>>>> - private $registry = null;
>>>> - private $userPrefs = null;
>>>> - private $gadgetId = null;
>>>> - private $view = null;
>>>> - private $moduleId = null;
>>>> - private $url = null;
>>>> - private $cache = null;
>>>> - private $blacklist = null;
>>>> - private $ignoreCache = null;
>>>> - private $forcedJsLibs = null;
>>>> - private $containerConfig = null;
>>>> - private $container = null;
>>>> + protected $httpFetcher = null;
>>>> + protected $locale = null;
>>>> + protected $renderingContext = null;
>>>> + protected $registry = null;
>>>> + protected $userPrefs = null;
>>>> + protected $gadgetId = null;
>>>> + protected $view = null;
>>>> + protected $moduleId = null;
>>>> + protected $url = null;
>>>> + protected $cache = null;
>>>> + protected $blacklist = null;
>>>> + protected $ignoreCache = null;
>>>> + protected $forcedJsLibs = null;
>>>> + protected $containerConfig = null;
>>>> + protected $container = null;
>>>>
>>>> public function __construct($renderingContext)
>>>> {
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>> GadgetSpecParser.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -36,7 +36,7 @@
>>>> }
>>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>>> // process ModulePref attributes
>>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
>>>> // process UserPrefs, if any
>>>> foreach ($doc->UserPref as $pref) {
>>>> $this->processUserPref($gadget, $pref);
>>>> @@ -54,7 +54,7 @@
>>>> return $gadget;
>>>> }
>>>>
>>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>>> $context)
>>>> {
>>>> $attributes = $ModulePrefs->attributes();
>>>> if (empty($attributes['title'])) {
>>>> @@ -90,11 +90,11 @@
>>>> $gadget->scaling = isset($attributes['scaling']) ?
>>>> trim($attributes['scaling']) : '';
>>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>>> trim($attributes['scrolling']) : '';
>>>> foreach ($ModulePrefs->Locale as $locale) {
>>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>>> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
>>>> }
>>>> }
>>>>
>>>> - private function processLocale($locale)
>>>> + private function processLocale($locale, $context)
>>>> {
>>>> $attributes = $locale->attributes();
>>>> $messageAttr = isset($attributes['messages']) ?
>>>> trim($attributes['messages']) : '';
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May
>>>> 21 09:58:52 2008
>>>> @@ -0,0 +1,70 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>> + * or more contributor license agreements. See the NOTICE file
>>>> + * distributed with this work for additional information
>>>> + * regarding copyright ownership. The ASF licenses this file
>>>> + * to you under the Apache License, Version 2.0 (the
>>>> + * "License"); you may not use this file except in compliance
>>>> + * with the License. You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> + * software distributed under the License is distributed on an
>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> + * KIND, either express or implied. See the License for the
>>>> + * specific language governing permissions and limitations under
>>>> the License.
>>>> + *
>>>> + */
>>>> +
>>>> +/**
>>>> + * An abstract representation of a signing token.
>>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>>> + */
>>>> +abstract class GadgetToken {
>>>> +
>>>> + //FIXME Hmm seems php is refusing to let me make abstract static
>>>> functions? odd
>>>> + static public function createFromToken($token, $maxage) {}
>>>> + static public function createFromValues($owner, $viewer, $app,
>>>> $domain, $appUrl, $moduleId) {}
>>>> +
>>>> +
>>>> + /**
>>>> + * Serializes the token into a string. This can be the exact
>>>> same as
>>>> + * toString; using a different name here is only to force
>>>> interface
>>>> + * compliance.
>>>> + *
>>>> + * @return A string representation of the token.
>>>> + */
>>>> + abstract public function toSerialForm();
>>>> +
>>>> + /**
>>>> + * @return the owner from the token, or null if there is none.
>>>> + */
>>>> + abstract public function getOwnerId();
>>>> +
>>>> + /**
>>>> + * @return the viewer from the token, or null if there is none.
>>>> + */
>>>> + abstract public function getViewerId();
>>>> +
>>>> + /**
>>>> + * @return the application id from the token, or null if there
>>>> is none.
>>>> + */
>>>> + abstract public function getAppId();
>>>> +
>>>> + /**
>>>> + * @return the domain from the token, or null if there is none.
>>>> + */
>>>> + abstract public function getDomain();
>>>> +
>>>> + /**
>>>> + * @return the URL of the application
>>>> + */
>>>> + abstract public function getAppUrl();
>>>> +
>>>> + /**
>>>> + * @return the module ID of the application
>>>> + */
>>>> + abstract public function getModuleId();
>>>> +}
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>> GadgetTokenDecoder.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>> (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,34 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>> + * or more contributor license agreements. See the NOTICE file
>>>> + * distributed with this work for additional information
>>>> + * regarding copyright ownership. The ASF licenses this file
>>>> + * to you under the Apache License, Version 2.0 (the
>>>> + * "License"); you may not use this file except in compliance
>>>> + * with the License. You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> + * software distributed under the License is distributed on an
>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> + * KIND, either express or implied. See the License for the
>>>> + * specific language governing permissions and limitations
>>>> + * under the License.
>>>> + */
>>>> +
>>>> +/**
>>>> + * Handles verification of gadget security tokens.
>>>> + */
>>>> +abstract class GadgetTokenDecoder {
>>>> +
>>>> + /**
>>>> + * Decrypts and verifies a gadget security token to return a
>>>> gadget token.
>>>> + *
>>>> + * @param tokenString String representation of the token to be
>>>> created.
>>>> + * @return The token representation of the input data.
>>>> + * @throws GadgetException If tokenString is not a valid token
>>>> + */
>>>> + abstract public function createToken($tokenString);
>>>> +}
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>>>> 21 09:58:52 2008
>>>> @@ -24,7 +24,7 @@
>>>> private $content;
>>>> private $featureName; // used to track what feature this belongs to
>>>> private $loaded = false;
>>>> -
>>>> +
>>>> public function __construct($type, $content, $featureName = '')
>>>> {
>>>> $this->featureName = $featureName;
>>>> @@ -39,11 +39,11 @@
>>>>
>>>> public function getContent()
>>>> {
>>>> - if (!$this->loaded && $this->type == 'FILE') {
>>>> + if (! $this->loaded && $this->type == 'FILE') {
>>>> if (Config::get('compress_javascript')) {
>>>> $dataCache = Config::get('data_cache');
>>>> $dataCache = new $dataCache();
>>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>>> $content = JsMin::minify(JsLibrary::loadData($this->content, $this-
>>>>> type));
>>>> $dataCache->set(md5($this->content), $content);
>>>> $this->content = $content;
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>>> JsonRpcGadgetContext.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/
>>>> JsonRpcGadgetContext.php (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>>> @@ -1,10 +1,6 @@
>>>> <?php
>>>>
>>>> class JsonRpcGadgetContext extends GadgetContext {
>>>> - private $locale = null;
>>>> - private $view = null;
>>>> - private $url = null;
>>>> - private $container = null;
>>>>
>>>> public function __construct($jsonContext, $url)
>>>> {
>>>> @@ -15,23 +11,8 @@
>>>> $this->container = $jsonContext->container;
>>>> }
>>>>
>>>> - public function getUrl()
>>>> - {
>>>> - return $this->url;
>>>> - }
>>>> -
>>>> public function getView()
>>>> {
>>>> return $this->view;
>>>> }
>>>> -
>>>> - public function getLocale()
>>>> - {
>>>> - return $this->locale;
>>>> - }
>>>> -
>>>> - public function getContainer()
>>>> - {
>>>> - return $this->container;
>>>> - }
>>>> }
>>>> \ No newline at end of file
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/
>>>> ProxyGadgetContext.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>> (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,10 @@
>>>> +<?php
>>>> +
>>>> +class ProxyGadgetContext extends GadgetContext {
>>>> +
>>>> + public function __construct($url)
>>>> + {
>>>> + parent::__construct('GADGET');
>>>> + $this->url = $url;
>>>> + }
>>>> +}
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>>>> May 21 09:58:52 2008
>>>> @@ -29,11 +29,15 @@
>>>> *
>>>> */
>>>> class ProxyHandler {
>>>> - private $context;
>>>> + private $context;
>>>> + private $signingFetcher;
>>>> + private $oauthFetcher;
>>>>
>>>> - public function __construct($context)
>>>> + public function __construct($context, $signingFetcher = null,
>>>> $oauthFetcher = null)
>>>> {
>>>> - $this->context = $context;
>>>> + $this->context = $context;
>>>> + $this->signingFetcher = $signingFetcher;
>>>> + $this->oauthFetcher = $oauthFetcher;
>>>> }
>>>>
>>>> /**
>>>> @@ -51,11 +55,21 @@
>>>> $token = '';
>>>> // no token given, safe to ignore
>>>> }
>>>> - $originalUrl = $this->validateUrl($url);
>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>> + $url = $this->validateUrl($url);
>>>> // Fetch the content and convert it into JSON.
>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>>> + if (!isset($result)) {
>>>> + //OAuthFetcher only
>>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>>> + $json = array($url => $metadata);
>>>> + $json = json_encode($json);
>>>> + $output = UNPARSEABLE_CRUFT . $json;
>>>> + $this->setCachingHeaders();
>>>> + header("Content-Type: application/json; charset=utf-8", true);
>>>> + echo $output;
>>>> + die();
>>>> + }
>>>> $status = (int)$result->getHttpCode();
>>>> //header("HTTP/1.1 $status", true);
>>>> if ($status == 200) {
>>>> @@ -174,10 +188,9 @@
>>>> $token = '';
>>>> // no token given, safe to ignore
>>>> }
>>>> - $originalUrl = $this->validateUrl($url);
>>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>>> + $url = $this->validateUrl($url);
>>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>>> - $result = $this->fetchContent($signedUrl, $method);
>>>> + $result = $this->fetchContent($url, $method);
>>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>>> $status = (int)$result->getHttpCode();
>>>> if ($status == 200) {
>>>> @@ -208,11 +221,11 @@
>>>> /**
>>>> * Both fetch and fetchJson call this function to retrieve the
>>>> actual content
>>>> *
>>>> - * @param string $signedUrl the signed url to fetch
>>>> + * @param string $url the url to fetch
>>>> * @param string $method either get or post
>>>> * @return the filled in request (RemoteContentRequest)
>>>> */
>>>> - private function fetchContent($signedUrl, $method)
>>>> + private function fetchContent($url, $method)
>>>> {
>>>> //TODO get actual character encoding from the request
>>>>
>>>> @@ -250,14 +263,41 @@
>>>> }
>>>> // even if postData is an empty string, it will still post (since
>>>> RemoteContentRquest checks if its false)
>>>> // so the request to POST is still honored
>>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>>> $postData);
>>>> + $request = new RemoteContentRequest($url, $headers, $postData);
>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>> $context);
>>>> } else {
>>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>>> + $request = new RemoteContentRequest($url, $headers);
>>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>>> $context);
>>>> }
>>>> return $request;
>>>> }
>>>> +
>>>> + private function fetchContentDivert($url, $method, $signer)
>>>> + {
>>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>>> + $token = $this->extractAndValidateToken($signer);
>>>> + switch (strtoupper($authz)) {
>>>> + case 'SIGNED':
>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>> BasicRemoteContentFetcher(), $token);
>>>> + return $fetcher->fetch($url, $method);
>>>> + case 'AUTHENTICATED':
>>>> + $params = new OAuthRequestParams();
>>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>>> BasicRemoteContentFetcher(), $token);
>>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>>>> getOAuthFetcher($fetcher, $token, $params);
>>>> + $request = new RemoteContentRequest($url);
>>>> + $request->createRemoteContentRequestWithUri($url);
>>>> + return $this->oauthFetcher->fetchRequest($request);
>>>> + case 'NONE':
>>>> + default:
>>>> + return $this->fetchContent($url, $method);
>>>> + }
>>>> + }
>>>> +
>>>> + public function setContentFetcher($contentFetcherFactory)
>>>> + {
>>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>>> + }
>>>>
>>>> /**
>>>> * Sets the caching headers (overwriting anything the remote host
>>>> set) to force
>>>> @@ -282,6 +322,7 @@
>>>> private function validateUrl($url)
>>>> {
>>>> //TODO should really make a PHP version of the URI class and
>>>> validate in all the locations the java version does
>>>> + // why not use Zend::Uri:
>>>> return $url;
>>>> }
>>>>
>>>> @@ -293,40 +334,17 @@
>>>> * @return string the token to use in the signed url
>>>> */
>>>> private function extractAndValidateToken($signer)
>>>> - {
>>>> - if ($signer == null) {
>>>> - return null;
>>>> - }
>>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>>> - if ($token) {
>>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>> - }
>>>> + {
>>>> + if ($signer == null) {
>>>> + return null;
>>>> + }
>>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>>> + if (!isset($token) || $token == '') {
>>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>>> + }
>>>> return $signer->createToken($token);
>>>> }
>>>> -
>>>> - /**
>>>> - * Signs a url with the SecurityToken
>>>> - *
>>>> - * @param string $originalUrl
>>>> - * @param SecurityToken $token
>>>> - * @return unknown
>>>> - */
>>>> - private function signUrl($originalUrl, $token)
>>>> - {
>>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>>> - if (! $authz) {
>>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>>> - }
>>>> - if ($token == null || $authz != 'signed') {
>>>> - return $originalUrl;
>>>> - }
>>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] :
>>>> false;
>>>> - if ($method) {
>>>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>> 'GET';
>>>> - }
>>>> - return $token->signUrl($originalUrl, $method);
>>>> - }
>>>> -
>>>> +
>>>> private function request_headers()
>>>> {
>>>> // Try to use apache's request headers if available
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>> (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,42 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>> + * or more contributor license agreements. See the NOTICE file
>>>> + * distributed with this work for additional information
>>>> + * regarding copyright ownership. The ASF licenses this file
>>>> + * to you under the Apache License, Version 2.0 (the
>>>> + * "License"); you may not use this file except in compliance
>>>> + * with the License. You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> + * software distributed under the License is distributed on an
>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> + * KIND, either express or implied. See the License for the
>>>> + * specific language governing permissions and limitations under
>>>> the License.
>>>> + *
>>>> + */
>>>> +require 'src/common/HttpServlet.php';
>>>> +
>>>> +/**
>>>> + * This class serves the public certificate, quick and dirty hack
>>>> to make the certificate publicly accessible
>>>> + * this combined with the hard coded location in
>>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>>> + * for the oauth pub key location makes a working whole
>>>> + */
>>>> +class CertServlet extends HttpServlet {
>>>> +
>>>> + /**
>>>> + * Handles the get file request, only called on url = /public.crt
>>>> + * so this function has no logic other then to output the cert
>>>> + */
>>>> + public function doGet()
>>>> + {
>>>> + $file = Config::get('public_key_file');
>>>> + if (!file_exists($file) || !is_readable($file)) {
>>>> + throw new Exception("Invalid public key location ($file), check
>>>> config and file permissions");
>>>> + }
>>>> + $this->setLastModified(filemtime($file));
>>>> + readfile($file);
>>>> + }
>>>> +}
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>> FilesServlet.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -25,7 +25,7 @@
>>>> * the php version too
>>>> */
>>>> class FilesServlet extends HttpServlet {
>>>> -
>>>> +
>>>> /**
>>>> * Handles the get file request, if the file exists and is in the
>>>> correct
>>>> * location it's echo'd to the browser (with a basic content type
>>>> guessing
>>>> @@ -46,14 +46,14 @@
>>>> die();
>>>> }
>>>> // if the file doesn't exist or can't be read, give a 404 error
>>>> - if (!file_exists($file) || !is_readable($file) || !
>>>> is_file($file)) {
>>>> + if (! file_exists($file) || ! is_readable($file) || !
>>>> is_file($file)) {
>>>> header("HTTP/1.0 404 Not Found", true);
>>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>>> die();
>>>> }
>>>> $dot = strrpos($file, '.');
>>>> if ($dot) {
>>>> - $ext = strtolower(substr($file, $dot+1));
>>>> + $ext = strtolower(substr($file, $dot + 1));
>>>> if ($ext == 'html' || $ext == 'htm') {
>>>> $this->setContentType('text/html');
>>>> } elseif ($ext == 'js') {
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>> GadgetRenderingServlet.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>> GadgetRenderingServlet.php (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>>> @@ -52,7 +52,7 @@
>>>> */
>>>> class GadgetRenderingServlet extends HttpServlet {
>>>> private $context;
>>>> -
>>>> +
>>>> /**
>>>> * Creates the gadget using the GadgetServer class and calls
>>>> outputGadget
>>>> *
>>>> @@ -71,11 +71,11 @@
>>>> $gadgetServer = new GadgetServer();
>>>> $gadget = $gadgetServer->processGadget($this->context);
>>>> $this->outputGadget($gadget, $this->context);
>>>> - } catch ( Exception $e ) {
>>>> + } catch (Exception $e) {
>>>> $this->outputError($e);
>>>> }
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * If an error occured (Exception) this function echo's the
>>>> Exception's message
>>>> * and if the config['debug'] is true, shows the debug backtrace in
>>>> a div
>>>> @@ -95,7 +95,7 @@
>>>> }
>>>> echo "</body></html>";
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * Takes the gadget to output, and depending on its content type
>>>> calls either outputHtml-
>>>> * or outputUrlGadget
>>>> @@ -107,15 +107,15 @@
>>>> {
>>>> $view = HttpUtil::getView($gadget, $context);
>>>> switch ($view->getType()) {
>>>> - case 'HTML' :
>>>> + case 'HTML':
>>>> $this->outputHtmlGadget($gadget, $context, $view);
>>>> break;
>>>> - case 'URL' :
>>>> + case 'URL':
>>>> $this->outputUrlGadget($gadget, $context, $view);
>>>> break;
>>>> }
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * Outputs a html content type gadget.
>>>> * It creates a html page, with the javascripts from the features
>>>> inline into the page, plus
>>>> @@ -144,16 +144,13 @@
>>>> }
>>>> // Was a privacy policy header configured? if so set it
>>>> if (Config::get('P3P') != '') {
>>>> - header("P3P: ".Config::get('P3P'));
>>>> + header("P3P: " . Config::get('P3P'));
>>>> }
>>>> - if (!$view->getQuirks()) {
>>>> + if (! $view->getQuirks()) {
>>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>>> \">\n";
>>>> }
>>>> - echo "<html>\n<head>".
>>>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>>>> style>".
>>>> - "</head><body>".
>>>> - "<script><!--\n";
>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>>> "<script><!--\n";
>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>> $type = $library->getType();
>>>> if ($type == 'URL') {
>>>> // TODO: This case needs to be handled more gracefully by the js
>>>> @@ -173,15 +170,12 @@
>>>> // Forced libs first.
>>>> if (! empty($forcedLibs)) {
>>>> $libs = explode(':', $forcedLibs);
>>>> - echo sprintf($externFmt, Config::get('default_js_prefix').$this-
>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>> + echo sprintf($externFmt, Config::get('default_js_prefix') .
>>>> $this-
>>>>> getJsUrl($libs, $gadget)) . "\n";
>>>> }
>>>> if (strlen($externJs) > 0) {
>>>> echo $externJs;
>>>> }
>>>> - echo "<script><!--\n".
>>>> - $this->appendJsConfig($context, $gadget).
>>>> - $this->appendMessages($gadget).
>>>> - "-->\n</script>\n";
>>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>>
>>>> $gadgetExceptions = array();
>>>> $content = $gadget->getSubstitutions()->substitute($view-
>>>>> getContent());
>>>> @@ -192,11 +186,9 @@
>>>> if (count($gadgetExceptions)) {
>>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>>> }
>>>> - echo $content . "\n".
>>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>>> - "</body>\n</html>";
>>>> + echo $content . "\n" .
>>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>>>> \n</html>";
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * Output's a URL content type gadget, it adds
>>>> libs=<list:of:js:libraries>.js and user preferences
>>>> * to the href url, and redirects the browser to it
>>>> @@ -215,7 +207,7 @@
>>>> $forcedLibs = Config::get('focedJsLibs');
>>>> if ($forcedLibs == null) {
>>>> $reqs = $gadget->getRequires();
>>>> - foreach ( $reqs as $key => $val ) {
>>>> + foreach ($reqs as $key => $val) {
>>>> $libs[] = $key;
>>>> }
>>>> } else {
>>>> @@ -231,7 +223,7 @@
>>>> header('Location: ' . $redirURI);
>>>> die();
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * Returns the requested libs (from getjsUrl) with the
>>>> libs_param_name prepended
>>>> * ie: in libs=core:caja:etc.js format
>>>> @@ -248,7 +240,7 @@
>>>> $ret .= $this->getJsUrl($libs, $gadget);
>>>> return $ret;
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * Returns the user preferences in &up_<name>=<val> format
>>>> *
>>>> @@ -259,7 +251,7 @@
>>>> private function getPrefsQueryString($prefVals)
>>>> {
>>>> $ret = '';
>>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>>> $ret .= '&';
>>>> $ret .= Config::get('userpref_param_prefix');
>>>> $ret .= urlencode($key);
>>>> @@ -268,10 +260,10 @@
>>>> }
>>>> return $ret;
>>>> }
>>>> -
>>>> +
>>>> /**
>>>> * generates the library string (core:caja:etc.js) including a
>>>> checksum of all the
>>>> - * javascript content (?v=<sha1 of js) for cache busting
>>>> + * javascript content (?v=<md5 of js>) for cache busting
>>>> *
>>>> * @param string $libs
>>>> * @param Gadget $gadget
>>>> @@ -284,7 +276,7 @@
>>>> $buf = 'core';
>>>> } else {
>>>> $firstDone = false;
>>>> - foreach ( $libs as $lib ) {
>>>> + foreach ($libs as $lib) {
>>>> if ($firstDone) {
>>>> $buf .= ':';
>>>> } else {
>>>> @@ -296,7 +288,7 @@
>>>> // Build a version string from the sha1() checksum of all included
>>>> javascript
>>>> // to ensure the client always has the right version
>>>> $inlineJs = '';
>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>> $type = $library->getType();
>>>> if ($type != 'URL') {
>>>> $inlineJs .= $library->getContent() . "\n";
>>>> @@ -305,14 +297,14 @@
>>>> $buf .= ".js?v=" . md5($inlineJs);
>>>> return $buf;
>>>> }
>>>> -
>>>> +
>>>> private function appendJsConfig($context, $gadget)
>>>> {
>>>> $container = $context->getContainer();
>>>> $containerConfig = $context->getContainerConfig();
>>>> $gadgetConfig = array();
>>>> $featureConfig = $containerConfig->getConfig($container,
>>>> 'gadgets.features');
>>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>>> + foreach ($gadget->getJsLibraries() as $library) {
>>>> $feature = $library->getFeatureName();
>>>> if (! isset($gadgetConfig[$feature]) && !
>>>> empty($featureConfig[$feature])) {
>>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>>> @@ -320,7 +312,7 @@
>>>> }
>>>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");
>>>> \n";
>>>> }
>>>> -
>>>> +
>>>> private function appendMessages($gadget)
>>>> {
>>>> $msgs = '';
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>> JsServlet.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed
>>>> May 21 09:58:52 2008
>>>> @@ -30,7 +30,7 @@
>>>> * to retrieve our features javascript code
>>>> */
>>>> class JsServlet extends HttpServlet {
>>>> -
>>>> +
>>>> public function doGet()
>>>> {
>>>> $this->noHeaders = true;
>>>>
>>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>>> ProxyServlet.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>> (original)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -26,6 +26,8 @@
>>>> require 'src/common/RemoteContent.php';
>>>> require 'src/common/Cache.php';
>>>> require 'src/common/RemoteContentFetcher.php';
>>>> +require 'src/gadgets/oauth/OAuth.php';
>>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>>
>>>> class ProxyServlet extends HttpServlet {
>>>>
>>>> @@ -39,6 +41,7 @@
>>>> if (! $url) {
>>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>>> }
>>>> + $url = urldecode($url);
>>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>>>> if (! $method) {
>>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>>> 'GET';
>>>> @@ -49,7 +52,8 @@
>>>> }
>>>> $gadgetSigner = Config::get('security_token_signer');
>>>> $gadgetSigner = new $gadgetSigner();
>>>> - $proxyHandler = new ProxyHandler($context);
>>>> + $signingFetcherFactory = new
>>>> SigningFetcherFactory(Config::get("private_key_file"));
>>>> + $proxyHandler = new ProxyHandler($context,
>>>> $signingFetcherFactory);
>>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>>> } else {
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>> SigningFetcher.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>> (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>>> Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,216 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed under the Apache License, Version 2.0 (the "License");
>>>> + * you may not use this file except in compliance with the
>>>> License.
>>>> + * You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> software
>>>> + * distributed under the License is distributed on an "AS IS"
>>>> BASIS,
>>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>>> implied.
>>>> + * See the License for the specific language governing permissions
>>>> and
>>>> + * limitations under the License.
>>>> + */
>>>> +
>>>> +/**
>>>> + * Implements signed fetch based on the OAuth request signing
>>>> algorithm.
>>>> + *
>>>> + * Subclasses can override signMessage to use their own crypto if
>>>> they don't
>>>> + * like the oauth.net code for some reason.
>>>> + *
>>>> + * Instances of this class are only accessed by a single thread at
>>>> a time,
>>>> + * but instances may be created by multiple threads.
>>>> + */
>>>> +class SigningFetcher extends RemoteContentFetcher {
>>>> +
>>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>>> + protected static $XOAUTH_PUBLIC_KEY =
>>>> "xoauth_signature_publickey";
>>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>>> +
>>>> + //protected final TimeSource clock = new TimeSource();
>>>> +
>>>> + /**
>>>> + * Authentication token for the user and gadget making the
>>>> request.
>>>> + */
>>>> + protected $authToken;
>>>> +
>>>> + /**
>>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can
>>>> be a
>>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>>> encoded byte
>>>> + * array for the private key.(No, really, they accept any of
>>>> them.)
>>>> + */
>>>> + protected $privateKeyObject;
>>>> +
>>>> + /**
>>>> + * The name of the key, included in the fetch to help with key
>>>> rotation.
>>>> + */
>>>> + protected $keyName;
>>>> +
>>>> + /**
>>>> + * Constructor based on signing with the given PrivateKey object.
>>>> + *
>>>> + * @param authToken verified gadget security token
>>>> + * @param keyName name of the key to include in the request
>>>> + * @param privateKey the key to use for the signing
>>>> + */
>>>> + public static function makeFromPrivateKey($next, $authToken,
>>>> $keyName, $privateKey)
>>>> + {
>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>> $privateKey);
>>>> + }
>>>> +
>>>> + /**
>>>> + * Constructor based on signing with the given PrivateKey object.
>>>> + *
>>>> + * @param authToken verified gadget security token
>>>> + * @param keyName name of the key to include in the request
>>>> + * @param privateKey base64 encoded private key
>>>> + */
>>>> + public static function makeFromB64PrivateKey($next, $authToken,
>>>> $keyName, $privateKey)
>>>> + {
>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>> $privateKey);
>>>> + }
>>>> +
>>>> + /**
>>>> + * Constructor based on signing with the given PrivateKey object.
>>>> + *
>>>> + * @param authToken verified gadget security token
>>>> + * @param keyName name of the key to include in the request
>>>> + * @param privateKey DER encoded private key
>>>> + */
>>>> + public static function makeFromPrivateKeyBytes($next, $authToken,
>>>> $keyName, $privateKey)
>>>> + {
>>>> + return new SigningFetcher($next, $authToken, $keyName,
>>>> $privateKey);
>>>> + }
>>>> +
>>>> + protected function __construct($next, $authToken, $keyName,
>>>> $privateKeyObject)
>>>> + {
>>>> + parent::setNextFetcher($next);
>>>> + $this->authToken = $authToken;
>>>> + $this->keyName = $keyName;
>>>> + $this->privateKeyObject = $privateKeyObject;
>>>> + }
>>>> +
>>>> + public function fetchRequest($request)
>>>> + {
>>>> + return $this->getNextFetcher()->fetchRequest($request);
>>>> + }
>>>> +
>>>> + public function fetch($url, $method)
>>>> + {
>>>> + $signed = $this->signRequest($url, $method);
>>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>>> + }
>>>> +
>>>> + private function signRequest($url, $method)
>>>> + {
>>>> + try {
>>>> + // Parse the request into parameters for OAuth signing, stripping
>>>> out
>>>> + // any OAuth or OpenSocial parameters injected by the client
>>>> + ///////////////////////////////////////////////
>>>> + require 'src/common/Zend/Uri.php';
>>>> + $uri = Zend_Uri::factory($url);
>>>> + $resource = $uri->getUri();
>>>> + $queryParams = $this->sanitize($_GET);
>>>> + $postParams = $this->sanitize($_POST);
>>>> + $msgParams = array();
>>>> + $msgParams = array_merge($msgParams, $queryParams);
>>>> + $msgParams = array_merge($msgParams, $postParams);
>>>> +
>>>> + // TODO: is this ok?
>>>> + //$msgParams = array();
>>>> + $this->addOpenSocialParams($msgParams);
>>>> + $this->addOAuthParams($msgParams);
>>>> +
>>>> + // Build and sign the OAuthMessage; note that the resource here
>>>> has
>>>> + // no query string, the parameters are all in msgParams
>>>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>>>> +
>>>> + ////////////////////////////////////////////////
>>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>>> + $consumer-
>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>>>>> privateKeyObject);
>>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>>> +
>>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL,
>>>> $method, $resource, $msgParams);
>>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>>> +
>>>> + // Rebuild the query string, including all of the parameters we
>>>> added.
>>>> + // We have to be careful not to copy POST parameters into the
>>>> query.
>>>> + // If post and query parameters share a name, they end up being
>>>> removed
>>>> + // from the query.
>>>> + $forPost = array();
>>>> + foreach ($postParams as $key => $param) {
>>>> + $forPost[$key] = $param;
>>>> + }
>>>> + $newQuery = array();
>>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>>> + if (! isset($forPost[$key])) {
>>>> + $newQuery[$key] = $param;
>>>> + }
>>>> + }
>>>> +
>>>> + // Careful here; the OAuth form encoding scheme is slightly
>>>> different than
>>>> + // the normal form encoding scheme, so we have to use the OAuth
>>>> library
>>>> + // formEncode method.
>>>> + $uri->setQuery($newQuery);
>>>> + return new RemoteContentRequest($uri->getUri());
>>>> + } catch (Exception $e) {
>>>> + throw new GadgetException($e);
>>>> + }
>>>> + }
>>>> +
>>>> + private function addOpenSocialParams(&$msgParams)
>>>> + {
>>>> + $owner = $this->authToken->getOwnerId();
>>>> + if ($owner != null) {
>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>>> + }
>>>> + $viewer = $this->authToken->getViewerId();
>>>> + if ($viewer != null) {
>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>>> + }
>>>> + $app = $this->authToken->getAppId();
>>>> + if ($app != null) {
>>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>>> + }
>>>> + }
>>>> +
>>>> + private function addOAuthParams(&$msgParams)
>>>> + {
>>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>>> + $domain = $this->authToken->getDomain();
>>>> + if ($domain != null) {
>>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] =
>>>> 'partuza.chabotc.com'; //
>>>> $domain;
>>>> + }
>>>> + if ($this->keyName != null) {
>>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
>>>> + }
>>>> + $nonce = OAuthRequest::generate_nonce();
>>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>>> + $timestamp = time();
>>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>>>> + }
>>>> +
>>>> + /**
>>>> + * Strip out any owner or viewer id passed by the client.
>>>> + */
>>>> + private function sanitize($params)
>>>> + {
>>>> + $list = array();
>>>> + foreach ($params as $key => $p) {
>>>> + if ($this->allowParam($key)) {
>>>> + $list[$key] = $p;
>>>> + }
>>>> + }
>>>> + return $list;
>>>> + }
>>>> +
>>>> + private function allowParam($paramName)
>>>> + {
>>>> + $canonParamName = strtolower($paramName);
>>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>>> + }
>>>> +}
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>>> SigningFetcherFactory.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>>> SigningFetcherFactory.php (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,86 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>> + * or more contributor license agreements. See the NOTICE file
>>>> + * distributed with this work for additional information
>>>> + * regarding copyright ownership. The ASF licenses this file
>>>> + * to you under the Apache License, Version 2.0 (the
>>>> + * "License"); you may not use this file except in compliance
>>>> + * with the License. You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> + * software distributed under the License is distributed on an
>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> + * KIND, either express or implied. See the License for the
>>>> + * specific language governing permissions and limitations
>>>> + * under the License.
>>>> + */
>>>> +
>>>> +/**
>>>> + * Produces Signing content fetchers for input tokens.
>>>> + */
>>>> +class SigningFetcherFactory {
>>>> + private $keyName;
>>>> + private $privateKey;
>>>> +
>>>> + /**
>>>> + * Produces a signing fetcher that will sign requests and delegate
>>>> actual
>>>> + * network retrieval to the {@code networkFetcher}
>>>> + *
>>>> + * @param networkFetcher The fetcher that will be doing actual
>>>> work.
>>>> + * @param token The gadget token used for extracting signing
>>>> parameters.
>>>> + * @return The signing fetcher.
>>>> + * @throws GadgetException
>>>> + */
>>>> + public function getSigningFetcher($networkFetcher, $token)
>>>> + {
>>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>>> $token, $this->keyName, $this->privateKey);
>>>> + }
>>>> +
>>>> + /**
>>>> + * @param keyFile The file containing your private key for signing
>>>> requests.
>>>> + */
>>>> + public function __construct($keyFile = null)
>>>> + {
>>>> + $this->keyName = 'http://'.
>>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>>> + if (! empty($keyFile)) {
>>>> + $privateKey = null;
>>>> + try {
>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>> convert it
>>>> + $cache = Config::get('data_cache');
>>>> + $cache = new $cache();
>>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this-
>>>>> keyName)) !== false) {
>>>> + $rsa_private_key = $cachedKey;
>>>> + } else {
>>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>>> + throw new Exception("Could not read keyfile ($keyFile), check the
>>>> file name and permission");
>>>> + }
>>>> + // TODO: sending NULL as a second param to
>>>> openssl_pkey_get_private works?
>>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>>> (Config::get('private_key_phrase')) : null;
>>>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>>>> $phrase)) == false) {
>>>> + //TODO: double check if can input keyfile -inform PEM
>>>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>> + throw new Exception("Could not create temporary file");
>>>> + }
>>>> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
>>>> + throw new Exception("Could not write to temporary file");
>>>> + }
>>>> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>>> + throw new Exception("Could not create temporary file");
>>>> + }
>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>>> nocrypt -in " . $in);
>>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>>> + throw new Exception("Could not read temporary file");
>>>> + }
>>>> + }
>>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>>> $rsa_private_key);
>>>> + }
>>>> + } catch (Exception $e) {
>>>> + throw new Exception("Error loading private key: " . $e);
>>>> + }
>>>> + $this->privateKey = $rsa_private_key;
>>>> + }
>>>> + }
>>>> +}
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicGadgetOAuthTokenStore.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicGadgetOAuthTokenStore.php (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,112 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>> + * or more contributor license agreements. See the NOTICE file
>>>> + * distributed with this work for additional information
>>>> + * regarding copyright ownership. The ASF licenses this file
>>>> + * to you under the Apache License, Version 2.0 (the
>>>> + * "License"); you may not use this file except in compliance
>>>> + * with the License. You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> + * software distributed under the License is distributed on an
>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> + * KIND, either express or implied. See the License for the
>>>> + * specific language governing permissions and limitations
>>>> + * under the License.
>>>> + */
>>>> +
>>>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>>>> +
>>>> + /** default location for consumer keys and secrets */
>>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>>> + private $KEY_TYPE_KEY = "key_type";
>>>> +
>>>> + public function __construct($store)
>>>> + {
>>>> + parent::__construct($store);
>>>> + }
>>>> +
>>>> + public function initFromConfigFile($fetcher)
>>>> + {
>>>> + // Read our consumer keys and secrets from config/oauth.js
>>>> + // This actually involves fetching gadget specs
>>>> + try {
>>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>>> +
>>>> + // remove all comments because this confuses the json parser
>>>> + // note: the json parser also crashes on trailing ,'s in records
>>>> so please don't use them
>>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>>> $oauthConfigStr);
>>>> + $oauthConfig = json_decode($contents, true);
>>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>>> + }
>>>> + } catch (Exception $e) {
>>>> + throw new GadgetException($e);
>>>> + }
>>>> + }
>>>> +
>>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>>> + {
>>>> + $cache = Config::get('data_cache');
>>>> + $cache = new $cache();
>>>> +
>>>> + // determine which requests we can load from cache, and which we
>>>> have to actually fetch
>>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>>>> + $gadget = $cachedRequest;
>>>> + } else {
>>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>>> + $context = new ProxyGadgetContext($gadgetUri);
>>>> + $spec = new GadgetSpecParser();
>>>> + $gadget = $spec->parse($response->getResponseContent(),
>>>> $context);
>>>> + $cache->set(md5($gadgetUri), $gadget);
>>>> + }
>>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>>> + }
>>>> +
>>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>>> + {
>>>> + foreach ($oauthConfig as $key => $value) {
>>>> + $serviceName = $key;
>>>> + $consumerInfo = $value;
>>>> + $this->storeConsumerInfo($gadgetUri, $serviceName,
>>>> $consumerInfo);
>>>> + }
>>>> + }
>>>> +
>>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>>> $consumerInfo)
>>>> + {
>>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>>> + $keyType = 'HMAC_SYMMETRIC';
>>>> +
>>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>>> + $keyType = 'RSA_PRIVATE';
>>>> + // check if the converted from PKCS8 key is in cache, if not,
>>>> convert it
>>>> + $cache = Config::get('data_cache');
>>>> + $cache = new $cache();
>>>> +
>>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>>> $serviceName))) !== false) {
>>>> + $consumerSecret = $cachedRequest;
>>>> + } else {
>>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>>>> CONSUMER_SECRET_KEY]));
>>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>>> nocrypt -in " . $in);
>>>> + $consumerSecret = file_get_contents($out);
>>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>>> + }
>>>> + }
>>>> +
>>>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>>>> $keyType);
>>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
>>>> + }
>>>> +
>>>> +}
>>>>
>>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicOAuthStore.php
>>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> =
>>>> ===================================================================
>>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicOAuthStore.php (added)
>>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>>> @@ -0,0 +1,149 @@
>>>> +<?php
>>>> +/*
>>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>>> + * or more contributor license agreements. See the NOTICE file
>>>> + * distributed with this work for additional information
>>>> + * regarding copyright ownership. The ASF licenses this file
>>>> + * to you under the Apache License, Version 2.0 (the
>>>> + * "License"); you may not use this file except in compliance
>>>> + * with the License. You may obtain a copy of the License at
>>>> + *
>>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>>> + *
>>>> + * Unless required by applicable law or agreed to in writing,
>>>> + * software distributed under the License is distributed on an
>>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>>> + * KIND, either express or implied. See the License for the
>>>> + * specific language governing permissions and limitations under
>>>> the License.
>>>> + */
>>>> +
>>>> +class OAuthNoDataException extends Exception {}
>>>> +
>>>> +class BasicOAuthStore implements OAuthStore {
>>>> +
>>>> + private $providers = array();
>>>> + private $tokens = array();
>>>> +
>>>> + private $defaultConsumerKey;
>>>> + private $defaultConsumerSecret;
>>>> +
>>>> + public function __construct($consumerKey = null, $privateKey =
>>>> null)
>>>> + {
>>>> + $this->defaultConsumerKey = $consumerKey;
>>>> + $this->defaultConsumerSecret = $privateKey;
>>>> + }
>>>> +
>>>> + public function setHashMapsForTesting($providers, $tokens)
>>>> + {
>>>> + $this->providers = $providers;
>>>> + $this->tokens = $tokens;
>>>> + }
>>>> +
>>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>>> + {
>>>> + $provKey = new ProviderKey();
>>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>>> + //AccesorInfo
>>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>>> + //TokenInfo
>>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>>> + if ($accessToken != null) {
>>>> + // maybe convert into methods
>>>> + $result->getAccessor()->accessToken = $accessToken-
>>>>> getAccessToken();
>>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>>>> getTokenSecret();
>>>> + }
>>>> + return $result;
>>>> + }
>>>> +
>>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>>> $providerKey)
>>>> + {
>>>> + //ProviderInfo
>>>> + $provInfo = $this->getProviderInfo($providerKey);
>>>> +
>>>> + if ($provInfo == null) {
>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>> store");
>>>> + }
>>>> + //AccesorInfo
>>>> + $result = new AccesorInfo();
>>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>>> + $result->setParamLocation($provInfo->getParamLocation());
>>>> +
>>>> + //ConsumerKeyAndSecret
>>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>>> +
>>>> + if ($consumerKeyAndSecret == null) {
>>>> + if ($this->defaultConsumerKey == null || $this-
>>>>> defaultConsumerSecret == null) {
>>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in
>>>> oauth store");
>>>> + } else {
>>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>>>> defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::
>>>> $KeyType['RSA_PRIVATE']);
>>>> + }
>>>> + }
>>>> +
>>>> + //OAuthServiceProvider
>>>> + $oauthProvider = $provInfo->getProvider();
>>>> +
>>>> + if (! isset($oauthProvider)) {
>>>> + throw new OAuthNoDataException("OAuthService provider was null in
>>>> oauth store");
>>>> + }
>>>> +
>>>> + // Accesing the class
>>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>>> +
>>>> + //OAuthConsumer
>>>> + $consumer = ($usePublicKeyCrypto) ? new
>>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>>>> getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>>> $oauthProvider);
>>>> +
>>>> + if ($usePublicKeyCrypto) {
>>>> + $consumer-
>>>>> setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>>> $consumerKeyAndSecret->getConsumerSecret());
>>>> + $result->setSignatureType(OAuthStoreVars::
>>>> $SignatureType['RSA_SHA1']);
>>>> + } else {
>>>> + $result->setSignatureType(OAuthStoreVars::
>>>> $SignatureType['HMAC_SHA1']);
>>>> + }
>>>> +
>>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>>> + return $result;
>>>> + }
>>>> +
>>>> + public function getOAuthServiceProviderInfo($providerKey)
>>>> + {
>>>> + $provInfo = $this->providers->get($providerKey);
>>>> +
>>>> + if ($provInfo == null) {
>>>> + throw new OAuthNoDataException("provider info was null in oauth
>>>> store");
>>>> + }
>>>> +
>>>> + return $provInfo;
>>>> + }
>>>> +
>>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>>> $keyAndSecret)
>>>> + {
>>>> + //ProviderInfo
>>>> + $value = $this->getProviderInfo($providerKey);
>>>> + if ($value == null) {
>>>> + throw new OAuthNoDataException("could not find provider data for
>>>> token");
>>>> + }
>>>> + $value->setKeyAndSecret($keyAndSecret);
>>>> + }
>>>> +
>>>> + public function setOAuthServiceProviderInfo($providerKey,
>>>> $providerInfo)
>>>> + {
>>>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>>>> + }
>>>> +
>>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>>> + {
>>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>>> + }
>>>> +
>>>> + private function getProviderInfo($providerKey)
>>>> + {
>>>> + $key = md5(serialize($providerKey));
>>>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>>>> null;
>>>> + }
>>>> +
>>>> + private function getTokenInfo($tokenKey)
>>>> + {
>>>> + $key = md5(serialize($tokenKey));
>>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>>>> + }
>>>> +}
>>>> \ No newline at end of file
>>>>
>>>>
>>>>
>>>> --
>>>> This message has been scanned for viruses and
>>>> dangerous content by MailScanner, and is
>>>> believed to be clean.
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by "Lini H - Clarion, India" <li...@clariontechnologies.co.in>.
Hi chris,
Sorry, but its still not working..
Regards
Lini Haridas
Software Engineer
lini.haridas@clariontechnologies.co.in
Clarion Technologies
SEI CMMI Level 3 Company
4th Floor, Great Eastern Plaza,
Airport Road,
Pune- 411 006,
Maharashtra, India.
Phone: +91 20 66020289
Mobile: +91 9823435917
www.clariontechnologies.co.in
----- Original Message -----
From: "Chris Chabot" <ch...@xs4all.nl>
To: <sh...@incubator.apache.org>
Sent: Thursday, May 22, 2008 1:32 PM
Subject: Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
> Should be working again
>
> On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
>
>> Hi Chris,
>>
>> The shindig is not working after the new code changes. I also
>> checked on http://shindig.chabotc.com and none of the samples
>> neither the gadget is working. Is any work still missing on this?
>>
>> Regards
>>
>> Lini Haridas
>> Software Engineer
>>
>> lini.haridas@clariontechnologies.co.in
>> Clarion Technologies
>> SEI CMMI Level 3 Company
>>
>> 4th Floor, Great Eastern Plaza,
>> Airport Road,
>> Pune- 411 006,
>> Maharashtra, India.
>> Phone: +91 20 66020289
>> Mobile: +91 9823435917
>> www.clariontechnologies.co.in
>>
>> ----- Original Message -----
>> From: <ch...@apache.org>
>> To: <sh...@incubator.apache.org>
>> Sent: Wednesday, May 21, 2008 10:28 PM
>> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
>> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
>> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>>
>>
>>> Author: chabotc
>>> Date: Wed May 21 09:58:52 2008
>>> New Revision: 658758
>>>
>>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>>> Log:
>>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>>> great work on this. This patch implements OAuth and signed request
>>> support
>>>
>>> Added:
>>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>> incubator/shindig/trunk/php/src/gadgets/http/
>>> SigningFetcherFactory.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicGadgetOAuthTokenStore.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>> GadgetOAuthTokenStore.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>> OAuthFetcherFactory.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>> OAuthRequestParams.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/
>>> OAuthServiceProvider.php
>>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>>> Modified:
>>> incubator/shindig/trunk/php/config.php
>>> incubator/shindig/trunk/php/index.php
>>> incubator/shindig/trunk/php/src/common/JsMin.php
>>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>> incubator/shindig/trunk/php/src/gadgets/http/
>>> GadgetRenderingServlet.php
>>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>>> BasicBlobCrypter.php
>>> incubator/shindig/trunk/php/src/socialdata/http/
>>> GadgetDataServlet.php
>>>
>>> Modified: incubator/shindig/trunk/php/config.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/config.php (original)
>>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
>>> @@ -1,4 +1,4 @@
>>> -<?
>>> +<?php
>>> /*
>>> * Licensed to the Apache Software Foundation (ASF) under one
>>> * or more contributor license agreements. See the NOTICE file
>>> @@ -45,7 +45,7 @@
>>> // Configurable CSS rules that are injected to the gadget page,
>>> // be careful when adjusting these not to break most gadget's
>>> layouts :)
>>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;}
>>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>>> color:white;}',
>>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>>
>>> // The html / javascript samples use a plain text demo token,
>>> // set this to false on anything resembling a real site
>>> @@ -96,6 +96,13 @@
>>> // global cache age policy and location
>>> 'cache_time' => 24 * 60 * 60,
>>> 'cache_root' => '/tmp/shindig',
>>> +
>>> + // OAuth private key Path
>>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>> private.key',
>>> + // file path to public RSA cert
>>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>>> public.crt',
>>> + // Phrase to decrypt private key. Leave empty if unencrypted
>>> + 'private_key_phrase' => 'partuza',
>>>
>>> // In some cases we need to know the site root (for features
>>> forinstance)
>>> 'base_path' => realpath(dirname(__FILE__))
>>>
>>> Modified: incubator/shindig/trunk/php/index.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/index.php (original)
>>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
>>> @@ -1,4 +1,4 @@
>>> -<?
>>> +<?php
>>> /*
>>> * Licensed to the Apache Software Foundation (ASF) under one
>>> * or more contributor license agreements. See the NOTICE file
>>> @@ -48,7 +48,7 @@
>>> // To load these, we scan our entire directory structure
>>> function __autoload($className)
>>> {
>>> - $locations = array('src/common', 'src/common/samplecontainer',
>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>> samplecontainer');
>>> + $locations = array('src/common', 'src/common/samplecontainer',
>>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>>> samplecontainer', 'src/gadgets/oauth');
>>> // Check for the presense of this class in our all our directories.
>>> $fileName = $className.'.php';
>>> foreach ($locations as $path) {
>>> @@ -65,7 +65,8 @@
>>> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
>>> Config::get('web_prefix') . '/gadgets/ifr' =>
>>> 'GadgetRenderingServlet',
>>> Config::get('web_prefix') . '/gadgets/metadata' => 'JsonRpcServlet',
>>> - Config::get('web_prefix') . '/social/data' =>
>>> 'GadgetDataServlet'
>>> + Config::get('web_prefix') . '/social/data' =>
>>> 'GadgetDataServlet',
>>> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
>>> );
>>>
>>> // Try to match the request url to our servlet mapping
>>>
>>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>>> 09:58:52 2008
>>> @@ -1,4 +1,5 @@
>>> <?php
>>> +
>>> /**
>>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>>> *
>>> @@ -48,243 +49,248 @@
>>> class JsMinException extends Exception {}
>>>
>>> class JsMin {
>>> - const ORD_LF = 10;
>>> - const ORD_SPACE = 32;
>>> -
>>> - protected $a = '';
>>> - protected $b = '';
>>> - protected $input = '';
>>> - protected $inputIndex = 0;
>>> - protected $inputLength = 0;
>>> - protected $lookAhead = null;
>>> - protected $output = '';
>>> -
>>> - // -- Public Static Methods
>>> --------------------------------------------------
>>> -
>>> - public static function minify($js) {
>>> - $jsmin = new JsMin($js);
>>> - return $jsmin->min();
>>> - }
>>> -
>>> - // -- Public Instance Methods
>>> ------------------------------------------------
>>> -
>>> - public function __construct($input) {
>>> - $this->input = str_replace("\r\n", "\n", $input);
>>> - $this->inputLength = strlen($this->input);
>>> - }
>>> -
>>> - // -- Protected Instance Methods
>>> ---------------------------------------------
>>> -
>>> - protected function action($d) {
>>> - switch($d) {
>>> - case 1:
>>> - $this->output .= $this->a;
>>> -
>>> - case 2:
>>> - $this->a = $this->b;
>>> -
>>> - if ($this->a === "'" || $this->a === '"') {
>>> - for (;;) {
>>> - $this->output .= $this->a;
>>> - $this->a = $this->get();
>>> -
>>> - if ($this->a === $this->b) {
>>> - break;
>>> - }
>>> -
>>> - if (ord($this->a) <= self::ORD_LF) {
>>> - throw new JsMinException('Unterminated string
>>> literal.');
>>> - }
>>> -
>>> - if ($this->a === '\\') {
>>> - $this->output .= $this->a;
>>> - $this->a = $this->get();
>>> - }
>>> - }
>>> - }
>>> -
>>> - case 3:
>>> - $this->b = $this->next();
>>> -
>>> - if ($this->b === '/' && (
>>> - $this->a === '(' || $this->a === ',' || $this->a ===
>>> '=' ||
>>> - $this->a === ':' || $this->a === '[' || $this->a ===
>>> '!' ||
>>> - $this->a === '&' || $this->a === '|' || $this->a ===
>>> '?')) {
>>> -
>>> - $this->output .= $this->a . $this->b;
>>> -
>>> - for (;;) {
>>> - $this->a = $this->get();
>>> -
>>> - if ($this->a === '/') {
>>> - break;
>>> - } elseif ($this->a === '\\') {
>>> - $this->output .= $this->a;
>>> - $this->a = $this->get();
>>> - } elseif (ord($this->a) <= self::ORD_LF) {
>>> - throw new JsMinException('Unterminated regular
>>> expression '.
>>> - 'literal.');
>>> - }
>>> -
>>> - $this->output .= $this->a;
>>> - }
>>> -
>>> - $this->b = $this->next();
>>> - }
>>> - }
>>> - }
>>> -
>>> - protected function get() {
>>> - $c = $this->lookAhead;
>>> - $this->lookAhead = null;
>>> -
>>> - if ($c === null) {
>>> - if ($this->inputIndex < $this->inputLength) {
>>> - $c = $this->input[$this->inputIndex];
>>> - $this->inputIndex += 1;
>>> - } else {
>>> - $c = null;
>>> - }
>>> - }
>>> -
>>> - if ($c === "\r") {
>>> - return "\n";
>>> - }
>>> -
>>> - if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>> - return $c;
>>> - }
>>> -
>>> - return ' ';
>>> - }
>>> -
>>> - protected function isAlphaNum($c) {
>>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>>> $/', $c) === 1;
>>> - }
>>> -
>>> - protected function min() {
>>> - $this->a = "\n";
>>> - $this->action(3);
>>> -
>>> - while ($this->a !== null) {
>>> - switch ($this->a) {
>>> - case ' ':
>>> - if ($this->isAlphaNum($this->b)) {
>>> - $this->action(1);
>>> - } else {
>>> - $this->action(2);
>>> - }
>>> - break;
>>> -
>>> - case "\n":
>>> - switch ($this->b) {
>>> - case '{':
>>> - case '[':
>>> - case '(':
>>> - case '+':
>>> - case '-':
>>> - $this->action(1);
>>> - break;
>>> -
>>> - case ' ':
>>> - $this->action(3);
>>> - break;
>>> -
>>> - default:
>>> - if ($this->isAlphaNum($this->b)) {
>>> - $this->action(1);
>>> - }
>>> - else {
>>> - $this->action(2);
>>> - }
>>> - }
>>> - break;
>>> -
>>> - default:
>>> - switch ($this->b) {
>>> - case ' ':
>>> - if ($this->isAlphaNum($this->a)) {
>>> - $this->action(1);
>>> - break;
>>> - }
>>> -
>>> - $this->action(3);
>>> - break;
>>> -
>>> - case "\n":
>>> - switch ($this->a) {
>>> - case '}':
>>> - case ']':
>>> - case ')':
>>> - case '+':
>>> - case '-':
>>> - case '"':
>>> - case "'":
>>> - $this->action(1);
>>> - break;
>>> -
>>> - default:
>>> - if ($this->isAlphaNum($this->a)) {
>>> - $this->action(1);
>>> - }
>>> - else {
>>> - $this->action(3);
>>> - }
>>> - }
>>> - break;
>>> -
>>> - default:
>>> - $this->action(1);
>>> - break;
>>> - }
>>> - }
>>> - }
>>> -
>>> - return $this->output;
>>> - }
>>> -
>>> - protected function next() {
>>> - $c = $this->get();
>>> -
>>> - if ($c === '/') {
>>> - switch($this->peek()) {
>>> - case '/':
>>> - for (;;) {
>>> - $c = $this->get();
>>> -
>>> - if (ord($c) <= self::ORD_LF) {
>>> - return $c;
>>> - }
>>> - }
>>> -
>>> - case '*':
>>> - $this->get();
>>> -
>>> - for (;;) {
>>> - switch($this->get()) {
>>> - case '*':
>>> - if ($this->peek() === '/') {
>>> - $this->get();
>>> - return ' ';
>>> - }
>>> - break;
>>> -
>>> - case null:
>>> - throw new JsMinException('Unterminated comment.');
>>> - }
>>> - }
>>> -
>>> - default:
>>> - return $c;
>>> - }
>>> - }
>>> -
>>> - return $c;
>>> - }
>>> -
>>> - protected function peek() {
>>> - $this->lookAhead = $this->get();
>>> - return $this->lookAhead;
>>> - }
>>> + const ORD_LF = 10;
>>> + const ORD_SPACE = 32;
>>> +
>>> + protected $a = '';
>>> + protected $b = '';
>>> + protected $input = '';
>>> + protected $inputIndex = 0;
>>> + protected $inputLength = 0;
>>> + protected $lookAhead = null;
>>> + protected $output = '';
>>> +
>>> + // -- Public Static Methods
>>> --------------------------------------------------
>>> +
>>> +
>>> + public static function minify($js)
>>> + {
>>> + $jsmin = new JsMin($js);
>>> + return $jsmin->min();
>>> + }
>>> +
>>> + // -- Public Instance Methods
>>> ------------------------------------------------
>>> +
>>> +
>>> + public function __construct($input)
>>> + {
>>> + $this->input = str_replace("\r\n", "\n", $input);
>>> + $this->inputLength = strlen($this->input);
>>> + }
>>> +
>>> + // -- Protected Instance Methods
>>> ---------------------------------------------
>>> +
>>> +
>>> + protected function action($d)
>>> + {
>>> + switch ($d) {
>>> + case 1:
>>> + $this->output .= $this->a;
>>> +
>>> + case 2:
>>> + $this->a = $this->b;
>>> +
>>> + if ($this->a === "'" || $this->a === '"') {
>>> + for (; ; ) {
>>> + $this->output .= $this->a;
>>> + $this->a = $this->get();
>>> +
>>> + if ($this->a === $this->b) {
>>> + break;
>>> + }
>>> +
>>> + if (ord($this->a) <= self::ORD_LF) {
>>> + throw new JsMinException('Unterminated string literal.');
>>> + }
>>> +
>>> + if ($this->a === '\\') {
>>> + $this->output .= $this->a;
>>> + $this->a = $this->get();
>>> + }
>>> + }
>>> + }
>>> +
>>> + case 3:
>>> + $this->b = $this->next();
>>> +
>>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' ||
>>> $this->a === '=' || $this->a === ':' || $this->a === '[' || $this-
>>> >a === '!' || $this->a === '&' || $this->a === '|' || $this->a ===
>>> '?')) {
>>> +
>>> + $this->output .= $this->a . $this->b;
>>> +
>>> + for (; ; ) {
>>> + $this->a = $this->get();
>>> +
>>> + if ($this->a === '/') {
>>> + break;
>>> + } elseif ($this->a === '\\') {
>>> + $this->output .= $this->a;
>>> + $this->a = $this->get();
>>> + } elseif (ord($this->a) <= self::ORD_LF) {
>>> + throw new JsMinException('Unterminated regular expression ' .
>>> 'literal.');
>>> + }
>>> +
>>> + $this->output .= $this->a;
>>> + }
>>> +
>>> + $this->b = $this->next();
>>> + }
>>> + }
>>> + }
>>> +
>>> + protected function get()
>>> + {
>>> + $c = $this->lookAhead;
>>> + $this->lookAhead = null;
>>> +
>>> + if ($c === null) {
>>> + if ($this->inputIndex < $this->inputLength) {
>>> + $c = $this->input[$this->inputIndex];
>>> + $this->inputIndex += 1;
>>> + } else {
>>> + $c = null;
>>> + }
>>> + }
>>> +
>>> + if ($c === "\r") {
>>> + return "\n";
>>> + }
>>> +
>>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>>> + return $c;
>>> + }
>>> +
>>> + return ' ';
>>> + }
>>> +
>>> + protected function isAlphaNum($c)
>>> + {
>>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>>> $c) === 1;
>>> + }
>>> +
>>> + protected function min()
>>> + {
>>> + $this->a = "\n";
>>> + $this->action(3);
>>> +
>>> + while ($this->a !== null) {
>>> + switch ($this->a) {
>>> + case ' ':
>>> + if ($this->isAlphaNum($this->b)) {
>>> + $this->action(1);
>>> + } else {
>>> + $this->action(2);
>>> + }
>>> + break;
>>> +
>>> + case "\n":
>>> + switch ($this->b) {
>>> + case '{':
>>> + case '[':
>>> + case '(':
>>> + case '+':
>>> + case '-':
>>> + $this->action(1);
>>> + break;
>>> +
>>> + case ' ':
>>> + $this->action(3);
>>> + break;
>>> +
>>> + default:
>>> + if ($this->isAlphaNum($this->b)) {
>>> + $this->action(1);
>>> + } else {
>>> + $this->action(2);
>>> + }
>>> + }
>>> + break;
>>> +
>>> + default:
>>> + switch ($this->b) {
>>> + case ' ':
>>> + if ($this->isAlphaNum($this->a)) {
>>> + $this->action(1);
>>> + break;
>>> + }
>>> +
>>> + $this->action(3);
>>> + break;
>>> +
>>> + case "\n":
>>> + switch ($this->a) {
>>> + case '}':
>>> + case ']':
>>> + case ')':
>>> + case '+':
>>> + case '-':
>>> + case '"':
>>> + case "'":
>>> + $this->action(1);
>>> + break;
>>> +
>>> + default:
>>> + if ($this->isAlphaNum($this->a)) {
>>> + $this->action(1);
>>> + } else {
>>> + $this->action(3);
>>> + }
>>> + }
>>> + break;
>>> +
>>> + default:
>>> + $this->action(1);
>>> + break;
>>> + }
>>> + }
>>> + }
>>> +
>>> + return $this->output;
>>> + }
>>> +
>>> + protected function next()
>>> + {
>>> + $c = $this->get();
>>> +
>>> + if ($c === '/') {
>>> + switch ($this->peek()) {
>>> + case '/':
>>> + for (; ; ) {
>>> + $c = $this->get();
>>> +
>>> + if (ord($c) <= self::ORD_LF) {
>>> + return $c;
>>> + }
>>> + }
>>> +
>>> + case '*':
>>> + $this->get();
>>> +
>>> + for (; ; ) {
>>> + switch ($this->get()) {
>>> + case '*':
>>> + if ($this->peek() === '/') {
>>> + $this->get();
>>> + return ' ';
>>> + }
>>> + break;
>>> +
>>> + case null:
>>> + throw new JsMinException('Unterminated comment.');
>>> + }
>>> + }
>>> +
>>> + default:
>>> + return $c;
>>> + }
>>> + }
>>> +
>>> + return $c;
>>> + }
>>> +
>>> + protected function peek()
>>> + {
>>> + $this->lookAhead = $this->get();
>>> + return $this->lookAhead;
>>> + }
>>> }
>>>
>>>
>>> Modified: incubator/shindig/trunk/php/src/common/
>>> RemoteContentFetcher.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>>> Wed May 21 09:58:52 2008
>>> @@ -19,6 +19,18 @@
>>> */
>>>
>>> abstract class RemoteContentFetcher {
>>> +
>>> + protected $fetcher;
>>> +
>>> + protected function setNextFetcher($fetcher = null)
>>> + {
>>> + $this->fetcher = $fetcher;
>>> + }
>>>
>>> abstract public function fetchRequest($request);
>>> +
>>> + public function getNextFetcher()
>>> + {
>>> + return $this->fetcher;
>>> + }
>>> }
>>> \ No newline at end of file
>>>
>>> Modified: incubator/shindig/trunk/php/src/common/
>>> RemoteContentRequest.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>>> Wed May 21 09:58:52 2008
>>> @@ -15,13 +15,14 @@
>>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> * KIND, either express or implied. See the License for the
>>> * specific language governing permissions and limitations under the
>>> License.
>>> - *
>>> + *
>>> */
>>>
>>> class RemoteContentRequest {
>>> // these are used for making the request
>>> - private $url = '';
>>> - private $headers = false;
>>> + private $uri = '';
>>> + private $method = '';
>>> + private $headers = array();
>>> private $postBody = false;
>>> // these fields are filled in once the request has completed
>>> private $responseContent = false;
>>> @@ -29,20 +30,179 @@
>>> private $responseHeaders = false;
>>> private $httpCode = false;
>>> private $contentType = null;
>>> + private $options;
>>> public $handle = false;
>>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>>> urlencoded; charset=utf-8";
>>> + public static $DEFAULT_OPTIONS = array();
>>>
>>> - public function __construct($url, $headers = false, $postBody =
>>> false)
>>> + public function __construct($uri, $headers = false, $postBody =
>>> false)
>>> {
>>> - $this->url = $url;
>>> + $this->uri = $uri;
>>> $this->headers = $headers;
>>> $this->postBody = $postBody;
>>> }
>>>
>>> + public function createRemoteContentRequest($method, $uri,
>>> $headers, $postBody, $options)
>>> + {
>>> + $this->method = $method;
>>> + $this->uri = $uri;
>>> + $this->options = $options;
>>> + // Copy the headers
>>> + if (! isset($headers)) {
>>> + $this->headers = '';
>>> + } else {
>>> + $setPragmaHeader = false;
>>> + $tmpHeaders = '';
>>> + foreach ($headers as $key => $value) {
>>> + // Proxies should be bypassed with the Pragma: no-cache check.
>>> + //TODO double check array is good for options
>>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>>> + $value = "no-cache";
>>> + $setPragmaHeader = true;
>>> + }
>>> + $tmpHeaders .= $key . ":" . $value . "\n";
>>> + }
>>> + // Bypass caching in proxies as well.
>>> + //TODO double check array is good for options
>>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>>> + $tmpHeaders .= "Pragma:no-cache\n";
>>> + }
>>> + $this->headers = $tmpHeaders;
>>> + }
>>> + if (! isset($postBody)) {
>>> + $this->postBody = '';
>>> + } else {
>>> + $this->postBody = array_merge($postBody, $this->postBody);
>>> + }
>>> + $type = $this->getHeader("Content-Type");
>>> + if (! isset($type)) {
>>> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
>>> + } else {
>>> + $this->contentType = $type;
>>> + }
>>> + }
>>> +
>>> + /**
>>> + * Creates a new request to a different URL using all request data
>>> from
>>> + * an existing request.
>>> + *
>>> + * @param uri
>>> + * @param base The base request to copy data from.
>>> + */
>>> + public static function
>>> createRemoteContentRequestWithUriBase($uri, $base)
>>> + {
>>> + $this->uri = $uri;
>>> + $this->method = $base->method;
>>> + $this->options = $base->options;
>>> + $this->headers = $base->headers;
>>> + $this->contentType = $base->contentType;
>>> + $this->postBody = $base->postBody;
>>> + }
>>> +
>>> + /**
>>> + * Basic GET request.
>>> + *
>>> + * @param uri
>>> + */
>>> + public function createRemoteContentRequestWithUri($uri)
>>> + {
>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>> + }
>>> +
>>> + /**
>>> + * GET with options
>>> + *
>>> + * @param uri
>>> + * @param options
>>> + */
>>> + public function createRemoteContentRequestWithUriOptions($uri,
>>> $options)
>>> + {
>>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>>> $options);
>>> + }
>>> +
>>> + /**
>>> + * GET request with custom headers and default options
>>> + * @param uri
>>> + * @param headers
>>> + */
>>> + public function RemoteContentRequestWithUriHeaders($uri, $headers)
>>> + {
>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>> + }
>>> +
>>> + /**
>>> + * GET request with custom headers + options
>>> + * @param uri
>>> + * @param headers
>>> + * @param options
>>> + */
>>> + public function
>>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>>> $options)
>>> + {
>>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>>> $options);
>>> + }
>>> +
>>> + /**
>>> + * Basic POST request
>>> + * @param uri
>>> + * @param postBody
>>> + */
>>> + public function RemoteContentRequestWithUriPostBody($uri,
>>> $postBody)
>>> + {
>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>> RemoteContentRequest::$DEFAULT_OPTIONS);
>>> + }
>>> +
>>> + /**
>>> + * POST request with options
>>> + * @param uri
>>> + * @param postBody
>>> + * @param options
>>> + */
>>> + public function
>>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>>> $options)
>>> + {
>>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>>> $options);
>>> + }
>>> +
>>> + /**
>>> + * POST request with headers
>>> + * @param uri
>>> + * @param headers
>>> + * @param postBody
>>> + */
>>> + public function
>>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>>> $postBody)
>>> + {
>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>>> + }
>>> +
>>> + /**
>>> + * POST request with options + headers
>>> + * @param uri
>>> + * @param headers
>>> + * @param postBody
>>> + * @param options
>>> + */
>>> + public function
>>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>>> $headers, $postBody, $options)
>>> + {
>>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>>> $postBody, $options);
>>> + }
>>> +
>>> + /**
>>> + * Creates a simple GET request
>>> + *
>>> + * @param uri
>>> + * @param ignoreCache
>>> + */
>>> + public function getRequest($uri, $ignoreCache)
>>> + {
>>> + $options = new Options();
>>> + $options->ignoreCache = $ignoreCache;
>>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>>> $options);
>>> + }
>>> +
>>> // returns a hash code which identifies this request, used for
>>> caching
>>> - // takes url and postbody into account for constructing the md5
>>> checksum
>>> + // takes url and postbody into account for constructing the sha1
>>> checksum
>>> public function toHash()
>>> {
>>> - return md5($this->url . $this->postBody);
>>> + return md5($this->uri . $this->postBody);
>>> }
>>>
>>> public function getContentType()
>>> @@ -92,7 +252,17 @@
>>>
>>> public function getUrl()
>>> {
>>> - return $this->url;
>>> + return $this->uri;
>>> + }
>>> +
>>> + public function getMethod()
>>> + {
>>> + return $this->method;
>>> + }
>>> +
>>> + public function getOptions()
>>> + {
>>> + return $this->options;
>>> }
>>>
>>> public function setContentType($type)
>>> @@ -125,14 +295,37 @@
>>> $this->headers = $headers;
>>> }
>>>
>>> + //FIXME: Find a better way to do this
>>> + // The headers can be an array of elements.
>>> + public function getHeader($headerName)
>>> + {
>>> + $headers = explode("\n", $this->headers);
>>> + foreach ($headers as $header) {
>>> + $key = explode(":", $header);
>>> + if ($key[0] == $headerName)
>>> + return $key[1];
>>> + }
>>> + return null;
>>> + }
>>> +
>>> public function setPostBody($postBody)
>>> {
>>> $this->postBody = $postBody;
>>> }
>>>
>>> - public function setUrl($url)
>>> + public function setUri($uri)
>>> {
>>> - $this->url = $url;
>>> + $this->uri = $uri;
>>> }
>>>
>>> -}
>>> \ No newline at end of file
>>> +}
>>> +
>>> +/**
>>> + * Bag of options for making a request.
>>> + *
>>> + * This object is mutable to keep us sane. Don't mess with it once
>>> you've
>>> + * sent it to RemoteContentRequest or bad things might happen.
>>> + */
>>> +class Options {
>>> + public $ignoreCache = false;
>>> +}
>>>
>>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php (original)
>>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May
>>> 21 09:58:52 2008
>>> @@ -80,7 +80,7 @@
>>> self::loadFile($file, $dirs, true);
>>> } else {
>>> self::_securityCheck($file);
>>> - include_once $file;
>>> + include_once 'src/common/'.$file;
>>> }
>>>
>>> if (!class_exists($class, false) && !
>>> interface_exists($class, false)) {
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>>> May 21 09:58:52 2008
>>> @@ -26,21 +26,21 @@
>>> * Server wide variables are stored in config.php
>>> */
>>> class GadgetContext {
>>> - private $httpFetcher = null;
>>> - private $locale = null;
>>> - private $renderingContext = null;
>>> - private $registry = null;
>>> - private $userPrefs = null;
>>> - private $gadgetId = null;
>>> - private $view = null;
>>> - private $moduleId = null;
>>> - private $url = null;
>>> - private $cache = null;
>>> - private $blacklist = null;
>>> - private $ignoreCache = null;
>>> - private $forcedJsLibs = null;
>>> - private $containerConfig = null;
>>> - private $container = null;
>>> + protected $httpFetcher = null;
>>> + protected $locale = null;
>>> + protected $renderingContext = null;
>>> + protected $registry = null;
>>> + protected $userPrefs = null;
>>> + protected $gadgetId = null;
>>> + protected $view = null;
>>> + protected $moduleId = null;
>>> + protected $url = null;
>>> + protected $cache = null;
>>> + protected $blacklist = null;
>>> + protected $ignoreCache = null;
>>> + protected $forcedJsLibs = null;
>>> + protected $containerConfig = null;
>>> + protected $container = null;
>>>
>>> public function __construct($renderingContext)
>>> {
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>> GadgetSpecParser.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>>> Wed May 21 09:58:52 2008
>>> @@ -36,7 +36,7 @@
>>> }
>>> $gadget = new Gadget($context->getGadgetId(), $context);
>>> // process ModulePref attributes
>>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>>> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
>>> // process UserPrefs, if any
>>> foreach ($doc->UserPref as $pref) {
>>> $this->processUserPref($gadget, $pref);
>>> @@ -54,7 +54,7 @@
>>> return $gadget;
>>> }
>>>
>>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>>> $context)
>>> {
>>> $attributes = $ModulePrefs->attributes();
>>> if (empty($attributes['title'])) {
>>> @@ -90,11 +90,11 @@
>>> $gadget->scaling = isset($attributes['scaling']) ?
>>> trim($attributes['scaling']) : '';
>>> $gadget->scrolling = isset($attributes['scrolling']) ?
>>> trim($attributes['scrolling']) : '';
>>> foreach ($ModulePrefs->Locale as $locale) {
>>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>>> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
>>> }
>>> }
>>>
>>> - private function processLocale($locale)
>>> + private function processLocale($locale, $context)
>>> {
>>> $attributes = $locale->attributes();
>>> $messageAttr = isset($attributes['messages']) ?
>>> trim($attributes['messages']) : '';
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May
>>> 21 09:58:52 2008
>>> @@ -0,0 +1,70 @@
>>> +<?php
>>> +/*
>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>> + * or more contributor license agreements. See the NOTICE file
>>> + * distributed with this work for additional information
>>> + * regarding copyright ownership. The ASF licenses this file
>>> + * to you under the Apache License, Version 2.0 (the
>>> + * "License"); you may not use this file except in compliance
>>> + * with the License. You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> + * software distributed under the License is distributed on an
>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> + * KIND, either express or implied. See the License for the
>>> + * specific language governing permissions and limitations under
>>> the License.
>>> + *
>>> + */
>>> +
>>> +/**
>>> + * An abstract representation of a signing token.
>>> + * Use in conjunction with @code GadgetTokenDecoder.
>>> + */
>>> +abstract class GadgetToken {
>>> +
>>> + //FIXME Hmm seems php is refusing to let me make abstract static
>>> functions? odd
>>> + static public function createFromToken($token, $maxage) {}
>>> + static public function createFromValues($owner, $viewer, $app,
>>> $domain, $appUrl, $moduleId) {}
>>> +
>>> +
>>> + /**
>>> + * Serializes the token into a string. This can be the exact
>>> same as
>>> + * toString; using a different name here is only to force
>>> interface
>>> + * compliance.
>>> + *
>>> + * @return A string representation of the token.
>>> + */
>>> + abstract public function toSerialForm();
>>> +
>>> + /**
>>> + * @return the owner from the token, or null if there is none.
>>> + */
>>> + abstract public function getOwnerId();
>>> +
>>> + /**
>>> + * @return the viewer from the token, or null if there is none.
>>> + */
>>> + abstract public function getViewerId();
>>> +
>>> + /**
>>> + * @return the application id from the token, or null if there
>>> is none.
>>> + */
>>> + abstract public function getAppId();
>>> +
>>> + /**
>>> + * @return the domain from the token, or null if there is none.
>>> + */
>>> + abstract public function getDomain();
>>> +
>>> + /**
>>> + * @return the URL of the application
>>> + */
>>> + abstract public function getAppUrl();
>>> +
>>> + /**
>>> + * @return the module ID of the application
>>> + */
>>> + abstract public function getModuleId();
>>> +}
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>> (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>>> Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,34 @@
>>> +<?php
>>> +/*
>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>> + * or more contributor license agreements. See the NOTICE file
>>> + * distributed with this work for additional information
>>> + * regarding copyright ownership. The ASF licenses this file
>>> + * to you under the Apache License, Version 2.0 (the
>>> + * "License"); you may not use this file except in compliance
>>> + * with the License. You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> + * software distributed under the License is distributed on an
>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> + * KIND, either express or implied. See the License for the
>>> + * specific language governing permissions and limitations
>>> + * under the License.
>>> + */
>>> +
>>> +/**
>>> + * Handles verification of gadget security tokens.
>>> + */
>>> +abstract class GadgetTokenDecoder {
>>> +
>>> + /**
>>> + * Decrypts and verifies a gadget security token to return a
>>> gadget token.
>>> + *
>>> + * @param tokenString String representation of the token to be
>>> created.
>>> + * @return The token representation of the input data.
>>> + * @throws GadgetException If tokenString is not a valid token
>>> + */
>>> + abstract public function createToken($tokenString);
>>> +}
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>>> 21 09:58:52 2008
>>> @@ -24,7 +24,7 @@
>>> private $content;
>>> private $featureName; // used to track what feature this belongs to
>>> private $loaded = false;
>>> -
>>> +
>>> public function __construct($type, $content, $featureName = '')
>>> {
>>> $this->featureName = $featureName;
>>> @@ -39,11 +39,11 @@
>>>
>>> public function getContent()
>>> {
>>> - if (!$this->loaded && $this->type == 'FILE') {
>>> + if (! $this->loaded && $this->type == 'FILE') {
>>> if (Config::get('compress_javascript')) {
>>> $dataCache = Config::get('data_cache');
>>> $dataCache = new $dataCache();
>>> - if (!($content = $dataCache->get(md5($this->content)))) {
>>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>>> $content = JsMin::minify(JsLibrary::loadData($this->content, $this-
>>> >type));
>>> $dataCache->set(md5($this->content), $content);
>>> $this->content = $content;
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/
>>> JsonRpcGadgetContext.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/
>>> JsonRpcGadgetContext.php (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/
>>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>>> @@ -1,10 +1,6 @@
>>> <?php
>>>
>>> class JsonRpcGadgetContext extends GadgetContext {
>>> - private $locale = null;
>>> - private $view = null;
>>> - private $url = null;
>>> - private $container = null;
>>>
>>> public function __construct($jsonContext, $url)
>>> {
>>> @@ -15,23 +11,8 @@
>>> $this->container = $jsonContext->container;
>>> }
>>>
>>> - public function getUrl()
>>> - {
>>> - return $this->url;
>>> - }
>>> -
>>> public function getView()
>>> {
>>> return $this->view;
>>> }
>>> -
>>> - public function getLocale()
>>> - {
>>> - return $this->locale;
>>> - }
>>> -
>>> - public function getContainer()
>>> - {
>>> - return $this->container;
>>> - }
>>> }
>>> \ No newline at end of file
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>> (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>>> Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,10 @@
>>> +<?php
>>> +
>>> +class ProxyGadgetContext extends GadgetContext {
>>> +
>>> + public function __construct($url)
>>> + {
>>> + parent::__construct('GADGET');
>>> + $this->url = $url;
>>> + }
>>> +}
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>>> May 21 09:58:52 2008
>>> @@ -29,11 +29,15 @@
>>> *
>>> */
>>> class ProxyHandler {
>>> - private $context;
>>> + private $context;
>>> + private $signingFetcher;
>>> + private $oauthFetcher;
>>>
>>> - public function __construct($context)
>>> + public function __construct($context, $signingFetcher = null,
>>> $oauthFetcher = null)
>>> {
>>> - $this->context = $context;
>>> + $this->context = $context;
>>> + $this->signingFetcher = $signingFetcher;
>>> + $this->oauthFetcher = $oauthFetcher;
>>> }
>>>
>>> /**
>>> @@ -51,11 +55,21 @@
>>> $token = '';
>>> // no token given, safe to ignore
>>> }
>>> - $originalUrl = $this->validateUrl($url);
>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>> + $url = $this->validateUrl($url);
>>> // Fetch the content and convert it into JSON.
>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>> - $result = $this->fetchContent($signedUrl, $method);
>>> + $result = $this->fetchContentDivert($url, $method, $signer);
>>> + if (!isset($result)) {
>>> + //OAuthFetcher only
>>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>>> + $json = array($url => $metadata);
>>> + $json = json_encode($json);
>>> + $output = UNPARSEABLE_CRUFT . $json;
>>> + $this->setCachingHeaders();
>>> + header("Content-Type: application/json; charset=utf-8", true);
>>> + echo $output;
>>> + die();
>>> + }
>>> $status = (int)$result->getHttpCode();
>>> //header("HTTP/1.1 $status", true);
>>> if ($status == 200) {
>>> @@ -174,10 +188,9 @@
>>> $token = '';
>>> // no token given, safe to ignore
>>> }
>>> - $originalUrl = $this->validateUrl($url);
>>> - $signedUrl = $this->signUrl($originalUrl, $token);
>>> + $url = $this->validateUrl($url);
>>> //TODO: Fetcher needs to handle variety of HTTP methods.
>>> - $result = $this->fetchContent($signedUrl, $method);
>>> + $result = $this->fetchContent($url, $method);
>>> // TODO: Fetcher needs to handle variety of HTTP methods.
>>> $status = (int)$result->getHttpCode();
>>> if ($status == 200) {
>>> @@ -208,11 +221,11 @@
>>> /**
>>> * Both fetch and fetchJson call this function to retrieve the
>>> actual content
>>> *
>>> - * @param string $signedUrl the signed url to fetch
>>> + * @param string $url the url to fetch
>>> * @param string $method either get or post
>>> * @return the filled in request (RemoteContentRequest)
>>> */
>>> - private function fetchContent($signedUrl, $method)
>>> + private function fetchContent($url, $method)
>>> {
>>> //TODO get actual character encoding from the request
>>>
>>> @@ -250,14 +263,41 @@
>>> }
>>> // even if postData is an empty string, it will still post (since
>>> RemoteContentRquest checks if its false)
>>> // so the request to POST is still honored
>>> - $request = new RemoteContentRequest($signedUrl, $headers,
>>> $postData);
>>> + $request = new RemoteContentRequest($url, $headers, $postData);
>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>> $context);
>>> } else {
>>> - $request = new RemoteContentRequest($signedUrl, $headers);
>>> + $request = new RemoteContentRequest($url, $headers);
>>> $request = $this->context->getHttpFetcher()->fetch($request,
>>> $context);
>>> }
>>> return $request;
>>> }
>>> +
>>> + private function fetchContentDivert($url, $method, $signer)
>>> + {
>>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>>> + $token = $this->extractAndValidateToken($signer);
>>> + switch (strtoupper($authz)) {
>>> + case 'SIGNED':
>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>> BasicRemoteContentFetcher(), $token);
>>> + return $fetcher->fetch($url, $method);
>>> + case 'AUTHENTICATED':
>>> + $params = new OAuthRequestParams();
>>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>>> BasicRemoteContentFetcher(), $token);
>>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>>> + $this->oauthFetcher = $oAuthFetcherFactory-
>>> >getOAuthFetcher($fetcher, $token, $params);
>>> + $request = new RemoteContentRequest($url);
>>> + $request->createRemoteContentRequestWithUri($url);
>>> + return $this->oauthFetcher->fetchRequest($request);
>>> + case 'NONE':
>>> + default:
>>> + return $this->fetchContent($url, $method);
>>> + }
>>> + }
>>> +
>>> + public function setContentFetcher($contentFetcherFactory)
>>> + {
>>> + $this->contentFetcherFactory = $contentFetcherFactory;
>>> + }
>>>
>>> /**
>>> * Sets the caching headers (overwriting anything the remote host
>>> set) to force
>>> @@ -282,6 +322,7 @@
>>> private function validateUrl($url)
>>> {
>>> //TODO should really make a PHP version of the URI class and
>>> validate in all the locations the java version does
>>> + // why not use Zend::Uri:
>>> return $url;
>>> }
>>>
>>> @@ -293,40 +334,17 @@
>>> * @return string the token to use in the signed url
>>> */
>>> private function extractAndValidateToken($signer)
>>> - {
>>> - if ($signer == null) {
>>> - return null;
>>> - }
>>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>>> - if ($token) {
>>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>>> - }
>>> + {
>>> + if ($signer == null) {
>>> + return null;
>>> + }
>>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>>> + if (!isset($token) || $token == '') {
>>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>>> + }
>>> return $signer->createToken($token);
>>> }
>>> -
>>> - /**
>>> - * Signs a url with the SecurityToken
>>> - *
>>> - * @param string $originalUrl
>>> - * @param SecurityToken $token
>>> - * @return unknown
>>> - */
>>> - private function signUrl($originalUrl, $token)
>>> - {
>>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>>> - if (! $authz) {
>>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>>> - }
>>> - if ($token == null || $authz != 'signed') {
>>> - return $originalUrl;
>>> - }
>>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>>> - if ($method) {
>>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>>> 'GET';
>>> - }
>>> - return $token->signUrl($originalUrl, $method);
>>> - }
>>> -
>>> +
>>> private function request_headers()
>>> {
>>> // Try to use apache's request headers if available
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>> (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>>> Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,42 @@
>>> +<?php
>>> +/*
>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>> + * or more contributor license agreements. See the NOTICE file
>>> + * distributed with this work for additional information
>>> + * regarding copyright ownership. The ASF licenses this file
>>> + * to you under the Apache License, Version 2.0 (the
>>> + * "License"); you may not use this file except in compliance
>>> + * with the License. You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> + * software distributed under the License is distributed on an
>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> + * KIND, either express or implied. See the License for the
>>> + * specific language governing permissions and limitations under
>>> the License.
>>> + *
>>> + */
>>> +require 'src/common/HttpServlet.php';
>>> +
>>> +/**
>>> + * This class serves the public certificate, quick and dirty hack
>>> to make the certificate publicly accessible
>>> + * this combined with the hard coded location in
>>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>>> + * for the oauth pub key location makes a working whole
>>> + */
>>> +class CertServlet extends HttpServlet {
>>> +
>>> + /**
>>> + * Handles the get file request, only called on url = /public.crt
>>> + * so this function has no logic other then to output the cert
>>> + */
>>> + public function doGet()
>>> + {
>>> + $file = Config::get('public_key_file');
>>> + if (!file_exists($file) || !is_readable($file)) {
>>> + throw new Exception("Invalid public key location ($file), check
>>> config and file permissions");
>>> + }
>>> + $this->setLastModified(filemtime($file));
>>> + readfile($file);
>>> + }
>>> +}
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>> FilesServlet.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>>> Wed May 21 09:58:52 2008
>>> @@ -25,7 +25,7 @@
>>> * the php version too
>>> */
>>> class FilesServlet extends HttpServlet {
>>> -
>>> +
>>> /**
>>> * Handles the get file request, if the file exists and is in the
>>> correct
>>> * location it's echo'd to the browser (with a basic content type
>>> guessing
>>> @@ -46,14 +46,14 @@
>>> die();
>>> }
>>> // if the file doesn't exist or can't be read, give a 404 error
>>> - if (!file_exists($file) || !is_readable($file) || !
>>> is_file($file)) {
>>> + if (! file_exists($file) || ! is_readable($file) || !
>>> is_file($file)) {
>>> header("HTTP/1.0 404 Not Found", true);
>>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>>> die();
>>> }
>>> $dot = strrpos($file, '.');
>>> if ($dot) {
>>> - $ext = strtolower(substr($file, $dot+1));
>>> + $ext = strtolower(substr($file, $dot + 1));
>>> if ($ext == 'html' || $ext == 'htm') {
>>> $this->setContentType('text/html');
>>> } elseif ($ext == 'js') {
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>> GadgetRenderingServlet.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>> GadgetRenderingServlet.php (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>>> @@ -52,7 +52,7 @@
>>> */
>>> class GadgetRenderingServlet extends HttpServlet {
>>> private $context;
>>> -
>>> +
>>> /**
>>> * Creates the gadget using the GadgetServer class and calls
>>> outputGadget
>>> *
>>> @@ -71,11 +71,11 @@
>>> $gadgetServer = new GadgetServer();
>>> $gadget = $gadgetServer->processGadget($this->context);
>>> $this->outputGadget($gadget, $this->context);
>>> - } catch ( Exception $e ) {
>>> + } catch (Exception $e) {
>>> $this->outputError($e);
>>> }
>>> }
>>> -
>>> +
>>> /**
>>> * If an error occured (Exception) this function echo's the
>>> Exception's message
>>> * and if the config['debug'] is true, shows the debug backtrace in
>>> a div
>>> @@ -95,7 +95,7 @@
>>> }
>>> echo "</body></html>";
>>> }
>>> -
>>> +
>>> /**
>>> * Takes the gadget to output, and depending on its content type
>>> calls either outputHtml-
>>> * or outputUrlGadget
>>> @@ -107,15 +107,15 @@
>>> {
>>> $view = HttpUtil::getView($gadget, $context);
>>> switch ($view->getType()) {
>>> - case 'HTML' :
>>> + case 'HTML':
>>> $this->outputHtmlGadget($gadget, $context, $view);
>>> break;
>>> - case 'URL' :
>>> + case 'URL':
>>> $this->outputUrlGadget($gadget, $context, $view);
>>> break;
>>> }
>>> }
>>> -
>>> +
>>> /**
>>> * Outputs a html content type gadget.
>>> * It creates a html page, with the javascripts from the features
>>> inline into the page, plus
>>> @@ -144,16 +144,13 @@
>>> }
>>> // Was a privacy policy header configured? if so set it
>>> if (Config::get('P3P') != '') {
>>> - header("P3P: ".Config::get('P3P'));
>>> + header("P3P: " . Config::get('P3P'));
>>> }
>>> - if (!$view->getQuirks()) {
>>> + if (! $view->getQuirks()) {
>>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>>> \">\n";
>>> }
>>> - echo "<html>\n<head>".
>>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>>> style>".
>>> - "</head><body>".
>>> - "<script><!--\n";
>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>>> "<script><!--\n";
>>> + foreach ($gadget->getJsLibraries() as $library) {
>>> $type = $library->getType();
>>> if ($type == 'URL') {
>>> // TODO: This case needs to be handled more gracefully by the js
>>> @@ -173,15 +170,12 @@
>>> // Forced libs first.
>>> if (! empty($forcedLibs)) {
>>> $libs = explode(':', $forcedLibs);
>>> - echo sprintf($externFmt, Config::get('default_js_prefix').$this-
>>> >getJsUrl($libs, $gadget)) . "\n";
>>> + echo sprintf($externFmt, Config::get('default_js_prefix') . $this-
>>> >getJsUrl($libs, $gadget)) . "\n";
>>> }
>>> if (strlen($externJs) > 0) {
>>> echo $externJs;
>>> }
>>> - echo "<script><!--\n".
>>> - $this->appendJsConfig($context, $gadget).
>>> - $this->appendMessages($gadget).
>>> - "-->\n</script>\n";
>>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>>
>>> $gadgetExceptions = array();
>>> $content = $gadget->getSubstitutions()->substitute($view-
>>> >getContent());
>>> @@ -192,11 +186,9 @@
>>> if (count($gadgetExceptions)) {
>>> throw new GadgetException(print_r($gadgetExceptions, true));
>>> }
>>> - echo $content . "\n".
>>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>>> - "</body>\n</html>";
>>> + echo $content . "\n" .
>>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>>> \n</html>";
>>> }
>>> -
>>> +
>>> /**
>>> * Output's a URL content type gadget, it adds
>>> libs=<list:of:js:libraries>.js and user preferences
>>> * to the href url, and redirects the browser to it
>>> @@ -215,7 +207,7 @@
>>> $forcedLibs = Config::get('focedJsLibs');
>>> if ($forcedLibs == null) {
>>> $reqs = $gadget->getRequires();
>>> - foreach ( $reqs as $key => $val ) {
>>> + foreach ($reqs as $key => $val) {
>>> $libs[] = $key;
>>> }
>>> } else {
>>> @@ -231,7 +223,7 @@
>>> header('Location: ' . $redirURI);
>>> die();
>>> }
>>> -
>>> +
>>> /**
>>> * Returns the requested libs (from getjsUrl) with the
>>> libs_param_name prepended
>>> * ie: in libs=core:caja:etc.js format
>>> @@ -248,7 +240,7 @@
>>> $ret .= $this->getJsUrl($libs, $gadget);
>>> return $ret;
>>> }
>>> -
>>> +
>>> /**
>>> * Returns the user preferences in &up_<name>=<val> format
>>> *
>>> @@ -259,7 +251,7 @@
>>> private function getPrefsQueryString($prefVals)
>>> {
>>> $ret = '';
>>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>>> + foreach ($prefVals->getPrefs() as $key => $val) {
>>> $ret .= '&';
>>> $ret .= Config::get('userpref_param_prefix');
>>> $ret .= urlencode($key);
>>> @@ -268,10 +260,10 @@
>>> }
>>> return $ret;
>>> }
>>> -
>>> +
>>> /**
>>> * generates the library string (core:caja:etc.js) including a
>>> checksum of all the
>>> - * javascript content (?v=<sha1 of js) for cache busting
>>> + * javascript content (?v=<md5 of js>) for cache busting
>>> *
>>> * @param string $libs
>>> * @param Gadget $gadget
>>> @@ -284,7 +276,7 @@
>>> $buf = 'core';
>>> } else {
>>> $firstDone = false;
>>> - foreach ( $libs as $lib ) {
>>> + foreach ($libs as $lib) {
>>> if ($firstDone) {
>>> $buf .= ':';
>>> } else {
>>> @@ -296,7 +288,7 @@
>>> // Build a version string from the sha1() checksum of all included
>>> javascript
>>> // to ensure the client always has the right version
>>> $inlineJs = '';
>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>> + foreach ($gadget->getJsLibraries() as $library) {
>>> $type = $library->getType();
>>> if ($type != 'URL') {
>>> $inlineJs .= $library->getContent() . "\n";
>>> @@ -305,14 +297,14 @@
>>> $buf .= ".js?v=" . md5($inlineJs);
>>> return $buf;
>>> }
>>> -
>>> +
>>> private function appendJsConfig($context, $gadget)
>>> {
>>> $container = $context->getContainer();
>>> $containerConfig = $context->getContainerConfig();
>>> $gadgetConfig = array();
>>> $featureConfig = $containerConfig->getConfig($container,
>>> 'gadgets.features');
>>> - foreach ( $gadget->getJsLibraries() as $library ) {
>>> + foreach ($gadget->getJsLibraries() as $library) {
>>> $feature = $library->getFeatureName();
>>> if (! isset($gadgetConfig[$feature]) && !
>>> empty($featureConfig[$feature])) {
>>> $gadgetConfig[$feature] = $featureConfig[$feature];
>>> @@ -320,7 +312,7 @@
>>> }
>>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");\n";
>>> }
>>> -
>>> +
>>> private function appendMessages($gadget)
>>> {
>>> $msgs = '';
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed
>>> May 21 09:58:52 2008
>>> @@ -30,7 +30,7 @@
>>> * to retrieve our features javascript code
>>> */
>>> class JsServlet extends HttpServlet {
>>> -
>>> +
>>> public function doGet()
>>> {
>>> $this->noHeaders = true;
>>>
>>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>>> ProxyServlet.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>> (original)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>>> Wed May 21 09:58:52 2008
>>> @@ -26,6 +26,8 @@
>>> require 'src/common/RemoteContent.php';
>>> require 'src/common/Cache.php';
>>> require 'src/common/RemoteContentFetcher.php';
>>> +require 'src/gadgets/oauth/OAuth.php';
>>> +require 'src/gadgets/oauth/OAuthStore.php';
>>>
>>> class ProxyServlet extends HttpServlet {
>>>
>>> @@ -39,6 +41,7 @@
>>> if (! $url) {
>>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>>> }
>>> + $url = urldecode($url);
>>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>>> if (! $method) {
>>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
>>> @@ -49,7 +52,8 @@
>>> }
>>> $gadgetSigner = Config::get('security_token_signer');
>>> $gadgetSigner = new $gadgetSigner();
>>> - $proxyHandler = new ProxyHandler($context);
>>> + $signingFetcherFactory = new
>>> SigningFetcherFactory(Config::get("private_key_file"));
>>> + $proxyHandler = new ProxyHandler($context, $signingFetcherFactory);
>>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>>> } else {
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>> SigningFetcher.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>> (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>>> Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,216 @@
>>> +<?php
>>> +/*
>>> + * Licensed under the Apache License, Version 2.0 (the "License");
>>> + * you may not use this file except in compliance with the License.
>>> + * You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> software
>>> + * distributed under the License is distributed on an "AS IS" BASIS,
>>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>>> implied.
>>> + * See the License for the specific language governing permissions
>>> and
>>> + * limitations under the License.
>>> + */
>>> +
>>> +/**
>>> + * Implements signed fetch based on the OAuth request signing
>>> algorithm.
>>> + *
>>> + * Subclasses can override signMessage to use their own crypto if
>>> they don't
>>> + * like the oauth.net code for some reason.
>>> + *
>>> + * Instances of this class are only accessed by a single thread at
>>> a time,
>>> + * but instances may be created by multiple threads.
>>> + */
>>> +class SigningFetcher extends RemoteContentFetcher {
>>> +
>>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>>> + protected static $XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
>>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>>> +
>>> + //protected final TimeSource clock = new TimeSource();
>>> +
>>> + /**
>>> + * Authentication token for the user and gadget making the request.
>>> + */
>>> + protected $authToken;
>>> +
>>> + /**
>>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can be a
>>> + * PrivateKey object, or a PEM formatted private key, or a DER
>>> encoded byte
>>> + * array for the private key.(No, really, they accept any of them.)
>>> + */
>>> + protected $privateKeyObject;
>>> +
>>> + /**
>>> + * The name of the key, included in the fetch to help with key
>>> rotation.
>>> + */
>>> + protected $keyName;
>>> +
>>> + /**
>>> + * Constructor based on signing with the given PrivateKey object.
>>> + *
>>> + * @param authToken verified gadget security token
>>> + * @param keyName name of the key to include in the request
>>> + * @param privateKey the key to use for the signing
>>> + */
>>> + public static function makeFromPrivateKey($next, $authToken,
>>> $keyName, $privateKey)
>>> + {
>>> + return new SigningFetcher($next, $authToken, $keyName,
>>> $privateKey);
>>> + }
>>> +
>>> + /**
>>> + * Constructor based on signing with the given PrivateKey object.
>>> + *
>>> + * @param authToken verified gadget security token
>>> + * @param keyName name of the key to include in the request
>>> + * @param privateKey base64 encoded private key
>>> + */
>>> + public static function makeFromB64PrivateKey($next, $authToken,
>>> $keyName, $privateKey)
>>> + {
>>> + return new SigningFetcher($next, $authToken, $keyName,
>>> $privateKey);
>>> + }
>>> +
>>> + /**
>>> + * Constructor based on signing with the given PrivateKey object.
>>> + *
>>> + * @param authToken verified gadget security token
>>> + * @param keyName name of the key to include in the request
>>> + * @param privateKey DER encoded private key
>>> + */
>>> + public static function makeFromPrivateKeyBytes($next, $authToken,
>>> $keyName, $privateKey)
>>> + {
>>> + return new SigningFetcher($next, $authToken, $keyName,
>>> $privateKey);
>>> + }
>>> +
>>> + protected function __construct($next, $authToken, $keyName,
>>> $privateKeyObject)
>>> + {
>>> + parent::setNextFetcher($next);
>>> + $this->authToken = $authToken;
>>> + $this->keyName = $keyName;
>>> + $this->privateKeyObject = $privateKeyObject;
>>> + }
>>> +
>>> + public function fetchRequest($request)
>>> + {
>>> + return $this->getNextFetcher()->fetchRequest($request);
>>> + }
>>> +
>>> + public function fetch($url, $method)
>>> + {
>>> + $signed = $this->signRequest($url, $method);
>>> + return $this->getNextFetcher()->fetchRequest($signed);
>>> + }
>>> +
>>> + private function signRequest($url, $method)
>>> + {
>>> + try {
>>> + // Parse the request into parameters for OAuth signing, stripping
>>> out
>>> + // any OAuth or OpenSocial parameters injected by the client
>>> + ///////////////////////////////////////////////
>>> + require 'src/common/Zend/Uri.php';
>>> + $uri = Zend_Uri::factory($url);
>>> + $resource = $uri->getUri();
>>> + $queryParams = $this->sanitize($_GET);
>>> + $postParams = $this->sanitize($_POST);
>>> + $msgParams = array();
>>> + $msgParams = array_merge($msgParams, $queryParams);
>>> + $msgParams = array_merge($msgParams, $postParams);
>>> +
>>> + // TODO: is this ok?
>>> + //$msgParams = array();
>>> + $this->addOpenSocialParams($msgParams);
>>> + $this->addOAuthParams($msgParams);
>>> +
>>> + // Build and sign the OAuthMessage; note that the resource here has
>>> + // no query string, the parameters are all in msgParams
>>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>>> +
>>> + ////////////////////////////////////////////////
>>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>>> + $consumer-
>>> >setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>>> >privateKeyObject);
>>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>>> +
>>> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL,
>>> $method, $resource, $msgParams);
>>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>>> +
>>> + // Rebuild the query string, including all of the parameters we
>>> added.
>>> + // We have to be careful not to copy POST parameters into the
>>> query.
>>> + // If post and query parameters share a name, they end up being
>>> removed
>>> + // from the query.
>>> + $forPost = array();
>>> + foreach ($postParams as $key => $param) {
>>> + $forPost[$key] = $param;
>>> + }
>>> + $newQuery = array();
>>> + foreach ($req_req->get_parameters() as $key => $param) {
>>> + if (! isset($forPost[$key])) {
>>> + $newQuery[$key] = $param;
>>> + }
>>> + }
>>> +
>>> + // Careful here; the OAuth form encoding scheme is slightly
>>> different than
>>> + // the normal form encoding scheme, so we have to use the OAuth
>>> library
>>> + // formEncode method.
>>> + $uri->setQuery($newQuery);
>>> + return new RemoteContentRequest($uri->getUri());
>>> + } catch (Exception $e) {
>>> + throw new GadgetException($e);
>>> + }
>>> + }
>>> +
>>> + private function addOpenSocialParams(&$msgParams)
>>> + {
>>> + $owner = $this->authToken->getOwnerId();
>>> + if ($owner != null) {
>>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>>> + }
>>> + $viewer = $this->authToken->getViewerId();
>>> + if ($viewer != null) {
>>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>>> + }
>>> + $app = $this->authToken->getAppId();
>>> + if ($app != null) {
>>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>>> + }
>>> + }
>>> +
>>> + private function addOAuthParams(&$msgParams)
>>> + {
>>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>>> + $domain = $this->authToken->getDomain();
>>> + if ($domain != null) {
>>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] = 'partuza.chabotc.com'; //
>>> $domain;
>>> + }
>>> + if ($this->keyName != null) {
>>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
>>> + }
>>> + $nonce = OAuthRequest::generate_nonce();
>>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>>> + $timestamp = time();
>>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>>> + }
>>> +
>>> + /**
>>> + * Strip out any owner or viewer id passed by the client.
>>> + */
>>> + private function sanitize($params)
>>> + {
>>> + $list = array();
>>> + foreach ($params as $key => $p) {
>>> + if ($this->allowParam($key)) {
>>> + $list[$key] = $p;
>>> + }
>>> + }
>>> + return $list;
>>> + }
>>> +
>>> + private function allowParam($paramName)
>>> + {
>>> + $canonParamName = strtolower($paramName);
>>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>>> substr($canonParamName, 0, 6) == "xoauth" ||
>>> substr($canonParamName, 0, 9) == "opensocial")) &&
>>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>>> + }
>>> +}
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>>> SigningFetcherFactory.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/http/
>>> SigningFetcherFactory.php (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,86 @@
>>> +<?php
>>> +/*
>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>> + * or more contributor license agreements. See the NOTICE file
>>> + * distributed with this work for additional information
>>> + * regarding copyright ownership. The ASF licenses this file
>>> + * to you under the Apache License, Version 2.0 (the
>>> + * "License"); you may not use this file except in compliance
>>> + * with the License. You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> + * software distributed under the License is distributed on an
>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> + * KIND, either express or implied. See the License for the
>>> + * specific language governing permissions and limitations
>>> + * under the License.
>>> + */
>>> +
>>> +/**
>>> + * Produces Signing content fetchers for input tokens.
>>> + */
>>> +class SigningFetcherFactory {
>>> + private $keyName;
>>> + private $privateKey;
>>> +
>>> + /**
>>> + * Produces a signing fetcher that will sign requests and delegate
>>> actual
>>> + * network retrieval to the {@code networkFetcher}
>>> + *
>>> + * @param networkFetcher The fetcher that will be doing actual work.
>>> + * @param token The gadget token used for extracting signing
>>> parameters.
>>> + * @return The signing fetcher.
>>> + * @throws GadgetException
>>> + */
>>> + public function getSigningFetcher($networkFetcher, $token)
>>> + {
>>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>>> $token, $this->keyName, $this->privateKey);
>>> + }
>>> +
>>> + /**
>>> + * @param keyFile The file containing your private key for signing
>>> requests.
>>> + */
>>> + public function __construct($keyFile = null)
>>> + {
>>> + $this->keyName = 'http://'.
>>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>>> + if (! empty($keyFile)) {
>>> + $privateKey = null;
>>> + try {
>>> + // check if the converted from PKCS8 key is in cache, if not,
>>> convert it
>>> + $cache = Config::get('data_cache');
>>> + $cache = new $cache();
>>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this-
>>> >keyName)) !== false) {
>>> + $rsa_private_key = $cachedKey;
>>> + } else {
>>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>>> + throw new Exception("Could not read keyfile ($keyFile), check the
>>> file name and permission");
>>> + }
>>> + // TODO: sending NULL as a second param to
>>> openssl_pkey_get_private works?
>>> + $phrase = Config::get('private_key_phrase') != '' ?
>>> (Config::get('private_key_phrase')) : null;
>>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>>> $phrase)) == false) {
>>> + //TODO: double check if can input keyfile -inform PEM
>>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>> + throw new Exception("Could not create temporary file");
>>> + }
>>> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
>>> + throw new Exception("Could not write to temporary file");
>>> + }
>>> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>>> + throw new Exception("Could not create temporary file");
>>> + }
>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>> nocrypt -in " . $in);
>>> + if (! $rsa_private_key = @file_get_contents($out)) {
>>> + throw new Exception("Could not read temporary file");
>>> + }
>>> + }
>>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>>> $rsa_private_key);
>>> + }
>>> + } catch (Exception $e) {
>>> + throw new Exception("Error loading private key: " . $e);
>>> + }
>>> + $this->privateKey = $rsa_private_key;
>>> + }
>>> + }
>>> +}
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicGadgetOAuthTokenStore.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicGadgetOAuthTokenStore.php (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,112 @@
>>> +<?php
>>> +/*
>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>> + * or more contributor license agreements. See the NOTICE file
>>> + * distributed with this work for additional information
>>> + * regarding copyright ownership. The ASF licenses this file
>>> + * to you under the Apache License, Version 2.0 (the
>>> + * "License"); you may not use this file except in compliance
>>> + * with the License. You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> + * software distributed under the License is distributed on an
>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> + * KIND, either express or implied. See the License for the
>>> + * specific language governing permissions and limitations
>>> + * under the License.
>>> + */
>>> +
>>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>>> +
>>> + /** default location for consumer keys and secrets */
>>> + private $OAUTH_CONFIG = "../config/oauth.json";
>>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>>> + private $CONSUMER_KEY_KEY = "consumer_key";
>>> + private $KEY_TYPE_KEY = "key_type";
>>> +
>>> + public function __construct($store)
>>> + {
>>> + parent::__construct($store);
>>> + }
>>> +
>>> + public function initFromConfigFile($fetcher)
>>> + {
>>> + // Read our consumer keys and secrets from config/oauth.js
>>> + // This actually involves fetching gadget specs
>>> + try {
>>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>>> +
>>> + // remove all comments because this confuses the json parser
>>> + // note: the json parser also crashes on trailing ,'s in records
>>> so please don't use them
>>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>>> $oauthConfigStr);
>>> + $oauthConfig = json_decode($contents, true);
>>> + foreach ($oauthConfig as $gadgetUri => $value) {
>>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>>> + $this->storeConsumerInfos($gadgetUri, $value);
>>> + }
>>> + } catch (Exception $e) {
>>> + throw new GadgetException($e);
>>> + }
>>> + }
>>> +
>>> + private function storeProviderInfos($fetcher, $gadgetUri)
>>> + {
>>> + $cache = Config::get('data_cache');
>>> + $cache = new $cache();
>>> +
>>> + // determine which requests we can load from cache, and which we
>>> have to actually fetch
>>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>>> + $gadget = $cachedRequest;
>>> + } else {
>>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>>> + $remoteContentRequest->getRequest($gadgetUri, false);
>>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>>> + $context = new ProxyGadgetContext($gadgetUri);
>>> + $spec = new GadgetSpecParser();
>>> + $gadget = $spec->parse($response->getResponseContent(), $context);
>>> + $cache->set(md5($gadgetUri), $gadget);
>>> + }
>>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>>> + }
>>> +
>>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>>> + {
>>> + foreach ($oauthConfig as $key => $value) {
>>> + $serviceName = $key;
>>> + $consumerInfo = $value;
>>> + $this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
>>> + }
>>> + }
>>> +
>>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>>> $consumerInfo)
>>> + {
>>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>>> + $keyType = 'HMAC_SYMMETRIC';
>>> +
>>> + if ($keyTypeStr == "RSA_PRIVATE") {
>>> + $keyType = 'RSA_PRIVATE';
>>> + // check if the converted from PKCS8 key is in cache, if not,
>>> convert it
>>> + $cache = Config::get('data_cache');
>>> + $cache = new $cache();
>>> +
>>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>>> $serviceName))) !== false) {
>>> + $consumerSecret = $cachedRequest;
>>> + } else {
>>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>>> >CONSUMER_SECRET_KEY]));
>>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>>> nocrypt -in " . $in);
>>> + $consumerSecret = file_get_contents($out);
>>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>>> + }
>>> + }
>>> +
>>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>>> $keyType);
>>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
>>> + }
>>> +
>>> +}
>>>
>>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicOAuthStore.php
>>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =
>>> =====================================================================
>>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicOAuthStore.php (added)
>>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>>> @@ -0,0 +1,149 @@
>>> +<?php
>>> +/*
>>> + * Licensed to the Apache Software Foundation (ASF) under one
>>> + * or more contributor license agreements. See the NOTICE file
>>> + * distributed with this work for additional information
>>> + * regarding copyright ownership. The ASF licenses this file
>>> + * to you under the Apache License, Version 2.0 (the
>>> + * "License"); you may not use this file except in compliance
>>> + * with the License. You may obtain a copy of the License at
>>> + *
>>> + * http://www.apache.org/licenses/LICENSE-2.0
>>> + *
>>> + * Unless required by applicable law or agreed to in writing,
>>> + * software distributed under the License is distributed on an
>>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>>> + * KIND, either express or implied. See the License for the
>>> + * specific language governing permissions and limitations under
>>> the License.
>>> + */
>>> +
>>> +class OAuthNoDataException extends Exception {}
>>> +
>>> +class BasicOAuthStore implements OAuthStore {
>>> +
>>> + private $providers = array();
>>> + private $tokens = array();
>>> +
>>> + private $defaultConsumerKey;
>>> + private $defaultConsumerSecret;
>>> +
>>> + public function __construct($consumerKey = null, $privateKey =
>>> null)
>>> + {
>>> + $this->defaultConsumerKey = $consumerKey;
>>> + $this->defaultConsumerSecret = $privateKey;
>>> + }
>>> +
>>> + public function setHashMapsForTesting($providers, $tokens)
>>> + {
>>> + $this->providers = $providers;
>>> + $this->tokens = $tokens;
>>> + }
>>> +
>>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>>> + {
>>> + $provKey = new ProviderKey();
>>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>>> + $provKey->setServiceName($tokenKey->getServiceName());
>>> + //AccesorInfo
>>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>>> + //TokenInfo
>>> + $accessToken = $this->getTokenInfo($tokenKey);
>>> + if ($accessToken != null) {
>>> + // maybe convert into methods
>>> + $result->getAccessor()->accessToken = $accessToken-
>>> >getAccessToken();
>>> + $result->getAccessor()->tokenSecret = $accessToken-
>>> >getTokenSecret();
>>> + }
>>> + return $result;
>>> + }
>>> +
>>> + private function getOAuthAccessorProviderKey(ProviderKey
>>> $providerKey)
>>> + {
>>> + //ProviderInfo
>>> + $provInfo = $this->getProviderInfo($providerKey);
>>> +
>>> + if ($provInfo == null) {
>>> + throw new OAuthNoDataException("provider info was null in oauth
>>> store");
>>> + }
>>> + //AccesorInfo
>>> + $result = new AccesorInfo();
>>> + $result->setHttpMethod($provInfo->getHttpMethod());
>>> + $result->setParamLocation($provInfo->getParamLocation());
>>> +
>>> + //ConsumerKeyAndSecret
>>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>>> +
>>> + if ($consumerKeyAndSecret == null) {
>>> + if ($this->defaultConsumerKey == null || $this-
>>> >defaultConsumerSecret == null) {
>>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in
>>> oauth store");
>>> + } else {
>>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>>> >defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::
>>> $KeyType['RSA_PRIVATE']);
>>> + }
>>> + }
>>> +
>>> + //OAuthServiceProvider
>>> + $oauthProvider = $provInfo->getProvider();
>>> +
>>> + if (! isset($oauthProvider)) {
>>> + throw new OAuthNoDataException("OAuthService provider was null in
>>> oauth store");
>>> + }
>>> +
>>> + // Accesing the class
>>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>>> +
>>> + //OAuthConsumer
>>> + $consumer = ($usePublicKeyCrypto) ? new
>>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>>> >getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>>> $oauthProvider);
>>> +
>>> + if ($usePublicKeyCrypto) {
>>> + $consumer-
>>> >setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>>> $consumerKeyAndSecret->getConsumerSecret());
>>> + $result->setSignatureType(OAuthStoreVars::
>>> $SignatureType['RSA_SHA1']);
>>> + } else {
>>> + $result->setSignatureType(OAuthStoreVars::
>>> $SignatureType['HMAC_SHA1']);
>>> + }
>>> +
>>> + $result->setAccessor(new OAuthAccessor($consumer));
>>> + return $result;
>>> + }
>>> +
>>> + public function getOAuthServiceProviderInfo($providerKey)
>>> + {
>>> + $provInfo = $this->providers->get($providerKey);
>>> +
>>> + if ($provInfo == null) {
>>> + throw new OAuthNoDataException("provider info was null in oauth
>>> store");
>>> + }
>>> +
>>> + return $provInfo;
>>> + }
>>> +
>>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>>> $keyAndSecret)
>>> + {
>>> + //ProviderInfo
>>> + $value = $this->getProviderInfo($providerKey);
>>> + if ($value == null) {
>>> + throw new OAuthNoDataException("could not find provider data for
>>> token");
>>> + }
>>> + $value->setKeyAndSecret($keyAndSecret);
>>> + }
>>> +
>>> + public function setOAuthServiceProviderInfo($providerKey,
>>> $providerInfo)
>>> + {
>>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>>> + }
>>> +
>>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>>> + {
>>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>>> + }
>>> +
>>> + private function getProviderInfo($providerKey)
>>> + {
>>> + $key = md5(serialize($providerKey));
>>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>>> null;
>>> + }
>>> +
>>> + private function getTokenInfo($tokenKey)
>>> + {
>>> + $key = md5(serialize($tokenKey));
>>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>>> + }
>>> +}
>>> \ No newline at end of file
>>>
>>>
>>>
>>> --
>>> This message has been scanned for viruses and
>>> dangerous content by MailScanner, and is
>>> believed to be clean.
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Should be working again
On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
> Hi Chris,
>
> The shindig is not working after the new code changes. I also
> checked on http://shindig.chabotc.com and none of the samples
> neither the gadget is working. Is any work still missing on this?
>
> Regards
>
> Lini Haridas
> Software Engineer
>
> lini.haridas@clariontechnologies.co.in
> Clarion Technologies
> SEI CMMI Level 3 Company
>
> 4th Floor, Great Eastern Plaza,
> Airport Road,
> Pune- 411 006,
> Maharashtra, India.
> Phone: +91 20 66020289
> Mobile: +91 9823435917
> www.clariontechnologies.co.in
>
> ----- Original Message -----
> From: <ch...@apache.org>
> To: <sh...@incubator.apache.org>
> Sent: Wednesday, May 21, 2008 10:28 PM
> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>
>
>> Author: chabotc
>> Date: Wed May 21 09:58:52 2008
>> New Revision: 658758
>>
>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>> Log:
>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>> great work on this. This patch implements OAuth and signed request
>> support
>>
>> Added:
>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>> incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> GadgetOAuthTokenStore.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> OAuthFetcherFactory.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> OAuthRequestParams.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> OAuthServiceProvider.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>> Modified:
>> incubator/shindig/trunk/php/config.php
>> incubator/shindig/trunk/php/index.php
>> incubator/shindig/trunk/php/src/common/JsMin.php
>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>> BasicBlobCrypter.php
>> incubator/shindig/trunk/php/src/socialdata/http/
>> GadgetDataServlet.php
>>
>> Modified: incubator/shindig/trunk/php/config.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/config.php (original)
>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
>> @@ -1,4 +1,4 @@
>> -<?
>> +<?php
>> /*
>> * Licensed to the Apache Software Foundation (ASF) under one
>> * or more contributor license agreements. See the NOTICE file
>> @@ -45,7 +45,7 @@
>> // Configurable CSS rules that are injected to the gadget page,
>> // be careful when adjusting these not to break most gadget's
>> layouts :)
>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;}
>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>> color:white;}',
>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>
>> // The html / javascript samples use a plain text demo token,
>> // set this to false on anything resembling a real site
>> @@ -96,6 +96,13 @@
>> // global cache age policy and location
>> 'cache_time' => 24 * 60 * 60,
>> 'cache_root' => '/tmp/shindig',
>> +
>> + // OAuth private key Path
>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>> private.key',
>> + // file path to public RSA cert
>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>> public.crt',
>> + // Phrase to decrypt private key. Leave empty if unencrypted
>> + 'private_key_phrase' => 'partuza',
>>
>> // In some cases we need to know the site root (for features
>> forinstance)
>> 'base_path' => realpath(dirname(__FILE__))
>>
>> Modified: incubator/shindig/trunk/php/index.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/index.php (original)
>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
>> @@ -1,4 +1,4 @@
>> -<?
>> +<?php
>> /*
>> * Licensed to the Apache Software Foundation (ASF) under one
>> * or more contributor license agreements. See the NOTICE file
>> @@ -48,7 +48,7 @@
>> // To load these, we scan our entire directory structure
>> function __autoload($className)
>> {
>> - $locations = array('src/common', 'src/common/samplecontainer',
>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>> samplecontainer');
>> + $locations = array('src/common', 'src/common/samplecontainer',
>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>> samplecontainer', 'src/gadgets/oauth');
>> // Check for the presense of this class in our all our directories.
>> $fileName = $className.'.php';
>> foreach ($locations as $path) {
>> @@ -65,7 +65,8 @@
>> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
>> Config::get('web_prefix') . '/gadgets/ifr' =>
>> 'GadgetRenderingServlet',
>> Config::get('web_prefix') . '/gadgets/metadata' => 'JsonRpcServlet',
>> - Config::get('web_prefix') . '/social/data' =>
>> 'GadgetDataServlet'
>> + Config::get('web_prefix') . '/social/data' =>
>> 'GadgetDataServlet',
>> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
>> );
>>
>> // Try to match the request url to our servlet mapping
>>
>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>> 09:58:52 2008
>> @@ -1,4 +1,5 @@
>> <?php
>> +
>> /**
>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>> *
>> @@ -48,243 +49,248 @@
>> class JsMinException extends Exception {}
>>
>> class JsMin {
>> - const ORD_LF = 10;
>> - const ORD_SPACE = 32;
>> -
>> - protected $a = '';
>> - protected $b = '';
>> - protected $input = '';
>> - protected $inputIndex = 0;
>> - protected $inputLength = 0;
>> - protected $lookAhead = null;
>> - protected $output = '';
>> -
>> - // -- Public Static Methods
>> --------------------------------------------------
>> -
>> - public static function minify($js) {
>> - $jsmin = new JsMin($js);
>> - return $jsmin->min();
>> - }
>> -
>> - // -- Public Instance Methods
>> ------------------------------------------------
>> -
>> - public function __construct($input) {
>> - $this->input = str_replace("\r\n", "\n", $input);
>> - $this->inputLength = strlen($this->input);
>> - }
>> -
>> - // -- Protected Instance Methods
>> ---------------------------------------------
>> -
>> - protected function action($d) {
>> - switch($d) {
>> - case 1:
>> - $this->output .= $this->a;
>> -
>> - case 2:
>> - $this->a = $this->b;
>> -
>> - if ($this->a === "'" || $this->a === '"') {
>> - for (;;) {
>> - $this->output .= $this->a;
>> - $this->a = $this->get();
>> -
>> - if ($this->a === $this->b) {
>> - break;
>> - }
>> -
>> - if (ord($this->a) <= self::ORD_LF) {
>> - throw new JsMinException('Unterminated string
>> literal.');
>> - }
>> -
>> - if ($this->a === '\\') {
>> - $this->output .= $this->a;
>> - $this->a = $this->get();
>> - }
>> - }
>> - }
>> -
>> - case 3:
>> - $this->b = $this->next();
>> -
>> - if ($this->b === '/' && (
>> - $this->a === '(' || $this->a === ',' || $this->a ===
>> '=' ||
>> - $this->a === ':' || $this->a === '[' || $this->a ===
>> '!' ||
>> - $this->a === '&' || $this->a === '|' || $this->a ===
>> '?')) {
>> -
>> - $this->output .= $this->a . $this->b;
>> -
>> - for (;;) {
>> - $this->a = $this->get();
>> -
>> - if ($this->a === '/') {
>> - break;
>> - } elseif ($this->a === '\\') {
>> - $this->output .= $this->a;
>> - $this->a = $this->get();
>> - } elseif (ord($this->a) <= self::ORD_LF) {
>> - throw new JsMinException('Unterminated regular
>> expression '.
>> - 'literal.');
>> - }
>> -
>> - $this->output .= $this->a;
>> - }
>> -
>> - $this->b = $this->next();
>> - }
>> - }
>> - }
>> -
>> - protected function get() {
>> - $c = $this->lookAhead;
>> - $this->lookAhead = null;
>> -
>> - if ($c === null) {
>> - if ($this->inputIndex < $this->inputLength) {
>> - $c = $this->input[$this->inputIndex];
>> - $this->inputIndex += 1;
>> - } else {
>> - $c = null;
>> - }
>> - }
>> -
>> - if ($c === "\r") {
>> - return "\n";
>> - }
>> -
>> - if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>> - return $c;
>> - }
>> -
>> - return ' ';
>> - }
>> -
>> - protected function isAlphaNum($c) {
>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>> $/', $c) === 1;
>> - }
>> -
>> - protected function min() {
>> - $this->a = "\n";
>> - $this->action(3);
>> -
>> - while ($this->a !== null) {
>> - switch ($this->a) {
>> - case ' ':
>> - if ($this->isAlphaNum($this->b)) {
>> - $this->action(1);
>> - } else {
>> - $this->action(2);
>> - }
>> - break;
>> -
>> - case "\n":
>> - switch ($this->b) {
>> - case '{':
>> - case '[':
>> - case '(':
>> - case '+':
>> - case '-':
>> - $this->action(1);
>> - break;
>> -
>> - case ' ':
>> - $this->action(3);
>> - break;
>> -
>> - default:
>> - if ($this->isAlphaNum($this->b)) {
>> - $this->action(1);
>> - }
>> - else {
>> - $this->action(2);
>> - }
>> - }
>> - break;
>> -
>> - default:
>> - switch ($this->b) {
>> - case ' ':
>> - if ($this->isAlphaNum($this->a)) {
>> - $this->action(1);
>> - break;
>> - }
>> -
>> - $this->action(3);
>> - break;
>> -
>> - case "\n":
>> - switch ($this->a) {
>> - case '}':
>> - case ']':
>> - case ')':
>> - case '+':
>> - case '-':
>> - case '"':
>> - case "'":
>> - $this->action(1);
>> - break;
>> -
>> - default:
>> - if ($this->isAlphaNum($this->a)) {
>> - $this->action(1);
>> - }
>> - else {
>> - $this->action(3);
>> - }
>> - }
>> - break;
>> -
>> - default:
>> - $this->action(1);
>> - break;
>> - }
>> - }
>> - }
>> -
>> - return $this->output;
>> - }
>> -
>> - protected function next() {
>> - $c = $this->get();
>> -
>> - if ($c === '/') {
>> - switch($this->peek()) {
>> - case '/':
>> - for (;;) {
>> - $c = $this->get();
>> -
>> - if (ord($c) <= self::ORD_LF) {
>> - return $c;
>> - }
>> - }
>> -
>> - case '*':
>> - $this->get();
>> -
>> - for (;;) {
>> - switch($this->get()) {
>> - case '*':
>> - if ($this->peek() === '/') {
>> - $this->get();
>> - return ' ';
>> - }
>> - break;
>> -
>> - case null:
>> - throw new JsMinException('Unterminated comment.');
>> - }
>> - }
>> -
>> - default:
>> - return $c;
>> - }
>> - }
>> -
>> - return $c;
>> - }
>> -
>> - protected function peek() {
>> - $this->lookAhead = $this->get();
>> - return $this->lookAhead;
>> - }
>> + const ORD_LF = 10;
>> + const ORD_SPACE = 32;
>> +
>> + protected $a = '';
>> + protected $b = '';
>> + protected $input = '';
>> + protected $inputIndex = 0;
>> + protected $inputLength = 0;
>> + protected $lookAhead = null;
>> + protected $output = '';
>> +
>> + // -- Public Static Methods
>> --------------------------------------------------
>> +
>> +
>> + public static function minify($js)
>> + {
>> + $jsmin = new JsMin($js);
>> + return $jsmin->min();
>> + }
>> +
>> + // -- Public Instance Methods
>> ------------------------------------------------
>> +
>> +
>> + public function __construct($input)
>> + {
>> + $this->input = str_replace("\r\n", "\n", $input);
>> + $this->inputLength = strlen($this->input);
>> + }
>> +
>> + // -- Protected Instance Methods
>> ---------------------------------------------
>> +
>> +
>> + protected function action($d)
>> + {
>> + switch ($d) {
>> + case 1:
>> + $this->output .= $this->a;
>> +
>> + case 2:
>> + $this->a = $this->b;
>> +
>> + if ($this->a === "'" || $this->a === '"') {
>> + for (; ; ) {
>> + $this->output .= $this->a;
>> + $this->a = $this->get();
>> +
>> + if ($this->a === $this->b) {
>> + break;
>> + }
>> +
>> + if (ord($this->a) <= self::ORD_LF) {
>> + throw new JsMinException('Unterminated string literal.');
>> + }
>> +
>> + if ($this->a === '\\') {
>> + $this->output .= $this->a;
>> + $this->a = $this->get();
>> + }
>> + }
>> + }
>> +
>> + case 3:
>> + $this->b = $this->next();
>> +
>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' ||
>> $this->a === '=' || $this->a === ':' || $this->a === '[' || $this-
>> >a === '!' || $this->a === '&' || $this->a === '|' || $this->a ===
>> '?')) {
>> +
>> + $this->output .= $this->a . $this->b;
>> +
>> + for (; ; ) {
>> + $this->a = $this->get();
>> +
>> + if ($this->a === '/') {
>> + break;
>> + } elseif ($this->a === '\\') {
>> + $this->output .= $this->a;
>> + $this->a = $this->get();
>> + } elseif (ord($this->a) <= self::ORD_LF) {
>> + throw new JsMinException('Unterminated regular expression ' .
>> 'literal.');
>> + }
>> +
>> + $this->output .= $this->a;
>> + }
>> +
>> + $this->b = $this->next();
>> + }
>> + }
>> + }
>> +
>> + protected function get()
>> + {
>> + $c = $this->lookAhead;
>> + $this->lookAhead = null;
>> +
>> + if ($c === null) {
>> + if ($this->inputIndex < $this->inputLength) {
>> + $c = $this->input[$this->inputIndex];
>> + $this->inputIndex += 1;
>> + } else {
>> + $c = null;
>> + }
>> + }
>> +
>> + if ($c === "\r") {
>> + return "\n";
>> + }
>> +
>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>> + return $c;
>> + }
>> +
>> + return ' ';
>> + }
>> +
>> + protected function isAlphaNum($c)
>> + {
>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>> $c) === 1;
>> + }
>> +
>> + protected function min()
>> + {
>> + $this->a = "\n";
>> + $this->action(3);
>> +
>> + while ($this->a !== null) {
>> + switch ($this->a) {
>> + case ' ':
>> + if ($this->isAlphaNum($this->b)) {
>> + $this->action(1);
>> + } else {
>> + $this->action(2);
>> + }
>> + break;
>> +
>> + case "\n":
>> + switch ($this->b) {
>> + case '{':
>> + case '[':
>> + case '(':
>> + case '+':
>> + case '-':
>> + $this->action(1);
>> + break;
>> +
>> + case ' ':
>> + $this->action(3);
>> + break;
>> +
>> + default:
>> + if ($this->isAlphaNum($this->b)) {
>> + $this->action(1);
>> + } else {
>> + $this->action(2);
>> + }
>> + }
>> + break;
>> +
>> + default:
>> + switch ($this->b) {
>> + case ' ':
>> + if ($this->isAlphaNum($this->a)) {
>> + $this->action(1);
>> + break;
>> + }
>> +
>> + $this->action(3);
>> + break;
>> +
>> + case "\n":
>> + switch ($this->a) {
>> + case '}':
>> + case ']':
>> + case ')':
>> + case '+':
>> + case '-':
>> + case '"':
>> + case "'":
>> + $this->action(1);
>> + break;
>> +
>> + default:
>> + if ($this->isAlphaNum($this->a)) {
>> + $this->action(1);
>> + } else {
>> + $this->action(3);
>> + }
>> + }
>> + break;
>> +
>> + default:
>> + $this->action(1);
>> + break;
>> + }
>> + }
>> + }
>> +
>> + return $this->output;
>> + }
>> +
>> + protected function next()
>> + {
>> + $c = $this->get();
>> +
>> + if ($c === '/') {
>> + switch ($this->peek()) {
>> + case '/':
>> + for (; ; ) {
>> + $c = $this->get();
>> +
>> + if (ord($c) <= self::ORD_LF) {
>> + return $c;
>> + }
>> + }
>> +
>> + case '*':
>> + $this->get();
>> +
>> + for (; ; ) {
>> + switch ($this->get()) {
>> + case '*':
>> + if ($this->peek() === '/') {
>> + $this->get();
>> + return ' ';
>> + }
>> + break;
>> +
>> + case null:
>> + throw new JsMinException('Unterminated comment.');
>> + }
>> + }
>> +
>> + default:
>> + return $c;
>> + }
>> + }
>> +
>> + return $c;
>> + }
>> +
>> + protected function peek()
>> + {
>> + $this->lookAhead = $this->get();
>> + return $this->lookAhead;
>> + }
>> }
>>
>>
>> Modified: incubator/shindig/trunk/php/src/common/
>> RemoteContentFetcher.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>> Wed May 21 09:58:52 2008
>> @@ -19,6 +19,18 @@
>> */
>>
>> abstract class RemoteContentFetcher {
>> +
>> + protected $fetcher;
>> +
>> + protected function setNextFetcher($fetcher = null)
>> + {
>> + $this->fetcher = $fetcher;
>> + }
>>
>> abstract public function fetchRequest($request);
>> +
>> + public function getNextFetcher()
>> + {
>> + return $this->fetcher;
>> + }
>> }
>> \ No newline at end of file
>>
>> Modified: incubator/shindig/trunk/php/src/common/
>> RemoteContentRequest.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>> Wed May 21 09:58:52 2008
>> @@ -15,13 +15,14 @@
>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> * KIND, either express or implied. See the License for the
>> * specific language governing permissions and limitations under the
>> License.
>> - *
>> + *
>> */
>>
>> class RemoteContentRequest {
>> // these are used for making the request
>> - private $url = '';
>> - private $headers = false;
>> + private $uri = '';
>> + private $method = '';
>> + private $headers = array();
>> private $postBody = false;
>> // these fields are filled in once the request has completed
>> private $responseContent = false;
>> @@ -29,20 +30,179 @@
>> private $responseHeaders = false;
>> private $httpCode = false;
>> private $contentType = null;
>> + private $options;
>> public $handle = false;
>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>> urlencoded; charset=utf-8";
>> + public static $DEFAULT_OPTIONS = array();
>>
>> - public function __construct($url, $headers = false, $postBody =
>> false)
>> + public function __construct($uri, $headers = false, $postBody =
>> false)
>> {
>> - $this->url = $url;
>> + $this->uri = $uri;
>> $this->headers = $headers;
>> $this->postBody = $postBody;
>> }
>>
>> + public function createRemoteContentRequest($method, $uri,
>> $headers, $postBody, $options)
>> + {
>> + $this->method = $method;
>> + $this->uri = $uri;
>> + $this->options = $options;
>> + // Copy the headers
>> + if (! isset($headers)) {
>> + $this->headers = '';
>> + } else {
>> + $setPragmaHeader = false;
>> + $tmpHeaders = '';
>> + foreach ($headers as $key => $value) {
>> + // Proxies should be bypassed with the Pragma: no-cache check.
>> + //TODO double check array is good for options
>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>> + $value = "no-cache";
>> + $setPragmaHeader = true;
>> + }
>> + $tmpHeaders .= $key . ":" . $value . "\n";
>> + }
>> + // Bypass caching in proxies as well.
>> + //TODO double check array is good for options
>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>> + $tmpHeaders .= "Pragma:no-cache\n";
>> + }
>> + $this->headers = $tmpHeaders;
>> + }
>> + if (! isset($postBody)) {
>> + $this->postBody = '';
>> + } else {
>> + $this->postBody = array_merge($postBody, $this->postBody);
>> + }
>> + $type = $this->getHeader("Content-Type");
>> + if (! isset($type)) {
>> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
>> + } else {
>> + $this->contentType = $type;
>> + }
>> + }
>> +
>> + /**
>> + * Creates a new request to a different URL using all request data
>> from
>> + * an existing request.
>> + *
>> + * @param uri
>> + * @param base The base request to copy data from.
>> + */
>> + public static function
>> createRemoteContentRequestWithUriBase($uri, $base)
>> + {
>> + $this->uri = $uri;
>> + $this->method = $base->method;
>> + $this->options = $base->options;
>> + $this->headers = $base->headers;
>> + $this->contentType = $base->contentType;
>> + $this->postBody = $base->postBody;
>> + }
>> +
>> + /**
>> + * Basic GET request.
>> + *
>> + * @param uri
>> + */
>> + public function createRemoteContentRequestWithUri($uri)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>> RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * GET with options
>> + *
>> + * @param uri
>> + * @param options
>> + */
>> + public function createRemoteContentRequestWithUriOptions($uri,
>> $options)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>> $options);
>> + }
>> +
>> + /**
>> + * GET request with custom headers and default options
>> + * @param uri
>> + * @param headers
>> + */
>> + public function RemoteContentRequestWithUriHeaders($uri, $headers)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>> RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * GET request with custom headers + options
>> + * @param uri
>> + * @param headers
>> + * @param options
>> + */
>> + public function
>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>> $options)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>> $options);
>> + }
>> +
>> + /**
>> + * Basic POST request
>> + * @param uri
>> + * @param postBody
>> + */
>> + public function RemoteContentRequestWithUriPostBody($uri,
>> $postBody)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>> RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * POST request with options
>> + * @param uri
>> + * @param postBody
>> + * @param options
>> + */
>> + public function
>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>> $options)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>> $options);
>> + }
>> +
>> + /**
>> + * POST request with headers
>> + * @param uri
>> + * @param headers
>> + * @param postBody
>> + */
>> + public function
>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>> $postBody)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * POST request with options + headers
>> + * @param uri
>> + * @param headers
>> + * @param postBody
>> + * @param options
>> + */
>> + public function
>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>> $headers, $postBody, $options)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>> $postBody, $options);
>> + }
>> +
>> + /**
>> + * Creates a simple GET request
>> + *
>> + * @param uri
>> + * @param ignoreCache
>> + */
>> + public function getRequest($uri, $ignoreCache)
>> + {
>> + $options = new Options();
>> + $options->ignoreCache = $ignoreCache;
>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>> $options);
>> + }
>> +
>> // returns a hash code which identifies this request, used for
>> caching
>> - // takes url and postbody into account for constructing the md5
>> checksum
>> + // takes url and postbody into account for constructing the sha1
>> checksum
>> public function toHash()
>> {
>> - return md5($this->url . $this->postBody);
>> + return md5($this->uri . $this->postBody);
>> }
>>
>> public function getContentType()
>> @@ -92,7 +252,17 @@
>>
>> public function getUrl()
>> {
>> - return $this->url;
>> + return $this->uri;
>> + }
>> +
>> + public function getMethod()
>> + {
>> + return $this->method;
>> + }
>> +
>> + public function getOptions()
>> + {
>> + return $this->options;
>> }
>>
>> public function setContentType($type)
>> @@ -125,14 +295,37 @@
>> $this->headers = $headers;
>> }
>>
>> + //FIXME: Find a better way to do this
>> + // The headers can be an array of elements.
>> + public function getHeader($headerName)
>> + {
>> + $headers = explode("\n", $this->headers);
>> + foreach ($headers as $header) {
>> + $key = explode(":", $header);
>> + if ($key[0] == $headerName)
>> + return $key[1];
>> + }
>> + return null;
>> + }
>> +
>> public function setPostBody($postBody)
>> {
>> $this->postBody = $postBody;
>> }
>>
>> - public function setUrl($url)
>> + public function setUri($uri)
>> {
>> - $this->url = $url;
>> + $this->uri = $uri;
>> }
>>
>> -}
>> \ No newline at end of file
>> +}
>> +
>> +/**
>> + * Bag of options for making a request.
>> + *
>> + * This object is mutable to keep us sane. Don't mess with it once
>> you've
>> + * sent it to RemoteContentRequest or bad things might happen.
>> + */
>> +class Options {
>> + public $ignoreCache = false;
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php (original)
>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May
>> 21 09:58:52 2008
>> @@ -80,7 +80,7 @@
>> self::loadFile($file, $dirs, true);
>> } else {
>> self::_securityCheck($file);
>> - include_once $file;
>> + include_once 'src/common/'.$file;
>> }
>>
>> if (!class_exists($class, false) && !
>> interface_exists($class, false)) {
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>> May 21 09:58:52 2008
>> @@ -26,21 +26,21 @@
>> * Server wide variables are stored in config.php
>> */
>> class GadgetContext {
>> - private $httpFetcher = null;
>> - private $locale = null;
>> - private $renderingContext = null;
>> - private $registry = null;
>> - private $userPrefs = null;
>> - private $gadgetId = null;
>> - private $view = null;
>> - private $moduleId = null;
>> - private $url = null;
>> - private $cache = null;
>> - private $blacklist = null;
>> - private $ignoreCache = null;
>> - private $forcedJsLibs = null;
>> - private $containerConfig = null;
>> - private $container = null;
>> + protected $httpFetcher = null;
>> + protected $locale = null;
>> + protected $renderingContext = null;
>> + protected $registry = null;
>> + protected $userPrefs = null;
>> + protected $gadgetId = null;
>> + protected $view = null;
>> + protected $moduleId = null;
>> + protected $url = null;
>> + protected $cache = null;
>> + protected $blacklist = null;
>> + protected $ignoreCache = null;
>> + protected $forcedJsLibs = null;
>> + protected $containerConfig = null;
>> + protected $container = null;
>>
>> public function __construct($renderingContext)
>> {
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/
>> GadgetSpecParser.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>> Wed May 21 09:58:52 2008
>> @@ -36,7 +36,7 @@
>> }
>> $gadget = new Gadget($context->getGadgetId(), $context);
>> // process ModulePref attributes
>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
>> // process UserPrefs, if any
>> foreach ($doc->UserPref as $pref) {
>> $this->processUserPref($gadget, $pref);
>> @@ -54,7 +54,7 @@
>> return $gadget;
>> }
>>
>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>> $context)
>> {
>> $attributes = $ModulePrefs->attributes();
>> if (empty($attributes['title'])) {
>> @@ -90,11 +90,11 @@
>> $gadget->scaling = isset($attributes['scaling']) ?
>> trim($attributes['scaling']) : '';
>> $gadget->scrolling = isset($attributes['scrolling']) ?
>> trim($attributes['scrolling']) : '';
>> foreach ($ModulePrefs->Locale as $locale) {
>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
>> }
>> }
>>
>> - private function processLocale($locale)
>> + private function processLocale($locale, $context)
>> {
>> $attributes = $locale->attributes();
>> $messageAttr = isset($attributes['messages']) ?
>> trim($attributes['messages']) : '';
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May
>> 21 09:58:52 2008
>> @@ -0,0 +1,70 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations under
>> the License.
>> + *
>> + */
>> +
>> +/**
>> + * An abstract representation of a signing token.
>> + * Use in conjunction with @code GadgetTokenDecoder.
>> + */
>> +abstract class GadgetToken {
>> +
>> + //FIXME Hmm seems php is refusing to let me make abstract static
>> functions? odd
>> + static public function createFromToken($token, $maxage) {}
>> + static public function createFromValues($owner, $viewer, $app,
>> $domain, $appUrl, $moduleId) {}
>> +
>> +
>> + /**
>> + * Serializes the token into a string. This can be the exact
>> same as
>> + * toString; using a different name here is only to force
>> interface
>> + * compliance.
>> + *
>> + * @return A string representation of the token.
>> + */
>> + abstract public function toSerialForm();
>> +
>> + /**
>> + * @return the owner from the token, or null if there is none.
>> + */
>> + abstract public function getOwnerId();
>> +
>> + /**
>> + * @return the viewer from the token, or null if there is none.
>> + */
>> + abstract public function getViewerId();
>> +
>> + /**
>> + * @return the application id from the token, or null if there
>> is none.
>> + */
>> + abstract public function getAppId();
>> +
>> + /**
>> + * @return the domain from the token, or null if there is none.
>> + */
>> + abstract public function getDomain();
>> +
>> + /**
>> + * @return the URL of the application
>> + */
>> + abstract public function getAppUrl();
>> +
>> + /**
>> + * @return the module ID of the application
>> + */
>> + abstract public function getModuleId();
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,34 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> +
>> +/**
>> + * Handles verification of gadget security tokens.
>> + */
>> +abstract class GadgetTokenDecoder {
>> +
>> + /**
>> + * Decrypts and verifies a gadget security token to return a
>> gadget token.
>> + *
>> + * @param tokenString String representation of the token to be
>> created.
>> + * @return The token representation of the input data.
>> + * @throws GadgetException If tokenString is not a valid token
>> + */
>> + abstract public function createToken($tokenString);
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>> 21 09:58:52 2008
>> @@ -24,7 +24,7 @@
>> private $content;
>> private $featureName; // used to track what feature this belongs to
>> private $loaded = false;
>> -
>> +
>> public function __construct($type, $content, $featureName = '')
>> {
>> $this->featureName = $featureName;
>> @@ -39,11 +39,11 @@
>>
>> public function getContent()
>> {
>> - if (!$this->loaded && $this->type == 'FILE') {
>> + if (! $this->loaded && $this->type == 'FILE') {
>> if (Config::get('compress_javascript')) {
>> $dataCache = Config::get('data_cache');
>> $dataCache = new $dataCache();
>> - if (!($content = $dataCache->get(md5($this->content)))) {
>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>> $content = JsMin::minify(JsLibrary::loadData($this->content, $this-
>> >type));
>> $dataCache->set(md5($this->content), $content);
>> $this->content = $content;
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/
>> JsonRpcGadgetContext.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/
>> JsonRpcGadgetContext.php (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/
>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>> @@ -1,10 +1,6 @@
>> <?php
>>
>> class JsonRpcGadgetContext extends GadgetContext {
>> - private $locale = null;
>> - private $view = null;
>> - private $url = null;
>> - private $container = null;
>>
>> public function __construct($jsonContext, $url)
>> {
>> @@ -15,23 +11,8 @@
>> $this->container = $jsonContext->container;
>> }
>>
>> - public function getUrl()
>> - {
>> - return $this->url;
>> - }
>> -
>> public function getView()
>> {
>> return $this->view;
>> }
>> -
>> - public function getLocale()
>> - {
>> - return $this->locale;
>> - }
>> -
>> - public function getContainer()
>> - {
>> - return $this->container;
>> - }
>> }
>> \ No newline at end of file
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,10 @@
>> +<?php
>> +
>> +class ProxyGadgetContext extends GadgetContext {
>> +
>> + public function __construct($url)
>> + {
>> + parent::__construct('GADGET');
>> + $this->url = $url;
>> + }
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>> May 21 09:58:52 2008
>> @@ -29,11 +29,15 @@
>> *
>> */
>> class ProxyHandler {
>> - private $context;
>> + private $context;
>> + private $signingFetcher;
>> + private $oauthFetcher;
>>
>> - public function __construct($context)
>> + public function __construct($context, $signingFetcher = null,
>> $oauthFetcher = null)
>> {
>> - $this->context = $context;
>> + $this->context = $context;
>> + $this->signingFetcher = $signingFetcher;
>> + $this->oauthFetcher = $oauthFetcher;
>> }
>>
>> /**
>> @@ -51,11 +55,21 @@
>> $token = '';
>> // no token given, safe to ignore
>> }
>> - $originalUrl = $this->validateUrl($url);
>> - $signedUrl = $this->signUrl($originalUrl, $token);
>> + $url = $this->validateUrl($url);
>> // Fetch the content and convert it into JSON.
>> // TODO: Fetcher needs to handle variety of HTTP methods.
>> - $result = $this->fetchContent($signedUrl, $method);
>> + $result = $this->fetchContentDivert($url, $method, $signer);
>> + if (!isset($result)) {
>> + //OAuthFetcher only
>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>> + $json = array($url => $metadata);
>> + $json = json_encode($json);
>> + $output = UNPARSEABLE_CRUFT . $json;
>> + $this->setCachingHeaders();
>> + header("Content-Type: application/json; charset=utf-8", true);
>> + echo $output;
>> + die();
>> + }
>> $status = (int)$result->getHttpCode();
>> //header("HTTP/1.1 $status", true);
>> if ($status == 200) {
>> @@ -174,10 +188,9 @@
>> $token = '';
>> // no token given, safe to ignore
>> }
>> - $originalUrl = $this->validateUrl($url);
>> - $signedUrl = $this->signUrl($originalUrl, $token);
>> + $url = $this->validateUrl($url);
>> //TODO: Fetcher needs to handle variety of HTTP methods.
>> - $result = $this->fetchContent($signedUrl, $method);
>> + $result = $this->fetchContent($url, $method);
>> // TODO: Fetcher needs to handle variety of HTTP methods.
>> $status = (int)$result->getHttpCode();
>> if ($status == 200) {
>> @@ -208,11 +221,11 @@
>> /**
>> * Both fetch and fetchJson call this function to retrieve the
>> actual content
>> *
>> - * @param string $signedUrl the signed url to fetch
>> + * @param string $url the url to fetch
>> * @param string $method either get or post
>> * @return the filled in request (RemoteContentRequest)
>> */
>> - private function fetchContent($signedUrl, $method)
>> + private function fetchContent($url, $method)
>> {
>> //TODO get actual character encoding from the request
>>
>> @@ -250,14 +263,41 @@
>> }
>> // even if postData is an empty string, it will still post (since
>> RemoteContentRquest checks if its false)
>> // so the request to POST is still honored
>> - $request = new RemoteContentRequest($signedUrl, $headers,
>> $postData);
>> + $request = new RemoteContentRequest($url, $headers, $postData);
>> $request = $this->context->getHttpFetcher()->fetch($request,
>> $context);
>> } else {
>> - $request = new RemoteContentRequest($signedUrl, $headers);
>> + $request = new RemoteContentRequest($url, $headers);
>> $request = $this->context->getHttpFetcher()->fetch($request,
>> $context);
>> }
>> return $request;
>> }
>> +
>> + private function fetchContentDivert($url, $method, $signer)
>> + {
>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>> + $token = $this->extractAndValidateToken($signer);
>> + switch (strtoupper($authz)) {
>> + case 'SIGNED':
>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>> BasicRemoteContentFetcher(), $token);
>> + return $fetcher->fetch($url, $method);
>> + case 'AUTHENTICATED':
>> + $params = new OAuthRequestParams();
>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>> BasicRemoteContentFetcher(), $token);
>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>> + $this->oauthFetcher = $oAuthFetcherFactory-
>> >getOAuthFetcher($fetcher, $token, $params);
>> + $request = new RemoteContentRequest($url);
>> + $request->createRemoteContentRequestWithUri($url);
>> + return $this->oauthFetcher->fetchRequest($request);
>> + case 'NONE':
>> + default:
>> + return $this->fetchContent($url, $method);
>> + }
>> + }
>> +
>> + public function setContentFetcher($contentFetcherFactory)
>> + {
>> + $this->contentFetcherFactory = $contentFetcherFactory;
>> + }
>>
>> /**
>> * Sets the caching headers (overwriting anything the remote host
>> set) to force
>> @@ -282,6 +322,7 @@
>> private function validateUrl($url)
>> {
>> //TODO should really make a PHP version of the URI class and
>> validate in all the locations the java version does
>> + // why not use Zend::Uri:
>> return $url;
>> }
>>
>> @@ -293,40 +334,17 @@
>> * @return string the token to use in the signed url
>> */
>> private function extractAndValidateToken($signer)
>> - {
>> - if ($signer == null) {
>> - return null;
>> - }
>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>> - if ($token) {
>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>> - }
>> + {
>> + if ($signer == null) {
>> + return null;
>> + }
>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>> + if (!isset($token) || $token == '') {
>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>> + }
>> return $signer->createToken($token);
>> }
>> -
>> - /**
>> - * Signs a url with the SecurityToken
>> - *
>> - * @param string $originalUrl
>> - * @param SecurityToken $token
>> - * @return unknown
>> - */
>> - private function signUrl($originalUrl, $token)
>> - {
>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>> - if (! $authz) {
>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>> - }
>> - if ($token == null || $authz != 'signed') {
>> - return $originalUrl;
>> - }
>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>> - if ($method) {
>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>> 'GET';
>> - }
>> - return $token->signUrl($originalUrl, $method);
>> - }
>> -
>> +
>> private function request_headers()
>> {
>> // Try to use apache's request headers if available
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,42 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations under
>> the License.
>> + *
>> + */
>> +require 'src/common/HttpServlet.php';
>> +
>> +/**
>> + * This class serves the public certificate, quick and dirty hack
>> to make the certificate publicly accessible
>> + * this combined with the hard coded location in
>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>> + * for the oauth pub key location makes a working whole
>> + */
>> +class CertServlet extends HttpServlet {
>> +
>> + /**
>> + * Handles the get file request, only called on url = /public.crt
>> + * so this function has no logic other then to output the cert
>> + */
>> + public function doGet()
>> + {
>> + $file = Config::get('public_key_file');
>> + if (!file_exists($file) || !is_readable($file)) {
>> + throw new Exception("Invalid public key location ($file), check
>> config and file permissions");
>> + }
>> + $this->setLastModified(filemtime($file));
>> + readfile($file);
>> + }
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>> FilesServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>> Wed May 21 09:58:52 2008
>> @@ -25,7 +25,7 @@
>> * the php version too
>> */
>> class FilesServlet extends HttpServlet {
>> -
>> +
>> /**
>> * Handles the get file request, if the file exists and is in the
>> correct
>> * location it's echo'd to the browser (with a basic content type
>> guessing
>> @@ -46,14 +46,14 @@
>> die();
>> }
>> // if the file doesn't exist or can't be read, give a 404 error
>> - if (!file_exists($file) || !is_readable($file) || !
>> is_file($file)) {
>> + if (! file_exists($file) || ! is_readable($file) || !
>> is_file($file)) {
>> header("HTTP/1.0 404 Not Found", true);
>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>> die();
>> }
>> $dot = strrpos($file, '.');
>> if ($dot) {
>> - $ext = strtolower(substr($file, $dot+1));
>> + $ext = strtolower(substr($file, $dot + 1));
>> if ($ext == 'html' || $ext == 'htm') {
>> $this->setContentType('text/html');
>> } elseif ($ext == 'js') {
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>> @@ -52,7 +52,7 @@
>> */
>> class GadgetRenderingServlet extends HttpServlet {
>> private $context;
>> -
>> +
>> /**
>> * Creates the gadget using the GadgetServer class and calls
>> outputGadget
>> *
>> @@ -71,11 +71,11 @@
>> $gadgetServer = new GadgetServer();
>> $gadget = $gadgetServer->processGadget($this->context);
>> $this->outputGadget($gadget, $this->context);
>> - } catch ( Exception $e ) {
>> + } catch (Exception $e) {
>> $this->outputError($e);
>> }
>> }
>> -
>> +
>> /**
>> * If an error occured (Exception) this function echo's the
>> Exception's message
>> * and if the config['debug'] is true, shows the debug backtrace in
>> a div
>> @@ -95,7 +95,7 @@
>> }
>> echo "</body></html>";
>> }
>> -
>> +
>> /**
>> * Takes the gadget to output, and depending on its content type
>> calls either outputHtml-
>> * or outputUrlGadget
>> @@ -107,15 +107,15 @@
>> {
>> $view = HttpUtil::getView($gadget, $context);
>> switch ($view->getType()) {
>> - case 'HTML' :
>> + case 'HTML':
>> $this->outputHtmlGadget($gadget, $context, $view);
>> break;
>> - case 'URL' :
>> + case 'URL':
>> $this->outputUrlGadget($gadget, $context, $view);
>> break;
>> }
>> }
>> -
>> +
>> /**
>> * Outputs a html content type gadget.
>> * It creates a html page, with the javascripts from the features
>> inline into the page, plus
>> @@ -144,16 +144,13 @@
>> }
>> // Was a privacy policy header configured? if so set it
>> if (Config::get('P3P') != '') {
>> - header("P3P: ".Config::get('P3P'));
>> + header("P3P: " . Config::get('P3P'));
>> }
>> - if (!$view->getQuirks()) {
>> + if (! $view->getQuirks()) {
>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>> \">\n";
>> }
>> - echo "<html>\n<head>".
>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>> style>".
>> - "</head><body>".
>> - "<script><!--\n";
>> - foreach ( $gadget->getJsLibraries() as $library ) {
>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>> "<script><!--\n";
>> + foreach ($gadget->getJsLibraries() as $library) {
>> $type = $library->getType();
>> if ($type == 'URL') {
>> // TODO: This case needs to be handled more gracefully by the js
>> @@ -173,15 +170,12 @@
>> // Forced libs first.
>> if (! empty($forcedLibs)) {
>> $libs = explode(':', $forcedLibs);
>> - echo sprintf($externFmt, Config::get('default_js_prefix').$this-
>> >getJsUrl($libs, $gadget)) . "\n";
>> + echo sprintf($externFmt, Config::get('default_js_prefix') . $this-
>> >getJsUrl($libs, $gadget)) . "\n";
>> }
>> if (strlen($externJs) > 0) {
>> echo $externJs;
>> }
>> - echo "<script><!--\n".
>> - $this->appendJsConfig($context, $gadget).
>> - $this->appendMessages($gadget).
>> - "-->\n</script>\n";
>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>
>> $gadgetExceptions = array();
>> $content = $gadget->getSubstitutions()->substitute($view-
>> >getContent());
>> @@ -192,11 +186,9 @@
>> if (count($gadgetExceptions)) {
>> throw new GadgetException(print_r($gadgetExceptions, true));
>> }
>> - echo $content . "\n".
>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>> - "</body>\n</html>";
>> + echo $content . "\n" .
>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>> \n</html>";
>> }
>> -
>> +
>> /**
>> * Output's a URL content type gadget, it adds
>> libs=<list:of:js:libraries>.js and user preferences
>> * to the href url, and redirects the browser to it
>> @@ -215,7 +207,7 @@
>> $forcedLibs = Config::get('focedJsLibs');
>> if ($forcedLibs == null) {
>> $reqs = $gadget->getRequires();
>> - foreach ( $reqs as $key => $val ) {
>> + foreach ($reqs as $key => $val) {
>> $libs[] = $key;
>> }
>> } else {
>> @@ -231,7 +223,7 @@
>> header('Location: ' . $redirURI);
>> die();
>> }
>> -
>> +
>> /**
>> * Returns the requested libs (from getjsUrl) with the
>> libs_param_name prepended
>> * ie: in libs=core:caja:etc.js format
>> @@ -248,7 +240,7 @@
>> $ret .= $this->getJsUrl($libs, $gadget);
>> return $ret;
>> }
>> -
>> +
>> /**
>> * Returns the user preferences in &up_<name>=<val> format
>> *
>> @@ -259,7 +251,7 @@
>> private function getPrefsQueryString($prefVals)
>> {
>> $ret = '';
>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>> + foreach ($prefVals->getPrefs() as $key => $val) {
>> $ret .= '&';
>> $ret .= Config::get('userpref_param_prefix');
>> $ret .= urlencode($key);
>> @@ -268,10 +260,10 @@
>> }
>> return $ret;
>> }
>> -
>> +
>> /**
>> * generates the library string (core:caja:etc.js) including a
>> checksum of all the
>> - * javascript content (?v=<sha1 of js) for cache busting
>> + * javascript content (?v=<md5 of js>) for cache busting
>> *
>> * @param string $libs
>> * @param Gadget $gadget
>> @@ -284,7 +276,7 @@
>> $buf = 'core';
>> } else {
>> $firstDone = false;
>> - foreach ( $libs as $lib ) {
>> + foreach ($libs as $lib) {
>> if ($firstDone) {
>> $buf .= ':';
>> } else {
>> @@ -296,7 +288,7 @@
>> // Build a version string from the sha1() checksum of all included
>> javascript
>> // to ensure the client always has the right version
>> $inlineJs = '';
>> - foreach ( $gadget->getJsLibraries() as $library ) {
>> + foreach ($gadget->getJsLibraries() as $library) {
>> $type = $library->getType();
>> if ($type != 'URL') {
>> $inlineJs .= $library->getContent() . "\n";
>> @@ -305,14 +297,14 @@
>> $buf .= ".js?v=" . md5($inlineJs);
>> return $buf;
>> }
>> -
>> +
>> private function appendJsConfig($context, $gadget)
>> {
>> $container = $context->getContainer();
>> $containerConfig = $context->getContainerConfig();
>> $gadgetConfig = array();
>> $featureConfig = $containerConfig->getConfig($container,
>> 'gadgets.features');
>> - foreach ( $gadget->getJsLibraries() as $library ) {
>> + foreach ($gadget->getJsLibraries() as $library) {
>> $feature = $library->getFeatureName();
>> if (! isset($gadgetConfig[$feature]) && !
>> empty($featureConfig[$feature])) {
>> $gadgetConfig[$feature] = $featureConfig[$feature];
>> @@ -320,7 +312,7 @@
>> }
>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");\n";
>> }
>> -
>> +
>> private function appendMessages($gadget)
>> {
>> $msgs = '';
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed
>> May 21 09:58:52 2008
>> @@ -30,7 +30,7 @@
>> * to retrieve our features javascript code
>> */
>> class JsServlet extends HttpServlet {
>> -
>> +
>> public function doGet()
>> {
>> $this->noHeaders = true;
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>> ProxyServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>> Wed May 21 09:58:52 2008
>> @@ -26,6 +26,8 @@
>> require 'src/common/RemoteContent.php';
>> require 'src/common/Cache.php';
>> require 'src/common/RemoteContentFetcher.php';
>> +require 'src/gadgets/oauth/OAuth.php';
>> +require 'src/gadgets/oauth/OAuthStore.php';
>>
>> class ProxyServlet extends HttpServlet {
>>
>> @@ -39,6 +41,7 @@
>> if (! $url) {
>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>> }
>> + $url = urldecode($url);
>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>> if (! $method) {
>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
>> @@ -49,7 +52,8 @@
>> }
>> $gadgetSigner = Config::get('security_token_signer');
>> $gadgetSigner = new $gadgetSigner();
>> - $proxyHandler = new ProxyHandler($context);
>> + $signingFetcherFactory = new
>> SigningFetcherFactory(Config::get("private_key_file"));
>> + $proxyHandler = new ProxyHandler($context, $signingFetcherFactory);
>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>> } else {
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcher.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,216 @@
>> +<?php
>> +/*
>> + * Licensed under the Apache License, Version 2.0 (the "License");
>> + * you may not use this file except in compliance with the License.
>> + * You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> software
>> + * distributed under the License is distributed on an "AS IS" BASIS,
>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>> implied.
>> + * See the License for the specific language governing permissions
>> and
>> + * limitations under the License.
>> + */
>> +
>> +/**
>> + * Implements signed fetch based on the OAuth request signing
>> algorithm.
>> + *
>> + * Subclasses can override signMessage to use their own crypto if
>> they don't
>> + * like the oauth.net code for some reason.
>> + *
>> + * Instances of this class are only accessed by a single thread at
>> a time,
>> + * but instances may be created by multiple threads.
>> + */
>> +class SigningFetcher extends RemoteContentFetcher {
>> +
>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>> + protected static $XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>> +
>> + //protected final TimeSource clock = new TimeSource();
>> +
>> + /**
>> + * Authentication token for the user and gadget making the request.
>> + */
>> + protected $authToken;
>> +
>> + /**
>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can be a
>> + * PrivateKey object, or a PEM formatted private key, or a DER
>> encoded byte
>> + * array for the private key.(No, really, they accept any of them.)
>> + */
>> + protected $privateKeyObject;
>> +
>> + /**
>> + * The name of the key, included in the fetch to help with key
>> rotation.
>> + */
>> + protected $keyName;
>> +
>> + /**
>> + * Constructor based on signing with the given PrivateKey object.
>> + *
>> + * @param authToken verified gadget security token
>> + * @param keyName name of the key to include in the request
>> + * @param privateKey the key to use for the signing
>> + */
>> + public static function makeFromPrivateKey($next, $authToken,
>> $keyName, $privateKey)
>> + {
>> + return new SigningFetcher($next, $authToken, $keyName,
>> $privateKey);
>> + }
>> +
>> + /**
>> + * Constructor based on signing with the given PrivateKey object.
>> + *
>> + * @param authToken verified gadget security token
>> + * @param keyName name of the key to include in the request
>> + * @param privateKey base64 encoded private key
>> + */
>> + public static function makeFromB64PrivateKey($next, $authToken,
>> $keyName, $privateKey)
>> + {
>> + return new SigningFetcher($next, $authToken, $keyName,
>> $privateKey);
>> + }
>> +
>> + /**
>> + * Constructor based on signing with the given PrivateKey object.
>> + *
>> + * @param authToken verified gadget security token
>> + * @param keyName name of the key to include in the request
>> + * @param privateKey DER encoded private key
>> + */
>> + public static function makeFromPrivateKeyBytes($next, $authToken,
>> $keyName, $privateKey)
>> + {
>> + return new SigningFetcher($next, $authToken, $keyName,
>> $privateKey);
>> + }
>> +
>> + protected function __construct($next, $authToken, $keyName,
>> $privateKeyObject)
>> + {
>> + parent::setNextFetcher($next);
>> + $this->authToken = $authToken;
>> + $this->keyName = $keyName;
>> + $this->privateKeyObject = $privateKeyObject;
>> + }
>> +
>> + public function fetchRequest($request)
>> + {
>> + return $this->getNextFetcher()->fetchRequest($request);
>> + }
>> +
>> + public function fetch($url, $method)
>> + {
>> + $signed = $this->signRequest($url, $method);
>> + return $this->getNextFetcher()->fetchRequest($signed);
>> + }
>> +
>> + private function signRequest($url, $method)
>> + {
>> + try {
>> + // Parse the request into parameters for OAuth signing, stripping
>> out
>> + // any OAuth or OpenSocial parameters injected by the client
>> + ///////////////////////////////////////////////
>> + require 'src/common/Zend/Uri.php';
>> + $uri = Zend_Uri::factory($url);
>> + $resource = $uri->getUri();
>> + $queryParams = $this->sanitize($_GET);
>> + $postParams = $this->sanitize($_POST);
>> + $msgParams = array();
>> + $msgParams = array_merge($msgParams, $queryParams);
>> + $msgParams = array_merge($msgParams, $postParams);
>> +
>> + // TODO: is this ok?
>> + //$msgParams = array();
>> + $this->addOpenSocialParams($msgParams);
>> + $this->addOAuthParams($msgParams);
>> +
>> + // Build and sign the OAuthMessage; note that the resource here has
>> + // no query string, the parameters are all in msgParams
>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>> +
>> + ////////////////////////////////////////////////
>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>> + $consumer-
>> >setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>> >privateKeyObject);
>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>> +
>> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL,
>> $method, $resource, $msgParams);
>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>> +
>> + // Rebuild the query string, including all of the parameters we
>> added.
>> + // We have to be careful not to copy POST parameters into the
>> query.
>> + // If post and query parameters share a name, they end up being
>> removed
>> + // from the query.
>> + $forPost = array();
>> + foreach ($postParams as $key => $param) {
>> + $forPost[$key] = $param;
>> + }
>> + $newQuery = array();
>> + foreach ($req_req->get_parameters() as $key => $param) {
>> + if (! isset($forPost[$key])) {
>> + $newQuery[$key] = $param;
>> + }
>> + }
>> +
>> + // Careful here; the OAuth form encoding scheme is slightly
>> different than
>> + // the normal form encoding scheme, so we have to use the OAuth
>> library
>> + // formEncode method.
>> + $uri->setQuery($newQuery);
>> + return new RemoteContentRequest($uri->getUri());
>> + } catch (Exception $e) {
>> + throw new GadgetException($e);
>> + }
>> + }
>> +
>> + private function addOpenSocialParams(&$msgParams)
>> + {
>> + $owner = $this->authToken->getOwnerId();
>> + if ($owner != null) {
>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>> + }
>> + $viewer = $this->authToken->getViewerId();
>> + if ($viewer != null) {
>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>> + }
>> + $app = $this->authToken->getAppId();
>> + if ($app != null) {
>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>> + }
>> + }
>> +
>> + private function addOAuthParams(&$msgParams)
>> + {
>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>> + $domain = $this->authToken->getDomain();
>> + if ($domain != null) {
>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] = 'partuza.chabotc.com'; //
>> $domain;
>> + }
>> + if ($this->keyName != null) {
>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
>> + }
>> + $nonce = OAuthRequest::generate_nonce();
>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>> + $timestamp = time();
>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>> + }
>> +
>> + /**
>> + * Strip out any owner or viewer id passed by the client.
>> + */
>> + private function sanitize($params)
>> + {
>> + $list = array();
>> + foreach ($params as $key => $p) {
>> + if ($this->allowParam($key)) {
>> + $list[$key] = $p;
>> + }
>> + }
>> + return $list;
>> + }
>> +
>> + private function allowParam($paramName)
>> + {
>> + $canonParamName = strtolower($paramName);
>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>> substr($canonParamName, 0, 6) == "xoauth" ||
>> substr($canonParamName, 0, 9) == "opensocial")) &&
>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>> + }
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>> @@ -0,0 +1,86 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> +
>> +/**
>> + * Produces Signing content fetchers for input tokens.
>> + */
>> +class SigningFetcherFactory {
>> + private $keyName;
>> + private $privateKey;
>> +
>> + /**
>> + * Produces a signing fetcher that will sign requests and delegate
>> actual
>> + * network retrieval to the {@code networkFetcher}
>> + *
>> + * @param networkFetcher The fetcher that will be doing actual work.
>> + * @param token The gadget token used for extracting signing
>> parameters.
>> + * @return The signing fetcher.
>> + * @throws GadgetException
>> + */
>> + public function getSigningFetcher($networkFetcher, $token)
>> + {
>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>> $token, $this->keyName, $this->privateKey);
>> + }
>> +
>> + /**
>> + * @param keyFile The file containing your private key for signing
>> requests.
>> + */
>> + public function __construct($keyFile = null)
>> + {
>> + $this->keyName = 'http://'.
>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>> + if (! empty($keyFile)) {
>> + $privateKey = null;
>> + try {
>> + // check if the converted from PKCS8 key is in cache, if not,
>> convert it
>> + $cache = Config::get('data_cache');
>> + $cache = new $cache();
>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this-
>> >keyName)) !== false) {
>> + $rsa_private_key = $cachedKey;
>> + } else {
>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>> + throw new Exception("Could not read keyfile ($keyFile), check the
>> file name and permission");
>> + }
>> + // TODO: sending NULL as a second param to
>> openssl_pkey_get_private works?
>> + $phrase = Config::get('private_key_phrase') != '' ?
>> (Config::get('private_key_phrase')) : null;
>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>> $phrase)) == false) {
>> + //TODO: double check if can input keyfile -inform PEM
>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>> + throw new Exception("Could not create temporary file");
>> + }
>> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
>> + throw new Exception("Could not write to temporary file");
>> + }
>> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>> + throw new Exception("Could not create temporary file");
>> + }
>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>> nocrypt -in " . $in);
>> + if (! $rsa_private_key = @file_get_contents($out)) {
>> + throw new Exception("Could not read temporary file");
>> + }
>> + }
>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>> $rsa_private_key);
>> + }
>> + } catch (Exception $e) {
>> + throw new Exception("Error loading private key: " . $e);
>> + }
>> + $this->privateKey = $rsa_private_key;
>> + }
>> + }
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>> @@ -0,0 +1,112 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> +
>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>> +
>> + /** default location for consumer keys and secrets */
>> + private $OAUTH_CONFIG = "../config/oauth.json";
>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>> + private $CONSUMER_KEY_KEY = "consumer_key";
>> + private $KEY_TYPE_KEY = "key_type";
>> +
>> + public function __construct($store)
>> + {
>> + parent::__construct($store);
>> + }
>> +
>> + public function initFromConfigFile($fetcher)
>> + {
>> + // Read our consumer keys and secrets from config/oauth.js
>> + // This actually involves fetching gadget specs
>> + try {
>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>> +
>> + // remove all comments because this confuses the json parser
>> + // note: the json parser also crashes on trailing ,'s in records
>> so please don't use them
>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>> $oauthConfigStr);
>> + $oauthConfig = json_decode($contents, true);
>> + foreach ($oauthConfig as $gadgetUri => $value) {
>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>> + $this->storeConsumerInfos($gadgetUri, $value);
>> + }
>> + } catch (Exception $e) {
>> + throw new GadgetException($e);
>> + }
>> + }
>> +
>> + private function storeProviderInfos($fetcher, $gadgetUri)
>> + {
>> + $cache = Config::get('data_cache');
>> + $cache = new $cache();
>> +
>> + // determine which requests we can load from cache, and which we
>> have to actually fetch
>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>> + $gadget = $cachedRequest;
>> + } else {
>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>> + $remoteContentRequest->getRequest($gadgetUri, false);
>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>> + $context = new ProxyGadgetContext($gadgetUri);
>> + $spec = new GadgetSpecParser();
>> + $gadget = $spec->parse($response->getResponseContent(), $context);
>> + $cache->set(md5($gadgetUri), $gadget);
>> + }
>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>> + }
>> +
>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>> + {
>> + foreach ($oauthConfig as $key => $value) {
>> + $serviceName = $key;
>> + $consumerInfo = $value;
>> + $this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
>> + }
>> + }
>> +
>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>> $consumerInfo)
>> + {
>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>> + $keyType = 'HMAC_SYMMETRIC';
>> +
>> + if ($keyTypeStr == "RSA_PRIVATE") {
>> + $keyType = 'RSA_PRIVATE';
>> + // check if the converted from PKCS8 key is in cache, if not,
>> convert it
>> + $cache = Config::get('data_cache');
>> + $cache = new $cache();
>> +
>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>> $serviceName))) !== false) {
>> + $consumerSecret = $cachedRequest;
>> + } else {
>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>> >CONSUMER_SECRET_KEY]));
>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>> nocrypt -in " . $in);
>> + $consumerSecret = file_get_contents($out);
>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>> + }
>> + }
>> +
>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>> $keyType);
>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
>> + }
>> +
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicOAuthStore.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicOAuthStore.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>> @@ -0,0 +1,149 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations under
>> the License.
>> + */
>> +
>> +class OAuthNoDataException extends Exception {}
>> +
>> +class BasicOAuthStore implements OAuthStore {
>> +
>> + private $providers = array();
>> + private $tokens = array();
>> +
>> + private $defaultConsumerKey;
>> + private $defaultConsumerSecret;
>> +
>> + public function __construct($consumerKey = null, $privateKey =
>> null)
>> + {
>> + $this->defaultConsumerKey = $consumerKey;
>> + $this->defaultConsumerSecret = $privateKey;
>> + }
>> +
>> + public function setHashMapsForTesting($providers, $tokens)
>> + {
>> + $this->providers = $providers;
>> + $this->tokens = $tokens;
>> + }
>> +
>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>> + {
>> + $provKey = new ProviderKey();
>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>> + $provKey->setServiceName($tokenKey->getServiceName());
>> + //AccesorInfo
>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>> + //TokenInfo
>> + $accessToken = $this->getTokenInfo($tokenKey);
>> + if ($accessToken != null) {
>> + // maybe convert into methods
>> + $result->getAccessor()->accessToken = $accessToken-
>> >getAccessToken();
>> + $result->getAccessor()->tokenSecret = $accessToken-
>> >getTokenSecret();
>> + }
>> + return $result;
>> + }
>> +
>> + private function getOAuthAccessorProviderKey(ProviderKey
>> $providerKey)
>> + {
>> + //ProviderInfo
>> + $provInfo = $this->getProviderInfo($providerKey);
>> +
>> + if ($provInfo == null) {
>> + throw new OAuthNoDataException("provider info was null in oauth
>> store");
>> + }
>> + //AccesorInfo
>> + $result = new AccesorInfo();
>> + $result->setHttpMethod($provInfo->getHttpMethod());
>> + $result->setParamLocation($provInfo->getParamLocation());
>> +
>> + //ConsumerKeyAndSecret
>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>> +
>> + if ($consumerKeyAndSecret == null) {
>> + if ($this->defaultConsumerKey == null || $this-
>> >defaultConsumerSecret == null) {
>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in
>> oauth store");
>> + } else {
>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>> >defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::
>> $KeyType['RSA_PRIVATE']);
>> + }
>> + }
>> +
>> + //OAuthServiceProvider
>> + $oauthProvider = $provInfo->getProvider();
>> +
>> + if (! isset($oauthProvider)) {
>> + throw new OAuthNoDataException("OAuthService provider was null in
>> oauth store");
>> + }
>> +
>> + // Accesing the class
>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>> +
>> + //OAuthConsumer
>> + $consumer = ($usePublicKeyCrypto) ? new
>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>> >getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>> $oauthProvider);
>> +
>> + if ($usePublicKeyCrypto) {
>> + $consumer-
>> >setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>> $consumerKeyAndSecret->getConsumerSecret());
>> + $result->setSignatureType(OAuthStoreVars::
>> $SignatureType['RSA_SHA1']);
>> + } else {
>> + $result->setSignatureType(OAuthStoreVars::
>> $SignatureType['HMAC_SHA1']);
>> + }
>> +
>> + $result->setAccessor(new OAuthAccessor($consumer));
>> + return $result;
>> + }
>> +
>> + public function getOAuthServiceProviderInfo($providerKey)
>> + {
>> + $provInfo = $this->providers->get($providerKey);
>> +
>> + if ($provInfo == null) {
>> + throw new OAuthNoDataException("provider info was null in oauth
>> store");
>> + }
>> +
>> + return $provInfo;
>> + }
>> +
>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>> $keyAndSecret)
>> + {
>> + //ProviderInfo
>> + $value = $this->getProviderInfo($providerKey);
>> + if ($value == null) {
>> + throw new OAuthNoDataException("could not find provider data for
>> token");
>> + }
>> + $value->setKeyAndSecret($keyAndSecret);
>> + }
>> +
>> + public function setOAuthServiceProviderInfo($providerKey,
>> $providerInfo)
>> + {
>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>> + }
>> +
>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>> + {
>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>> + }
>> +
>> + private function getProviderInfo($providerKey)
>> + {
>> + $key = md5(serialize($providerKey));
>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>> null;
>> + }
>> +
>> + private function getTokenInfo($tokenKey)
>> + {
>> + $key = md5(serialize($tokenKey));
>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>> + }
>> +}
>> \ No newline at end of file
>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Hey Lini,
The oauth code has been a rather large code drop that's affected a few
critical code paths, give me a few hours more and we should have all
the kinks ironed out :)
-- Chris
On May 22, 2008, at 8:27 AM, Lini H - Clarion, India wrote:
> Hi Chris,
>
> The shindig is not working after the new code changes. I also
> checked on http://shindig.chabotc.com and none of the samples
> neither the gadget is working. Is any work still missing on this?
>
> Regards
>
> Lini Haridas
> Software Engineer
>
> lini.haridas@clariontechnologies.co.in
> Clarion Technologies
> SEI CMMI Level 3 Company
>
> 4th Floor, Great Eastern Plaza,
> Airport Road,
> Pune- 411 006,
> Maharashtra, India.
> Phone: +91 20 66020289
> Mobile: +91 9823435917
> www.clariontechnologies.co.in
>
> ----- Original Message -----
> From: <ch...@apache.org>
> To: <sh...@incubator.apache.org>
> Sent: Wednesday, May 21, 2008 10:28 PM
> Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/
> php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
> src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
>
>
>> Author: chabotc
>> Date: Wed May 21 09:58:52 2008
>> New Revision: 658758
>>
>> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
>> Log:
>> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your
>> great work on this. This patch implements OAuth and signed request
>> support
>>
>> Added:
>> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>> incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> GadgetOAuthTokenStore.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> OAuthFetcherFactory.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> OAuthRequestParams.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/
>> OAuthServiceProvider.php
>> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
>> Modified:
>> incubator/shindig/trunk/php/config.php
>> incubator/shindig/trunk/php/index.php
>> incubator/shindig/trunk/php/src/common/JsMin.php
>> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>> incubator/shindig/trunk/php/src/common/Zend/Loader.php
>> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
>> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>> incubator/shindig/trunk/php/src/gadgets/samplecontainer/
>> BasicBlobCrypter.php
>> incubator/shindig/trunk/php/src/socialdata/http/
>> GadgetDataServlet.php
>>
>> Modified: incubator/shindig/trunk/php/config.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/config.php (original)
>> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
>> @@ -1,4 +1,4 @@
>> -<?
>> +<?php
>> /*
>> * Licensed to the Apache Software Foundation (ASF) under one
>> * or more contributor license agreements. See the NOTICE file
>> @@ -45,7 +45,7 @@
>> // Configurable CSS rules that are injected to the gadget page,
>> // be careful when adjusting these not to break most gadget's
>> layouts :)
>> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;}
>> a {color:#0000cc;}a:visited {color:#551a8b;}a:active
>> {color:#ff0000;}body{margin: 0px;padding: 0px;background-
>> color:white;}',
>> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-
>> serif;} body {background-color:#ffffff; font-family: arial, sans-
>> serif; padding: 0px; margin: 0px; font-size: 12px; color:
>> #000000;}a, a:visited {color: #3366CC;text-decoration:
>> none; }a:hover {color: #3366CC; text-decoration: underline;} input,
>> select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>>
>> // The html / javascript samples use a plain text demo token,
>> // set this to false on anything resembling a real site
>> @@ -96,6 +96,13 @@
>> // global cache age policy and location
>> 'cache_time' => 24 * 60 * 60,
>> 'cache_root' => '/tmp/shindig',
>> +
>> + // OAuth private key Path
>> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/
>> private.key',
>> + // file path to public RSA cert
>> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/
>> public.crt',
>> + // Phrase to decrypt private key. Leave empty if unencrypted
>> + 'private_key_phrase' => 'partuza',
>>
>> // In some cases we need to know the site root (for features
>> forinstance)
>> 'base_path' => realpath(dirname(__FILE__))
>>
>> Modified: incubator/shindig/trunk/php/index.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/index.php (original)
>> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
>> @@ -1,4 +1,4 @@
>> -<?
>> +<?php
>> /*
>> * Licensed to the Apache Software Foundation (ASF) under one
>> * or more contributor license agreements. See the NOTICE file
>> @@ -48,7 +48,7 @@
>> // To load these, we scan our entire directory structure
>> function __autoload($className)
>> {
>> - $locations = array('src/common', 'src/common/samplecontainer',
>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>> samplecontainer');
>> + $locations = array('src/common', 'src/common/samplecontainer',
>> 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http',
>> 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/
>> opensocial/model', 'src/socialdata/http', 'src/socialdata/
>> samplecontainer', 'src/gadgets/oauth');
>> // Check for the presense of this class in our all our directories.
>> $fileName = $className.'.php';
>> foreach ($locations as $path) {
>> @@ -65,7 +65,8 @@
>> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
>> Config::get('web_prefix') . '/gadgets/ifr' =>
>> 'GadgetRenderingServlet',
>> Config::get('web_prefix') . '/gadgets/metadata' => 'JsonRpcServlet',
>> - Config::get('web_prefix') . '/social/data' =>
>> 'GadgetDataServlet'
>> + Config::get('web_prefix') . '/social/data' =>
>> 'GadgetDataServlet',
>> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
>> );
>>
>> // Try to match the request url to our servlet mapping
>>
>> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
>> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21
>> 09:58:52 2008
>> @@ -1,4 +1,5 @@
>> <?php
>> +
>> /**
>> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
>> *
>> @@ -48,243 +49,248 @@
>> class JsMinException extends Exception {}
>>
>> class JsMin {
>> - const ORD_LF = 10;
>> - const ORD_SPACE = 32;
>> -
>> - protected $a = '';
>> - protected $b = '';
>> - protected $input = '';
>> - protected $inputIndex = 0;
>> - protected $inputLength = 0;
>> - protected $lookAhead = null;
>> - protected $output = '';
>> -
>> - // -- Public Static Methods
>> --------------------------------------------------
>> -
>> - public static function minify($js) {
>> - $jsmin = new JsMin($js);
>> - return $jsmin->min();
>> - }
>> -
>> - // -- Public Instance Methods
>> ------------------------------------------------
>> -
>> - public function __construct($input) {
>> - $this->input = str_replace("\r\n", "\n", $input);
>> - $this->inputLength = strlen($this->input);
>> - }
>> -
>> - // -- Protected Instance Methods
>> ---------------------------------------------
>> -
>> - protected function action($d) {
>> - switch($d) {
>> - case 1:
>> - $this->output .= $this->a;
>> -
>> - case 2:
>> - $this->a = $this->b;
>> -
>> - if ($this->a === "'" || $this->a === '"') {
>> - for (;;) {
>> - $this->output .= $this->a;
>> - $this->a = $this->get();
>> -
>> - if ($this->a === $this->b) {
>> - break;
>> - }
>> -
>> - if (ord($this->a) <= self::ORD_LF) {
>> - throw new JsMinException('Unterminated string
>> literal.');
>> - }
>> -
>> - if ($this->a === '\\') {
>> - $this->output .= $this->a;
>> - $this->a = $this->get();
>> - }
>> - }
>> - }
>> -
>> - case 3:
>> - $this->b = $this->next();
>> -
>> - if ($this->b === '/' && (
>> - $this->a === '(' || $this->a === ',' || $this->a ===
>> '=' ||
>> - $this->a === ':' || $this->a === '[' || $this->a ===
>> '!' ||
>> - $this->a === '&' || $this->a === '|' || $this->a ===
>> '?')) {
>> -
>> - $this->output .= $this->a . $this->b;
>> -
>> - for (;;) {
>> - $this->a = $this->get();
>> -
>> - if ($this->a === '/') {
>> - break;
>> - } elseif ($this->a === '\\') {
>> - $this->output .= $this->a;
>> - $this->a = $this->get();
>> - } elseif (ord($this->a) <= self::ORD_LF) {
>> - throw new JsMinException('Unterminated regular
>> expression '.
>> - 'literal.');
>> - }
>> -
>> - $this->output .= $this->a;
>> - }
>> -
>> - $this->b = $this->next();
>> - }
>> - }
>> - }
>> -
>> - protected function get() {
>> - $c = $this->lookAhead;
>> - $this->lookAhead = null;
>> -
>> - if ($c === null) {
>> - if ($this->inputIndex < $this->inputLength) {
>> - $c = $this->input[$this->inputIndex];
>> - $this->inputIndex += 1;
>> - } else {
>> - $c = null;
>> - }
>> - }
>> -
>> - if ($c === "\r") {
>> - return "\n";
>> - }
>> -
>> - if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>> - return $c;
>> - }
>> -
>> - return ' ';
>> - }
>> -
>> - protected function isAlphaNum($c) {
>> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]
>> $/', $c) === 1;
>> - }
>> -
>> - protected function min() {
>> - $this->a = "\n";
>> - $this->action(3);
>> -
>> - while ($this->a !== null) {
>> - switch ($this->a) {
>> - case ' ':
>> - if ($this->isAlphaNum($this->b)) {
>> - $this->action(1);
>> - } else {
>> - $this->action(2);
>> - }
>> - break;
>> -
>> - case "\n":
>> - switch ($this->b) {
>> - case '{':
>> - case '[':
>> - case '(':
>> - case '+':
>> - case '-':
>> - $this->action(1);
>> - break;
>> -
>> - case ' ':
>> - $this->action(3);
>> - break;
>> -
>> - default:
>> - if ($this->isAlphaNum($this->b)) {
>> - $this->action(1);
>> - }
>> - else {
>> - $this->action(2);
>> - }
>> - }
>> - break;
>> -
>> - default:
>> - switch ($this->b) {
>> - case ' ':
>> - if ($this->isAlphaNum($this->a)) {
>> - $this->action(1);
>> - break;
>> - }
>> -
>> - $this->action(3);
>> - break;
>> -
>> - case "\n":
>> - switch ($this->a) {
>> - case '}':
>> - case ']':
>> - case ')':
>> - case '+':
>> - case '-':
>> - case '"':
>> - case "'":
>> - $this->action(1);
>> - break;
>> -
>> - default:
>> - if ($this->isAlphaNum($this->a)) {
>> - $this->action(1);
>> - }
>> - else {
>> - $this->action(3);
>> - }
>> - }
>> - break;
>> -
>> - default:
>> - $this->action(1);
>> - break;
>> - }
>> - }
>> - }
>> -
>> - return $this->output;
>> - }
>> -
>> - protected function next() {
>> - $c = $this->get();
>> -
>> - if ($c === '/') {
>> - switch($this->peek()) {
>> - case '/':
>> - for (;;) {
>> - $c = $this->get();
>> -
>> - if (ord($c) <= self::ORD_LF) {
>> - return $c;
>> - }
>> - }
>> -
>> - case '*':
>> - $this->get();
>> -
>> - for (;;) {
>> - switch($this->get()) {
>> - case '*':
>> - if ($this->peek() === '/') {
>> - $this->get();
>> - return ' ';
>> - }
>> - break;
>> -
>> - case null:
>> - throw new JsMinException('Unterminated comment.');
>> - }
>> - }
>> -
>> - default:
>> - return $c;
>> - }
>> - }
>> -
>> - return $c;
>> - }
>> -
>> - protected function peek() {
>> - $this->lookAhead = $this->get();
>> - return $this->lookAhead;
>> - }
>> + const ORD_LF = 10;
>> + const ORD_SPACE = 32;
>> +
>> + protected $a = '';
>> + protected $b = '';
>> + protected $input = '';
>> + protected $inputIndex = 0;
>> + protected $inputLength = 0;
>> + protected $lookAhead = null;
>> + protected $output = '';
>> +
>> + // -- Public Static Methods
>> --------------------------------------------------
>> +
>> +
>> + public static function minify($js)
>> + {
>> + $jsmin = new JsMin($js);
>> + return $jsmin->min();
>> + }
>> +
>> + // -- Public Instance Methods
>> ------------------------------------------------
>> +
>> +
>> + public function __construct($input)
>> + {
>> + $this->input = str_replace("\r\n", "\n", $input);
>> + $this->inputLength = strlen($this->input);
>> + }
>> +
>> + // -- Protected Instance Methods
>> ---------------------------------------------
>> +
>> +
>> + protected function action($d)
>> + {
>> + switch ($d) {
>> + case 1:
>> + $this->output .= $this->a;
>> +
>> + case 2:
>> + $this->a = $this->b;
>> +
>> + if ($this->a === "'" || $this->a === '"') {
>> + for (; ; ) {
>> + $this->output .= $this->a;
>> + $this->a = $this->get();
>> +
>> + if ($this->a === $this->b) {
>> + break;
>> + }
>> +
>> + if (ord($this->a) <= self::ORD_LF) {
>> + throw new JsMinException('Unterminated string literal.');
>> + }
>> +
>> + if ($this->a === '\\') {
>> + $this->output .= $this->a;
>> + $this->a = $this->get();
>> + }
>> + }
>> + }
>> +
>> + case 3:
>> + $this->b = $this->next();
>> +
>> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' ||
>> $this->a === '=' || $this->a === ':' || $this->a === '[' || $this-
>> >a === '!' || $this->a === '&' || $this->a === '|' || $this->a ===
>> '?')) {
>> +
>> + $this->output .= $this->a . $this->b;
>> +
>> + for (; ; ) {
>> + $this->a = $this->get();
>> +
>> + if ($this->a === '/') {
>> + break;
>> + } elseif ($this->a === '\\') {
>> + $this->output .= $this->a;
>> + $this->a = $this->get();
>> + } elseif (ord($this->a) <= self::ORD_LF) {
>> + throw new JsMinException('Unterminated regular expression ' .
>> 'literal.');
>> + }
>> +
>> + $this->output .= $this->a;
>> + }
>> +
>> + $this->b = $this->next();
>> + }
>> + }
>> + }
>> +
>> + protected function get()
>> + {
>> + $c = $this->lookAhead;
>> + $this->lookAhead = null;
>> +
>> + if ($c === null) {
>> + if ($this->inputIndex < $this->inputLength) {
>> + $c = $this->input[$this->inputIndex];
>> + $this->inputIndex += 1;
>> + } else {
>> + $c = null;
>> + }
>> + }
>> +
>> + if ($c === "\r") {
>> + return "\n";
>> + }
>> +
>> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
>> + return $c;
>> + }
>> +
>> + return ' ';
>> + }
>> +
>> + protected function isAlphaNum($c)
>> + {
>> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/',
>> $c) === 1;
>> + }
>> +
>> + protected function min()
>> + {
>> + $this->a = "\n";
>> + $this->action(3);
>> +
>> + while ($this->a !== null) {
>> + switch ($this->a) {
>> + case ' ':
>> + if ($this->isAlphaNum($this->b)) {
>> + $this->action(1);
>> + } else {
>> + $this->action(2);
>> + }
>> + break;
>> +
>> + case "\n":
>> + switch ($this->b) {
>> + case '{':
>> + case '[':
>> + case '(':
>> + case '+':
>> + case '-':
>> + $this->action(1);
>> + break;
>> +
>> + case ' ':
>> + $this->action(3);
>> + break;
>> +
>> + default:
>> + if ($this->isAlphaNum($this->b)) {
>> + $this->action(1);
>> + } else {
>> + $this->action(2);
>> + }
>> + }
>> + break;
>> +
>> + default:
>> + switch ($this->b) {
>> + case ' ':
>> + if ($this->isAlphaNum($this->a)) {
>> + $this->action(1);
>> + break;
>> + }
>> +
>> + $this->action(3);
>> + break;
>> +
>> + case "\n":
>> + switch ($this->a) {
>> + case '}':
>> + case ']':
>> + case ')':
>> + case '+':
>> + case '-':
>> + case '"':
>> + case "'":
>> + $this->action(1);
>> + break;
>> +
>> + default:
>> + if ($this->isAlphaNum($this->a)) {
>> + $this->action(1);
>> + } else {
>> + $this->action(3);
>> + }
>> + }
>> + break;
>> +
>> + default:
>> + $this->action(1);
>> + break;
>> + }
>> + }
>> + }
>> +
>> + return $this->output;
>> + }
>> +
>> + protected function next()
>> + {
>> + $c = $this->get();
>> +
>> + if ($c === '/') {
>> + switch ($this->peek()) {
>> + case '/':
>> + for (; ; ) {
>> + $c = $this->get();
>> +
>> + if (ord($c) <= self::ORD_LF) {
>> + return $c;
>> + }
>> + }
>> +
>> + case '*':
>> + $this->get();
>> +
>> + for (; ; ) {
>> + switch ($this->get()) {
>> + case '*':
>> + if ($this->peek() === '/') {
>> + $this->get();
>> + return ' ';
>> + }
>> + break;
>> +
>> + case null:
>> + throw new JsMinException('Unterminated comment.');
>> + }
>> + }
>> +
>> + default:
>> + return $c;
>> + }
>> + }
>> +
>> + return $c;
>> + }
>> +
>> + protected function peek()
>> + {
>> + $this->lookAhead = $this->get();
>> + return $this->lookAhead;
>> + }
>> }
>>
>>
>> Modified: incubator/shindig/trunk/php/src/common/
>> RemoteContentFetcher.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
>> Wed May 21 09:58:52 2008
>> @@ -19,6 +19,18 @@
>> */
>>
>> abstract class RemoteContentFetcher {
>> +
>> + protected $fetcher;
>> +
>> + protected function setNextFetcher($fetcher = null)
>> + {
>> + $this->fetcher = $fetcher;
>> + }
>>
>> abstract public function fetchRequest($request);
>> +
>> + public function getNextFetcher()
>> + {
>> + return $this->fetcher;
>> + }
>> }
>> \ No newline at end of file
>>
>> Modified: incubator/shindig/trunk/php/src/common/
>> RemoteContentRequest.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
>> Wed May 21 09:58:52 2008
>> @@ -15,13 +15,14 @@
>> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> * KIND, either express or implied. See the License for the
>> * specific language governing permissions and limitations under the
>> License.
>> - *
>> + *
>> */
>>
>> class RemoteContentRequest {
>> // these are used for making the request
>> - private $url = '';
>> - private $headers = false;
>> + private $uri = '';
>> + private $method = '';
>> + private $headers = array();
>> private $postBody = false;
>> // these fields are filled in once the request has completed
>> private $responseContent = false;
>> @@ -29,20 +30,179 @@
>> private $responseHeaders = false;
>> private $httpCode = false;
>> private $contentType = null;
>> + private $options;
>> public $handle = false;
>> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-
>> urlencoded; charset=utf-8";
>> + public static $DEFAULT_OPTIONS = array();
>>
>> - public function __construct($url, $headers = false, $postBody =
>> false)
>> + public function __construct($uri, $headers = false, $postBody =
>> false)
>> {
>> - $this->url = $url;
>> + $this->uri = $uri;
>> $this->headers = $headers;
>> $this->postBody = $postBody;
>> }
>>
>> + public function createRemoteContentRequest($method, $uri,
>> $headers, $postBody, $options)
>> + {
>> + $this->method = $method;
>> + $this->uri = $uri;
>> + $this->options = $options;
>> + // Copy the headers
>> + if (! isset($headers)) {
>> + $this->headers = '';
>> + } else {
>> + $setPragmaHeader = false;
>> + $tmpHeaders = '';
>> + foreach ($headers as $key => $value) {
>> + // Proxies should be bypassed with the Pragma: no-cache check.
>> + //TODO double check array is good for options
>> + if ($key == "Pragma" && @$options['ignoreCache']) {
>> + $value = "no-cache";
>> + $setPragmaHeader = true;
>> + }
>> + $tmpHeaders .= $key . ":" . $value . "\n";
>> + }
>> + // Bypass caching in proxies as well.
>> + //TODO double check array is good for options
>> + if (! $setPragmaHeader && @$options['ignoreCache']) {
>> + $tmpHeaders .= "Pragma:no-cache\n";
>> + }
>> + $this->headers = $tmpHeaders;
>> + }
>> + if (! isset($postBody)) {
>> + $this->postBody = '';
>> + } else {
>> + $this->postBody = array_merge($postBody, $this->postBody);
>> + }
>> + $type = $this->getHeader("Content-Type");
>> + if (! isset($type)) {
>> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
>> + } else {
>> + $this->contentType = $type;
>> + }
>> + }
>> +
>> + /**
>> + * Creates a new request to a different URL using all request data
>> from
>> + * an existing request.
>> + *
>> + * @param uri
>> + * @param base The base request to copy data from.
>> + */
>> + public static function
>> createRemoteContentRequestWithUriBase($uri, $base)
>> + {
>> + $this->uri = $uri;
>> + $this->method = $base->method;
>> + $this->options = $base->options;
>> + $this->headers = $base->headers;
>> + $this->contentType = $base->contentType;
>> + $this->postBody = $base->postBody;
>> + }
>> +
>> + /**
>> + * Basic GET request.
>> + *
>> + * @param uri
>> + */
>> + public function createRemoteContentRequestWithUri($uri)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>> RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * GET with options
>> + *
>> + * @param uri
>> + * @param options
>> + */
>> + public function createRemoteContentRequestWithUriOptions($uri,
>> $options)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, null, null,
>> $options);
>> + }
>> +
>> + /**
>> + * GET request with custom headers and default options
>> + * @param uri
>> + * @param headers
>> + */
>> + public function RemoteContentRequestWithUriHeaders($uri, $headers)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>> RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * GET request with custom headers + options
>> + * @param uri
>> + * @param headers
>> + * @param options
>> + */
>> + public function
>> createRemoteContentRequestWithUriHeadersOptions($uri, $headers,
>> $options)
>> + {
>> + $this->createRemoteContentRequest("GET", $uri, $headers, null,
>> $options);
>> + }
>> +
>> + /**
>> + * Basic POST request
>> + * @param uri
>> + * @param postBody
>> + */
>> + public function RemoteContentRequestWithUriPostBody($uri,
>> $postBody)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>> RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * POST request with options
>> + * @param uri
>> + * @param postBody
>> + * @param options
>> + */
>> + public function
>> createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody,
>> $options)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, null, $postBody,
>> $options);
>> + }
>> +
>> + /**
>> + * POST request with headers
>> + * @param uri
>> + * @param headers
>> + * @param postBody
>> + */
>> + public function
>> createRemoteContentRequestWithUriHeadersPostBody($uri, $headers,
>> $postBody)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>> $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
>> + }
>> +
>> + /**
>> + * POST request with options + headers
>> + * @param uri
>> + * @param headers
>> + * @param postBody
>> + * @param options
>> + */
>> + public function
>> createRemoteContentRequestWithUriHeadersPostBodyOptions($uri,
>> $headers, $postBody, $options)
>> + {
>> + $this->createRemoteContentRequest("POST", $uri, $headers,
>> $postBody, $options);
>> + }
>> +
>> + /**
>> + * Creates a simple GET request
>> + *
>> + * @param uri
>> + * @param ignoreCache
>> + */
>> + public function getRequest($uri, $ignoreCache)
>> + {
>> + $options = new Options();
>> + $options->ignoreCache = $ignoreCache;
>> + return $this->createRemoteContentRequestWithUriOptions($uri,
>> $options);
>> + }
>> +
>> // returns a hash code which identifies this request, used for
>> caching
>> - // takes url and postbody into account for constructing the md5
>> checksum
>> + // takes url and postbody into account for constructing the sha1
>> checksum
>> public function toHash()
>> {
>> - return md5($this->url . $this->postBody);
>> + return md5($this->uri . $this->postBody);
>> }
>>
>> public function getContentType()
>> @@ -92,7 +252,17 @@
>>
>> public function getUrl()
>> {
>> - return $this->url;
>> + return $this->uri;
>> + }
>> +
>> + public function getMethod()
>> + {
>> + return $this->method;
>> + }
>> +
>> + public function getOptions()
>> + {
>> + return $this->options;
>> }
>>
>> public function setContentType($type)
>> @@ -125,14 +295,37 @@
>> $this->headers = $headers;
>> }
>>
>> + //FIXME: Find a better way to do this
>> + // The headers can be an array of elements.
>> + public function getHeader($headerName)
>> + {
>> + $headers = explode("\n", $this->headers);
>> + foreach ($headers as $header) {
>> + $key = explode(":", $header);
>> + if ($key[0] == $headerName)
>> + return $key[1];
>> + }
>> + return null;
>> + }
>> +
>> public function setPostBody($postBody)
>> {
>> $this->postBody = $postBody;
>> }
>>
>> - public function setUrl($url)
>> + public function setUri($uri)
>> {
>> - $this->url = $url;
>> + $this->uri = $uri;
>> }
>>
>> -}
>> \ No newline at end of file
>> +}
>> +
>> +/**
>> + * Bag of options for making a request.
>> + *
>> + * This object is mutable to keep us sane. Don't mess with it once
>> you've
>> + * sent it to RemoteContentRequest or bad things might happen.
>> + */
>> +class Options {
>> + public $ignoreCache = false;
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php (original)
>> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May
>> 21 09:58:52 2008
>> @@ -80,7 +80,7 @@
>> self::loadFile($file, $dirs, true);
>> } else {
>> self::_securityCheck($file);
>> - include_once $file;
>> + include_once 'src/common/'.$file;
>> }
>>
>> if (!class_exists($class, false) && !
>> interface_exists($class, false)) {
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed
>> May 21 09:58:52 2008
>> @@ -26,21 +26,21 @@
>> * Server wide variables are stored in config.php
>> */
>> class GadgetContext {
>> - private $httpFetcher = null;
>> - private $locale = null;
>> - private $renderingContext = null;
>> - private $registry = null;
>> - private $userPrefs = null;
>> - private $gadgetId = null;
>> - private $view = null;
>> - private $moduleId = null;
>> - private $url = null;
>> - private $cache = null;
>> - private $blacklist = null;
>> - private $ignoreCache = null;
>> - private $forcedJsLibs = null;
>> - private $containerConfig = null;
>> - private $container = null;
>> + protected $httpFetcher = null;
>> + protected $locale = null;
>> + protected $renderingContext = null;
>> + protected $registry = null;
>> + protected $userPrefs = null;
>> + protected $gadgetId = null;
>> + protected $view = null;
>> + protected $moduleId = null;
>> + protected $url = null;
>> + protected $cache = null;
>> + protected $blacklist = null;
>> + protected $ignoreCache = null;
>> + protected $forcedJsLibs = null;
>> + protected $containerConfig = null;
>> + protected $container = null;
>>
>> public function __construct($renderingContext)
>> {
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/
>> GadgetSpecParser.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
>> Wed May 21 09:58:52 2008
>> @@ -36,7 +36,7 @@
>> }
>> $gadget = new Gadget($context->getGadgetId(), $context);
>> // process ModulePref attributes
>> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
>> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
>> // process UserPrefs, if any
>> foreach ($doc->UserPref as $pref) {
>> $this->processUserPref($gadget, $pref);
>> @@ -54,7 +54,7 @@
>> return $gadget;
>> }
>>
>> - private function processModulePrefs(&$gadget, $ModulePrefs)
>> + private function processModulePrefs(&$gadget, $ModulePrefs,
>> $context)
>> {
>> $attributes = $ModulePrefs->attributes();
>> if (empty($attributes['title'])) {
>> @@ -90,11 +90,11 @@
>> $gadget->scaling = isset($attributes['scaling']) ?
>> trim($attributes['scaling']) : '';
>> $gadget->scrolling = isset($attributes['scrolling']) ?
>> trim($attributes['scrolling']) : '';
>> foreach ($ModulePrefs->Locale as $locale) {
>> - $gadget->localeSpecs[] = $this->processLocale($locale);
>> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
>> }
>> }
>>
>> - private function processLocale($locale)
>> + private function processLocale($locale, $context)
>> {
>> $attributes = $locale->attributes();
>> $messageAttr = isset($attributes['messages']) ?
>> trim($attributes['messages']) : '';
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May
>> 21 09:58:52 2008
>> @@ -0,0 +1,70 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations under
>> the License.
>> + *
>> + */
>> +
>> +/**
>> + * An abstract representation of a signing token.
>> + * Use in conjunction with @code GadgetTokenDecoder.
>> + */
>> +abstract class GadgetToken {
>> +
>> + //FIXME Hmm seems php is refusing to let me make abstract static
>> functions? odd
>> + static public function createFromToken($token, $maxage) {}
>> + static public function createFromValues($owner, $viewer, $app,
>> $domain, $appUrl, $moduleId) {}
>> +
>> +
>> + /**
>> + * Serializes the token into a string. This can be the exact
>> same as
>> + * toString; using a different name here is only to force
>> interface
>> + * compliance.
>> + *
>> + * @return A string representation of the token.
>> + */
>> + abstract public function toSerialForm();
>> +
>> + /**
>> + * @return the owner from the token, or null if there is none.
>> + */
>> + abstract public function getOwnerId();
>> +
>> + /**
>> + * @return the viewer from the token, or null if there is none.
>> + */
>> + abstract public function getViewerId();
>> +
>> + /**
>> + * @return the application id from the token, or null if there
>> is none.
>> + */
>> + abstract public function getAppId();
>> +
>> + /**
>> + * @return the domain from the token, or null if there is none.
>> + */
>> + abstract public function getDomain();
>> +
>> + /**
>> + * @return the URL of the application
>> + */
>> + abstract public function getAppUrl();
>> +
>> + /**
>> + * @return the module ID of the application
>> + */
>> + abstract public function getModuleId();
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,34 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> +
>> +/**
>> + * Handles verification of gadget security tokens.
>> + */
>> +abstract class GadgetTokenDecoder {
>> +
>> + /**
>> + * Decrypts and verifies a gadget security token to return a
>> gadget token.
>> + *
>> + * @param tokenString String representation of the token to be
>> created.
>> + * @return The token representation of the input data.
>> + * @throws GadgetException If tokenString is not a valid token
>> + */
>> + abstract public function createToken($tokenString);
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May
>> 21 09:58:52 2008
>> @@ -24,7 +24,7 @@
>> private $content;
>> private $featureName; // used to track what feature this belongs to
>> private $loaded = false;
>> -
>> +
>> public function __construct($type, $content, $featureName = '')
>> {
>> $this->featureName = $featureName;
>> @@ -39,11 +39,11 @@
>>
>> public function getContent()
>> {
>> - if (!$this->loaded && $this->type == 'FILE') {
>> + if (! $this->loaded && $this->type == 'FILE') {
>> if (Config::get('compress_javascript')) {
>> $dataCache = Config::get('data_cache');
>> $dataCache = new $dataCache();
>> - if (!($content = $dataCache->get(md5($this->content)))) {
>> + if (! ($content = $dataCache->get(md5($this->content)))) {
>> $content = JsMin::minify(JsLibrary::loadData($this->content, $this-
>> >type));
>> $dataCache->set(md5($this->content), $content);
>> $this->content = $content;
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/
>> JsonRpcGadgetContext.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/
>> JsonRpcGadgetContext.php (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/
>> JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
>> @@ -1,10 +1,6 @@
>> <?php
>>
>> class JsonRpcGadgetContext extends GadgetContext {
>> - private $locale = null;
>> - private $view = null;
>> - private $url = null;
>> - private $container = null;
>>
>> public function __construct($jsonContext, $url)
>> {
>> @@ -15,23 +11,8 @@
>> $this->container = $jsonContext->container;
>> }
>>
>> - public function getUrl()
>> - {
>> - return $this->url;
>> - }
>> -
>> public function getView()
>> {
>> return $this->view;
>> }
>> -
>> - public function getLocale()
>> - {
>> - return $this->locale;
>> - }
>> -
>> - public function getContainer()
>> - {
>> - return $this->container;
>> - }
>> }
>> \ No newline at end of file
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,10 @@
>> +<?php
>> +
>> +class ProxyGadgetContext extends GadgetContext {
>> +
>> + public function __construct($url)
>> + {
>> + parent::__construct('GADGET');
>> + $this->url = $url;
>> + }
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed
>> May 21 09:58:52 2008
>> @@ -29,11 +29,15 @@
>> *
>> */
>> class ProxyHandler {
>> - private $context;
>> + private $context;
>> + private $signingFetcher;
>> + private $oauthFetcher;
>>
>> - public function __construct($context)
>> + public function __construct($context, $signingFetcher = null,
>> $oauthFetcher = null)
>> {
>> - $this->context = $context;
>> + $this->context = $context;
>> + $this->signingFetcher = $signingFetcher;
>> + $this->oauthFetcher = $oauthFetcher;
>> }
>>
>> /**
>> @@ -51,11 +55,21 @@
>> $token = '';
>> // no token given, safe to ignore
>> }
>> - $originalUrl = $this->validateUrl($url);
>> - $signedUrl = $this->signUrl($originalUrl, $token);
>> + $url = $this->validateUrl($url);
>> // Fetch the content and convert it into JSON.
>> // TODO: Fetcher needs to handle variety of HTTP methods.
>> - $result = $this->fetchContent($signedUrl, $method);
>> + $result = $this->fetchContentDivert($url, $method, $signer);
>> + if (!isset($result)) {
>> + //OAuthFetcher only
>> + $metadata = $this->oauthFetcher->getResponseMetadata();
>> + $json = array($url => $metadata);
>> + $json = json_encode($json);
>> + $output = UNPARSEABLE_CRUFT . $json;
>> + $this->setCachingHeaders();
>> + header("Content-Type: application/json; charset=utf-8", true);
>> + echo $output;
>> + die();
>> + }
>> $status = (int)$result->getHttpCode();
>> //header("HTTP/1.1 $status", true);
>> if ($status == 200) {
>> @@ -174,10 +188,9 @@
>> $token = '';
>> // no token given, safe to ignore
>> }
>> - $originalUrl = $this->validateUrl($url);
>> - $signedUrl = $this->signUrl($originalUrl, $token);
>> + $url = $this->validateUrl($url);
>> //TODO: Fetcher needs to handle variety of HTTP methods.
>> - $result = $this->fetchContent($signedUrl, $method);
>> + $result = $this->fetchContent($url, $method);
>> // TODO: Fetcher needs to handle variety of HTTP methods.
>> $status = (int)$result->getHttpCode();
>> if ($status == 200) {
>> @@ -208,11 +221,11 @@
>> /**
>> * Both fetch and fetchJson call this function to retrieve the
>> actual content
>> *
>> - * @param string $signedUrl the signed url to fetch
>> + * @param string $url the url to fetch
>> * @param string $method either get or post
>> * @return the filled in request (RemoteContentRequest)
>> */
>> - private function fetchContent($signedUrl, $method)
>> + private function fetchContent($url, $method)
>> {
>> //TODO get actual character encoding from the request
>>
>> @@ -250,14 +263,41 @@
>> }
>> // even if postData is an empty string, it will still post (since
>> RemoteContentRquest checks if its false)
>> // so the request to POST is still honored
>> - $request = new RemoteContentRequest($signedUrl, $headers,
>> $postData);
>> + $request = new RemoteContentRequest($url, $headers, $postData);
>> $request = $this->context->getHttpFetcher()->fetch($request,
>> $context);
>> } else {
>> - $request = new RemoteContentRequest($signedUrl, $headers);
>> + $request = new RemoteContentRequest($url, $headers);
>> $request = $this->context->getHttpFetcher()->fetch($request,
>> $context);
>> }
>> return $request;
>> }
>> +
>> + private function fetchContentDivert($url, $method, $signer)
>> + {
>> + $authz = isset($_GET['authz']) ? $_GET['authz'] :
>> (isset($_POST['authz']) ? $_POST['authz'] : '');
>> + $token = $this->extractAndValidateToken($signer);
>> + switch (strtoupper($authz)) {
>> + case 'SIGNED':
>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>> BasicRemoteContentFetcher(), $token);
>> + return $fetcher->fetch($url, $method);
>> + case 'AUTHENTICATED':
>> + $params = new OAuthRequestParams();
>> + $fetcher = $this->signingFetcher->getSigningFetcher(new
>> BasicRemoteContentFetcher(), $token);
>> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
>> + $this->oauthFetcher = $oAuthFetcherFactory-
>> >getOAuthFetcher($fetcher, $token, $params);
>> + $request = new RemoteContentRequest($url);
>> + $request->createRemoteContentRequestWithUri($url);
>> + return $this->oauthFetcher->fetchRequest($request);
>> + case 'NONE':
>> + default:
>> + return $this->fetchContent($url, $method);
>> + }
>> + }
>> +
>> + public function setContentFetcher($contentFetcherFactory)
>> + {
>> + $this->contentFetcherFactory = $contentFetcherFactory;
>> + }
>>
>> /**
>> * Sets the caching headers (overwriting anything the remote host
>> set) to force
>> @@ -282,6 +322,7 @@
>> private function validateUrl($url)
>> {
>> //TODO should really make a PHP version of the URI class and
>> validate in all the locations the java version does
>> + // why not use Zend::Uri:
>> return $url;
>> }
>>
>> @@ -293,40 +334,17 @@
>> * @return string the token to use in the signed url
>> */
>> private function extractAndValidateToken($signer)
>> - {
>> - if ($signer == null) {
>> - return null;
>> - }
>> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
>> - if ($token) {
>> - $token = isset($_POST['st']) ? $_POST['st'] : '';
>> - }
>> + {
>> + if ($signer == null) {
>> + return null;
>> + }
>> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
>> + if (!isset($token) || $token == '') {
>> + $token = isset($_POST['st']) ? $_POST['st'] : '';
>> + }
>> return $signer->createToken($token);
>> }
>> -
>> - /**
>> - * Signs a url with the SecurityToken
>> - *
>> - * @param string $originalUrl
>> - * @param SecurityToken $token
>> - * @return unknown
>> - */
>> - private function signUrl($originalUrl, $token)
>> - {
>> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
>> - if (! $authz) {
>> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
>> - }
>> - if ($token == null || $authz != 'signed') {
>> - return $originalUrl;
>> - }
>> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>> - if ($method) {
>> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] :
>> 'GET';
>> - }
>> - return $token->signUrl($originalUrl, $method);
>> - }
>> -
>> +
>> private function request_headers()
>> {
>> // Try to use apache's request headers if available
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,42 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations under
>> the License.
>> + *
>> + */
>> +require 'src/common/HttpServlet.php';
>> +
>> +/**
>> + * This class serves the public certificate, quick and dirty hack
>> to make the certificate publicly accessible
>> + * this combined with the hard coded location in
>> SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
>> + * for the oauth pub key location makes a working whole
>> + */
>> +class CertServlet extends HttpServlet {
>> +
>> + /**
>> + * Handles the get file request, only called on url = /public.crt
>> + * so this function has no logic other then to output the cert
>> + */
>> + public function doGet()
>> + {
>> + $file = Config::get('public_key_file');
>> + if (!file_exists($file) || !is_readable($file)) {
>> + throw new Exception("Invalid public key location ($file), check
>> config and file permissions");
>> + }
>> + $this->setLastModified(filemtime($file));
>> + readfile($file);
>> + }
>> +}
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>> FilesServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
>> Wed May 21 09:58:52 2008
>> @@ -25,7 +25,7 @@
>> * the php version too
>> */
>> class FilesServlet extends HttpServlet {
>> -
>> +
>> /**
>> * Handles the get file request, if the file exists and is in the
>> correct
>> * location it's echo'd to the browser (with a basic content type
>> guessing
>> @@ -46,14 +46,14 @@
>> die();
>> }
>> // if the file doesn't exist or can't be read, give a 404 error
>> - if (!file_exists($file) || !is_readable($file) || !
>> is_file($file)) {
>> + if (! file_exists($file) || ! is_readable($file) || !
>> is_file($file)) {
>> header("HTTP/1.0 404 Not Found", true);
>> echo "<html><body><h1>404 - Not Found</h1></body></html>";
>> die();
>> }
>> $dot = strrpos($file, '.');
>> if ($dot) {
>> - $ext = strtolower(substr($file, $dot+1));
>> + $ext = strtolower(substr($file, $dot + 1));
>> if ($ext == 'html' || $ext == 'htm') {
>> $this->setContentType('text/html');
>> } elseif ($ext == 'js') {
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>> GadgetRenderingServlet.php Wed May 21 09:58:52 2008
>> @@ -52,7 +52,7 @@
>> */
>> class GadgetRenderingServlet extends HttpServlet {
>> private $context;
>> -
>> +
>> /**
>> * Creates the gadget using the GadgetServer class and calls
>> outputGadget
>> *
>> @@ -71,11 +71,11 @@
>> $gadgetServer = new GadgetServer();
>> $gadget = $gadgetServer->processGadget($this->context);
>> $this->outputGadget($gadget, $this->context);
>> - } catch ( Exception $e ) {
>> + } catch (Exception $e) {
>> $this->outputError($e);
>> }
>> }
>> -
>> +
>> /**
>> * If an error occured (Exception) this function echo's the
>> Exception's message
>> * and if the config['debug'] is true, shows the debug backtrace in
>> a div
>> @@ -95,7 +95,7 @@
>> }
>> echo "</body></html>";
>> }
>> -
>> +
>> /**
>> * Takes the gadget to output, and depending on its content type
>> calls either outputHtml-
>> * or outputUrlGadget
>> @@ -107,15 +107,15 @@
>> {
>> $view = HttpUtil::getView($gadget, $context);
>> switch ($view->getType()) {
>> - case 'HTML' :
>> + case 'HTML':
>> $this->outputHtmlGadget($gadget, $context, $view);
>> break;
>> - case 'URL' :
>> + case 'URL':
>> $this->outputUrlGadget($gadget, $context, $view);
>> break;
>> }
>> }
>> -
>> +
>> /**
>> * Outputs a html content type gadget.
>> * It creates a html page, with the javascripts from the features
>> inline into the page, plus
>> @@ -144,16 +144,13 @@
>> }
>> // Was a privacy policy header configured? if so set it
>> if (Config::get('P3P') != '') {
>> - header("P3P: ".Config::get('P3P'));
>> + header("P3P: " . Config::get('P3P'));
>> }
>> - if (!$view->getQuirks()) {
>> + if (! $view->getQuirks()) {
>> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd
>> \">\n";
>> }
>> - echo "<html>\n<head>".
>> - "<style type=\"text/css\">".Config::get('gadget_css')."</
>> style>".
>> - "</head><body>".
>> - "<script><!--\n";
>> - foreach ( $gadget->getJsLibraries() as $library ) {
>> + echo "<html>\n<head>" . "<style type=\"text/css\">" .
>> Config::get('gadget_css') . "</style>" . "</head><body>" .
>> "<script><!--\n";
>> + foreach ($gadget->getJsLibraries() as $library) {
>> $type = $library->getType();
>> if ($type == 'URL') {
>> // TODO: This case needs to be handled more gracefully by the js
>> @@ -173,15 +170,12 @@
>> // Forced libs first.
>> if (! empty($forcedLibs)) {
>> $libs = explode(':', $forcedLibs);
>> - echo sprintf($externFmt, Config::get('default_js_prefix').$this-
>> >getJsUrl($libs, $gadget)) . "\n";
>> + echo sprintf($externFmt, Config::get('default_js_prefix') . $this-
>> >getJsUrl($libs, $gadget)) . "\n";
>> }
>> if (strlen($externJs) > 0) {
>> echo $externJs;
>> }
>> - echo "<script><!--\n".
>> - $this->appendJsConfig($context, $gadget).
>> - $this->appendMessages($gadget).
>> - "-->\n</script>\n";
>> + echo "<script><!--\n" . $this->appendJsConfig($context,
>> $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>>
>> $gadgetExceptions = array();
>> $content = $gadget->getSubstitutions()->substitute($view-
>> >getContent());
>> @@ -192,11 +186,9 @@
>> if (count($gadgetExceptions)) {
>> throw new GadgetException(print_r($gadgetExceptions, true));
>> }
>> - echo $content . "\n".
>> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
>> - "</body>\n</html>";
>> + echo $content . "\n" .
>> "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>
>> \n</html>";
>> }
>> -
>> +
>> /**
>> * Output's a URL content type gadget, it adds
>> libs=<list:of:js:libraries>.js and user preferences
>> * to the href url, and redirects the browser to it
>> @@ -215,7 +207,7 @@
>> $forcedLibs = Config::get('focedJsLibs');
>> if ($forcedLibs == null) {
>> $reqs = $gadget->getRequires();
>> - foreach ( $reqs as $key => $val ) {
>> + foreach ($reqs as $key => $val) {
>> $libs[] = $key;
>> }
>> } else {
>> @@ -231,7 +223,7 @@
>> header('Location: ' . $redirURI);
>> die();
>> }
>> -
>> +
>> /**
>> * Returns the requested libs (from getjsUrl) with the
>> libs_param_name prepended
>> * ie: in libs=core:caja:etc.js format
>> @@ -248,7 +240,7 @@
>> $ret .= $this->getJsUrl($libs, $gadget);
>> return $ret;
>> }
>> -
>> +
>> /**
>> * Returns the user preferences in &up_<name>=<val> format
>> *
>> @@ -259,7 +251,7 @@
>> private function getPrefsQueryString($prefVals)
>> {
>> $ret = '';
>> - foreach ( $prefVals->getPrefs() as $key => $val ) {
>> + foreach ($prefVals->getPrefs() as $key => $val) {
>> $ret .= '&';
>> $ret .= Config::get('userpref_param_prefix');
>> $ret .= urlencode($key);
>> @@ -268,10 +260,10 @@
>> }
>> return $ret;
>> }
>> -
>> +
>> /**
>> * generates the library string (core:caja:etc.js) including a
>> checksum of all the
>> - * javascript content (?v=<sha1 of js) for cache busting
>> + * javascript content (?v=<md5 of js>) for cache busting
>> *
>> * @param string $libs
>> * @param Gadget $gadget
>> @@ -284,7 +276,7 @@
>> $buf = 'core';
>> } else {
>> $firstDone = false;
>> - foreach ( $libs as $lib ) {
>> + foreach ($libs as $lib) {
>> if ($firstDone) {
>> $buf .= ':';
>> } else {
>> @@ -296,7 +288,7 @@
>> // Build a version string from the sha1() checksum of all included
>> javascript
>> // to ensure the client always has the right version
>> $inlineJs = '';
>> - foreach ( $gadget->getJsLibraries() as $library ) {
>> + foreach ($gadget->getJsLibraries() as $library) {
>> $type = $library->getType();
>> if ($type != 'URL') {
>> $inlineJs .= $library->getContent() . "\n";
>> @@ -305,14 +297,14 @@
>> $buf .= ".js?v=" . md5($inlineJs);
>> return $buf;
>> }
>> -
>> +
>> private function appendJsConfig($context, $gadget)
>> {
>> $container = $context->getContainer();
>> $containerConfig = $context->getContainerConfig();
>> $gadgetConfig = array();
>> $featureConfig = $containerConfig->getConfig($container,
>> 'gadgets.features');
>> - foreach ( $gadget->getJsLibraries() as $library ) {
>> + foreach ($gadget->getJsLibraries() as $library) {
>> $feature = $library->getFeatureName();
>> if (! isset($gadgetConfig[$feature]) && !
>> empty($featureConfig[$feature])) {
>> $gadgetConfig[$feature] = $featureConfig[$feature];
>> @@ -320,7 +312,7 @@
>> }
>> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");\n";
>> }
>> -
>> +
>> private function appendMessages($gadget)
>> {
>> $msgs = '';
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed
>> May 21 09:58:52 2008
>> @@ -30,7 +30,7 @@
>> * to retrieve our features javascript code
>> */
>> class JsServlet extends HttpServlet {
>> -
>> +
>> public function doGet()
>> {
>> $this->noHeaders = true;
>>
>> Modified: incubator/shindig/trunk/php/src/gadgets/http/
>> ProxyServlet.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>> (original)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
>> Wed May 21 09:58:52 2008
>> @@ -26,6 +26,8 @@
>> require 'src/common/RemoteContent.php';
>> require 'src/common/Cache.php';
>> require 'src/common/RemoteContentFetcher.php';
>> +require 'src/gadgets/oauth/OAuth.php';
>> +require 'src/gadgets/oauth/OAuthStore.php';
>>
>> class ProxyServlet extends HttpServlet {
>>
>> @@ -39,6 +41,7 @@
>> if (! $url) {
>> $url = isset($_POST['url']) ? $_POST['url'] : false;
>> }
>> + $url = urldecode($url);
>> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
>> if (! $method) {
>> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
>> @@ -49,7 +52,8 @@
>> }
>> $gadgetSigner = Config::get('security_token_signer');
>> $gadgetSigner = new $gadgetSigner();
>> - $proxyHandler = new ProxyHandler($context);
>> + $signingFetcherFactory = new
>> SigningFetcherFactory(Config::get("private_key_file"));
>> + $proxyHandler = new ProxyHandler($context, $signingFetcherFactory);
>> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
>> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
>> } else {
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcher.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>> (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
>> Wed May 21 09:58:52 2008
>> @@ -0,0 +1,216 @@
>> +<?php
>> +/*
>> + * Licensed under the Apache License, Version 2.0 (the "License");
>> + * you may not use this file except in compliance with the License.
>> + * You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> software
>> + * distributed under the License is distributed on an "AS IS" BASIS,
>> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
>> implied.
>> + * See the License for the specific language governing permissions
>> and
>> + * limitations under the License.
>> + */
>> +
>> +/**
>> + * Implements signed fetch based on the OAuth request signing
>> algorithm.
>> + *
>> + * Subclasses can override signMessage to use their own crypto if
>> they don't
>> + * like the oauth.net code for some reason.
>> + *
>> + * Instances of this class are only accessed by a single thread at
>> a time,
>> + * but instances may be created by multiple threads.
>> + */
>> +class SigningFetcher extends RemoteContentFetcher {
>> +
>> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
>> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
>> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
>> + protected static $XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
>> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
>> +
>> + //protected final TimeSource clock = new TimeSource();
>> +
>> + /**
>> + * Authentication token for the user and gadget making the request.
>> + */
>> + protected $authToken;
>> +
>> + /**
>> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can be a
>> + * PrivateKey object, or a PEM formatted private key, or a DER
>> encoded byte
>> + * array for the private key.(No, really, they accept any of them.)
>> + */
>> + protected $privateKeyObject;
>> +
>> + /**
>> + * The name of the key, included in the fetch to help with key
>> rotation.
>> + */
>> + protected $keyName;
>> +
>> + /**
>> + * Constructor based on signing with the given PrivateKey object.
>> + *
>> + * @param authToken verified gadget security token
>> + * @param keyName name of the key to include in the request
>> + * @param privateKey the key to use for the signing
>> + */
>> + public static function makeFromPrivateKey($next, $authToken,
>> $keyName, $privateKey)
>> + {
>> + return new SigningFetcher($next, $authToken, $keyName,
>> $privateKey);
>> + }
>> +
>> + /**
>> + * Constructor based on signing with the given PrivateKey object.
>> + *
>> + * @param authToken verified gadget security token
>> + * @param keyName name of the key to include in the request
>> + * @param privateKey base64 encoded private key
>> + */
>> + public static function makeFromB64PrivateKey($next, $authToken,
>> $keyName, $privateKey)
>> + {
>> + return new SigningFetcher($next, $authToken, $keyName,
>> $privateKey);
>> + }
>> +
>> + /**
>> + * Constructor based on signing with the given PrivateKey object.
>> + *
>> + * @param authToken verified gadget security token
>> + * @param keyName name of the key to include in the request
>> + * @param privateKey DER encoded private key
>> + */
>> + public static function makeFromPrivateKeyBytes($next, $authToken,
>> $keyName, $privateKey)
>> + {
>> + return new SigningFetcher($next, $authToken, $keyName,
>> $privateKey);
>> + }
>> +
>> + protected function __construct($next, $authToken, $keyName,
>> $privateKeyObject)
>> + {
>> + parent::setNextFetcher($next);
>> + $this->authToken = $authToken;
>> + $this->keyName = $keyName;
>> + $this->privateKeyObject = $privateKeyObject;
>> + }
>> +
>> + public function fetchRequest($request)
>> + {
>> + return $this->getNextFetcher()->fetchRequest($request);
>> + }
>> +
>> + public function fetch($url, $method)
>> + {
>> + $signed = $this->signRequest($url, $method);
>> + return $this->getNextFetcher()->fetchRequest($signed);
>> + }
>> +
>> + private function signRequest($url, $method)
>> + {
>> + try {
>> + // Parse the request into parameters for OAuth signing, stripping
>> out
>> + // any OAuth or OpenSocial parameters injected by the client
>> + ///////////////////////////////////////////////
>> + require 'src/common/Zend/Uri.php';
>> + $uri = Zend_Uri::factory($url);
>> + $resource = $uri->getUri();
>> + $queryParams = $this->sanitize($_GET);
>> + $postParams = $this->sanitize($_POST);
>> + $msgParams = array();
>> + $msgParams = array_merge($msgParams, $queryParams);
>> + $msgParams = array_merge($msgParams, $postParams);
>> +
>> + // TODO: is this ok?
>> + //$msgParams = array();
>> + $this->addOpenSocialParams($msgParams);
>> + $this->addOAuthParams($msgParams);
>> +
>> + // Build and sign the OAuthMessage; note that the resource here has
>> + // no query string, the parameters are all in msgParams
>> + //$message = new OAuthMessage($method, $resource, $msgParams);
>> +
>> + ////////////////////////////////////////////////
>> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
>> + $consumer-
>> >setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this-
>> >privateKeyObject);
>> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
>> +
>> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL,
>> $method, $resource, $msgParams);
>> + $req_req->sign_request($signatureMethod, $consumer, NULL);
>> +
>> + // Rebuild the query string, including all of the parameters we
>> added.
>> + // We have to be careful not to copy POST parameters into the
>> query.
>> + // If post and query parameters share a name, they end up being
>> removed
>> + // from the query.
>> + $forPost = array();
>> + foreach ($postParams as $key => $param) {
>> + $forPost[$key] = $param;
>> + }
>> + $newQuery = array();
>> + foreach ($req_req->get_parameters() as $key => $param) {
>> + if (! isset($forPost[$key])) {
>> + $newQuery[$key] = $param;
>> + }
>> + }
>> +
>> + // Careful here; the OAuth form encoding scheme is slightly
>> different than
>> + // the normal form encoding scheme, so we have to use the OAuth
>> library
>> + // formEncode method.
>> + $uri->setQuery($newQuery);
>> + return new RemoteContentRequest($uri->getUri());
>> + } catch (Exception $e) {
>> + throw new GadgetException($e);
>> + }
>> + }
>> +
>> + private function addOpenSocialParams(&$msgParams)
>> + {
>> + $owner = $this->authToken->getOwnerId();
>> + if ($owner != null) {
>> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
>> + }
>> + $viewer = $this->authToken->getViewerId();
>> + if ($viewer != null) {
>> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
>> + }
>> + $app = $this->authToken->getAppId();
>> + if ($app != null) {
>> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
>> + }
>> + }
>> +
>> + private function addOAuthParams(&$msgParams)
>> + {
>> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
>> + $domain = $this->authToken->getDomain();
>> + if ($domain != null) {
>> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] = 'partuza.chabotc.com'; //
>> $domain;
>> + }
>> + if ($this->keyName != null) {
>> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
>> + }
>> + $nonce = OAuthRequest::generate_nonce();
>> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
>> + $timestamp = time();
>> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
>> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
>> + }
>> +
>> + /**
>> + * Strip out any owner or viewer id passed by the client.
>> + */
>> + private function sanitize($params)
>> + {
>> + $list = array();
>> + foreach ($params as $key => $p) {
>> + if ($this->allowParam($key)) {
>> + $list[$key] = $p;
>> + }
>> + }
>> + return $list;
>> + }
>> +
>> + private function allowParam($paramName)
>> + {
>> + $canonParamName = strtolower($paramName);
>> + return (! (substr($canonParamName, 0, 5) == "oauth" ||
>> substr($canonParamName, 0, 6) == "xoauth" ||
>> substr($canonParamName, 0, 9) == "opensocial")) &&
>> ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
>> + }
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/http/
>> SigningFetcherFactory.php Wed May 21 09:58:52 2008
>> @@ -0,0 +1,86 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> +
>> +/**
>> + * Produces Signing content fetchers for input tokens.
>> + */
>> +class SigningFetcherFactory {
>> + private $keyName;
>> + private $privateKey;
>> +
>> + /**
>> + * Produces a signing fetcher that will sign requests and delegate
>> actual
>> + * network retrieval to the {@code networkFetcher}
>> + *
>> + * @param networkFetcher The fetcher that will be doing actual work.
>> + * @param token The gadget token used for extracting signing
>> parameters.
>> + * @return The signing fetcher.
>> + * @throws GadgetException
>> + */
>> + public function getSigningFetcher($networkFetcher, $token)
>> + {
>> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher,
>> $token, $this->keyName, $this->privateKey);
>> + }
>> +
>> + /**
>> + * @param keyFile The file containing your private key for signing
>> requests.
>> + */
>> + public function __construct($keyFile = null)
>> + {
>> + $this->keyName = 'http://'.
>> $_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
>> + if (! empty($keyFile)) {
>> + $privateKey = null;
>> + try {
>> + // check if the converted from PKCS8 key is in cache, if not,
>> convert it
>> + $cache = Config::get('data_cache');
>> + $cache = new $cache();
>> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this-
>> >keyName)) !== false) {
>> + $rsa_private_key = $cachedKey;
>> + } else {
>> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
>> + throw new Exception("Could not read keyfile ($keyFile), check the
>> file name and permission");
>> + }
>> + // TODO: sending NULL as a second param to
>> openssl_pkey_get_private works?
>> + $phrase = Config::get('private_key_phrase') != '' ?
>> (Config::get('private_key_phrase')) : null;
>> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key,
>> $phrase)) == false) {
>> + //TODO: double check if can input keyfile -inform PEM
>> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>> + throw new Exception("Could not create temporary file");
>> + }
>> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
>> + throw new Exception("Could not write to temporary file");
>> + }
>> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
>> + throw new Exception("Could not create temporary file");
>> + }
>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>> nocrypt -in " . $in);
>> + if (! $rsa_private_key = @file_get_contents($out)) {
>> + throw new Exception("Could not read temporary file");
>> + }
>> + }
>> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName),
>> $rsa_private_key);
>> + }
>> + } catch (Exception $e) {
>> + throw new Exception("Error loading private key: " . $e);
>> + }
>> + $this->privateKey = $rsa_private_key;
>> + }
>> + }
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
>> @@ -0,0 +1,112 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations
>> + * under the License.
>> + */
>> +
>> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
>> +
>> + /** default location for consumer keys and secrets */
>> + private $OAUTH_CONFIG = "../config/oauth.json";
>> + private $CONSUMER_SECRET_KEY = "consumer_secret";
>> + private $CONSUMER_KEY_KEY = "consumer_key";
>> + private $KEY_TYPE_KEY = "key_type";
>> +
>> + public function __construct($store)
>> + {
>> + parent::__construct($store);
>> + }
>> +
>> + public function initFromConfigFile($fetcher)
>> + {
>> + // Read our consumer keys and secrets from config/oauth.js
>> + // This actually involves fetching gadget specs
>> + try {
>> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
>> +
>> + // remove all comments because this confuses the json parser
>> + // note: the json parser also crashes on trailing ,'s in records
>> so please don't use them
>> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '',
>> $oauthConfigStr);
>> + $oauthConfig = json_decode($contents, true);
>> + foreach ($oauthConfig as $gadgetUri => $value) {
>> + $this->storeProviderInfos($fetcher, $gadgetUri);
>> + $this->storeConsumerInfos($gadgetUri, $value);
>> + }
>> + } catch (Exception $e) {
>> + throw new GadgetException($e);
>> + }
>> + }
>> +
>> + private function storeProviderInfos($fetcher, $gadgetUri)
>> + {
>> + $cache = Config::get('data_cache');
>> + $cache = new $cache();
>> +
>> + // determine which requests we can load from cache, and which we
>> have to actually fetch
>> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
>> + $gadget = $cachedRequest;
>> + } else {
>> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
>> + $remoteContentRequest->getRequest($gadgetUri, false);
>> + $response = $fetcher->fetchRequest($remoteContentRequest);
>> + $context = new ProxyGadgetContext($gadgetUri);
>> + $spec = new GadgetSpecParser();
>> + $gadget = $spec->parse($response->getResponseContent(), $context);
>> + $cache->set(md5($gadgetUri), $gadget);
>> + }
>> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
>> + }
>> +
>> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
>> + {
>> + foreach ($oauthConfig as $key => $value) {
>> + $serviceName = $key;
>> + $consumerInfo = $value;
>> + $this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
>> + }
>> + }
>> +
>> + private function storeConsumerInfo($gadgetUri, $serviceName,
>> $consumerInfo)
>> + {
>> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
>> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
>> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
>> + $keyType = 'HMAC_SYMMETRIC';
>> +
>> + if ($keyTypeStr == "RSA_PRIVATE") {
>> + $keyType = 'RSA_PRIVATE';
>> + // check if the converted from PKCS8 key is in cache, if not,
>> convert it
>> + $cache = Config::get('data_cache');
>> + $cache = new $cache();
>> +
>> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
>> $serviceName))) !== false) {
>> + $consumerSecret = $cachedRequest;
>> + } else {
>> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
>> + file_put_contents($in, base64_decode($consumerInfo[$this-
>> >CONSUMER_SECRET_KEY]));
>> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
>> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -
>> nocrypt -in " . $in);
>> + $consumerSecret = file_get_contents($out);
>> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
>> + }
>> + }
>> +
>> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
>> $keyType);
>> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
>> + }
>> +
>> +}
>>
>> Added: incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicOAuthStore.php
>> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicOAuthStore.php (added)
>> +++ incubator/shindig/trunk/php/src/gadgets/oauth/
>> BasicOAuthStore.php Wed May 21 09:58:52 2008
>> @@ -0,0 +1,149 @@
>> +<?php
>> +/*
>> + * Licensed to the Apache Software Foundation (ASF) under one
>> + * or more contributor license agreements. See the NOTICE file
>> + * distributed with this work for additional information
>> + * regarding copyright ownership. The ASF licenses this file
>> + * to you under the Apache License, Version 2.0 (the
>> + * "License"); you may not use this file except in compliance
>> + * with the License. You may obtain a copy of the License at
>> + *
>> + * http://www.apache.org/licenses/LICENSE-2.0
>> + *
>> + * Unless required by applicable law or agreed to in writing,
>> + * software distributed under the License is distributed on an
>> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
>> + * KIND, either express or implied. See the License for the
>> + * specific language governing permissions and limitations under
>> the License.
>> + */
>> +
>> +class OAuthNoDataException extends Exception {}
>> +
>> +class BasicOAuthStore implements OAuthStore {
>> +
>> + private $providers = array();
>> + private $tokens = array();
>> +
>> + private $defaultConsumerKey;
>> + private $defaultConsumerSecret;
>> +
>> + public function __construct($consumerKey = null, $privateKey =
>> null)
>> + {
>> + $this->defaultConsumerKey = $consumerKey;
>> + $this->defaultConsumerSecret = $privateKey;
>> + }
>> +
>> + public function setHashMapsForTesting($providers, $tokens)
>> + {
>> + $this->providers = $providers;
>> + $this->tokens = $tokens;
>> + }
>> +
>> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
>> + {
>> + $provKey = new ProviderKey();
>> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
>> + $provKey->setServiceName($tokenKey->getServiceName());
>> + //AccesorInfo
>> + $result = $this->getOAuthAccessorProviderKey($provKey);
>> + //TokenInfo
>> + $accessToken = $this->getTokenInfo($tokenKey);
>> + if ($accessToken != null) {
>> + // maybe convert into methods
>> + $result->getAccessor()->accessToken = $accessToken-
>> >getAccessToken();
>> + $result->getAccessor()->tokenSecret = $accessToken-
>> >getTokenSecret();
>> + }
>> + return $result;
>> + }
>> +
>> + private function getOAuthAccessorProviderKey(ProviderKey
>> $providerKey)
>> + {
>> + //ProviderInfo
>> + $provInfo = $this->getProviderInfo($providerKey);
>> +
>> + if ($provInfo == null) {
>> + throw new OAuthNoDataException("provider info was null in oauth
>> store");
>> + }
>> + //AccesorInfo
>> + $result = new AccesorInfo();
>> + $result->setHttpMethod($provInfo->getHttpMethod());
>> + $result->setParamLocation($provInfo->getParamLocation());
>> +
>> + //ConsumerKeyAndSecret
>> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
>> +
>> + if ($consumerKeyAndSecret == null) {
>> + if ($this->defaultConsumerKey == null || $this-
>> >defaultConsumerSecret == null) {
>> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in
>> oauth store");
>> + } else {
>> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this-
>> >defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::
>> $KeyType['RSA_PRIVATE']);
>> + }
>> + }
>> +
>> + //OAuthServiceProvider
>> + $oauthProvider = $provInfo->getProvider();
>> +
>> + if (! isset($oauthProvider)) {
>> + throw new OAuthNoDataException("OAuthService provider was null in
>> oauth store");
>> + }
>> +
>> + // Accesing the class
>> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() ==
>> OAuthStoreVars::$KeyType['RSA_PRIVATE']);
>> +
>> + //OAuthConsumer
>> + $consumer = ($usePublicKeyCrypto) ? new
>> OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null,
>> $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret-
>> >getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(),
>> $oauthProvider);
>> +
>> + if ($usePublicKeyCrypto) {
>> + $consumer-
>> >setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY,
>> $consumerKeyAndSecret->getConsumerSecret());
>> + $result->setSignatureType(OAuthStoreVars::
>> $SignatureType['RSA_SHA1']);
>> + } else {
>> + $result->setSignatureType(OAuthStoreVars::
>> $SignatureType['HMAC_SHA1']);
>> + }
>> +
>> + $result->setAccessor(new OAuthAccessor($consumer));
>> + return $result;
>> + }
>> +
>> + public function getOAuthServiceProviderInfo($providerKey)
>> + {
>> + $provInfo = $this->providers->get($providerKey);
>> +
>> + if ($provInfo == null) {
>> + throw new OAuthNoDataException("provider info was null in oauth
>> store");
>> + }
>> +
>> + return $provInfo;
>> + }
>> +
>> + public function setOAuthConsumerKeyAndSecret($providerKey,
>> $keyAndSecret)
>> + {
>> + //ProviderInfo
>> + $value = $this->getProviderInfo($providerKey);
>> + if ($value == null) {
>> + throw new OAuthNoDataException("could not find provider data for
>> token");
>> + }
>> + $value->setKeyAndSecret($keyAndSecret);
>> + }
>> +
>> + public function setOAuthServiceProviderInfo($providerKey,
>> $providerInfo)
>> + {
>> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
>> + }
>> +
>> + public function setTokenAndSecret($tokenKey, $tokenInfo)
>> + {
>> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
>> + }
>> +
>> + private function getProviderInfo($providerKey)
>> + {
>> + $key = md5(serialize($providerKey));
>> + return isset($this->providers[$key]) ? $this->providers[$key] :
>> null;
>> + }
>> +
>> + private function getTokenInfo($tokenKey)
>> + {
>> + $key = md5(serialize($tokenKey));
>> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
>> + }
>> +}
>> \ No newline at end of file
>>
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by "Lini H - Clarion, India" <li...@clariontechnologies.co.in>.
Hi Chris,
The shindig is not working after the new code changes. I also checked on http://shindig.chabotc.com and none of the samples neither the gadget is working. Is any work still missing on this?
Regards
Lini Haridas
Software Engineer
lini.haridas@clariontechnologies.co.in
Clarion Technologies
SEI CMMI Level 3 Company
4th Floor, Great Eastern Plaza,
Airport Road,
Pune- 411 006,
Maharashtra, India.
Phone: +91 20 66020289
Mobile: +91 9823435917
www.clariontechnologies.co.in
----- Original Message -----
From: <ch...@apache.org>
To: <sh...@incubator.apache.org>
Sent: Wednesday, May 21, 2008 10:28 PM
Subject: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
> Author: chabotc
> Date: Wed May 21 09:58:52 2008
> New Revision: 658758
>
> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
> Log:
> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your great work on this. This patch implements OAuth and signed request support
>
> Added:
> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
> incubator/shindig/trunk/php/src/gadgets/oauth/
> incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
> incubator/shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthRequestParams.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthServiceProvider.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
> Modified:
> incubator/shindig/trunk/php/config.php
> incubator/shindig/trunk/php/index.php
> incubator/shindig/trunk/php/src/common/JsMin.php
> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
> incubator/shindig/trunk/php/src/common/Zend/Loader.php
> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
> incubator/shindig/trunk/php/src/gadgets/samplecontainer/BasicBlobCrypter.php
> incubator/shindig/trunk/php/src/socialdata/http/GadgetDataServlet.php
>
> Modified: incubator/shindig/trunk/php/config.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/config.php (original)
> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
> @@ -1,4 +1,4 @@
> -<?
> +<?php
> /*
> * Licensed to the Apache Software Foundation (ASF) under one
> * or more contributor license agreements. See the NOTICE file
> @@ -45,7 +45,7 @@
> // Configurable CSS rules that are injected to the gadget page,
> // be careful when adjusting these not to break most gadget's layouts :)
> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} a {color:#0000cc;}a:visited {color:#551a8b;}a:active {color:#ff0000;}body{margin: 0px;padding: 0px;background-color:white;}',
> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} body {background-color:#ffffff; font-family: arial, sans-serif; padding: 0px; margin: 0px; font-size: 12px; color: #000000;}a, a:visited {color: #3366CC;text-decoration: none; }a:hover {color: #3366CC; text-decoration: underline;} input, select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} body {background-color:#ffffff; font-family: arial, sans-serif; padding: 0px; margin: 0px; font-size: 12px; color: #000000;}a, a:visited {color: #3366CC;text-decoration: none; }a:hover {color: #3366CC; text-decoration: underline;} input, select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>
> // The html / javascript samples use a plain text demo token,
> // set this to false on anything resembling a real site
> @@ -96,6 +96,13 @@
> // global cache age policy and location
> 'cache_time' => 24 * 60 * 60,
> 'cache_root' => '/tmp/shindig',
> +
> + // OAuth private key Path
> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/private.key',
> + // file path to public RSA cert
> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/public.crt',
> + // Phrase to decrypt private key. Leave empty if unencrypted
> + 'private_key_phrase' => 'partuza',
>
> // In some cases we need to know the site root (for features forinstance)
> 'base_path' => realpath(dirname(__FILE__))
>
> Modified: incubator/shindig/trunk/php/index.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/index.php (original)
> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
> @@ -1,4 +1,4 @@
> -<?
> +<?php
> /*
> * Licensed to the Apache Software Foundation (ASF) under one
> * or more contributor license agreements. See the NOTICE file
> @@ -48,7 +48,7 @@
> // To load these, we scan our entire directory structure
> function __autoload($className)
> {
> - $locations = array('src/common', 'src/common/samplecontainer', 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http', 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/opensocial/model', 'src/socialdata/http', 'src/socialdata/samplecontainer');
> + $locations = array('src/common', 'src/common/samplecontainer', 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http', 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/opensocial/model', 'src/socialdata/http', 'src/socialdata/samplecontainer', 'src/gadgets/oauth');
> // Check for the presense of this class in our all our directories.
> $fileName = $className.'.php';
> foreach ($locations as $path) {
> @@ -65,7 +65,8 @@
> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
> Config::get('web_prefix') . '/gadgets/ifr' => 'GadgetRenderingServlet',
> Config::get('web_prefix') . '/gadgets/metadata' => 'JsonRpcServlet',
> - Config::get('web_prefix') . '/social/data' => 'GadgetDataServlet'
> + Config::get('web_prefix') . '/social/data' => 'GadgetDataServlet',
> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
> );
>
> // Try to match the request url to our servlet mapping
>
> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21 09:58:52 2008
> @@ -1,4 +1,5 @@
> <?php
> +
> /**
> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
> *
> @@ -48,243 +49,248 @@
> class JsMinException extends Exception {}
>
> class JsMin {
> - const ORD_LF = 10;
> - const ORD_SPACE = 32;
> -
> - protected $a = '';
> - protected $b = '';
> - protected $input = '';
> - protected $inputIndex = 0;
> - protected $inputLength = 0;
> - protected $lookAhead = null;
> - protected $output = '';
> -
> - // -- Public Static Methods --------------------------------------------------
> -
> - public static function minify($js) {
> - $jsmin = new JsMin($js);
> - return $jsmin->min();
> - }
> -
> - // -- Public Instance Methods ------------------------------------------------
> -
> - public function __construct($input) {
> - $this->input = str_replace("\r\n", "\n", $input);
> - $this->inputLength = strlen($this->input);
> - }
> -
> - // -- Protected Instance Methods ---------------------------------------------
> -
> - protected function action($d) {
> - switch($d) {
> - case 1:
> - $this->output .= $this->a;
> -
> - case 2:
> - $this->a = $this->b;
> -
> - if ($this->a === "'" || $this->a === '"') {
> - for (;;) {
> - $this->output .= $this->a;
> - $this->a = $this->get();
> -
> - if ($this->a === $this->b) {
> - break;
> - }
> -
> - if (ord($this->a) <= self::ORD_LF) {
> - throw new JsMinException('Unterminated string literal.');
> - }
> -
> - if ($this->a === '\\') {
> - $this->output .= $this->a;
> - $this->a = $this->get();
> - }
> - }
> - }
> -
> - case 3:
> - $this->b = $this->next();
> -
> - if ($this->b === '/' && (
> - $this->a === '(' || $this->a === ',' || $this->a === '=' ||
> - $this->a === ':' || $this->a === '[' || $this->a === '!' ||
> - $this->a === '&' || $this->a === '|' || $this->a === '?')) {
> -
> - $this->output .= $this->a . $this->b;
> -
> - for (;;) {
> - $this->a = $this->get();
> -
> - if ($this->a === '/') {
> - break;
> - } elseif ($this->a === '\\') {
> - $this->output .= $this->a;
> - $this->a = $this->get();
> - } elseif (ord($this->a) <= self::ORD_LF) {
> - throw new JsMinException('Unterminated regular expression '.
> - 'literal.');
> - }
> -
> - $this->output .= $this->a;
> - }
> -
> - $this->b = $this->next();
> - }
> - }
> - }
> -
> - protected function get() {
> - $c = $this->lookAhead;
> - $this->lookAhead = null;
> -
> - if ($c === null) {
> - if ($this->inputIndex < $this->inputLength) {
> - $c = $this->input[$this->inputIndex];
> - $this->inputIndex += 1;
> - } else {
> - $c = null;
> - }
> - }
> -
> - if ($c === "\r") {
> - return "\n";
> - }
> -
> - if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
> - return $c;
> - }
> -
> - return ' ';
> - }
> -
> - protected function isAlphaNum($c) {
> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/', $c) === 1;
> - }
> -
> - protected function min() {
> - $this->a = "\n";
> - $this->action(3);
> -
> - while ($this->a !== null) {
> - switch ($this->a) {
> - case ' ':
> - if ($this->isAlphaNum($this->b)) {
> - $this->action(1);
> - } else {
> - $this->action(2);
> - }
> - break;
> -
> - case "\n":
> - switch ($this->b) {
> - case '{':
> - case '[':
> - case '(':
> - case '+':
> - case '-':
> - $this->action(1);
> - break;
> -
> - case ' ':
> - $this->action(3);
> - break;
> -
> - default:
> - if ($this->isAlphaNum($this->b)) {
> - $this->action(1);
> - }
> - else {
> - $this->action(2);
> - }
> - }
> - break;
> -
> - default:
> - switch ($this->b) {
> - case ' ':
> - if ($this->isAlphaNum($this->a)) {
> - $this->action(1);
> - break;
> - }
> -
> - $this->action(3);
> - break;
> -
> - case "\n":
> - switch ($this->a) {
> - case '}':
> - case ']':
> - case ')':
> - case '+':
> - case '-':
> - case '"':
> - case "'":
> - $this->action(1);
> - break;
> -
> - default:
> - if ($this->isAlphaNum($this->a)) {
> - $this->action(1);
> - }
> - else {
> - $this->action(3);
> - }
> - }
> - break;
> -
> - default:
> - $this->action(1);
> - break;
> - }
> - }
> - }
> -
> - return $this->output;
> - }
> -
> - protected function next() {
> - $c = $this->get();
> -
> - if ($c === '/') {
> - switch($this->peek()) {
> - case '/':
> - for (;;) {
> - $c = $this->get();
> -
> - if (ord($c) <= self::ORD_LF) {
> - return $c;
> - }
> - }
> -
> - case '*':
> - $this->get();
> -
> - for (;;) {
> - switch($this->get()) {
> - case '*':
> - if ($this->peek() === '/') {
> - $this->get();
> - return ' ';
> - }
> - break;
> -
> - case null:
> - throw new JsMinException('Unterminated comment.');
> - }
> - }
> -
> - default:
> - return $c;
> - }
> - }
> -
> - return $c;
> - }
> -
> - protected function peek() {
> - $this->lookAhead = $this->get();
> - return $this->lookAhead;
> - }
> + const ORD_LF = 10;
> + const ORD_SPACE = 32;
> +
> + protected $a = '';
> + protected $b = '';
> + protected $input = '';
> + protected $inputIndex = 0;
> + protected $inputLength = 0;
> + protected $lookAhead = null;
> + protected $output = '';
> +
> + // -- Public Static Methods --------------------------------------------------
> +
> +
> + public static function minify($js)
> + {
> + $jsmin = new JsMin($js);
> + return $jsmin->min();
> + }
> +
> + // -- Public Instance Methods ------------------------------------------------
> +
> +
> + public function __construct($input)
> + {
> + $this->input = str_replace("\r\n", "\n", $input);
> + $this->inputLength = strlen($this->input);
> + }
> +
> + // -- Protected Instance Methods ---------------------------------------------
> +
> +
> + protected function action($d)
> + {
> + switch ($d) {
> + case 1:
> + $this->output .= $this->a;
> +
> + case 2:
> + $this->a = $this->b;
> +
> + if ($this->a === "'" || $this->a === '"') {
> + for (; ; ) {
> + $this->output .= $this->a;
> + $this->a = $this->get();
> +
> + if ($this->a === $this->b) {
> + break;
> + }
> +
> + if (ord($this->a) <= self::ORD_LF) {
> + throw new JsMinException('Unterminated string literal.');
> + }
> +
> + if ($this->a === '\\') {
> + $this->output .= $this->a;
> + $this->a = $this->get();
> + }
> + }
> + }
> +
> + case 3:
> + $this->b = $this->next();
> +
> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' || $this->a === '=' || $this->a === ':' || $this->a === '[' || $this->a === '!' || $this->a === '&' || $this->a === '|' || $this->a === '?')) {
> +
> + $this->output .= $this->a . $this->b;
> +
> + for (; ; ) {
> + $this->a = $this->get();
> +
> + if ($this->a === '/') {
> + break;
> + } elseif ($this->a === '\\') {
> + $this->output .= $this->a;
> + $this->a = $this->get();
> + } elseif (ord($this->a) <= self::ORD_LF) {
> + throw new JsMinException('Unterminated regular expression ' . 'literal.');
> + }
> +
> + $this->output .= $this->a;
> + }
> +
> + $this->b = $this->next();
> + }
> + }
> + }
> +
> + protected function get()
> + {
> + $c = $this->lookAhead;
> + $this->lookAhead = null;
> +
> + if ($c === null) {
> + if ($this->inputIndex < $this->inputLength) {
> + $c = $this->input[$this->inputIndex];
> + $this->inputIndex += 1;
> + } else {
> + $c = null;
> + }
> + }
> +
> + if ($c === "\r") {
> + return "\n";
> + }
> +
> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
> + return $c;
> + }
> +
> + return ' ';
> + }
> +
> + protected function isAlphaNum($c)
> + {
> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/', $c) === 1;
> + }
> +
> + protected function min()
> + {
> + $this->a = "\n";
> + $this->action(3);
> +
> + while ($this->a !== null) {
> + switch ($this->a) {
> + case ' ':
> + if ($this->isAlphaNum($this->b)) {
> + $this->action(1);
> + } else {
> + $this->action(2);
> + }
> + break;
> +
> + case "\n":
> + switch ($this->b) {
> + case '{':
> + case '[':
> + case '(':
> + case '+':
> + case '-':
> + $this->action(1);
> + break;
> +
> + case ' ':
> + $this->action(3);
> + break;
> +
> + default:
> + if ($this->isAlphaNum($this->b)) {
> + $this->action(1);
> + } else {
> + $this->action(2);
> + }
> + }
> + break;
> +
> + default:
> + switch ($this->b) {
> + case ' ':
> + if ($this->isAlphaNum($this->a)) {
> + $this->action(1);
> + break;
> + }
> +
> + $this->action(3);
> + break;
> +
> + case "\n":
> + switch ($this->a) {
> + case '}':
> + case ']':
> + case ')':
> + case '+':
> + case '-':
> + case '"':
> + case "'":
> + $this->action(1);
> + break;
> +
> + default:
> + if ($this->isAlphaNum($this->a)) {
> + $this->action(1);
> + } else {
> + $this->action(3);
> + }
> + }
> + break;
> +
> + default:
> + $this->action(1);
> + break;
> + }
> + }
> + }
> +
> + return $this->output;
> + }
> +
> + protected function next()
> + {
> + $c = $this->get();
> +
> + if ($c === '/') {
> + switch ($this->peek()) {
> + case '/':
> + for (; ; ) {
> + $c = $this->get();
> +
> + if (ord($c) <= self::ORD_LF) {
> + return $c;
> + }
> + }
> +
> + case '*':
> + $this->get();
> +
> + for (; ; ) {
> + switch ($this->get()) {
> + case '*':
> + if ($this->peek() === '/') {
> + $this->get();
> + return ' ';
> + }
> + break;
> +
> + case null:
> + throw new JsMinException('Unterminated comment.');
> + }
> + }
> +
> + default:
> + return $c;
> + }
> + }
> +
> + return $c;
> + }
> +
> + protected function peek()
> + {
> + $this->lookAhead = $this->get();
> + return $this->lookAhead;
> + }
> }
>
>
> Modified: incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php (original)
> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php Wed May 21 09:58:52 2008
> @@ -19,6 +19,18 @@
> */
>
> abstract class RemoteContentFetcher {
> +
> + protected $fetcher;
> +
> + protected function setNextFetcher($fetcher = null)
> + {
> + $this->fetcher = $fetcher;
> + }
>
> abstract public function fetchRequest($request);
> +
> + public function getNextFetcher()
> + {
> + return $this->fetcher;
> + }
> }
> \ No newline at end of file
>
> Modified: incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php (original)
> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php Wed May 21 09:58:52 2008
> @@ -15,13 +15,14 @@
> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> * KIND, either express or implied. See the License for the
> * specific language governing permissions and limitations under the License.
> - *
> + *
> */
>
> class RemoteContentRequest {
> // these are used for making the request
> - private $url = '';
> - private $headers = false;
> + private $uri = '';
> + private $method = '';
> + private $headers = array();
> private $postBody = false;
> // these fields are filled in once the request has completed
> private $responseContent = false;
> @@ -29,20 +30,179 @@
> private $responseHeaders = false;
> private $httpCode = false;
> private $contentType = null;
> + private $options;
> public $handle = false;
> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded; charset=utf-8";
> + public static $DEFAULT_OPTIONS = array();
>
> - public function __construct($url, $headers = false, $postBody = false)
> + public function __construct($uri, $headers = false, $postBody = false)
> {
> - $this->url = $url;
> + $this->uri = $uri;
> $this->headers = $headers;
> $this->postBody = $postBody;
> }
>
> + public function createRemoteContentRequest($method, $uri, $headers, $postBody, $options)
> + {
> + $this->method = $method;
> + $this->uri = $uri;
> + $this->options = $options;
> + // Copy the headers
> + if (! isset($headers)) {
> + $this->headers = '';
> + } else {
> + $setPragmaHeader = false;
> + $tmpHeaders = '';
> + foreach ($headers as $key => $value) {
> + // Proxies should be bypassed with the Pragma: no-cache check.
> + //TODO double check array is good for options
> + if ($key == "Pragma" && @$options['ignoreCache']) {
> + $value = "no-cache";
> + $setPragmaHeader = true;
> + }
> + $tmpHeaders .= $key . ":" . $value . "\n";
> + }
> + // Bypass caching in proxies as well.
> + //TODO double check array is good for options
> + if (! $setPragmaHeader && @$options['ignoreCache']) {
> + $tmpHeaders .= "Pragma:no-cache\n";
> + }
> + $this->headers = $tmpHeaders;
> + }
> + if (! isset($postBody)) {
> + $this->postBody = '';
> + } else {
> + $this->postBody = array_merge($postBody, $this->postBody);
> + }
> + $type = $this->getHeader("Content-Type");
> + if (! isset($type)) {
> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
> + } else {
> + $this->contentType = $type;
> + }
> + }
> +
> + /**
> + * Creates a new request to a different URL using all request data from
> + * an existing request.
> + *
> + * @param uri
> + * @param base The base request to copy data from.
> + */
> + public static function createRemoteContentRequestWithUriBase($uri, $base)
> + {
> + $this->uri = $uri;
> + $this->method = $base->method;
> + $this->options = $base->options;
> + $this->headers = $base->headers;
> + $this->contentType = $base->contentType;
> + $this->postBody = $base->postBody;
> + }
> +
> + /**
> + * Basic GET request.
> + *
> + * @param uri
> + */
> + public function createRemoteContentRequestWithUri($uri)
> + {
> + $this->createRemoteContentRequest("GET", $uri, null, null, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * GET with options
> + *
> + * @param uri
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriOptions($uri, $options)
> + {
> + $this->createRemoteContentRequest("GET", $uri, null, null, $options);
> + }
> +
> + /**
> + * GET request with custom headers and default options
> + * @param uri
> + * @param headers
> + */
> + public function RemoteContentRequestWithUriHeaders($uri, $headers)
> + {
> + $this->createRemoteContentRequest("GET", $uri, $headers, null, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * GET request with custom headers + options
> + * @param uri
> + * @param headers
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriHeadersOptions($uri, $headers, $options)
> + {
> + $this->createRemoteContentRequest("GET", $uri, $headers, null, $options);
> + }
> +
> + /**
> + * Basic POST request
> + * @param uri
> + * @param postBody
> + */
> + public function RemoteContentRequestWithUriPostBody($uri, $postBody)
> + {
> + $this->createRemoteContentRequest("POST", $uri, null, $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * POST request with options
> + * @param uri
> + * @param postBody
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody, $options)
> + {
> + $this->createRemoteContentRequest("POST", $uri, null, $postBody, $options);
> + }
> +
> + /**
> + * POST request with headers
> + * @param uri
> + * @param headers
> + * @param postBody
> + */
> + public function createRemoteContentRequestWithUriHeadersPostBody($uri, $headers, $postBody)
> + {
> + $this->createRemoteContentRequest("POST", $uri, $headers, $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * POST request with options + headers
> + * @param uri
> + * @param headers
> + * @param postBody
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriHeadersPostBodyOptions($uri, $headers, $postBody, $options)
> + {
> + $this->createRemoteContentRequest("POST", $uri, $headers, $postBody, $options);
> + }
> +
> + /**
> + * Creates a simple GET request
> + *
> + * @param uri
> + * @param ignoreCache
> + */
> + public function getRequest($uri, $ignoreCache)
> + {
> + $options = new Options();
> + $options->ignoreCache = $ignoreCache;
> + return $this->createRemoteContentRequestWithUriOptions($uri, $options);
> + }
> +
> // returns a hash code which identifies this request, used for caching
> - // takes url and postbody into account for constructing the md5 checksum
> + // takes url and postbody into account for constructing the sha1 checksum
> public function toHash()
> {
> - return md5($this->url . $this->postBody);
> + return md5($this->uri . $this->postBody);
> }
>
> public function getContentType()
> @@ -92,7 +252,17 @@
>
> public function getUrl()
> {
> - return $this->url;
> + return $this->uri;
> + }
> +
> + public function getMethod()
> + {
> + return $this->method;
> + }
> +
> + public function getOptions()
> + {
> + return $this->options;
> }
>
> public function setContentType($type)
> @@ -125,14 +295,37 @@
> $this->headers = $headers;
> }
>
> + //FIXME: Find a better way to do this
> + // The headers can be an array of elements.
> + public function getHeader($headerName)
> + {
> + $headers = explode("\n", $this->headers);
> + foreach ($headers as $header) {
> + $key = explode(":", $header);
> + if ($key[0] == $headerName)
> + return $key[1];
> + }
> + return null;
> + }
> +
> public function setPostBody($postBody)
> {
> $this->postBody = $postBody;
> }
>
> - public function setUrl($url)
> + public function setUri($uri)
> {
> - $this->url = $url;
> + $this->uri = $uri;
> }
>
> -}
> \ No newline at end of file
> +}
> +
> +/**
> + * Bag of options for making a request.
> + *
> + * This object is mutable to keep us sane. Don't mess with it once you've
> + * sent it to RemoteContentRequest or bad things might happen.
> + */
> +class Options {
> + public $ignoreCache = false;
> +}
>
> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php (original)
> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May 21 09:58:52 2008
> @@ -80,7 +80,7 @@
> self::loadFile($file, $dirs, true);
> } else {
> self::_securityCheck($file);
> - include_once $file;
> + include_once 'src/common/'.$file;
> }
>
> if (!class_exists($class, false) && !interface_exists($class, false)) {
>
> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed May 21 09:58:52 2008
> @@ -26,21 +26,21 @@
> * Server wide variables are stored in config.php
> */
> class GadgetContext {
> - private $httpFetcher = null;
> - private $locale = null;
> - private $renderingContext = null;
> - private $registry = null;
> - private $userPrefs = null;
> - private $gadgetId = null;
> - private $view = null;
> - private $moduleId = null;
> - private $url = null;
> - private $cache = null;
> - private $blacklist = null;
> - private $ignoreCache = null;
> - private $forcedJsLibs = null;
> - private $containerConfig = null;
> - private $container = null;
> + protected $httpFetcher = null;
> + protected $locale = null;
> + protected $renderingContext = null;
> + protected $registry = null;
> + protected $userPrefs = null;
> + protected $gadgetId = null;
> + protected $view = null;
> + protected $moduleId = null;
> + protected $url = null;
> + protected $cache = null;
> + protected $blacklist = null;
> + protected $ignoreCache = null;
> + protected $forcedJsLibs = null;
> + protected $containerConfig = null;
> + protected $container = null;
>
> public function __construct($renderingContext)
> {
>
> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php Wed May 21 09:58:52 2008
> @@ -36,7 +36,7 @@
> }
> $gadget = new Gadget($context->getGadgetId(), $context);
> // process ModulePref attributes
> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
> // process UserPrefs, if any
> foreach ($doc->UserPref as $pref) {
> $this->processUserPref($gadget, $pref);
> @@ -54,7 +54,7 @@
> return $gadget;
> }
>
> - private function processModulePrefs(&$gadget, $ModulePrefs)
> + private function processModulePrefs(&$gadget, $ModulePrefs, $context)
> {
> $attributes = $ModulePrefs->attributes();
> if (empty($attributes['title'])) {
> @@ -90,11 +90,11 @@
> $gadget->scaling = isset($attributes['scaling']) ? trim($attributes['scaling']) : '';
> $gadget->scrolling = isset($attributes['scrolling']) ? trim($attributes['scrolling']) : '';
> foreach ($ModulePrefs->Locale as $locale) {
> - $gadget->localeSpecs[] = $this->processLocale($locale);
> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
> }
> }
>
> - private function processLocale($locale)
> + private function processLocale($locale, $context)
> {
> $attributes = $locale->attributes();
> $messageAttr = isset($attributes['messages']) ? trim($attributes['messages']) : '';
>
> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,70 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the License.
> + *
> + */
> +
> +/**
> + * An abstract representation of a signing token.
> + * Use in conjunction with @code GadgetTokenDecoder.
> + */
> +abstract class GadgetToken {
> +
> + //FIXME Hmm seems php is refusing to let me make abstract static functions? odd
> + static public function createFromToken($token, $maxage) {}
> + static public function createFromValues($owner, $viewer, $app, $domain, $appUrl, $moduleId) {}
> +
> +
> + /**
> + * Serializes the token into a string. This can be the exact same as
> + * toString; using a different name here is only to force interface
> + * compliance.
> + *
> + * @return A string representation of the token.
> + */
> + abstract public function toSerialForm();
> +
> + /**
> + * @return the owner from the token, or null if there is none.
> + */
> + abstract public function getOwnerId();
> +
> + /**
> + * @return the viewer from the token, or null if there is none.
> + */
> + abstract public function getViewerId();
> +
> + /**
> + * @return the application id from the token, or null if there is none.
> + */
> + abstract public function getAppId();
> +
> + /**
> + * @return the domain from the token, or null if there is none.
> + */
> + abstract public function getDomain();
> +
> + /**
> + * @return the URL of the application
> + */
> + abstract public function getAppUrl();
> +
> + /**
> + * @return the module ID of the application
> + */
> + abstract public function getModuleId();
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,34 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +
> +/**
> + * Handles verification of gadget security tokens.
> + */
> +abstract class GadgetTokenDecoder {
> +
> + /**
> + * Decrypts and verifies a gadget security token to return a gadget token.
> + *
> + * @param tokenString String representation of the token to be created.
> + * @return The token representation of the input data.
> + * @throws GadgetException If tokenString is not a valid token
> + */
> + abstract public function createToken($tokenString);
> +}
>
> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May 21 09:58:52 2008
> @@ -24,7 +24,7 @@
> private $content;
> private $featureName; // used to track what feature this belongs to
> private $loaded = false;
> -
> +
> public function __construct($type, $content, $featureName = '')
> {
> $this->featureName = $featureName;
> @@ -39,11 +39,11 @@
>
> public function getContent()
> {
> - if (!$this->loaded && $this->type == 'FILE') {
> + if (! $this->loaded && $this->type == 'FILE') {
> if (Config::get('compress_javascript')) {
> $dataCache = Config::get('data_cache');
> $dataCache = new $dataCache();
> - if (!($content = $dataCache->get(md5($this->content)))) {
> + if (! ($content = $dataCache->get(md5($this->content)))) {
> $content = JsMin::minify(JsLibrary::loadData($this->content, $this->type));
> $dataCache->set(md5($this->content), $content);
> $this->content = $content;
>
> Modified: incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
> @@ -1,10 +1,6 @@
> <?php
>
> class JsonRpcGadgetContext extends GadgetContext {
> - private $locale = null;
> - private $view = null;
> - private $url = null;
> - private $container = null;
>
> public function __construct($jsonContext, $url)
> {
> @@ -15,23 +11,8 @@
> $this->container = $jsonContext->container;
> }
>
> - public function getUrl()
> - {
> - return $this->url;
> - }
> -
> public function getView()
> {
> return $this->view;
> }
> -
> - public function getLocale()
> - {
> - return $this->locale;
> - }
> -
> - public function getContainer()
> - {
> - return $this->container;
> - }
> }
> \ No newline at end of file
>
> Added: incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,10 @@
> +<?php
> +
> +class ProxyGadgetContext extends GadgetContext {
> +
> + public function __construct($url)
> + {
> + parent::__construct('GADGET');
> + $this->url = $url;
> + }
> +}
>
> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed May 21 09:58:52 2008
> @@ -29,11 +29,15 @@
> *
> */
> class ProxyHandler {
> - private $context;
> + private $context;
> + private $signingFetcher;
> + private $oauthFetcher;
>
> - public function __construct($context)
> + public function __construct($context, $signingFetcher = null, $oauthFetcher = null)
> {
> - $this->context = $context;
> + $this->context = $context;
> + $this->signingFetcher = $signingFetcher;
> + $this->oauthFetcher = $oauthFetcher;
> }
>
> /**
> @@ -51,11 +55,21 @@
> $token = '';
> // no token given, safe to ignore
> }
> - $originalUrl = $this->validateUrl($url);
> - $signedUrl = $this->signUrl($originalUrl, $token);
> + $url = $this->validateUrl($url);
> // Fetch the content and convert it into JSON.
> // TODO: Fetcher needs to handle variety of HTTP methods.
> - $result = $this->fetchContent($signedUrl, $method);
> + $result = $this->fetchContentDivert($url, $method, $signer);
> + if (!isset($result)) {
> + //OAuthFetcher only
> + $metadata = $this->oauthFetcher->getResponseMetadata();
> + $json = array($url => $metadata);
> + $json = json_encode($json);
> + $output = UNPARSEABLE_CRUFT . $json;
> + $this->setCachingHeaders();
> + header("Content-Type: application/json; charset=utf-8", true);
> + echo $output;
> + die();
> + }
> $status = (int)$result->getHttpCode();
> //header("HTTP/1.1 $status", true);
> if ($status == 200) {
> @@ -174,10 +188,9 @@
> $token = '';
> // no token given, safe to ignore
> }
> - $originalUrl = $this->validateUrl($url);
> - $signedUrl = $this->signUrl($originalUrl, $token);
> + $url = $this->validateUrl($url);
> //TODO: Fetcher needs to handle variety of HTTP methods.
> - $result = $this->fetchContent($signedUrl, $method);
> + $result = $this->fetchContent($url, $method);
> // TODO: Fetcher needs to handle variety of HTTP methods.
> $status = (int)$result->getHttpCode();
> if ($status == 200) {
> @@ -208,11 +221,11 @@
> /**
> * Both fetch and fetchJson call this function to retrieve the actual content
> *
> - * @param string $signedUrl the signed url to fetch
> + * @param string $url the url to fetch
> * @param string $method either get or post
> * @return the filled in request (RemoteContentRequest)
> */
> - private function fetchContent($signedUrl, $method)
> + private function fetchContent($url, $method)
> {
> //TODO get actual character encoding from the request
>
> @@ -250,14 +263,41 @@
> }
> // even if postData is an empty string, it will still post (since RemoteContentRquest checks if its false)
> // so the request to POST is still honored
> - $request = new RemoteContentRequest($signedUrl, $headers, $postData);
> + $request = new RemoteContentRequest($url, $headers, $postData);
> $request = $this->context->getHttpFetcher()->fetch($request, $context);
> } else {
> - $request = new RemoteContentRequest($signedUrl, $headers);
> + $request = new RemoteContentRequest($url, $headers);
> $request = $this->context->getHttpFetcher()->fetch($request, $context);
> }
> return $request;
> }
> +
> + private function fetchContentDivert($url, $method, $signer)
> + {
> + $authz = isset($_GET['authz']) ? $_GET['authz'] : (isset($_POST['authz']) ? $_POST['authz'] : '');
> + $token = $this->extractAndValidateToken($signer);
> + switch (strtoupper($authz)) {
> + case 'SIGNED':
> + $fetcher = $this->signingFetcher->getSigningFetcher(new BasicRemoteContentFetcher(), $token);
> + return $fetcher->fetch($url, $method);
> + case 'AUTHENTICATED':
> + $params = new OAuthRequestParams();
> + $fetcher = $this->signingFetcher->getSigningFetcher(new BasicRemoteContentFetcher(), $token);
> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
> + $this->oauthFetcher = $oAuthFetcherFactory->getOAuthFetcher($fetcher, $token, $params);
> + $request = new RemoteContentRequest($url);
> + $request->createRemoteContentRequestWithUri($url);
> + return $this->oauthFetcher->fetchRequest($request);
> + case 'NONE':
> + default:
> + return $this->fetchContent($url, $method);
> + }
> + }
> +
> + public function setContentFetcher($contentFetcherFactory)
> + {
> + $this->contentFetcherFactory = $contentFetcherFactory;
> + }
>
> /**
> * Sets the caching headers (overwriting anything the remote host set) to force
> @@ -282,6 +322,7 @@
> private function validateUrl($url)
> {
> //TODO should really make a PHP version of the URI class and validate in all the locations the java version does
> + // why not use Zend::Uri:
> return $url;
> }
>
> @@ -293,40 +334,17 @@
> * @return string the token to use in the signed url
> */
> private function extractAndValidateToken($signer)
> - {
> - if ($signer == null) {
> - return null;
> - }
> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
> - if ($token) {
> - $token = isset($_POST['st']) ? $_POST['st'] : '';
> - }
> + {
> + if ($signer == null) {
> + return null;
> + }
> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
> + if (!isset($token) || $token == '') {
> + $token = isset($_POST['st']) ? $_POST['st'] : '';
> + }
> return $signer->createToken($token);
> }
> -
> - /**
> - * Signs a url with the SecurityToken
> - *
> - * @param string $originalUrl
> - * @param SecurityToken $token
> - * @return unknown
> - */
> - private function signUrl($originalUrl, $token)
> - {
> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
> - if (! $authz) {
> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
> - }
> - if ($token == null || $authz != 'signed') {
> - return $originalUrl;
> - }
> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
> - if ($method) {
> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
> - }
> - return $token->signUrl($originalUrl, $method);
> - }
> -
> +
> private function request_headers()
> {
> // Try to use apache's request headers if available
>
> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,42 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the License.
> + *
> + */
> +require 'src/common/HttpServlet.php';
> +
> +/**
> + * This class serves the public certificate, quick and dirty hack to make the certificate publicly accessible
> + * this combined with the hard coded location in SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
> + * for the oauth pub key location makes a working whole
> + */
> +class CertServlet extends HttpServlet {
> +
> + /**
> + * Handles the get file request, only called on url = /public.crt
> + * so this function has no logic other then to output the cert
> + */
> + public function doGet()
> + {
> + $file = Config::get('public_key_file');
> + if (!file_exists($file) || !is_readable($file)) {
> + throw new Exception("Invalid public key location ($file), check config and file permissions");
> + }
> + $this->setLastModified(filemtime($file));
> + readfile($file);
> + }
> +}
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php Wed May 21 09:58:52 2008
> @@ -25,7 +25,7 @@
> * the php version too
> */
> class FilesServlet extends HttpServlet {
> -
> +
> /**
> * Handles the get file request, if the file exists and is in the correct
> * location it's echo'd to the browser (with a basic content type guessing
> @@ -46,14 +46,14 @@
> die();
> }
> // if the file doesn't exist or can't be read, give a 404 error
> - if (!file_exists($file) || !is_readable($file) || !is_file($file)) {
> + if (! file_exists($file) || ! is_readable($file) || ! is_file($file)) {
> header("HTTP/1.0 404 Not Found", true);
> echo "<html><body><h1>404 - Not Found</h1></body></html>";
> die();
> }
> $dot = strrpos($file, '.');
> if ($dot) {
> - $ext = strtolower(substr($file, $dot+1));
> + $ext = strtolower(substr($file, $dot + 1));
> if ($ext == 'html' || $ext == 'htm') {
> $this->setContentType('text/html');
> } elseif ($ext == 'js') {
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php Wed May 21 09:58:52 2008
> @@ -52,7 +52,7 @@
> */
> class GadgetRenderingServlet extends HttpServlet {
> private $context;
> -
> +
> /**
> * Creates the gadget using the GadgetServer class and calls outputGadget
> *
> @@ -71,11 +71,11 @@
> $gadgetServer = new GadgetServer();
> $gadget = $gadgetServer->processGadget($this->context);
> $this->outputGadget($gadget, $this->context);
> - } catch ( Exception $e ) {
> + } catch (Exception $e) {
> $this->outputError($e);
> }
> }
> -
> +
> /**
> * If an error occured (Exception) this function echo's the Exception's message
> * and if the config['debug'] is true, shows the debug backtrace in a div
> @@ -95,7 +95,7 @@
> }
> echo "</body></html>";
> }
> -
> +
> /**
> * Takes the gadget to output, and depending on its content type calls either outputHtml-
> * or outputUrlGadget
> @@ -107,15 +107,15 @@
> {
> $view = HttpUtil::getView($gadget, $context);
> switch ($view->getType()) {
> - case 'HTML' :
> + case 'HTML':
> $this->outputHtmlGadget($gadget, $context, $view);
> break;
> - case 'URL' :
> + case 'URL':
> $this->outputUrlGadget($gadget, $context, $view);
> break;
> }
> }
> -
> +
> /**
> * Outputs a html content type gadget.
> * It creates a html page, with the javascripts from the features inline into the page, plus
> @@ -144,16 +144,13 @@
> }
> // Was a privacy policy header configured? if so set it
> if (Config::get('P3P') != '') {
> - header("P3P: ".Config::get('P3P'));
> + header("P3P: " . Config::get('P3P'));
> }
> - if (!$view->getQuirks()) {
> + if (! $view->getQuirks()) {
> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n";
> }
> - echo "<html>\n<head>".
> - "<style type=\"text/css\">".Config::get('gadget_css')."</style>".
> - "</head><body>".
> - "<script><!--\n";
> - foreach ( $gadget->getJsLibraries() as $library ) {
> + echo "<html>\n<head>" . "<style type=\"text/css\">" . Config::get('gadget_css') . "</style>" . "</head><body>" . "<script><!--\n";
> + foreach ($gadget->getJsLibraries() as $library) {
> $type = $library->getType();
> if ($type == 'URL') {
> // TODO: This case needs to be handled more gracefully by the js
> @@ -173,15 +170,12 @@
> // Forced libs first.
> if (! empty($forcedLibs)) {
> $libs = explode(':', $forcedLibs);
> - echo sprintf($externFmt, Config::get('default_js_prefix').$this->getJsUrl($libs, $gadget)) . "\n";
> + echo sprintf($externFmt, Config::get('default_js_prefix') . $this->getJsUrl($libs, $gadget)) . "\n";
> }
> if (strlen($externJs) > 0) {
> echo $externJs;
> }
> - echo "<script><!--\n".
> - $this->appendJsConfig($context, $gadget).
> - $this->appendMessages($gadget).
> - "-->\n</script>\n";
> + echo "<script><!--\n" . $this->appendJsConfig($context, $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>
> $gadgetExceptions = array();
> $content = $gadget->getSubstitutions()->substitute($view->getContent());
> @@ -192,11 +186,9 @@
> if (count($gadgetExceptions)) {
> throw new GadgetException(print_r($gadgetExceptions, true));
> }
> - echo $content . "\n".
> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
> - "</body>\n</html>";
> + echo $content . "\n" . "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>\n</html>";
> }
> -
> +
> /**
> * Output's a URL content type gadget, it adds libs=<list:of:js:libraries>.js and user preferences
> * to the href url, and redirects the browser to it
> @@ -215,7 +207,7 @@
> $forcedLibs = Config::get('focedJsLibs');
> if ($forcedLibs == null) {
> $reqs = $gadget->getRequires();
> - foreach ( $reqs as $key => $val ) {
> + foreach ($reqs as $key => $val) {
> $libs[] = $key;
> }
> } else {
> @@ -231,7 +223,7 @@
> header('Location: ' . $redirURI);
> die();
> }
> -
> +
> /**
> * Returns the requested libs (from getjsUrl) with the libs_param_name prepended
> * ie: in libs=core:caja:etc.js format
> @@ -248,7 +240,7 @@
> $ret .= $this->getJsUrl($libs, $gadget);
> return $ret;
> }
> -
> +
> /**
> * Returns the user preferences in &up_<name>=<val> format
> *
> @@ -259,7 +251,7 @@
> private function getPrefsQueryString($prefVals)
> {
> $ret = '';
> - foreach ( $prefVals->getPrefs() as $key => $val ) {
> + foreach ($prefVals->getPrefs() as $key => $val) {
> $ret .= '&';
> $ret .= Config::get('userpref_param_prefix');
> $ret .= urlencode($key);
> @@ -268,10 +260,10 @@
> }
> return $ret;
> }
> -
> +
> /**
> * generates the library string (core:caja:etc.js) including a checksum of all the
> - * javascript content (?v=<sha1 of js) for cache busting
> + * javascript content (?v=<md5 of js>) for cache busting
> *
> * @param string $libs
> * @param Gadget $gadget
> @@ -284,7 +276,7 @@
> $buf = 'core';
> } else {
> $firstDone = false;
> - foreach ( $libs as $lib ) {
> + foreach ($libs as $lib) {
> if ($firstDone) {
> $buf .= ':';
> } else {
> @@ -296,7 +288,7 @@
> // Build a version string from the sha1() checksum of all included javascript
> // to ensure the client always has the right version
> $inlineJs = '';
> - foreach ( $gadget->getJsLibraries() as $library ) {
> + foreach ($gadget->getJsLibraries() as $library) {
> $type = $library->getType();
> if ($type != 'URL') {
> $inlineJs .= $library->getContent() . "\n";
> @@ -305,14 +297,14 @@
> $buf .= ".js?v=" . md5($inlineJs);
> return $buf;
> }
> -
> +
> private function appendJsConfig($context, $gadget)
> {
> $container = $context->getContainer();
> $containerConfig = $context->getContainerConfig();
> $gadgetConfig = array();
> $featureConfig = $containerConfig->getConfig($container, 'gadgets.features');
> - foreach ( $gadget->getJsLibraries() as $library ) {
> + foreach ($gadget->getJsLibraries() as $library) {
> $feature = $library->getFeatureName();
> if (! isset($gadgetConfig[$feature]) && ! empty($featureConfig[$feature])) {
> $gadgetConfig[$feature] = $featureConfig[$feature];
> @@ -320,7 +312,7 @@
> }
> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");\n";
> }
> -
> +
> private function appendMessages($gadget)
> {
> $msgs = '';
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed May 21 09:58:52 2008
> @@ -30,7 +30,7 @@
> * to retrieve our features javascript code
> */
> class JsServlet extends HttpServlet {
> -
> +
> public function doGet()
> {
> $this->noHeaders = true;
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php Wed May 21 09:58:52 2008
> @@ -26,6 +26,8 @@
> require 'src/common/RemoteContent.php';
> require 'src/common/Cache.php';
> require 'src/common/RemoteContentFetcher.php';
> +require 'src/gadgets/oauth/OAuth.php';
> +require 'src/gadgets/oauth/OAuthStore.php';
>
> class ProxyServlet extends HttpServlet {
>
> @@ -39,6 +41,7 @@
> if (! $url) {
> $url = isset($_POST['url']) ? $_POST['url'] : false;
> }
> + $url = urldecode($url);
> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
> if (! $method) {
> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
> @@ -49,7 +52,8 @@
> }
> $gadgetSigner = Config::get('security_token_signer');
> $gadgetSigner = new $gadgetSigner();
> - $proxyHandler = new ProxyHandler($context);
> + $signingFetcherFactory = new SigningFetcherFactory(Config::get("private_key_file"));
> + $proxyHandler = new ProxyHandler($context, $signingFetcherFactory);
> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
> } else {
>
> Added: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,216 @@
> +<?php
> +/*
> + * Licensed under the Apache License, Version 2.0 (the "License");
> + * you may not use this file except in compliance with the License.
> + * You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing, software
> + * distributed under the License is distributed on an "AS IS" BASIS,
> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> + * See the License for the specific language governing permissions and
> + * limitations under the License.
> + */
> +
> +/**
> + * Implements signed fetch based on the OAuth request signing algorithm.
> + *
> + * Subclasses can override signMessage to use their own crypto if they don't
> + * like the oauth.net code for some reason.
> + *
> + * Instances of this class are only accessed by a single thread at a time,
> + * but instances may be created by multiple threads.
> + */
> +class SigningFetcher extends RemoteContentFetcher {
> +
> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
> + protected static $XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
> +
> + //protected final TimeSource clock = new TimeSource();
> +
> + /**
> + * Authentication token for the user and gadget making the request.
> + */
> + protected $authToken;
> +
> + /**
> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can be a
> + * PrivateKey object, or a PEM formatted private key, or a DER encoded byte
> + * array for the private key.(No, really, they accept any of them.)
> + */
> + protected $privateKeyObject;
> +
> + /**
> + * The name of the key, included in the fetch to help with key rotation.
> + */
> + protected $keyName;
> +
> + /**
> + * Constructor based on signing with the given PrivateKey object.
> + *
> + * @param authToken verified gadget security token
> + * @param keyName name of the key to include in the request
> + * @param privateKey the key to use for the signing
> + */
> + public static function makeFromPrivateKey($next, $authToken, $keyName, $privateKey)
> + {
> + return new SigningFetcher($next, $authToken, $keyName, $privateKey);
> + }
> +
> + /**
> + * Constructor based on signing with the given PrivateKey object.
> + *
> + * @param authToken verified gadget security token
> + * @param keyName name of the key to include in the request
> + * @param privateKey base64 encoded private key
> + */
> + public static function makeFromB64PrivateKey($next, $authToken, $keyName, $privateKey)
> + {
> + return new SigningFetcher($next, $authToken, $keyName, $privateKey);
> + }
> +
> + /**
> + * Constructor based on signing with the given PrivateKey object.
> + *
> + * @param authToken verified gadget security token
> + * @param keyName name of the key to include in the request
> + * @param privateKey DER encoded private key
> + */
> + public static function makeFromPrivateKeyBytes($next, $authToken, $keyName, $privateKey)
> + {
> + return new SigningFetcher($next, $authToken, $keyName, $privateKey);
> + }
> +
> + protected function __construct($next, $authToken, $keyName, $privateKeyObject)
> + {
> + parent::setNextFetcher($next);
> + $this->authToken = $authToken;
> + $this->keyName = $keyName;
> + $this->privateKeyObject = $privateKeyObject;
> + }
> +
> + public function fetchRequest($request)
> + {
> + return $this->getNextFetcher()->fetchRequest($request);
> + }
> +
> + public function fetch($url, $method)
> + {
> + $signed = $this->signRequest($url, $method);
> + return $this->getNextFetcher()->fetchRequest($signed);
> + }
> +
> + private function signRequest($url, $method)
> + {
> + try {
> + // Parse the request into parameters for OAuth signing, stripping out
> + // any OAuth or OpenSocial parameters injected by the client
> + ///////////////////////////////////////////////
> + require 'src/common/Zend/Uri.php';
> + $uri = Zend_Uri::factory($url);
> + $resource = $uri->getUri();
> + $queryParams = $this->sanitize($_GET);
> + $postParams = $this->sanitize($_POST);
> + $msgParams = array();
> + $msgParams = array_merge($msgParams, $queryParams);
> + $msgParams = array_merge($msgParams, $postParams);
> +
> + // TODO: is this ok?
> + //$msgParams = array();
> + $this->addOpenSocialParams($msgParams);
> + $this->addOAuthParams($msgParams);
> +
> + // Build and sign the OAuthMessage; note that the resource here has
> + // no query string, the parameters are all in msgParams
> + //$message = new OAuthMessage($method, $resource, $msgParams);
> +
> + ////////////////////////////////////////////////
> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
> + $consumer->setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this->privateKeyObject);
> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
> +
> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL, $method, $resource, $msgParams);
> + $req_req->sign_request($signatureMethod, $consumer, NULL);
> +
> + // Rebuild the query string, including all of the parameters we added.
> + // We have to be careful not to copy POST parameters into the query.
> + // If post and query parameters share a name, they end up being removed
> + // from the query.
> + $forPost = array();
> + foreach ($postParams as $key => $param) {
> + $forPost[$key] = $param;
> + }
> + $newQuery = array();
> + foreach ($req_req->get_parameters() as $key => $param) {
> + if (! isset($forPost[$key])) {
> + $newQuery[$key] = $param;
> + }
> + }
> +
> + // Careful here; the OAuth form encoding scheme is slightly different than
> + // the normal form encoding scheme, so we have to use the OAuth library
> + // formEncode method.
> + $uri->setQuery($newQuery);
> + return new RemoteContentRequest($uri->getUri());
> + } catch (Exception $e) {
> + throw new GadgetException($e);
> + }
> + }
> +
> + private function addOpenSocialParams(&$msgParams)
> + {
> + $owner = $this->authToken->getOwnerId();
> + if ($owner != null) {
> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
> + }
> + $viewer = $this->authToken->getViewerId();
> + if ($viewer != null) {
> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
> + }
> + $app = $this->authToken->getAppId();
> + if ($app != null) {
> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
> + }
> + }
> +
> + private function addOAuthParams(&$msgParams)
> + {
> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
> + $domain = $this->authToken->getDomain();
> + if ($domain != null) {
> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] = 'partuza.chabotc.com'; //$domain;
> + }
> + if ($this->keyName != null) {
> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
> + }
> + $nonce = OAuthRequest::generate_nonce();
> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
> + $timestamp = time();
> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
> + }
> +
> + /**
> + * Strip out any owner or viewer id passed by the client.
> + */
> + private function sanitize($params)
> + {
> + $list = array();
> + foreach ($params as $key => $p) {
> + if ($this->allowParam($key)) {
> + $list[$key] = $p;
> + }
> + }
> + return $list;
> + }
> +
> + private function allowParam($paramName)
> + {
> + $canonParamName = strtolower($paramName);
> + return (! (substr($canonParamName, 0, 5) == "oauth" || substr($canonParamName, 0, 6) == "xoauth" || substr($canonParamName, 0, 9) == "opensocial")) && ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
> + }
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,86 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +
> +/**
> + * Produces Signing content fetchers for input tokens.
> + */
> +class SigningFetcherFactory {
> + private $keyName;
> + private $privateKey;
> +
> + /**
> + * Produces a signing fetcher that will sign requests and delegate actual
> + * network retrieval to the {@code networkFetcher}
> + *
> + * @param networkFetcher The fetcher that will be doing actual work.
> + * @param token The gadget token used for extracting signing parameters.
> + * @return The signing fetcher.
> + * @throws GadgetException
> + */
> + public function getSigningFetcher($networkFetcher, $token)
> + {
> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher, $token, $this->keyName, $this->privateKey);
> + }
> +
> + /**
> + * @param keyFile The file containing your private key for signing requests.
> + */
> + public function __construct($keyFile = null)
> + {
> + $this->keyName = 'http://'.$_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
> + if (! empty($keyFile)) {
> + $privateKey = null;
> + try {
> + // check if the converted from PKCS8 key is in cache, if not, convert it
> + $cache = Config::get('data_cache');
> + $cache = new $cache();
> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this->keyName)) !== false) {
> + $rsa_private_key = $cachedKey;
> + } else {
> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
> + throw new Exception("Could not read keyfile ($keyFile), check the file name and permission");
> + }
> + // TODO: sending NULL as a second param to openssl_pkey_get_private works?
> + $phrase = Config::get('private_key_phrase') != '' ? (Config::get('private_key_phrase')) : null;
> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key, $phrase)) == false) {
> + //TODO: double check if can input keyfile -inform PEM
> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
> + throw new Exception("Could not create temporary file");
> + }
> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
> + throw new Exception("Could not write to temporary file");
> + }
> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
> + throw new Exception("Could not create temporary file");
> + }
> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
> + if (! $rsa_private_key = @file_get_contents($out)) {
> + throw new Exception("Could not read temporary file");
> + }
> + }
> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName), $rsa_private_key);
> + }
> + } catch (Exception $e) {
> + throw new Exception("Error loading private key: " . $e);
> + }
> + $this->privateKey = $rsa_private_key;
> + }
> + }
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,112 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +
> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
> +
> + /** default location for consumer keys and secrets */
> + private $OAUTH_CONFIG = "../config/oauth.json";
> + private $CONSUMER_SECRET_KEY = "consumer_secret";
> + private $CONSUMER_KEY_KEY = "consumer_key";
> + private $KEY_TYPE_KEY = "key_type";
> +
> + public function __construct($store)
> + {
> + parent::__construct($store);
> + }
> +
> + public function initFromConfigFile($fetcher)
> + {
> + // Read our consumer keys and secrets from config/oauth.js
> + // This actually involves fetching gadget specs
> + try {
> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
> +
> + // remove all comments because this confuses the json parser
> + // note: the json parser also crashes on trailing ,'s in records so please don't use them
> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '', $oauthConfigStr);
> + $oauthConfig = json_decode($contents, true);
> + foreach ($oauthConfig as $gadgetUri => $value) {
> + $this->storeProviderInfos($fetcher, $gadgetUri);
> + $this->storeConsumerInfos($gadgetUri, $value);
> + }
> + } catch (Exception $e) {
> + throw new GadgetException($e);
> + }
> + }
> +
> + private function storeProviderInfos($fetcher, $gadgetUri)
> + {
> + $cache = Config::get('data_cache');
> + $cache = new $cache();
> +
> + // determine which requests we can load from cache, and which we have to actually fetch
> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
> + $gadget = $cachedRequest;
> + } else {
> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
> + $remoteContentRequest->getRequest($gadgetUri, false);
> + $response = $fetcher->fetchRequest($remoteContentRequest);
> + $context = new ProxyGadgetContext($gadgetUri);
> + $spec = new GadgetSpecParser();
> + $gadget = $spec->parse($response->getResponseContent(), $context);
> + $cache->set(md5($gadgetUri), $gadget);
> + }
> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
> + }
> +
> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
> + {
> + foreach ($oauthConfig as $key => $value) {
> + $serviceName = $key;
> + $consumerInfo = $value;
> + $this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
> + }
> + }
> +
> + private function storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo)
> + {
> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
> + $keyType = 'HMAC_SYMMETRIC';
> +
> + if ($keyTypeStr == "RSA_PRIVATE") {
> + $keyType = 'RSA_PRIVATE';
> + // check if the converted from PKCS8 key is in cache, if not, convert it
> + $cache = Config::get('data_cache');
> + $cache = new $cache();
> +
> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" . $serviceName))) !== false) {
> + $consumerSecret = $cachedRequest;
> + } else {
> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
> + file_put_contents($in, base64_decode($consumerInfo[$this->CONSUMER_SECRET_KEY]));
> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
> + $consumerSecret = file_get_contents($out);
> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
> + }
> + }
> +
> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret, $keyType);
> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
> + }
> +
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,149 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the License.
> + */
> +
> +class OAuthNoDataException extends Exception {}
> +
> +class BasicOAuthStore implements OAuthStore {
> +
> + private $providers = array();
> + private $tokens = array();
> +
> + private $defaultConsumerKey;
> + private $defaultConsumerSecret;
> +
> + public function __construct($consumerKey = null, $privateKey = null)
> + {
> + $this->defaultConsumerKey = $consumerKey;
> + $this->defaultConsumerSecret = $privateKey;
> + }
> +
> + public function setHashMapsForTesting($providers, $tokens)
> + {
> + $this->providers = $providers;
> + $this->tokens = $tokens;
> + }
> +
> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
> + {
> + $provKey = new ProviderKey();
> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
> + $provKey->setServiceName($tokenKey->getServiceName());
> + //AccesorInfo
> + $result = $this->getOAuthAccessorProviderKey($provKey);
> + //TokenInfo
> + $accessToken = $this->getTokenInfo($tokenKey);
> + if ($accessToken != null) {
> + // maybe convert into methods
> + $result->getAccessor()->accessToken = $accessToken->getAccessToken();
> + $result->getAccessor()->tokenSecret = $accessToken->getTokenSecret();
> + }
> + return $result;
> + }
> +
> + private function getOAuthAccessorProviderKey(ProviderKey $providerKey)
> + {
> + //ProviderInfo
> + $provInfo = $this->getProviderInfo($providerKey);
> +
> + if ($provInfo == null) {
> + throw new OAuthNoDataException("provider info was null in oauth store");
> + }
> + //AccesorInfo
> + $result = new AccesorInfo();
> + $result->setHttpMethod($provInfo->getHttpMethod());
> + $result->setParamLocation($provInfo->getParamLocation());
> +
> + //ConsumerKeyAndSecret
> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
> +
> + if ($consumerKeyAndSecret == null) {
> + if ($this->defaultConsumerKey == null || $this->defaultConsumerSecret == null) {
> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in oauth store");
> + } else {
> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this->defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::$KeyType['RSA_PRIVATE']);
> + }
> + }
> +
> + //OAuthServiceProvider
> + $oauthProvider = $provInfo->getProvider();
> +
> + if (! isset($oauthProvider)) {
> + throw new OAuthNoDataException("OAuthService provider was null in oauth store");
> + }
> +
> + // Accesing the class
> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() == OAuthStoreVars::$KeyType['RSA_PRIVATE']);
> +
> + //OAuthConsumer
> + $consumer = ($usePublicKeyCrypto) ? new OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null, $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(), $oauthProvider);
> +
> + if ($usePublicKeyCrypto) {
> + $consumer->setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $consumerKeyAndSecret->getConsumerSecret());
> + $result->setSignatureType(OAuthStoreVars::$SignatureType['RSA_SHA1']);
> + } else {
> + $result->setSignatureType(OAuthStoreVars::$SignatureType['HMAC_SHA1']);
> + }
> +
> + $result->setAccessor(new OAuthAccessor($consumer));
> + return $result;
> + }
> +
> + public function getOAuthServiceProviderInfo($providerKey)
> + {
> + $provInfo = $this->providers->get($providerKey);
> +
> + if ($provInfo == null) {
> + throw new OAuthNoDataException("provider info was null in oauth store");
> + }
> +
> + return $provInfo;
> + }
> +
> + public function setOAuthConsumerKeyAndSecret($providerKey, $keyAndSecret)
> + {
> + //ProviderInfo
> + $value = $this->getProviderInfo($providerKey);
> + if ($value == null) {
> + throw new OAuthNoDataException("could not find provider data for token");
> + }
> + $value->setKeyAndSecret($keyAndSecret);
> + }
> +
> + public function setOAuthServiceProviderInfo($providerKey, $providerInfo)
> + {
> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
> + }
> +
> + public function setTokenAndSecret($tokenKey, $tokenInfo)
> + {
> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
> + }
> +
> + private function getProviderInfo($providerKey)
> + {
> + $key = md5(serialize($providerKey));
> + return isset($this->providers[$key]) ? $this->providers[$key] : null;
> + }
> +
> + private function getTokenInfo($tokenKey)
> + {
> + $key = md5(serialize($tokenKey));
> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
> + }
> +}
> \ No newline at end of file
>
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Santiago Gala <sa...@gmail.com>.
No problem, actually I "blame" my discovery on git automated move/copy
detection. A copy is typically something suspect unless the copied
file is changed a lot (similarity ~50% like in HttpUtil, for
instance). I noticed two copies of two files that had been moved a bit
earlier, and this was definitely enough to prompt the email.
I'm actually preparing an academic paper on this area, and I'm using
shindig as a kind of "lab" for the techniques...
Regards
Santiago (who should do another PhD in the next years :( )
On Fri, May 23, 2008 at 8:41 PM, Chris Chabot <ch...@xs4all.nl> wrote:
> Yea i would think so too, don't know what to say other then that it's a bit
> of a brown-paper-bag type of mistake.
>
> Last days of rush before the google io and worked some 36 hours straight
> without sleep sessions to get it finished and working for the event (good
> news is that php shindig is really in good shape now feature wise, 0.7 is
> practically complete now) and in that rush, while i did go through the code
> with a fine comb, i overlooked the old files being restored in it.
>
> -- Chris
>
>
> On May 23, 2008, at 8:22 PM, Santiago Gala wrote:
>
>> Same exact thing, I thought you would look into the whole commit for
>> more suspicious add/renames
>
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Yea i would think so too, don't know what to say other then that it's
a bit of a brown-paper-bag type of mistake.
Last days of rush before the google io and worked some 36 hours
straight without sleep sessions to get it finished and working for the
event (good news is that php shindig is really in good shape now
feature wise, 0.7 is practically complete now) and in that rush, while
i did go through the code with a fine comb, i overlooked the old files
being restored in it.
-- Chris
On May 23, 2008, at 8:22 PM, Santiago Gala wrote:
> Same exact thing, I thought you would look into the whole commit for
> more suspicious add/renames
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Santiago Gala <sa...@gmail.com>.
On Fri, May 23, 2008 at 8:15 PM, Chris Chabot <ch...@xs4all.nl> wrote:
> Very good catch! thanks
Ditto for:
(...)
git-svn-id: https://svn.apache.org/repos/asf/incubator/shindig/trunk@658758
13f79535-47bb-0310-9956-ffa450edef68
php/src/{common/SecurityTokenDecoder.php => gadgets/GadgetTokenDecoder.php} |
2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
commit caeb1669a7025a8fc7d0ccbc7673737726b83512
Author: Chris Chabot <ch...@apache.org>
Date: Sat May 10 11:09:05 2008 +0000
Renamed GadgetToken to SecurityToken, and moved from gadgets to common
git-svn-id: https://svn.apache.org/repos/asf/incubator/shindig/trunk@655046
13f79535-47bb-0310-9956-ffa450edef68
php/src/{gadgets/GadgetTokenDecoder.php =>
common/SecurityTokenDecoder.php} | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Same exact thing, I thought you would look into the whole commit for
more suspicious add/renames
I think this is all, HttpUtil -> CertServlet is different enough,
definitely not a "pure" copy.
Regards
Santiago
>
> On May 23, 2008, at 8:10 PM, Santiago Gala wrote:
>
>>
>> I'm not really sure that adding this file makes sense, as it was removed
>> in revision 655046 (and copied to common/SecurityToken.php , which is
>> still there)
>>
>> It that what was intended? it looks suspicious, though I have not looked
>> into the code itself.
>>
>> Regards
>> Santiago
>
>
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php: ./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/ src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Chris Chabot <ch...@xs4all.nl>.
Very good catch! thanks
On May 23, 2008, at 8:10 PM, Santiago Gala wrote:
>
> I'm not really sure that adding this file makes sense, as it was
> removed
> in revision 655046 (and copied to common/SecurityToken.php , which is
> still there)
>
> It that what was intended? it looks suspicious, though I have not
> looked
> into the code itself.
>
> Regards
> Santiago
Re: svn commit: r658758 [1/2] - in /incubator/shindig/trunk/php:
./ src/common/ src/common/Zend/ src/gadgets/ src/gadgets/http/
src/gadgets/oauth/ src/gadgets/samplecontainer/ src/socialdata/http/
Posted by Santiago Gala <sa...@gmail.com>.
El mié, 21-05-2008 a las 16:58 +0000, chabotc@apache.org escribió:
> Author: chabotc
> Date: Wed May 21 09:58:52 2008
> New Revision: 658758
>
> URL: http://svn.apache.org/viewvc?rev=658758&view=rev
> Log:
> Applying SHINDIG-293 from rovagnati@gmail.com, thanks for your great work on this. This patch implements OAuth and signed request support
>
> Added:
> incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
I'm not really sure that adding this file makes sense, as it was removed
in revision 655046 (and copied to common/SecurityToken.php , which is
still there)
It that what was intended? it looks suspicious, though I have not looked
into the code itself.
Regards
Santiago
> incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
> incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
> incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
> incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
> incubator/shindig/trunk/php/src/gadgets/oauth/
> incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
> incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
> incubator/shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthAccessor.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthRequestParams.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthServiceProvider.php
> incubator/shindig/trunk/php/src/gadgets/oauth/OAuthStore.php
> Modified:
> incubator/shindig/trunk/php/config.php
> incubator/shindig/trunk/php/index.php
> incubator/shindig/trunk/php/src/common/JsMin.php
> incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
> incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
> incubator/shindig/trunk/php/src/common/Zend/Loader.php
> incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
> incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
> incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
> incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
> incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
> incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
> incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
> incubator/shindig/trunk/php/src/gadgets/samplecontainer/BasicBlobCrypter.php
> incubator/shindig/trunk/php/src/socialdata/http/GadgetDataServlet.php
>
> Modified: incubator/shindig/trunk/php/config.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/config.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/config.php (original)
> +++ incubator/shindig/trunk/php/config.php Wed May 21 09:58:52 2008
> @@ -1,4 +1,4 @@
> -<?
> +<?php
> /*
> * Licensed to the Apache Software Foundation (ASF) under one
> * or more contributor license agreements. See the NOTICE file
> @@ -45,7 +45,7 @@
> // Configurable CSS rules that are injected to the gadget page,
> // be careful when adjusting these not to break most gadget's layouts :)
> 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} a {color:#0000cc;}a:visited {color:#551a8b;}a:active {color:#ff0000;}body{margin: 0px;padding: 0px;background-color:white;}',
> - // 'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} body {background-color:#ffffff; font-family: arial, sans-serif; padding: 0px; margin: 0px; font-size: 12px; color: #000000;}a, a:visited {color: #3366CC;text-decoration: none; }a:hover {color: #3366CC; text-decoration: underline;} input, select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
> + //'gadget_css' => 'body,td,div,span,p{font-family:arial,sans-serif;} body {background-color:#ffffff; font-family: arial, sans-serif; padding: 0px; margin: 0px; font-size: 12px; color: #000000;}a, a:visited {color: #3366CC;text-decoration: none; }a:hover {color: #3366CC; text-decoration: underline;} input, select { border: 1px solid #bdc7d8;font-size: 11px;padding: 3px;}',
>
> // The html / javascript samples use a plain text demo token,
> // set this to false on anything resembling a real site
> @@ -96,6 +96,13 @@
> // global cache age policy and location
> 'cache_time' => 24 * 60 * 60,
> 'cache_root' => '/tmp/shindig',
> +
> + // OAuth private key Path
> + 'private_key_file' => realpath(dirname(__FILE__)) . '/certs/private.key',
> + // file path to public RSA cert
> + 'public_key_file' => realpath(dirname(__FILE__)) . '/certs/public.crt',
> + // Phrase to decrypt private key. Leave empty if unencrypted
> + 'private_key_phrase' => 'partuza',
>
> // In some cases we need to know the site root (for features forinstance)
> 'base_path' => realpath(dirname(__FILE__))
>
> Modified: incubator/shindig/trunk/php/index.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/index.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/index.php (original)
> +++ incubator/shindig/trunk/php/index.php Wed May 21 09:58:52 2008
> @@ -1,4 +1,4 @@
> -<?
> +<?php
> /*
> * Licensed to the Apache Software Foundation (ASF) under one
> * or more contributor license agreements. See the NOTICE file
> @@ -48,7 +48,7 @@
> // To load these, we scan our entire directory structure
> function __autoload($className)
> {
> - $locations = array('src/common', 'src/common/samplecontainer', 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http', 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/opensocial/model', 'src/socialdata/http', 'src/socialdata/samplecontainer');
> + $locations = array('src/common', 'src/common/samplecontainer', 'src/gadgets', 'src/gadgets/samplecontainer', 'src/gadgets/http', 'src/socialdata', 'src/socialdata/opensocial', 'src/socialdata/opensocial/model', 'src/socialdata/http', 'src/socialdata/samplecontainer', 'src/gadgets/oauth');
> // Check for the presense of this class in our all our directories.
> $fileName = $className.'.php';
> foreach ($locations as $path) {
> @@ -65,7 +65,8 @@
> Config::get('web_prefix') . '/gadgets/proxy' => 'ProxyServlet',
> Config::get('web_prefix') . '/gadgets/ifr' => 'GadgetRenderingServlet',
> Config::get('web_prefix') . '/gadgets/metadata' => 'JsonRpcServlet',
> - Config::get('web_prefix') . '/social/data' => 'GadgetDataServlet'
> + Config::get('web_prefix') . '/social/data' => 'GadgetDataServlet',
> + Config::get('web_prefix') . '/public.crt' => 'CertServlet'
> );
>
> // Try to match the request url to our servlet mapping
>
> Modified: incubator/shindig/trunk/php/src/common/JsMin.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/JsMin.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/JsMin.php (original)
> +++ incubator/shindig/trunk/php/src/common/JsMin.php Wed May 21 09:58:52 2008
> @@ -1,4 +1,5 @@
> <?php
> +
> /**
> * jsmin.php - PHP implementation of Douglas Crockford's JSMin.
> *
> @@ -48,243 +49,248 @@
> class JsMinException extends Exception {}
>
> class JsMin {
> - const ORD_LF = 10;
> - const ORD_SPACE = 32;
> -
> - protected $a = '';
> - protected $b = '';
> - protected $input = '';
> - protected $inputIndex = 0;
> - protected $inputLength = 0;
> - protected $lookAhead = null;
> - protected $output = '';
> -
> - // -- Public Static Methods --------------------------------------------------
> -
> - public static function minify($js) {
> - $jsmin = new JsMin($js);
> - return $jsmin->min();
> - }
> -
> - // -- Public Instance Methods ------------------------------------------------
> -
> - public function __construct($input) {
> - $this->input = str_replace("\r\n", "\n", $input);
> - $this->inputLength = strlen($this->input);
> - }
> -
> - // -- Protected Instance Methods ---------------------------------------------
> -
> - protected function action($d) {
> - switch($d) {
> - case 1:
> - $this->output .= $this->a;
> -
> - case 2:
> - $this->a = $this->b;
> -
> - if ($this->a === "'" || $this->a === '"') {
> - for (;;) {
> - $this->output .= $this->a;
> - $this->a = $this->get();
> -
> - if ($this->a === $this->b) {
> - break;
> - }
> -
> - if (ord($this->a) <= self::ORD_LF) {
> - throw new JsMinException('Unterminated string literal.');
> - }
> -
> - if ($this->a === '\\') {
> - $this->output .= $this->a;
> - $this->a = $this->get();
> - }
> - }
> - }
> -
> - case 3:
> - $this->b = $this->next();
> -
> - if ($this->b === '/' && (
> - $this->a === '(' || $this->a === ',' || $this->a === '=' ||
> - $this->a === ':' || $this->a === '[' || $this->a === '!' ||
> - $this->a === '&' || $this->a === '|' || $this->a === '?')) {
> -
> - $this->output .= $this->a . $this->b;
> -
> - for (;;) {
> - $this->a = $this->get();
> -
> - if ($this->a === '/') {
> - break;
> - } elseif ($this->a === '\\') {
> - $this->output .= $this->a;
> - $this->a = $this->get();
> - } elseif (ord($this->a) <= self::ORD_LF) {
> - throw new JsMinException('Unterminated regular expression '.
> - 'literal.');
> - }
> -
> - $this->output .= $this->a;
> - }
> -
> - $this->b = $this->next();
> - }
> - }
> - }
> -
> - protected function get() {
> - $c = $this->lookAhead;
> - $this->lookAhead = null;
> -
> - if ($c === null) {
> - if ($this->inputIndex < $this->inputLength) {
> - $c = $this->input[$this->inputIndex];
> - $this->inputIndex += 1;
> - } else {
> - $c = null;
> - }
> - }
> -
> - if ($c === "\r") {
> - return "\n";
> - }
> -
> - if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
> - return $c;
> - }
> -
> - return ' ';
> - }
> -
> - protected function isAlphaNum($c) {
> - return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/', $c) === 1;
> - }
> -
> - protected function min() {
> - $this->a = "\n";
> - $this->action(3);
> -
> - while ($this->a !== null) {
> - switch ($this->a) {
> - case ' ':
> - if ($this->isAlphaNum($this->b)) {
> - $this->action(1);
> - } else {
> - $this->action(2);
> - }
> - break;
> -
> - case "\n":
> - switch ($this->b) {
> - case '{':
> - case '[':
> - case '(':
> - case '+':
> - case '-':
> - $this->action(1);
> - break;
> -
> - case ' ':
> - $this->action(3);
> - break;
> -
> - default:
> - if ($this->isAlphaNum($this->b)) {
> - $this->action(1);
> - }
> - else {
> - $this->action(2);
> - }
> - }
> - break;
> -
> - default:
> - switch ($this->b) {
> - case ' ':
> - if ($this->isAlphaNum($this->a)) {
> - $this->action(1);
> - break;
> - }
> -
> - $this->action(3);
> - break;
> -
> - case "\n":
> - switch ($this->a) {
> - case '}':
> - case ']':
> - case ')':
> - case '+':
> - case '-':
> - case '"':
> - case "'":
> - $this->action(1);
> - break;
> -
> - default:
> - if ($this->isAlphaNum($this->a)) {
> - $this->action(1);
> - }
> - else {
> - $this->action(3);
> - }
> - }
> - break;
> -
> - default:
> - $this->action(1);
> - break;
> - }
> - }
> - }
> -
> - return $this->output;
> - }
> -
> - protected function next() {
> - $c = $this->get();
> -
> - if ($c === '/') {
> - switch($this->peek()) {
> - case '/':
> - for (;;) {
> - $c = $this->get();
> -
> - if (ord($c) <= self::ORD_LF) {
> - return $c;
> - }
> - }
> -
> - case '*':
> - $this->get();
> -
> - for (;;) {
> - switch($this->get()) {
> - case '*':
> - if ($this->peek() === '/') {
> - $this->get();
> - return ' ';
> - }
> - break;
> -
> - case null:
> - throw new JsMinException('Unterminated comment.');
> - }
> - }
> -
> - default:
> - return $c;
> - }
> - }
> -
> - return $c;
> - }
> -
> - protected function peek() {
> - $this->lookAhead = $this->get();
> - return $this->lookAhead;
> - }
> + const ORD_LF = 10;
> + const ORD_SPACE = 32;
> +
> + protected $a = '';
> + protected $b = '';
> + protected $input = '';
> + protected $inputIndex = 0;
> + protected $inputLength = 0;
> + protected $lookAhead = null;
> + protected $output = '';
> +
> + // -- Public Static Methods --------------------------------------------------
> +
> +
> + public static function minify($js)
> + {
> + $jsmin = new JsMin($js);
> + return $jsmin->min();
> + }
> +
> + // -- Public Instance Methods ------------------------------------------------
> +
> +
> + public function __construct($input)
> + {
> + $this->input = str_replace("\r\n", "\n", $input);
> + $this->inputLength = strlen($this->input);
> + }
> +
> + // -- Protected Instance Methods ---------------------------------------------
> +
> +
> + protected function action($d)
> + {
> + switch ($d) {
> + case 1:
> + $this->output .= $this->a;
> +
> + case 2:
> + $this->a = $this->b;
> +
> + if ($this->a === "'" || $this->a === '"') {
> + for (; ; ) {
> + $this->output .= $this->a;
> + $this->a = $this->get();
> +
> + if ($this->a === $this->b) {
> + break;
> + }
> +
> + if (ord($this->a) <= self::ORD_LF) {
> + throw new JsMinException('Unterminated string literal.');
> + }
> +
> + if ($this->a === '\\') {
> + $this->output .= $this->a;
> + $this->a = $this->get();
> + }
> + }
> + }
> +
> + case 3:
> + $this->b = $this->next();
> +
> + if ($this->b === '/' && ($this->a === '(' || $this->a === ',' || $this->a === '=' || $this->a === ':' || $this->a === '[' || $this->a === '!' || $this->a === '&' || $this->a === '|' || $this->a === '?')) {
> +
> + $this->output .= $this->a . $this->b;
> +
> + for (; ; ) {
> + $this->a = $this->get();
> +
> + if ($this->a === '/') {
> + break;
> + } elseif ($this->a === '\\') {
> + $this->output .= $this->a;
> + $this->a = $this->get();
> + } elseif (ord($this->a) <= self::ORD_LF) {
> + throw new JsMinException('Unterminated regular expression ' . 'literal.');
> + }
> +
> + $this->output .= $this->a;
> + }
> +
> + $this->b = $this->next();
> + }
> + }
> + }
> +
> + protected function get()
> + {
> + $c = $this->lookAhead;
> + $this->lookAhead = null;
> +
> + if ($c === null) {
> + if ($this->inputIndex < $this->inputLength) {
> + $c = $this->input[$this->inputIndex];
> + $this->inputIndex += 1;
> + } else {
> + $c = null;
> + }
> + }
> +
> + if ($c === "\r") {
> + return "\n";
> + }
> +
> + if ($c === null || $c === "\n" || ord($c) >= self::ORD_SPACE) {
> + return $c;
> + }
> +
> + return ' ';
> + }
> +
> + protected function isAlphaNum($c)
> + {
> + return ord($c) > 126 || $c === '\\' || preg_match('/^[\w\$]$/', $c) === 1;
> + }
> +
> + protected function min()
> + {
> + $this->a = "\n";
> + $this->action(3);
> +
> + while ($this->a !== null) {
> + switch ($this->a) {
> + case ' ':
> + if ($this->isAlphaNum($this->b)) {
> + $this->action(1);
> + } else {
> + $this->action(2);
> + }
> + break;
> +
> + case "\n":
> + switch ($this->b) {
> + case '{':
> + case '[':
> + case '(':
> + case '+':
> + case '-':
> + $this->action(1);
> + break;
> +
> + case ' ':
> + $this->action(3);
> + break;
> +
> + default:
> + if ($this->isAlphaNum($this->b)) {
> + $this->action(1);
> + } else {
> + $this->action(2);
> + }
> + }
> + break;
> +
> + default:
> + switch ($this->b) {
> + case ' ':
> + if ($this->isAlphaNum($this->a)) {
> + $this->action(1);
> + break;
> + }
> +
> + $this->action(3);
> + break;
> +
> + case "\n":
> + switch ($this->a) {
> + case '}':
> + case ']':
> + case ')':
> + case '+':
> + case '-':
> + case '"':
> + case "'":
> + $this->action(1);
> + break;
> +
> + default:
> + if ($this->isAlphaNum($this->a)) {
> + $this->action(1);
> + } else {
> + $this->action(3);
> + }
> + }
> + break;
> +
> + default:
> + $this->action(1);
> + break;
> + }
> + }
> + }
> +
> + return $this->output;
> + }
> +
> + protected function next()
> + {
> + $c = $this->get();
> +
> + if ($c === '/') {
> + switch ($this->peek()) {
> + case '/':
> + for (; ; ) {
> + $c = $this->get();
> +
> + if (ord($c) <= self::ORD_LF) {
> + return $c;
> + }
> + }
> +
> + case '*':
> + $this->get();
> +
> + for (; ; ) {
> + switch ($this->get()) {
> + case '*':
> + if ($this->peek() === '/') {
> + $this->get();
> + return ' ';
> + }
> + break;
> +
> + case null:
> + throw new JsMinException('Unterminated comment.');
> + }
> + }
> +
> + default:
> + return $c;
> + }
> + }
> +
> + return $c;
> + }
> +
> + protected function peek()
> + {
> + $this->lookAhead = $this->get();
> + return $this->lookAhead;
> + }
> }
>
>
> Modified: incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php (original)
> +++ incubator/shindig/trunk/php/src/common/RemoteContentFetcher.php Wed May 21 09:58:52 2008
> @@ -19,6 +19,18 @@
> */
>
> abstract class RemoteContentFetcher {
> +
> + protected $fetcher;
> +
> + protected function setNextFetcher($fetcher = null)
> + {
> + $this->fetcher = $fetcher;
> + }
>
> abstract public function fetchRequest($request);
> +
> + public function getNextFetcher()
> + {
> + return $this->fetcher;
> + }
> }
> \ No newline at end of file
>
> Modified: incubator/shindig/trunk/php/src/common/RemoteContentRequest.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/RemoteContentRequest.php (original)
> +++ incubator/shindig/trunk/php/src/common/RemoteContentRequest.php Wed May 21 09:58:52 2008
> @@ -15,13 +15,14 @@
> * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> * KIND, either express or implied. See the License for the
> * specific language governing permissions and limitations under the License.
> - *
> + *
> */
>
> class RemoteContentRequest {
> // these are used for making the request
> - private $url = '';
> - private $headers = false;
> + private $uri = '';
> + private $method = '';
> + private $headers = array();
> private $postBody = false;
> // these fields are filled in once the request has completed
> private $responseContent = false;
> @@ -29,20 +30,179 @@
> private $responseHeaders = false;
> private $httpCode = false;
> private $contentType = null;
> + private $options;
> public $handle = false;
> + public static $DEFAULT_CONTENT_TYPE = "application/x-www-form-urlencoded; charset=utf-8";
> + public static $DEFAULT_OPTIONS = array();
>
> - public function __construct($url, $headers = false, $postBody = false)
> + public function __construct($uri, $headers = false, $postBody = false)
> {
> - $this->url = $url;
> + $this->uri = $uri;
> $this->headers = $headers;
> $this->postBody = $postBody;
> }
>
> + public function createRemoteContentRequest($method, $uri, $headers, $postBody, $options)
> + {
> + $this->method = $method;
> + $this->uri = $uri;
> + $this->options = $options;
> + // Copy the headers
> + if (! isset($headers)) {
> + $this->headers = '';
> + } else {
> + $setPragmaHeader = false;
> + $tmpHeaders = '';
> + foreach ($headers as $key => $value) {
> + // Proxies should be bypassed with the Pragma: no-cache check.
> + //TODO double check array is good for options
> + if ($key == "Pragma" && @$options['ignoreCache']) {
> + $value = "no-cache";
> + $setPragmaHeader = true;
> + }
> + $tmpHeaders .= $key . ":" . $value . "\n";
> + }
> + // Bypass caching in proxies as well.
> + //TODO double check array is good for options
> + if (! $setPragmaHeader && @$options['ignoreCache']) {
> + $tmpHeaders .= "Pragma:no-cache\n";
> + }
> + $this->headers = $tmpHeaders;
> + }
> + if (! isset($postBody)) {
> + $this->postBody = '';
> + } else {
> + $this->postBody = array_merge($postBody, $this->postBody);
> + }
> + $type = $this->getHeader("Content-Type");
> + if (! isset($type)) {
> + $this->contentType = RemoteContentRequest::$DEFAULT_CONTENT_TYPE;
> + } else {
> + $this->contentType = $type;
> + }
> + }
> +
> + /**
> + * Creates a new request to a different URL using all request data from
> + * an existing request.
> + *
> + * @param uri
> + * @param base The base request to copy data from.
> + */
> + public static function createRemoteContentRequestWithUriBase($uri, $base)
> + {
> + $this->uri = $uri;
> + $this->method = $base->method;
> + $this->options = $base->options;
> + $this->headers = $base->headers;
> + $this->contentType = $base->contentType;
> + $this->postBody = $base->postBody;
> + }
> +
> + /**
> + * Basic GET request.
> + *
> + * @param uri
> + */
> + public function createRemoteContentRequestWithUri($uri)
> + {
> + $this->createRemoteContentRequest("GET", $uri, null, null, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * GET with options
> + *
> + * @param uri
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriOptions($uri, $options)
> + {
> + $this->createRemoteContentRequest("GET", $uri, null, null, $options);
> + }
> +
> + /**
> + * GET request with custom headers and default options
> + * @param uri
> + * @param headers
> + */
> + public function RemoteContentRequestWithUriHeaders($uri, $headers)
> + {
> + $this->createRemoteContentRequest("GET", $uri, $headers, null, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * GET request with custom headers + options
> + * @param uri
> + * @param headers
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriHeadersOptions($uri, $headers, $options)
> + {
> + $this->createRemoteContentRequest("GET", $uri, $headers, null, $options);
> + }
> +
> + /**
> + * Basic POST request
> + * @param uri
> + * @param postBody
> + */
> + public function RemoteContentRequestWithUriPostBody($uri, $postBody)
> + {
> + $this->createRemoteContentRequest("POST", $uri, null, $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * POST request with options
> + * @param uri
> + * @param postBody
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriPostBodyOptions($uri, $postBody, $options)
> + {
> + $this->createRemoteContentRequest("POST", $uri, null, $postBody, $options);
> + }
> +
> + /**
> + * POST request with headers
> + * @param uri
> + * @param headers
> + * @param postBody
> + */
> + public function createRemoteContentRequestWithUriHeadersPostBody($uri, $headers, $postBody)
> + {
> + $this->createRemoteContentRequest("POST", $uri, $headers, $postBody, RemoteContentRequest::$DEFAULT_OPTIONS);
> + }
> +
> + /**
> + * POST request with options + headers
> + * @param uri
> + * @param headers
> + * @param postBody
> + * @param options
> + */
> + public function createRemoteContentRequestWithUriHeadersPostBodyOptions($uri, $headers, $postBody, $options)
> + {
> + $this->createRemoteContentRequest("POST", $uri, $headers, $postBody, $options);
> + }
> +
> + /**
> + * Creates a simple GET request
> + *
> + * @param uri
> + * @param ignoreCache
> + */
> + public function getRequest($uri, $ignoreCache)
> + {
> + $options = new Options();
> + $options->ignoreCache = $ignoreCache;
> + return $this->createRemoteContentRequestWithUriOptions($uri, $options);
> + }
> +
> // returns a hash code which identifies this request, used for caching
> - // takes url and postbody into account for constructing the md5 checksum
> + // takes url and postbody into account for constructing the sha1 checksum
> public function toHash()
> {
> - return md5($this->url . $this->postBody);
> + return md5($this->uri . $this->postBody);
> }
>
> public function getContentType()
> @@ -92,7 +252,17 @@
>
> public function getUrl()
> {
> - return $this->url;
> + return $this->uri;
> + }
> +
> + public function getMethod()
> + {
> + return $this->method;
> + }
> +
> + public function getOptions()
> + {
> + return $this->options;
> }
>
> public function setContentType($type)
> @@ -125,14 +295,37 @@
> $this->headers = $headers;
> }
>
> + //FIXME: Find a better way to do this
> + // The headers can be an array of elements.
> + public function getHeader($headerName)
> + {
> + $headers = explode("\n", $this->headers);
> + foreach ($headers as $header) {
> + $key = explode(":", $header);
> + if ($key[0] == $headerName)
> + return $key[1];
> + }
> + return null;
> + }
> +
> public function setPostBody($postBody)
> {
> $this->postBody = $postBody;
> }
>
> - public function setUrl($url)
> + public function setUri($uri)
> {
> - $this->url = $url;
> + $this->uri = $uri;
> }
>
> -}
> \ No newline at end of file
> +}
> +
> +/**
> + * Bag of options for making a request.
> + *
> + * This object is mutable to keep us sane. Don't mess with it once you've
> + * sent it to RemoteContentRequest or bad things might happen.
> + */
> +class Options {
> + public $ignoreCache = false;
> +}
>
> Modified: incubator/shindig/trunk/php/src/common/Zend/Loader.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/common/Zend/Loader.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/common/Zend/Loader.php (original)
> +++ incubator/shindig/trunk/php/src/common/Zend/Loader.php Wed May 21 09:58:52 2008
> @@ -80,7 +80,7 @@
> self::loadFile($file, $dirs, true);
> } else {
> self::_securityCheck($file);
> - include_once $file;
> + include_once 'src/common/'.$file;
> }
>
> if (!class_exists($class, false) && !interface_exists($class, false)) {
>
> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetContext.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetContext.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetContext.php Wed May 21 09:58:52 2008
> @@ -26,21 +26,21 @@
> * Server wide variables are stored in config.php
> */
> class GadgetContext {
> - private $httpFetcher = null;
> - private $locale = null;
> - private $renderingContext = null;
> - private $registry = null;
> - private $userPrefs = null;
> - private $gadgetId = null;
> - private $view = null;
> - private $moduleId = null;
> - private $url = null;
> - private $cache = null;
> - private $blacklist = null;
> - private $ignoreCache = null;
> - private $forcedJsLibs = null;
> - private $containerConfig = null;
> - private $container = null;
> + protected $httpFetcher = null;
> + protected $locale = null;
> + protected $renderingContext = null;
> + protected $registry = null;
> + protected $userPrefs = null;
> + protected $gadgetId = null;
> + protected $view = null;
> + protected $moduleId = null;
> + protected $url = null;
> + protected $cache = null;
> + protected $blacklist = null;
> + protected $ignoreCache = null;
> + protected $forcedJsLibs = null;
> + protected $containerConfig = null;
> + protected $container = null;
>
> public function __construct($renderingContext)
> {
>
> Modified: incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetSpecParser.php Wed May 21 09:58:52 2008
> @@ -36,7 +36,7 @@
> }
> $gadget = new Gadget($context->getGadgetId(), $context);
> // process ModulePref attributes
> - $this->processModulePrefs($gadget, $doc->ModulePrefs);
> + $this->processModulePrefs($gadget, $doc->ModulePrefs, $context);
> // process UserPrefs, if any
> foreach ($doc->UserPref as $pref) {
> $this->processUserPref($gadget, $pref);
> @@ -54,7 +54,7 @@
> return $gadget;
> }
>
> - private function processModulePrefs(&$gadget, $ModulePrefs)
> + private function processModulePrefs(&$gadget, $ModulePrefs, $context)
> {
> $attributes = $ModulePrefs->attributes();
> if (empty($attributes['title'])) {
> @@ -90,11 +90,11 @@
> $gadget->scaling = isset($attributes['scaling']) ? trim($attributes['scaling']) : '';
> $gadget->scrolling = isset($attributes['scrolling']) ? trim($attributes['scrolling']) : '';
> foreach ($ModulePrefs->Locale as $locale) {
> - $gadget->localeSpecs[] = $this->processLocale($locale);
> + $gadget->localeSpecs[] = $this->processLocale($locale, $context);
> }
> }
>
> - private function processLocale($locale)
> + private function processLocale($locale, $context)
> {
> $attributes = $locale->attributes();
> $messageAttr = isset($attributes['messages']) ? trim($attributes['messages']) : '';
>
> Added: incubator/shindig/trunk/php/src/gadgets/GadgetToken.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetToken.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetToken.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetToken.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,70 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the License.
> + *
> + */
> +
> +/**
> + * An abstract representation of a signing token.
> + * Use in conjunction with @code GadgetTokenDecoder.
> + */
> +abstract class GadgetToken {
> +
> + //FIXME Hmm seems php is refusing to let me make abstract static functions? odd
> + static public function createFromToken($token, $maxage) {}
> + static public function createFromValues($owner, $viewer, $app, $domain, $appUrl, $moduleId) {}
> +
> +
> + /**
> + * Serializes the token into a string. This can be the exact same as
> + * toString; using a different name here is only to force interface
> + * compliance.
> + *
> + * @return A string representation of the token.
> + */
> + abstract public function toSerialForm();
> +
> + /**
> + * @return the owner from the token, or null if there is none.
> + */
> + abstract public function getOwnerId();
> +
> + /**
> + * @return the viewer from the token, or null if there is none.
> + */
> + abstract public function getViewerId();
> +
> + /**
> + * @return the application id from the token, or null if there is none.
> + */
> + abstract public function getAppId();
> +
> + /**
> + * @return the domain from the token, or null if there is none.
> + */
> + abstract public function getDomain();
> +
> + /**
> + * @return the URL of the application
> + */
> + abstract public function getAppUrl();
> +
> + /**
> + * @return the module ID of the application
> + */
> + abstract public function getModuleId();
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/GadgetTokenDecoder.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,34 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +
> +/**
> + * Handles verification of gadget security tokens.
> + */
> +abstract class GadgetTokenDecoder {
> +
> + /**
> + * Decrypts and verifies a gadget security token to return a gadget token.
> + *
> + * @param tokenString String representation of the token to be created.
> + * @return The token representation of the input data.
> + * @throws GadgetException If tokenString is not a valid token
> + */
> + abstract public function createToken($tokenString);
> +}
>
> Modified: incubator/shindig/trunk/php/src/gadgets/JsLibrary.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsLibrary.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/JsLibrary.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/JsLibrary.php Wed May 21 09:58:52 2008
> @@ -24,7 +24,7 @@
> private $content;
> private $featureName; // used to track what feature this belongs to
> private $loaded = false;
> -
> +
> public function __construct($type, $content, $featureName = '')
> {
> $this->featureName = $featureName;
> @@ -39,11 +39,11 @@
>
> public function getContent()
> {
> - if (!$this->loaded && $this->type == 'FILE') {
> + if (! $this->loaded && $this->type == 'FILE') {
> if (Config::get('compress_javascript')) {
> $dataCache = Config::get('data_cache');
> $dataCache = new $dataCache();
> - if (!($content = $dataCache->get(md5($this->content)))) {
> + if (! ($content = $dataCache->get(md5($this->content)))) {
> $content = JsMin::minify(JsLibrary::loadData($this->content, $this->type));
> $dataCache->set(md5($this->content), $content);
> $this->content = $content;
>
> Modified: incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/JsonRpcGadgetContext.php Wed May 21 09:58:52 2008
> @@ -1,10 +1,6 @@
> <?php
>
> class JsonRpcGadgetContext extends GadgetContext {
> - private $locale = null;
> - private $view = null;
> - private $url = null;
> - private $container = null;
>
> public function __construct($jsonContext, $url)
> {
> @@ -15,23 +11,8 @@
> $this->container = $jsonContext->container;
> }
>
> - public function getUrl()
> - {
> - return $this->url;
> - }
> -
> public function getView()
> {
> return $this->view;
> }
> -
> - public function getLocale()
> - {
> - return $this->locale;
> - }
> -
> - public function getContainer()
> - {
> - return $this->container;
> - }
> }
> \ No newline at end of file
>
> Added: incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/ProxyGadgetContext.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,10 @@
> +<?php
> +
> +class ProxyGadgetContext extends GadgetContext {
> +
> + public function __construct($url)
> + {
> + parent::__construct('GADGET');
> + $this->url = $url;
> + }
> +}
>
> Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed May 21 09:58:52 2008
> @@ -29,11 +29,15 @@
> *
> */
> class ProxyHandler {
> - private $context;
> + private $context;
> + private $signingFetcher;
> + private $oauthFetcher;
>
> - public function __construct($context)
> + public function __construct($context, $signingFetcher = null, $oauthFetcher = null)
> {
> - $this->context = $context;
> + $this->context = $context;
> + $this->signingFetcher = $signingFetcher;
> + $this->oauthFetcher = $oauthFetcher;
> }
>
> /**
> @@ -51,11 +55,21 @@
> $token = '';
> // no token given, safe to ignore
> }
> - $originalUrl = $this->validateUrl($url);
> - $signedUrl = $this->signUrl($originalUrl, $token);
> + $url = $this->validateUrl($url);
> // Fetch the content and convert it into JSON.
> // TODO: Fetcher needs to handle variety of HTTP methods.
> - $result = $this->fetchContent($signedUrl, $method);
> + $result = $this->fetchContentDivert($url, $method, $signer);
> + if (!isset($result)) {
> + //OAuthFetcher only
> + $metadata = $this->oauthFetcher->getResponseMetadata();
> + $json = array($url => $metadata);
> + $json = json_encode($json);
> + $output = UNPARSEABLE_CRUFT . $json;
> + $this->setCachingHeaders();
> + header("Content-Type: application/json; charset=utf-8", true);
> + echo $output;
> + die();
> + }
> $status = (int)$result->getHttpCode();
> //header("HTTP/1.1 $status", true);
> if ($status == 200) {
> @@ -174,10 +188,9 @@
> $token = '';
> // no token given, safe to ignore
> }
> - $originalUrl = $this->validateUrl($url);
> - $signedUrl = $this->signUrl($originalUrl, $token);
> + $url = $this->validateUrl($url);
> //TODO: Fetcher needs to handle variety of HTTP methods.
> - $result = $this->fetchContent($signedUrl, $method);
> + $result = $this->fetchContent($url, $method);
> // TODO: Fetcher needs to handle variety of HTTP methods.
> $status = (int)$result->getHttpCode();
> if ($status == 200) {
> @@ -208,11 +221,11 @@
> /**
> * Both fetch and fetchJson call this function to retrieve the actual content
> *
> - * @param string $signedUrl the signed url to fetch
> + * @param string $url the url to fetch
> * @param string $method either get or post
> * @return the filled in request (RemoteContentRequest)
> */
> - private function fetchContent($signedUrl, $method)
> + private function fetchContent($url, $method)
> {
> //TODO get actual character encoding from the request
>
> @@ -250,14 +263,41 @@
> }
> // even if postData is an empty string, it will still post (since RemoteContentRquest checks if its false)
> // so the request to POST is still honored
> - $request = new RemoteContentRequest($signedUrl, $headers, $postData);
> + $request = new RemoteContentRequest($url, $headers, $postData);
> $request = $this->context->getHttpFetcher()->fetch($request, $context);
> } else {
> - $request = new RemoteContentRequest($signedUrl, $headers);
> + $request = new RemoteContentRequest($url, $headers);
> $request = $this->context->getHttpFetcher()->fetch($request, $context);
> }
> return $request;
> }
> +
> + private function fetchContentDivert($url, $method, $signer)
> + {
> + $authz = isset($_GET['authz']) ? $_GET['authz'] : (isset($_POST['authz']) ? $_POST['authz'] : '');
> + $token = $this->extractAndValidateToken($signer);
> + switch (strtoupper($authz)) {
> + case 'SIGNED':
> + $fetcher = $this->signingFetcher->getSigningFetcher(new BasicRemoteContentFetcher(), $token);
> + return $fetcher->fetch($url, $method);
> + case 'AUTHENTICATED':
> + $params = new OAuthRequestParams();
> + $fetcher = $this->signingFetcher->getSigningFetcher(new BasicRemoteContentFetcher(), $token);
> + $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
> + $this->oauthFetcher = $oAuthFetcherFactory->getOAuthFetcher($fetcher, $token, $params);
> + $request = new RemoteContentRequest($url);
> + $request->createRemoteContentRequestWithUri($url);
> + return $this->oauthFetcher->fetchRequest($request);
> + case 'NONE':
> + default:
> + return $this->fetchContent($url, $method);
> + }
> + }
> +
> + public function setContentFetcher($contentFetcherFactory)
> + {
> + $this->contentFetcherFactory = $contentFetcherFactory;
> + }
>
> /**
> * Sets the caching headers (overwriting anything the remote host set) to force
> @@ -282,6 +322,7 @@
> private function validateUrl($url)
> {
> //TODO should really make a PHP version of the URI class and validate in all the locations the java version does
> + // why not use Zend::Uri:
> return $url;
> }
>
> @@ -293,40 +334,17 @@
> * @return string the token to use in the signed url
> */
> private function extractAndValidateToken($signer)
> - {
> - if ($signer == null) {
> - return null;
> - }
> - $token = isset($_GET["st"]) ? $_GET["st"] : false;
> - if ($token) {
> - $token = isset($_POST['st']) ? $_POST['st'] : '';
> - }
> + {
> + if ($signer == null) {
> + return null;
> + }
> + $token = isset($_GET["st"]) ? $_GET["st"] : '';
> + if (!isset($token) || $token == '') {
> + $token = isset($_POST['st']) ? $_POST['st'] : '';
> + }
> return $signer->createToken($token);
> }
> -
> - /**
> - * Signs a url with the SecurityToken
> - *
> - * @param string $originalUrl
> - * @param SecurityToken $token
> - * @return unknown
> - */
> - private function signUrl($originalUrl, $token)
> - {
> - $authz = isset($_GET['authz']) ? $_GET['authz'] : false;
> - if (! $authz) {
> - $authz = isset($_POST['authz']) ? $_POST['authz'] : '';
> - }
> - if ($token == null || $authz != 'signed') {
> - return $originalUrl;
> - }
> - $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
> - if ($method) {
> - $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
> - }
> - return $token->signUrl($originalUrl, $method);
> - }
> -
> +
> private function request_headers()
> {
> // Try to use apache's request headers if available
>
> Added: incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/http/CertServlet.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,42 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the License.
> + *
> + */
> +require 'src/common/HttpServlet.php';
> +
> +/**
> + * This class serves the public certificate, quick and dirty hack to make the certificate publicly accessible
> + * this combined with the hard coded location in SigningFetcherFactory.php : http://{host}/{prefix}/public.crt
> + * for the oauth pub key location makes a working whole
> + */
> +class CertServlet extends HttpServlet {
> +
> + /**
> + * Handles the get file request, only called on url = /public.crt
> + * so this function has no logic other then to output the cert
> + */
> + public function doGet()
> + {
> + $file = Config::get('public_key_file');
> + if (!file_exists($file) || !is_readable($file)) {
> + throw new Exception("Invalid public key location ($file), check config and file permissions");
> + }
> + $this->setLastModified(filemtime($file));
> + readfile($file);
> + }
> +}
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/FilesServlet.php Wed May 21 09:58:52 2008
> @@ -25,7 +25,7 @@
> * the php version too
> */
> class FilesServlet extends HttpServlet {
> -
> +
> /**
> * Handles the get file request, if the file exists and is in the correct
> * location it's echo'd to the browser (with a basic content type guessing
> @@ -46,14 +46,14 @@
> die();
> }
> // if the file doesn't exist or can't be read, give a 404 error
> - if (!file_exists($file) || !is_readable($file) || !is_file($file)) {
> + if (! file_exists($file) || ! is_readable($file) || ! is_file($file)) {
> header("HTTP/1.0 404 Not Found", true);
> echo "<html><body><h1>404 - Not Found</h1></body></html>";
> die();
> }
> $dot = strrpos($file, '.');
> if ($dot) {
> - $ext = strtolower(substr($file, $dot+1));
> + $ext = strtolower(substr($file, $dot + 1));
> if ($ext == 'html' || $ext == 'htm') {
> $this->setContentType('text/html');
> } elseif ($ext == 'js') {
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/GadgetRenderingServlet.php Wed May 21 09:58:52 2008
> @@ -52,7 +52,7 @@
> */
> class GadgetRenderingServlet extends HttpServlet {
> private $context;
> -
> +
> /**
> * Creates the gadget using the GadgetServer class and calls outputGadget
> *
> @@ -71,11 +71,11 @@
> $gadgetServer = new GadgetServer();
> $gadget = $gadgetServer->processGadget($this->context);
> $this->outputGadget($gadget, $this->context);
> - } catch ( Exception $e ) {
> + } catch (Exception $e) {
> $this->outputError($e);
> }
> }
> -
> +
> /**
> * If an error occured (Exception) this function echo's the Exception's message
> * and if the config['debug'] is true, shows the debug backtrace in a div
> @@ -95,7 +95,7 @@
> }
> echo "</body></html>";
> }
> -
> +
> /**
> * Takes the gadget to output, and depending on its content type calls either outputHtml-
> * or outputUrlGadget
> @@ -107,15 +107,15 @@
> {
> $view = HttpUtil::getView($gadget, $context);
> switch ($view->getType()) {
> - case 'HTML' :
> + case 'HTML':
> $this->outputHtmlGadget($gadget, $context, $view);
> break;
> - case 'URL' :
> + case 'URL':
> $this->outputUrlGadget($gadget, $context, $view);
> break;
> }
> }
> -
> +
> /**
> * Outputs a html content type gadget.
> * It creates a html page, with the javascripts from the features inline into the page, plus
> @@ -144,16 +144,13 @@
> }
> // Was a privacy policy header configured? if so set it
> if (Config::get('P3P') != '') {
> - header("P3P: ".Config::get('P3P'));
> + header("P3P: " . Config::get('P3P'));
> }
> - if (!$view->getQuirks()) {
> + if (! $view->getQuirks()) {
> echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n";
> }
> - echo "<html>\n<head>".
> - "<style type=\"text/css\">".Config::get('gadget_css')."</style>".
> - "</head><body>".
> - "<script><!--\n";
> - foreach ( $gadget->getJsLibraries() as $library ) {
> + echo "<html>\n<head>" . "<style type=\"text/css\">" . Config::get('gadget_css') . "</style>" . "</head><body>" . "<script><!--\n";
> + foreach ($gadget->getJsLibraries() as $library) {
> $type = $library->getType();
> if ($type == 'URL') {
> // TODO: This case needs to be handled more gracefully by the js
> @@ -173,15 +170,12 @@
> // Forced libs first.
> if (! empty($forcedLibs)) {
> $libs = explode(':', $forcedLibs);
> - echo sprintf($externFmt, Config::get('default_js_prefix').$this->getJsUrl($libs, $gadget)) . "\n";
> + echo sprintf($externFmt, Config::get('default_js_prefix') . $this->getJsUrl($libs, $gadget)) . "\n";
> }
> if (strlen($externJs) > 0) {
> echo $externJs;
> }
> - echo "<script><!--\n".
> - $this->appendJsConfig($context, $gadget).
> - $this->appendMessages($gadget).
> - "-->\n</script>\n";
> + echo "<script><!--\n" . $this->appendJsConfig($context, $gadget) . $this->appendMessages($gadget) . "-->\n</script>\n";
>
> $gadgetExceptions = array();
> $content = $gadget->getSubstitutions()->substitute($view->getContent());
> @@ -192,11 +186,9 @@
> if (count($gadgetExceptions)) {
> throw new GadgetException(print_r($gadgetExceptions, true));
> }
> - echo $content . "\n".
> - "<script>gadgets.util.runOnLoadHandlers();</script>\n".
> - "</body>\n</html>";
> + echo $content . "\n" . "<script>gadgets.util.runOnLoadHandlers();</script>\n" . "</body>\n</html>";
> }
> -
> +
> /**
> * Output's a URL content type gadget, it adds libs=<list:of:js:libraries>.js and user preferences
> * to the href url, and redirects the browser to it
> @@ -215,7 +207,7 @@
> $forcedLibs = Config::get('focedJsLibs');
> if ($forcedLibs == null) {
> $reqs = $gadget->getRequires();
> - foreach ( $reqs as $key => $val ) {
> + foreach ($reqs as $key => $val) {
> $libs[] = $key;
> }
> } else {
> @@ -231,7 +223,7 @@
> header('Location: ' . $redirURI);
> die();
> }
> -
> +
> /**
> * Returns the requested libs (from getjsUrl) with the libs_param_name prepended
> * ie: in libs=core:caja:etc.js format
> @@ -248,7 +240,7 @@
> $ret .= $this->getJsUrl($libs, $gadget);
> return $ret;
> }
> -
> +
> /**
> * Returns the user preferences in &up_<name>=<val> format
> *
> @@ -259,7 +251,7 @@
> private function getPrefsQueryString($prefVals)
> {
> $ret = '';
> - foreach ( $prefVals->getPrefs() as $key => $val ) {
> + foreach ($prefVals->getPrefs() as $key => $val) {
> $ret .= '&';
> $ret .= Config::get('userpref_param_prefix');
> $ret .= urlencode($key);
> @@ -268,10 +260,10 @@
> }
> return $ret;
> }
> -
> +
> /**
> * generates the library string (core:caja:etc.js) including a checksum of all the
> - * javascript content (?v=<sha1 of js) for cache busting
> + * javascript content (?v=<md5 of js>) for cache busting
> *
> * @param string $libs
> * @param Gadget $gadget
> @@ -284,7 +276,7 @@
> $buf = 'core';
> } else {
> $firstDone = false;
> - foreach ( $libs as $lib ) {
> + foreach ($libs as $lib) {
> if ($firstDone) {
> $buf .= ':';
> } else {
> @@ -296,7 +288,7 @@
> // Build a version string from the sha1() checksum of all included javascript
> // to ensure the client always has the right version
> $inlineJs = '';
> - foreach ( $gadget->getJsLibraries() as $library ) {
> + foreach ($gadget->getJsLibraries() as $library) {
> $type = $library->getType();
> if ($type != 'URL') {
> $inlineJs .= $library->getContent() . "\n";
> @@ -305,14 +297,14 @@
> $buf .= ".js?v=" . md5($inlineJs);
> return $buf;
> }
> -
> +
> private function appendJsConfig($context, $gadget)
> {
> $container = $context->getContainer();
> $containerConfig = $context->getContainerConfig();
> $gadgetConfig = array();
> $featureConfig = $containerConfig->getConfig($container, 'gadgets.features');
> - foreach ( $gadget->getJsLibraries() as $library ) {
> + foreach ($gadget->getJsLibraries() as $library) {
> $feature = $library->getFeatureName();
> if (! isset($gadgetConfig[$feature]) && ! empty($featureConfig[$feature])) {
> $gadgetConfig[$feature] = $featureConfig[$feature];
> @@ -320,7 +312,7 @@
> }
> return "gadgets.config.init(" . json_encode($gadgetConfig) . ");\n";
> }
> -
> +
> private function appendMessages($gadget)
> {
> $msgs = '';
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/JsServlet.php Wed May 21 09:58:52 2008
> @@ -30,7 +30,7 @@
> * to retrieve our features javascript code
> */
> class JsServlet extends HttpServlet {
> -
> +
> public function doGet()
> {
> $this->noHeaders = true;
>
> Modified: incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php?rev=658758&r1=658757&r2=658758&view=diff
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php (original)
> +++ incubator/shindig/trunk/php/src/gadgets/http/ProxyServlet.php Wed May 21 09:58:52 2008
> @@ -26,6 +26,8 @@
> require 'src/common/RemoteContent.php';
> require 'src/common/Cache.php';
> require 'src/common/RemoteContentFetcher.php';
> +require 'src/gadgets/oauth/OAuth.php';
> +require 'src/gadgets/oauth/OAuthStore.php';
>
> class ProxyServlet extends HttpServlet {
>
> @@ -39,6 +41,7 @@
> if (! $url) {
> $url = isset($_POST['url']) ? $_POST['url'] : false;
> }
> + $url = urldecode($url);
> $method = isset($_GET['httpMethod']) ? $_GET['httpMethod'] : false;
> if (! $method) {
> $method = isset($_POST['httpMethod']) ? $_POST['httpMethod'] : 'GET';
> @@ -49,7 +52,8 @@
> }
> $gadgetSigner = Config::get('security_token_signer');
> $gadgetSigner = new $gadgetSigner();
> - $proxyHandler = new ProxyHandler($context);
> + $signingFetcherFactory = new SigningFetcherFactory(Config::get("private_key_file"));
> + $proxyHandler = new ProxyHandler($context, $signingFetcherFactory);
> if (! empty($_GET['output']) && $_GET['output'] == 'js') {
> $proxyHandler->fetchJson($url, $gadgetSigner, $method);
> } else {
>
> Added: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcher.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,216 @@
> +<?php
> +/*
> + * Licensed under the Apache License, Version 2.0 (the "License");
> + * you may not use this file except in compliance with the License.
> + * You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing, software
> + * distributed under the License is distributed on an "AS IS" BASIS,
> + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
> + * See the License for the specific language governing permissions and
> + * limitations under the License.
> + */
> +
> +/**
> + * Implements signed fetch based on the OAuth request signing algorithm.
> + *
> + * Subclasses can override signMessage to use their own crypto if they don't
> + * like the oauth.net code for some reason.
> + *
> + * Instances of this class are only accessed by a single thread at a time,
> + * but instances may be created by multiple threads.
> + */
> +class SigningFetcher extends RemoteContentFetcher {
> +
> + protected static $OPENSOCIAL_OWNERID = "opensocial_owner_id";
> + protected static $OPENSOCIAL_VIEWERID = "opensocial_viewer_id";
> + protected static $OPENSOCIAL_APPID = "opensocial_app_id";
> + protected static $XOAUTH_PUBLIC_KEY = "xoauth_signature_publickey";
> + protected static $ALLOWED_PARAM_NAME = "[-:\\w]+";
> +
> + //protected final TimeSource clock = new TimeSource();
> +
> + /**
> + * Authentication token for the user and gadget making the request.
> + */
> + protected $authToken;
> +
> + /**
> + * Private key we pass to the OAuth RSA_SHA1 algorithm.This can be a
> + * PrivateKey object, or a PEM formatted private key, or a DER encoded byte
> + * array for the private key.(No, really, they accept any of them.)
> + */
> + protected $privateKeyObject;
> +
> + /**
> + * The name of the key, included in the fetch to help with key rotation.
> + */
> + protected $keyName;
> +
> + /**
> + * Constructor based on signing with the given PrivateKey object.
> + *
> + * @param authToken verified gadget security token
> + * @param keyName name of the key to include in the request
> + * @param privateKey the key to use for the signing
> + */
> + public static function makeFromPrivateKey($next, $authToken, $keyName, $privateKey)
> + {
> + return new SigningFetcher($next, $authToken, $keyName, $privateKey);
> + }
> +
> + /**
> + * Constructor based on signing with the given PrivateKey object.
> + *
> + * @param authToken verified gadget security token
> + * @param keyName name of the key to include in the request
> + * @param privateKey base64 encoded private key
> + */
> + public static function makeFromB64PrivateKey($next, $authToken, $keyName, $privateKey)
> + {
> + return new SigningFetcher($next, $authToken, $keyName, $privateKey);
> + }
> +
> + /**
> + * Constructor based on signing with the given PrivateKey object.
> + *
> + * @param authToken verified gadget security token
> + * @param keyName name of the key to include in the request
> + * @param privateKey DER encoded private key
> + */
> + public static function makeFromPrivateKeyBytes($next, $authToken, $keyName, $privateKey)
> + {
> + return new SigningFetcher($next, $authToken, $keyName, $privateKey);
> + }
> +
> + protected function __construct($next, $authToken, $keyName, $privateKeyObject)
> + {
> + parent::setNextFetcher($next);
> + $this->authToken = $authToken;
> + $this->keyName = $keyName;
> + $this->privateKeyObject = $privateKeyObject;
> + }
> +
> + public function fetchRequest($request)
> + {
> + return $this->getNextFetcher()->fetchRequest($request);
> + }
> +
> + public function fetch($url, $method)
> + {
> + $signed = $this->signRequest($url, $method);
> + return $this->getNextFetcher()->fetchRequest($signed);
> + }
> +
> + private function signRequest($url, $method)
> + {
> + try {
> + // Parse the request into parameters for OAuth signing, stripping out
> + // any OAuth or OpenSocial parameters injected by the client
> + ///////////////////////////////////////////////
> + require 'src/common/Zend/Uri.php';
> + $uri = Zend_Uri::factory($url);
> + $resource = $uri->getUri();
> + $queryParams = $this->sanitize($_GET);
> + $postParams = $this->sanitize($_POST);
> + $msgParams = array();
> + $msgParams = array_merge($msgParams, $queryParams);
> + $msgParams = array_merge($msgParams, $postParams);
> +
> + // TODO: is this ok?
> + //$msgParams = array();
> + $this->addOpenSocialParams($msgParams);
> + $this->addOAuthParams($msgParams);
> +
> + // Build and sign the OAuthMessage; note that the resource here has
> + // no query string, the parameters are all in msgParams
> + //$message = new OAuthMessage($method, $resource, $msgParams);
> +
> + ////////////////////////////////////////////////
> + $consumer = new OAuthConsumer(NULL, NULL, NULL);
> + $consumer->setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $this->privateKeyObject);
> + $signatureMethod = new OAuthSignatureMethod_RSA_SHA1();
> +
> + $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL, $method, $resource, $msgParams);
> + $req_req->sign_request($signatureMethod, $consumer, NULL);
> +
> + // Rebuild the query string, including all of the parameters we added.
> + // We have to be careful not to copy POST parameters into the query.
> + // If post and query parameters share a name, they end up being removed
> + // from the query.
> + $forPost = array();
> + foreach ($postParams as $key => $param) {
> + $forPost[$key] = $param;
> + }
> + $newQuery = array();
> + foreach ($req_req->get_parameters() as $key => $param) {
> + if (! isset($forPost[$key])) {
> + $newQuery[$key] = $param;
> + }
> + }
> +
> + // Careful here; the OAuth form encoding scheme is slightly different than
> + // the normal form encoding scheme, so we have to use the OAuth library
> + // formEncode method.
> + $uri->setQuery($newQuery);
> + return new RemoteContentRequest($uri->getUri());
> + } catch (Exception $e) {
> + throw new GadgetException($e);
> + }
> + }
> +
> + private function addOpenSocialParams(&$msgParams)
> + {
> + $owner = $this->authToken->getOwnerId();
> + if ($owner != null) {
> + $msgParams[SigningFetcher::$OPENSOCIAL_OWNERID] = $owner;
> + }
> + $viewer = $this->authToken->getViewerId();
> + if ($viewer != null) {
> + $msgParams[SigningFetcher::$OPENSOCIAL_VIEWERID] = $viewer;
> + }
> + $app = $this->authToken->getAppId();
> + if ($app != null) {
> + $msgParams[SigningFetcher::$OPENSOCIAL_APPID] = $app;
> + }
> + }
> +
> + private function addOAuthParams(&$msgParams)
> + {
> + $msgParams[OAuth::$OAUTH_TOKEN] = '';
> + $domain = $this->authToken->getDomain();
> + if ($domain != null) {
> + $msgParams[OAuth::$OAUTH_CONSUMER_KEY] = 'partuza.chabotc.com'; //$domain;
> + }
> + if ($this->keyName != null) {
> + $msgParams[SigningFetcher::$XOAUTH_PUBLIC_KEY] = $this->keyName;
> + }
> + $nonce = OAuthRequest::generate_nonce();
> + $msgParams[OAuth::$OAUTH_NONCE] = $nonce;
> + $timestamp = time();
> + $msgParams[OAuth::$OAUTH_TIMESTAMP] = $timestamp;
> + $msgParams[OAuth::$OAUTH_SIGNATURE_METHOD] = OAuth::$RSA_SHA1;
> + }
> +
> + /**
> + * Strip out any owner or viewer id passed by the client.
> + */
> + private function sanitize($params)
> + {
> + $list = array();
> + foreach ($params as $key => $p) {
> + if ($this->allowParam($key)) {
> + $list[$key] = $p;
> + }
> + }
> + return $list;
> + }
> +
> + private function allowParam($paramName)
> + {
> + $canonParamName = strtolower($paramName);
> + return (! (substr($canonParamName, 0, 5) == "oauth" || substr($canonParamName, 0, 6) == "xoauth" || substr($canonParamName, 0, 9) == "opensocial")) && ereg(SigningFetcher::$ALLOWED_PARAM_NAME, $canonParamName);
> + }
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,86 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +
> +/**
> + * Produces Signing content fetchers for input tokens.
> + */
> +class SigningFetcherFactory {
> + private $keyName;
> + private $privateKey;
> +
> + /**
> + * Produces a signing fetcher that will sign requests and delegate actual
> + * network retrieval to the {@code networkFetcher}
> + *
> + * @param networkFetcher The fetcher that will be doing actual work.
> + * @param token The gadget token used for extracting signing parameters.
> + * @return The signing fetcher.
> + * @throws GadgetException
> + */
> + public function getSigningFetcher($networkFetcher, $token)
> + {
> + return SigningFetcher::makeFromB64PrivateKey($networkFetcher, $token, $this->keyName, $this->privateKey);
> + }
> +
> + /**
> + * @param keyFile The file containing your private key for signing requests.
> + */
> + public function __construct($keyFile = null)
> + {
> + $this->keyName = 'http://'.$_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
> + if (! empty($keyFile)) {
> + $privateKey = null;
> + try {
> + // check if the converted from PKCS8 key is in cache, if not, convert it
> + $cache = Config::get('data_cache');
> + $cache = new $cache();
> + if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this->keyName)) !== false) {
> + $rsa_private_key = $cachedKey;
> + } else {
> + if (! $rsa_private_key = @file_get_contents($keyFile)) {
> + throw new Exception("Could not read keyfile ($keyFile), check the file name and permission");
> + }
> + // TODO: sending NULL as a second param to openssl_pkey_get_private works?
> + $phrase = Config::get('private_key_phrase') != '' ? (Config::get('private_key_phrase')) : null;
> + if (($privateKey = @openssl_pkey_get_private($rsa_private_key, $phrase)) == false) {
> + //TODO: double check if can input keyfile -inform PEM
> + if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
> + throw new Exception("Could not create temporary file");
> + }
> + if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
> + throw new Exception("Could not write to temporary file");
> + }
> + if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
> + throw new Exception("Could not create temporary file");
> + }
> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
> + if (! $rsa_private_key = @file_get_contents($out)) {
> + throw new Exception("Could not read temporary file");
> + }
> + }
> + $cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName), $rsa_private_key);
> + }
> + } catch (Exception $e) {
> + throw new Exception("Error loading private key: " . $e);
> + }
> + $this->privateKey = $rsa_private_key;
> + }
> + }
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,112 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations
> + * under the License.
> + */
> +
> +class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
> +
> + /** default location for consumer keys and secrets */
> + private $OAUTH_CONFIG = "../config/oauth.json";
> + private $CONSUMER_SECRET_KEY = "consumer_secret";
> + private $CONSUMER_KEY_KEY = "consumer_key";
> + private $KEY_TYPE_KEY = "key_type";
> +
> + public function __construct($store)
> + {
> + parent::__construct($store);
> + }
> +
> + public function initFromConfigFile($fetcher)
> + {
> + // Read our consumer keys and secrets from config/oauth.js
> + // This actually involves fetching gadget specs
> + try {
> + $oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
> +
> + // remove all comments because this confuses the json parser
> + // note: the json parser also crashes on trailing ,'s in records so please don't use them
> + $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '', $oauthConfigStr);
> + $oauthConfig = json_decode($contents, true);
> + foreach ($oauthConfig as $gadgetUri => $value) {
> + $this->storeProviderInfos($fetcher, $gadgetUri);
> + $this->storeConsumerInfos($gadgetUri, $value);
> + }
> + } catch (Exception $e) {
> + throw new GadgetException($e);
> + }
> + }
> +
> + private function storeProviderInfos($fetcher, $gadgetUri)
> + {
> + $cache = Config::get('data_cache');
> + $cache = new $cache();
> +
> + // determine which requests we can load from cache, and which we have to actually fetch
> + if ($cachedRequest = $cache->get(md5($gadgetUri)) !== false) {
> + $gadget = $cachedRequest;
> + } else {
> + $remoteContentRequest = new RemoteContentRequest($gadgetUri);
> + $remoteContentRequest->getRequest($gadgetUri, false);
> + $response = $fetcher->fetchRequest($remoteContentRequest);
> + $context = new ProxyGadgetContext($gadgetUri);
> + $spec = new GadgetSpecParser();
> + $gadget = $spec->parse($response->getResponseContent(), $context);
> + $cache->set(md5($gadgetUri), $gadget);
> + }
> + parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
> + }
> +
> + private function storeConsumerInfos($gadgetUri, $oauthConfig)
> + {
> + foreach ($oauthConfig as $key => $value) {
> + $serviceName = $key;
> + $consumerInfo = $value;
> + $this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
> + }
> + }
> +
> + private function storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo)
> + {
> + $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
> + $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
> + $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
> + $keyType = 'HMAC_SYMMETRIC';
> +
> + if ($keyTypeStr == "RSA_PRIVATE") {
> + $keyType = 'RSA_PRIVATE';
> + // check if the converted from PKCS8 key is in cache, if not, convert it
> + $cache = Config::get('data_cache');
> + $cache = new $cache();
> +
> + if (($cachedRequest = $cache->get(md5("RSA_KEY_" . $serviceName))) !== false) {
> + $consumerSecret = $cachedRequest;
> + } else {
> + $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
> + file_put_contents($in, base64_decode($consumerInfo[$this->CONSUMER_SECRET_KEY]));
> + $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
> + exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
> + $consumerSecret = file_get_contents($out);
> + $cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
> + }
> + }
> +
> + $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret, $keyType);
> + $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
> + }
> +
> +}
>
> Added: incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
> URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=658758&view=auto
> ==============================================================================
> --- incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php (added)
> +++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php Wed May 21 09:58:52 2008
> @@ -0,0 +1,149 @@
> +<?php
> +/*
> + * Licensed to the Apache Software Foundation (ASF) under one
> + * or more contributor license agreements. See the NOTICE file
> + * distributed with this work for additional information
> + * regarding copyright ownership. The ASF licenses this file
> + * to you under the Apache License, Version 2.0 (the
> + * "License"); you may not use this file except in compliance
> + * with the License. You may obtain a copy of the License at
> + *
> + * http://www.apache.org/licenses/LICENSE-2.0
> + *
> + * Unless required by applicable law or agreed to in writing,
> + * software distributed under the License is distributed on an
> + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
> + * KIND, either express or implied. See the License for the
> + * specific language governing permissions and limitations under the License.
> + */
> +
> +class OAuthNoDataException extends Exception {}
> +
> +class BasicOAuthStore implements OAuthStore {
> +
> + private $providers = array();
> + private $tokens = array();
> +
> + private $defaultConsumerKey;
> + private $defaultConsumerSecret;
> +
> + public function __construct($consumerKey = null, $privateKey = null)
> + {
> + $this->defaultConsumerKey = $consumerKey;
> + $this->defaultConsumerSecret = $privateKey;
> + }
> +
> + public function setHashMapsForTesting($providers, $tokens)
> + {
> + $this->providers = $providers;
> + $this->tokens = $tokens;
> + }
> +
> + public function getOAuthAccessorTokenKey(TokenKey $tokenKey)
> + {
> + $provKey = new ProviderKey();
> + $provKey->setGadgetUri($tokenKey->getGadgetUri());
> + $provKey->setServiceName($tokenKey->getServiceName());
> + //AccesorInfo
> + $result = $this->getOAuthAccessorProviderKey($provKey);
> + //TokenInfo
> + $accessToken = $this->getTokenInfo($tokenKey);
> + if ($accessToken != null) {
> + // maybe convert into methods
> + $result->getAccessor()->accessToken = $accessToken->getAccessToken();
> + $result->getAccessor()->tokenSecret = $accessToken->getTokenSecret();
> + }
> + return $result;
> + }
> +
> + private function getOAuthAccessorProviderKey(ProviderKey $providerKey)
> + {
> + //ProviderInfo
> + $provInfo = $this->getProviderInfo($providerKey);
> +
> + if ($provInfo == null) {
> + throw new OAuthNoDataException("provider info was null in oauth store");
> + }
> + //AccesorInfo
> + $result = new AccesorInfo();
> + $result->setHttpMethod($provInfo->getHttpMethod());
> + $result->setParamLocation($provInfo->getParamLocation());
> +
> + //ConsumerKeyAndSecret
> + $consumerKeyAndSecret = $provInfo->getKeyAndSecret();
> +
> + if ($consumerKeyAndSecret == null) {
> + if ($this->defaultConsumerKey == null || $this->defaultConsumerSecret == null) {
> + throw new OAuthNoDataException("ConsumerKeyAndSecret was null in oauth store");
> + } else {
> + $consumerKeyAndSecret = new ConsumerKeyAndSecret($this->defaultConsumerKey, $this->defaultConsumerSecret, OAuthStoreVars::$KeyType['RSA_PRIVATE']);
> + }
> + }
> +
> + //OAuthServiceProvider
> + $oauthProvider = $provInfo->getProvider();
> +
> + if (! isset($oauthProvider)) {
> + throw new OAuthNoDataException("OAuthService provider was null in oauth store");
> + }
> +
> + // Accesing the class
> + $usePublicKeyCrypto = ($consumerKeyAndSecret->getKeyType() == OAuthStoreVars::$KeyType['RSA_PRIVATE']);
> +
> + //OAuthConsumer
> + $consumer = ($usePublicKeyCrypto) ? new OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), null, $oauthProvider) : new OAuthConsumer($consumerKeyAndSecret->getConsumerKey(), $consumerKeyAndSecret->getConsumerSecret(), $oauthProvider);
> +
> + if ($usePublicKeyCrypto) {
> + $consumer->setProperty(OAuthSignatureMethod_RSA_SHA1::$PRIVATE_KEY, $consumerKeyAndSecret->getConsumerSecret());
> + $result->setSignatureType(OAuthStoreVars::$SignatureType['RSA_SHA1']);
> + } else {
> + $result->setSignatureType(OAuthStoreVars::$SignatureType['HMAC_SHA1']);
> + }
> +
> + $result->setAccessor(new OAuthAccessor($consumer));
> + return $result;
> + }
> +
> + public function getOAuthServiceProviderInfo($providerKey)
> + {
> + $provInfo = $this->providers->get($providerKey);
> +
> + if ($provInfo == null) {
> + throw new OAuthNoDataException("provider info was null in oauth store");
> + }
> +
> + return $provInfo;
> + }
> +
> + public function setOAuthConsumerKeyAndSecret($providerKey, $keyAndSecret)
> + {
> + //ProviderInfo
> + $value = $this->getProviderInfo($providerKey);
> + if ($value == null) {
> + throw new OAuthNoDataException("could not find provider data for token");
> + }
> + $value->setKeyAndSecret($keyAndSecret);
> + }
> +
> + public function setOAuthServiceProviderInfo($providerKey, $providerInfo)
> + {
> + $this->providers[md5(serialize($providerKey))] = $providerInfo;
> + }
> +
> + public function setTokenAndSecret($tokenKey, $tokenInfo)
> + {
> + $this->tokens[md5(serialize($tokenKey))] = $tokenInfo;
> + }
> +
> + private function getProviderInfo($providerKey)
> + {
> + $key = md5(serialize($providerKey));
> + return isset($this->providers[$key]) ? $this->providers[$key] : null;
> + }
> +
> + private function getTokenInfo($tokenKey)
> + {
> + $key = md5(serialize($tokenKey));
> + return isset($this->tokens[$key]) ? $this->tokens[$key] : null;
> + }
> +}
> \ No newline at end of file
>
>
--
Santiago Gala
http://memojo.com/~sgala/blog/