You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by be...@apache.org on 2008/09/11 19:29:58 UTC

svn commit: r694369 - in /incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth: GadgetOAuthTokenStore.java OAuthFetcher.java UserVisibleOAuthException.java

Author: beaton
Date: Thu Sep 11 10:29:57 2008
New Revision: 694369

URL: http://svn.apache.org/viewvc?rev=694369&view=rev
Log:
Slightly more discriminating OAuth error reporting.

Added:
    incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/UserVisibleOAuthException.java   (with props)
Modified:
    incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java
    incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java

Modified: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java?rev=694369&r1=694368&r2=694369&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java Thu Sep 11 10:29:57 2008
@@ -207,7 +207,7 @@
           new URI(securityToken.getAppUrl()),
           arguments.getBypassSpecCache());
     } catch (URISyntaxException e) {
-      throw new OAuthStoreException("could not fetch gadget spec, gadget URI invalid", e);
+      throw new UserVisibleOAuthException("could not fetch gadget spec, gadget URI invalid", e);
     }
   }
   
@@ -220,8 +220,7 @@
         .append(serviceName)
         .append(".  Known services: ")
         .append(StringUtils.join(oauthSpec.getServices().keySet(), ','));
-    return new GadgetException(GadgetException.Code.INVALID_PARAMETER,
-        message.toString());
+    return new UserVisibleOAuthException(message.toString());
   }
 
   private GadgetException oauthNotFoundEx(SecurityToken securityToken) {
@@ -229,8 +228,7 @@
         .append("Spec for gadget ")
         .append(securityToken.getAppUrl())
         .append(" does not contain OAuth element.");
-    return new GadgetException(GadgetException.Code.INVALID_PARAMETER,
-        message.toString());
+    return new UserVisibleOAuthException(message.toString());
   }
   
   /**

Modified: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java?rev=694369&r1=694368&r2=694369&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthFetcher.java Thu Sep 11 10:29:57 2008
@@ -39,13 +39,13 @@
 import net.oauth.OAuth.Parameter;
 
 import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.StringWriter;
 import java.io.UnsupportedEncodingException;
 import java.net.URISyntaxException;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
 import java.util.regex.Pattern;
 
 /**
@@ -65,6 +65,9 @@
  */
 public class OAuthFetcher extends ChainedContentFetcher {
 
+  // Logger
+  private static final Logger logger = Logger.getLogger(OAuthFetcher.class.getName());
+  
   // Maximum number of attempts at the protocol before giving up.
   private static final int MAX_ATTEMPTS = 2;
 
@@ -211,19 +214,10 @@
     if (responseParams.getError() == null) {
       responseParams.setError(OAuthError.UNKNOWN_PROBLEM);
     }
-    // Take a giant leap of faith and assume that the exception message
-    // will be useful to a gadget developer.  Also include the exception
-    // stack trace, in case the problem report makes it to someone who knows
-    // enough to do something useful with the stack.
-    // TODO(beaton): This seemed like a good idea at the time, but dumping an entire stack trace to
-    // the client is a little much.  Remove this.
-    StringWriter errorBuf = new StringWriter();
-    errorBuf.append(e.getMessage());
-    errorBuf.append("\n\n");
-    PrintWriter printer = new PrintWriter(errorBuf);
-    e.printStackTrace(printer);
-    printer.flush();
-    responseParams.setErrorText(errorBuf.toString());
+    if (responseParams.getErrorText() == null && (e instanceof UserVisibleOAuthException)) {
+      responseParams.setErrorText(e.getMessage());
+    }
+    logger.log(Level.WARNING, "OAuth error", e);
     return buildNonDataResponse(403);
   }
 
@@ -281,8 +275,7 @@
     String pageViewer = realRequest.getSecurityToken().getViewerId();
     String stateOwner = clientState.getOwner();
     if (!pageOwner.equals(pageViewer)) {
-      throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR,
-          "Only page owners can grant OAuth approval");
+      throw new UserVisibleOAuthException("Only page owners can grant OAuth approval");
     }
     if (stateOwner != null && !stateOwner.equals(pageOwner)) {
       throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR,
@@ -309,7 +302,7 @@
       accessor.requestToken = reply.getParameter(OAuth.OAUTH_TOKEN);
       accessor.tokenSecret = reply.getParameter(OAuth.OAUTH_TOKEN_SECRET);
     } catch (OAuthException e) {
-      throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e);
+      throw new UserVisibleOAuthException(e.getMessage(), e);
     } catch (IOException e) {
       throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e);
     }
@@ -468,7 +461,7 @@
       case POST_BODY:
         String contentType = result.getHeader("Content-Type");
         if (!OAuth.isFormEncoded(contentType)) {
-          throw new GadgetException(GadgetException.Code.INVALID_PARAMETER,
+          throw new UserVisibleOAuthException(
               "OAuth param location can only be post_body if post body if of " +
               "type x-www-form-urlencoded");
         }
@@ -601,7 +594,7 @@
       accessor.accessToken = reply.getParameter(OAuth.OAUTH_TOKEN);
       accessor.tokenSecret = reply.getParameter(OAuth.OAUTH_TOKEN_SECRET);
     } catch (OAuthException e) {
-      throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e);
+      throw new UserVisibleOAuthException(e.getMessage(), e);
     } catch (IOException e) {
       throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, e);
     }

Added: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/UserVisibleOAuthException.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/UserVisibleOAuthException.java?rev=694369&view=auto
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/UserVisibleOAuthException.java (added)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/UserVisibleOAuthException.java Thu Sep 11 10:29:57 2008
@@ -0,0 +1,36 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations under the License.
+ */
+
+package org.apache.shindig.gadgets.oauth;
+
+import org.apache.shindig.gadgets.GadgetException;
+
+/**
+ * Exceptions whose message text should be shown to gadget developers.
+ */
+public class UserVisibleOAuthException extends GadgetException {
+
+  public UserVisibleOAuthException(String msg) {
+    super(Code.INVALID_PARAMETER, msg);
+  }
+  
+  public UserVisibleOAuthException(String msg, Throwable t) {
+    super(Code.INVALID_PARAMETER, msg, t);
+  }
+
+}

Propchange: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/UserVisibleOAuthException.java
------------------------------------------------------------------------------
    svn:eol-style = native