You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by ss...@apache.org on 2012/09/05 18:45:12 UTC
svn commit: r1381239 - in /shindig/trunk/java:
common/src/main/java/org/apache/shindig/auth/
common/src/test/java/org/apache/shindig/auth/
common/src/test/java/org/apache/shindig/common/testing/
gadgets/src/main/java/org/apache/shindig/gadgets/servlet/...
Author: ssievers
Date: Wed Sep 5 16:45:11 2012
New Revision: 1381239
URL: http://svn.apache.org/viewvc?rev=1381239&view=rev
Log:
SHINDIG-1859 | Make gadget token TTL configurable
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BasicSecurityTokenCodecTest.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/AbstractSecurityToken.java Wed Sep 5 16:45:11 2012
@@ -38,8 +38,7 @@ public abstract class AbstractSecurityTo
/** allow three minutes for clock skew */
private static final long CLOCK_SKEW_ALLOWANCE = 180;
- // TODO: Make configurable.
- public static final int MAX_TOKEN_TTL = 3600; // 1 hour
+ public static final int DEFAULT_MAX_TOKEN_TTL = 3600; // 1 hour
private static final TimeSource TIME_SOURCE = new TimeSource();
@@ -172,8 +171,8 @@ public abstract class AbstractSecurityTo
private Long expiresAt;
private String trustedJson;
private String activeUrl;
-
private TimeSource timeSource = AbstractSecurityToken.TIME_SOURCE;
+ private int tokenTTL;
/**
* This method is mostly used for test code to test the expire methods.
@@ -259,11 +258,23 @@ public abstract class AbstractSecurityTo
}
/**
- * Compute and set the expiration time for this token.
+ * Compute and set the expiration time for this token using the default TTL.
*
* @return This security token.
+ * @see #setExpires(int)
*/
protected AbstractSecurityToken setExpires() {
+ return setExpires(DEFAULT_MAX_TOKEN_TTL);
+ }
+
+ /**
+ * Compute and set the expiration time for this token using the provided TTL.
+ *
+ * @param tokenTTL the time to live (in seconds) of the token
+ * @return This security token.
+ */
+ protected AbstractSecurityToken setExpires(int tokenTTL) {
+ this.tokenTTL = tokenTTL;
return setExpiresAt((getTimeSource().currentTimeMillis() / 1000) + getMaxTokenTTL());
}
@@ -339,10 +350,16 @@ public abstract class AbstractSecurityTo
}
/**
+ * Returns the maximum allowable time (in seconds) for this token to live. Override this method
+ * only if you are internal token that doesn't get serialized via
+ * {@link SecurityTokenCodec#encodeToken(SecurityToken)}, e.g., OAuth state tokens. For all other
+ * cases, the SecurityTokenCodec will handle the time to live of the token.
+ *
* @return Maximum allowable time in seconds for a token to live.
+ * @see SecurityTokenCodec#getTokenTimeToLive(String)
*/
protected int getMaxTokenTTL() {
- return MAX_TOKEN_TTL;
+ return this.tokenTTL;
}
/**
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java Wed Sep 5 16:45:11 2012
@@ -18,13 +18,18 @@
*/
package org.apache.shindig.auth;
+import java.util.Collection;
import java.util.Map;
+import java.util.logging.Level;
+import java.util.logging.Logger;
import org.apache.commons.lang3.StringUtils;
import org.apache.shindig.common.crypto.BlobCrypterException;
import org.apache.shindig.common.util.Utf8UrlCoder;
+import org.apache.shindig.config.ContainerConfig;
import com.google.common.base.Joiner;
+import com.google.common.collect.Maps;
import com.google.inject.Singleton;
/**
@@ -34,7 +39,11 @@ import com.google.inject.Singleton;
* @since 2.0.0
*/
@Singleton
-public class BasicSecurityTokenCodec implements SecurityTokenCodec {
+public class BasicSecurityTokenCodec implements SecurityTokenCodec, ContainerConfig.ConfigObserver {
+
+ // Logging
+ private static final String CLASSNAME = BasicSecurityTokenCodec.class.getName();
+ private static final Logger LOG = Logger.getLogger(CLASSNAME);
private static final int OWNER_INDEX = 0;
private static final int VIEWER_INDEX = 1;
@@ -45,6 +54,7 @@ public class BasicSecurityTokenCodec imp
private static final int CONTAINER_ID_INDEX = 6;
private static final int EXPIRY_INDEX = 7; // for back compat, conditionally check later
private static final int TOKEN_COUNT = CONTAINER_ID_INDEX + 1;
+ private Map<String, Integer> tokenTTLs = Maps.newHashMap();
/**
* Encodes a token using the a plaintext dummy format.
@@ -53,12 +63,23 @@ public class BasicSecurityTokenCodec imp
*/
public String encodeToken(SecurityToken token) {
Long expires = null;
+ Integer tokenTTL = this.tokenTTLs.get(token.getContainer());
if (token instanceof AbstractSecurityToken) {
- ((AbstractSecurityToken) token).setExpires();
+ if (tokenTTL != null) {
+ ((AbstractSecurityToken) token).setExpires(tokenTTL);
+ } else {
+ ((AbstractSecurityToken) token).setExpires();
+ }
expires = token.getExpiresAt();
} else {
// Quick and dirty token expire calculation.
- expires = new BasicSecurityToken().setExpires().getExpiresAt();
+ AbstractSecurityToken localToken = new BasicSecurityToken();
+ if (tokenTTL != null) {
+ localToken.setExpires(tokenTTL);
+ } else {
+ localToken.setExpires();
+ }
+ expires = localToken.getExpiresAt();
}
String encoded = Joiner.on(":").join(
@@ -122,11 +143,49 @@ public class BasicSecurityTokenCodec imp
}
public int getTokenTimeToLive() {
- return AbstractSecurityToken.MAX_TOKEN_TTL;
+ return AbstractSecurityToken.DEFAULT_MAX_TOKEN_TTL;
+ }
+
+ public int getTokenTimeToLive(String container) {
+ Integer tokenTTL = this.tokenTTLs.get(container);
+ if (tokenTTL == null) {
+ return getTokenTimeToLive();
+ }
+ return tokenTTL;
}
/**
* Creates a basic signer
*/
public BasicSecurityTokenCodec() {}
+
+ /**
+ * Creates a basic signer that can observe container configuration changes
+ * @param config the container config to observe
+ */
+ public BasicSecurityTokenCodec(ContainerConfig config) {
+ config.addConfigObserver(this, true);
+ }
+
+ /**
+ * {@inheritDoc}
+ */
+ public void containersChanged(ContainerConfig config, Collection<String> changed,
+ Collection<String> removed) {
+ for (String container : removed) {
+ this.tokenTTLs.remove(container);
+ }
+
+ for (String container : changed) {
+ int tokenTTL = config.getInt(container, SECURITY_TOKEN_TTL_CONFIG);
+ // 0 means the value was not defined or NaN. 0 shouldn't be a valid TTL anyway.
+ if (tokenTTL > 0) {
+ this.tokenTTLs.put(container, tokenTTL);
+ } else {
+ LOG.logp(Level.WARNING, CLASSNAME, "containersChanged",
+ "Token TTL for container \"{0}\" was {1} and will be ignored.",
+ new Object[] { container, tokenTTL });
+ }
+ }
+ }
}
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java Wed Sep 5 16:45:11 2012
@@ -51,7 +51,10 @@ import com.google.inject.Singleton;
*/
@Singleton
public class BlobCrypterSecurityTokenCodec implements SecurityTokenCodec, ContainerConfig.ConfigObserver {
- private static final Logger LOG = Logger.getLogger(BlobCrypterSecurityTokenCodec.class.getName());
+
+ // Logging
+ private static final String CLASSNAME = BlobCrypterSecurityTokenCodec.class.getName();
+ private static final Logger LOG = Logger.getLogger(CLASSNAME);
public static final String SECURITY_TOKEN_KEY = "gadgets.securityTokenKey";
@@ -67,11 +70,13 @@ public class BlobCrypterSecurityTokenCod
*/
protected Map<String, String> domains = Maps.newHashMap();
+ private Map<String, Integer> tokenTTLs = Maps.newHashMap();
+
@Inject
public BlobCrypterSecurityTokenCodec(ContainerConfig config) {
try {
config.addConfigObserver(this, false);
- loadContainers(config, config.getContainers(), crypters, domains);
+ loadContainers(config, config.getContainers(), crypters, domains, tokenTTLs);
} catch (IOException e) {
// Someone specified securityTokenKeyFile, but we couldn't load the key. That merits killing
// the server.
@@ -84,11 +89,13 @@ public class BlobCrypterSecurityTokenCod
ContainerConfig config, Collection<String> changed, Collection<String> removed) {
Map<String, BlobCrypter> newCrypters = Maps.newHashMap(crypters);
Map<String, String> newDomains = Maps.newHashMap(domains);
+ Map<String, Integer> newTokenTTLs = Maps.newHashMap(tokenTTLs);
try {
- loadContainers(config, changed, newCrypters, newDomains);
+ loadContainers(config, changed, newCrypters, newDomains, newTokenTTLs);
for (String container : removed) {
newCrypters.remove(container);
newDomains.remove(container);
+ newTokenTTLs.remove(container);
}
} catch (IOException e) {
// Someone specified securityTokenKeyFile, but we couldn't load the key.
@@ -99,10 +106,12 @@ public class BlobCrypterSecurityTokenCod
}
crypters = newCrypters;
domains = newDomains;
+ tokenTTLs = newTokenTTLs;
}
private void loadContainers(ContainerConfig config, Collection<String> containers,
- Map<String, BlobCrypter> crypters, Map<String, String> domains) throws IOException {
+ Map<String, BlobCrypter> crypters, Map<String, String> domains,
+ Map<String, Integer> tokenTTLs) throws IOException {
for (String container : containers) {
String key = config.getString(container, SECURITY_TOKEN_KEY);
if (key != null) {
@@ -111,6 +120,17 @@ public class BlobCrypterSecurityTokenCod
}
String domain = config.getString(container, SIGNED_FETCH_DOMAIN);
domains.put(container, domain);
+
+ // Process tokenTTLs
+ int tokenTTL = config.getInt(container, SECURITY_TOKEN_TTL_CONFIG);
+ // 0 means the value was not defined or NaN. 0 shouldn't be a valid TTL anyway.
+ if (tokenTTL > 0) {
+ tokenTTLs.put(container, tokenTTL);
+ } else {
+ LOG.logp(Level.WARNING, CLASSNAME, "loadContainers",
+ "Token TTL for container \"{0}\" was {1} and will be ignored.",
+ new Object[] { container, tokenTTL });
+ }
}
}
@@ -177,7 +197,12 @@ public class BlobCrypterSecurityTokenCod
}
try {
- aToken.setExpires();
+ Integer tokenTTL = this.tokenTTLs.get(aToken.getContainer());
+ if (tokenTTL != null) {
+ aToken.setExpires(tokenTTL);
+ } else {
+ aToken.setExpires();
+ }
return aToken.getContainer() + ':' + crypter.wrap(aToken.toMap());
} catch (BlobCrypterException e) {
throw new SecurityTokenException(e);
@@ -185,6 +210,14 @@ public class BlobCrypterSecurityTokenCod
}
public int getTokenTimeToLive() {
- return AbstractSecurityToken.MAX_TOKEN_TTL;
+ return AbstractSecurityToken.DEFAULT_MAX_TOKEN_TTL;
+ }
+
+ public int getTokenTimeToLive(String container) {
+ Integer tokenTTL = this.tokenTTLs.get(container);
+ if (tokenTTL == null) {
+ return getTokenTimeToLive();
+ }
+ return tokenTTL;
}
}
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java Wed Sep 5 16:45:11 2012
@@ -54,7 +54,7 @@ public class DefaultSecurityTokenCodec i
String tokenType = config.getString(ContainerConfig.DEFAULT_CONTAINER, SECURITY_TOKEN_TYPE);
if ("insecure".equals(tokenType)) {
- codec = new BasicSecurityTokenCodec();
+ codec = new BasicSecurityTokenCodec(config);
} else if ("secure".equals(tokenType)) {
codec = new BlobCrypterSecurityTokenCodec(config);
} else {
@@ -84,4 +84,8 @@ public class DefaultSecurityTokenCodec i
public int getTokenTimeToLive() {
return codec.getTokenTimeToLive();
}
+
+ public int getTokenTimeToLive(String container) {
+ return codec.getTokenTimeToLive(container);
+ }
}
Modified: shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java (original)
+++ shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/SecurityTokenCodec.java Wed Sep 5 16:45:11 2012
@@ -43,6 +43,11 @@ public interface SecurityTokenCodec {
String ACTIVE_URL_NAME = "activeUrl";
/**
+ * The configuration parameter for security token time-to-lives.
+ */
+ String SECURITY_TOKEN_TTL_CONFIG = "gadgets.securityTokenTTL";
+
+ /**
* Decrypts and verifies a gadget security token to return a gadget token.
*
* @param tokenParameters Map containing a entry 'token' in wire format (probably encrypted.)
@@ -55,7 +60,21 @@ public interface SecurityTokenCodec {
String encodeToken(SecurityToken token) throws SecurityTokenException;
/**
- * @return The amount of time a token generated by this codec can be expected to live.
+ * This method is deprecated in favor of {@link SecurityTokenCodec#getTokenTimeToLive(String)}.
+ * Implementations should only rely on this method to return the default time-to-live of tokens
+ * generated by this codec in the case where <code>getTokenTimeToLive(String)</code> fails.
+ *
+ * @return The default amount of time a token generated by this codec can be expected to live.
+ * @see SecurityTokenCodec#getTokenTimeToLive(String)
*/
+ @Deprecated
int getTokenTimeToLive();
+
+ /**
+ * @param container
+ * The container the token is for
+ * @return The amount of time a token generated by this codec within the given container can be
+ * expected to live.
+ */
+ int getTokenTimeToLive(String container);
}
Modified: shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BasicSecurityTokenCodecTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BasicSecurityTokenCodecTest.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BasicSecurityTokenCodecTest.java (original)
+++ shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BasicSecurityTokenCodecTest.java Wed Sep 5 16:45:11 2012
@@ -18,14 +18,41 @@
*/
package org.apache.shindig.auth;
+import static org.junit.Assert.assertEquals;
+
+import java.util.Map;
+
+import org.apache.shindig.config.BasicContainerConfig;
+import org.apache.shindig.config.ContainerConfig;
import org.junit.Before;
+import org.junit.Test;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableMap.Builder;
public class BasicSecurityTokenCodecTest {
private BasicSecurityTokenCodec codec;
+ private ContainerConfig config;
@Before
public void setUp() throws Exception {
- codec = new BasicSecurityTokenCodec();
+ config = new BasicContainerConfig();
+ codec = new BasicSecurityTokenCodec(config);
+ }
+
+ @Test
+ public void testGetTokenTimeToLive() throws Exception {
+ Builder<String, Object> builder = ImmutableMap.builder();
+ Map<String, Object> container = builder
+ .put(ContainerConfig.CONTAINER_KEY, ImmutableList.of("default", "tokenTest"))
+ .put(SecurityTokenCodec.SECURITY_TOKEN_TTL_CONFIG, Integer.valueOf(300)).build();
+
+ config.newTransaction().addContainer(container).commit();
+ assertEquals("Token TTL matches what is set in the container config", 300,
+ codec.getTokenTimeToLive("tokenTest"));
+ assertEquals("Token TTL matches the default TTL", AbstractSecurityToken.DEFAULT_MAX_TOKEN_TTL,
+ codec.getTokenTimeToLive());
}
}
Modified: shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java (original)
+++ shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java Wed Sep 5 16:45:11 2012
@@ -36,6 +36,7 @@ import org.junit.Test;
import com.google.common.collect.ImmutableList;
import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableMap.Builder;
/**
* Tests for BlobCrypterSecurityTokenCodec
@@ -154,7 +155,7 @@ public class BlobCrypterSecurityTokenCod
BlobCrypterSecurityToken token = new BlobCrypterSecurityToken("container", null, null, values);
token.setTimeSource(timeSource);
- timeSource.incrementSeconds(-1 * (3600 + 181)); // one hour plus clock skew
+ timeSource.incrementSeconds(-1 * (codec.getTokenTimeToLive("container") + 181)); // one hour plus clock skew
String encrypted = codec.encodeToken(token);
try {
codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted));
@@ -217,4 +218,17 @@ public class BlobCrypterSecurityTokenCod
// pass
}
}
+
+ @Test
+ public void testGetTokenTimeToLive() throws Exception {
+ Builder<String, Object> builder = ImmutableMap.builder();
+ Map<String, Object> container = builder.putAll(makeContainer("tokenTest"))
+ .put(SecurityTokenCodec.SECURITY_TOKEN_TTL_CONFIG, Integer.valueOf(300)).build();
+
+ config.newTransaction().addContainer(container).commit();
+ assertEquals("Token TTL matches what is set in the container config", 300,
+ codec.getTokenTimeToLive("tokenTest"));
+ assertEquals("Token TTL matches the default TTL", AbstractSecurityToken.DEFAULT_MAX_TOKEN_TTL,
+ codec.getTokenTimeToLive());
+ }
}
Modified: shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java (original)
+++ shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/UrlParameterAuthenticationHandlerTest.java Wed Sep 5 16:45:11 2012
@@ -51,6 +51,10 @@ public class UrlParameterAuthenticationH
public int getTokenTimeToLive() {
return 0; // Not used.
}
+
+ public int getTokenTimeToLive(String container) {
+ return 0; // Not used.
+ }
};
authHandler = new UrlParameterAuthenticationHandler(codec, true);
Modified: shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java (original)
+++ shindig/trunk/java/common/src/test/java/org/apache/shindig/common/testing/FakeGadgetToken.java Wed Sep 5 16:45:11 2012
@@ -93,6 +93,10 @@ public class FakeGadgetToken extends Abs
public int getTokenTimeToLive() {
return 0; // Not used.
}
+
+ public int getTokenTimeToLive(String container) {
+ return 0; // Not used.
+ }
}
public FakeGadgetToken setAuthenticationMode(String authMode) {
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java Wed Sep 5 16:45:11 2012
@@ -218,7 +218,7 @@ public class GadgetsHandlerService {
Set<String> rpcServiceIds = getRpcServiceIds(gadget);
Integer tokenTTL = isFieldIncluded(fields, "tokenTTL") ?
- securityTokenCodec.getTokenTimeToLive() : null;
+ securityTokenCodec.getTokenTimeToLive(context.getContainer()) : null;
return createMetadataResponse(context.getUrl(), gadget.getSpec(), uris,
needsTokenRefresh, fields, timeSource.currentTimeMillis() + specRefreshInterval, tokenTTL,
@@ -292,10 +292,15 @@ public class GadgetsHandlerService {
token = securityTokenCodec.encodeToken(tokenData);
}
- Long expiryTimeMs = tokenData == null ? null : tokenData.getExpiresAt();
+ Long expiryTimeMs = null;
+ Integer tokenTTL = null;
+ if (tokenData != null) {
+ expiryTimeMs = tokenData.getExpiresAt();
+ tokenTTL = isFieldIncluded(fields, "tokenTTL") ?
+ securityTokenCodec.getTokenTimeToLive(tokenData.getContainer())
+ : null;
+ }
- Integer tokenTTL = isFieldIncluded(fields, "tokenTTL") ?
- securityTokenCodec.getTokenTimeToLive() : null;
moduleId = isFieldIncluded(fields, "moduleId") ? moduleId : null;
return createTokenResponse(request.getUrl(), token, fields, expiryTimeMs, tokenTTL, moduleId);
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerServiceTest.java Wed Sep 5 16:45:11 2012
@@ -743,5 +743,9 @@ public class GadgetsHandlerServiceTest e
public int getTokenTimeToLive() {
return 0; // Not used.
}
+
+ public int getTokenTimeToLive(String container) {
+ return 0; // Not used.
+ }
}
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java?rev=1381239&r1=1381238&r2=1381239&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerTest.java Wed Sep 5 16:45:11 2012
@@ -448,7 +448,7 @@ public class GadgetsHandlerTest extends
@Test
public void testMetadataOneGadgetRequestTokenTTLParam() throws Exception {
SecurityTokenCodec codec = createMock(SecurityTokenCodec.class);
- expect(codec.getTokenTimeToLive()).andReturn(42).anyTimes();
+ expect(codec.getTokenTimeToLive(CONTAINER)).andReturn(42).anyTimes();
replay(codec);
registerGadgetsHandler(codec);