You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by ss...@apache.org on 2012/04/26 22:56:26 UTC
svn commit: r1331083 - in /shindig/trunk/java/gadgets/src:
main/java/org/apache/shindig/gadgets/
main/java/org/apache/shindig/gadgets/features/
main/java/org/apache/shindig/gadgets/http/
main/java/org/apache/shindig/gadgets/oauth/ main/java/org/apache/...
Author: ssievers
Date: Thu Apr 26 20:56:25 2012
New Revision: 1331083
URL: http://svn.apache.org/viewvc?rev=1331083&view=rev
Log:
SHINDIG-1756 | Identify origination of requests | Patch from Brian Lillie - thanks!
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/AbstractSpecFactory.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/features/FeatureResourceLoader.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpRequest.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/CajaResponseRewriter.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpRequestHandler.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/templates/TemplateLibraryFactory.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/DefaultGadgetSpecFactoryTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/features/FeatureResourceLoaderTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpRequestTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/testing/FakeOAuthServiceProvider.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/MockUtils.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandlerTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandlerTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/DefaultServiceFetcherTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpRequestHandlerTest.java
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/AbstractSpecFactory.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/AbstractSpecFactory.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/AbstractSpecFactory.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/AbstractSpecFactory.java Thu Apr 26 20:56:25 2012
@@ -18,6 +18,7 @@
*/
package org.apache.shindig.gadgets;
+import org.apache.shindig.auth.AnonymousSecurityToken;
import org.apache.shindig.common.cache.Cache;
import org.apache.shindig.common.cache.SoftExpiringCache;
import org.apache.shindig.common.logging.i18n.MessageKeys;
@@ -123,7 +124,8 @@ public abstract class AbstractSpecFactor
HttpRequest request = new HttpRequest(query.specUri)
.setIgnoreCache(query.ignoreCache)
.setGadget(query.gadgetUri)
- .setContainer(query.container);
+ .setContainer(query.container)
+ .setSecurityToken( new AnonymousSecurityToken("", 0L, query.gadgetUri.toString(), 0L));
// Since we don't allow any variance in cache time, we should just force the cache time
// globally. This ensures propagation to shared caches when this is set.
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/features/FeatureResourceLoader.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/features/FeatureResourceLoader.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/features/FeatureResourceLoader.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/features/FeatureResourceLoader.java Thu Apr 26 20:56:25 2012
@@ -286,7 +286,7 @@ public class FeatureResourceLoader {
if (fetcher != null && now > (lastLoadTryMs + (60 * 1000))) {
lastLoadTryMs = now;
try {
- HttpRequest request = new HttpRequest(uri);
+ HttpRequest request = new HttpRequest(uri).setInternalRequest(true);
HttpResponse response = fetcher.fetch(request);
if (response.getHttpStatusCode() == HttpResponse.SC_OK) {
content = response.getResponseAsString();
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpRequest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpRequest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpRequest.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/http/HttpRequest.java Thu Apr 26 20:56:25 2012
@@ -95,6 +95,7 @@ public class HttpRequest {
private AuthType authType;
private String rewriteMimeType;
+ private boolean internalRequest;
/**
* Construct a new request for the given uri.
@@ -127,6 +128,7 @@ public class HttpRequest {
authType = request.authType;
rewriteMimeType = request.rewriteMimeType;
followRedirects = request.followRedirects;
+ internalRequest = request.internalRequest;
}
public HttpRequest setMethod(String method) {
@@ -500,6 +502,27 @@ public class HttpRequest {
return rewriteMimeType;
}
+ /**
+ * @return true if this is an internal request, false otherwise
+ */
+ public boolean isInternalRequest() {
+ return internalRequest;
+ }
+
+ /**
+ * An internal request is one created by the server to satisfy global server requirements.
+ * Examples are retrieving the RPC methods, loading features, or rewriting requests pulling in
+ * external content (that are driven back through the proxy to be completed). SecurityTokens would typically
+ * refer to a gadget as the source of the request, whereas the server initiated requests are occurring on behalf
+ * of the server, and not on behalf of a specific gadget.
+ * @param internalRequest Marks the request object as internal.
+ * @return HttpRequest A self-reference
+ */
+ public HttpRequest setInternalRequest(boolean internalRequest) {
+ this.internalRequest = internalRequest;
+ return this;
+ }
+
@Override
public String toString() {
StringBuilder buf = new StringBuilder(method);
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java Thu Apr 26 20:56:25 2012
@@ -30,6 +30,7 @@ import org.apache.commons.codec.binary.B
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang3.StringUtils;
+import org.apache.shindig.auth.AnonymousSecurityToken;
import org.apache.shindig.auth.OAuthConstants;
import org.apache.shindig.auth.OAuthUtil;
import org.apache.shindig.common.crypto.Crypto;
@@ -361,6 +362,8 @@ public class OAuthRequest {
if (accessorInfo.getHttpMethod() == HttpMethod.POST) {
request.setHeader("Content-Type", OAuth.FORM_ENCODED);
}
+
+ request.setSecurityToken( new AnonymousSecurityToken( "", 0L, this.realRequest.getSecurityToken().getAppUrl(), 0L));
return request;
}
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandler.java Thu Apr 26 20:56:25 2012
@@ -20,6 +20,7 @@ import java.io.UnsupportedEncodingExcept
import java.util.List;
import java.util.Map;
+import org.apache.shindig.auth.AnonymousSecurityToken;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.oauth2.OAuth2Accessor;
@@ -84,10 +85,6 @@ public class ClientCredentialsGrantTypeH
"completeAuthorizationUrl is null", null);
}
- final HttpRequest request = new HttpRequest(Uri.parse(completeAuthorizationUrl));
- request.setMethod("GET");
- request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
-
if (accessor == null) {
throw new OAuth2RequestException(ClientCredentialsGrantTypeHandler.ERROR, "accessor is null",
null);
@@ -103,6 +100,11 @@ public class ClientCredentialsGrantTypeH
"grant type is not client_credentials", null);
}
+ final HttpRequest request = new HttpRequest(Uri.parse(completeAuthorizationUrl));
+ request.setMethod("GET");
+ request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
+ request.setSecurityToken( new AnonymousSecurityToken( "", 0L, accessor.getGadgetUri(), 0L ));
+
for (final ClientAuthenticationHandler clientAuthenticationHandler : this.clientAuthenticationHandlers) {
if (clientAuthenticationHandler.geClientAuthenticationType().equalsIgnoreCase(
accessor.getClientAuthenticationType())) {
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java Thu Apr 26 20:56:25 2012
@@ -22,6 +22,7 @@ import java.util.Map;
import javax.servlet.http.HttpServletRequest;
+import org.apache.shindig.auth.AnonymousSecurityToken;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.http.HttpFetcher;
@@ -218,6 +219,7 @@ public class CodeAuthorizationResponseHa
final HttpRequest request = new HttpRequest(Uri.parse(tokenUrl));
request.setMethod("POST");
request.setHeader("Content-Type", "application/x-www-form-urlencoded; charset=utf-8");
+ request.setSecurityToken( new AnonymousSecurityToken( "", 0L, accessor.getGadgetUri(), 0L ));
for (final ClientAuthenticationHandler clientAuthenticationHandler : this.clientAuthenticationHandlers) {
if (clientAuthenticationHandler.geClientAuthenticationType().equalsIgnoreCase(
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/CajaResponseRewriter.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/CajaResponseRewriter.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/CajaResponseRewriter.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/CajaResponseRewriter.java Thu Apr 26 20:56:25 2012
@@ -187,7 +187,8 @@ public class CajaResponseRewriter implem
HttpRequest request = new HttpRequest(resourceUri)
.setContainer(req.getContainer())
- .setGadget(req.getGadget());
+ .setGadget(req.getGadget())
+ .setInternalRequest( true );
try {
HttpResponse response = requestPipeline.execute(request);
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java Thu Apr 26 20:56:25 2012
@@ -134,7 +134,7 @@ public class DefaultServiceFetcher {
private Set<String> retrieveServices(String endpoint) {
Uri url = Uri.parse(endpoint + "?method=" + SYSTEM_LIST_METHODS_METHOD);
- HttpRequest request = new HttpRequest(url);
+ HttpRequest request = new HttpRequest(url).setInternalRequest(true);
try {
HttpResponse response = fetcher.fetch(request);
if (response.getHttpStatusCode() == HttpResponse.SC_OK) {
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/CajaContentRewriter.java Thu Apr 26 20:56:25 2012
@@ -288,7 +288,7 @@ public class CajaContentRewriter impleme
}
Uri resourceUri = gadgetUri.resolve(Uri.fromJavaUri(ref.getUri()));
HttpRequest request =
- new HttpRequest(resourceUri).setContainer(container).setGadget(gadgetUri);
+ new HttpRequest(resourceUri).setContainer(container).setGadget(gadgetUri).setInternalRequest( true );
try {
HttpResponse response = requestPipeline.execute(request);
byte[] responseBytes = IOUtils.toByteArray(response.getResponse());
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpRequestHandler.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpRequestHandler.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpRequestHandler.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/HttpRequestHandler.java Thu Apr 26 20:56:25 2012
@@ -217,18 +217,16 @@ public class HttpRequestHandler {
req.setAuthType(AuthType.parse(httpApiRequest.authz));
}
+ req.setSecurityToken(requestItem.getToken());
+
final AuthType authType = req.getAuthType();
if (authType != AuthType.NONE) {
if (authType == AuthType.OAUTH2) {
- req.setSecurityToken(requestItem.getToken());
-
Map<String, String> authSettings = getAuthSettings(requestItem);
OAuth2Arguments oauth2Args = new OAuth2Arguments(req.getAuthType(), authSettings);
req.setOAuth2Arguments(oauth2Args);
} else {
- req.setSecurityToken(requestItem.getToken());
-
Map<String, String> authSettings = getAuthSettings(requestItem);
OAuthArguments oauthArgs = new OAuthArguments(req.getAuthType(), authSettings);
oauthArgs.setSignOwner(httpApiRequest.signOwner);
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/templates/TemplateLibraryFactory.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/templates/TemplateLibraryFactory.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/templates/TemplateLibraryFactory.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/templates/TemplateLibraryFactory.java Thu Apr 26 20:56:25 2012
@@ -18,6 +18,7 @@
*/
package org.apache.shindig.gadgets.templates;
+import org.apache.shindig.auth.AnonymousSecurityToken;
import org.apache.shindig.common.cache.Cache;
import org.apache.shindig.common.cache.CacheProvider;
import org.apache.shindig.common.uri.Uri;
@@ -55,7 +56,7 @@ public class TemplateLibraryFactory {
}
public TemplateLibrary loadTemplateLibrary(GadgetContext context, Uri uri) throws GadgetException {
- HttpRequest request = new HttpRequest(uri);
+ HttpRequest request = new HttpRequest(uri).setSecurityToken( new AnonymousSecurityToken( "", 0L, context.getUrl().toString(), 0L ));
// 5 minute TTL.
request.setCacheTtl(300);
HttpResponse response = pipeline.execute(request);
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/DefaultGadgetSpecFactoryTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/DefaultGadgetSpecFactoryTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/DefaultGadgetSpecFactoryTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/DefaultGadgetSpecFactoryTest.java Thu Apr 26 20:56:25 2012
@@ -21,7 +21,10 @@ package org.apache.shindig.gadgets;
import static org.easymock.EasyMock.expect;
import static org.easymock.EasyMock.replay;
import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.common.cache.CacheProvider;
import org.apache.shindig.common.cache.LruCacheProvider;
import org.apache.shindig.common.cache.SoftExpiringCache;
@@ -272,6 +275,22 @@ public class DefaultGadgetSpecFactoryTes
assertEquals(10, capturingPipeline.request.getCacheTtl());
}
+ @Test
+ public void specRequestMarkedWithAnonymousToken() throws Exception {
+ CapturingPipeline capturingPipeline = new CapturingPipeline();
+
+ GadgetSpecFactory factory = new DefaultGadgetSpecFactory(
+ new CountingExecutor(), capturingPipeline, cacheProvider, 10000);
+
+ factory.getGadgetSpec(createContext(SPEC_URL, false));
+
+ SecurityToken st = capturingPipeline.request.getSecurityToken();
+ assertNotNull(st);
+ assertTrue( st.isAnonymous() );
+ assertEquals( SPEC_URL.toString(), st.getAppUrl() );
+ }
+
+
@Test(expected = GadgetException.class)
public void badFetchThrows() throws Exception {
HttpRequest request = createIgnoreCacheRequest();
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/features/FeatureResourceLoaderTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/features/FeatureResourceLoaderTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/features/FeatureResourceLoaderTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/features/FeatureResourceLoaderTest.java Thu Apr 26 20:56:25 2012
@@ -17,18 +17,19 @@
*/
package org.apache.shindig.gadgets.features;
-import com.google.common.collect.Maps;
-
import static org.easymock.EasyMock.createMock;
import static org.easymock.EasyMock.eq;
import static org.easymock.EasyMock.expect;
import static org.easymock.EasyMock.replay;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertNull;
import static org.junit.Assert.assertTrue;
import static org.junit.Assert.fail;
+import com.google.common.collect.Maps;
+
import org.apache.shindig.common.Pair;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
@@ -241,6 +242,20 @@ public class FeatureResourceLoaderTest {
assertTrue(resource.isExternal());
}
+ @Test
+ public void loadRequestMarkedInternal() throws Exception {
+ String theUrl = "http://apache.org/resource.js";
+ Uri uri = Uri.parse(theUrl);
+ Map<String, String> attribs = Maps.newHashMap();
+ attribs.put( "inline", "true" );
+ CapturingHttpFetcher fetcher = new CapturingHttpFetcher();
+ FeatureResourceLoader frLoader = new TestFeatureResourceLoader(fetcher, timeSource, new DefaultFeatureFileSystem());
+ FeatureResource resource = frLoader.load(uri, attribs);
+ assertEquals(URL_JS, resource.getContent());
+ assertNotNull( fetcher.request );
+ assertTrue( fetcher.request.isInternalRequest() );
+ }
+
private Pair<Uri, File> makeFile(String suffix, String content) throws Exception {
File tmpFile = File.createTempFile("restmp", suffix);
return makeFile(tmpFile, content);
@@ -266,4 +281,19 @@ public class FeatureResourceLoaderTest {
expect(fetcher.fetch(eq(req))).andReturn(resp);
replay(fetcher);
}
+
+ static class CapturingHttpFetcher implements HttpFetcher
+ {
+ public HttpRequest request;
+
+ public CapturingHttpFetcher() {
+ }
+
+ @Override
+ public HttpResponse fetch(HttpRequest request) throws GadgetException {
+ this.request = request;
+ return new HttpResponseBuilder().setHttpStatusCode( HttpResponse.SC_OK )
+ .setResponseString( URL_JS ).create();
+ }
+ }
}
\ No newline at end of file
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpRequestTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpRequestTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpRequestTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/http/HttpRequestTest.java Thu Apr 26 20:56:25 2012
@@ -117,7 +117,8 @@ public class HttpRequestTest {
.setSecurityToken(new AnonymousSecurityToken())
.setOAuthArguments(oauthArguments)
.setAuthType(AuthType.OAUTH)
- .setFollowRedirects(false);
+ .setFollowRedirects(false)
+ .setInternalRequest(true);
HttpRequest request2 = new HttpRequest(request).setUri(Uri.parse("http://example.org/foo"));
@@ -135,5 +136,6 @@ public class HttpRequestTest {
request2.getOAuthArguments().getSignViewer());
assertEquals(AuthType.OAUTH, request.getAuthType());
assertFalse(request.getFollowRedirects());
+ assertTrue(request.isInternalRequest());
}
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java Thu Apr 26 20:56:25 2012
@@ -287,6 +287,7 @@ public class OAuthRequestTest {
private MakeRequestClient makeNonSocialClient(String owner, String viewer, String gadget)
throws Exception {
SecurityToken securityToken = getSecurityToken(owner, viewer, gadget);
+ serviceProvider.setExpectedRequestSecurityToken( securityToken );
MakeRequestClient client = new MakeRequestClient(securityToken, fetcherConfig, serviceProvider,
FakeGadgetSpecFactory.SERVICE_NAME);
client.getBaseArgs().setSignOwner(true);
@@ -298,6 +299,7 @@ public class OAuthRequestTest {
private MakeRequestClient makeStrictNonSocialClient(String owner, String viewer, String gadget)
throws Exception {
SecurityToken securityToken = getSecurityToken(owner, viewer, gadget);
+ serviceProvider.setExpectedRequestSecurityToken( securityToken );
return new MakeRequestClient(securityToken, fetcherConfig, serviceProvider,
FakeGadgetSpecFactory.SERVICE_NAME);
}
@@ -305,6 +307,7 @@ public class OAuthRequestTest {
private MakeRequestClient makeSocialOAuthClient(String owner, String viewer, String gadget)
throws Exception {
SecurityToken securityToken = getSecurityToken(owner, viewer, gadget);
+ serviceProvider.setExpectedRequestSecurityToken( securityToken );
MakeRequestClient client = new MakeRequestClient(securityToken, fetcherConfig, serviceProvider,
FakeGadgetSpecFactory.SERVICE_NAME);
client.getBaseArgs().setUseToken(UseToken.IF_AVAILABLE);
@@ -314,6 +317,7 @@ public class OAuthRequestTest {
private MakeRequestClient makeSignedFetchClient(String owner, String viewer, String gadget)
throws Exception {
SecurityToken securityToken = getSecurityToken(owner, viewer, gadget);
+ serviceProvider.setExpectedRequestSecurityToken( securityToken );
MakeRequestClient client = new MakeRequestClient(securityToken, fetcherConfig, serviceProvider,
null);
client.setBaseArgs(client.makeSignedFetchArguments());
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/testing/FakeOAuthServiceProvider.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/testing/FakeOAuthServiceProvider.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/testing/FakeOAuthServiceProvider.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/testing/FakeOAuthServiceProvider.java Thu Apr 26 20:56:25 2012
@@ -22,6 +22,7 @@ import com.google.common.collect.Maps;
import com.google.common.collect.Sets;
import net.oauth.OAuth;
+import net.oauth.OAuth.Parameter;
import net.oauth.OAuthAccessor;
import net.oauth.OAuthConsumer;
import net.oauth.OAuthException;
@@ -29,16 +30,12 @@ import net.oauth.OAuthMessage;
import net.oauth.OAuthServiceProvider;
import net.oauth.OAuthValidator;
import net.oauth.SimpleOAuthValidator;
-import net.oauth.OAuth.Parameter;
import net.oauth.signature.RSA_SHA1;
-import org.apache.commons.codec.binary.Base64;
-import org.apache.commons.codec.digest.DigestUtils;
-import org.apache.commons.io.IOUtils;
-
import org.apache.shindig.auth.OAuthConstants;
import org.apache.shindig.auth.OAuthUtil;
import org.apache.shindig.auth.OAuthUtil.SignatureType;
+import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.common.cache.LruCache;
import org.apache.shindig.common.cache.SoftExpiringCache;
import org.apache.shindig.common.cache.SoftExpiringCache.CachedObject;
@@ -53,13 +50,17 @@ import org.apache.shindig.gadgets.http.H
import org.apache.shindig.gadgets.http.HttpResponseBuilder;
import org.apache.shindig.gadgets.oauth.AccessorInfo.OAuthParamLocation;
+import org.apache.commons.codec.binary.Base64;
+import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.io.IOUtils;
+
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.List;
-import java.util.Set;
import java.util.Map.Entry;
+import java.util.Set;
import java.util.concurrent.TimeUnit;
public class FakeOAuthServiceProvider implements HttpFetcher {
@@ -212,6 +213,8 @@ public class FakeOAuthServiceProvider im
private int trustedParamCount;
+ private SecurityToken expectedRequestSecurityToken;
+
public FakeOAuthServiceProvider(TimeSource clock) {
this.clock = clock;
OAuthServiceProvider provider = new OAuthServiceProvider(
@@ -279,6 +282,17 @@ public class FakeOAuthServiceProvider im
String url = request.getUri().toString();
try {
if (url.startsWith(REQUEST_TOKEN_URL)) {
+ if (request.getSecurityToken() == null) {
+ throw new RuntimeException("Security token should not be null" );
+ }
+ if (!request.getSecurityToken().isAnonymous()) {
+ throw new RuntimeException("Expected an anonymous security token" );
+ }
+ if (expectedRequestSecurityToken != null) {
+ if (!expectedRequestSecurityToken.getAppUrl().equals( request.getSecurityToken().getAppUrl() )) {
+ throw new RuntimeException("Security token AppUrl mismatch" );
+ }
+ }
++requestTokenCount;
return handleRequestTokenUrl(request);
} else if (url.startsWith(ACCESS_TOKEN_URL)) {
@@ -850,4 +864,8 @@ public class FakeOAuthServiceProvider im
public int getTrustedParamCount() {
return trustedParamCount;
}
+
+ public void setExpectedRequestSecurityToken( SecurityToken requestSecurityToken ) {
+ this.expectedRequestSecurityToken = requestSecurityToken;
+ }
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/MockUtils.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/MockUtils.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/MockUtils.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/MockUtils.java Thu Apr 26 20:56:25 2012
@@ -131,8 +131,11 @@ public class MockUtils {
}
}
- static class DummyHttpFetcher implements HttpFetcher {
+ public static class DummyHttpFetcher implements HttpFetcher {
+ public HttpRequest request;
+
public HttpResponse fetch(final HttpRequest request) throws GadgetException {
+ this.request = request;
final HttpResponseBuilder builder = new HttpResponseBuilder();
builder.setStrictNoCache();
builder.setHttpStatusCode(HttpResponse.SC_OK);
@@ -314,7 +317,7 @@ public class MockUtils {
return MockUtils.encrypter;
}
- protected static HttpFetcher getDummyFecther() throws Exception {
+ protected static HttpFetcher getDummyFetcher() throws Exception {
return new DummyHttpFetcher();
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandlerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandlerTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandlerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/ClientCredentialsGrantTypeHandlerTest.java Thu Apr 26 20:56:25 2012
@@ -100,6 +100,9 @@ public class ClientCredentialsGrantTypeH
Assert.assertNotNull(postBody);
Assert.assertEquals(
"client_id=clientId1&client_secret=clientSecret1&grant_type=client_credentials", postBody);
+ Assert.assertNotNull( result.getSecurityToken() );
+ Assert.assertTrue( result.getSecurityToken().isAnonymous() );
+ Assert.assertEquals( accessor.getGadgetUri(), result.getSecurityToken().getAppUrl() );
}
@Test(expected = OAuth2RequestException.class)
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandlerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandlerTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandlerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandlerTest.java Thu Apr 26 20:56:25 2012
@@ -18,6 +18,23 @@
*/
package org.apache.shindig.gadgets.oauth2.handler;
+import com.google.inject.Provider;
+
+import org.apache.shindig.auth.SecurityToken;
+import org.apache.shindig.gadgets.http.HttpFetcher;
+import org.apache.shindig.gadgets.http.HttpResponse;
+import org.apache.shindig.gadgets.oauth2.MockUtils;
+import org.apache.shindig.gadgets.oauth2.OAuth2Accessor;
+import org.apache.shindig.gadgets.oauth2.OAuth2Error;
+import org.apache.shindig.gadgets.oauth2.OAuth2Message;
+import org.apache.shindig.gadgets.oauth2.OAuth2Store;
+import org.apache.shindig.gadgets.oauth2.OAuth2Token;
+
+import org.easymock.EasyMock;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+
import java.io.BufferedReader;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
@@ -35,21 +52,6 @@ import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
-import org.apache.shindig.gadgets.http.HttpFetcher;
-import org.apache.shindig.gadgets.http.HttpResponse;
-import org.apache.shindig.gadgets.oauth2.MockUtils;
-import org.apache.shindig.gadgets.oauth2.OAuth2Accessor;
-import org.apache.shindig.gadgets.oauth2.OAuth2Error;
-import org.apache.shindig.gadgets.oauth2.OAuth2Message;
-import org.apache.shindig.gadgets.oauth2.OAuth2Store;
-import org.apache.shindig.gadgets.oauth2.OAuth2Token;
-import org.easymock.EasyMock;
-import org.junit.Assert;
-import org.junit.Before;
-import org.junit.Test;
-
-import com.google.inject.Provider;
-
public class CodeAuthorizationResponseHandlerTest extends MockUtils {
private static CodeAuthorizationResponseHandler carh;
@@ -60,7 +62,7 @@ public class CodeAuthorizationResponseHa
CodeAuthorizationResponseHandlerTest.store = MockUtils.getDummyStore();
CodeAuthorizationResponseHandlerTest.carh = new CodeAuthorizationResponseHandler(
MockUtils.getDummyMessageProvider(), MockUtils.getDummyClientAuthHandlers(),
- MockUtils.getDummyTokenEndpointResponseHandlers(), MockUtils.getDummyFecther());
+ MockUtils.getDummyTokenEndpointResponseHandlers(), MockUtils.getDummyFetcher());
}
@Test
@@ -167,6 +169,42 @@ public class CodeAuthorizationResponseHa
}
@Test
+ public void testHandleRequest_verifyAnonymousTokenOnRequest() throws Exception {
+ MockUtils.DummyHttpFetcher fetcher = (MockUtils.DummyHttpFetcher)MockUtils.getDummyFetcher();
+ CodeAuthorizationResponseHandler fixture = new CodeAuthorizationResponseHandler(
+ MockUtils.getDummyMessageProvider(), MockUtils.getDummyClientAuthHandlers(),
+ MockUtils.getDummyTokenEndpointResponseHandlers(), fetcher);
+ final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_Redirecting();
+ final HttpServletRequest request = new DummyHttpServletRequest();
+
+ final OAuth2HandlerError result = fixture.handleRequest(accessor, request);
+
+ Assert.assertNull(result);
+
+ final OAuth2Token accessToken = CodeAuthorizationResponseHandlerTest.store.getToken(
+ accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
+ accessor.getScope(), OAuth2Token.Type.ACCESS);
+ Assert.assertNotNull(accessToken);
+ Assert.assertEquals("xxx", new String(accessToken.getSecret(), "UTF-8"));
+ Assert.assertEquals(OAuth2Message.BEARER_TOKEN_TYPE, accessToken.getTokenType());
+ Assert.assertTrue(accessToken.getExpiresAt() > 1000);
+
+ final OAuth2Token refreshToken = CodeAuthorizationResponseHandlerTest.store.getToken(
+ accessor.getGadgetUri(), accessor.getServiceName(), accessor.getUser(),
+ accessor.getScope(), OAuth2Token.Type.REFRESH);
+ Assert.assertNotNull(refreshToken);
+ Assert.assertEquals("yyy", new String(refreshToken.getSecret(), "UTF-8"));
+
+ Assert.assertNotNull( fetcher.request );
+
+ SecurityToken st = fetcher.request.getSecurityToken();
+ Assert.assertNotNull( st );
+ Assert.assertTrue( st.isAnonymous() );
+ Assert.assertEquals( accessor.getGadgetUri(), st.getAppUrl() );
+ }
+
+
+ @Test
public void testHandleResponse_1() throws Exception {
final CodeAuthorizationResponseHandler fixture = CodeAuthorizationResponseHandlerTest.carh;
final OAuth2Accessor accessor = MockUtils.getOAuth2Accessor_ClientCredentials();
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/DefaultServiceFetcherTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/DefaultServiceFetcherTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/DefaultServiceFetcherTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/render/DefaultServiceFetcherTest.java Thu Apr 26 20:56:25 2012
@@ -28,9 +28,11 @@ import org.apache.shindig.config.Contain
import org.apache.shindig.config.JsonContainerConfig;
import org.apache.shindig.expressions.Expressions;
import org.apache.shindig.expressions.Functions;
+import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.http.HttpFetcher;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
+import org.apache.shindig.gadgets.http.HttpResponseBuilder;
import org.easymock.EasyMock;
import org.json.JSONArray;
@@ -147,4 +149,39 @@ public class DefaultServiceFetcherTest e
Multimap<String, String> multimap = fetcher.getServicesForContainer("badcontainer", "dontcare");
assertEquals(0, multimap.size());
}
+
+ @Test
+ public void testReadConfigRequestMarkedInternal() throws Exception {
+ JSONObject config = createConfig();
+ config.getJSONObject("default").
+ getJSONObject(DefaultServiceFetcher.GADGETS_FEATURES_CONFIG)
+ .getJSONObject(DefaultServiceFetcher.OSAPI_FEATURE_CONFIG)
+ .put(DefaultServiceFetcher.OSAPI_BASE_ENDPOINTS, new JSONArray(ImmutableList.of(endPoint1)));
+
+ JsonContainerConfig containerConfig =
+ new JsonContainerConfig(config,
+ Expressions.forTesting(new Functions()));
+ CapturingHttpFetcher httpFetcher = new CapturingHttpFetcher();
+ fetcher = new DefaultServiceFetcher(containerConfig, httpFetcher);
+ Multimap<String, String> services = fetcher.getServicesForContainer("default", "dontcare");
+ assertEquals(configuredServices, services);
+ assertNotNull( httpFetcher.request );
+ assertTrue( httpFetcher.request.isInternalRequest() );
+ }
+
+ static class CapturingHttpFetcher implements HttpFetcher {
+
+ public HttpRequest request;
+
+ public CapturingHttpFetcher() {
+ }
+
+ @Override
+ public HttpResponse fetch(HttpRequest request) throws GadgetException {
+ this.request = request;
+ return new HttpResponseBuilder().setHttpStatusCode( HttpResponse.SC_OK )
+ .setResponseString( "{\"result\":[]}" ).create();
+ }
+ }
+
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/CajaContentRewriterTest.java Thu Apr 26 20:56:25 2012
@@ -29,6 +29,8 @@ import org.apache.shindig.common.uri.Uri
import org.apache.shindig.gadgets.Gadget;
import org.apache.shindig.gadgets.GadgetContext;
import org.apache.shindig.gadgets.GadgetException;
+import org.apache.shindig.gadgets.http.HttpRequest;
+import org.apache.shindig.gadgets.http.HttpResponse;
import org.apache.shindig.gadgets.http.RequestPipeline;
import org.apache.shindig.gadgets.parse.DefaultHtmlSerializer;
import org.apache.shindig.gadgets.parse.GadgetHtmlParser;
@@ -48,6 +50,7 @@ import java.util.List;
import static org.easymock.EasyMock.expect;
import static org.easymock.EasyMock.replay;
import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.assertNotNull;
public class CajaContentRewriterTest extends RewriterTestBase {
private List<GadgetHtmlParser> parsers;
@@ -148,6 +151,35 @@ public class CajaContentRewriterTest ext
assertUrlRewritten("ins", "cite", uri, unproxied);
}
+
+ // Fails due to non-existent mail classes referenced in caja
+ // @Test
+ public void testIncludedURLRequestMarkedInternal() throws Exception {
+ CacheProvider lru = new LruCacheProvider(3);
+ DefaultHtmlSerializer defaultSerializer = new DefaultHtmlSerializer();
+ CapturingPipeline pipeline = new CapturingPipeline();
+ rewriter = new CajaContentRewriter(lru, pipeline, defaultSerializer, proxyUriManager) {
+ @Override
+ protected PluginCompiler makePluginCompiler(PluginMeta m, MessageQueue q) {
+ BuildInfo bi = EasyMock.createNiceMock(BuildInfo.class);
+ expect(bi.getBuildInfo()).andReturn("bi").anyTimes();
+ expect(bi.getBuildTimestamp()).andReturn("0").anyTimes();
+ expect(bi.getBuildVersion()).andReturn("0").anyTimes();
+ expect(bi.getCurrentTime()).andReturn(0L).anyTimes();
+ replay(bi);
+ return new PluginCompiler(bi, m, q);
+ }
+ };
+
+ // we don't really care what the result looks like, we just want to check the issued request
+ String markup = "<script type=\"text/javascript\" src=\"http://www.example.com/scripts/scriptFile.js\"></script>";
+ String expected = "";
+ testMarkup( markup, expected );
+
+ assertNotNull( pipeline.request );
+ assertTrue( pipeline.request.isInternalRequest() );
+ }
+
private void testMarkup(String markup, String expected) throws GadgetException{
testMarkup(markup, expected, null);
}
@@ -192,4 +224,14 @@ public class CajaContentRewriterTest ext
replay(context, gadget);
return gadget;
}
+
+ private static class CapturingPipeline implements RequestPipeline {
+ HttpRequest request;
+
+ public HttpResponse execute(HttpRequest request) {
+ this.request = request;
+ return new HttpResponse("");
+ }
+ }
+
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpRequestHandlerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpRequestHandlerTest.java?rev=1331083&r1=1331082&r2=1331083&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpRequestHandlerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpRequestHandlerTest.java Thu Apr 26 20:56:25 2012
@@ -656,14 +656,45 @@ public class HttpRequestHandlerTest exte
converter.convertToString(httpApiResponse));
}
+ @Test
+ public void testSimpleGetVerifySecurityTokenPresent() throws Exception {
+ JSONObject request = new JSONObject("{method:http.get, id:req1, params : {"
+ + "href:'http://www.example.org/somecontent'"
+ + "}}");
+ HttpRequest httpRequest = new HttpRequest(Uri.parse("http://www.example.org/somecontent"));
+ httpRequest.setMethod("GET");
+ httpRequest.setSecurityToken( token );
+
+ // check to make sure that the security token is being passed through to the pipeline, and not
+ // stripped because this is not an auth request
+
+ expect(pipeline.execute(eqRequest2(httpRequest))).andReturn(builder.create()).anyTimes();
+
+ replay();
+ RpcHandler operation = registry.getRpcHandler(request);
+
+ HttpRequestHandler.HttpApiResponse httpApiResponse =
+ (HttpRequestHandler.HttpApiResponse)operation.execute(emptyFormItems, token, converter).get();
+ verify();
+
+ JsonAssert.assertJsonEquals("{ headers : {}, status : 200, content : 'CONTENT' }}",
+ converter.convertToString(httpApiResponse));
+ }
+
+
private static HttpRequest eqRequest(HttpRequest request) {
reportMatcher(new RequestMatcher(request));
return null;
}
+ private static HttpRequest eqRequest2(HttpRequest request) {
+ reportMatcher(new RequestMatcherWithToken(request));
+ return null;
+ }
+
private static class RequestMatcher implements IArgumentMatcher {
- private final HttpRequest req;
+ protected final HttpRequest req;
public RequestMatcher(HttpRequest request) {
this.req = request;
@@ -683,4 +714,19 @@ public class HttpRequestHandlerTest exte
match.getHeaders().equals(req.getHeaders()));
}
}
+
+ private static class RequestMatcherWithToken extends RequestMatcher {
+
+ public RequestMatcherWithToken(HttpRequest request) {
+ super(request);
+ }
+
+ public boolean matches(Object obj) {
+ HttpRequest match = (HttpRequest)obj;
+ return super.matches(obj) &&
+ match.getSecurityToken() != null &&
+ match.getSecurityToken().equals( req.getSecurityToken() );
+ }
+ }
+
}