You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by be...@apache.org on 2008/08/12 18:04:49 UTC
svn commit: r685212 - in /incubator/shindig/trunk: config/
java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/
java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/
java/server/src/main/webapp/WEB-INF/ javascript/samplecontainer/exa...
Author: beaton
Date: Tue Aug 12 09:04:48 2008
New Revision: 685212
URL: http://svn.apache.org/viewvc?rev=685212&view=rev
Log:
Add an OAuth callback servlet that just closes the window.
Added:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java
Modified:
incubator/shindig/trunk/config/oauth.json
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml
Modified: incubator/shindig/trunk/config/oauth.json
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/config/oauth.json?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/config/oauth.json (original)
+++ incubator/shindig/trunk/config/oauth.json Tue Aug 12 09:04:48 2008
@@ -19,8 +19,8 @@
{"http://localhost:8080/gadgets/files/samplecontainer/examples/oauth.xml" : {
"" : {
- "consumer_key" : "noCallbackConsumer",
- "consumer_secret" : "noCallbackSecret",
+ "consumer_key" : "gadgetConsumer",
+ "consumer_secret" : "gadgetSecret",
"key_type" : "HMAC_SYMMETRIC"
}
}}
Added: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java?rev=685212&view=auto
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java (added)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java Tue Aug 12 09:04:48 2008
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.shindig.gadgets.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Servlet to act as our OAuth callback URL. When gadget authors register a consumer key with an
+ * OAuth service provider, they can provide a URL pointing to this servlet as their callback URL.
+ *
+ * Protocol flow:
+ * - gadget discovers it needs approval to access data at OAuth SP.
+ * - gadget opens popup window to approval URL, passing URL to this servlet as the oauth_callback
+ * parameter on the approval URL.
+ * - user grants approval at service provider
+ * - service provider redirects to this servlet
+ * - this servlet closes the window
+ * - gadget discovers the window has closed and automatically fetches the user's data.
+ */
+public class OAuthCallbackServlet extends HttpServlet {
+
+ private static final int ONE_HOUR_IN_SECONDS = 3600;
+
+ private static final String RESP_BODY =
+ "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" " +
+ "\"http://www.w3.org/TR/html4/loose.dtd\">" +
+ "<html>" +
+ "<head>" +
+ "<title>Close this window</title>" +
+ "</head>" +
+ "<body>" +
+ "<script type=\"text/javascript\">" +
+ "window.close();" +
+ "</script>" +
+ "Close this window." +
+ "</body>" +
+ "</html>";
+
+ @Override
+ protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+ throws ServletException, IOException {
+ HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS);
+ resp.setContentType("text/html; charset=UTF-8");
+ resp.getWriter().write(RESP_BODY);
+ }
+}
Modified: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java Tue Aug 12 09:04:48 2008
@@ -39,6 +39,7 @@
private final PrintWriter writer = new PrintWriter(baos);
private final Map<String, String> headers = Maps.newTreeMap(String.CASE_INSENSITIVE_ORDER);
private int httpStatusCode = 200;
+ private String contentType;
public HttpServletResponseRecorder(HttpServletResponse response) {
super(response);
@@ -121,4 +122,15 @@
writer.write(msg);
this.httpStatusCode = httpStatusCode;
}
+
+ @Override
+ public void setContentType(String type) {
+ setHeader("Content-Type", type);
+ this.contentType = type;
+ }
+
+ @Override
+ public String getContentType() {
+ return contentType;
+ }
}
Added: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java?rev=685212&view=auto
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java (added)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java Tue Aug 12 09:04:48 2008
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.shindig.gadgets.servlet;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+
+/**
+ * Tests for OAuth callback servlet.
+ */
+public class OAuthCallbackServletTest {
+
+ private final ServletTestFixture fixture = new ServletTestFixture();
+
+ @Test
+ public void testServlet() throws Exception {
+ OAuthCallbackServlet servlet = new OAuthCallbackServlet();
+ fixture.replay();
+ servlet.doGet(fixture.request, fixture.recorder);
+ fixture.verify();
+ assertEquals("text/html; charset=UTF-8", fixture.recorder.getContentType());
+ String body = fixture.recorder.getResponseAsString();
+ assertTrue("body is " + body, body.indexOf("window.close()") != -1);
+ }
+}
Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml (original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml Tue Aug 12 09:04:48 2008
@@ -74,6 +74,14 @@
</servlet-class>
</servlet>
+ <!-- OAuth callback -->
+ <servlet>
+ <servlet-name>oauthCallback</servlet-name>
+ <servlet-class>
+ org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
+ </servlet-class>
+ </servlet>
+
<!-- Metadata RPC -->
<servlet>
<servlet-name>metadata</servlet-name>
@@ -117,6 +125,11 @@
</servlet-mapping>
<servlet-mapping>
+ <servlet-name>oauthCallback</servlet-name>
+ <url-pattern>/gadgets/oauthcallback</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
<servlet-name>xml-to-html</servlet-name>
<url-pattern>/gadgets/ifr</url-pattern>
</servlet-mapping>
Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml (original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml Tue Aug 12 09:04:48 2008
@@ -56,6 +56,14 @@
</servlet-class>
</servlet>
+ <!-- OAuth callback -->
+ <servlet>
+ <servlet-name>oauthCallback</servlet-name>
+ <servlet-class>
+ org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
+ </servlet-class>
+ </servlet>
+
<!-- Metadata RPC -->
<servlet>
<servlet-name>metadata</servlet-name>
@@ -86,6 +94,11 @@
</servlet-mapping>
<servlet-mapping>
+ <servlet-name>oauthCallback</servlet-name>
+ <url-pattern>/gadgets/oauthcallback</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
<servlet-name>xml-to-html</servlet-name>
<url-pattern>/gadgets/ifr</url-pattern>
</servlet-mapping>
Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml (original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml Tue Aug 12 09:04:48 2008
@@ -75,6 +75,14 @@
</servlet-class>
</servlet>
+ <!-- OAuth callback -->
+ <servlet>
+ <servlet-name>oauthCallback</servlet-name>
+ <servlet-class>
+ org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
+ </servlet-class>
+ </servlet>
+
<!-- Metadata RPC -->
<servlet>
<servlet-name>metadata</servlet-name>
@@ -118,6 +126,11 @@
</servlet-mapping>
<servlet-mapping>
+ <servlet-name>oauthCallback</servlet-name>
+ <url-pattern>/gadgets/oauthcallback</url-pattern>
+ </servlet-mapping>
+
+ <servlet-mapping>
<servlet-name>xml-to-html</servlet-name>
<url-pattern>/gadgets/ifr</url-pattern>
</servlet-mapping>
Modified: incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml (original)
+++ incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml Tue Aug 12 09:04:48 2008
@@ -5,7 +5,7 @@
<Service>
<Request url="http://localhost:9090/oauth-provider/request_token" />
<Access url="http://localhost:9090/oauth-provider/access_token" />
- <Authorization url="http://localhost:9090/oauth-provider/authorize" />
+ <Authorization url="http://localhost:9090/oauth-provider/authorize?oauth_callback=http://localhost:8080/gadgets/oauthcallback" />
</Service>
</OAuth>
<Preload authz="oauth" href="http://localhost:9090/oauth-provider/echo" />