You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by be...@apache.org on 2008/08/12 18:04:49 UTC

svn commit: r685212 - in /incubator/shindig/trunk: config/ java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ java/server/src/main/webapp/WEB-INF/ javascript/samplecontainer/exa...

Author: beaton
Date: Tue Aug 12 09:04:48 2008
New Revision: 685212

URL: http://svn.apache.org/viewvc?rev=685212&view=rev
Log:
Add an OAuth callback servlet that just closes the window.


Added:
    incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java
    incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java
Modified:
    incubator/shindig/trunk/config/oauth.json
    incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java
    incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
    incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
    incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
    incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml

Modified: incubator/shindig/trunk/config/oauth.json
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/config/oauth.json?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/config/oauth.json (original)
+++ incubator/shindig/trunk/config/oauth.json Tue Aug 12 09:04:48 2008
@@ -19,8 +19,8 @@
 
 {"http://localhost:8080/gadgets/files/samplecontainer/examples/oauth.xml" : {
   "" : {
-    "consumer_key" : "noCallbackConsumer",
-    "consumer_secret" : "noCallbackSecret",
+    "consumer_key" : "gadgetConsumer",
+    "consumer_secret" : "gadgetSecret",
     "key_type" : "HMAC_SYMMETRIC"
   }
 }}

Added: incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java?rev=685212&view=auto
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java (added)
+++ incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServlet.java Tue Aug 12 09:04:48 2008
@@ -0,0 +1,67 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.shindig.gadgets.servlet;
+
+import java.io.IOException;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Servlet to act as our OAuth callback URL.  When gadget authors register a consumer key with an
+ * OAuth service provider, they can provide a URL pointing to this servlet as their callback URL.
+ * 
+ * Protocol flow:
+ * - gadget discovers it needs approval to access data at OAuth SP.
+ * - gadget opens popup window to approval URL, passing URL to this servlet as the oauth_callback
+ *   parameter on the approval URL.
+ * - user grants approval at service provider
+ * - service provider redirects to this servlet
+ * - this servlet closes the window
+ * - gadget discovers the window has closed and automatically fetches the user's data.
+ */
+public class OAuthCallbackServlet extends HttpServlet {
+
+  private static final int ONE_HOUR_IN_SECONDS = 3600;
+  
+  private static final String RESP_BODY =
+    "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" " +
+    "\"http://www.w3.org/TR/html4/loose.dtd\">" +
+    "<html>" +
+    "<head>" +
+    "<title>Close this window</title>" +
+    "</head>" +
+    "<body>" +
+    "<script type=\"text/javascript\">" +
+    "window.close();" +
+    "</script>" +
+    "Close this window." +
+    "</body>" +
+    "</html>";
+
+  @Override
+  protected void doGet(HttpServletRequest req, HttpServletResponse resp)
+      throws ServletException, IOException {
+    HttpUtil.setCachingHeaders(resp, ONE_HOUR_IN_SECONDS);
+    resp.setContentType("text/html; charset=UTF-8");
+    resp.getWriter().write(RESP_BODY);
+  }
+}

Modified: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java (original)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/HttpServletResponseRecorder.java Tue Aug 12 09:04:48 2008
@@ -39,6 +39,7 @@
   private final PrintWriter writer = new PrintWriter(baos);
   private final Map<String, String> headers = Maps.newTreeMap(String.CASE_INSENSITIVE_ORDER);
   private int httpStatusCode = 200;
+  private String contentType;
 
   public HttpServletResponseRecorder(HttpServletResponse response) {
     super(response);
@@ -121,4 +122,15 @@
     writer.write(msg);
     this.httpStatusCode = httpStatusCode;
   }
+  
+  @Override
+  public void setContentType(String type) {
+    setHeader("Content-Type", type);
+    this.contentType = type;
+  }
+  
+  @Override
+  public String getContentType() {
+    return contentType;
+  }
 }

Added: incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java?rev=685212&view=auto
==============================================================================
--- incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java (added)
+++ incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/OAuthCallbackServletTest.java Tue Aug 12 09:04:48 2008
@@ -0,0 +1,43 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.shindig.gadgets.servlet;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+
+/**
+ * Tests for OAuth callback servlet.
+ */
+public class OAuthCallbackServletTest {
+
+  private final ServletTestFixture fixture = new ServletTestFixture();
+
+  @Test
+  public void testServlet() throws Exception {
+    OAuthCallbackServlet servlet = new OAuthCallbackServlet();
+    fixture.replay();
+    servlet.doGet(fixture.request, fixture.recorder);
+    fixture.verify();
+    assertEquals("text/html; charset=UTF-8", fixture.recorder.getContentType());
+    String body = fixture.recorder.getResponseAsString();
+    assertTrue("body is " + body, body.indexOf("window.close()") != -1);
+  }
+}

Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml (original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml Tue Aug 12 09:04:48 2008
@@ -74,6 +74,14 @@
     </servlet-class>
   </servlet>
 
+  <!-- OAuth callback -->
+  <servlet>
+    <servlet-name>oauthCallback</servlet-name>
+    <servlet-class>
+      org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
+    </servlet-class>
+  </servlet>
+
   <!-- Metadata RPC -->
   <servlet>
     <servlet-name>metadata</servlet-name>
@@ -117,6 +125,11 @@
   </servlet-mapping>
 
   <servlet-mapping>
+    <servlet-name>oauthCallback</servlet-name>
+    <url-pattern>/gadgets/oauthcallback</url-pattern>
+  </servlet-mapping>
+
+  <servlet-mapping>
     <servlet-name>xml-to-html</servlet-name>
     <url-pattern>/gadgets/ifr</url-pattern>
   </servlet-mapping>

Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml (original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml Tue Aug 12 09:04:48 2008
@@ -56,6 +56,14 @@
     </servlet-class>
   </servlet>
 
+  <!-- OAuth callback -->
+  <servlet>
+    <servlet-name>oauthCallback</servlet-name>
+    <servlet-class>
+      org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
+    </servlet-class>
+  </servlet>
+
   <!-- Metadata RPC -->
   <servlet>
     <servlet-name>metadata</servlet-name>
@@ -86,6 +94,11 @@
   </servlet-mapping>
 
   <servlet-mapping>
+    <servlet-name>oauthCallback</servlet-name>
+    <url-pattern>/gadgets/oauthcallback</url-pattern>
+  </servlet-mapping>
+
+  <servlet-mapping>
     <servlet-name>xml-to-html</servlet-name>
     <url-pattern>/gadgets/ifr</url-pattern>
   </servlet-mapping>

Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml (original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml Tue Aug 12 09:04:48 2008
@@ -75,6 +75,14 @@
     </servlet-class>
   </servlet>
 
+  <!-- OAuth callback -->
+  <servlet>
+    <servlet-name>oauthCallback</servlet-name>
+    <servlet-class>
+      org.apache.shindig.gadgets.servlet.OAuthCallbackServlet
+    </servlet-class>
+  </servlet>
+
   <!-- Metadata RPC -->
   <servlet>
     <servlet-name>metadata</servlet-name>
@@ -118,6 +126,11 @@
   </servlet-mapping>
 
   <servlet-mapping>
+    <servlet-name>oauthCallback</servlet-name>
+    <url-pattern>/gadgets/oauthcallback</url-pattern>
+  </servlet-mapping>
+
+  <servlet-mapping>
     <servlet-name>xml-to-html</servlet-name>
     <url-pattern>/gadgets/ifr</url-pattern>
   </servlet-mapping>

Modified: incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml?rev=685212&r1=685211&r2=685212&view=diff
==============================================================================
--- incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml (original)
+++ incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml Tue Aug 12 09:04:48 2008
@@ -5,7 +5,7 @@
       <Service>
         <Request url="http://localhost:9090/oauth-provider/request_token" />
         <Access url="http://localhost:9090/oauth-provider/access_token" />
-        <Authorization url="http://localhost:9090/oauth-provider/authorize" />
+        <Authorization url="http://localhost:9090/oauth-provider/authorize?oauth_callback=http://localhost:8080/gadgets/oauthcallback" />
       </Service>
     </OAuth>
     <Preload authz="oauth" href="http://localhost:9090/oauth-provider/echo" />