You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by ch...@apache.org on 2010/05/28 07:09:09 UTC
svn commit: r949098 - in /shindig/trunk/java/gadgets/src:
main/java/org/apache/shindig/gadgets/oauth/
test/java/org/apache/shindig/gadgets/oauth/
Author: chirag
Date: Fri May 28 05:09:08 2010
New Revision: 949098
URL: http://svn.apache.org/viewvc?rev=949098&view=rev
Log:
Decouple OAuthRequestException from OAuthResponseParams.
Add a formatted description string to the OAuthError enum.
Code Review: http://codereview.appspot.com/1258043/show
Added:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthError.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequestException.java
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/AccessorInfoBuilder.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGenerator.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackGenerator.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthResponseParams.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGeneratorTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetTokenStoreTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthResponseParamsTest.java
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/AccessorInfoBuilder.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/AccessorInfoBuilder.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/AccessorInfoBuilder.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/AccessorInfoBuilder.java Fri May 28 05:09:08 2010
@@ -23,7 +23,6 @@ import net.oauth.OAuthAccessor;
import org.apache.shindig.gadgets.oauth.AccessorInfo.HttpMethod;
import org.apache.shindig.gadgets.oauth.AccessorInfo.OAuthParamLocation;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.apache.shindig.gadgets.oauth.OAuthStore.ConsumerInfo;
/**
@@ -45,10 +44,10 @@ public class AccessorInfoBuilder {
public AccessorInfo create(OAuthResponseParams responseParams) throws OAuthRequestException {
if (location == null) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "no location");
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM, "no location");
}
if (consumer == null) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM, "no consumer");
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM, "no consumer");
}
OAuthAccessor accessor = new OAuthAccessor(consumer.getConsumer());
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGenerator.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGenerator.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGenerator.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGenerator.java Fri May 28 05:09:08 2010
@@ -32,7 +32,6 @@ import org.apache.shindig.gadgets.Gadget
import org.apache.shindig.gadgets.LockedDomainService;
import org.apache.shindig.gadgets.UrlGenerator;
import org.apache.shindig.gadgets.http.HttpRequest;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.apache.shindig.gadgets.process.ProcessingException;
import org.apache.shindig.gadgets.process.Processor;
import org.apache.shindig.gadgets.servlet.OAuthCallbackServlet;
@@ -118,12 +117,12 @@ public class GadgetOAuthCallbackGenerato
Uri activeUrl = Uri.parse(securityToken.getActiveUrl());
String hostname = activeUrl.getAuthority();
if (!lockedDomainService.gadgetCanRender(hostname, gadget, securityToken.getContainer())) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Gadget should not be using URL " + activeUrl);
}
return activeUrl;
} catch (ProcessingException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Unable to check if gadget is using locked-domain", e);
}
}
@@ -151,7 +150,7 @@ public class GadgetOAuthCallbackGenerato
callback.addQueryParameter(OAuthCallbackServlet.CALLBACK_STATE_PARAM,
state.getEncryptedState());
} catch (BlobCrypterException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Failure generating callback URL", e);
}
return callback.toString();
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/GadgetOAuthTokenStore.java Fri May 28 05:09:08 2010
@@ -24,7 +24,6 @@ import org.apache.shindig.gadgets.Gadget
import org.apache.shindig.gadgets.GadgetSpecFactory;
import org.apache.shindig.gadgets.oauth.AccessorInfo.HttpMethod;
import org.apache.shindig.gadgets.oauth.AccessorInfo.OAuthParamLocation;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.apache.shindig.gadgets.oauth.OAuthStore.ConsumerInfo;
import org.apache.shindig.gadgets.oauth.OAuthStore.TokenInfo;
import org.apache.shindig.gadgets.spec.GadgetSpec;
@@ -105,7 +104,7 @@ public class GadgetOAuthTokenStore {
securityToken, arguments.getServiceName(), provider);
accessorBuilder.setConsumer(consumer);
} catch (GadgetException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Unable to retrieve consumer key", e);
}
@@ -130,13 +129,13 @@ public class GadgetOAuthTokenStore {
GadgetSpec spec = findSpec(securityToken, arguments, responseParams);
OAuthSpec oauthSpec = spec.getModulePrefs().getOAuthSpec();
if (oauthSpec == null) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
+ throw new OAuthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
"Failed to retrieve OAuth URLs, spec for gadget " +
securityToken.getAppUrl() + " does not contain OAuth element.");
}
OAuthService service = oauthSpec.getServices().get(arguments.getServiceName());
if (service == null) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
+ throw new OAuthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
"Failed to retrieve OAuth URLs, spec for gadget does not contain OAuth service " +
arguments.getServiceName() + ". Known services: " +
StringUtils.join(oauthSpec.getServices().keySet(), ',') + '.');
@@ -175,7 +174,7 @@ public class GadgetOAuthTokenStore {
return new OAuthServiceProvider(requestTokenUrl, authorizationUrl, accessTokenUrl);
} catch (SpecParserException e) {
// these exceptions have decent programmer readable messages
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
+ throw new OAuthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
e.getMessage());
}
}
@@ -189,12 +188,10 @@ public class GadgetOAuthTokenStore {
try {
uri = Uri.parse(url);
} catch (Throwable t) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
- "Invalid url: " + url);
+ throw new OAuthRequestException(OAuthError.INVALID_URL, url);
}
if (!uri.isAbsolute()) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
- "Invalid url: " + url);
+ throw new OAuthRequestException(OAuthError.INVALID_URL, url);
}
}
@@ -235,7 +232,7 @@ public class GadgetOAuthTokenStore {
tokenInfo = store.getTokenInfo(securityToken, consumerInfo,
arguments.getServiceName(), arguments.getTokenName());
} catch (GadgetException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Unable to retrieve access token", e);
}
if (tokenInfo != null && tokenInfo.getAccessToken() != null) {
@@ -263,8 +260,7 @@ public class GadgetOAuthTokenStore {
case BODY:
return OAuthParamLocation.POST_BODY;
}
- throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
- "Unknown parameter location " + location);
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PARAMETER_LOCATION);
}
private HttpMethod getStoreMethod(Method method, OAuthResponseParams responseParams)
@@ -275,7 +271,7 @@ public class GadgetOAuthTokenStore {
case POST:
return HttpMethod.POST;
}
- throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST, "Unknown method " + method);
+ throw new OAuthRequestException(OAuthError.UNSUPPORTED_HTTP_METHOD, method.toString());
}
private GadgetSpec findSpec(final SecurityToken securityToken, final OAuthArguments arguments,
@@ -284,10 +280,10 @@ public class GadgetOAuthTokenStore {
GadgetContext context = new OAuthGadgetContext(securityToken, arguments);
return specFactory.getGadgetSpec(context);
} catch (IllegalArgumentException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Could not fetch gadget spec, gadget URI invalid.", e);
} catch (GadgetException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Could not fetch gadget spec", e);
}
}
@@ -302,7 +298,7 @@ public class GadgetOAuthTokenStore {
store.setTokenInfo(securityToken, consumerInfo, arguments.getServiceName(),
arguments.getTokenName(), tokenInfo);
} catch (GadgetException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Unable to store access token", e);
}
}
@@ -316,7 +312,7 @@ public class GadgetOAuthTokenStore {
store.removeToken(securityToken, consumerInfo, arguments.getServiceName(),
arguments.getTokenName());
} catch (GadgetException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Unable to remove access token", e);
}
}
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackGenerator.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackGenerator.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackGenerator.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthCallbackGenerator.java Fri May 28 05:09:08 2010
@@ -21,7 +21,6 @@ package org.apache.shindig.gadgets.oauth
import com.google.inject.ImplementedBy;
import org.apache.shindig.gadgets.http.HttpRequest;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
/**
* Figures out the OAuth callback URL to send service providers.
Added: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthError.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthError.java?rev=949098&view=auto
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthError.java (added)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthError.java Fri May 28 05:09:08 2010
@@ -0,0 +1,101 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.shindig.gadgets.oauth;
+
+/**
+ * Error strings to be returned to gadgets as "oauthError" data.
+ */
+public enum OAuthError {
+ /**
+ * The request cannot be completed because the gadget's OAuth configuration
+ * is incorrect. Generic message.
+ */
+ BAD_OAUTH_CONFIGURATION("%s"),
+
+ /**
+ * The request cannot be completed because the gadget didn't specify
+ * an endpoint required for redirection-based authorization.
+ */
+ BAD_OAUTH_TOKEN_URL("No %s URL specified"),
+
+ /**
+ * The request cannot be completed due to missing oauth field(s)
+ */
+ MISSING_OAUTH_PARAMETER("No %s returned from service provider"),
+
+ /**
+ * The request did not yield a response from the server
+ */
+ MISSING_SERVER_RESPONSE("No response from server"),
+
+ /**
+ * The requested HTTP method is not supported
+ */
+ UNSUPPORTED_HTTP_METHOD("Unknown method: %s"),
+
+ /**
+ * The request cannot be completed for an unspecified reason.
+ */
+ UNKNOWN_PROBLEM("%s"),
+
+ /**
+ * The user is not authenticated.
+ */
+ UNAUTHENTICATED("Unauthenticated OAuth fetch"),
+
+ /**
+ * The user is not the owner of the page.
+ */
+ NOT_OWNER("Non-Secure Owner Page. Only page owners can grant OAuth approval"),
+
+ /**
+ * The URL is invalid
+ */
+ INVALID_URL("Invalid URL: %s"),
+
+ /**
+ * The request contains an invalid parameter.
+ */
+ INVALID_PARAMETER("Invalid parameter name %s, applications may not override"
+ + " oauth, xoauth, or opensocial parameters"),
+
+ /**
+ * The request contains an invalid trusted parameter.
+ */
+ INVALID_TRUSTED_PARAMETER("Invalid trusted parameter name %s, parameter"
+ + " must start with oauth, xoauth, or opensocial"),
+
+ UNKNOWN_PARAMETER_LOCATION("Unknown parameter location: %s"),
+
+ /**
+ * The request cannot be completed because the request options were invalid.
+ * Generic message.
+ */
+ INVALID_REQUEST("%s"),
+ ;
+
+ private final String formatString;
+
+ OAuthError(String formatString) {
+ this.formatString = formatString;
+ }
+
+ @Override
+ public String toString() {
+ return formatString;
+ }
+}
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequest.java Fri May 28 05:09:08 2010
@@ -42,7 +42,6 @@ import org.apache.shindig.gadgets.http.H
import org.apache.shindig.gadgets.http.HttpResponseBuilder;
import org.apache.shindig.gadgets.oauth.AccessorInfo.HttpMethod;
import org.apache.shindig.gadgets.oauth.AccessorInfo.OAuthParamLocation;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.apache.shindig.gadgets.oauth.OAuthStore.TokenInfo;
import org.json.JSONObject;
@@ -196,9 +195,9 @@ public class OAuthRequest {
response = fetchWithRetry();
} catch (OAuthRequestException e) {
// No data for us.
- if (OAuthError.UNAUTHENTICATED.toString().equals(responseParams.getError())) {
+ if (OAuthError.UNAUTHENTICATED.toString().equals(e.getError())) {
responseParams.logDetailedInfo("Unauthenticated OAuth fetch", e);
- } else if (OAuthError.INVALID_REQUEST.toString().equals(responseParams.getError())) {
+ } else if (OAuthError.BAD_OAUTH_TOKEN_URL.toString().equals(e.getError())) {
responseParams.logDetailedInfo("Invalid OAuth fetch request", e);
} else {
responseParams.logDetailedWarning("OAuth fetch fatal error", e);
@@ -207,7 +206,7 @@ public class OAuthRequest {
response = new HttpResponseBuilder()
.setHttpStatusCode(HttpResponse.SC_FORBIDDEN)
.setStrictNoCache();
- responseParams.addToResponse(response);
+ responseParams.addToResponse(response, e);
return response.create();
}
@@ -220,8 +219,7 @@ public class OAuthRequest {
responseParams.setSendTraceToClient(true);
}
- responseParams.addToResponse(response);
-
+ responseParams.addToResponse(response, null);
return response.create();
}
@@ -242,10 +240,10 @@ public class OAuthRequest {
retry = handleProtocolException(pe, attempts);
if (!retry) {
if (pe.getProblemCode() != null) {
- throw responseParams.oauthRequestException(pe.getProblemCode(),
+ throw new OAuthRequestException(pe.getProblemCode(),
"Service provider rejected request", pe);
} else {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Service provider rejected request", pe);
}
}
@@ -318,14 +316,13 @@ public class OAuthRequest {
String pageViewer = realRequest.getSecurityToken().getViewerId();
String stateOwner = clientState.getOwner();
if (pageOwner == null || pageViewer == null) {
- throw responseParams.oauthRequestException(OAuthError.UNAUTHENTICATED, "Unauthenticated");
+ throw new OAuthRequestException(OAuthError.UNAUTHENTICATED);
}
if (!fetcherConfig.isViewerAccessTokensEnabled() && !pageOwner.equals(pageViewer)) {
- throw responseParams.oauthRequestException(OAuthError.NOT_OWNER,
- "Non-Secure Owner Page -- Only page owners can grant OAuth approval");
+ throw new OAuthRequestException(OAuthError.NOT_OWNER);
}
if (stateOwner != null && !stateOwner.equals(pageViewer)) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Client state belongs to a different person " +
"(state owner=" + stateOwner + ", pageViewer=" + pageViewer + ')');
}
@@ -334,11 +331,11 @@ public class OAuthRequest {
private void fetchRequestToken() throws OAuthRequestException, OAuthProtocolException {
OAuthAccessor accessor = accessorInfo.getAccessor();
HttpRequest request = createRequestTokenRequest(accessor);
-
+
List<Parameter> requestTokenParams = Lists.newArrayList();
-
+
addCallback(requestTokenParams);
-
+
HttpRequest signed = sanitizeAndSign(request, requestTokenParams, true);
OAuthMessage reply = sendOAuthMessage(signed);
@@ -350,8 +347,7 @@ public class OAuthRequest {
private HttpRequest createRequestTokenRequest(OAuthAccessor accessor)
throws OAuthRequestException {
if (accessor.consumer.serviceProvider.requestTokenURL == null) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
- "No request token URL specified");
+ throw new OAuthRequestException(OAuthError.BAD_OAUTH_TOKEN_URL, "request token");
}
HttpRequest request = new HttpRequest(
Uri.parse(accessor.consumer.serviceProvider.requestTokenURL));
@@ -384,9 +380,7 @@ public class OAuthRequest {
if (allowParam(name)) {
list.add(p);
} else {
- throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
- "invalid parameter name " + name +
- ", applications may not override opensocial or oauth parameters");
+ throw new OAuthRequestException(OAuthError.INVALID_PARAMETER, name);
}
}
return list;
@@ -399,32 +393,28 @@ public class OAuthRequest {
canonParamName.startsWith("opensocial")) &&
ALLOWED_PARAM_NAME.matcher(canonParamName).matches());
}
-
+
/**
* This gives a chance to override parameters by passing trusted parameters.
- *
+ *
*/
private void overrideParameters(List<Parameter> authParams)
throws OAuthRequestException {
if (trustedParams == null) {
return;
}
-
+
Map<String, String> paramMap = Maps.newLinkedHashMap();
for (Parameter param : authParams) {
paramMap.put(param.getKey(), param.getValue());
}
for (Parameter param : trustedParams) {
if (!isContainerInjectedParameter(param.getKey())) {
- throw responseParams.oauthRequestException(
- OAuthError.INVALID_REQUEST,
- "invalid trusted parameter name "
- + param.getKey()
- + ", trusted parameter must start with 'oauth' 'xoauth'or 'opensocial' ");
+ throw new OAuthRequestException(OAuthError.INVALID_TRUSTED_PARAMETER, param.getKey());
}
- paramMap.put(param.getKey(), param.getValue());
+ paramMap.put(param.getKey(), param.getValue());
}
-
+
authParams.clear();
for (String key : paramMap.keySet()) {
authParams.add(new Parameter(key, paramMap.get(key)));
@@ -462,7 +452,7 @@ public class OAuthRequest {
if (appUrl != null) {
params.add(new Parameter(OPENSOCIAL_APPURL, appUrl));
}
-
+
if (realRequest.getOAuthArguments().isProxiedContentRequest()) {
params.add(new Parameter(OPENSOCIAL_PROXIED_CONTENT, "1"));
}
@@ -531,7 +521,7 @@ public class OAuthRequest {
params.addAll(sanitize(OAuth.decodeForm(base.getPostBodyAsString())));
} catch (IllegalArgumentException e) {
// Occurs if OAuth.decodeForm finds an invalid URL to decode.
- throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
+ throw new OAuthRequestException(OAuthError.INVALID_REQUEST,
"Could not decode body", e);
}
break;
@@ -542,7 +532,7 @@ public class OAuthRequest {
String b64 = new String(Base64.encodeBase64(hash), CharsetUtil.UTF8.name());
params.add(new Parameter(OAuthConstants.OAUTH_BODY_HASH, b64));
} catch (IOException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Error taking body hash", e);
}
break;
@@ -551,13 +541,13 @@ public class OAuthRequest {
// authParams are parameters prefixed with 'xoauth' 'oauth' or 'opensocial',
// trusted parameters have ability to override these parameters.
List<Parameter> authParams = Lists.newArrayList();
-
+
addIdentityParams(authParams);
addSignatureParams(authParams);
-
+
overrideParameters(authParams);
-
+
params.addAll(authParams);
try {
@@ -568,7 +558,7 @@ public class OAuthRequest {
oauthHttpRequest.setFollowRedirects(false);
return oauthHttpRequest;
} catch (OAuthException e) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
+ throw new OAuthRequestException(OAuthError.UNKNOWN_PROBLEM,
"Error signing message", e);
}
}
@@ -600,8 +590,8 @@ public class OAuthRequest {
case POST_BODY:
String contentType = result.getHeader("Content-Type");
if (!OAuth.isFormEncoded(contentType)) {
- throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
- "OAuth param location can only be post_body if post body if of " +
+ throw new OAuthRequestException(OAuthError.INVALID_REQUEST,
+ "OAuth param location can only be post_body if it is of " +
"type x-www-form-urlencoded");
}
String oauthData = OAuthUtil.formEncode(oauthParams);
@@ -640,12 +630,12 @@ public class OAuthRequest {
reply.addParameters(OAuth.decodeForm(response.getResponseAsString()));
reply = parseAuthHeader(reply, response);
if (OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN) == null) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
- "No oauth_token returned from service provider");
+ throw new OAuthRequestException(OAuthError.MISSING_OAUTH_PARAMETER,
+ OAuth.OAUTH_TOKEN);
}
if (OAuthUtil.getParameter(reply, OAuth.OAUTH_TOKEN_SECRET) == null) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
- "No oauth_token_secret returned from service provider");
+ throw new OAuthRequestException(OAuthError.MISSING_OAUTH_PARAMETER,
+ OAuth.OAUTH_TOKEN_SECRET);
}
return reply;
}
@@ -687,8 +677,8 @@ public class OAuthRequest {
// We add the token, gadget is responsible for the callback URL.
OAuthAccessor accessor = accessorInfo.getAccessor();
if (accessor.consumer.serviceProvider.userAuthorizationURL == null) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
- "No authorization URL specified");
+ throw new OAuthRequestException(OAuthError.BAD_OAUTH_TOKEN_URL,
+ "authorization");
}
StringBuilder azn = new StringBuilder(
accessor.consumer.serviceProvider.userAuthorizationURL);
@@ -731,9 +721,9 @@ public class OAuthRequest {
accessorInfo.getAccessor().accessToken = null;
}
OAuthAccessor accessor = accessorInfo.getAccessor();
+
if (accessor.consumer.serviceProvider.accessTokenURL == null) {
- throw responseParams.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION,
- "No access token URL specified.");
+ throw new OAuthRequestException(OAuthError.BAD_OAUTH_TOKEN_URL, "access token");
}
Uri accessTokenUri = Uri.parse(accessor.consumer.serviceProvider.accessTokenURL);
HttpRequest request = new HttpRequest(accessTokenUri);
@@ -757,7 +747,7 @@ public class OAuthRequest {
msgParams.add(new Parameter(OAuthConstants.OAUTH_VERIFIER, verifier));
}
} catch (IllegalArgumentException e) {
- throw responseParams.oauthRequestException(OAuthError.INVALID_REQUEST,
+ throw new OAuthRequestException(OAuthError.INVALID_REQUEST,
"Invalid received callback URL: " + receivedCallback, e);
}
}
@@ -856,13 +846,11 @@ public class OAuthRequest {
try {
response = fetcher.fetch(request);
if (response == null) {
- throw responseParams.oauthRequestException(OAuthError.UNKNOWN_PROBLEM,
- "No response from server");
+ throw new OAuthRequestException(OAuthError.MISSING_SERVER_RESPONSE);
}
return response;
} catch (GadgetException e) {
- throw responseParams.oauthRequestException(
- OAuthError.UNKNOWN_PROBLEM, "No response from server", e);
+ throw new OAuthRequestException(OAuthError.MISSING_SERVER_RESPONSE, "", e);
} finally {
responseParams.addRequestTrace(request, response);
}
Added: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequestException.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequestException.java?rev=949098&view=auto
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequestException.java (added)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthRequestException.java Fri May 28 05:09:08 2010
@@ -0,0 +1,131 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with this
+ * work for additional information regarding copyright ownership. The ASF
+ * licenses this file to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ */
+package org.apache.shindig.gadgets.oauth;
+
+import com.google.common.base.Preconditions;
+
+public class OAuthRequestException extends Exception {
+
+ /**
+ * Error code for the client.
+ */
+ private String error;
+
+ /**
+ * Error text for the client.
+ */
+ private String errorText;
+
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param error
+ */
+ public OAuthRequestException (OAuthError error) {
+ this(error.name(), error.toString());
+ }
+
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param error
+ * @param errorText
+ */
+ public OAuthRequestException (OAuthError error, String errorText) {
+ this(error.name(), String.format(error.toString(), errorText));
+ }
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param error
+ * @param errorText
+ * @param cause
+ */
+ public OAuthRequestException(OAuthError error, String errorText, Throwable cause) {
+ this(error.name(), String.format(error.toString(), errorText), cause);
+ }
+
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param error
+ * @param errorText
+ */
+ public OAuthRequestException(String error, String errorText) {
+ super('[' + error + ',' + errorText + ']');
+ this.error = Preconditions.checkNotNull(error);
+ this.errorText = Preconditions.checkNotNull(errorText);
+ }
+
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param error
+ * @param errorText
+ * @param cause
+ */
+ public OAuthRequestException(String error, String errorText, Throwable cause) {
+ super('[' + error + ',' + errorText + ']', cause);
+ this.error = Preconditions.checkNotNull(error);
+ this.errorText = Preconditions.checkNotNull(errorText);
+ }
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param message
+ */
+ public OAuthRequestException(String message) {
+ super(message);
+ }
+
+
+ /**
+ * Create an exception and record information about the exception to be returned to the gadget.
+ * @param message
+ * @param cause
+ */
+ public OAuthRequestException(String message, Throwable cause) {
+ super(message, cause);
+ }
+
+ /**
+ * Get the error code
+ * @return
+ */
+ public String getError() {
+ return error;
+ }
+
+ /**
+ * Get a meaningful description of the exception
+ * @return
+ */
+ public String getErrorText() {
+ return errorText;
+ }
+
+ @Override
+ public String getMessage() {
+ return errorText;
+ }
+
+ @Override
+ public String toString() {
+ return "[" + error + "," + errorText + "]";
+ }
+
+}
Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthResponseParams.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthResponseParams.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthResponseParams.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/oauth/OAuthResponseParams.java Fri May 28 05:09:08 2010
@@ -20,7 +20,6 @@
package org.apache.shindig.gadgets.oauth;
import com.google.common.collect.Lists;
-import com.google.common.base.Preconditions;
import org.apache.shindig.auth.SecurityToken;
import org.apache.shindig.common.Pair;
@@ -41,7 +40,6 @@ import java.util.regex.Pattern;
* Container for OAuth specific data to include in the response to the client.
*/
public class OAuthResponseParams {
-
private static final Logger logger = Logger.getLogger(OAuthResponseParams.class.getName());
// Finds the values of sensitive response params: oauth_token_secret and oauth_session_handle
@@ -80,16 +78,6 @@ public class OAuthResponseParams {
private String aznUrl;
/**
- * Error code for the client.
- */
- private String error;
-
- /**
- * Error text for the client.
- */
- private String errorText;
-
- /**
* Whether we should include the request trace in the response to the application.
*
* It might be nice to make this configurable based on options passed to makeRequest. For now
@@ -111,18 +99,24 @@ public class OAuthResponseParams {
* Log a warning message that includes the details of the request.
*/
public void logDetailedWarning(String note) {
- logger.log(Level.WARNING, note + '\n' + getDetails());
+ if (logger.isLoggable(Level.WARNING)) {
+ logger.log(Level.WARNING, note + '\n' + getDetails(null));
+ }
}
/**
* Log a warning message that includes the details of the request and the thrown exception.
*/
- public void logDetailedWarning(String note, Throwable cause) {
- logger.log(Level.WARNING, note + '\n' + getDetails(), cause);
+ public void logDetailedWarning(String note, Throwable e) {
+ if (logger.isLoggable(Level.WARNING)) {
+ logger.log(Level.WARNING, note + '\n' + getDetails(e), e);
+ }
}
- public void logDetailedInfo(String note, Throwable cause) {
- logger.log(Level.INFO, note + '\n' + getDetails(), cause);
+ public void logDetailedInfo(String note, Throwable e) {
+ if (logger.isLoggable(Level.INFO)) {
+ logger.log(Level.INFO, note + '\n' + getDetails(e), e);
+ }
}
/**
@@ -144,9 +138,21 @@ public class OAuthResponseParams {
return false;
}
- private String getDetails() {
- return "OAuth error [" + error + ", " + errorText + "] for application " +
- securityToken.getAppUrl() + ". Request trace:" + getRequestTrace();
+ private String getDetails(Throwable e) {
+ String error = null;
+
+ if (null != e) {
+ if(e instanceof OAuthRequestException) {
+ OAuthRequestException reqException = ((OAuthRequestException) e);
+ error = reqException.getError() + ", " + reqException.getErrorText();
+ }
+ else {
+ error = e.getMessage();
+ }
+ }
+
+ return "OAuth error [" + error + "] for application "
+ + securityToken.getAppUrl() + ". Request trace:" + getRequestTrace();
}
private String getRequestTrace() {
@@ -181,30 +187,31 @@ public class OAuthResponseParams {
/**
* Update a response with additional data to be returned to the application.
*/
- public void addToResponse(HttpResponseBuilder response) {
+ public void addToResponse(HttpResponseBuilder response, OAuthRequestException e) {
if (!newClientState.isEmpty()) {
try {
response.setMetadata(CLIENT_STATE, newClientState.getEncryptedState());
- } catch (BlobCrypterException e) {
+ } catch (BlobCrypterException cryptException) {
// Configuration error somewhere, this should never happen.
- throw new RuntimeException(e);
+ throw new RuntimeException(cryptException);
}
}
if (aznUrl != null) {
response.setMetadata(APPROVAL_URL, aznUrl);
}
- if (error != null) {
- response.setMetadata(ERROR_CODE, error);
- }
- if (errorText != null || sendTraceToClient) {
+
+ if (e != null || sendTraceToClient) {
StringBuilder verboseError = new StringBuilder();
- if (errorText != null) {
- verboseError.append(errorText);
+
+ if (e != null) {
+ response.setMetadata(ERROR_CODE, e.getError());
+ verboseError.append(e.getErrorText());
}
if (sendTraceToClient) {
verboseError.append('\n');
verboseError.append(getRequestTrace());
}
+
response.setMetadata(ERROR_TEXT, verboseError.toString());
}
}
@@ -234,53 +241,4 @@ public class OAuthResponseParams {
public void setSendTraceToClient(boolean sendTraceToClient) {
this.sendTraceToClient = sendTraceToClient;
}
-
- public String getError() {
- return error;
- }
-
- public OAuthRequestException oauthRequestException(OAuthError error, String errorText) {
- return oauthRequestException(error.toString(), errorText);
- }
-
- public OAuthRequestException oauthRequestException(OAuthError error, String errorText,
- Throwable cause) {
- return oauthRequestException(error.toString(), errorText, cause);
- }
-
- /**
- * Create an exception and record information about the exception to be returned to the gadget.
- */
- public OAuthRequestException oauthRequestException(String error, String errorText) {
- this.error = Preconditions.checkNotNull(error);
- this.errorText = Preconditions.checkNotNull(errorText);
- return new OAuthRequestException('[' + error + ',' + errorText + ']');
- }
-
- /**
- * Create an exception and record information about the exception to be returned to the gadget.
- */
- public OAuthRequestException oauthRequestException(String error, String errorText,
- Throwable cause) {
- this.error = Preconditions.checkNotNull(error);
- this.errorText = Preconditions.checkNotNull(errorText);
- return new OAuthRequestException('[' + error + ',' + errorText + ']', cause);
- }
-
- /**
- * Superclass for all exceptions thrown from OAuthRequest and friends.
- *
- * The constructors are private, use OAuthResponseParams.oauthRequestException to create this
- * exception. This makes sure that any exception thrown is also exposed to the calling gadget
- * in a useful way.
- */
- public static class OAuthRequestException extends Exception {
- private OAuthRequestException(String message) {
- super(message);
- }
-
- private OAuthRequestException(String message, Throwable cause) {
- super(message, cause);
- }
- }
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGeneratorTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGeneratorTest.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGeneratorTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetOAuthCallbackGeneratorTest.java Fri May 28 05:09:08 2010
@@ -33,7 +33,6 @@ import org.apache.shindig.gadgets.Gadget
import org.apache.shindig.gadgets.LockedDomainService;
import org.apache.shindig.gadgets.UrlGenerator;
import org.apache.shindig.gadgets.http.HttpRequest;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.apache.shindig.gadgets.process.ProcessingException;
import org.apache.shindig.gadgets.process.Processor;
import org.easymock.IArgumentMatcher;
@@ -94,7 +93,7 @@ public class GadgetOAuthCallbackGenerato
getGenerator().generateCallback(fetcherConfig, "base", request, responseParams);
fail("Should have thrown");
} catch (OAuthRequestException e) {
- assertEquals(OAuthError.UNKNOWN_PROBLEM.toString(), responseParams.getError());
+ assertEquals(OAuthError.UNKNOWN_PROBLEM.name(), e.getError());
}
control.verify();
@@ -114,7 +113,7 @@ public class GadgetOAuthCallbackGenerato
getGenerator().generateCallback(fetcherConfig, "base", request, responseParams);
fail("Should have thrown");
} catch (OAuthRequestException e) {
- assertEquals(OAuthError.UNKNOWN_PROBLEM.toString(), responseParams.getError());
+ assertEquals(OAuthError.UNKNOWN_PROBLEM.name(), e.getError());
}
control.verify();
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetTokenStoreTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetTokenStoreTest.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetTokenStoreTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/GadgetTokenStoreTest.java Fri May 28 05:09:08 2010
@@ -31,7 +31,6 @@ import org.apache.shindig.gadgets.oauth.
import org.apache.shindig.gadgets.oauth.AccessorInfo.OAuthParamLocation;
import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret.KeyType;
import org.apache.shindig.gadgets.oauth.OAuthArguments.UseToken;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.apache.shindig.gadgets.oauth.OAuthStore.TokenInfo;
import org.apache.shindig.gadgets.oauth.testing.FakeOAuthServiceProvider;
import org.junit.Before;
@@ -132,7 +131,7 @@ public class GadgetTokenStoreTest {
store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig);
fail();
} catch (OAuthRequestException e) {
- assertEquals("BAD_OAUTH_CONFIGURATION", responseParams.getError());
+ assertEquals("BAD_OAUTH_CONFIGURATION", e.getError());
}
}
@@ -303,7 +302,7 @@ public class GadgetTokenStoreTest {
store.getOAuthAccessor(socialToken, arguments, clientState, responseParams, fetcherConfig);
fail();
} catch (OAuthRequestException e) {
- assertEquals("BAD_OAUTH_CONFIGURATION", responseParams.getError());
+ assertEquals("BAD_OAUTH_CONFIGURATION", e.getError());
}
}
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthRequestTest.java Fri May 28 05:09:08 2010
@@ -399,7 +399,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
assertEquals(-1, response.getCacheTtl());
- assertEquals(OAuthError.UNAUTHENTICATED.toString(), response.getMetadata().get("oauthError"));
+ assertEquals(OAuthError.UNAUTHENTICATED.name(), response.getMetadata().get("oauthError"));
}
@Test
@@ -418,7 +418,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
assertEquals(-1, response.getCacheTtl());
- assertEquals(OAuthError.UNAUTHENTICATED.toString(), response.getMetadata().get("oauthError"));
+ assertEquals(OAuthError.UNAUTHENTICATED.name(), response.getMetadata().get("oauthError"));
}
}
@@ -468,7 +468,7 @@ public class OAuthRequestTest {
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
- assertEquals(OAuthError.BAD_OAUTH_CONFIGURATION.toString(),
+ assertEquals(OAuthError.BAD_OAUTH_TOKEN_URL.name(),
response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
assertNotNull(errorText);
@@ -495,7 +495,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
- assertEquals(OAuthError.BAD_OAUTH_CONFIGURATION.toString(),
+ assertEquals(OAuthError.BAD_OAUTH_TOKEN_URL.name(),
response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
assertNotNull(errorText);
@@ -518,7 +518,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
- assertEquals(OAuthError.BAD_OAUTH_CONFIGURATION.toString(),
+ assertEquals(OAuthError.BAD_OAUTH_TOKEN_URL.name(),
response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
assertNotNull(errorText);
@@ -606,11 +606,11 @@ public class OAuthRequestTest {
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
- assertEquals(OAuthError.BAD_OAUTH_CONFIGURATION.toString(),
+ assertEquals(OAuthError.INVALID_URL.name(),
response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
assertNotNull(errorText);
- checkStringContains("should report invalid url", errorText, "Invalid url: foo");
+ checkStringContains("should report invalid url", errorText, "Invalid URL: foo");
}
@Test
@@ -627,11 +627,11 @@ public class OAuthRequestTest {
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
- assertEquals(OAuthError.BAD_OAUTH_CONFIGURATION.toString(),
+ assertEquals(OAuthError.INVALID_URL.name(),
response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
assertNotNull(errorText);
- checkStringContains("should report invalid url", errorText, "Invalid url: ");
+ checkStringContains("should report invalid url", errorText, "Invalid URL: ");
}
@Test
@@ -649,7 +649,7 @@ public class OAuthRequestTest {
response = friend.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
assertEquals("", response.getResponseAsString());
assertEquals(403, response.getHttpStatusCode());
- assertEquals(OAuthError.NOT_OWNER.toString(), response.getMetadata().get("oauthError"));
+ assertEquals(OAuthError.NOT_OWNER.name(), response.getMetadata().get("oauthError"));
}
@Test
@@ -850,7 +850,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
Map<String, String> metadata = response.getMetadata();
assertNotNull(metadata);
- assertEquals("UNKNOWN_PROBLEM", metadata.get("oauthError"));
+ assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
checkStringContains("oauthErrorText mismatch", errorText,
"No oauth_token returned from service provider");
@@ -872,7 +872,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
Map<String, String> metadata = response.getMetadata();
assertNotNull(metadata);
- assertEquals("UNKNOWN_PROBLEM", metadata.get("oauthError"));
+ assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
checkStringContains("oauthErrorText mismatch", errorText,
"No oauth_token_secret returned from service provider");
@@ -907,7 +907,7 @@ public class OAuthRequestTest {
assertEquals("", response.getResponseAsString());
Map<String, String> metadata = response.getMetadata();
assertNotNull(metadata);
- assertEquals("UNKNOWN_PROBLEM", metadata.get("oauthError"));
+ assertEquals("MISSING_OAUTH_PARAMETER", metadata.get("oauthError"));
checkStringContains("oauthErrorText mismatch", metadata.get("oauthErrorText"),
"some vague error");
checkStringContains("oauthErrorText mismatch", metadata.get("oauthErrorText"),
@@ -1145,6 +1145,7 @@ public class OAuthRequestTest {
client.getBaseArgs().setRequestTokenSecret("garbage");
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL);
+
assertEquals("", response.getResponseAsString());
assertEquals(1, serviceProvider.getRequestTokenCount());
assertEquals(1, serviceProvider.getAccessTokenCount());
@@ -1457,11 +1458,11 @@ public class OAuthRequestTest {
MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app");
String tricky = "%6fpensocial_owner_id=gotcha";
HttpResponse resp = client.sendGet(FakeOAuthServiceProvider.RESOURCE_URL + '?' + tricky);
- assertEquals(OAuthError.INVALID_REQUEST.toString(),
+ assertEquals(OAuthError.INVALID_PARAMETER.name(),
resp.getMetadata().get(OAuthResponseParams.ERROR_CODE));
checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"),
- "invalid parameter name opensocial_owner_id, applications may not override opensocial " +
- "or oauth parameters");
+ "Invalid parameter name opensocial_owner_id, applications may not override " +
+ "oauth, xoauth, or opensocial parameters");
}
@Test
@@ -1469,11 +1470,11 @@ public class OAuthRequestTest {
MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app");
String tricky = "%6fpensocial_owner_id=gotcha";
HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, tricky);
- assertEquals(OAuthError.INVALID_REQUEST.toString(),
+ assertEquals(OAuthError.INVALID_PARAMETER.name(),
resp.getMetadata().get(OAuthResponseParams.ERROR_CODE));
checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"),
- "invalid parameter name opensocial_owner_id, applications may not override opensocial " +
- "or oauth parameters");
+ "Invalid parameter name opensocial_owner_id, applications may not override " +
+ "oauth, xoauth, or opensocial parameters");
}
@Test
@@ -1557,10 +1558,10 @@ public class OAuthRequestTest {
MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app");
HttpResponse resp =
client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL + "?opensocial_foo=bar", null);
- assertEquals(OAuthError.INVALID_REQUEST.toString(),
+ assertEquals(OAuthError.INVALID_PARAMETER.name(),
resp.getMetadata().get(OAuthResponseParams.ERROR_CODE));
checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"),
- "invalid parameter name opensocial_foo");
+ "Invalid parameter name opensocial_foo");
}
@Test
@@ -1568,10 +1569,10 @@ public class OAuthRequestTest {
MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app");
HttpResponse resp =
client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL + "?oauth_foo=bar", "name=value");
- assertEquals(OAuthError.INVALID_REQUEST.toString(),
+ assertEquals(OAuthError.INVALID_PARAMETER.name(),
resp.getMetadata().get(OAuthResponseParams.ERROR_CODE));
checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"),
- "invalid parameter name oauth_foo");
+ "Invalid parameter name oauth_foo");
}
@Test
@@ -1579,20 +1580,20 @@ public class OAuthRequestTest {
MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app");
HttpResponse resp =
client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "opensocial_foo=bar");
- assertEquals(OAuthError.INVALID_REQUEST.toString(),
+ assertEquals(OAuthError.INVALID_PARAMETER.name(),
resp.getMetadata().get(OAuthResponseParams.ERROR_CODE));
checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"),
- "invalid parameter name opensocial_foo");
+ "Invalid parameter name opensocial_foo");
}
@Test
public void testStripOAuthParamsFromBody() throws Exception {
MakeRequestClient client = makeSignedFetchClient("o", "v", "http://www.example.com/app");
HttpResponse resp = client.sendFormPost(FakeOAuthServiceProvider.RESOURCE_URL, "oauth_foo=bar");
- assertEquals(OAuthError.INVALID_REQUEST.toString(),
+ assertEquals(OAuthError.INVALID_PARAMETER.name(),
resp.getMetadata().get(OAuthResponseParams.ERROR_CODE));
checkStringContains("Wrong error text", resp.getMetadata().get("oauthErrorText"),
- "invalid parameter name oauth_foo");
+ "Invalid parameter name oauth_foo");
}
// Test we can refresh an expired access token.
@@ -1867,7 +1868,7 @@ public class OAuthRequestTest {
serviceProvider.setReturnNull(true);
MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL);
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
- assertEquals("UNKNOWN_PROBLEM", response.getMetadata().get("oauthError"));
+ assertEquals("MISSING_SERVER_RESPONSE", response.getMetadata().get("oauthError"));
assertEquals("", response.getResponseAsString());
String oauthErrorText = response.getMetadata().get("oauthErrorText");
checkStringContains("should say no response", oauthErrorText, "No response from server");
@@ -1876,7 +1877,7 @@ public class OAuthRequestTest {
checkStringContains("should log empty response", oauthErrorText, "Received response 1:\n\n");
checkLogContains("No response from server");
checkLogContains("GET /request?param=foo&opensocial_owner_id=owner");
- checkLogContains("OAuth error [UNKNOWN_PROBLEM, No response from server] for " +
+ checkLogContains("OAuth error [MISSING_SERVER_RESPONSE, No response from server] for " +
"application http://www.example.com/gadget.xml");
}
@@ -1886,7 +1887,7 @@ public class OAuthRequestTest {
new GadgetException(GadgetException.Code.FAILED_TO_RETRIEVE_CONTENT, "mildly wrong"));
MakeRequestClient client = makeNonSocialClient("owner", "owner", GADGET_URL);
HttpResponse response = client.sendGet(FakeOAuthServiceProvider.ACCESS_TOKEN_URL);
- assertEquals("UNKNOWN_PROBLEM", response.getMetadata().get("oauthError"));
+ assertEquals("MISSING_SERVER_RESPONSE", response.getMetadata().get("oauthError"));
assertEquals("", response.getResponseAsString());
String oauthErrorText = response.getMetadata().get("oauthErrorText");
checkStringContains("should say no response", oauthErrorText, "No response from server");
@@ -1895,7 +1896,7 @@ public class OAuthRequestTest {
checkStringContains("should log empty response", oauthErrorText, "Received response 1:\n\n");
checkLogContains("No response from server");
checkLogContains("GET /request?param=foo&opensocial_owner_id=owner");
- checkLogContains("OAuth error [UNKNOWN_PROBLEM, No response from server] for " +
+ checkLogContains("OAuth error [MISSING_SERVER_RESPONSE, No response from server] for " +
"application http://www.example.com/gadget.xml");
checkLogContains("GadgetException");
checkLogContains("mildly wrong");
@@ -1913,7 +1914,7 @@ public class OAuthRequestTest {
}
checkLogContains("OAuth fetch unexpected fatal erro");
checkLogContains("GET /request?param=foo&opensocial_owner_id=owner");
- checkLogContains("OAuth error [null, null] for " +
+ checkLogContains("OAuth error [very, very wrong] for " +
"application http://www.example.com/gadget.xml");
checkLogContains("RuntimeException");
checkLogContains("very, very wrong");
Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthResponseParamsTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthResponseParamsTest.java?rev=949098&r1=949097&r2=949098&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthResponseParamsTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/oauth/OAuthResponseParamsTest.java Fri May 28 05:09:08 2010
@@ -26,7 +26,6 @@ import org.apache.shindig.common.uri.Uri
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
import org.apache.shindig.gadgets.http.HttpResponseBuilder;
-import org.apache.shindig.gadgets.oauth.OAuthResponseParams.OAuthRequestException;
import org.easymock.EasyMock;
import static org.junit.Assert.assertEquals;
@@ -75,10 +74,10 @@ public class OAuthResponseParamsTest {
public void testAddParams() {
params.getNewClientState().setAccessToken("access");
params.setAznUrl("aznurl");
- params.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "whoa there cowboy");
+ OAuthRequestException e = new OAuthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "whoa there cowboy");
HttpResponseBuilder responseBuilder = new HttpResponseBuilder();
- params.addToResponse(responseBuilder);
+ params.addToResponse(responseBuilder, e);
HttpResponse response = responseBuilder.create();
assertEquals("BAD_OAUTH_CONFIGURATION", response.getMetadata().get("oauthError"));
String errorText = response.getMetadata().get("oauthErrorText");
@@ -90,20 +89,19 @@ public class OAuthResponseParamsTest {
@Test
public void testSendTraceToClient() {
- params.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "whoa there cowboy");
+ OAuthRequestException e = new OAuthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "whoa there cowboy");
params.addRequestTrace(null, null);
params.addRequestTrace(null, null);
- params.oauthRequestException(OAuthError.BAD_OAUTH_CONFIGURATION, "whoa there cowboy");
HttpResponseBuilder responseBuilder = new HttpResponseBuilder();
- params.addToResponse(responseBuilder);
+ params.addToResponse(responseBuilder, e);
HttpResponse response = responseBuilder.create();
String errorText = response.getMetadata().get("oauthErrorText");
assertEquals("whoa there cowboy", errorText);
params.setSendTraceToClient(true);
- params.addToResponse(responseBuilder);
+ params.addToResponse(responseBuilder, e);
response = responseBuilder.create();
errorText = response.getMetadata().get("oauthErrorText");
checkStringContains("includes error text", errorText, "whoa there cowboy");
@@ -114,7 +112,7 @@ public class OAuthResponseParamsTest {
@Test
public void testAddEmptyParams() {
HttpResponseBuilder responseBuilder = new HttpResponseBuilder();
- params.addToResponse(responseBuilder);
+ params.addToResponse(responseBuilder, null);
HttpResponse response = responseBuilder.create();
assertTrue(response.getMetadata().isEmpty());
}
@@ -152,19 +150,19 @@ public class OAuthResponseParamsTest {
HttpRequest req = new HttpRequest(Uri.parse("http://www"));
HttpResponse ok = new HttpResponseBuilder().setHttpStatusCode(200).create();
params.addRequestTrace(req, ok);
- OAuthRequestException e = params.oauthRequestException("error", "errorText");
+ OAuthRequestException e = new OAuthRequestException("error", "errorText");
checkStringContains(e.toString(), "[error,errorText]");
params.addRequestTrace(null, null);
Throwable cause = new RuntimeException();
- e = params.oauthRequestException(OAuthError.UNAUTHENTICATED, "errorText", cause);
- checkStringContains(e.toString(), "[UNAUTHENTICATED,errorText]");
+ e = new OAuthRequestException(OAuthError.UNAUTHENTICATED, "errorText", cause);
+ checkStringContains(e.toString(), "[UNAUTHENTICATED,Unauthenticated OAuth fetch]");
assertEquals(cause, e.getCause());
}
@Test
public void testNullSafe() {
params.addRequestTrace(null, null);
- params.oauthRequestException("error", "errorText");
+ new OAuthRequestException("error", "errorText");
params.logDetailedWarning("wow");
params.logDetailedWarning("new runtime", new RuntimeException());
}