You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@wookie.apache.org by hm...@apache.org on 2012/10/25 22:19:38 UTC

svn commit: r1402319 - in /incubator/wookie/trunk: WebContent/WEB-INF/ features/oauth/ features/oauth/web/ src/org/apache/wookie/feature/oauth/

Author: hmt
Date: Thu Oct 25 20:19:37 2012
New Revision: 1402319

URL: http://svn.apache.org/viewvc?rev=1402319&view=rev
Log:
Improve implicit, adding authorization code grant profile for oauth feature

Added:
    incubator/wookie/trunk/features/oauth/web/authz-code.jsp   (with props)
Modified:
    incubator/wookie/trunk/WebContent/WEB-INF/web.xml
    incubator/wookie/trunk/features/oauth/oauth.js
    incubator/wookie/trunk/features/oauth/web/implicit.jsp
    incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
    incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java

Modified: incubator/wookie/trunk/WebContent/WEB-INF/web.xml
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/WEB-INF/web.xml?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/WebContent/WEB-INF/web.xml (original)
+++ incubator/wookie/trunk/WebContent/WEB-INF/web.xml Thu Oct 25 20:19:37 2012
@@ -280,6 +280,10 @@
 		<servlet-name>TokenHandler</servlet-name>
 		<url-pattern>/features/oauth/implicit</url-pattern>
 	</servlet-mapping>
+	<servlet-mapping>
+		<servlet-name>TokenHandler</servlet-name>
+		<url-pattern>/features/oauth/authz-code</url-pattern>
+	</servlet-mapping>
 
 	<welcome-file-list>
 		<welcome-file>index.html</welcome-file>

Modified: incubator/wookie/trunk/features/oauth/oauth.js
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/oauth.js?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/features/oauth/oauth.js (original)
+++ incubator/wookie/trunk/features/oauth/oauth.js Thu Oct 25 20:19:37 2012
@@ -17,6 +17,7 @@ oAuth = new function OAuth() {
 	this.status = null; // null: init, O: not being authenticated, F: authentication failed, A: authenticated
 	this.oauthParams = new Object();
 	this.authCallback = null;
+	this.popup = null;
 	
 	this.init = function() {
 		var info = new Object();
@@ -43,33 +44,35 @@ oAuth = new function OAuth() {
 	this.finishAuthProcess = function(error_code, p1, p2) {
 		var jResult = new Object();
 		if (error_code == 'success') {
-			oAuth.initAccessToken(p1, p2);
-			jResult['error'] = 'success'; 
+			// set access token to member variables
+			oAuth.setAccessToken(p1);
+			// update to db if persist type
+			if (oAuth.oauthParams['persist'] != 'false') {
+				OAuthConnector.updateToken(
+						'id_key=' + widget.instanceid_key + '&access_token=' + p1 + '&expires_in=' + p2, 
+						{callback: function(result) {
+							return;
+						}, async: false});
+			}
+			jResult['error'] = 'success';
+			if (oAuth.popup != null) oAuth.popup.close();
 		} else {
 			jResult['error'] = error_code;
 			jResult['desc'] = p1;
-		}
-		if (oAuth.authCallback != null)
-			oAuth.authCallback(jResult);
-	}
-	
-	this.initAccessToken = function(access_token, expires) {
-		// update to db if persist type
-		if (oAuth.oauthParams['persist'] != 'false') {
-			OAuthConnector.updateToken(
-					'id_key=' + widget.instanceid_key + '&access_token=' + access_token + '&expires_in=' + expires, 
-					{callback: function(result) {
-						return;
-					}, async: false});
+			if (oAuth.authCallback != null && oAuth.popup != null)
+				oAuth.popup.close();
 		}
 		
-		// set access token to member variables
-		oAuth.setAccessToken(access_token);
+		if (oAuth.authCallback != null) {
+			window.setTimeout(function() { 
+				oAuth.authCallback(jResult);
+			}, 5);
+		}
 	}
 	
-	this.setAccessToken = function(token_info) {
-		if (token_info != 'invalid') {
-			oAuth.access_token = token_info;
+	this.setAccessToken = function(token) {
+		if (token != 'invalid') {
+			oAuth.access_token = token;
 			oAuth.status = 'A';
 		} else { 
 			oAuth.status = 'O';			
@@ -97,22 +100,28 @@ oAuth = new function OAuth() {
 		
 		// check oauth profile
 		if (typeof oAuth.oauthParams['profile'] != 'undefined') {
-			if (oAuth.oauthParams['profile'] != 'implicit') {
+			if (oAuth.oauthParams['profile'] != 'implicit' && oAuth.oauthParams['profile'] != 'authorization code') {
 				alert(oAuth.oauthParams['profile'] + ' is not supported in this version');
 				return;
 			}
 		}
 		// show popup window
-		var url = oAuth.oauthParams['authzServer'] + 
-			'?response_type=token&client_id=' + oAuth.oauthParams['clientId'] + 
+		var url = oAuth.oauthParams['authzServer'];
+		if (oAuth.oauthParams['profile'] == 'implicit') {
+			url += '?response_type=token&client_id=' + oAuth.oauthParams['clientId'] + 
 			'&redirect_uri=' + oAuth.oauthParams['redirectUri'];
+		} else if (oAuth.oauthParams['profile'] == 'authorization code') {
+			url += '?response_type=code&client_id=' + oAuth.oauthParams['clientId'] + 
+			'&redirect_uri=' + oAuth.oauthParams['redirectUri'];			
+		}
+
 		if (typeof oAuth.oauthParams['scope'] != 'undefined') {
 			url += '&scope=' + oAuth.oauthParams['scope']; 
 		}
 		
 		this.authCallback = fCallback;
 		
-		window.open(url, 'Authorization request', 
+		oAuth.popup = window.open(url, 'Authorization request', 
 				'width=' + oAuth.oauthParams['popupWidth'] + ', height=' + oAuth.oauthParams['popupHeight']);
 	}
 	
@@ -130,8 +139,7 @@ oAuth = new function OAuth() {
 		} else if (oAuth.status == 'A') {
 			document.getElementById(container_id).innerHTML = 'Authenticated';
 		}
-	}
-	
+	}	
 }
 
 oAuth.init();

Added: incubator/wookie/trunk/features/oauth/web/authz-code.jsp
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/web/authz-code.jsp?rev=1402319&view=auto
==============================================================================
Binary file - no diff available.

Propchange: incubator/wookie/trunk/features/oauth/web/authz-code.jsp
------------------------------------------------------------------------------
    svn:mime-type = application/xml

Modified: incubator/wookie/trunk/features/oauth/web/implicit.jsp
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/web/implicit.jsp?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
Binary files - no diff available.

Modified: incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java (original)
+++ incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java Thu Oct 25 20:19:37 2012
@@ -1,3 +1,20 @@
+/*
+ * 
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ * 
+ */
+
 package org.apache.wookie.feature.oauth;
 
 import java.io.IOException;
@@ -28,6 +45,8 @@ public class TokenHandler extends HttpSe
 		String context = request.getRequestURI();
 		if (context.endsWith("implicit")) {
 			request.getRequestDispatcher("/features/oauth/web/implicit.jsp").forward(request, response);
+		} else if (context.endsWith("authz-code")) {
+			request.getRequestDispatcher("/features/oauth/web/authz-code.jsp").forward(request, response);
 		}
 	}
 
@@ -39,3 +58,4 @@ public class TokenHandler extends HttpSe
 	}	
 }
 
+

Modified: incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
URL: http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java (original)
+++ incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java Thu Oct 25 20:19:37 2012
@@ -23,17 +23,12 @@ import java.util.HashMap;
 import java.util.Map;
 import java.util.StringTokenizer;
 
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.wookie.Messages;
 import org.apache.wookie.beans.IOAuthToken;
 import org.apache.wookie.w3c.IParam;
 import org.apache.wookie.beans.IWidgetInstance;
 import org.apache.wookie.beans.util.IPersistenceManager;
 import org.apache.wookie.beans.util.PersistenceManagerFactory;
 import org.apache.wookie.feature.IFeature;
-import org.apache.wookie.server.LocaleHandler;
-import org.directwebremoting.WebContextFactory;
 
 public class oAuthClient implements IFeature {
 
@@ -89,26 +84,29 @@ public class oAuthClient implements IFea
 		
 		IPersistenceManager persistenceManager = PersistenceManagerFactory.getPersistenceManager();
 		IWidgetInstance widgetInstance = persistenceManager.findWidgetInstanceByIdKey(idKey);
-		HttpServletRequest request = WebContextFactory.get().getHttpServletRequest();
-		Messages localizedMessages = LocaleHandler.localizeMessages(request);		
-		if(widgetInstance==null) {
-			return localizedMessages.getString("WidgetAPIImpl.0"); //$NON-NLS-1$
+
+		if (widgetInstance==null) {
+			return "invalid";
 		}
 
 		Map<String, String> oAuthParams = queryXMLParams(idKey);
 		if (oAuthParams == null) {
-			return localizedMessages.getString("WidgetAPIImpl.0"); //$NON-NLS-1$			
+			return "invalid";			
 		}
 		
 		IOAuthToken oauthToken = persistenceManager.findOAuthToken(widgetInstance);
 		if (oauthToken == null) oauthToken = persistenceManager.newInstance(IOAuthToken.class);
-		oauthToken.setAccessToken(params.get("access_token"));
-		oauthToken.setExpires(System.currentTimeMillis() + 1000 * Integer.parseInt(params.get("expires_in")));
-		oauthToken.setClientId(oAuthParams.get("clientId"));
-		oauthToken.setAuthzUrl(oAuthParams.get("authzServer"));
-		oauthToken.setWidgetInstance(widgetInstance);
-		persistenceManager.save(oauthToken);
-		return oauthToken.getAccessToken();
+		try {
+			oauthToken.setAccessToken(params.get("access_token"));
+			oauthToken.setExpires(System.currentTimeMillis() + 1000 * Integer.parseInt(params.get("expires_in")));
+			oauthToken.setClientId(oAuthParams.get("clientId"));
+			oauthToken.setAuthzUrl(oAuthParams.get("authzServer"));
+			oauthToken.setWidgetInstance(widgetInstance);
+			persistenceManager.save(oauthToken);
+			return oauthToken.getAccessToken();
+		} catch (Exception ex) {
+			return "invalid";
+		}
 	}
 	
 	public Map<String, String> queryXMLParams(String idKey) {
@@ -149,11 +147,15 @@ public class oAuthClient implements IFea
 			
 			if ("implicit".equals(oAuthParamMap.get("profile"))) 
 				url += "%2Ffeatures%2Foauth%2Fimplicit";
+			else if ("authorization code".equals(oAuthParamMap.get("profile")))
+				url += "%2Ffeatures%2Foauth%2Fauthz-code";
 			else 
 				url += "%2Ffeatures%2Foauth%2Fother";
 		} catch (UnsupportedEncodingException e) {
 			if ("implicit".equals(oAuthParamMap.get("profile")))
 				url += "/features/oauth/implicit";
+			else if ("authorization code".equals(oAuthParamMap.get("profile")))
+				url += "/features/oauth/authz-code";
 			else 
 				url += "/features/oauth/other";
 		}
@@ -181,3 +183,4 @@ public class oAuthClient implements IFea
 		return result;
 	}
 }
+