You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by "Brian Eaton (JIRA)" <ji...@apache.org> on 2008/03/28 23:04:24 UTC
[jira] Created: (SHINDIG-159) OAuth support in Shindig
OAuth support in Shindig
------------------------
Key: SHINDIG-159
URL: https://issues.apache.org/jira/browse/SHINDIG-159
Project: Shindig
Issue Type: Bug
Components: Gadgets Server - Java
Reporter: Brian Eaton
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Brian Eaton <be...@google.com>.
On Thu, Apr 10, 2008 at 2:22 PM, Jeremy Mason
<ma...@googlemail.com> wrote:
> Thanks alot. I got it working with the echo web app. This is great.
>
> I needed to add a carriage return to oauth.xml and there is still that
> missing image. I might take a look at these.
There's a bug open for the missing image. I don't know about the
carriage return issue, it works for me. Please open up a JIRA issue
with reproduction steps, we should track the problem.
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Jeremy Mason <ma...@googlemail.com>.
Thanks alot. I got it working with the echo web app. This is great.
I needed to add a carriage return to oauth.xml and there is still that
missing image. I might take a look at these.
Jeremy
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Brian Eaton <be...@google.com>.
Hey Jeremy -
It's been submitted, you can get this working without applying any
patches at all.
Cheers,
Brian
On Wed, Apr 9, 2008 at 9:11 AM, Jeremy Mason
<ma...@googlemail.com> wrote:
> Hi,
>
> I'm struggling to get the patches working with merge issues. I'm not sure in
> which order and what baselines to use. Should I just wait til it's been
> submitted although I'm keen to try it out.
>
> baseline build of 644169
>
> apply full-oauth.patch
>
> revision 644611
>
> apply oauth-april-04.patch
>
> I'm fairly new to svn.
>
> Regards,
>
> Jeremy
>
> On Fri, Apr 4, 2008 at 4:11 PM, Brian Eaton (JIRA) <ji...@apache.org> wrote:
>
> >
> > [
>
>
> > https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585571#action_12585571]
> >
> > Brian Eaton commented on SHINDIG-159:
> > -------------------------------------
> >
> > Re: json.put(string, map). I think that would change the format of
> > the JSON object returned to the core.io javascript
> >
> >
> > > OAuth support in Shindig
> > > ------------------------
> > >
> > > Key: SHINDIG-159
> > > URL: https://issues.apache.org/jira/browse/SHINDIG-159
> > > Project: Shindig
> > > Issue Type: Bug
> > > Components: Gadgets Server - Java
> > > Reporter: Brian Eaton
> > > Attachments: full-oauth.patch, oauth-april-03-11am.patch,
> > oauth-april-04.patch
> > >
> > >
> >
> >
> > --
> > This message is automatically generated by JIRA.
> > -
> > You can reply to this email to add a comment to the issue online.
> >
> >
>
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Jeremy Mason <ma...@googlemail.com>.
Hi,
I'm struggling to get the patches working with merge issues. I'm not sure in
which order and what baselines to use. Should I just wait til it's been
submitted although I'm keen to try it out.
baseline build of 644169
apply full-oauth.patch
revision 644611
apply oauth-april-04.patch
I'm fairly new to svn.
Regards,
Jeremy
On Fri, Apr 4, 2008 at 4:11 PM, Brian Eaton (JIRA) <ji...@apache.org> wrote:
>
> [
> https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585571#action_12585571]
>
> Brian Eaton commented on SHINDIG-159:
> -------------------------------------
>
> Re: json.put(string, map). I think that would change the format of
> the JSON object returned to the core.io javascript
>
>
> > OAuth support in Shindig
> > ------------------------
> >
> > Key: SHINDIG-159
> > URL: https://issues.apache.org/jira/browse/SHINDIG-159
> > Project: Shindig
> > Issue Type: Bug
> > Components: Gadgets Server - Java
> > Reporter: Brian Eaton
> > Attachments: full-oauth.patch, oauth-april-03-11am.patch,
> oauth-april-04.patch
> >
> >
>
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Kevin Brown <et...@google.com>.
On Thu, Apr 3, 2008 at 10:34 AM, Brian Eaton (JIRA) <ji...@apache.org> wrote:
>
> [
> https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585202#action_12585202]
>
> Brian Eaton commented on SHINDIG-159:
> -------------------------------------
>
> Wow. Remind me not to use e-mail to respond to JIRA comments any more.
> Somewhere along the way the comments I was replying too got lost.
>
> To summarize the major changes in this revision:
>
> - created a generic mechanism for chained fetchers to append JSON to
> responses. ProxyHandler now knows almost nothing about OAuth, which is
> good, but it also makes it harder for someone to tell where these magic JSON
> values get created.
>
> - moved bootstrapping of consumer keys and secrets. It was done in
> OAuthFetcher. Now it's in BasicGadgetOAuthTokenStore, to make it clearer
> that this is more suitable for a quick demo than production code. (We fetch
> and parse every OAuth gadget spec when the server starts. It doesn't
> scale.)
>
> I've also addressed your formatting/style requests, I think. Let me know
> if I misunderstood.
>
> Quick explanation of the storage of oauth tokens (this is all Dirk's code,
> by the way...)
>
> OAuthStore: most basic interface for storing OAuth tokens. Everybody will
> need to hook this up to their persistent store.
>
> BasicOAuthStore: in memory implementation of OAuthStore. Useful for demos
> and testing, not production.
>
> GadgetOAuthTokenStore: adds functionality on top of an OAuthStore, such as
> moving metadata from gadget specs into the OAuthStore. This code is
> intended for production use.
>
> BasicGadgetOAuthTokenStore: subclass of GadgetOAuthTokenStore that
> bootstraps a store based on the config/oauth.js file. Not intended for
> production use, but useful for demos and testing.
* blink blink*
ohhhhhh, now I get it. I thought the intent was for some of this stuff to
actually be used on real sites. I guess we'll still have more work to do to
facilitate integrators wiring this up for real.
>
>
> > OAuth support in Shindig
> > ------------------------
> >
> > Key: SHINDIG-159
> > URL: https://issues.apache.org/jira/browse/SHINDIG-159
> > Project: Shindig
> > Issue Type: Bug
> > Components: Gadgets Server - Java
> > Reporter: Brian Eaton
> > Attachments: full-oauth.patch
> >
> >
>
>
> --
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>
>
--
~Kevin
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585395#action_12585395 ]
Kevin Brown commented on SHINDIG-159:
-------------------------------------
Sorry for the late comments.
This looks great, but I think the "getExtraJson" should actually be a Map that is returned and not always JSON. This makes this a bit more flexible for other uses besides the Proxy.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Eaton updated SHINDIG-159:
--------------------------------
Attachment: oauth-april-03-11am.patch
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12583214#action_12583214 ]
Brian Eaton commented on SHINDIG-159:
-------------------------------------
Half of this code (the persistence layer) is from Dirk Balfanz. This will need (yet another) merge post-Guice and RemoteContentFetcher refactoring.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: hellmerge.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Eaton updated SHINDIG-159:
--------------------------------
Attachment: full-oauth.patch
OK, done merging with Guice and RemoteContentFetcher refactoring.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Eaton updated SHINDIG-159:
--------------------------------
Attachment: (was: hellmerge.patch)
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (SHINDIG-159) OAuth support in Shindig
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Kevin Brown closed SHINDIG-159.
-------------------------------
Resolution: Fixed
All patches applied now. Thanks guys!
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadget Rendering Server (Java)
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, new.tgz, oauth-april-03-11am.patch, oauth-april-04.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Eaton updated SHINDIG-159:
--------------------------------
Attachment: new.tgz
Sweet. This is working, and it got submitted just in time to avoid merges with other recent changes to ProxyHandler and io.js.
One image file got missed in the submission, causing a broken image tag in the oauth example gadget. svn diff doesn't deal with binary files.
I'm attaching a tar ball with the image.
(The image is from Google reader. I'm not 100% certain the Mozilla license for the previous image is compatible with Apache, but know we can release the google reader image.)
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, new.tgz, oauth-april-03-11am.patch, oauth-april-04.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585399#action_12585399 ]
Brian Eaton commented on SHINDIG-159:
-------------------------------------
I went with JSON on the grounds that at some point someone might want
to stick something more complex than name/value pairs in there. I'll
switch to Map<String, String> for now, and we'll see where things go.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585026#action_12585026 ]
Kevin Brown commented on SHINDIG-159:
-------------------------------------
Some general comments. Since we don't have a decent review system I'll just put them all here. I'm sure half of these are just because of merge conflicts vs your previous patch.
A bunch of these lines go past 80 columns. For shame.
OAuthStoreImpl is a weird name. DefaultOAuthStore maybe? (I have a TODO to rename any Basic* class that is actually suitable for most deployments to Default*, and reserve Basic* for things that really aren't useful for real sites).
GadgetTokenStore doesn't appear to have anything to do with the other "GadgetToken". This confused me. Would OAuthTokenStore be more appropriate?
You can replace this ugly bit:
for (Iterator<?> i = oauthConfig.keys(); i.hasNext();) {
with:
for (String key : JSONObject.getNames(oauthConfig))
In general I think we should move more towards a hierarchy of exceptions and not rely on the ever-growing enumerations in GadgetException. It looks like you've done a mix here. Any particular reason?
It's not clear to me what the oauth feature.xml is for -- it appears to just be empty. feature.xml files are really only there for cases where there's js code that needs to be triggered. Is this just to allow you to use <Require feature="oauth"> without getting an error ? If so, it's probably fine until we have oauth support fully baked into the standard. You could also technically do an <Optional feature="oauth"> here and it would work without the dummy xml file, which would probably be a better choice anyway to maximize portability.
I'm thinking that the oauth config should be moved to the syndicator config, under the "oauth" key. Not really much value in having a separate file here, and the syndicator config can be injected. I recently patched syndicator config to let you do xpath-like querying so you can do stuff like config.get("foo/bar/baz") on nested config data. It's pretty useful. This makes it easier to support development and production configs simultaneously.
What's with this line? Obfuscated java contest? :)
String message = new StringBuilder()
.append("gadget spec is missing oauth feature section")
.toString();
Why is OAuthFetcherFactory taking a GadgetSpecFetcher annotated RemoteContentFetcher? It shouldn't be fetching specs. You probably just want the stock fetcher for this. Actually, it looks like you never even use this, so you can probably just remove it.
It seems like the ProxyHandler is dealing with too many oauth-specific details (and that fetcher "chain" isn't really a chain..it's just holding two objects together from what I can see). It seems like it would be better to have the OAuthFetcher return some headers and extract those in a generic way. I can see that functionality being generically useful for other fetcher types as well, like caches. We don't want to return all headers in the json response (most are meaningless and just increase latency), but maybe we could annotate them with something like "X-shindig-" and then we'd have a convenient way to propagate messages from fetchers back up the chain without making ProxyHandler aware of specific nuances of individual fetcher types.
I think "https" isn't actually supported by our current ad-hoc http client. If we replace that with the apache commons http client in BasicRemoteContentFetcher though, we should be good.
Uh....there's some other minor stuff, but code reviews of patch files sucks. Where's that damned review board setup when I need it?
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585202#action_12585202 ]
Brian Eaton commented on SHINDIG-159:
-------------------------------------
Wow. Remind me not to use e-mail to respond to JIRA comments any more. Somewhere along the way the comments I was replying too got lost.
To summarize the major changes in this revision:
- created a generic mechanism for chained fetchers to append JSON to responses. ProxyHandler now knows almost nothing about OAuth, which is good, but it also makes it harder for someone to tell where these magic JSON values get created.
- moved bootstrapping of consumer keys and secrets. It was done in OAuthFetcher. Now it's in BasicGadgetOAuthTokenStore, to make it clearer that this is more suitable for a quick demo than production code. (We fetch and parse every OAuth gadget spec when the server starts. It doesn't scale.)
I've also addressed your formatting/style requests, I think. Let me know if I misunderstood.
Quick explanation of the storage of oauth tokens (this is all Dirk's code, by the way...)
OAuthStore: most basic interface for storing OAuth tokens. Everybody will need to hook this up to their persistent store.
BasicOAuthStore: in memory implementation of OAuthStore. Useful for demos and testing, not production.
GadgetOAuthTokenStore: adds functionality on top of an OAuthStore, such as moving metadata from gadget specs into the OAuthStore. This code is intended for production use.
BasicGadgetOAuthTokenStore: subclass of GadgetOAuthTokenStore that bootstraps a store based on the config/oauth.js file. Not intended for production use, but useful for demos and testing.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585571#action_12585571 ]
Brian Eaton commented on SHINDIG-159:
-------------------------------------
Re: json.put(string, map). I think that would change the format of
the JSON object returned to the core.io javascript
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch, oauth-april-04.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Kevin Brown <et...@google.com>.
On Thu, Apr 3, 2008 at 4:38 PM, Santiago Gala <sa...@gmail.com>
wrote:
> Moved out of JIRA and into the list
>
> El jue, 03-04-2008 a las 15:39 -0700, Kevin Brown (JIRA) escribió:
> > [
> https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585330#action_12585330]
> >
> > Kevin Brown commented on SHINDIG-159:
> > -------------------------------------
> >
> > I think shindig's policy on whitespace should be summary execution of
> > anyone who uses tabs (especially if they mix tabs and spaces). Not
> > sure if this runs afowl of The Apache Way, though :)
> >
>
> I don't think there is a unique "Apache Way" for tabs vs spaces (I think
> mixing them is taboo for both camps). I just looked for " $" and " \t"
> until nothing new happened, basically killing spaces at EOL and spaces
> before tabs. I prefer spaces only too, but a lot of people uses tabs.
Oh, I don't mean if using tabs is the Apache Way, I was wondering if
executing people for using tabs was the Apache Way. If not, I'd like to
propose it :)
--
~Kevin
Re: [jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by Santiago Gala <sa...@gmail.com>.
Moved out of JIRA and into the list
El jue, 03-04-2008 a las 15:39 -0700, Kevin Brown (JIRA) escribió:
> [ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585330#action_12585330 ]
>
> Kevin Brown commented on SHINDIG-159:
> -------------------------------------
>
> I think shindig's policy on whitespace should be summary execution of
> anyone who uses tabs (especially if they mix tabs and spaces). Not
> sure if this runs afowl of The Apache Way, though :)
>
I don't think there is a unique "Apache Way" for tabs vs spaces (I think
mixing them is taboo for both camps). I just looked for " $" and " \t"
until nothing new happened, basically killing spaces at EOL and spaces
before tabs. I prefer spaces only too, but a lot of people uses tabs.
We have a big 2676 lines with tabs, mostly (if not all), .js and .php
files. In both types it is common the use of tabs.
http://github.com/sgala/apache-incubator-shindig/commit/whitespaces
shows the lines (though github is not showing the spaces separately).
Committing it would probably give conflicts to other people, and I don't
think it is worth it.
Regards
Santiago
> > OAuth support in Shindig
> > ------------------------
> >
> > Key: SHINDIG-159
> > URL: https://issues.apache.org/jira/browse/SHINDIG-159
> > Project: Shindig
> > Issue Type: Bug
> > Components: Gadgets Server - Java
> > Reporter: Brian Eaton
> > Attachments: full-oauth.patch, oauth-april-03-11am.patch
> >
> >
>
>
--
Santiago Gala
http://memojo.com/~sgala/blog/
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585330#action_12585330 ]
Kevin Brown commented on SHINDIG-159:
-------------------------------------
I think shindig's policy on whitespace should be summary execution of anyone who uses tabs (especially if they mix tabs and spaces). Not sure if this runs afowl of The Apache Way, though :)
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Eaton updated SHINDIG-159:
--------------------------------
Attachment: hellmerge.patch
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: hellmerge.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Eaton updated SHINDIG-159:
--------------------------------
Attachment: oauth-april-04.patch
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch, oauth-april-04.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Kevin Brown (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585416#action_12585416 ]
Kevin Brown commented on SHINDIG-159:
-------------------------------------
json.put(string, map) is supported as well so you don't have to iterate over the keys.
Anyway this is just minor nit picky stuff. I think the patch is great...I'm a little swamped right now, but I'll try to get it committed ASAP.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch, oauth-april-04.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585013#action_12585013 ]
Brian Eaton commented on SHINDIG-159:
-------------------------------------
Hmm. The new.gif file may not show up in the output of svn diff properly. I got that file from here: http://developer.mozilla.org/wiki-images/en/9/93/new.gif
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Santiago Gala (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585323#action_12585323 ]
Santiago Gala commented on SHINDIG-159:
---------------------------------------
I pushed the second patch, via git, to http://github.com/sgala/apache-incubator-shindig/commit/01f01f7ccbb346ae532ae6b2663db8f239053d9f in case you are interested. It allows anchoring per line, as in
http://github.com/sgala/apache-incubator-shindig/commit/01f01f7ccbb346ae532ae6b2663db8f239053d9f#L28R151
and, if you are git users, the use of diff --color and other nice tricks locally.
I have also a whitespace cleanup patch, done by killing spaces at EOL and space+tab pairs, in the "whitespace" branch at github. As it is very intrusive I'd probably put is in a ticket so that people can test it without getting the nasty merge conflicts, which I'm seeing often on it.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch, oauth-april-03-11am.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (SHINDIG-159) OAuth support in Shindig
Posted by "Brian Eaton (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/SHINDIG-159?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12585148#action_12585148 ]
Brian Eaton commented on SHINDIG-159:
-------------------------------------
My continuous refrain in this reply will be "It's dirk's fault." I'm
going to say that even if he was nowhere near the code in question.
Will fix. It's dirk's fault.
OAuthStoreImpl should be BasicOAuthStore, then. It stores access
tokens in memory, so they end up vanishing on restart.
I think we should ban the word token from all code. We could replace
it with "thingy" and it would be equally communicative. Will fix.
Dirk's fault, will fix.
Multiple authors. Will fix to use hierarchy of exceptions.
Neat idea, I'll try it. OAuth isn't really "optional" for that gadget, though.
The syndicator config seems useful in real sites today, where as the
oauth.js needs several lines per OAuth using gadget. I wouldn't
recommend oauth.js to real sites, so I'd rather it wasn't in the
syndicator file.
Dirk's fault, will fix.
We need to fetch specs. There is data in them that is necessary to
prime the (soon to be renamed) GadgetTokenStore.
I think in the real world the token store will probably be filled by
either a directory or a container, that's why there is a protected
constructor to OAuthFetcherFactory that doesn't do the spec fetching.
It's really a chain, the OAuthFetcher uses the next fetcher in the
chain. However, there is extra information from the OAuthFetcher that
needs to be propagated back to the client (even for successful OAuth
fetches). I need some mechanism to get that data back, and peeking at
the OAuthFetcher seems to be the shortest distance between point A and
point B.
Probably shouldn't be HTTP headers, because then we can confuse data
sent from remote servers with information generated within Shindig.
Mixing control and data channels is not a good idea.
I'm skeptical of trying to make this more general without another
concrete example of a fetcher that needs to insert new fields in the
JSON response.
Heh. https just works. =)
OK, thanks for the feedback. I'll fix up most of the things you
mentioned and then we can take another swing at it.
> OAuth support in Shindig
> ------------------------
>
> Key: SHINDIG-159
> URL: https://issues.apache.org/jira/browse/SHINDIG-159
> Project: Shindig
> Issue Type: Bug
> Components: Gadgets Server - Java
> Reporter: Brian Eaton
> Attachments: full-oauth.patch
>
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.