You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by ch...@apache.org on 2008/05/23 02:19:25 UTC

svn commit: r659325 - in /incubator/shindig/trunk/php/src/gadgets: http/SigningFetcherFactory.php oauth/BasicGadgetOAuthTokenStore.php

Author: chabotc
Date: Thu May 22 17:19:24 2008
New Revision: 659325

URL: http://svn.apache.org/viewvc?rev=659325&view=rev
Log:
enabled cache on SigningFetcherFactory, and fixed BasicGadgetOAuthTokenStore.. md5(url) wasnt a unique cache key and was causing all kinds of nasties

Modified:
    incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
    incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php

Modified: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=659325&r1=659324&r2=659325&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php Thu May 22 17:19:24 2008
@@ -23,8 +23,8 @@
  */
 class SigningFetcherFactory {
     private $keyName;
-    private $privateKey;
-
+    private $privateKey;
+
 	/**
 	 * Produces a signing fetcher that will sign requests and delegate actual
 	 * network retrieval to the {@code networkFetcher}
@@ -33,54 +33,54 @@
 	 * @param token The gadget token used for extracting signing parameters.
 	 * @return The signing fetcher.
 	 * @throws GadgetException
-	 */
-	public function getSigningFetcher($networkFetcher, $token)
-	{
-		return SigningFetcher::makeFromB64PrivateKey($networkFetcher, $token, $this->keyName, $this->privateKey);
-	}
-
+	 */
+	public function getSigningFetcher($networkFetcher, $token)
+	{
+		return SigningFetcher::makeFromB64PrivateKey($networkFetcher, $token, $this->keyName, $this->privateKey);
+	}
+
 	/**
 	 * @param keyFile The file containing your private key for signing requests.
-	 */
-	public function __construct($keyFile = null)
-	{
-		$this->keyName = 'http://'.$_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
-		if (! empty($keyFile)) {
-			$privateKey = null;
-			try {
-				// check if the converted from PKCS8 key is in cache, if not, convert it
-				$cache = Config::get('data_cache');
-				$cache = new $cache();
-				if (0 && $cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this->keyName)) !== false) {
-					$rsa_private_key = $cachedKey;
-				} else {
-					if (! $rsa_private_key = @file_get_contents($keyFile)) {
-						throw new Exception("Could not read keyfile ($keyFile), check the file name and permission");
-					}
-					// TODO: sending NULL as a second param to openssl_pkey_get_private works?
-					$phrase = Config::get('private_key_phrase') != '' ? (Config::get('private_key_phrase')) : null;
-					if (($privateKey = @openssl_pkey_get_private($rsa_private_key, $phrase)) == false) {
-						//TODO: double check if can input keyfile -inform PEM
-						if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
-							throw new Exception("Could not create temporary file");
-						}
-						if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
-							throw new Exception("Could not write to temporary file");
-						}
-						if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
-							throw new Exception("Could not create temporary file");
-						}
-						exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
-						if (! $rsa_private_key = @file_get_contents($out)) {
-							throw new Exception("Could not read temporary file");
-						}
-					}
-					$cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName), $rsa_private_key);
-				}
-			} catch (Exception $e) {
-				throw new Exception("Error loading private key: " . $e);
-			}
-			$this->privateKey = $rsa_private_key;
-		}
-	}
+	 */
+	public function __construct($keyFile = null)
+	{
+		$this->keyName = 'http://'.$_SERVER["HTTP_HOST"].Config::get('web_prefix').'/public.crt';
+		if (! empty($keyFile)) {
+			$privateKey = null;
+			try {
+				// check if the converted from PKCS8 key is in cache, if not, convert it
+				$cache = Config::get('data_cache');
+				$cache = new $cache();
+				if (($cachedKey = $cache->get(md5("RSA_PRIVATE_KEY_" . $this->keyName))) !== false) {
+					$rsa_private_key = $cachedKey;
+				} else {
+					if (! $rsa_private_key = @file_get_contents($keyFile)) {
+						throw new Exception("Could not read keyfile ($keyFile), check the file name and permission");
+					}
+					// TODO: sending NULL as a second param to openssl_pkey_get_private works?
+					$phrase = Config::get('private_key_phrase') != '' ? (Config::get('private_key_phrase')) : null;
+					if (($privateKey = @openssl_pkey_get_private($rsa_private_key, $phrase)) == false) {
+						//TODO: double check if can input keyfile -inform PEM
+						if (! $in = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
+							throw new Exception("Could not create temporary file");
+						}
+						if (! @file_put_contents($in, base64_decode($rsa_private_key))) {
+							throw new Exception("Could not write to temporary file");
+						}
+						if (! $out = @tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
+							throw new Exception("Could not create temporary file");
+						}
+						exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
+						if (! $rsa_private_key = @file_get_contents($out)) {
+							throw new Exception("Could not read temporary file");
+						}
+					}
+					$cache->set(md5("RSA_PRIVATE_KEY_" . $this->keyName), $rsa_private_key);
+				}
+			} catch (Exception $e) {
+				throw new Exception("Error loading private key: " . $e);
+			}
+			$this->privateKey = $rsa_private_key;
+		}
+	}
 }

Modified: incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=659325&r1=659324&r2=659325&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php Thu May 22 17:19:24 2008
@@ -18,95 +18,92 @@
  * under the License.
  */
 
-class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
-	
-	/** default location for consumer keys and secrets */
-	private $OAUTH_CONFIG = "../config/oauth.json";
-	private $CONSUMER_SECRET_KEY = "consumer_secret";
-	private $CONSUMER_KEY_KEY = "consumer_key";
-	private $KEY_TYPE_KEY = "key_type";
-
-	public function __construct($store)
-	{
-		parent::__construct($store);
-	}
-
-	public function initFromConfigFile($fetcher)
-	{
+class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
+	
+	/** default location for consumer keys and secrets */
+	private $OAUTH_CONFIG = "../config/oauth.json";
+	private $CONSUMER_SECRET_KEY = "consumer_secret";
+	private $CONSUMER_KEY_KEY = "consumer_key";
+	private $KEY_TYPE_KEY = "key_type";
+
+	public function __construct($store)
+	{
+		parent::__construct($store);
+	}
+
+	public function initFromConfigFile($fetcher)
+	{
 		// Read our consumer keys and secrets from config/oauth.js
 		// This actually involves fetching gadget specs
-		try {
-			$oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
-			
+		try {
+			$oauthConfigStr = file_get_contents($this->OAUTH_CONFIG);
+			
 			// remove all comments because this confuses the json parser
 			// note: the json parser also crashes on trailing ,'s in records so please don't use them
-			$contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '', $oauthConfigStr);
-			$oauthConfig = json_decode($contents, true);
-			foreach ($oauthConfig as $gadgetUri => $value) {
-				$this->storeProviderInfos($fetcher, $gadgetUri);
-				$this->storeConsumerInfos($gadgetUri, $value);
-			}
-		} catch (Exception $e) {
-			throw new GadgetException($e);
-		}
-	}
-
-	private function storeProviderInfos($fetcher, $gadgetUri)
-	{
-		$cache = Config::get('data_cache');
-		$cache = new $cache();
-		
+			$contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@', '', $oauthConfigStr);
+			$oauthConfig = json_decode($contents, true);
+			foreach ($oauthConfig as $gadgetUri => $value) {
+				$this->storeProviderInfos($fetcher, $gadgetUri);
+				$this->storeConsumerInfos($gadgetUri, $value);
+			}
+		} catch (Exception $e) {
+			throw new GadgetException($e);
+		}
+	}
+
+	private function storeProviderInfos($fetcher, $gadgetUri)
+	{
+		$cache = Config::get('data_cache');
+		$cache = new $cache();		
 		// determine which requests we can load from cache, and which we have to actually fetch
-		if (($cachedRequest = $cache->get(md5($gadgetUri))) !== false) {
-			$gadget = $cachedRequest;
-		} else {
-			$remoteContentRequest = new RemoteContentRequest($gadgetUri);
-			$remoteContentRequest->getRequest($gadgetUri, false);
-			$response = $fetcher->fetchRequest($remoteContentRequest);
-			$context = new ProxyGadgetContext($gadgetUri);
-			$spec = new GadgetSpecParser();
-			$gadget = $spec->parse($response->getResponseContent(), $context);
-			$cache->set(md5($gadgetUri), $gadget);
-		}
-		parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
-	}
-
-	private function storeConsumerInfos($gadgetUri, $oauthConfig)
-	{
-		foreach ($oauthConfig as $key => $value) {
-			$serviceName = $key;
-			$consumerInfo = $value;
-			$this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
-		}
-	}
-
-	private function storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo)
-	{
-		$consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
-		$consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
-		$keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
-		$keyType = 'HMAC_SYMMETRIC';
-		
-		if ($keyTypeStr == "RSA_PRIVATE") {
-			$keyType = 'RSA_PRIVATE';
-			// check if the converted from PKCS8 key is in cache, if not, convert it
-			$cache = Config::get('data_cache');
-			$cache = new $cache();
-			
-			if (($cachedRequest = $cache->get(md5("RSA_KEY_" . $serviceName))) !== false) {
-				$consumerSecret = $cachedRequest;
-			} else {
-				$in = tempnam(sys_get_temp_dir(), "RSA_KEY");
-				file_put_contents($in, base64_decode($consumerInfo[$this->CONSUMER_SECRET_KEY]));
-				$out = tempnam(sys_get_temp_dir(), "RSA_KEY");
-				exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
-				$consumerSecret = file_get_contents($out);
-				$cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
-			}
-		}
-		
-		$kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret, $keyType);
-		$this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
-	}
-
+		if (($gadget = $cache->get(md5('storeProviderInfos'.$gadgetUri))) === false) {
+			$remoteContentRequest = new RemoteContentRequest($gadgetUri);
+			$remoteContentRequest->getRequest($gadgetUri, false);
+			$response = $fetcher->fetchRequest($remoteContentRequest);
+			$context = new ProxyGadgetContext($gadgetUri);
+			$spec = new GadgetSpecParser();
+			$gadget = $spec->parse($response->getResponseContent(), $context);
+			$cache->set(md5('storeProviderInfos'.$gadgetUri), $gadget);
+		}
+		parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
+	}
+
+	private function storeConsumerInfos($gadgetUri, $oauthConfig)
+	{
+		foreach ($oauthConfig as $key => $value) {
+			$serviceName = $key;
+			$consumerInfo = $value;
+			$this->storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo);
+		}
+	}
+
+	private function storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo)
+	{
+		$consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
+		$consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
+		$keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
+		$keyType = 'HMAC_SYMMETRIC';
+		
+		if ($keyTypeStr == "RSA_PRIVATE") {
+			$keyType = 'RSA_PRIVATE';
+			// check if the converted from PKCS8 key is in cache, if not, convert it
+			$cache = Config::get('data_cache');
+			$cache = new $cache();
+			
+			if (($cachedRequest = $cache->get(md5("RSA_KEY_" . $serviceName))) !== false) {
+				$consumerSecret = $cachedRequest;
+			} else {
+				$in = tempnam(sys_get_temp_dir(), "RSA_KEY");
+				file_put_contents($in, base64_decode($consumerInfo[$this->CONSUMER_SECRET_KEY]));
+				$out = tempnam(sys_get_temp_dir(), "RSA_KEY");
+				exec("openssl pkcs8 -inform DER -outform PEM -out " . $out . " -nocrypt -in " . $in);
+				$consumerSecret = file_get_contents($out);
+				$cache->set(md5("RSA_KEY_" . $serviceName), $consumerSecret);
+			}
+		}
+		
+		$kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret, $keyType);
+		$this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
+	}
+
 }