You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@shindig.apache.org by li...@apache.org on 2010/05/25 20:33:07 UTC

svn commit: r948159 - in /shindig/trunk/java/gadgets/src: main/java/org/apache/shindig/gadgets/uri/ test/java/org/apache/shindig/gadgets/uri/

Author: lindner
Date: Tue May 25 18:33:07 2010
New Revision: 948159

URL: http://svn.apache.org/viewvc?rev=948159&view=rev
Log:
allow injection of security tokens from the gadget context in IframeUriManager

Modified:
    shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java
    shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java
    shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java

Modified: shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java?rev=948159&r1=948158&r2=948159&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java (original)
+++ shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java Tue May 25 18:33:07 2010
@@ -23,6 +23,9 @@ import com.google.inject.ImplementedBy;
 import com.google.inject.Inject;
 import com.google.inject.name.Named;
 
+import org.apache.shindig.auth.SecurityToken;
+import org.apache.shindig.auth.SecurityTokenDecoder;
+import org.apache.shindig.auth.SecurityTokenException;
 import org.apache.shindig.common.uri.Uri;
 import org.apache.shindig.common.uri.UriBuilder;
 import org.apache.shindig.config.ContainerConfig;
@@ -53,13 +56,18 @@ public class DefaultIframeUriManager imp
   
   private final ContainerConfig config;
   private final LockedDomainPrefixGenerator ldGen;
+  private final SecurityTokenDecoder securityTokenCodec;
+
   private final List<String> ldSuffixes;
-  
+
   @Inject
   public DefaultIframeUriManager(ContainerConfig config,
-                                 LockedDomainPrefixGenerator ldGen) {
+                                 LockedDomainPrefixGenerator ldGen,
+                                 SecurityTokenDecoder securityTokenCodec) {
     this.config = config;
     this.ldGen = ldGen;
+    this.securityTokenCodec = securityTokenCodec;
+    
     Collection<String> containers = config.getContainers();
     List<String> ldSuffixes = Lists.newArrayListWithCapacity(containers.size());
     for (String container : containers) {
@@ -141,7 +149,7 @@ public class DefaultIframeUriManager imp
       boolean upInFragment = !view.needsUserPrefSubstitution();
       addParam(uri, UriCommon.USER_PREF_PREFIX + up.getName(), data, useTpl, upInFragment);
     }
-    
+
     if (versioner != null) {
       // Added on the query string, obviously not templated.
       addParam(uri, Param.VERSION.getKey(),
@@ -151,7 +159,8 @@ public class DefaultIframeUriManager imp
     if (gadget.getAllFeatures().contains(SECURITY_TOKEN_FEATURE_NAME) ||
         config.getBool(container, SECURITY_TOKEN_ALWAYS_KEY)) {
       boolean securityTokenOnQuery = isTokenNeededForRendering(gadget);
-      String securityToken = null;  // Always templated at the moment, can ignore.
+      
+      String securityToken = wantsSecurityToken(gadget) ? generateSecurityToken(gadget) : null;
       addParam(uri, Param.SECURITY_TOKEN.getKey(), securityToken, true, !securityTokenOnQuery);
     }
     
@@ -159,6 +168,24 @@ public class DefaultIframeUriManager imp
     
     return uri.toUri();
   }
+
+  protected String generateSecurityToken(Gadget gadget) {
+    // Find a security token in the context
+    try {
+      SecurityToken token = gadget.getContext().getToken();
+
+      if (securityTokenCodec != null && token != null) {
+        return securityTokenCodec.encodeToken(token);
+      }
+    } catch (SecurityTokenException e) {
+      // ignore -- no security token
+    }
+    return null;
+  }
+
+  protected boolean wantsSecurityToken(Gadget gadget) {
+    return true;
+  }
   
   // This method should be overridden to provide better caching characteristics
   // for rendering Uris. In particular, it should return true only when the gadget

Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java?rev=948159&r1=948158&r2=948159&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java Tue May 25 18:33:07 2010
@@ -40,6 +40,8 @@ import static org.junit.Assert.assertTru
 import com.google.common.collect.Lists;
 import com.google.common.collect.Maps;
 
+import org.apache.shindig.auth.BasicSecurityTokenDecoder;
+import org.apache.shindig.auth.SecurityTokenDecoder;
 import org.apache.shindig.common.uri.Uri;
 import org.apache.shindig.common.uri.UriBuilder;
 import org.apache.shindig.config.ContainerConfig;
@@ -66,6 +68,8 @@ public class DefaultIframeUriManagerTest
       return LD_PREFIX;
     }
   };
+
+  private static final SecurityTokenDecoder tokenCodec = new BasicSecurityTokenDecoder();
   
   @Test
   public void typeHtmlBasicOptions() {
@@ -617,7 +621,7 @@ public class DefaultIframeUriManagerTest
     private boolean addExtrasCalled = false;
     
     private TestDefaultIframeUriManager(ContainerConfig config) {
-      super(config, prefixGen);
+      super(config, prefixGen, tokenCodec);
     }
     
     private TestDefaultIframeUriManager setLdExclusion(boolean ldExclusion) {

Modified: shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java
URL: http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java?rev=948159&r1=948158&r2=948159&view=diff
==============================================================================
--- shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java (original)
+++ shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java Tue May 25 18:33:07 2010
@@ -86,6 +86,7 @@ public class UriManagerTestBase {
     expect(context.getLocale()).andReturn(locale).anyTimes();
     expect(context.getDebug()).andReturn(isDebug).anyTimes();
     expect(context.getIgnoreCache()).andReturn(ignoreCache).anyTimes();
+    expect(context.getToken()).andReturn(null).anyTimes();
     
     // All Features (doesn't distinguish between transitive and not)
     expect(gadget.getAllFeatures()).andReturn(features).anyTimes();