Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java?rev=755000&r1=754999&r2=755000&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java Mon Mar 16 20:40:06 2009 @@ -79,8 +79,10 @@ public static void sendPendingEntryNotice(WeblogEntry entry) throws WebloggerException { - Session mailSession = WebloggerStartup.getMailProvider().getSession(); - if(mailSession == null) { + Session mailSession = WebloggerStartup.getMailProvider() != null + ? WebloggerStartup.getMailProvider().getSession() : null; + + if (mailSession == null) { throw new WebloggerException("Couldn't get mail Session"); } @@ -148,7 +150,9 @@ User user) throws WebloggerException { - Session mailSession = WebloggerStartup.getMailProvider().getSession(); + Session mailSession = WebloggerStartup.getMailProvider() != null + ? WebloggerStartup.getMailProvider().getSession() : null; + if(mailSession == null) { throw new WebloggerException("ERROR: Notification email(s) not sent, " + "Roller's mail session not properly configured"); @@ -205,7 +209,9 @@ public static void sendUserActivationEmail(User user) throws WebloggerException { - Session mailSession = WebloggerStartup.getMailProvider().getSession(); + Session mailSession = WebloggerStartup.getMailProvider() != null + ? WebloggerStartup.getMailProvider().getSession() : null; + if(mailSession == null) { throw new WebloggerException("ERROR: Notification email(s) not sent, " + "Roller's mail session not properly configured"); @@ -585,7 +591,7 @@ throws MessagingException { MailProvider mailProvider = WebloggerStartup.getMailProvider(); - if(mailProvider == null) { + if (mailProvider == null) { return; }
Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java?rev=755000&r1=754999&r2=755000&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java Mon Mar 16 20:40:06 2009 @@ -1,6 +1,6 @@ /* * Licensed to the Apache Software Foundation (ASF) under one or more -* contributor license agreements. The ASF licenses this file to You +* contributor license agreements. The ASF licenses this file to You * under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. * You may obtain a copy of the License at @@ -37,11 +37,18 @@ import com.sun.syndication.propono.atom.server.AtomHandler; import com.sun.syndication.propono.atom.server.AtomMediaResource; import com.sun.syndication.propono.atom.server.AtomNotFoundException; +import javax.servlet.http.HttpServletResponse; +import net.oauth.OAuthAccessor; +import net.oauth.OAuthMessage; +import net.oauth.server.OAuthServlet; import org.apache.commons.lang.StringUtils; import org.apache.roller.weblogger.WebloggerException; +import org.apache.roller.weblogger.business.OAuthManager; import org.apache.roller.weblogger.config.WebloggerConfig; +import org.apache.roller.weblogger.config.WebloggerRuntimeConfig; import org.apache.roller.weblogger.pojos.WeblogPermission; + /** * Weblogger's ROME Propono-based Atom Protocol implementation. * @@ -53,7 +60,6 @@ * Here are the APP URIs suppored by Weblogger: * * <pre> - * * /roller-services/app * Introspection doc * @@ -79,8 +85,8 @@ * * /roller-services/app/[weblog-handle]/resource/[name] * Individual resource data (GET) - * * </pre> + * * @author David M Johnson */ public class RollerAtomHandler implements AtomHandler { @@ -106,12 +112,20 @@ * If user is authenticated, then getAuthenticatedUsername() will return * then user's name, otherwise it will return null. */ - public RollerAtomHandler(HttpServletRequest request) { + public RollerAtomHandler(HttpServletRequest request, HttpServletResponse response) { roller = WebloggerFactory.getWeblogger(); - - // TODO: decide what to do about authentication, is WSSE going to fly? - //String userName = authenticateWSSE(request); - String userName = authenticateBASIC(request); + + String userName = null; + if ("oauth".equals(WebloggerRuntimeConfig.getProperty("webservices.atomPubAuth"))) { + userName = authenticationOAUTH(request, response); + + } else if ("wsse".equals(WebloggerRuntimeConfig.getProperty("webservices.atomPubAuth"))) { + userName = authenticateWSSE(request); + + } else { // default to basic + userName = authenticateBASIC(request); + } + if (userName != null) { try { this.user = roller.getUserManager().getUserByUserName(userName); @@ -122,9 +136,6 @@ atomURL = WebloggerFactory.getWeblogger().getUrlStrategy().getAtomProtocolURL(true); } - - /** For testing and for those who wish to extend */ - public RollerAtomHandler() {} /** * Return weblogHandle of authenticated user or null if there is none. @@ -462,6 +473,29 @@ } + private String authenticationOAUTH( + HttpServletRequest request, HttpServletResponse response) { + try { + OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager(); + OAuthMessage requestMessage = OAuthServlet.getMessage(request, null); + OAuthAccessor accessor = omgr.getAccessor(requestMessage); + omgr.getValidator().validateMessage(requestMessage, accessor); + return (String)accessor.consumer.getProperty("userId"); + + } catch (Exception ex) { + log.debug("ERROR authenticating user", ex); + String realm = (request.isSecure())?"https://":"http://";; + realm += request.getLocalName(); + try { + OAuthServlet.handleException(response, ex, realm, true); + } catch (Exception ioe) { + log.debug("ERROR writing error response", ioe); + } + } + return null; + } + + public static void oneSecondThrottle() { // Throttle one entry per second per weblog because time- // stamp in MySQL and other DBs has only 1 sec resolution @@ -471,4 +505,5 @@ } } catch (Exception ignored) {} } + } Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java?rev=755000&r1=754999&r2=755000&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java (original) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java Mon Mar 16 20:40:06 2009 @@ -1,6 +1,6 @@ /* * Licensed to the Apache Software Foundation (ASF) under one or more -* contributor license agreements. The ASF licenses this file to You +* contributor license agreements. The ASF licenses this file to You * under the Apache License, Version 2.0 (the "License"); you may not * use this file except in compliance with the License. * You may obtain a copy of the License at @@ -21,6 +21,7 @@ import com.sun.syndication.propono.atom.server.AtomHandlerFactory; import com.sun.syndication.propono.atom.server.AtomHandler; import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; /** * Extends {...@link com.sun.syndication.propono.atom.server.AtomHandlerFactory} to create and return @@ -31,8 +32,9 @@ /** * Create new AtomHandler. */ - public AtomHandler newAtomHandler( HttpServletRequest req ) { - return new RollerAtomHandler(req); + public AtomHandler newAtomHandler( + HttpServletRequest req, HttpServletResponse res) { + return new RollerAtomHandler(req, res); } } Added: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java?rev=755000&view=auto ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java (added) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java Mon Mar 16 20:40:06 2009 @@ -0,0 +1,105 @@ +/* + * Copyright 2007 AOL, LLC. + * Portions Copyright 2009 Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.roller.weblogger.webservices.oauth; + +import java.io.IOException; +import java.io.OutputStream; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import net.oauth.OAuth; +import net.oauth.OAuthAccessor; +import net.oauth.OAuthMessage; +import net.oauth.OAuthProblemException; +import net.oauth.server.OAuthServlet; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.roller.weblogger.business.OAuthManager; +import org.apache.roller.weblogger.business.WebloggerFactory; + +/** + * Access Token request handler + * + * @author Praveen Alavilli + * @author Dave Johnson (adapted for Roller) + */ +public class AccessTokenServlet extends HttpServlet { + protected static Log log = + LogFactory.getFactory().getInstance(AccessTokenServlet.class); + + @Override + public void init(ServletConfig config) throws ServletException { + super.init(config); + // nothing at this point + } + + @Override + public void doGet(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + processRequest(request, response); + } + @Override + public void doPost(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + processRequest(request, response); + } + + public void processRequest(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + try{ + OAuthMessage requestMessage = OAuthServlet.getMessage(request, null); + + OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager(); + OAuthAccessor accessor = omgr.getAccessor(requestMessage); + omgr.getValidator().validateMessage(requestMessage, accessor); + + // make sure token is authorized + if (!Boolean.TRUE.equals(accessor.getProperty("authorized"))) { + OAuthProblemException problem = new OAuthProblemException("permission_denied"); + throw problem; + } + // generate access token and secret + omgr.generateAccessToken(accessor); + WebloggerFactory.getWeblogger().flush(); + + response.setContentType("text/plain"); + OutputStream out = response.getOutputStream(); + OAuth.formEncode(OAuth.newList( + "oauth_token", accessor.accessToken, + "oauth_token_secret", accessor.tokenSecret), out); + out.close(); + + } catch (Exception e){ + handleException(e, request, response, true); + } + } + + public void handleException(Exception e, HttpServletRequest request, + HttpServletResponse response, boolean sendBody) + throws IOException, ServletException { + log.debug("ERROR authorizing token", e); + String realm = (request.isSecure())?"https://":"http://";; + realm += request.getLocalName(); + OAuthServlet.handleException(response, e, realm, sendBody); + } + +} Added: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java?rev=755000&view=auto ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java (added) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java Mon Mar 16 20:40:06 2009 @@ -0,0 +1,160 @@ +/* + * Copyright 2007 AOL, LLC. + * Portions Copyright 2009 Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.roller.weblogger.webservices.oauth; + +import java.io.IOException; +import java.io.PrintWriter; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import net.oauth.OAuth; +import net.oauth.OAuthAccessor; +import net.oauth.OAuthMessage; +import net.oauth.server.OAuthServlet; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.roller.weblogger.business.OAuthManager; +import org.apache.roller.weblogger.business.WebloggerFactory; + +/** + * Autherization request handler. + * + * @author Praveen Alavilli + * @author Dave Johnson (adapted for Roller) + */ +public class AuthorizationServlet extends HttpServlet { + protected static Log log = + LogFactory.getFactory().getInstance(AuthorizationServlet.class); + + @Override + public void init(ServletConfig config) throws ServletException { + super.init(config); + // nothing at this point + } + + @Override + public void doGet(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + + try{ + OAuthMessage requestMessage = OAuthServlet.getMessage(request, null); + + OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager(); + OAuthAccessor accessor = omgr.getAccessor(requestMessage); + + if (Boolean.TRUE.equals(accessor.getProperty("authorized"))) { + // already authorized send the user back + returnToConsumer(request, response, accessor); + } else { + sendToAuthorizePage(request, response, accessor); + } + + } catch (Exception e){ + handleException(e, request, response, true); + } + } + + @Override + public void doPost(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException{ + + try{ + OAuthMessage requestMessage = OAuthServlet.getMessage(request, null); + + OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager(); + OAuthAccessor accessor = omgr.getAccessor(requestMessage); + + String userId = request.getParameter("userId"); + if (userId == null){ + sendToAuthorizePage(request, response, accessor); + } + // set userId in accessor and mark it as authorized + omgr.markAsAuthorized(accessor, userId); + WebloggerFactory.getWeblogger().flush(); + + returnToConsumer(request, response, accessor); + + + } catch (Exception e){ + handleException(e, request, response, true); + } + } + + private void sendToAuthorizePage(HttpServletRequest request, + HttpServletResponse response, OAuthAccessor accessor) + throws IOException, ServletException{ + String callback = request.getParameter("oauth_callback"); + if(callback == null || callback.length() <=0) { + callback = "none"; + } + String consumer_description = (String)accessor.consumer.getProperty("description"); + request.setAttribute("CONS_DESC", consumer_description); + request.setAttribute("CALLBACK", callback); + request.setAttribute("TOKEN", accessor.requestToken); + request.getRequestDispatcher("/roller-ui/oauthAuthorize.rol").forward(request, response); + } + + private void returnToConsumer(HttpServletRequest request, + HttpServletResponse response, OAuthAccessor accessor) + throws IOException, ServletException { + + // send the user back to site's callBackUrl + String callback = request.getParameter("oauth_callback"); + if ("none".equals(callback) + && accessor.consumer.callbackURL != null + && accessor.consumer.callbackURL.length() > 0){ + // first check if we have something in our properties file + callback = accessor.consumer.callbackURL; + } + + if ( "none".equals(callback) ) { + // no call back it must be a client + response.setContentType("text/plain"); + PrintWriter out = response.getWriter(); + out.println("You have successfully authorized for consumer key '" + + accessor.consumer.consumerKey + + "'. Please close this browser window and click continue" + + " in the client."); + out.close(); + } else { + // if callback is not passed in, use the callback from config + if(callback == null || callback.length() <=0 ) + callback = accessor.consumer.callbackURL; + String token = accessor.requestToken; + if (token != null && callback != null) { + callback = OAuth.addParameters(callback, "oauth_token", token); + } + + response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); + response.setHeader("Location", callback); + } + } + + public void handleException(Exception e, HttpServletRequest request, + HttpServletResponse response, boolean sendBody) + throws IOException, ServletException { + log.debug("ERROR authorizing token", e); + String realm = (request.isSecure())?"https://":"http://";; + realm += request.getLocalName(); + OAuthServlet.handleException(response, e, realm, sendBody); + } +} Added: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java?rev=755000&view=auto ============================================================================== --- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java (added) +++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java Mon Mar 16 20:40:06 2009 @@ -0,0 +1,118 @@ +/* + * Copyright 2007 AOL, LLC. + * Portions Copyright 2009 Apache Software Foundation + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package org.apache.roller.weblogger.webservices.oauth; + +import java.io.IOException; +import java.io.OutputStream; + +import javax.servlet.ServletConfig; +import javax.servlet.ServletException; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import net.oauth.OAuth; +import net.oauth.OAuthAccessor; +import net.oauth.OAuthConsumer; +import net.oauth.OAuthMessage; +import net.oauth.server.OAuthServlet; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.roller.weblogger.business.OAuthManager; +import org.apache.roller.weblogger.business.WebloggerFactory; + + +/** + * Request token request handler + * + * @author Praveen Alavilli + * @author Dave Johnson (adapted for Roller) + */ +public class RequestTokenServlet extends HttpServlet { + protected static Log log = + LogFactory.getFactory().getInstance(RequestTokenServlet.class); + + @Override + public void init(ServletConfig config) throws ServletException { + super.init(config); + } + + @Override + public void doGet(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + processRequest(request, response); + } + + @Override + public void doPost(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + processRequest(request, response); + } + + public void processRequest(HttpServletRequest request, HttpServletResponse response) + throws IOException, ServletException { + + try { + OAuthMessage requestMessage = OAuthServlet.getMessage(request, null); + OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager(); + OAuthAccessor accessor = omgr.getAccessor(requestMessage); + + if (accessor == null) { + + OAuthConsumer consumer = omgr.getConsumer(requestMessage); + accessor = new OAuthAccessor(consumer); + omgr.getValidator().validateMessage(requestMessage, accessor); + + { + // Support the 'Variable Accessor Secret' extension + // described in http://oauth.pbwiki.com/AccessorSecret + String secret = requestMessage.getParameter("oauth_accessor_secret"); + if (secret != null) { + accessor.setProperty(OAuthConsumer.ACCESSOR_SECRET, secret); + } + } + + // generate request_token and secret + omgr.generateRequestToken(accessor); + WebloggerFactory.getWeblogger().flush(); + } + + response.setContentType("text/plain"); + OutputStream out = response.getOutputStream(); + String token = accessor.requestToken != null + ? accessor.requestToken: accessor.accessToken; + OAuth.formEncode(OAuth.newList( + "oauth_token", token, + "oauth_token_secret", accessor.tokenSecret), out); + out.close(); + + } catch (Exception e){ + handleException(e, request, response, true); + } + + } + + public void handleException(Exception e, HttpServletRequest request, + HttpServletResponse response, boolean sendBody) + throws IOException, ServletException { + log.debug("ERROR authorizing token", e); + String realm = (request.isSecure())?"https://":"http://";; + realm += request.getLocalName(); + OAuthServlet.handleException(response, e, realm, sendBody); + } +} Modified: roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm?rev=755000&r1=754999&r2=755000&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm (original) +++ roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm Mon Mar 16 20:40:06 2009 @@ -67,3 +67,22 @@ create index ua_username_idx on roller_userattribute( username$!db.INDEXSIZE ); create index ua_attrname_idx on roller_userattribute( attrname$!db.INDEXSIZE ); create index ua_attrvalue_idx on roller_userattribute( attrvalue$!db.INDEXSIZE ); + +create table rol_oauthconsumer ( + consumerkey varchar(48) not null primary key, + consumersecret varchar(48) not null, + username varchar(48) not null +); +create index oc_username_idx on rol_oauthconsumer( username$!db.INDEXSIZE ); +create index oc_consumerkey_idx on rol_oauthconsumer( consumerkey$!db.INDEXSIZE ); + +create table rol_oauthaccessor ( + consumerkey varchar(48) not null primary key, + requesttoken varchar(48), + accesstoken varchar(48), + tokensecret varchar(48), + created $db.TIMESTAMP_SQL_TYPE not null, + updated $db.TIMESTAMP_SQL_TYPE not null, + authorized $db.BOOLEAN_SQL_TYPE_FALSE +); +create index oa_consumerkey_idx on rol_oauthaccessor( consumerkey$!db.INDEXSIZE ); Modified: roller/trunk/apps/weblogger/src/sql/createdb.vm URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/sql/createdb.vm?rev=755000&r1=754999&r2=755000&view=diff ============================================================================== --- roller/trunk/apps/weblogger/src/sql/createdb.vm (original) +++ roller/trunk/apps/weblogger/src/sql/createdb.vm Mon Mar 16 20:40:06 2009 @@ -435,7 +435,27 @@ create index ea_entryid_idx on entryattribute( entryid ); alter table entryattribute add constraint ea_name_uq unique ( entryid, name$!db.INDEXSIZE ); - +-- each record is an OAuth consumer key and secret, can be tied to just one user +create table rol_oauthconsumer ( + consumerkey varchar(48) not null primary key, + consumersecret varchar(48) not null, + username varchar(48) +); +create index oc_username_idx on rol_oauthconsumer( username$!db.INDEXSIZE ); +create index oc_consumerkey_idx on rol_oauthconsumer( consumerkey$!db.INDEXSIZE ); + +-- each record is an OAuth accessor, always tied to just one user +create table rol_oauthaccessor ( + consumerkey varchar(48) not null primary key, + requesttoken varchar(48), + accesstoken varchar(48), + tokensecret varchar(48), + created $db.TIMESTAMP_SQL_TYPE not null, + updated $db.TIMESTAMP_SQL_TYPE not null, + username varchar(48) not null, + authorized $db.BOOLEAN_SQL_TYPE_FALSE +); +create index oa_consumerkey_idx on rol_oauthaccessor( consumerkey$!db.INDEXSIZE ); create table rag_properties ( name varchar(255) not null primary key, Modified: roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java?rev=755000&r1=754999&r2=755000&view=diff ============================================================================== --- roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java (original) +++ roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java Mon Mar 16 20:40:06 2009 @@ -20,6 +20,7 @@ import junit.framework.Test; import junit.framework.TestSuite; +import org.apache.roller.weblogger.business.jpa.JPAOAuthManagerTest; /** @@ -54,6 +55,8 @@ // referrers suite.addTestSuite(RefererTest.class); + suite.addTestSuite(JPAOAuthManagerTest.class); + return suite; } Added: roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java?rev=755000&view=auto ============================================================================== --- roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java (added) +++ roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java Mon Mar 16 20:40:06 2009 @@ -0,0 +1,87 @@ +/* +* Licensed to the Apache Software Foundation (ASF) under one or more +* contributor license agreements. The ASF licenses this file to You +* under the Apache License, Version 2.0 (the "License"); you may not +* use this file except in compliance with the License. +* You may obtain a copy of the License at +* +* http://www.apache.org/licenses/LICENSE-2.0 +* +* Unless required by applicable law or agreed to in writing, software +* distributed under the License is distributed on an "AS IS" BASIS, +* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +* See the License for the specific language governing permissions and +* limitations under the License. For additional information regarding +* copyright in this work, please see the NOTICE file in the top level +* directory of this distribution. +*/ + +package org.apache.roller.weblogger.business.jpa; + +import junit.framework.TestCase; +import net.oauth.OAuthAccessor; +import net.oauth.OAuthConsumer; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.roller.weblogger.TestUtils; +import org.apache.roller.weblogger.business.WebloggerFactory; + + +/** + * Test Weblogger Bookmark Management. + */ +public class JPAOAuthManagerTest extends TestCase { + public static Log log = LogFactory.getLog(JPAOAuthManagerTest.class); + + public void setUp() throws Exception { + + // setup weblogger + TestUtils.setupWeblogger(); + + try { + TestUtils.endSession(true); + } catch (Exception ex) { + log.error(ex); + throw new Exception("Test setup failed", ex); + } + } + + public void tearDown() throws Exception { + + try { + TestUtils.endSession(true); + } catch (Exception ex) { + log.error("ERROR in tearDown", ex); + throw new Exception("Test teardown failed", ex); + } + } + + public void testCRUD() throws Exception { + JPAOAuthManagerImpl omgr = (JPAOAuthManagerImpl) + WebloggerFactory.getWeblogger().getOAuthManager(); + + String consumerKey = "1111"; + OAuthConsumer consumer = omgr.addConsumer("dummyusername", consumerKey); + TestUtils.endSession(true); + + consumer = omgr.getConsumerByKey(consumer.consumerKey); + assertNotNull(consumer); + assertEquals(consumerKey, consumer.consumerKey); + + OAuthAccessor accessor = new OAuthAccessor(consumer); + accessor.setProperty("userId", "dummyusername"); + omgr.addAccessor(accessor); + TestUtils.endSession(true); + + accessor = omgr.getAccessorByKey(consumerKey); + assertNotNull(accessor); + + omgr.removeAccessor(accessor); + TestUtils.endSession(true); + assertNull(omgr.getAccessorByKey(consumerKey)); + + omgr.removeConsumer(consumer); + TestUtils.endSession(true); + assertNull(omgr.getConsumerByKey(consumerKey)); + } +}
