Author: lindner
Date: Tue May 25 18:33:07 2010
New Revision: 948159
URL: http://svn.apache.org/viewvc?rev=948159&view=rev
Log:
allow injection of security tokens from the gadget context in IframeUriManager
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java?rev=948159&r1=948158&r2=948159&view=diff
==============================================================================
---
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java
(original)
+++
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManager.java
Tue May 25 18:33:07 2010
@@ -23,6 +23,9 @@ import com.google.inject.ImplementedBy;
import com.google.inject.Inject;
import com.google.inject.name.Named;
+import org.apache.shindig.auth.SecurityToken;
+import org.apache.shindig.auth.SecurityTokenDecoder;
+import org.apache.shindig.auth.SecurityTokenException;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.config.ContainerConfig;
@@ -53,13 +56,18 @@ public class DefaultIframeUriManager imp
private final ContainerConfig config;
private final LockedDomainPrefixGenerator ldGen;
+ private final SecurityTokenDecoder securityTokenCodec;
+
private final List<String> ldSuffixes;
-
+
@Inject
public DefaultIframeUriManager(ContainerConfig config,
- LockedDomainPrefixGenerator ldGen) {
+ LockedDomainPrefixGenerator ldGen,
+ SecurityTokenDecoder securityTokenCodec) {
this.config = config;
this.ldGen = ldGen;
+ this.securityTokenCodec = securityTokenCodec;
+
Collection<String> containers = config.getContainers();
List<String> ldSuffixes =
Lists.newArrayListWithCapacity(containers.size());
for (String container : containers) {
@@ -141,7 +149,7 @@ public class DefaultIframeUriManager imp
boolean upInFragment = !view.needsUserPrefSubstitution();
addParam(uri, UriCommon.USER_PREF_PREFIX + up.getName(), data, useTpl,
upInFragment);
}
-
+
if (versioner != null) {
// Added on the query string, obviously not templated.
addParam(uri, Param.VERSION.getKey(),
@@ -151,7 +159,8 @@ public class DefaultIframeUriManager imp
if (gadget.getAllFeatures().contains(SECURITY_TOKEN_FEATURE_NAME) ||
config.getBool(container, SECURITY_TOKEN_ALWAYS_KEY)) {
boolean securityTokenOnQuery = isTokenNeededForRendering(gadget);
- String securityToken = null; // Always templated at the moment, can
ignore.
+
+ String securityToken = wantsSecurityToken(gadget) ?
generateSecurityToken(gadget) : null;
addParam(uri, Param.SECURITY_TOKEN.getKey(), securityToken, true,
!securityTokenOnQuery);
}
@@ -159,6 +168,24 @@ public class DefaultIframeUriManager imp
return uri.toUri();
}
+
+ protected String generateSecurityToken(Gadget gadget) {
+ // Find a security token in the context
+ try {
+ SecurityToken token = gadget.getContext().getToken();
+
+ if (securityTokenCodec != null && token != null) {
+ return securityTokenCodec.encodeToken(token);
+ }
+ } catch (SecurityTokenException e) {
+ // ignore -- no security token
+ }
+ return null;
+ }
+
+ protected boolean wantsSecurityToken(Gadget gadget) {
+ return true;
+ }
// This method should be overridden to provide better caching characteristics
// for rendering Uris. In particular, it should return true only when the
gadget
Modified:
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java?rev=948159&r1=948158&r2=948159&view=diff
==============================================================================
---
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java
(original)
+++
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/DefaultIframeUriManagerTest.java
Tue May 25 18:33:07 2010
@@ -40,6 +40,8 @@ import static org.junit.Assert.assertTru
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
+import org.apache.shindig.auth.BasicSecurityTokenDecoder;
+import org.apache.shindig.auth.SecurityTokenDecoder;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.config.ContainerConfig;
@@ -66,6 +68,8 @@ public class DefaultIframeUriManagerTest
return LD_PREFIX;
}
};
+
+ private static final SecurityTokenDecoder tokenCodec = new
BasicSecurityTokenDecoder();
@Test
public void typeHtmlBasicOptions() {
@@ -617,7 +621,7 @@ public class DefaultIframeUriManagerTest
private boolean addExtrasCalled = false;
private TestDefaultIframeUriManager(ContainerConfig config) {
- super(config, prefixGen);
+ super(config, prefixGen, tokenCodec);
}
private TestDefaultIframeUriManager setLdExclusion(boolean ldExclusion) {
Modified:
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java?rev=948159&r1=948158&r2=948159&view=diff
==============================================================================
---
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java
(original)
+++
shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/uri/UriManagerTestBase.java
Tue May 25 18:33:07 2010
@@ -86,6 +86,7 @@ public class UriManagerTestBase {
expect(context.getLocale()).andReturn(locale).anyTimes();
expect(context.getDebug()).andReturn(isDebug).anyTimes();
expect(context.getIgnoreCache()).andReturn(ignoreCache).anyTimes();
+ expect(context.getToken()).andReturn(null).anyTimes();
// All Features (doesn't distinguish between transitive and not)
expect(gadget.getAllFeatures()).andReturn(features).anyTimes();
