Author: lindner
Date: Sat Aug 13 01:45:57 2011
New Revision: 1157308
URL: http://svn.apache.org/viewvc?rev=1157308&view=rev
Log:
Patch from Jesse Ciancetta | Enable loading security token key from either an
absolute filesystem reference or from the classpath
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java?rev=1157308&r1=1157307&r2=1157308&view=diff
==============================================================================
---
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
(original)
+++
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
Sat Aug 13 01:45:57 2011
@@ -18,10 +18,12 @@
*/
package org.apache.shindig.auth;
+import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.shindig.common.crypto.BasicBlobCrypter;
import org.apache.shindig.common.crypto.BlobCrypter;
import org.apache.shindig.common.crypto.BlobCrypterException;
+import org.apache.shindig.common.util.ResourceLoader;
import org.apache.shindig.config.ContainerConfig;
import com.google.common.collect.Maps;
@@ -76,6 +78,7 @@ public class BlobCrypterSecurityTokenCod
} catch (IOException e) {
// Someone specified securityTokenKeyFile, but we couldn't load the key.
That merits killing
// the server.
+ LOG.log(Level.SEVERE, "Error while initializing
BlobCrypterSecurityTokenCodec", e);
throw new RuntimeException(e);
}
}
@@ -106,7 +109,7 @@ public class BlobCrypterSecurityTokenCod
for (String container : containers) {
String keyFile = config.getString(container, SECURITY_TOKEN_KEY_FILE);
if (keyFile != null) {
- BlobCrypter crypter = loadCrypterFromFile(new File(keyFile));
+ BlobCrypter crypter = loadCrypter(keyFile);
crypters.put(container, crypter);
}
String domain = config.getString(container, SIGNED_FETCH_DOMAIN);
@@ -115,11 +118,16 @@ public class BlobCrypterSecurityTokenCod
}
/**
- * Load a BlobCrypter from the specified file. Override this if you have
your own
+ * Load a BlobCrypter from the key file. Override this if you have your own
* BlobCrypter implementation.
+ *
+ * @param keyFile The key file to load from. This can either be an absolute
file path or a
+ * reference to a resource that should be loaded from the classpath (ie
res://key-file.txt).
+ * @return The BlobCrypter.
+ * @throws IOException If the key file is invalid.
*/
- protected BlobCrypter loadCrypterFromFile(File file) throws IOException {
- return new BasicBlobCrypter(file);
+ protected BlobCrypter loadCrypter(String keyFile) throws IOException {
+ return new BasicBlobCrypter(IOUtils.toString(ResourceLoader.open(keyFile),
"UTF-8"));
}
/**
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java?rev=1157308&r1=1157307&r2=1157308&view=diff
==============================================================================
---
shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
(original)
+++
shindig/trunk/java/common/src/main/java/org/apache/shindig/common/crypto/BasicBlobCrypter.java
Sat Aug 13 01:45:57 2011
@@ -78,13 +78,7 @@ public class BasicBlobCrypter implements
FileInputStream openFile = new FileInputStream(keyfile);
reader = new BufferedReader(
new InputStreamReader(openFile, Charsets.UTF_8));
- String line = reader.readLine();
- if (line == null) {
- throw new IOException("Unexpectedly empty keyfile:" + keyfile);
- }
- line = line.trim();
- byte[] keyBytes = CharsetUtil.getUtf8Bytes(line);
- init(keyBytes);
+ init(reader.readLine());
} finally {
try {
if (reader != null) {
@@ -105,6 +99,24 @@ public class BasicBlobCrypter implements
init(masterKey);
}
+ /**
+ * Builds a BlobCrypter from the specified master key
+ *
+ * @param masterKey
+ */
+ public BasicBlobCrypter(String masterKey) {
+ init(masterKey);
+ }
+
+ private void init(String masterKey) {
+ if (masterKey == null) {
+ throw new IllegalArgumentException("Unexpectedly empty masterKey:" +
masterKey);
+ }
+ masterKey = masterKey.trim();
+ byte[] keyBytes = CharsetUtil.getUtf8Bytes(masterKey);
+ init(keyBytes);
+ }
+
private void init(byte[] masterKey) {
Preconditions.checkArgument(masterKey.length >= MASTER_KEY_MIN_LEN,
"Master key needs at least %s bytes", MASTER_KEY_MIN_LEN);
Modified:
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java?rev=1157308&r1=1157307&r2=1157308&view=diff
==============================================================================
---
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
(original)
+++
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
Sat Aug 13 01:45:57 2011
@@ -91,14 +91,16 @@ public class BlobCrypterSecurityTokenCod
}
/**
- * @return a crypter based on the name of the file passed in, rather than
the contents
+ * @param file the location of the file.
+ * @return a crypter based on the name of the file passed in, rather than
the contents.
+ * @throws IOException when passed a filename with 'fail' in it.
*/
@Override
- protected BlobCrypter loadCrypterFromFile(File file) throws IOException {
- if (file.getPath().contains("fail")) {
+ protected BlobCrypter loadCrypter(String file) throws IOException {
+ if (file.contains("fail")) {
throw new IOException("Load failed: " + file);
}
- return getBlobCrypter(file.getPath());
+ return getBlobCrypter(file);
}
}
Modified:
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java?rev=1157308&r1=1157307&r2=1157308&view=diff
==============================================================================
---
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java
(original)
+++
shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java
Sat Aug 13 01:45:57 2011
@@ -29,6 +29,7 @@ import com.google.common.collect.Lists;
import org.junit.Test;
+import java.io.FileNotFoundException;
import java.util.Collection;
import java.util.Collections;
import java.util.Map;
@@ -106,7 +107,7 @@ public class DefaultSecurityTokenCodecTe
fail("Should have thrown");
} catch (RuntimeException e) {
assertTrue("root cause should have been FileNotFoundException: " + e,
- e.getMessage().contains("FileNotFoundException: container key file:
somecontainer"));
+ e.getCause() instanceof FileNotFoundException);
}
}
}
