Author: bhofmann
Date: Wed Oct 19 20:40:37 2011
New Revision: 1186470
URL: http://svn.apache.org/viewvc?rev=1186470&view=rev
Log:
PHP: added proxied oauth2 implementation
Added:
shindig/trunk/php/src/gadgets/oauth/OAuth2Fetcher.php (with props)
Modified:
shindig/trunk/config/oauth.json
shindig/trunk/features/src/main/javascript/features/core.io/io.js
shindig/trunk/features/src/main/javascript/features/shindig.xhrwrapper/xhrwrapper.js
shindig/trunk/php/src/common/RemoteContentRequest.php
shindig/trunk/php/src/common/sample/BasicRemoteContent.php
shindig/trunk/php/src/gadgets/GadgetSpecParser.php
shindig/trunk/php/src/gadgets/MakeRequest.php
shindig/trunk/php/src/gadgets/MakeRequestOptions.php
shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php
shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
shindig/trunk/php/src/gadgets/oauth/OAuthService.php
shindig/trunk/php/src/gadgets/render/GadgetHtmlRenderer.php
shindig/trunk/php/src/gadgets/servlet/OAuthCallbackServlet.php
shindig/trunk/php/test/gadgets/FilesServletTest.php
shindig/trunk/php/test/gadgets/GadgetRenderingServletTest.php
shindig/trunk/php/test/social/JsonRpcServletTest.php
Modified: shindig/trunk/config/oauth.json
URL:
http://svn.apache.org/viewvc/shindig/trunk/config/oauth.json?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/config/oauth.json (original)
+++ shindig/trunk/config/oauth.json Wed Oct 19 20:40:37 2011
@@ -31,6 +31,13 @@
"consumer_secret" : "secret",
"key_type" : "HMAC_SYMMETRIC"
}
+ },
+ "http://localhost:8080/statusnet_gadget_2nd/statusnet_gadget.xml"; : {
+ "statusnet" : {
+ "consumer_key" : "71b454c797a58e8de5df33137e95cb8c",
+ "consumer_secret": "b6fb2e03e7017e25f43010efbb2b9595",
+ "key_type" : "HMAC_SYMETRIC"
+ }
}
}
Modified: shindig/trunk/features/src/main/javascript/features/core.io/io.js
URL:
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/core.io/io.js?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/features/src/main/javascript/features/core.io/io.js (original)
+++ shindig/trunk/features/src/main/javascript/features/core.io/io.js Wed Oct
19 20:40:37 2011
@@ -422,7 +422,7 @@ gadgets.io = function() {
// Just copy the OAuth parameters into the req to the server
for (var opt in params) {
if (params.hasOwnProperty(opt)) {
- if (opt.indexOf('OAUTH_') === 0) {
+ if (opt.indexOf('OAUTH_') === 0 || opt === 'code') {
paramData[opt] = params[opt];
}
}
Modified:
shindig/trunk/features/src/main/javascript/features/shindig.xhrwrapper/xhrwrapper.js
URL:
http://svn.apache.org/viewvc/shindig/trunk/features/src/main/javascript/features/shindig.xhrwrapper/xhrwrapper.js?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
---
shindig/trunk/features/src/main/javascript/features/shindig.xhrwrapper/xhrwrapper.js
(original)
+++
shindig/trunk/features/src/main/javascript/features/shindig.xhrwrapper/xhrwrapper.js
Wed Oct 19 20:40:37 2011
@@ -177,7 +177,7 @@ shindig.xhrwrapper = shindig.xhrwrapper
params[gadgets.io.RequestParameters.GET_FULL_HEADERS] = true;
params[gadgets.io.RequestParameters.POST_DATA] = opt_data;
if (this.config_['authorization']) {
- if (this.config_['authorization'] == 'oauth') {
+ if (this.config_['authorization'] == 'oauth' ||
this.config_['authorization'] == 'oauth2') {
params[gadgets.io.RequestParameters.AUTHORIZATION] =
gadgets.io.AuthorizationType.OAUTH;
params[gadgets.io.RequestParameters.OAUTH_SERVICE_NAME] =
this.config_['oauthService'];
if (this.config_['oauthTokenName']) {
Modified: shindig/trunk/php/src/common/RemoteContentRequest.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/common/RemoteContentRequest.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/common/RemoteContentRequest.php (original)
+++ shindig/trunk/php/src/common/RemoteContentRequest.php Wed Oct 19 20:40:37
2011
@@ -58,6 +58,7 @@ class RemoteContentRequest {
public static $AUTH_NONE = 'none';
public static $AUTH_SIGNED = 'signed';
public static $AUTH_OAUTH = 'oauth';
+ public static $AUTH_OAUTH2 = 'oauth2';
/**
* @var string
@@ -317,7 +318,7 @@ class RemoteContentRequest {
* - signed, sign the request with an oauth_signature
* - oauth, logges in to the remote oauth service and uses it as base for
signing the requests
*
- * @param string $type ('none', 'signed', 'oauth')
+ * @param string $type ('none', 'signed', 'oauth', 'oauth2')
*/
public function setAuthType($type) {
$this->authType = $type;
Modified: shindig/trunk/php/src/common/sample/BasicRemoteContent.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/common/sample/BasicRemoteContent.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/common/sample/BasicRemoteContent.php (original)
+++ shindig/trunk/php/src/common/sample/BasicRemoteContent.php Wed Oct 19
20:40:37 2011
@@ -219,11 +219,12 @@ class BasicRemoteContent extends RemoteC
$fetcher =
$this->signingFetcherFactory->getSigningFetcher($this->basicFetcher);
return $fetcher->fetchRequest($request);
case RemoteContentRequest::$AUTH_OAUTH:
+ case RemoteContentRequest::$AUTH_OAUTH2:
$params = $request->getOAuthRequestParams();
$token = $request->getToken();
$fetcher =
$this->signingFetcherFactory->getSigningFetcher($this->basicFetcher);
$oAuthFetcherFactory = new OAuthFetcherFactory($fetcher);
- $oauthFetcher = $oAuthFetcherFactory->getOAuthFetcher($fetcher,
$token, $params);
+ $oauthFetcher = $oAuthFetcherFactory->getOAuthFetcher($fetcher,
$token, $params, $request->getAuthType());
return $oauthFetcher->fetch($request);
default:
return $this->basicFetcher->fetchRequest($request);
Modified: shindig/trunk/php/src/gadgets/GadgetSpecParser.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/GadgetSpecParser.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/GadgetSpecParser.php (original)
+++ shindig/trunk/php/src/gadgets/GadgetSpecParser.php Wed Oct 19 20:40:37 2011
@@ -46,7 +46,7 @@ class GadgetSpecParser {
if (! $doc->loadXML($xmlContent, LIBXML_NOCDATA)) {
throw new GadgetSpecException("Error parsing gadget xml:\n" .
XmlError::getErrors($xmlContent));
}
-
+
//TODO: we could do a XSD schema validation here, but both the schema and
most of the gadgets seem to have some form of schema
// violatons, so it's not really practical yet (and slow)
// $doc->schemaValidate('gadget.xsd');
@@ -194,7 +194,7 @@ class GadgetSpecParser {
$gadget->specificationVersion = new OpenSocialVersion();
}
}
-
+
/**
* Parses the ModulePrefs section of the xml structure. The ModulePrefs
* section is required, so if it's missing or if there's 2 an
GadgetSpecException will be thrown.
@@ -236,7 +236,7 @@ class GadgetSpecParser {
$this->parseOAuth($modulePrefs, $gadget);
$this->parseContainerSpecific($modulePrefs, $gadget);
}
-
+
/**
* Parses optional container specific moduleprefs
* override if needed
@@ -245,7 +245,7 @@ class GadgetSpecParser {
* @param GadgetSpec $gadget
*/
protected function parseContainerSpecific(DOMElement &$modulePrefs,
GadgetSpec &$gadget) {
-
+
}
/**
@@ -331,7 +331,18 @@ class GadgetSpecParser {
* @param GadgetSpec $gadget
*/
private function parseOAuth(DOMElement &$modulePrefs, GadgetSpec &$gadget) {
- if (($oauthNodes = $modulePrefs->getElementsByTagName('OAuth')) != null) {
+ $this->parseOAuthNodes($modulePrefs->getElementsByTagName('OAuth'),
$gadget);
+ $this->parseOAuthNodes($modulePrefs->getElementsByTagName('OAuth2'),
$gadget);
+ }
+
+ /**
+ * parses the actual oauth or oauth2 DOM node
+ *
+ * @param DOMNodeList $oauthNodes
+ * @param GadgetSpec $gadget
+ */
+ private function parseOAuthNodes(DOMNodeList $oauthNodes, GadgetSpec
&$gadget) {
+ if ($oauthNodes != null) {
if ($oauthNodes->length > 1) {
throw new GadgetSpecException("A gadget can only have one OAuth
element (though multiple service entries are allowed in that one OAuth
element)");
}
Modified: shindig/trunk/php/src/gadgets/MakeRequest.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/MakeRequest.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/MakeRequest.php (original)
+++ shindig/trunk/php/src/gadgets/MakeRequest.php Wed Oct 19 20:40:37 2011
@@ -94,7 +94,7 @@ class MakeRequest {
public function fetch(GadgetContext $context, MakeRequestOptions $params) {
$signingFetcherFactory = $gadgetSigner = null;
- if ($params->getAuthz() == "SIGNED" || $params->getAuthz() == "OAUTH") {
+ if ($params->getAuthz() == "SIGNED" || $params->getAuthz() == "OAUTH" ||
$params->getAuthz() == "OAUTH2") {
$gadgetSigner = Config::get('security_token_signer');
$gadgetSigner = new $gadgetSigner();
$signingFetcherFactory = new
SigningFetcherFactory(Config::get("private_key_file"));
@@ -178,6 +178,10 @@ class MakeRequest {
$request->setAuthType(RemoteContentRequest::$AUTH_OAUTH);
$request->setOAuthRequestParams($params->getOAuthRequestParameters());
break;
+ case 'OAUTH2':
+ $request->setAuthType(RemoteContentRequest::$AUTH_OAUTH2);
+
$request->setOAuthRequestParams($params->getOAuthRequestParameters());
+ break;
}
$st = $params->getSecurityTokenString();
if ($st === false) {
Modified: shindig/trunk/php/src/gadgets/MakeRequestOptions.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/MakeRequestOptions.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/MakeRequestOptions.php (original)
+++ shindig/trunk/php/src/gadgets/MakeRequestOptions.php Wed Oct 19 20:40:37
2011
@@ -58,7 +58,7 @@ class MakeRequestOptions {
static $VALID_HTTP_METHODS = array('GET', 'PUT', 'POST', 'HEAD', 'DELETE');
static $VALID_OUTPUT_FORMATS = array('TEXT', 'JSON', 'FEED', 'DOM');
- static $VALID_AUTHZ = array('OAUTH', 'NONE', 'SIGNED');
+ static $VALID_AUTHZ = array('OAUTH', 'OAUTH2', 'NONE', 'SIGNED');
static $VALID_OAUTH_USE_TOKEN = array('NEVER', 'IF_AVAILABLE', 'ALWAYS');
private $href;
Modified: shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php (original)
+++ shindig/trunk/php/src/gadgets/oauth/GadgetOAuthTokenStore.php Wed Oct 19
20:40:37 2011
@@ -147,7 +147,7 @@ class GadgetOAuthTokenStore {
$message .= "Spec does not contain OAuth service '";
$message .= $serviceName;
$message .= "'. Known services: ";
- foreach ($services as $key => $value) {
+ foreach ($oauthSpec as $key => $value) {
$message .= "'";
$message .= $key;
$message .= "'";
@@ -157,25 +157,28 @@ class GadgetOAuthTokenStore {
}
$provider = new OAuthServiceProvider($service->getRequestUrl(),
$service->getAuthorizationUrl(), $service->getAccessUrl());
$httpMethod = null;
- switch ($service->getRequestUrl()->method) {
- case "GET":
- $httpMethod = OAuthStoreVars::$HttpMethod['GET'];
- break;
- case "POST":
- default:
- $httpMethod = OAuthStoreVars::$HttpMethod['POST'];
- break;
- }
$paramLocation = null;
- switch ($service->getRequestUrl()->location) {
- case OAuthStoreVars::$OAuthParamLocation['URI_QUERY']:
- case OAuthStoreVars::$OAuthParamLocation['POST_BODY']:
- case OAUthStoreVars::$OAuthParamLocation['AUTH_HEADER']:
- $paramLocation = $service->getRequestUrl()->location;
- break;
- default:
- $paramLocation = OAuthStoreVars::$OAuthParamLocation['AUTH_HEADER'];
- break;
+ if ($service->getRequestUrl()) {
+ switch ($service->getRequestUrl()->method) {
+ case "GET":
+ $httpMethod = OAuthStoreVars::$HttpMethod['GET'];
+ break;
+ case "POST":
+ default:
+ $httpMethod = OAuthStoreVars::$HttpMethod['POST'];
+ break;
+ }
+
+ switch ($service->getRequestUrl()->location) {
+ case OAuthStoreVars::$OAuthParamLocation['URI_QUERY']:
+ case OAuthStoreVars::$OAuthParamLocation['POST_BODY']:
+ case OAUthStoreVars::$OAuthParamLocation['AUTH_HEADER']:
+ $paramLocation = $service->getRequestUrl()->location;
+ break;
+ default:
+ $paramLocation = OAuthStoreVars::$OAuthParamLocation['AUTH_HEADER'];
+ break;
+ }
}
$provInfo = new ProviderInfo();
$provInfo->setHttpMethod($httpMethod);
Added: shindig/trunk/php/src/gadgets/oauth/OAuth2Fetcher.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/oauth/OAuth2Fetcher.php?rev=1186470&view=auto
==============================================================================
--- shindig/trunk/php/src/gadgets/oauth/OAuth2Fetcher.php (added)
+++ shindig/trunk/php/src/gadgets/oauth/OAuth2Fetcher.php Wed Oct 19 20:40:37
2011
@@ -0,0 +1,185 @@
+<?php
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+
+/**
+ * Implements the OAuth 2.0 dance for gadgets.
+ *
+ *
+ * This class is not thread-safe; create a new one for each request that
+ * requires OAuth signing.
+ */
+class OAuth2Fetcher extends OAuthFetcher {
+ /**
+ * @param RemoteContentRequest $request
+ * @return RemoteContentRequest
+ */
+ public function fetchRequest(RemoteContentRequest $request) {
+ $this->realRequest = $request;
+ $this->checkCanApprove();
+ if ($this->needApproval()) {
+ $this->buildAznUrl();
+ // break out of the content fetching chain, we need permission from
+ // the user to do this
+ return $this->buildOAuthApprovalResponse();
+ } elseif ($this->needAccessToken()) {
+ $this->getAccessToken($request);
+ $this->saveAccessToken();
+ $this->buildClientAccessState();
+ }
+ return $this->fetchData();
+ }
+
+ /**
+ * Do we need to get the user's approval to access the data?
+ *
+ * @return boolean
+ */
+ protected function needApproval() {
+ if ($this->accessorInfo == NULL) {
+ return true;
+ } else {
+ return ($this->accessorInfo->getAccessor()->accessToken == null && !
$this->requestParams->getReceivedCallback());
+ }
+ }
+
+ /**
+ * Do we need to exchange a request token for an access token?
+ *
+ * @return boolean
+ */
+ protected function needAccessToken() {
+ return ($this->accessorInfo->getAccessor()->accessToken == null &&
$this->requestParams->getReceivedCallback());
+ }
+
+ /**
+ * Get honest-to-goodness user data.
+ *
+ * @return RemoteContentRequest
+ */
+ protected function fetchData() {
+ try {
+ $headers = 'Authorization: Bearer ' .
$this->accessorInfo->getAccessor()->accessToken;
+ $this->realRequest->setHeaders($headers);
+ $remoteFetcherClass = Config::get('remote_content_fetcher');
+ $fetcher = new $remoteFetcherClass();
+ $content = $fetcher->fetchRequest($this->realRequest);
+ $statusCode = $content->getHttpCode();
+ //TODO is there a better way to detect an SP error? For example:
http://wiki.oauth.net/ProblemReporting
+ if ($statusCode == 401) {
+ $tokenKey = $this->buildTokenKey();
+ $this->tokenStore->removeTokenAndSecret($tokenKey);
+ } else if ($statusCode >= 400 && $statusCode < 500) {
+ $message = $this->parseAuthHeader(null, $content);
+ if ($message->get_parameter(ShindigOAuth::$OAUTH_PROBLEM) != null) {
+ throw new ShindigOAuthProtocolException($message);
+ }
+ }
+ // Track metadata on the response
+ $this->addResponseMetadata($content);
+ return $content;
+ } catch (Exception $e) {
+ throw new GadgetException("INTERNAL SERVER ERROR: " . $e);
+ }
+ }
+
+ /**
+ * Builds the URL the client needs to visit to approve access.
+ */
+ protected function buildAznUrl() {
+ // At some point we can be clever and use a callback URL to improve
+ // the user experience, but that's too complex for now.
+ $accessor = $this->accessorInfo->getAccessor();
+ $azn = $accessor->consumer->callback_url->userAuthorizationURL;
+ $authUrl = $azn->url;
+ if (strstr($authUrl, "?") == FALSE) {
+ $authUrl .= "?";
+ } else {
+ $authUrl .= "&";
+ }
+ $authUrl .= "client_id=";
+ $authUrl .= urlencode($accessor->consumer->key);
+ $authUrl .= '&response_type=code';
+ $callbackState = new OAuthCallbackState($this->oauthCrypter);
+ $callbackUrl = "http://"; . getenv('HTTP_HOST') . "/gadgets/oauthcallback";
+ $callbackState->setRealCallbackUrl($callbackUrl);
+ $state = $callbackState->getEncryptedState();
+ $authUrl .= "&state=" . urlencode($state);
+ $this->aznUrl = $authUrl;
+ }
+
+ /**
+ *
+ * @param RemoteContentRequest $request
+ * @throws GadgetException
+ */
+ protected function getAccessToken(RemoteContentRequest $request) {
+ try {
+ $accessor = $this->accessorInfo->getAccessor();
+ $url = $accessor->consumer->callback_url->accessTokenURL;
+ $msgParams = array();
+ $callbackUrl = $this->requestParams->getReceivedCallback();
+ if (strlen($callbackUrl) > 0) {
+ $parsed_url = parse_url($callbackUrl);
+ parse_str($parsed_url["query"], $url_params);
+ $this->handleErrorResponse($url_params);
+ if (strlen($url_params["code"])) {
+ $msgParams['code'] = $url_params["code"];
+ $msgParams['grant_type'] = 'authorization_code';
+ } else {
+ throw new GadgetException("Invalid received callback URL:
".$callbackUrl);
+ }
+ }
+ $msgParams['client_id'] = urlencode($accessor->consumer->key);
+ $msgParams['client_secret'] = urlencode($accessor->consumer->secret);
+ $msgParams['redirect_uri'] = "http://"; . getenv('HTTP_HOST') .
"/gadgets/oauthcallback";
+
+ $request = new RemoteContentRequest($url->url);
+ $request->setMethod('POST');
+ $request->setPostBody($msgParams);
+
+ $remoteFetcherClass = Config::get('remote_content_fetcher');
+ $fetcher = new $remoteFetcherClass();
+ $content = $fetcher->fetchRequest($request);
+ $responseObject = json_decode($content->getResponseContent(), true);
+ $this->handleErrorResponse($responseObject);
+ if (! isset($responseObject['access_token'])) {
+ throw new GadgetException("invalid access token response");
+ }
+
+ $accessor->accessToken = $responseObject['access_token'];
+ } catch (Exception $e) {
+ // It's unfortunate the OAuth libraries throw a generic Exception.
+ throw new GadgetException("INTERNAL SERVER ERROR: " . $e);
+ }
+ }
+
+ /**
+ *
+ * @param array $parameters
+ */
+ protected function handleErrorResponse(array $parameters) {
+ if (isset($parameters['error'])) {
+ throw new GadgetException('Received OAuth error ' . $parameters['error']
.
+ (isset($parameters['error_description']) ? ' ' .
$parameters['error_description'] : '') .
+ (isset($parameters['error_uri']) ? ' see: ' .
$parameters['error_uri'] : ''));
+ }
+ }
+}
\ No newline at end of file
Propchange: shindig/trunk/php/src/gadgets/oauth/OAuth2Fetcher.php
------------------------------------------------------------------------------
svn:keywords = Id
Modified: shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php (original)
+++ shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php Wed Oct 19 20:40:37
2011
@@ -34,11 +34,11 @@ class OAuthFetcher extends RemoteContent
// We store some blobs of data on the client for later reuse; the blobs
// contain key/value pairs, and these are the key names.
- private static $REQ_TOKEN_KEY = "r";
- private static $REQ_TOKEN_SECRET_KEY = "rs";
- private static $ACCESS_TOKEN_KEY = "a";
- private static $ACCESS_TOKEN_SECRET_KEY = "as";
- private static $OWNER_KEY = "o";
+ protected static $REQ_TOKEN_KEY = "r";
+ protected static $REQ_TOKEN_SECRET_KEY = "rs";
+ protected static $ACCESS_TOKEN_KEY = "a";
+ protected static $ACCESS_TOKEN_SECRET_KEY = "as";
+ protected static $OWNER_KEY = "o";
// names for the JSON values we return to the client
public static $CLIENT_STATE = "oauthState";
@@ -52,13 +52,13 @@ class OAuthFetcher extends RemoteContent
/**
* @var RemoteContentFetcher
*/
- private $fetcher;
+ protected $fetcher;
/**
* Maximum age for our client state; if this is exceeded we start over. One
* hour is a fairly arbitrary time limit here.
*/
- private static $CLIENT_STATE_MAX_AGE_SECS = 3600;
+ protected static $CLIENT_STATE_MAX_AGE_SECS = 3600;
/**
* The gadget security token, with info about owner/viewer/gadget.
@@ -82,51 +82,51 @@ class OAuthFetcher extends RemoteContent
* those URLs.
* @var AccesorInfo
*/
- private $accessorInfo;
+ protected $accessorInfo;
/**
* We use this to encrypt and sign the state we cache on the client.
*/
- private $oauthCrypter;
+ protected $oauthCrypter;
/**
* State the client sent with their request.
*/
- private $origClientState = array();
+ protected $origClientState = array();
/**
* The request the client really wants to make.
* @var RemoteContentRequest
*/
- private $realRequest;
+ protected $realRequest;
/**
* State to cache on the client.
*/
- private $newClientState;
+ protected $newClientState;
/**
* Authorization URL for the client
*/
- private $aznUrl;
+ protected $aznUrl;
/**
* Error code for the client
*/
- private $error;
+ protected $error;
/**
* Error text for the client
*/
- private $errorText;
+ protected $errorText;
/**
* Whether or not we're supposed to ignore the spec cache when referring
* to the gadget spec for information (e.g. OAuth URLs).
*/
- private $bypassSpecCache;
+ protected $bypassSpecCache;
- private $responseMetadata = array();
+ protected $responseMetadata = array();
/**
*
@@ -165,7 +165,7 @@ class OAuthFetcher extends RemoteContent
* @param Exception $e
* @return RemoteContentRequest
*/
- private function buildErrorResponse(Exception $e) {
+ protected function buildErrorResponse(Exception $e) {
if ($this->error == null) {
$this->error = OAuthError::$UNKNOWN_PROBLEM;
}
@@ -183,7 +183,7 @@ class OAuthFetcher extends RemoteContent
/**
* @return RemoteContentRequest
*/
- private function buildNonDataResponse() {
+ protected function buildNonDataResponse() {
$response = new RemoteContentRequest($this->realRequest->getUrl());
$this->addResponseMetadata($response);
self::setStrictNoCache($response);
@@ -219,7 +219,7 @@ class OAuthFetcher extends RemoteContent
*
* @return TokenKey
*/
- private function buildTokenKey() {
+ protected function buildTokenKey() {
$tokenKey = new TokenKey();
// need to URLDecode so when comparing with the ProviderKey it goes thought
$tokenKey->setGadgetUri(urldecode($this->authToken->getAppUrl()));
@@ -281,7 +281,7 @@ class OAuthFetcher extends RemoteContent
*
* @return RemoteContentRequest
*/
- private function buildOAuthApprovalResponse() {
+ protected function buildOAuthApprovalResponse() {
return $this->buildNonDataResponse();
}
@@ -290,7 +290,7 @@ class OAuthFetcher extends RemoteContent
*
* @return boolean
*/
- private function needApproval() {
+ protected function needApproval() {
if ($this->accessorInfo == NULL) {
return true;
} else {
@@ -304,7 +304,7 @@ class OAuthFetcher extends RemoteContent
*
* @throws GadgetException
*/
- private function checkCanApprove() {
+ protected function checkCanApprove() {
$pageOwner = $this->authToken->getOwnerId();
$pageViewer = $this->authToken->getViewerId();
$stateOwner = @$this->origClientState[self::$OWNER_KEY];
@@ -324,7 +324,7 @@ class OAuthFetcher extends RemoteContent
* @param RemoteContentRequest $request
* @throws GadgetException
*/
- private function fetchRequestToken(RemoteContentRequest $request) {
+ protected function fetchRequestToken(RemoteContentRequest $request) {
try {
$accessor = $this->accessorInfo->getAccessor();
//TODO The implementations of oauth differs from the one in JAVA. Fix
the type OAuthMessage
@@ -334,8 +334,8 @@ class OAuthFetcher extends RemoteContent
$callbackState = new OAuthCallbackState($this->oauthCrypter);
$callbackUrl = "http://"; . getenv('HTTP_HOST') .
"/gadgets/oauthcallback";
$callbackState->setRealCallbackUrl($callbackUrl);
- $cs = $callbackState->getEncryptedState();
- $msgParams[self::$OAUTH_CALLBACK] = $callbackUrl . "?cs=" .
urlencode($cs);
+ $state = $callbackState->getEncryptedState();
+ $msgParams[self::$OAUTH_CALLBACK] = $callbackUrl . "?state=" .
urlencode($state);
$request = $this->newRequestMessageParams($url->url, $msgParams);
$reply = $this->sendOAuthMessage($request);
$reply->requireParameters(array(ShindigOAuth::$OAUTH_TOKEN,
@@ -354,7 +354,7 @@ class OAuthFetcher extends RemoteContent
* @param $params
* @return ShindigOAuthRequest
*/
- private function newRequestMessageMethod($method, $url, $params) {
+ protected function newRequestMessageMethod($method, $url, $params) {
if (! isset($params)) {
throw new Exception("params was null in " . "newRequestMessage " . "Use
newRequesMessage if you don't have a params to pass");
}
@@ -379,7 +379,7 @@ class OAuthFetcher extends RemoteContent
* @param string $url
* @return ShindigOAuthRequest
*/
- private function newRequestMessageUrlOnly($url) {
+ protected function newRequestMessageUrlOnly($url) {
$params = array();
return $this->newRequestMessageParams($url, $params);
}
@@ -389,7 +389,7 @@ class OAuthFetcher extends RemoteContent
* @param string $params
* @return ShindigOAuthRequest
*/
- private function newRequestMessageParams($url, $params) {
+ protected function newRequestMessageParams($url, $params) {
$method = "POST";
if ($this->accessorInfo->getHttpMethod() ==
OAuthStoreVars::$HttpMethod['GET']) {
$method = "GET";
@@ -404,7 +404,7 @@ class OAuthFetcher extends RemoteContent
* @param array $params
* @return ShindigOAuthRequest
*/
- private function newRequestMessage($url = null, $method = null, $params =
null) {
+ protected function newRequestMessage($url = null, $method = null, $params =
null) {
if (isset($method) && isset($url) && isset($params)) {
return $this->newRequestMessageMethod($method, $url, $params);
} else if (isset($url) && isset($params)) {
@@ -419,7 +419,7 @@ class OAuthFetcher extends RemoteContent
* @param array $oauthParams
* @return string
*/
- private function getAuthorizationHeader($oauthParams) {
+ protected function getAuthorizationHeader($oauthParams) {
$result = "OAuth ";
$first = true;
foreach ($oauthParams as $key => $val) {
@@ -443,7 +443,7 @@ class OAuthFetcher extends RemoteContent
* @param Options $options
* @return RemoteContentRequest
*/
- private function createRemoteContentRequest($oauthParams, $method, $url,
$headers, $contentType, $postBody, $options) {
+ protected function createRemoteContentRequest($oauthParams, $method, $url,
$headers, $contentType, $postBody, $options) {
$paramLocation = $this->accessorInfo->getParamLocation();
$newHeaders = array();
// paramLocation could be overriden by a run-time parameter to fetchRequest
@@ -484,7 +484,7 @@ class OAuthFetcher extends RemoteContent
* @param ShindigOAuthRequest $request
* @return ShindigOAuthRequest
*/
- private function sendOAuthMessage(ShindigOAuthRequest $request) {
+ protected function sendOAuthMessage(ShindigOAuthRequest $request) {
$rcr =
$this->createRemoteContentRequest($this->filterOAuthParams($request),
$request->get_normalized_http_method(), $request->get_url(), null,
RemoteContentRequest::$DEFAULT_CONTENT_TYPE, null,
RemoteContentRequest::getDefaultOptions());
$rcr->setToken($this->authToken);
@@ -502,7 +502,7 @@ class OAuthFetcher extends RemoteContent
*
* @throws GadgetException
*/
- private function buildClientApprovalState() {
+ protected function buildClientApprovalState() {
try {
$accessor = $this->accessorInfo->getAccessor();
$oauthState = array();
@@ -518,7 +518,7 @@ class OAuthFetcher extends RemoteContent
/**
* Builds the URL the client needs to visit to approve access.
*/
- private function buildAznUrl() {
+ protected function buildAznUrl() {
// At some point we can be clever and use a callback URL to improve
// the user experience, but that's too complex for now.
$accessor = $this->accessorInfo->getAccessor();
@@ -540,7 +540,7 @@ class OAuthFetcher extends RemoteContent
*
* @return boolean
*/
- private function needAccessToken() {
+ protected function needAccessToken() {
return ($this->accessorInfo->getAccessor()->requestToken != null &&
$this->accessorInfo->getAccessor()->accessToken == null);
}
@@ -550,7 +550,7 @@ class OAuthFetcher extends RemoteContent
* @param RemoteContentRequest $request
* @throws GadgetException
*/
- private function exchangeRequestToken(RemoteContentRequest $request) {
+ protected function exchangeRequestToken(RemoteContentRequest $request) {
try {
$accessor = $this->accessorInfo->getAccessor();
$url = $accessor->consumer->callback_url->accessTokenURL;
@@ -586,7 +586,7 @@ class OAuthFetcher extends RemoteContent
*
* @throws GadgetException
*/
- private function saveAccessToken() {
+ protected function saveAccessToken() {
$accessor = $this->accessorInfo->getAccessor();
$tokenKey = $this->buildTokenKey();
$tokenInfo = new TokenInfo($accessor->accessToken, $accessor->tokenSecret);
@@ -598,7 +598,7 @@ class OAuthFetcher extends RemoteContent
*
* @throws GadgetException
*/
- private function buildClientAccessState() {
+ protected function buildClientAccessState() {
try {
$oauthState = array();
$accessor = $this->accessorInfo->getAccessor();
@@ -616,7 +616,7 @@ class OAuthFetcher extends RemoteContent
*
* @return RemoteContentRequest
*/
- private function fetchData() {
+ protected function fetchData() {
try {
// TODO: it'd be better using $this->realRequest->getContentType(), but
not set before hand. Temporary hack.
$postBody = $this->realRequest->getPostBody();
@@ -685,7 +685,7 @@ class OAuthFetcher extends RemoteContent
* @param RemoteContentRequest $resp
* @return string the updated message.
*/
- private function parseAuthHeader(ShindigOAuthRequest $msg = null,
RemoteContentRequest $resp) {
+ protected function parseAuthHeader(ShindigOAuthRequest $msg = null,
RemoteContentRequest $resp) {
if ($msg == null) {
$msg = ShindigOAuthRequest::from_request();
}
@@ -713,7 +713,7 @@ class OAuthFetcher extends RemoteContent
*
* @throws IOException
*/
- private function filterOAuthParams($message) {
+ protected function filterOAuthParams($message) {
$result = array();
foreach ($message->get_parameters() as $key => $value) {
if (preg_match('/^(oauth|xoauth|opensocial)/', strtolower($key))) {
@@ -764,7 +764,7 @@ class OAuthFetcher extends RemoteContent
* @param array $params
* @param SecurityToken $token
*/
- private static function addIdentityParams(array & $params, SecurityToken
$token) {
+ protected static function addIdentityParams(array & $params, SecurityToken
$token) {
$params['opensocial_owner_id'] = $token->getOwnerId();
$params['opensocial_viewer_id'] = $token->getViewerId();
$params['opensocial_app_id'] = $token->getAppId();
@@ -775,7 +775,7 @@ class OAuthFetcher extends RemoteContent
*
* @param RemoteContentRequest $response
*/
- private static function setStrictNoCache(RemoteContentRequest $response) {
+ protected static function setStrictNoCache(RemoteContentRequest $response) {
$response->setResponseHeader('Pragma', 'no-cache');
$response->setResponseHeader('Cache-Control', 'no-cache');
}
Modified: shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php (original)
+++ shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php Wed Oct 19
20:40:37 2011
@@ -88,10 +88,19 @@ class OAuthFetcherFactory {
* @param RemoteContentFetcher $fetcher The fetcher that will fetch real
content
* @param SecurityToken $token The gadget token used to identity the user
and gadget
* @param OAuthRequestParams $params The parsed parameters the gadget
requested
+ * @param string $authType the oauth auth type to use, either "oauth" or
"oauth2"
* @return OAuthFetcher
* @throws GadgetException
*/
- public function getOAuthFetcher(RemoteContentFetcher $fetcher, SecurityToken
$token, OAuthRequestParams $params) {
+ public function getOAuthFetcher(RemoteContentFetcher $fetcher, SecurityToken
$token, OAuthRequestParams $params, $authType) {
+ switch ($authType) {
+ case RemoteContentRequest::$AUTH_OAUTH:
return new OAuthFetcher($this->tokenStore, $this->oauthCrypter, $fetcher,
$token, $params);
+ break;
+ case RemoteContentRequest::$AUTH_OAUTH2:
+ return new OAuth2Fetcher($this->tokenStore, $this->oauthCrypter,
$fetcher, $token, $params);
+ break;
+ }
+ throw new Exception('invalid oauth authType ' . $authType);
}
}
Modified: shindig/trunk/php/src/gadgets/oauth/OAuthService.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/oauth/OAuthService.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/oauth/OAuthService.php (original)
+++ shindig/trunk/php/src/gadgets/oauth/OAuthService.php Wed Oct 19 20:40:37
2011
@@ -19,10 +19,13 @@
*/
/**
- * The OAuth service located in the gadget xml inside ModulePrefs -> OAuth.
+ * The OAuth service located in the gadget xml inside ModulePrefs -> OAuth or
ModulePrefs -> OAuth2.
+ *
+ * Since OAuth and OAuth2 implementation are similar we are using the same
OAuthService for both implementations
+ * as well for now. The only difference is, that OAuth2 services don't need an
request token endpoint
**/
class OAuthService {
-
+
private static $URL_ATTR = "url";
private static $PARAM_LOCATION_ATTR = "param_location";
private static $METHOD_ATTR = "method";
@@ -31,17 +34,17 @@ class OAuthService {
* @var string
*/
private $name;
-
+
/**
* @var string EndPoint
*/
private $requestUrl;
-
+
/**
* @var string EndPoint
*/
private $authorizationUrl;
-
+
/**
* @var string EndPoint
*/
@@ -67,31 +70,28 @@ class OAuthService {
throw new SpecParserException("Multiple OAuth/Service/Authorization
elements");
}
$this->authorizationUrl = $this->parseEndPoint($element);
- } else if ($type == 'Access') {
+ } else if ($type == 'Access' || $type == 'Token') {
if ($this->accessUrl) {
throw new SpecParserException("Multiple OAuth/Service/Access
elements");
}
$this->accessUrl = $this->parseEndPoint($element);
}
}
- if ($this->requestUrl == null) {
- throw new SpecParserException("/OAuth/Service/Request is required");
- }
if ($this->accessUrl == null) {
throw new SpecParserException("/OAuth/Service/Access is required");
}
if ($this->authorizationUrl == null) {
throw new SpecParserException("/OAuth/Service/Authorization is
required");
}
- if ($this->requestUrl->location != $this->accessUrl->location) {
+ if ($this->requestUrl && $this->requestUrl->location !=
$this->accessUrl->location) {
throw new SpecParserException(
"Access@location must be identical to Request@location");
}
- if ($this->requestUrl->method != $this->accessUrl->method) {
+ if ($this->requestUrl && $this->requestUrl->method !=
$this->accessUrl->method) {
throw new SpecParserException(
"Access@method must be identical to Request@method");
}
- if ($this->requestUrl->location == Location::$body &&
+ if ($this->requestUrl && $this->requestUrl->location == Location::$body &&
$this->requestUrl->method == Method::$GET) {
throw new SpecParserException("Incompatible parameter location, cannot" +
"use post-body with GET requests");
@@ -199,3 +199,8 @@ class EndPoint {
$this->location = $location;
}
}
+
+class SpecParserException extends Exception
+{
+
+}
\ No newline at end of file
Modified: shindig/trunk/php/src/gadgets/render/GadgetHtmlRenderer.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/render/GadgetHtmlRenderer.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/render/GadgetHtmlRenderer.php (original)
+++ shindig/trunk/php/src/gadgets/render/GadgetHtmlRenderer.php Wed Oct 19
20:40:37 2011
@@ -39,22 +39,22 @@ class GadgetHtmlRenderer extends GadgetB
header("P3P: " . Config::get('P3P'));
}
$content = '';
-
+
// Set no doctype if quirks mode is requestet because of quirks or doctype
attribute
if ((isset($view['quirks']) && $view['quirks']) ||
$gadget->useQuirksMode()) {
} else {
- // Override & insert DocType if Gadget is written for OpenSocial 2.0 or
greater,
- // if quirksmode is not set
- $version20 = new OpenSocialVersion('2.0.0');
+ // Override & insert DocType if Gadget is written for OpenSocial 2.0 or
greater,
+ // if quirksmode is not set
+ $version20 = new OpenSocialVersion('2.0.0');
if ($gadget->getDoctype()) {
- $content .= "<!DOCTYPE ' . $gadget->getDoctype() . '>\n";
+ $content .= "<!DOCTYPE " . $gadget->getDoctype() . "\n";
} else if
($gadget->getSpecificationVersion()->isEqualOrGreaterThan($version20)) {
- $content .= "<!DOCTYPE HTML>\n";
+ $content .= "<!DOCTYPE HTML>\n";
} else { // prior to 2.0 the php version always set this doc type, when
no quirks attribute was specified
$content .= "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"
\"http://www.w3.org/TR/html4/strict.dtd\";>\n";
}
}
-
+
// Rewriting the gadget's content using the libxml library does impose
some restrictions to the validity of the input html, so
// for the time being (until either gadgets are all fixed, or we find a
more tolerant html parsing lib), we try to avoid it when we can
$domRewrite = false;
Modified: shindig/trunk/php/src/gadgets/servlet/OAuthCallbackServlet.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/src/gadgets/servlet/OAuthCallbackServlet.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/src/gadgets/servlet/OAuthCallbackServlet.php (original)
+++ shindig/trunk/php/src/gadgets/servlet/OAuthCallbackServlet.php Wed Oct 19
20:40:37 2011
@@ -22,21 +22,22 @@ require_once 'src/gadgets/oauth/OAuthCal
class OAuthCallbackServlet extends HttpServlet {
public function doGet() {
- $cs = isset($_GET["cs"]) ? $_GET["cs"] : "";
+ $state = isset($_GET["state"]) ? $_GET["state"] : "";
$token = isset($_GET["oauth_token"]) ? $_GET["oauth_token"] : "";
$verifier = isset($_GET["oauth_verifier"]) ? $_GET["oauth_verifier"] : "";
- if (strlen($cs) > 0) {
+ $code = isset($_GET["code"]) ? $_GET["code"] : "";
+ if (strlen($state) > 0) {
$BBC = new BasicBlobCrypter();
$crypter = new BasicBlobCrypter(srand($BBC->MASTER_KEY_MIN_LEN));
- $clientState = new OAuthCallbackState($crypter, $cs);
+ $clientState = new OAuthCallbackState($crypter, $state);
$url = $clientState->getRealCallbackUrl();
$callbackUrl = "http://"; . $_SERVER['HTTP_HOST'] .
"/gadgets/oauthcallback";
if ($url = $callbackUrl) {
- unset($_GET['cs']);
+ unset($_GET['state']);
header('Location: '.$callbackUrl.'?'.http_build_query($_GET));
exit;
}
- } else if (strlen($token) > 0 && strlen($cs) == 0 ) {
+ } else if ((strlen($token) > 0 || strlen($code) > 0) && strlen($state) ==
0 ) {
$this->setCacheTime(3600);
echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\" "
.
"\"http://www.w3.org/TR/html4/loose.dtd\";>" .
Modified: shindig/trunk/php/test/gadgets/FilesServletTest.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/test/gadgets/FilesServletTest.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/test/gadgets/FilesServletTest.php (original)
+++ shindig/trunk/php/test/gadgets/FilesServletTest.php Wed Oct 19 20:40:37 2011
@@ -20,6 +20,7 @@
class MockResourcesFilesServlet extends ResourcesFilesServlet
{
+ public $noHeaders = true;
public $uri;
protected function getRequestUri() {
@@ -29,6 +30,7 @@ class MockResourcesFilesServlet extends
class MockContentFilesServlet extends ContentFilesServlet
{
+ public $noHeaders = true;
public $uri;
protected function getRequestUri() {
@@ -38,17 +40,12 @@ class MockContentFilesServlet extends Co
class FilesServletTest extends PHPUnit_Framework_TestCase
{
- public function tearDown() {
- ob_end_clean();
- }
-
public function testResources() {
$servlet = new MockResourcesFilesServlet();
$servlet->uri = 'com/google/caja/plugin/domita-minified.js';
ob_start();
$servlet->doGet();
- $servletContent = ob_get_contents();
- ob_end_clean();
+ $servletContent = ob_get_clean();
$fileContent = file_get_contents(Config::get('resources_path') .
$servlet->uri);
$this->assertEquals($fileContent, $servletContent);
}
@@ -58,8 +55,7 @@ class FilesServletTest extends PHPUnit_F
$servlet->uri = 'container/rpc_relay.html';
ob_start();
$servlet->doGet();
- $servletContent = ob_get_contents();
- ob_end_clean();
+ $servletContent = ob_get_clean();
$fileContent = file_get_contents(Config::get('javascript_path') .
$servlet->uri);
$this->assertEquals($fileContent, $servletContent);
}
@@ -69,8 +65,7 @@ class FilesServletTest extends PHPUnit_F
$servlet->uri = 'container/gadgets.css';
ob_start();
$servlet->doGet();
- $servletContent = ob_get_contents();
- ob_end_clean();
+ $servletContent = ob_get_clean();
$fileContent = file_get_contents(Config::get('javascript_path') .
$servlet->uri);
$this->assertEquals($fileContent, $servletContent);
}
@@ -80,8 +75,7 @@ class FilesServletTest extends PHPUnit_F
$servlet->uri = 'container/Bridge.swf';
ob_start();
$servlet->doGet();
- $servletContent = ob_get_contents();
- ob_end_clean();
+ $servletContent = ob_get_clean();
$fileContent = file_get_contents(Config::get('javascript_path') .
$servlet->uri);
$this->assertEquals($fileContent, $servletContent);
}
@@ -91,8 +85,7 @@ class FilesServletTest extends PHPUnit_F
$servlet->uri = 'samplecontainer/examples/new.gif';
ob_start();
$servlet->doGet();
- $servletContent = ob_get_contents();
- ob_end_clean();
+ $servletContent = ob_get_clean();
$fileContent = file_get_contents(Config::get('javascript_path') .
$servlet->uri);
$this->assertEquals($fileContent, $servletContent);
}
@@ -102,8 +95,7 @@ class FilesServletTest extends PHPUnit_F
$servlet->uri = 'samplecontainer/examples/icon.png';
ob_start();
$servlet->doGet();
- $servletContent = ob_get_contents();
- ob_end_clean();
+ $servletContent = ob_get_clean();
$fileContent = file_get_contents(Config::get('javascript_path') .
$servlet->uri);
$this->assertEquals($fileContent, $servletContent);
}
Modified: shindig/trunk/php/test/gadgets/GadgetRenderingServletTest.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/test/gadgets/GadgetRenderingServletTest.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/test/gadgets/GadgetRenderingServletTest.php (original)
+++ shindig/trunk/php/test/gadgets/GadgetRenderingServletTest.php Wed Oct 19
20:40:37 2011
@@ -21,7 +21,7 @@
class GadgetRenderingServletTest extends PHPUnit_Framework_TestCase {
public function testCheckConstraints() {
$servlet = new GadgetRenderingServlet();
- ob_end_flush();
+ $servlet->noHeaders = true;
$constraints = array('type' => 'HTML', 'href' => false);
Modified: shindig/trunk/php/test/social/JsonRpcServletTest.php
URL:
http://svn.apache.org/viewvc/shindig/trunk/php/test/social/JsonRpcServletTest.php?rev=1186470&r1=1186469&r2=1186470&view=diff
==============================================================================
--- shindig/trunk/php/test/social/JsonRpcServletTest.php (original)
+++ shindig/trunk/php/test/social/JsonRpcServletTest.php Wed Oct 19 20:40:37
2011
@@ -23,7 +23,7 @@ class JsonRpcServletTest extends PHPUnit
public function testParseRPCGetParameters()
{
$servlet = new JsonRpcServlet();
-
+ $servlet->noHeaders = true;
$parameters =
'oauth_token=abcdef&method=people.get&id=req¶ms.userId=@me¶ms.groupId=@self&field=1,2,3&fieldtwo(0).nested1=value1&fieldtwo(1).nested2.blub(0)=value2&fieldtwo(1).nested3=value3&f.a.c=foo&f.a.d=bar';
$result = $servlet->parseGetRequest($parameters);
@@ -65,7 +65,7 @@ class JsonRpcServletTest extends PHPUnit
public function testParseRPCGetWithEmptyParameters()
{
$servlet = new JsonRpcServlet();
-
+ $servlet->noHeaders = true;
$result = $servlet->parseGetRequest('');
$this->assertEquals(array(), $result);
