Author: rbaxter85
Date: Thu Jun 14 13:33:07 2012
New Revision: 1350234
URL: http://svn.apache.org/viewvc?rev=1350234&view=rev
Log:
SHINDIG-1799
Committed for Brian Lillie
Pass token on listMethods to enable allowUnauthenticated=false
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
Modified:
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java?rev=1350234&r1=1350233&r2=1350234&view=diff
==============================================================================
---
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
(original)
+++
shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
Thu Jun 14 13:33:07 2012
@@ -163,7 +163,7 @@ public class BlobCrypterSecurityTokenCod
public String encodeToken(SecurityToken token) throws SecurityTokenException
{
if (!token.getAuthenticationMode().equals(
AuthenticationMode.SECURITY_TOKEN_URL_PARAMETER.name())) {
- throw new SecurityTokenException("Can only encode
BlogCrypterSecurityTokens");
+ throw new SecurityTokenException("Can only encode
BlobCrypterSecurityTokens");
}
// Test code sends in real AbstractTokens, they have modified time sources
in them so
Modified:
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
URL:
http://svn.apache.org/viewvc/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java?rev=1350234&r1=1350233&r2=1350234&view=diff
==============================================================================
---
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
(original)
+++
shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/render/DefaultServiceFetcher.java
Thu Jun 14 13:33:07 2012
@@ -19,12 +19,17 @@
package org.apache.shindig.gadgets.render;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.logging.Level;
-import java.util.logging.Logger;
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableMultimap;
+import com.google.common.collect.ImmutableSet;
+import com.google.common.collect.LinkedHashMultimap;
+import com.google.common.collect.Multimap;
+import com.google.inject.Inject;
+import org.apache.shindig.auth.AnonymousSecurityToken;
+import org.apache.shindig.auth.SecurityToken;
+import org.apache.shindig.auth.SecurityTokenCodec;
+import org.apache.shindig.auth.SecurityTokenException;
import org.apache.shindig.common.logging.i18n.MessageKeys;
import org.apache.shindig.common.servlet.Authority;
import org.apache.shindig.common.uri.Uri;
@@ -33,16 +38,16 @@ import org.apache.shindig.gadgets.Gadget
import org.apache.shindig.gadgets.http.HttpFetcher;
import org.apache.shindig.gadgets.http.HttpRequest;
import org.apache.shindig.gadgets.http.HttpResponse;
+
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
-import com.google.common.collect.ImmutableList;
-import com.google.common.collect.ImmutableMultimap;
-import com.google.common.collect.ImmutableSet;
-import com.google.common.collect.LinkedHashMultimap;
-import com.google.common.collect.Multimap;
-import com.google.inject.Inject;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
/**
* Retrieves the rpc services for a container by fetching them from the
container's
@@ -72,6 +77,7 @@ public class DefaultServiceFetcher {
private final HttpFetcher fetcher;
private Authority authority;
+ private SecurityTokenCodec codec;
/** @param config Container Config for looking up endpoints */
@Inject
@@ -85,6 +91,11 @@ public class DefaultServiceFetcher {
this.authority = authority;
}
+ @Inject(optional = true)
+ public void setSecurityTokenCodec(SecurityTokenCodec codec) {
+ this.codec = codec;
+ }
+
/**
* Returns the services, keyed by endpoint for the given container.
*
@@ -133,9 +144,16 @@ public class DefaultServiceFetcher {
}
private Set<String> retrieveServices(String endpoint) {
- Uri url = Uri.parse(endpoint + "?method=" + SYSTEM_LIST_METHODS_METHOD);
- HttpRequest request = new HttpRequest(url).setInternalRequest(true);
try {
+ StringBuilder sb = new StringBuilder( 250 );
+ sb.append(endpoint).append( "?method=" + SYSTEM_LIST_METHODS_METHOD );
+ if (codec != null) {
+ SecurityToken token = new AnonymousSecurityToken( "default", 0L,
AnonymousSecurityToken.ANONYMOUS_ID, -1L );
+ sb.append( "&st=" ).append( codec.encodeToken( token ));
+ }
+ Uri url = Uri.parse(sb.toString());
+ HttpRequest request = new HttpRequest(url).setInternalRequest(true);
+
HttpResponse response = fetcher.fetch(request);
if (response.getHttpStatusCode() == HttpResponse.SC_OK) {
return getServicesFromJsonResponse(response.getResponseAsString());
@@ -144,6 +162,10 @@ public class DefaultServiceFetcher {
LOG.logp(Level.SEVERE, classname, "retrieveServices",
MessageKeys.HTTP_ERROR_FETCHING, new Object[]
{response.getHttpStatusCode(),endpoint});
}
}
+ } catch (SecurityTokenException se) {
+ if (LOG.isLoggable(Level.SEVERE)) {
+ LOG.logp(Level.SEVERE, classname, "retrieveServices",
MessageKeys.FAILED_TO_FETCH_SERVICE, new Object[] {endpoint,se.getMessage()});
+ }
} catch (GadgetException ge) {
if (LOG.isLoggable(Level.SEVERE)) {
LOG.logp(Level.SEVERE, classname, "retrieveServices",
MessageKeys.FAILED_TO_FETCH_SERVICE, new Object[] {endpoint,ge.getMessage()});
