>> Some of these changes are interface changes/additions/deletions and could effect custom consumer extensions. (Probably unlikely because nobody has complained about them yet.) <<
Ugh... I should have been keeping up with this. Yes the interface changes affect us big time moving from beta1 to beta2. So chalk up one complaint. :) doug On 5/9/12 8:49 PM, "Stanton Sievers" <[email protected]> wrote: > > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/4947/#review7754 > ----------------------------------------------------------- > > Ship it! > > > Committed revision 1336461 > > Please close the review. > > - Stanton > > > On 2012-05-04 14:31:05, Adam Clarke wrote: >> > >> > ----------------------------------------------------------- >> > This is an automatically generated e-mail. To reply, visit: >> > https://reviews.apache.org/r/4947/ >> > ----------------------------------------------------------- >> > >> > (Updated 2012-05-04 14:31:05) >> > >> > >> > Review request for shindig, Ryan Baxter and Brian Lillie. >> > >> > >> > Summary >> > ------- >> > >> > When the original OAuth2 Consumer was added the patch was quite large and >> it was tough to get a comprehensive review. It was expected that there >> would be a couple of revisions to address problems. >> > >> > This patch contains the changes for Jira 173. Due to time constraints it >> also contains a number of other fixes/enhancements found in internal OAuth2 >> Consumer reviews and testing. >> > >> > Some of these changes are interface changes/additions/deletions and could >> effect custom consumer extensions. (Probably unlikely because nobody has >> complained about them yet.) >> > >> > >> > Patch Includes: >> > 0) More standard formatting and checkstyle in modified files. >> > >> > 1) Jira 1732 for restricted OAuth2 endpoints. >> > >> > 2) Rework of OAuth2Cache and the default InMemoryCache. Tried to get too >> cute with the original which made it very hard to implement. New version is >> much easier to implement with your own Maps. >> > >> > 3) OAuth2 State encryption/decryption. Wasn't absolutely necessary for >> OAuth2, but added it for consistency with OAuth1 and for the peace-of-mind of >> security types. >> > >> > 4) BasicOAuth2Request no longer sends expired tokens. The previous impl >> relied on the OAuth2 Service Provider returning 401 when a expired token was >> used. This led to a nasty user experience when a service provider violated >> the spec and returned something other than 401. OAuth2 Consumer no longer >> sends expired tokens and reacts as if the server returned the 401. >> > >> > 5) OAuth2Persister had an unnecessary method to create a token. This is >> now handled in the OAuth2Store. >> > >> > 6) Caching and OAuth2Store.init() fixes for better behavior in a clustered >> environment. >> > >> > 7) Properly handle the URL %scheme% for the redirect uri (aka callback url) >> > >> > >> > This addresses bug SHINDIG-1732. >> > https://issues.apache.org/jira/browse/SHINDIG-1732 >> > >> > >> > Diffs >> > ----- >> > >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/common/conf/shindig.proper >> ties 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/BasicOAuth2Accessor.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/BasicOAuth2Request.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/BasicOAuth2Store.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2Accessor.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2CallbackState.java PRE-CREATION >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2CallbackStateToken.java PRE-CREATION >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2Error.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2FetcherConfig.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2Message.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2Module.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2Store.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/OAuth2Token.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/handler/CodeAuthorizationResponseHandler.java >> 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandler.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/handler/OAuth2HandlerModule.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/handler/TokenAuthorizationResponseHandler.java >> 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/MapCache.java PRE-CREATION >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/OAuth2Cache.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/OAuth2Client.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/OAuth2Persister.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/OAuth2TokenPersistence.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/sample/InMemoryCache.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/oauth2/persistence/sample/JSONOAuth2Persister.java >> 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/servlet/MakeRequestHandler.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/main/java/org/ >> apache/shindig/gadgets/servlet/OAuth2CallbackServlet.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/oauth2/MockUtils.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/oauth2/handler/CodeGrantTypeHandlerTest.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/oauth2/handler/TokenAuthorizationResponseHandlerTest.j >> ava 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/oauth2/persistence/OAuth2ClientTest.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/oauth2/persistence/sample/InMemoryCacheTest.java >> 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/oauth2/persistence/sample/JSONOAuth2PersisterTest.java >> 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/java/org/ >> apache/shindig/gadgets/servlet/MakeRequestHandlerTest.java 1333970 >> > >> http://svn.apache.org/repos/asf/shindig/trunk/java/gadgets/src/test/resources >> /org/apache/shindig/gadgets/oauth2/oauth2_test.json 1333970 >> > >> > Diff: https://reviews.apache.org/r/4947/diff >> > >> > >> > Testing >> > ------- >> > >> > All test cases pass. >> > >> > >> > Thanks, >> > >> > Adam >> > >> > > >
