Re: Issue with container and security tokens in beta2

Thu, 07 Jun 2012 12:15:37 -0700 

Henry,

I think it does match.  I executed the folllowing in my firebug console 
and it returned true:

/.*gadgets\/js\/.*container.*[.]js.*[?&]c=1(&|$).*/.test("
http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/js/oclccontainer:userprefsui:rpc.js?nocache=1&c=1&debug=1&container=oclc
");

Doug, can you ensure that your tokens have the correct container in them?

Thanks,
-Stanton



From:   Henry Saputra <[email protected]>
To:     [email protected], 
Date:   06/07/2012 14:55
Subject:        Re: Issue with container and security tokens in beta2



Actually its maybe in the init.js function initializeGlobalVars()

Looks like the URL
http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/js/oclccontainer:userpr

efsui:rpc.js?nocache=1&c=1&debug=1&container=oclc does not contain the
expected pattern

/.*gadgets\/js\/.*container.*[.]js.*[?&]c=1(&|$).*/


- Henry

On Thu, Jun 7, 2012 at 9:30 AM, daviesd <[email protected]> wrote:
> In beta1 I use to see the following flow.
>
> Request the javascript using container=oclc
>
> 
http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/js/oclccontainer:userpr

> efsui:rpc.js?nocache=1&c=1&debug=1&container=oclc
>
> The iframe request would then look as follows
>
> 
http://ocwms.worldkat.qa.oclc.org/opensocial/gadgets/ifr?url=https%3A%2F%2Fw

> 
orldkat.qa.oclc.org%2Fgallery%2Fgadgets%2F40%2Fxml&container=oclc&view=defau
> 
lt&lang=en&country=US&debug=0&nocache=1&sanitize=0&v=584fb331f9d4272d7164ccf
> 
e49e0569c&st=oclc%3ATOKEN&testmode=0&parent=http%3A%2F%2Focwms.worldkat.qa.o
> clc.org&mid=0
>
> Notice that the container is CORRECT (oclc).  For length purpose I did 
not
> show the entire length of our security token (it¹s long) so I just put
> TOKEN.
>
> In beta2 I see
>
> 
http://platform.oclc.org:8080/opensocial/gadgets/ifr?url=http%3A%2F%2Fplatfo

> 
rm.oclc.org%3A8080%2Fopensocial-demo%2Fgadgets%2Fsettitle.xml&container=defa
> 
ult&view=default&lang=en&country=US&debug=0&nocache=0&sanitize=0&v=1545d7ce1
> 
25d3b0f296d91751cbba444&st=%25st%25&testmode=0&parent=http%3A%2F%2Fplatform.
> oclc.org%3A8080&mid=0#rpctoken=147042121
>
> Notice the container is WRONG (default) and that the ST param is null
> because when it went to lookup the crypter for the container it was not
> found (I¹m not sure why default isn¹t found... Still checking on that). 
 If
> I hardcode OCLC at
>
>    BlobCrypter crypter = crypters.get(aToken.getContainer());
>
> In BlobCrypterSecurityTokenCodec when it does the crypter lookup then
> everything works fine.
>
> Does anyone have any ideas what may have changed and where to look?
>
> doug
>

Reply via email to