Author: etnu
Date: Fri Aug 22 12:25:53 2008
New Revision: 688178
URL: http://svn.apache.org/viewvc?rev=688178&view=rev
Log:
Began migrating SecurityToken passing to HttpRequest, as well as including
request context information (Gadget + container) in all requests. The objective
here is to unify the parameters passed through HttpFetchers so that uniform
logging, monitoring, and policy enforcement can be achieved.
The "gadget" and "container" fields are duplicated in secure contexts (that is,
contexts where a SecurityToken is present), but since we can't guarantee their
integrity anyway we should treat them as different.
Still missing:
- Rewriters only pass gadget url, not container. This makes it impossible to
support per-container defualt rewriting rules at present.
- No context is passed for manifest (gadget spec / message bundle) retrieval.
This is probably not important as these files are generally shared between
containers anyway. For privilaged gadget access, a custom GadgetSpecFactory can
still be implemented.
- It's not possible to test that the token, gadget url, and container are
passed in these requests at present. Significant test refactoring will be
necessary to achieve that.
Next step:
- Remove security token passing for signed fetch / oauth. We may just punt on
this one as Brian Eaton's work to unify signed fetch and oauth fetch is
forthcoming.
Modified:
incubator/shindig/trunk/features/core.io/io.js
incubator/shindig/trunk/features/core.io/iotest.js
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/GadgetServer.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java
Modified: incubator/shindig/trunk/features/core.io/io.js
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core.io/io.js?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core.io/io.js (original)
+++ incubator/shindig/trunk/features/core.io/io.js Fri Aug 22 12:25:53 2008
@@ -304,6 +304,8 @@
headers["Content-Type"] = "application/x-www-form-urlencoded";
}
+ var urlParams = gadgets.util.getUrlParameters();
+
var paramData = {
url: url,
httpMethod : httpMethod,
@@ -316,8 +318,8 @@
getSummaries : !!params.GET_SUMMARIES,
signOwner : signOwner || "true",
signViewer : signViewer || "true",
- gadget : gadgets.util.getUrlParameters().url,
-
+ gadget : urlParams.url,
+ container : urlParams.container || urlParams.synd || "default",
// should we bypass gadget spec cache (e.g. to read OAuth provider
URLs)
bypassSpecCache : gadgets.util.getUrlParameters().nocache || ""
};
Modified: incubator/shindig/trunk/features/core.io/iotest.js
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/features/core.io/iotest.js?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
--- incubator/shindig/trunk/features/core.io/iotest.js (original)
+++ incubator/shindig/trunk/features/core.io/iotest.js Fri Aug 22 12:25:53 2008
@@ -26,7 +26,7 @@
IoTest.prototype.setUp = function() {
this.oldGetUrlParameters = gadgets.util.getUrlParameters;
gadgets.util.getUrlParameters = function() {
- return { "st" : "authtoken", "url" : "http://www.gadget.com/gadget.xml"; };
+ return { "st" : "authtoken", "url" : "http://www.gadget.com/gadget.xml";,
"container" : "foo" };
};
if (!shindig.auth) {
shindig.auth = new shindig.Auth();
@@ -96,6 +96,7 @@
this.setArg(req, inBody, "signOwner", "true");
this.setArg(req, inBody, "getSummaries", "false");
this.setArg(req, inBody, "gadget", "http://www.gadget.com/gadget.xml";);
+ this.setArg(req, inBody, "container", "foo");
this.setArg(req, inBody, "headers", "");
this.setArg(req, inBody, "numEntries", "3");
this.setArg(req, inBody, "postData", "");
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/GadgetServer.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/GadgetServer.java?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/GadgetServer.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/GadgetServer.java
Fri Aug 22 12:25:53 2008
@@ -177,10 +177,13 @@
private final GadgetContext context;
public HttpResponse call() {
- HttpRequest request = new HttpRequest(Uri.fromJavaUri(preload.getHref()))
- .setSignOwner(preload.isSignOwner())
- .setSignViewer(preload.isSignViewer());
try {
+ HttpRequest request = new HttpRequest(Uri.fromJavaUri(preload.getHref()))
+ .setSignOwner(preload.isSignOwner())
+ .setSignViewer(preload.isSignViewer())
+ .setContainer(context.getContainer())
+ .setSecurityToken(context.getToken())
+ .setGadget(Uri.fromJavaUri(context.getUrl()));
switch (preload.getAuth()) {
case NONE:
return preloadFetcherFactory.get().fetch(request);
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/MakeRequestHandler.java
Fri Aug 22 12:25:53 2008
@@ -97,6 +97,8 @@
authToken = extractAndValidateToken(request);
}
+ rcr.setSecurityToken(authToken);
+
// Build the chain of fetchers that will handle the request
HttpFetcher fetcher = getHttpFetcher(auth, authToken, request);
@@ -132,7 +134,8 @@
HttpRequest req = new HttpRequest(url)
.setMethod(getParameter(request, METHOD_PARAM, "GET"))
- .setPostBody(getParameter(request, POST_DATA_PARAM, "").getBytes());
+ .setPostBody(getParameter(request, POST_DATA_PARAM, "").getBytes())
+ .setContainer(getContainer(request));
String headerData = getParameter(request, HEADERS_PARAM, "");
if (headerData.length() > 0) {
@@ -197,8 +200,10 @@
case NONE:
return contentFetcherFactory.get();
case SIGNED:
+ // TODO: Remove token from signature and use what's on the request
object instead.
return contentFetcherFactory.getSigningFetcher(token);
case OAUTH:
+ // TODO: Remove token from signature, return what's on the request
object.
return contentFetcherFactory.getOAuthFetcher(token, new
OAuthArguments(request));
default:
return contentFetcherFactory.get();
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyBase.java
Fri Aug 22 12:25:53 2008
@@ -18,6 +18,7 @@
*/
package org.apache.shindig.gadgets.servlet;
+import org.apache.shindig.common.ContainerConfig;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.common.uri.UriBuilder;
import org.apache.shindig.gadgets.GadgetException;
@@ -34,6 +35,9 @@
public static final String URL_PARAM = "url";
public static final String REFRESH_PARAM = "refresh";
public static final String GADGET_PARAM = "gadget";
+ public static final String CONTAINER_PARAM = "container";
+ // Old form container name, retained for legacy compatibility.
+ public static final String SYND_PARAM = "synd";
// Public because of rewriter. Rewriter should be cleaned up.
public static final String REWRITE_MIME_TYPE_PARAM = "rewriteMime";
@@ -80,6 +84,17 @@
}
/**
+ * Extracts the container name from the request.
+ */
+ protected String getContainer(HttpServletRequest request) {
+ String container = getParameter(request, CONTAINER_PARAM, null);
+ if (container == null) {
+ container = getParameter(request, SYND_PARAM,
ContainerConfig.DEFAULT_CONTAINER);
+ }
+ return container;
+ }
+
+ /**
* Sets cache control headers for the response.
*/
protected void setResponseHeaders(HttpServletRequest request,
Modified:
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/ProxyHandler.java
Fri Aug 22 12:25:53 2008
@@ -74,6 +74,7 @@
HttpRequest req = new HttpRequest(url);
+ req.setContainer(getContainer(request));
if (request.getParameter(GADGET_PARAM) != null) {
req.setGadget(Uri.parse(request.getParameter(GADGET_PARAM)));
}
Modified:
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java?rev=688178&r1=688177&r2=688178&view=diff
==============================================================================
---
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java
(original)
+++
incubator/shindig/trunk/java/gadgets/src/test/java/org/apache/shindig/gadgets/servlet/ProxyBaseTest.java
Fri Aug 22 12:25:53 2008
@@ -19,6 +19,7 @@
package org.apache.shindig.gadgets.servlet;
import com.google.common.collect.Maps;
+import org.apache.shindig.common.ContainerConfig;
import org.apache.shindig.common.uri.Uri;
import org.apache.shindig.gadgets.GadgetException;
import org.apache.shindig.gadgets.http.HttpResponse;
@@ -185,4 +186,27 @@
assertEquals("not foo", proxy.getParameter(request, "foo", "not foo"));
}
+
+ public void testGetContainerWithContainer() {
+ expect(request.getParameter(ProxyBase.CONTAINER_PARAM)).andReturn("bar");
+ replay();
+
+ assertEquals("bar", proxy.getContainer(request));
+ }
+
+ public void testGetContainerWithSynd() {
+ expect(request.getParameter(ProxyBase.CONTAINER_PARAM)).andReturn(null);
+ expect(request.getParameter(ProxyBase.SYND_PARAM)).andReturn("syndtainer");
+ replay();
+
+ assertEquals("syndtainer", proxy.getContainer(request));
+ }
+
+ public void testGetContainerNoParam() {
+ expect(request.getParameter(ProxyBase.CONTAINER_PARAM)).andReturn(null);
+ expect(request.getParameter(ProxyBase.SYND_PARAM)).andReturn(null);
+ replay();
+
+ assertEquals(ContainerConfig.DEFAULT_CONTAINER,
proxy.getContainer(request));
+ }
}
