Author: doll
Date: Thu Aug 28 10:02:05 2008
New Revision: 689892
URL: http://svn.apache.org/viewvc?rev=689892&view=rev
Log:
SHINDIG-547
Modified patch from Bob Evans. JsonRpcServlet now returns an unauthorized error
for a bad security token. Refactored some of the servlet code so that as much
error code as possible is shared.
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/ApiServlet.java
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/DataServiceServlet.java
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/JsonRpcServlet.java
incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/opensocial/service/JsonRpcServletTest.java
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/ApiServlet.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/ApiServlet.java?rev=689892&r1=689891&r2=689892&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/ApiServlet.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/ApiServlet.java
Thu Aug 28 10:02:05 2008
@@ -29,16 +29,17 @@
import com.google.inject.Injector;
import com.google.inject.name.Named;
+import java.io.IOException;
import java.util.Map;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;
-
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
/**
* Common base class for API servlets.
*/
-public class ApiServlet extends InjectedServlet {
+public abstract class ApiServlet extends InjectedServlet {
private Map<String, Class<? extends DataRequestHandler>> handlers;
protected BeanJsonConverter jsonConverter;
protected BeanConverter xmlConverter;
@@ -66,6 +67,15 @@
return AuthInfo.getSecurityToken(servletRequest);
}
+ protected abstract void sendError(HttpServletResponse servletResponse,
ResponseItem responseItem)
+ throws IOException;
+
+ protected void sendSecurityError(HttpServletResponse servletResponse) throws
IOException {
+ sendError(servletResponse, new ResponseItem(ResponseError.UNAUTHORIZED,
+ "The request did not have a proper security token nor oauth message
and unauthenticated "
+ + "requests are not allowed"));
+ }
+
/**
* Delivers a request item to the appropriate DataRequestHandler.
*/
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/DataServiceServlet.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/DataServiceServlet.java?rev=689892&r1=689891&r2=689892&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/DataServiceServlet.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/DataServiceServlet.java
Thu Aug 28 10:02:05 2008
@@ -18,13 +18,11 @@
package org.apache.shindig.social.opensocial.service;
import org.apache.shindig.common.SecurityToken;
-import org.apache.shindig.social.ResponseError;
import org.apache.shindig.social.ResponseItem;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.logging.Logger;
-
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
@@ -68,9 +66,7 @@
SecurityToken token = getSecurityToken(servletRequest);
if (token == null) {
- sendError(servletResponse, new ResponseItem(ResponseError.UNAUTHORIZED,
- "The request did not have a proper security token nor oauth message
and unauthenticated "
- + "requests are not allowed"));
+ sendSecurityError(servletResponse);
return;
}
@@ -79,7 +75,7 @@
handleSingleRequest(servletRequest, servletResponse, token, converter);
}
- private void sendError(HttpServletResponse servletResponse, ResponseItem
responseItem)
+ protected void sendError(HttpServletResponse servletResponse, ResponseItem
responseItem)
throws IOException {
servletResponse.sendError(responseItem.getError().getHttpErrorCode(),
responseItem.getErrorMessage());
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/JsonRpcServlet.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/JsonRpcServlet.java?rev=689892&r1=689891&r2=689892&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/JsonRpcServlet.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/opensocial/service/JsonRpcServlet.java
Thu Aug 28 10:02:05 2008
@@ -25,6 +25,7 @@
import com.google.common.collect.Lists;
import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang.StringUtils;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
@@ -45,8 +46,12 @@
HttpServletResponse servletResponse)
throws ServletException, IOException {
try {
- JSONObject request = JsonConversionUtil.fromRequest(servletRequest);
SecurityToken token = getSecurityToken(servletRequest);
+ if (token == null) {
+ sendSecurityError(servletResponse);
+ return;
+ }
+ JSONObject request = JsonConversionUtil.fromRequest(servletRequest);
dispatch(request, servletResponse, token);
} catch (JSONException je) {
// FIXME
@@ -57,6 +62,10 @@
HttpServletResponse servletResponse)
throws ServletException, IOException {
SecurityToken token = getSecurityToken(servletRequest);
+ if (token == null) {
+ sendSecurityError(servletResponse);
+ return;
+ }
try {
String content = IOUtils.toString(servletRequest.getReader());
if ((content.indexOf('[') != -1) && content.indexOf('[') <
content.indexOf('{')) {
@@ -123,10 +132,7 @@
result.put("id", key);
}
if (response.getError() != null) {
- JSONObject error = new JSONObject();
- error.put("code", response.getError().getHttpErrorCode());
- error.put("message", response.getErrorMessage());
- result.put("error", error);
+ result.put("error", getErrorJson(response));
} else {
if (response instanceof RestfulCollection) {
// FIXME this is a little hacky because of the field names in the
DataCollection
@@ -144,17 +150,35 @@
return result;
}
- private void sendBadRequest(Throwable t, HttpServletResponse response)
throws IOException {
+ // TODO(doll): Refactor the responseItem so that the fields on it line up
with this format.
+ // Then we can use the general converter to output the response to the
client and we won't
+ // be harcoded to json.
+ private JSONObject getErrorJson(ResponseItem responseItem) throws
JSONException {
+ JSONObject error = new JSONObject();
+ error.put("code", responseItem.getError().getHttpErrorCode());
+
+ String message = responseItem.getError().toString();
+ if (StringUtils.isNotBlank(responseItem.getErrorMessage())) {
+ message += ": " + responseItem.getErrorMessage();
+ }
+ error.put("message", message);
+ return error;
+ }
+
+ protected void sendError(HttpServletResponse servletResponse, ResponseItem
responseItem)
+ throws IOException {
try {
- JSONObject error = new JSONObject();
- error.put("code", ResponseError.BAD_REQUEST.getHttpErrorCode());
- error.put("message", "Invalid batch - " + t.getMessage());
- response.getWriter().write(error.toString());
+ JSONObject error = getErrorJson(responseItem);
+ servletResponse.getWriter().write(error.toString());
} catch (JSONException je) {
- // This really shouldnt ever happen
- response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
+ // This really shouldn't ever happen
+ servletResponse.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR,
"Error generating error response " + je.getMessage());
}
}
+ private void sendBadRequest(Throwable t, HttpServletResponse response)
throws IOException {
+ sendError(response, new ResponseItem(ResponseError.BAD_REQUEST,
+ "Invalid batch - " + t.getMessage()));
+ }
}
Modified:
incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/opensocial/service/JsonRpcServletTest.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/opensocial/service/JsonRpcServletTest.java?rev=689892&r1=689891&r2=689892&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/opensocial/service/JsonRpcServletTest.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/test/java/org/apache/shindig/social/opensocial/service/JsonRpcServletTest.java
Thu Aug 28 10:02:05 2008
@@ -110,7 +110,7 @@
setupInjector();
JSONObject err = new JSONObject(
- "{id:id,error:{message:'The service junk is not
implemented',code:501}}");
+ "{id:id,error:{message:'notImplemented: The service junk is not
implemented',code:501}}");
PrintWriter writerMock = EasyMock.createMock(PrintWriter.class);
EasyMock.expect(res.getWriter()).andReturn(writerMock);
@@ -136,7 +136,7 @@
EasyMock.expectLastCall().andReturn(new FailingFuture());
JSONObject err = new JSONObject(
- "{id:id,error:{message:'FAILED',code:500}}");
+ "{id:id,error:{message:'internalError: FAILED',code:500}}");
PrintWriter writerMock = EasyMock.createMock(PrintWriter.class);
EasyMock.expect(res.getWriter()).andReturn(writerMock);
