Hi Rodrigo, thanks for your hints to this. I will have a closer look at this.
----- Original Nachricht ---- Von: Rodrigo Gallardo <[email protected]> An: [email protected] Datum: 21.01.2009 02:05 Betreff: Re: appId in service APIs > On Tue, Jan 20, 2009 at 02:00:33PM +0100, [email protected] wrote: > > Which classes Do I have to use in the server to generate this Token > > and stringify it? I have found the interfaces SecurityToken and > > SecurityTokenDecoder. But I haven't found a method that returns a > > String representation. > > Dirty, proof of concept code: Don't really use it as is, just follow > what it does. This version won't even compile, since I ripped out some > internal extra tweaks. I used to use it from cmd line to generate > tokens for test calls, and have not even tried to put it inside some > server. > > ---------------------------------------------------------------------- > > // These are keys from shindig's container.js > private static final String SECURITY_TOKEN_TYPE = > "gadgets.securityTokenType"; > public static final String SIGNED_FETCH_DOMAIN = > "gadgets.signedFetchDomain"; > > public static void main(String[] args) throws IOException, > BlobCrypterException { > if (args.length != 6) { > System.out.println("Usage: PrintSecureToken owner viewer appId > container appURL moduleId"); > System.exit(1); > } > > String container = args[3]; > > // These two lines will set up Guice with the PrintSecureToken > // module, which in my example was basically a copy of my servlet's > // modules > Injector injector = Guice.createInjector(new PrintSecureToken()); > ContainerConfig config = injector.getInstance(ContainerConfig.class); > > String tokenType = config.get(container, SECURITY_TOKEN_TYPE); > if ("secure".equals(tokenType)) { > String domain = config.get(container, SIGNED_FETCH_DOMAIN); > BasicBlobCrypter crypter = new BasicBlobCrypter(/* get the master key > from somewhere */); > > BlobCrypterSecurityToken token = new BlobCrypterSecurityToken(crypter, > container, domain); > token.setOwnerId(args[0]); > token.setViewerId(args[1]); > token.setAppUrl(args[4]); > token.setModuleId(args[5]); > > // The encrypted token does not preserve the appId, shindig is > // transitioning to using just the appUrl everywhere > > String external = token.encrypt(); > > System.out.println(URLEncoder.encode(external, "UTF-8")); > } > } > } > > ---------------------------------------------------------------------- > Jetzt komfortabel bei Arcor-Digital TV einsteigen: Mehr Happy Ends, mehr Herzschmerz, mehr Fernsehen! Erleben Sie 50 digitale TV Programme und optional 60 Pay TV Sender, einen elektronischen Programmführer mit Movie Star Bewertungen von TV Movie. Außerdem, aktuelle Filmhits und spannende Dokus in der Arcor-Videothek. Infos unter www.arcor.de/tv
