Author: hmt
Date: Sat Oct 6 13:35:53 2012
New Revision: 1395049
URL: http://svn.apache.org/viewvc?rev=1395049&view=rev
Log:
update oauth feature
Added:
incubator/wookie/trunk/features/oauth/web/
incubator/wookie/trunk/features/oauth/web/imgs/
incubator/wookie/trunk/features/oauth/web/imgs/wait.gif (with props)
incubator/wookie/trunk/features/oauth/web/implicit.jsp (with props)
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
Modified:
incubator/wookie/trunk/WebContent/WEB-INF/dwr.xml
incubator/wookie/trunk/WebContent/WEB-INF/web.xml
incubator/wookie/trunk/features/oauth/oauth.js
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
Modified: incubator/wookie/trunk/WebContent/WEB-INF/dwr.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/WEB-INF/dwr.xml?rev=1395049&r1=1395048&r2=1395049&view=diff
==============================================================================
--- incubator/wookie/trunk/WebContent/WEB-INF/dwr.xml (original)
+++ incubator/wookie/trunk/WebContent/WEB-INF/dwr.xml Sat Oct 6 13:35:53 2012
@@ -31,11 +31,10 @@
<create creator="new" javascript="OAuthConnector" scope="application">
<param name="class"
value="org.apache.wookie.feature.oauth.oAuthClient"/>
- <include method="authenticate"/>
<include method="updateToken"/>
<include method="queryToken"/>
<include method="invalidateToken"/>
- <include method="getClientId"/>
+ <include method="queryOAuthParams"/>
</create>
<convert converter="object"
match="org.apache.wookie.ajaxmodel.impl.PreferenceDelegate"
javascript="Preference">
Modified: incubator/wookie/trunk/WebContent/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/WEB-INF/web.xml?rev=1395049&r1=1395048&r2=1395049&view=diff
==============================================================================
--- incubator/wookie/trunk/WebContent/WEB-INF/web.xml (original)
+++ incubator/wookie/trunk/WebContent/WEB-INF/web.xml Sat Oct 6 13:35:53 2012
@@ -256,7 +256,16 @@
org.apache.wookie.WidgetServiceServlet
</servlet-class>
<load-on-startup>2</load-on-startup>
- </servlet>
+ </servlet>
+
+ <servlet>
+ <description>
+ </description>
+ <display-name>TokenHandler</display-name>
+ <servlet-name>TokenHandler</servlet-name>
+
<servlet-class>org.apache.wookie.feature.oauth.TokenHandler</servlet-class>
+ </servlet>
+
<servlet-mapping>
<servlet-name>WidgetServiceServlet</servlet-name>
<url-pattern>/WidgetServiceServlet</url-pattern>
@@ -267,6 +276,11 @@
<url-pattern>/dwr/*</url-pattern>
</servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>TokenHandler</servlet-name>
+ <url-pattern>/features/oauth/implicit</url-pattern>
+ </servlet-mapping>
+
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
Modified: incubator/wookie/trunk/features/oauth/oauth.js
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/oauth.js?rev=1395049&r1=1395048&r2=1395049&view=diff
==============================================================================
--- incubator/wookie/trunk/features/oauth/oauth.js (original)
+++ incubator/wookie/trunk/features/oauth/oauth.js Sat Oct 6 13:35:53 2012
@@ -14,74 +14,104 @@
oAuth = new function OAuth() {
this.access_token = null;
- this.client_id = null;
this.status = null; // null: init, O: not being authenticated, F:
authentication failed, A: authenticated
+ this.oauthParams = new Object();
this.init = function() {
+ var info = new Object();
+ info['id_key'] = widget.instanceid_key;
+ info['url'] = window.location.href;
+ OAuthConnector.queryOAuthParams(info,
+ {callback: function(map) {
+ oAuth.oauthParams = map;
+ }, async: false});
+ // if persist enalbed, try to get acess token
+ if (oAuth.oauthParams['persist'] != 'false') {
+ OAuthConnector.queryToken(widget.instanceid_key,
+ {callback: function(accessToken) {
+
oAuth.setAccessToken(accessToken);
+ }, async: false});
+ }
+ }
- token_bunch = window.location.hash;
- if (token_bunch.length > 0) {
+ this.initAccessToken = function(access_token, expires) {
+ // update to db if persist type
+ if (oAuth.oauthParams['persist'] != 'false') {
OAuthConnector.updateToken(
- widget.instanceid_key + token_bunch,
+ 'id_key=' + widget.instanceid_key +
'&access_token=' + access_token + '&expires_in=' + expires,
{callback: function(result) {
- if (result != "invalid") {
-
window.opener.location.reload();
- }
+ return;
}, async: false});
- window.close();
}
- dwr.engine.beginBatch();
- OAuthConnector.getClientId(widget.instanceid_key,
this.setClientId);
- OAuthConnector.queryToken(widget.instanceid_key,
this.setAccessToken);
- dwr.engine.endBatch({async: false});
- }
-
- this.setClientId = function(returned_client_id) {
- oAuth.client_id = returned_client_id;
+
+ // set access token to member variables
+ oAuth.setAccessToken(access_token);
}
this.setAccessToken = function(token_info) {
- if (token_info != "invalid") {
+ if (token_info != 'invalid') {
oAuth.access_token = token_info;
- oAuth.status = "A";
+ oAuth.status = 'A';
} else {
- oAuth.status = "O";
+ oAuth.status = 'O';
}
}
this.proxify = function(url) {
- returnedUrl = widget.getProxyUrl() + "?instanceid_key=" +
widget.instanceid_key + "&url=" + url;
- if (oAuth.client_id != null && oAuth.access_token != null) {
- returnedUrl = returnedUrl + "&client_id=" +
oAuth.client_id + "&access_token=" + oAuth.access_token;
+ returnedUrl = widget.getProxyUrl() + '?instanceid_key=' +
widget.instanceid_key + '&url=' + url;
+ if (oAuth.access_token != null) {
+ returnedUrl = returnedUrl + '&access_token=' +
oAuth.access_token;
}
return returnedUrl;
}
this.authenticate = function() {
- OAuthConnector.authenticate(
- widget.instanceid_key + "#" + window.location,
- {callback: function(redirectUrl) {
- window.open(redirectUrl,
"authentication_popup", "width=500, height=400");
- }, async: false});
+ // check if persist
+ if (oAuth.oauthParams['persist'] != 'false') {
+ OAuthConnector.queryToken(widget.instanceid_key,
+ {callback: function(accessToken) {
+
oAuth.setAccessToken(accessToken);
+ }, async: false});
+
+ if (oAuth.status == 'A') return;
+ }
+
+ // check oauth profile
+ if (typeof oAuth.oauthParams['profile'] != 'undefined') {
+ if (oAuth.oauthParams['profile'] != 'implicit') {
+ alert(oAuth.oauthParams['profile'] + ' is not
supported in this version');
+ return;
+ }
+ }
+ // show popup window
+ var url = oAuth.oauthParams['authzServer'] +
+ '?response_type=token&client_id=' +
oAuth.oauthParams['clientId'] +
+ '&redirect_uri=' + oAuth.oauthParams['redirectUri'];
+ if (typeof oAuth.oauthParams['scope'] != 'undefined') {
+ url += '&scope=' + oAuth.oauthParams['scope'];
+ }
+
+ window.open(url, 'Authorization request',
+ 'width=' + oAuth.oauthParams['popupWidth'] + ',
height=' + oAuth.oauthParams['popupHeight']);
}
this.invalidateToken = function() {
- oAuth.status = "O";
+ oAuth.status = 'O';
oAuth.access_token = null;
OAuthConnector.invalidateToken(widget.instanceid_key);
}
this.showStatus = function(container_id) {
- if (oAuth.status == null || oAuth.status == "O") {
- document.getElementById(container_id).innerHTML = "Not
yet authenticated";
- } else if (oAuth.status == "F") {
- document.getElementById(container_id).innerHTML =
"Authentication failed";
- } else if (oAuth.status == "A") {
- document.getElementById(container_id).innerHTML =
"Authenticated";
+ if (oAuth.status == null || oAuth.status == 'O') {
+ document.getElementById(container_id).innerHTML = 'Not
yet authenticated';
+ } else if (oAuth.status == 'F') {
+ document.getElementById(container_id).innerHTML =
'Authentication failed';
+ } else if (oAuth.status == 'A') {
+ document.getElementById(container_id).innerHTML =
'Authenticated';
}
}
}
oAuth.init();
-window.oauth = oAuth;
\ No newline at end of file
+window.oauth = oAuth;
Added: incubator/wookie/trunk/features/oauth/web/imgs/wait.gif
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/web/imgs/wait.gif?rev=1395049&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/wookie/trunk/features/oauth/web/imgs/wait.gif
------------------------------------------------------------------------------
svn:mime-type = image/gif
Added: incubator/wookie/trunk/features/oauth/web/implicit.jsp
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/web/implicit.jsp?rev=1395049&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/wookie/trunk/features/oauth/web/implicit.jsp
------------------------------------------------------------------------------
svn:mime-type = application/xml
Added:
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java?rev=1395049&view=auto
==============================================================================
---
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
(added)
+++
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
Sat Oct 6 13:35:53 2012
@@ -0,0 +1,41 @@
+package org.apache.wookie.feature.oauth;
+
+import java.io.IOException;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+/**
+ * Servlet implementation class TokenReceiver
+ */
+public class TokenHandler extends HttpServlet {
+ private static final long serialVersionUID = 1L;
+
+ /**
+ * @see HttpServlet#HttpServlet()
+ */
+ public TokenHandler() {
+ super();
+ // TODO Auto-generated constructor stub
+ }
+
+ /**
+ * @see HttpServlet#doGet(HttpServletRequest request,
HttpServletResponse response)
+ */
+ protected void doGet(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
+ // check oauth profile
+ String context = request.getRequestURI();
+ if (context.endsWith("implicit")) {
+
request.getRequestDispatcher("/features/oauth/web/implicit.jsp").forward(request,
response);
+ }
+ }
+
+ /**
+ * @see HttpServlet#doPost(HttpServletRequest request,
HttpServletResponse response)
+ */
+ protected void doPost(HttpServletRequest request, HttpServletResponse
response) throws ServletException, IOException {
+ response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+ }
+}
+
Modified:
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java?rev=1395049&r1=1395048&r2=1395049&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
(original)
+++ incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
Sat Oct 6 13:35:53 2012
@@ -21,12 +21,12 @@ import java.net.URLEncoder;
import java.util.Collection;
import java.util.HashMap;
import java.util.Map;
+import java.util.StringTokenizer;
import javax.servlet.http.HttpServletRequest;
import org.apache.wookie.Messages;
import org.apache.wookie.beans.IOAuthToken;
-import org.apache.wookie.w3c.IContent;
import org.apache.wookie.w3c.IParam;
import org.apache.wookie.beans.IWidgetInstance;
import org.apache.wookie.beans.util.IPersistenceManager;
@@ -57,82 +57,6 @@ public class oAuthClient implements IFea
return null;
}
- public String authenticate(String idKey_RedirectUri) {
- int iPos = idKey_RedirectUri.indexOf('#');
- String idKey = idKey_RedirectUri.substring(0, iPos);
- String redirectUri = idKey_RedirectUri.substring(iPos + 1);
- if(idKey == null) return "invalid";
- IPersistenceManager persistenceManager =
PersistenceManagerFactory.getPersistenceManager();
- IWidgetInstance widgetInstance =
persistenceManager.findWidgetInstanceByIdKey(idKey);
- if(widgetInstance==null) return "invalid";
-
- Collection<IContent> startFiles =
widgetInstance.getWidget().getContentList();
- String startFileUrl = null;
- for(IContent startFile : startFiles) {
- iPos = redirectUri.indexOf(startFile.getSrc());
- if (iPos > -1) {
- startFileUrl = startFile.getSrc();
- break;
- }
- }
- if (startFileUrl != null) {
- redirectUri = redirectUri.substring(0, iPos +
startFileUrl.length()) + "?idkey=" + idKey;
- }
-
- try {
- redirectUri = URLEncoder.encode(redirectUri, "UTF-8");
- } catch (UnsupportedEncodingException e) {
- }
-
- Collection<org.apache.wookie.w3c.IFeature> widgetFeatures =
widgetInstance.getWidget().getFeatures();
- org.apache.wookie.w3c.IFeature oAuthFeature = null;
- for (org.apache.wookie.w3c.IFeature aFeature : widgetFeatures) {
- if (getName().equals(aFeature.getName())) {
- oAuthFeature = aFeature;
- break;
- }
- }
-
- if (oAuthFeature == null) {
- return "";
- }
-
- Collection<IParam> oAuthParams = oAuthFeature.getParameters();
- String clientId = idKey;
- String authzServer = null;
- String scope = "";
- for (IParam aParam : oAuthParams) {
- String paramName = aParam.getName().toLowerCase();
- String paramValue = aParam.getValue();
- if ("authzserver".equals(paramName)) {
- authzServer = paramValue;
- } else if ("clientid".equals(paramName)) {
- if (!"auto".equalsIgnoreCase(paramValue)) {
- clientId = paramValue;
- }
- } else if ("scope".equals(aParam.getName())) {
- scope = paramValue;
- } else if ("redirecturi".equals(paramName)) {
- if (paramValue.length() != 0 &&
!"auto".equalsIgnoreCase(paramValue)) {
- redirectUri = paramValue;
- }
- }
- }
-
- IOAuthToken oauthToken =
persistenceManager.findOAuthToken(widgetInstance);
- if (oauthToken != null) {
- persistenceManager.delete(oauthToken);
- }
-
- String url = authzServer + "?client_id=" + clientId +
"&response_type=token&redirect_uri=" + redirectUri;
-
- if (scope.length() > 0) {
- url = url + "&scope=" + scope;
- }
-
- return url;
- }
-
public String queryToken(String idKey) {
if(idKey == null) return "invalid";
IPersistenceManager persistenceManager =
PersistenceManagerFactory.getPersistenceManager();
@@ -158,60 +82,28 @@ public class oAuthClient implements IFea
persistenceManager.delete(oauthToken);
}
}
-
- public String getClientId(String idKey) {
- if(idKey == null) return "invalid";
- IPersistenceManager persistenceManager =
PersistenceManagerFactory.getPersistenceManager();
- IWidgetInstance widgetInstance =
persistenceManager.findWidgetInstanceByIdKey(idKey);
- if(widgetInstance==null) return "invalid";
- IOAuthToken oauthToken =
persistenceManager.findOAuthToken(widgetInstance);
- if (oauthToken != null) {
- return oauthToken.getClientId();
- } else {
- return "invalid";
- }
- }
-
+
public String updateToken(String idKey_tokenBunch) {
- int iPos = idKey_tokenBunch.indexOf('#');
- String idKey = idKey_tokenBunch.substring(0, iPos);
- String tokenBunch = idKey_tokenBunch.substring(iPos + 1);
-
- Map<String,String> oAuthTokenBunch = new HashMap<String,
String>();
- iPos = 0;
- int iEqual, iOffset = 0;
- String fragment = tokenBunch;
- do {
- iPos = tokenBunch.indexOf('&', iOffset);
- if (iPos < 0) {
- iPos = tokenBunch.length();
- }
-
- fragment = tokenBunch.substring(iOffset, iPos);
- iOffset = iOffset + iPos + 1;
- iEqual = fragment.indexOf('=');
- if (iEqual < 0) continue;
- oAuthTokenBunch.put(fragment.substring(0, iEqual),
fragment.substring(iEqual + 1));
- } while (iOffset < tokenBunch.length());
+ Map<String,String> params = parseParams(idKey_tokenBunch);
+ String idKey = params.get("id_key");
IPersistenceManager persistenceManager =
PersistenceManagerFactory.getPersistenceManager();
IWidgetInstance widgetInstance =
persistenceManager.findWidgetInstanceByIdKey(idKey);
HttpServletRequest request =
WebContextFactory.get().getHttpServletRequest();
Messages localizedMessages =
LocaleHandler.localizeMessages(request);
-
if(widgetInstance==null) {
return localizedMessages.getString("WidgetAPIImpl.0");
//$NON-NLS-1$
}
- Map<String, String> oAuthParams = queryOAuthParams(idKey);
+ Map<String, String> oAuthParams = queryXMLParams(idKey);
if (oAuthParams == null) {
return localizedMessages.getString("WidgetAPIImpl.0");
//$NON-NLS-1$
}
IOAuthToken oauthToken =
persistenceManager.findOAuthToken(widgetInstance);
if (oauthToken == null) oauthToken =
persistenceManager.newInstance(IOAuthToken.class);
- oauthToken.setAccessToken(oAuthTokenBunch.get("access_token"));
- oauthToken.setExpires(System.currentTimeMillis() + 1000 *
Integer.parseInt(oAuthTokenBunch.get("expires_in")));
+ oauthToken.setAccessToken(params.get("access_token"));
+ oauthToken.setExpires(System.currentTimeMillis() + 1000 *
Integer.parseInt(params.get("expires_in")));
oauthToken.setClientId(oAuthParams.get("clientId"));
oauthToken.setAuthzUrl(oAuthParams.get("authzServer"));
oauthToken.setWidgetInstance(widgetInstance);
@@ -219,7 +111,7 @@ public class oAuthClient implements IFea
return oauthToken.getAccessToken();
}
- private Map<String, String> queryOAuthParams(String idKey) {
+ public Map<String, String> queryXMLParams(String idKey) {
IPersistenceManager persistenceManager =
PersistenceManagerFactory.getPersistenceManager();
IWidgetInstance widgetInstance =
persistenceManager.findWidgetInstanceByIdKey(idKey);
if(widgetInstance==null) return null;
@@ -241,4 +133,51 @@ public class oAuthClient implements IFea
}
return oAuthParamMap;
}
-}
\ No newline at end of file
+
+ public Map<String, String> queryOAuthParams(Map<String, String> info) {
+ if (info.get("id_key") == null || info.get("url") == null)
return null;
+ Map<String, String>oAuthParamMap =
queryXMLParams(info.get("id_key"));
+ if (oAuthParamMap == null) return null;
+ String url = info.get("url");
+ int iPos = url.indexOf("/wservices/");
+ if (iPos < 0) return null;
+ url = url.substring(0, iPos);
+ if (!oAuthParamMap.containsKey("profile"))
+ oAuthParamMap.put("profile", "implicit");
+ try {
+ url = URLEncoder.encode(url, "UTF8");
+
+ if ("implicit".equals(oAuthParamMap.get("profile")))
+ url += "%2Ffeatures%2Foauth%2Fimplicit";
+ else
+ url += "%2Ffeatures%2Foauth%2Fother";
+ } catch (UnsupportedEncodingException e) {
+ if ("implicit".equals(oAuthParamMap.get("profile")))
+ url += "/features/oauth/implicit";
+ else
+ url += "/features/oauth/other";
+ }
+ oAuthParamMap.put("redirectUri", url);
+
+ if (!oAuthParamMap.containsKey("persist"))
+ oAuthParamMap.put("persist", "true");
+ if (!oAuthParamMap.containsKey("popupWidth"))
+ oAuthParamMap.put("popupWidth", "400px");
+ if (!oAuthParamMap.containsKey("popupHeight"))
+ oAuthParamMap.put("popupHeight", "500px");
+ return oAuthParamMap;
+ }
+
+ private Map<String, String> parseParams(String paramString) {
+ StringTokenizer st = new StringTokenizer(paramString, "&");
+ Map<String, String> result = new HashMap<String, String>();
+ while (st.hasMoreTokens()) {
+ String paramPair = st.nextToken();
+ int iPos = paramPair.indexOf('=');
+ if (iPos > 0) {
+ result.put(paramPair.substring(0, iPos),
paramPair.substring(iPos + 1));
+ }
+ }
+ return result;
+ }
+}
