Author: hmt
Date: Thu Oct 25 20:19:37 2012
New Revision: 1402319
URL: http://svn.apache.org/viewvc?rev=1402319&view=rev
Log:
Improve implicit, adding authorization code grant profile for oauth feature
Added:
incubator/wookie/trunk/features/oauth/web/authz-code.jsp (with props)
Modified:
incubator/wookie/trunk/WebContent/WEB-INF/web.xml
incubator/wookie/trunk/features/oauth/oauth.js
incubator/wookie/trunk/features/oauth/web/implicit.jsp
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
Modified: incubator/wookie/trunk/WebContent/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/WebContent/WEB-INF/web.xml?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/WebContent/WEB-INF/web.xml (original)
+++ incubator/wookie/trunk/WebContent/WEB-INF/web.xml Thu Oct 25 20:19:37 2012
@@ -280,6 +280,10 @@
<servlet-name>TokenHandler</servlet-name>
<url-pattern>/features/oauth/implicit</url-pattern>
</servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>TokenHandler</servlet-name>
+ <url-pattern>/features/oauth/authz-code</url-pattern>
+ </servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
Modified: incubator/wookie/trunk/features/oauth/oauth.js
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/oauth.js?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/features/oauth/oauth.js (original)
+++ incubator/wookie/trunk/features/oauth/oauth.js Thu Oct 25 20:19:37 2012
@@ -17,6 +17,7 @@ oAuth = new function OAuth() {
this.status = null; // null: init, O: not being authenticated, F:
authentication failed, A: authenticated
this.oauthParams = new Object();
this.authCallback = null;
+ this.popup = null;
this.init = function() {
var info = new Object();
@@ -43,33 +44,35 @@ oAuth = new function OAuth() {
this.finishAuthProcess = function(error_code, p1, p2) {
var jResult = new Object();
if (error_code == 'success') {
- oAuth.initAccessToken(p1, p2);
- jResult['error'] = 'success';
+ // set access token to member variables
+ oAuth.setAccessToken(p1);
+ // update to db if persist type
+ if (oAuth.oauthParams['persist'] != 'false') {
+ OAuthConnector.updateToken(
+ 'id_key=' +
widget.instanceid_key + '&access_token=' + p1 + '&expires_in=' + p2,
+ {callback: function(result) {
+ return;
+ }, async: false});
+ }
+ jResult['error'] = 'success';
+ if (oAuth.popup != null) oAuth.popup.close();
} else {
jResult['error'] = error_code;
jResult['desc'] = p1;
- }
- if (oAuth.authCallback != null)
- oAuth.authCallback(jResult);
- }
-
- this.initAccessToken = function(access_token, expires) {
- // update to db if persist type
- if (oAuth.oauthParams['persist'] != 'false') {
- OAuthConnector.updateToken(
- 'id_key=' + widget.instanceid_key +
'&access_token=' + access_token + '&expires_in=' + expires,
- {callback: function(result) {
- return;
- }, async: false});
+ if (oAuth.authCallback != null && oAuth.popup != null)
+ oAuth.popup.close();
}
- // set access token to member variables
- oAuth.setAccessToken(access_token);
+ if (oAuth.authCallback != null) {
+ window.setTimeout(function() {
+ oAuth.authCallback(jResult);
+ }, 5);
+ }
}
- this.setAccessToken = function(token_info) {
- if (token_info != 'invalid') {
- oAuth.access_token = token_info;
+ this.setAccessToken = function(token) {
+ if (token != 'invalid') {
+ oAuth.access_token = token;
oAuth.status = 'A';
} else {
oAuth.status = 'O';
@@ -97,22 +100,28 @@ oAuth = new function OAuth() {
// check oauth profile
if (typeof oAuth.oauthParams['profile'] != 'undefined') {
- if (oAuth.oauthParams['profile'] != 'implicit') {
+ if (oAuth.oauthParams['profile'] != 'implicit' &&
oAuth.oauthParams['profile'] != 'authorization code') {
alert(oAuth.oauthParams['profile'] + ' is not
supported in this version');
return;
}
}
// show popup window
- var url = oAuth.oauthParams['authzServer'] +
- '?response_type=token&client_id=' +
oAuth.oauthParams['clientId'] +
+ var url = oAuth.oauthParams['authzServer'];
+ if (oAuth.oauthParams['profile'] == 'implicit') {
+ url += '?response_type=token&client_id=' +
oAuth.oauthParams['clientId'] +
'&redirect_uri=' + oAuth.oauthParams['redirectUri'];
+ } else if (oAuth.oauthParams['profile'] == 'authorization
code') {
+ url += '?response_type=code&client_id=' +
oAuth.oauthParams['clientId'] +
+ '&redirect_uri=' + oAuth.oauthParams['redirectUri'];
+ }
+
if (typeof oAuth.oauthParams['scope'] != 'undefined') {
url += '&scope=' + oAuth.oauthParams['scope'];
}
this.authCallback = fCallback;
- window.open(url, 'Authorization request',
+ oAuth.popup = window.open(url, 'Authorization request',
'width=' + oAuth.oauthParams['popupWidth'] + ',
height=' + oAuth.oauthParams['popupHeight']);
}
@@ -130,8 +139,7 @@ oAuth = new function OAuth() {
} else if (oAuth.status == 'A') {
document.getElementById(container_id).innerHTML =
'Authenticated';
}
- }
-
+ }
}
oAuth.init();
Added: incubator/wookie/trunk/features/oauth/web/authz-code.jsp
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/web/authz-code.jsp?rev=1402319&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/wookie/trunk/features/oauth/web/authz-code.jsp
------------------------------------------------------------------------------
svn:mime-type = application/xml
Modified: incubator/wookie/trunk/features/oauth/web/implicit.jsp
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/features/oauth/web/implicit.jsp?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
Binary files - no diff available.
Modified:
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
---
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
(original)
+++
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/TokenHandler.java
Thu Oct 25 20:19:37 2012
@@ -1,3 +1,20 @@
+/*
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
package org.apache.wookie.feature.oauth;
import java.io.IOException;
@@ -28,6 +45,8 @@ public class TokenHandler extends HttpSe
String context = request.getRequestURI();
if (context.endsWith("implicit")) {
request.getRequestDispatcher("/features/oauth/web/implicit.jsp").forward(request,
response);
+ } else if (context.endsWith("authz-code")) {
+
request.getRequestDispatcher("/features/oauth/web/authz-code.jsp").forward(request,
response);
}
}
@@ -39,3 +58,4 @@ public class TokenHandler extends HttpSe
}
}
+
Modified:
incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
URL:
http://svn.apache.org/viewvc/incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java?rev=1402319&r1=1402318&r2=1402319&view=diff
==============================================================================
--- incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
(original)
+++ incubator/wookie/trunk/src/org/apache/wookie/feature/oauth/oAuthClient.java
Thu Oct 25 20:19:37 2012
@@ -23,17 +23,12 @@ import java.util.HashMap;
import java.util.Map;
import java.util.StringTokenizer;
-import javax.servlet.http.HttpServletRequest;
-
-import org.apache.wookie.Messages;
import org.apache.wookie.beans.IOAuthToken;
import org.apache.wookie.w3c.IParam;
import org.apache.wookie.beans.IWidgetInstance;
import org.apache.wookie.beans.util.IPersistenceManager;
import org.apache.wookie.beans.util.PersistenceManagerFactory;
import org.apache.wookie.feature.IFeature;
-import org.apache.wookie.server.LocaleHandler;
-import org.directwebremoting.WebContextFactory;
public class oAuthClient implements IFeature {
@@ -89,26 +84,29 @@ public class oAuthClient implements IFea
IPersistenceManager persistenceManager =
PersistenceManagerFactory.getPersistenceManager();
IWidgetInstance widgetInstance =
persistenceManager.findWidgetInstanceByIdKey(idKey);
- HttpServletRequest request =
WebContextFactory.get().getHttpServletRequest();
- Messages localizedMessages =
LocaleHandler.localizeMessages(request);
- if(widgetInstance==null) {
- return localizedMessages.getString("WidgetAPIImpl.0");
//$NON-NLS-1$
+
+ if (widgetInstance==null) {
+ return "invalid";
}
Map<String, String> oAuthParams = queryXMLParams(idKey);
if (oAuthParams == null) {
- return localizedMessages.getString("WidgetAPIImpl.0");
//$NON-NLS-1$
+ return "invalid";
}
IOAuthToken oauthToken =
persistenceManager.findOAuthToken(widgetInstance);
if (oauthToken == null) oauthToken =
persistenceManager.newInstance(IOAuthToken.class);
- oauthToken.setAccessToken(params.get("access_token"));
- oauthToken.setExpires(System.currentTimeMillis() + 1000 *
Integer.parseInt(params.get("expires_in")));
- oauthToken.setClientId(oAuthParams.get("clientId"));
- oauthToken.setAuthzUrl(oAuthParams.get("authzServer"));
- oauthToken.setWidgetInstance(widgetInstance);
- persistenceManager.save(oauthToken);
- return oauthToken.getAccessToken();
+ try {
+ oauthToken.setAccessToken(params.get("access_token"));
+ oauthToken.setExpires(System.currentTimeMillis() + 1000
* Integer.parseInt(params.get("expires_in")));
+ oauthToken.setClientId(oAuthParams.get("clientId"));
+ oauthToken.setAuthzUrl(oAuthParams.get("authzServer"));
+ oauthToken.setWidgetInstance(widgetInstance);
+ persistenceManager.save(oauthToken);
+ return oauthToken.getAccessToken();
+ } catch (Exception ex) {
+ return "invalid";
+ }
}
public Map<String, String> queryXMLParams(String idKey) {
@@ -149,11 +147,15 @@ public class oAuthClient implements IFea
if ("implicit".equals(oAuthParamMap.get("profile")))
url += "%2Ffeatures%2Foauth%2Fimplicit";
+ else if ("authorization
code".equals(oAuthParamMap.get("profile")))
+ url += "%2Ffeatures%2Foauth%2Fauthz-code";
else
url += "%2Ffeatures%2Foauth%2Fother";
} catch (UnsupportedEncodingException e) {
if ("implicit".equals(oAuthParamMap.get("profile")))
url += "/features/oauth/implicit";
+ else if ("authorization
code".equals(oAuthParamMap.get("profile")))
+ url += "/features/oauth/authz-code";
else
url += "/features/oauth/other";
}
@@ -181,3 +183,4 @@ public class oAuthClient implements IFea
return result;
}
}
+
