Author: scottbw
Date: Tue Mar 4 13:17:29 2014
New Revision: 1574093
URL: http://svn.apache.org/r1574093
Log:
When a request is made to get or create an instance, mint a new single-use
token to return for the URL of the widget. See WOOKIE-426.
Modified:
wookie/trunk/wookie-server/src/main/java/org/apache/wookie/controller/WidgetInstancesController.java
Modified:
wookie/trunk/wookie-server/src/main/java/org/apache/wookie/controller/WidgetInstancesController.java
URL:
http://svn.apache.org/viewvc/wookie/trunk/wookie-server/src/main/java/org/apache/wookie/controller/WidgetInstancesController.java?rev=1574093&r1=1574092&r2=1574093&view=diff
==============================================================================
---
wookie/trunk/wookie-server/src/main/java/org/apache/wookie/controller/WidgetInstancesController.java
(original)
+++
wookie/trunk/wookie-server/src/main/java/org/apache/wookie/controller/WidgetInstancesController.java
Tue Mar 4 13:17:29 2014
@@ -87,11 +87,18 @@ public class WidgetInstancesController e
//
String apiKey = request.getParameter("api_key");
if (!authToken.getApiKey().equals(apiKey)) throw new
UnauthorizedAccessException();
-
+
+
+ //
+ // When this API is called, we create a new single-use
token to return in the URL.
+ // When the widget is rendered it will request a new
standard token via AJAX.
+ //
+ AuthToken newToken =
AuthToken.SINGLE_USE_TOKEN(authToken);
+
checkProxy(request);
String url;
try {
- url = getUrl(request, authToken);
+ url = getUrl(request, newToken);
} catch (Exception e1) {
throw new IOException(e1);
}
@@ -100,7 +107,7 @@ public class WidgetInstancesController e
// If the widget was replaced by the not supported
widget, return
// 404. Otherwise return 200.
//
- if
(authToken.getWidgetId().equals("http://notsupported";)){
+ if
(newToken.getWidgetId().equals("http://notsupported";)){
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
} else {
response.setStatus(HttpServletResponse.SC_OK);
@@ -124,9 +131,9 @@ public class WidgetInstancesController e
//
try {
switch(format(request)){
- case XML:
returnXml(WidgetInstanceHelper.createXMLWidgetInstanceDocument(authToken, url,
useDefaultSizes), response); break;
- case JSON:
returnJson(WidgetInstanceHelper.toJson(authToken, url, useDefaultSizes),
response); break;
- default:
returnXml(WidgetInstanceHelper.createXMLWidgetInstanceDocument(authToken, url,
useDefaultSizes), response); break;
+ case XML:
returnXml(WidgetInstanceHelper.createXMLWidgetInstanceDocument(newToken, url,
useDefaultSizes), response); break;
+ case JSON:
returnJson(WidgetInstanceHelper.toJson(newToken, url, useDefaultSizes),
response); break;
+ default:
returnXml(WidgetInstanceHelper.createXMLWidgetInstanceDocument(newToken, url,
useDefaultSizes), response); break;
}
} catch (Exception e) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
