Author: lindner
Date: Wed Mar 25 23:12:30 2009
New Revision: 758462
URL: http://svn.apache.org/viewvc?rev=758462&view=rev
Log:
SHINDIG-994 | Add sample authn/authz layer to 3 legged OAuth, bumps
oauth-core/jetty/servlet-api jars
Added:
incubator/shindig/trunk/java/server/src/main/webapp/login.jsp
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleRealm.java
(with props)
incubator/shindig/trunk/javascript/samplecontainer/examples/icon.png
(with props)
Modified:
incubator/shindig/trunk/java/server/pom.xml
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/authorize.jsp
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.social.xml
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
incubator/shindig/trunk/java/social-api/pom.xml
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/SampleModule.java
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthDataStore.java
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthServlet.java
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/spi/JsonDbOpensocialService.java
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialActivitiesWorld.xml
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialHelloWorld.xml
incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml
incubator/shindig/trunk/javascript/sampledata/canonicaldb.json
incubator/shindig/trunk/pom.xml
Modified: incubator/shindig/trunk/java/server/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/pom.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/pom.xml (original)
+++ incubator/shindig/trunk/java/server/pom.xml Wed Mar 25 23:12:30 2009
@@ -149,7 +149,15 @@
<groupId>org.json</groupId>
<artifactId>json</artifactId>
</dependency>
-
+ <dependency>
+ <groupId>org.jsecurity</groupId>
+ <artifactId>jsecurity</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>jstl</groupId>
+ <artifactId>jstl</artifactId>
+ </dependency>
+
<!-- test -->
<dependency>
<groupId>org.mortbay.jetty</groupId>
@@ -161,5 +169,6 @@
<artifactId>htmlunit</artifactId>
<scope>test</scope>
</dependency>
+
</dependencies>
</project>
Modified:
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/authorize.jsp
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/authorize.jsp?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/authorize.jsp
(original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/authorize.jsp
Wed Mar 25 23:12:30 2009
@@ -1,9 +1,13 @@
+<%@ page import="org.jsecurity.SecurityUtils" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"; %>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"; %>
+<%@ taglib prefix="jsec" uri="http://www.jsecurity.org/tags"; %>
+
<%@ page import="net.oauth.OAuthConsumer" %>
<%@ page import="org.apache.shindig.social.opensocial.oauth.OAuthEntry" %>
<%@ page import="org.apache.shindig.social.opensocial.oauth.OAuthDataStore" %>
<%@ page import="java.net.URLEncoder" %>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
-
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd";>
<%
@@ -11,37 +15,46 @@
OAuthConsumer consumer = (OAuthConsumer)request.getAttribute("CONSUMER");
OAuthEntry entry = (OAuthEntry) request.getAttribute("OAUTH_ENTRY");
OAuthDataStore dataStore = (OAuthDataStore)
request.getAttribute("OAUTH_DATASTORE");
-
- String appDesc = (String)consumer.getProperty("description");
- if (appDesc == null)
- appDesc = consumer.consumerKey;
-
String token = (String)request.getAttribute("TOKEN");
String callback = (String)request.getAttribute("CALLBACK");
- if (request.getParameter("userId") != null) {
- // User posted the form with the user_id setting. Let's mark the token
authorized and redirect back
- // This is ugly and insecure. A production form would perform
- // proper authentication and use the container provided user id.
- dataStore.authorizeToken(entry, request.getParameter("userId"));
- response.sendRedirect("/oauth/authorize?oauth_token=" + token +
"&oauth_callback=" + callback);
+ // Check if the user already authorized
+ // TODO - this is a bit hard since we cannot get at the jsondb here...
+
+ // If user clicked on the Authorize button then we're good.
+ if (request.getParameter("Authorize") != null) {
+ // If the user clicked the Authorize button we authorize the token and
redirect back.
+ dataStore.authorizeToken(entry,
SecurityUtils.getSubject().getPrincipal().toString());
+
+ // Bounce back to the servlet to handle redirecting to the callback URL
+ request.getRequestDispatcher("/oauth/authorize?oauth_token=" + token +
"&oauth_callback=" + callback)
+ .forward(request,response);
}
-%>
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
- "http://www.w3.org/TR/html4/loose.dtd";>
+ // Gather some data
+ String appTitle =(String)consumer.getProperty("title");
+ String appDesc = (String)consumer.getProperty("description");
+ if (appDesc == null)
+ appDesc = consumer.consumerKey;
+
+ String appIcon = (String)consumer.getProperty("icon");
+ String appThumbnail = (String)consumer.getProperty("thumbnail");
+%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>Your Friendly OAuth Provider</title>
</head>
<body>
+Greetings <jsec:principal/>,<br/><br/>
-<h3>"<%=appDesc%>" is trying to access your information.</h3>
+The following application wants to access your account information<br/><br/>
-Enter the userId you want to be known as:
+<h3><img src="<%= appIcon %>"/><%=appTitle %>" is trying to access your
information.</h3>
+<img src="<%= appThumbnail%>" align="left" width="120" height="60"/>
+<c:out value="appDesc" default=""/>
+<br/>
<form name="authZForm" action="authorize" method="POST">
- <input type="text" name="userId" value="" size="20"/><br>
<input type="hidden" name="oauth_token" value="<%= token %>"/>
<input type="hidden" name="oauth_callback" value="<%=
URLEncoder.encode(callback, "UTF-8") %>"/>
<input type="submit" name="Authorize" value="Authorize"/>
@@ -49,4 +62,3 @@
</body>
</html>
-</html>
\ No newline at end of file
Modified:
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
(original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.full.xml
Wed Mar 25 23:12:30 2009
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
@@ -17,11 +17,12 @@
specific language governing permissions and limitations
under the License.
-->
-<!DOCTYPE web-app
- PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd";>
-
-<web-app>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns="http://java.sun.com/xml/ns/javaee";
+ xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ id="Shindig"
+ version="2.5">
<!-- configuration -->
<!-- If you have your own Guice module(s), put them here as a
colon-separated list. -->
<context-param>
Modified:
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
(original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.gadgets.xml
Wed Mar 25 23:12:30 2009
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
@@ -17,11 +17,12 @@
specific language governing permissions and limitations
under the License.
-->
-<!DOCTYPE web-app
- PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd";>
-
-<web-app>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns="http://java.sun.com/xml/ns/javaee";
+ xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ id="Shindig"
+ version="2.5">
<!-- configuration -->
<!-- If you have your own Guice module(s), put them here as a
colon-separated list. -->
<context-param>
Modified:
incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.social.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.social.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.social.xml
(original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.social.xml
Wed Mar 25 23:12:30 2009
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
@@ -17,11 +17,12 @@
specific language governing permissions and limitations
under the License.
-->
-<!DOCTYPE web-app
- PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd";>
-
-<web-app>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns="http://java.sun.com/xml/ns/javaee";
+ xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ id="Shindig"
+ version="2.5">
<!-- configuration -->
<!-- If you have your own Guice module(s), put them here as a
colon-separated list. -->
<context-param>
Modified: incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml
(original)
+++ incubator/shindig/trunk/java/server/src/main/webapp/WEB-INF/web.xml Wed Mar
25 23:12:30 2009
@@ -1,4 +1,4 @@
-<?xml version="1.0"?>
+<?xml version="1.0" encoding="UTF-8"?>
<!--
Licensed to the Apache Software Foundation (ASF) under one
or more contributor license agreements. See the NOTICE file
@@ -17,11 +17,13 @@
specific language governing permissions and limitations
under the License.
-->
-<!DOCTYPE web-app
- PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd";>
-
-<web-app>
+<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
+ xmlns="http://java.sun.com/xml/ns/javaee";
+ xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd";
+ id="Shindig"
+ version="2.5">
+ <display-name>Shindig</display-name>
<!-- configuration -->
<!-- If you have your own Guice module(s), put them here as a
colon-separated list. -->
<context-param>
@@ -35,11 +37,54 @@
</param-value>
</context-param>
+ <filter>
+ <filter-name>JSecurityFilter</filter-name>
+ <filter-class>org.jsecurity.web.servlet.JSecurityFilter</filter-class>
+ <init-param>
+ <param-name>config</param-name>
+ <param-value>
+
+ # The JSecurityFilter configuration is very powerful and
flexible, while still remaining succinct.
+ # Please read the comprehensive example, with full comments
and explanations, in the JavaDoc:
+ #
+ #
http://www.jsecurity.org/api/org/jsecurity/web/servlet/JSecurityFilter.html
+ [main]
+ shindigSampleRealm =
org.apache.shindig.social.sample.oauth.SampleRealm
+ securityManager.realm = $shindigSampleRealm
+
+ [filters]
+ jsecurity.loginUrl = /login.jsp
+
+ [urls]
+ # The /login.jsp is not restricted to authenticated users
(otherwise no one could log in!), but
+ # the 'authc' filter must still be specified for it so it can
process that url's
+ # login submissions. It is 'smart' enough to allow those
requests through as specified by the
+ # jsecurity.loginUrl above.
+ /login.jsp = authc
+
+ /oauth/authorize/** = authc
+ /remoting/** = authc, roles[b2bClient],
perms[remote:invoke:"lan,wan"]
+
+ </param-value>
+ </init-param>
+ </filter>
+
<filter>
<filter-name>authFilter</filter-name>
<filter-class>org.apache.shindig.auth.AuthenticationServletFilter</filter-class>
</filter>
+
+ <filter-mapping>
+ <filter-name>JSecurityFilter</filter-name>
+ <url-pattern>/oauth/authorize</url-pattern>
+ </filter-mapping>
+
+ <filter-mapping>
+ <filter-name>JSecurityFilter</filter-name>
+ <url-pattern>*.jsp</url-pattern>
+ </filter-mapping>
+
<filter-mapping>
<filter-name>authFilter</filter-name>
<url-pattern>/social/*</url-pattern>
Added: incubator/shindig/trunk/java/server/src/main/webapp/login.jsp
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/server/src/main/webapp/login.jsp?rev=758462&view=auto
==============================================================================
--- incubator/shindig/trunk/java/server/src/main/webapp/login.jsp (added)
+++ incubator/shindig/trunk/java/server/src/main/webapp/login.jsp Wed Mar 25
23:12:30 2009
@@ -0,0 +1,111 @@
+<%--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ --%>
+<%@ page import="org.jsecurity.SecurityUtils" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"; %>
+<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"; %>
+<%@ taglib prefix="jsec" uri="http://www.jsecurity.org/tags"; %>
+
+<html>
+<head>
+</head>
+<body>
+
+<h2>Please Log in</h2>
+
+<jsec:guest>
+ <p>Try one of the accounts defined in canonicaldb.json</p>
+
+
+ <style type="text/css">
+ table.sample {
+ border-width: 1px;
+ border-style: outset;
+ border-color: blue;
+ border-collapse: separate;
+ background-color: rgb( 255, 255, 240 );
+ }
+
+ table.sample th {
+ border-width: 1px;
+ padding: 1px;
+ border-style: none;
+ border-color: blue;
+ background-color: rgb( 255, 255, 240 );
+ }
+
+ table.sample td {
+ border-width: 1px;
+ padding: 1px;
+ border-style: none;
+ border-color: blue;
+ background-color: rgb( 255, 255, 240 );
+ }
+ </style>
+
+
+ <table class="sample">
+ <thead>
+ <tr>
+ <th>Username</th>
+ <th>Password</th>
+ </tr>
+ </thead>
+ <tbody>
+ <tr>
+ <td>canonical</td>
+ <td>password</td>
+ </tr>
+ <tr>
+ <td>john.doe</td>
+ <td>password</td>
+ </tr>
+ <tr>
+ <td>jane.doe</td>
+ <td>password</td>
+ </tr>
+ </tbody>
+ </table>
+ <br/><br/>
+</jsec:guest>
+
+
+<c:out value="${jsecLoginFailure}" default=""/><br/>
+
+
+<form action="" method="post">
+ <table align="left" border="0" cellspacing="0" cellpadding="3">
+ <tr>
+ <td>Username:</td>
+ <td><input type="text" name="username" maxlength="30"></td>
+ </tr>
+ <tr>
+ <td>Password:</td>
+ <td><input type="password" name="password" maxlength="30"></td>
+ </tr>
+ <tr>
+ <td colspan="2" align="left"><input type="checkbox"
name="rememberMe"><font size="2">Remember Me</font></td>
+ </tr>
+ <tr>
+ <td colspan="2" align="right"><input type="submit" name="submit"
value="Login"></td>
+ </tr>
+ </table>
+</form>
+
+</body>
+</html>
Modified: incubator/shindig/trunk/java/social-api/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/pom.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/java/social-api/pom.xml (original)
+++ incubator/shindig/trunk/java/social-api/pom.xml Wed Mar 25 23:12:30 2009
@@ -140,6 +140,10 @@
<groupId>xml-apis</groupId>
<artifactId>xml-apis</artifactId>
</dependency>
+ <dependency>
+ <groupId>org.jsecurity</groupId>
+ <artifactId>jsecurity</artifactId>
+ </dependency>
<!-- test -->
<dependency>
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/SampleModule.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/SampleModule.java?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/SampleModule.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/SampleModule.java
Wed Mar 25 23:12:30 2009
@@ -23,6 +23,7 @@
import org.apache.shindig.social.opensocial.spi.AppDataService;
import org.apache.shindig.social.opensocial.spi.PersonService;
import org.apache.shindig.social.sample.oauth.SampleOAuthDataStore;
+import org.apache.shindig.social.sample.oauth.SampleRealm;
import org.apache.shindig.social.sample.service.SampleContainerHandler;
import org.apache.shindig.social.sample.spi.JsonDbOpensocialService;
@@ -50,6 +51,10 @@
bind(PersonService.class).to(JsonDbOpensocialService.class);
bind(OAuthDataStore.class).to(SampleOAuthDataStore.class);
+
+
+ // We do this so that jsecurity realms can get access to the jsondbservice
singleton
+ requestStaticInjection(SampleRealm.class);
}
@Override
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthDataStore.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthDataStore.java?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthDataStore.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthDataStore.java
Wed Mar 25 23:12:30 2009
@@ -19,6 +19,7 @@
import com.google.common.base.Preconditions;
import com.google.common.collect.MapMaker;
+import com.google.common.collect.ImmutableList;
import com.google.inject.Inject;
import com.google.inject.name.Named;
@@ -29,6 +30,7 @@
import org.apache.shindig.social.opensocial.oauth.OAuthEntry;
import org.apache.shindig.social.sample.spi.JsonDbOpensocialService;
import org.json.JSONException;
+import org.json.JSONObject;
import java.util.Date;
import java.util.UUID;
@@ -60,12 +62,20 @@
public OAuthConsumer getConsumer(String consumerKey) {
try {
- String consumerSecret =
service.getDb().getJSONObject("consumerSecrets").getString(Preconditions.checkNotNull(consumerKey));
+ JSONObject app =
service.getDb().getJSONObject("apps").getJSONObject(Preconditions.checkNotNull(consumerKey));
+ String consumerSecret = app.getString("consumerSecret");
+
if (consumerSecret == null)
return null;
+
// null below is for the callbackUrl, which we don't have in the db
OAuthConsumer consumer = new OAuthConsumer(null, consumerKey,
consumerSecret, SERVICE_PROVIDER);
- consumer.setProperty("samplecontainer-attribute", "value");
+
+ // Set some properties loosely based on the ModulePrefs of a gadget
+ for (String key : ImmutableList.of("title", "summary", "description",
"thumbnail", "icon")) {
+ if (app.has(key))
+ consumer.setProperty(key, app.getString(key));
+ }
return consumer;
@@ -125,8 +135,9 @@
public SecurityToken getSecurityTokenForConsumerRequest(String consumerKey,
String userId) {
String domain = "samplecontainer.com";
String container = "default";
-
+
return new OAuthSecurityToken(userId, null, consumerKey, domain, container,
AuthenticationMode.OAUTH_CONSUMER_REQUEST.name());
+
}
}
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthServlet.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthServlet.java?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthServlet.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleOAuthServlet.java
Wed Mar 25 23:12:30 2009
@@ -91,14 +91,14 @@
String consumerKey = requestMessage.getConsumerKey();
if (consumerKey == null) {
- OAuthProblemException e = new OAuthProblemException("parameter_absent");
- e.setParameter("oauth_paramaeters_absent", "oauth_consumer_key");
+ OAuthProblemException e = new
OAuthProblemException(OAuth.Problems.PARAMETER_ABSENT);
+ e.setParameter(OAuth.Problems.OAUTH_PARAMETERS_ABSENT,
"oauth_consumer_key");
throw e;
}
OAuthConsumer consumer = dataStore.getConsumer(consumerKey);
if (consumer == null)
- throw new OAuthProblemException("consumer_key_unknown");
+ throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
OAuthAccessor accessor = new OAuthAccessor(consumer);
VALIDATOR.validateMessage(requestMessage, accessor);
@@ -117,10 +117,16 @@
HttpServletResponse servletResponse) throws ServletException,
IOException, OAuthException, URISyntaxException {
OAuthMessage requestMessage = OAuthServlet.getMessage(servletRequest,
null);
+
+ if (requestMessage.getToken() == null) {
+ // MALFORMED REQUEST
+ servletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST,
"Authentication token not found");
+ return;
+ }
OAuthEntry entry = dataStore.getEntry(requestMessage.getToken());
if (entry == null) {
- servletResponse.sendError(HttpServletResponse.SC_NOT_FOUND,
"Authentication Token not found");
+ servletResponse.sendError(HttpServletResponse.SC_NOT_FOUND, "OAuth Entry
not found");
return;
}
@@ -163,6 +169,7 @@
out.close();
} else {
callback = OAuth.addParameters(callback, OAuth.OAUTH_TOKEN, entry.token);
+ // Add user_id to the callback
callback = OAuth.addParameters(callback, "user_id", entry.userId);
servletResponse.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
@@ -178,7 +185,7 @@
OAuthEntry entry = getValidatedEntry(requestMessage);
if (entry == null)
- throw new OAuthProblemException("token_rejected");
+ throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
if (!entry.authorized) {
throw new ServletException("additional_authorization_required");
@@ -199,30 +206,30 @@
OAuthEntry entry = dataStore.getEntry(requestMessage.getToken());
if (entry == null)
- throw new OAuthProblemException("token_rejected");
+ throw new OAuthProblemException(OAuth.Problems.TOKEN_REJECTED);
if (entry.type != OAuthEntry.Type.REQUEST)
- throw new OAuthProblemException("token_used");
+ throw new OAuthProblemException(OAuth.Problems.TOKEN_USED);
if (entry.isExpired())
- throw new OAuthProblemException("token_expired");
+ throw new OAuthProblemException(OAuth.Problems.TOKEN_EXPIRED);
// find consumer key, compare with supplied value, if present.
if (requestMessage.getConsumerKey() == null) {
- OAuthProblemException e = new OAuthProblemException("parameter_absent");
- e.setParameter("oauth_paramaeters_absent", "oauth_consumer");
+ OAuthProblemException e = new
OAuthProblemException(OAuth.Problems.PARAMETER_ABSENT);
+ e.setParameter(OAuth.Problems.OAUTH_PARAMETERS_ABSENT, "oauth_consumer");
throw e;
}
String consumerKey = entry.consumerKey;
if (!consumerKey.equals(requestMessage.getConsumerKey()))
- throw new OAuthProblemException("consumer_key_refused");
+ throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_REFUSED);
OAuthConsumer consumer = dataStore.getConsumer(consumerKey);
if (consumer == null)
- throw new OAuthProblemException("consumer_key_unknown");
+ throw new OAuthProblemException(OAuth.Problems.CONSUMER_KEY_UNKNOWN);
OAuthAccessor accessor = new OAuthAccessor(consumer);
Added:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleRealm.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleRealm.java?rev=758462&view=auto
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleRealm.java
(added)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleRealm.java
Wed Mar 25 23:12:30 2009
@@ -0,0 +1,88 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+package org.apache.shindig.social.sample.oauth;
+
+import org.jsecurity.realm.AuthorizingRealm;
+import org.jsecurity.authz.AuthorizationInfo;
+import org.jsecurity.authz.AuthorizationException;
+import org.jsecurity.authz.SimpleAuthorizationInfo;
+import org.jsecurity.subject.PrincipalCollection;
+import org.jsecurity.authc.AuthenticationInfo;
+import org.jsecurity.authc.AuthenticationToken;
+import org.jsecurity.authc.AuthenticationException;
+import org.jsecurity.authc.AccountException;
+import org.jsecurity.authc.UsernamePasswordToken;
+import org.jsecurity.authc.SimpleAuthenticationInfo;
+import org.apache.shindig.social.sample.spi.JsonDbOpensocialService;
+import org.apache.shindig.social.opensocial.spi.UserId;
+import org.apache.shindig.social.opensocial.spi.SocialSpiException;
+import org.apache.shindig.social.opensocial.model.Person;
+import org.apache.shindig.common.util.ImmediateFuture;
+import org.apache.shindig.protocol.ResponseError;
+import org.json.JSONObject;
+import org.json.JSONArray;
+import com.google.common.collect.ImmutableSet;
+import com.google.inject.Inject;
+
+import java.util.Set;
+
+/**
+ * A Sample Jsecurity Realm that uses the JSON DB to get passwords
+ *
+ */
+public class SampleRealm extends AuthorizingRealm {
+ // HACK, jsecurity relies upon no-arg constructors..
+ @Inject
+ private static JsonDbOpensocialService jsonDbService;
+
+
+ protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
token) throws AuthenticationException {
+ UsernamePasswordToken upToken = (UsernamePasswordToken) token;
+ String username = upToken.getUsername();
+
+ // Null username is invalid
+ if (username == null) {
+ throw new AccountException("Null usernames are not allowed by this
realm.");
+ }
+ String password = jsonDbService.getPassword(username);
+
+ return new SimpleAuthenticationInfo(username, password, this.getName());
+ }
+
+ protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection
principals) {
+ //null usernames are invalid
+ if (principals == null) {
+ throw new AuthorizationException("PrincipalCollection method argument
cannot be null.");
+ }
+
+ String username = (String)
principals.fromRealm(getName()).iterator().next();
+
+
+ Set<String> roleNames;
+
+ if (username == null) {
+ roleNames = ImmutableSet.of();
+ } else {
+ roleNames = ImmutableSet.of("foo", "goo");
+ }
+
+ return new SimpleAuthorizationInfo(roleNames);
+ }
+
+}
Propchange:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/oauth/SampleRealm.java
------------------------------------------------------------------------------
svn:eol-style = native
Modified:
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/spi/JsonDbOpensocialService.java
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/spi/JsonDbOpensocialService.java?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
---
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/spi/JsonDbOpensocialService.java
(original)
+++
incubator/shindig/trunk/java/social-api/src/main/java/org/apache/shindig/social/sample/spi/JsonDbOpensocialService.java
Wed Mar 25 23:12:30 2009
@@ -109,6 +109,11 @@
*/
private static final String MESSAGE_TABLE = "messages";
+ /**
+ * db["passwords"] -> Map<Person.Id, String>
+ */
+ private static final String PASSWORDS_TABLE = "passwords";
+
@Inject
public JsonDbOpensocialService(@Named("shindig.canonical.json.db")String
jsonLocation,
@Named("shindig.bean.converter.json")BeanConverter converter) throws
Exception {
@@ -498,6 +503,17 @@
}
/**
+ * Public methods for use with Authentication Classes
+ */
+ public String getPassword(String username) {
+ try {
+ return db.getJSONObject(PASSWORDS_TABLE).getString(username);
+ } catch (JSONException e) {
+ return null;
+ }
+ }
+
+ /**
* Get the set of user id's from a user and group
*/
private Set<String> getIdSet(UserId user, GroupId group, SecurityToken token)
Modified:
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialActivitiesWorld.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/samplecontainer/examples/SocialActivitiesWorld.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
---
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialActivitiesWorld.xml
(original)
+++
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialActivitiesWorld.xml
Wed Mar 25 23:12:30 2009
@@ -1,6 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<Module>
- <ModulePrefs title="Social Activities World">
+ <ModulePrefs title="Social Activities World"
+
icon="http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png";>
<Require feature="opensocial-0.7"></Require>
<Require feature="dynamic-height"></Require>
</ModulePrefs>
Modified:
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialHelloWorld.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/samplecontainer/examples/SocialHelloWorld.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
---
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialHelloWorld.xml
(original)
+++
incubator/shindig/trunk/javascript/samplecontainer/examples/SocialHelloWorld.xml
Wed Mar 25 23:12:30 2009
@@ -1,6 +1,9 @@
<?xml version="1.0" encoding="UTF-8"?>
<Module>
- <ModulePrefs title="Social Hello World">
+ <ModulePrefs title="Social Hello World"
+ description="The Social Hello World Application Displays
multilingual hello messages"
+ thumbnail="http://localhost:8080/";
+
icon="http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png";>
<Require feature="opensocial-0.7"></Require>
<Require feature="dynamic-height"></Require>
</ModulePrefs>
Added: incubator/shindig/trunk/javascript/samplecontainer/examples/icon.png
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/samplecontainer/examples/icon.png?rev=758462&view=auto
==============================================================================
Binary file - no diff available.
Propchange: incubator/shindig/trunk/javascript/samplecontainer/examples/icon.png
------------------------------------------------------------------------------
svn:mime-type = image/png
Modified: incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml
(original)
+++ incubator/shindig/trunk/javascript/samplecontainer/examples/oauth.xml Wed
Mar 25 23:12:30 2009
@@ -1,6 +1,7 @@
<?xml version="1.0" encoding="UTF-8" ?>
<Module>
- <ModulePrefs title="Demo OAuth Gadget">
+ <ModulePrefs title="Demo OAuth Gadget"
+
icon="http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png";>
<OAuth>
<Service>
<Request url="http://localhost:9090/oauth-provider/request_token"; />
Modified: incubator/shindig/trunk/javascript/sampledata/canonicaldb.json
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/javascript/sampledata/canonicaldb.json?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/javascript/sampledata/canonicaldb.json (original)
+++ incubator/shindig/trunk/javascript/sampledata/canonicaldb.json Wed Mar 25
23:12:30 2009
@@ -404,11 +404,36 @@
}
},
//
-// Consumer Secrets for OAuth REST validations
-// In this case the consumerKey is the App URL.
+// Gadgets/App information. OAuth Consumer Key defaults to the app url.
//
-"consumerSecrets" : {
-
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialHelloWorld.xml":
"secret",
-
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialActivitiesWorld.xml";
: "secret"
-}
+"apps" : {
+
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialHelloWorld.xml":
+ { "title" : "Social Hello World",
+ "consumerSecret" : "secret",
+ "icon" :
"http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"},
+
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialActivitiesWorld.xml";
:
+ { "title" : "Social Activities World",
+ "consumerSecret" : "secret",
+ "icon" :
"http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"},
+ "http://localhost:8080/gadgets/files/samplecontainer/examples/oauth.xml"; :
+ { "title" : "Demo OAuth Gadget",
+ "consumerSecret" : "secret",
+ "icon" :
"http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"}
+ },
+
+ // duplicates userApplications as above..
+ "permissions": {
+ "john.doe" : {
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialHelloWorld.xml";
: { installed : true},
+
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialActivitiesWorld.xml";
: { installed : true}
+ },
+ "canonical" :{
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialHelloWorld.xml";
: { installed : true},
+
"http://localhost:8080/gadgets/files/samplecontainer/examples/SocialActivitiesWorld.xml";
: { installed : true}
+ }
+ },
+// Passwords for authenticaiton service
+ "passwords" : {
+ "john.doe" : "password",
+ "jane.doe" : "password",
+ "canonical" : "password"
+ }
}
Modified: incubator/shindig/trunk/pom.xml
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/pom.xml?rev=758462&r1=758461&r2=758462&view=diff
==============================================================================
--- incubator/shindig/trunk/pom.xml (original)
+++ incubator/shindig/trunk/pom.xml Wed Mar 25 23:12:30 2009
@@ -504,7 +504,7 @@
<encoding>${project.build.sourceEncoding}</encoding>
<links>
<link>http://java.sun.com/j2se/1.5.0/docs/api</link>
- <link>http://java.sun.com/products/servlet/2.3/javadoc/</link>
+
<link>http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/</link>
<link>http://www.json.org/javadoc/</link>
<link>http://junit.sourceforge.net/javadoc/</link>
</links>
@@ -910,7 +910,7 @@
<encoding>${project.build.sourceEncoding}</encoding>
<links>
<link>http://java.sun.com/j2se/1.5.0/docs/api</link>
- <link>http://java.sun.com/products/servlet/2.3/javadoc/</link>
+
<link>http://java.sun.com/products/servlet/2.5/docs/servlet-2_5-mr2/</link>
<link>http://www.json.org/javadoc/</link>
<link>http://junit.sourceforge.net/javadoc/</link>
</links>
@@ -1036,7 +1036,7 @@
<plugin>
<groupId>org.mortbay.jetty</groupId>
<artifactId>maven-jetty-plugin</artifactId>
- <version>6.1.14</version>
+ <version>6.1.15</version>
</plugin>
<plugin>
<groupId>org.apache.geronimo.genesis.plugins</groupId>
@@ -1154,6 +1154,12 @@
<id>apache-incubator</id>
<url>http://people.apache.org/repo/m2-incubating-repository</url>
</repository>
+ <!-- for jstl-1.2 for now.. -->
+ <repository>
+ <id>java.net</id>
+ <url>http://download.java.net/maven/1</url>
+ <layout>legacy</layout>
+ </repository>
</repositories>
<!-- ======================================================================
-->
@@ -1163,7 +1169,7 @@
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>servlet-api</artifactId>
- <version>2.4</version>
+ <version>2.5</version>
<scope>provided</scope>
</dependency>
<dependency>
@@ -1279,7 +1285,7 @@
<dependency>
<groupId>net.oauth</groupId>
<artifactId>oauth-core</artifactId>
- <version>20090121</version>
+ <version>20090315</version>
<scope>compile</scope>
</dependency>
<dependency>
@@ -1307,7 +1313,7 @@
<dependency>
<groupId>org.mortbay.jetty</groupId>
<artifactId>jetty</artifactId>
- <version>6.1.14</version>
+ <version>6.1.15</version>
</dependency>
<dependency>
<groupId>joda-time</groupId>
@@ -1420,6 +1426,18 @@
<artifactId>commons-httpclient</artifactId>
<version>3.1</version>
</dependency>
+ <dependency>
+ <groupId>org.jsecurity</groupId>
+ <artifactId>jsecurity</artifactId>
+ <version>0.9.0</version>
+ </dependency>
+ <!-- TODO - switch to jakarta taglibs when the get a jstl 1.2 version out
+ See https://issues.apache.org/bugzilla/show_bug.cgi?id=45197
-->
+ <dependency>
+ <groupId>jstl</groupId>
+ <artifactId>jstl</artifactId>
+ <version>1.2</version>
+ </dependency>
</dependencies>
</dependencyManagement>
</project>
![http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"](http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"){kind=link}
![http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"}](http://localhost:8080/gadgets/files/samplecontainer/examples/icon.png"}){kind=link}