public String getValue(SecurityToken token) { return token.getDomain(); } public void loadFromMap(AbstractSecurityToken token, Map<String, String> map) {
public String getDomain() { return delegate.getDomain(); }
public String getDomain() { return delegate.getDomain(); }
public String getValue(SecurityToken token) { return token.getDomain(); } public void loadFromMap(AbstractSecurityToken token, Map<String, String> map) {
public String getValue(SecurityToken token) { return token.getDomain(); } public void loadFromMap(AbstractSecurityToken token, Map<String, String> map) {
public String getDomain() { return delegate.getDomain(); }
public String getDomain() { return delegate.getDomain(); }
public String getDomain() { return delegate.getDomain(); }
/** * Add signature type to the message. */ private void addSignatureParams(List<Parameter> params) { if (accessorInfo.getConsumer().getConsumer().consumerKey == null) { params.add( new Parameter(OAuth.OAUTH_CONSUMER_KEY, realRequest.getSecurityToken().getDomain())); } if (accessorInfo.getConsumer().getKeyName() != null) { params.add(new Parameter(XOAUTH_PUBLIC_KEY_OLD, accessorInfo.getConsumer().getKeyName())); params.add(new Parameter(XOAUTH_PUBLIC_KEY_NEW, accessorInfo.getConsumer().getKeyName())); } params.add(new Parameter(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0)); params.add(new Parameter(OAuth.OAUTH_TIMESTAMP, Long.toString(fetcherConfig.getClock().currentTimeMillis() / 1000L))); // the oauth.net java code uses a clock to generate nonces, which causes nonce collisions // under heavy load. A random nonce is more reliable. params.add(new Parameter(OAuth.OAUTH_NONCE, String.valueOf(Math.abs(Crypto.RAND.nextLong())))); }
/** * Add signature type to the message. */ private void addSignatureParams(List<Parameter> params) { if (accessorInfo.getConsumer().getConsumer().consumerKey == null) { params.add( new Parameter(OAuth.OAUTH_CONSUMER_KEY, realRequest.getSecurityToken().getDomain())); } if (accessorInfo.getConsumer().getKeyName() != null) { params.add(new Parameter(XOAUTH_PUBLIC_KEY_OLD, accessorInfo.getConsumer().getKeyName())); params.add(new Parameter(XOAUTH_PUBLIC_KEY_NEW, accessorInfo.getConsumer().getKeyName())); } params.add(new Parameter(OAuth.OAUTH_VERSION, OAuth.VERSION_1_0)); params.add(new Parameter(OAuth.OAUTH_TIMESTAMP, Long.toString(fetcherConfig.getClock().currentTimeMillis() / 1000L))); // the oauth.net java code uses a clock to generate nonces, which causes nonce collisions // under heavy load. A random nonce is more reliable. params.add(new Parameter(OAuth.OAUTH_NONCE, String.valueOf(Math.abs(Crypto.RAND.nextLong())))); }
/** * Encodes a token using the a plaintext dummy format. * @param token token to encode * @return token with values separated by colons */ public String encodeToken(SecurityToken token) { return Joiner.on(":").join( Utf8UrlCoder.encode(token.getOwnerId()), Utf8UrlCoder.encode(token.getViewerId()), Utf8UrlCoder.encode(token.getAppId()), Utf8UrlCoder.encode(token.getDomain()), Utf8UrlCoder.encode(token.getAppUrl()), Long.toString(token.getModuleId()), Utf8UrlCoder.encode(token.getContainer())); }
/** * Encodes a token using the a plaintext dummy format. * @param token token to encode * @return token with values separated by colons */ public String encodeToken(SecurityToken token) { return Joiner.on(":").join( Utf8UrlCoder.encode(token.getOwnerId()), Utf8UrlCoder.encode(token.getViewerId()), Utf8UrlCoder.encode(token.getAppId()), Utf8UrlCoder.encode(token.getDomain()), Utf8UrlCoder.encode(token.getAppUrl()), Long.toString(token.getModuleId()), Utf8UrlCoder.encode(token.getContainer())); }
@Test public void testCreateToken() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); SecurityToken t2 = codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
@Test public void testCreateToken() throws Exception { Map<String, String> values = new HashMap<String, String>(); values.put(Keys.APP_URL.getKey(), "http://www.example.com/gadget.xml"); values.put(Keys.MODULE_ID.getKey(), Long.toString(12345L, 10)); values.put(Keys.OWNER.getKey(), "owner"); values.put(Keys.VIEWER.getKey(), "viewer"); values.put(Keys.TRUSTED_JSON.getKey(), "trusted"); BlobCrypterSecurityToken t = new BlobCrypterSecurityToken("container", null, null, values); String encrypted = t.getContainer() + ":" + getBlobCrypter(getContainerKey("container")).wrap(t.toMap()); SecurityToken t2 = codec.createToken(ImmutableMap.of(SecurityTokenCodec.SECURITY_TOKEN_NAME, encrypted)); assertEquals("http://www.example.com/gadget.xml", t2.getAppId()); assertEquals("http://www.example.com/gadget.xml", t2.getAppUrl()); assertEquals("container.com", t2.getDomain()); assertEquals(12345L, t2.getModuleId()); assertEquals("owner", t2.getOwnerId()); assertEquals("viewer", t2.getViewerId()); assertEquals("trusted", t2.getTrustedJson()); }
public static BlobCrypterSecurityToken fromToken(SecurityToken token) { BlobCrypterSecurityToken interpretedToken = new BlobCrypterSecurityToken(token.getContainer(), token.getDomain(), token.getActiveUrl(), null); interpretedToken .setAppId(token.getAppId()) .setAppUrl(token.getAppUrl()) .setExpiresAt(token.getExpiresAt()) .setModuleId(token.getModuleId()) .setOwnerId(token.getOwnerId()) .setTrustedJson(token.getTrustedJson()) .setViewerId(token.getViewerId()); return interpretedToken; } }
public static BlobCrypterSecurityToken fromToken(SecurityToken token) { BlobCrypterSecurityToken interpretedToken = new BlobCrypterSecurityToken(token.getContainer(), token.getDomain(), token.getActiveUrl(), null); interpretedToken .setAppId(token.getAppId()) .setAppUrl(token.getAppUrl()) .setExpiresAt(token.getExpiresAt()) .setModuleId(token.getModuleId()) .setOwnerId(token.getOwnerId()) .setTrustedJson(token.getTrustedJson()) .setViewerId(token.getViewerId()); return interpretedToken; } }
public static BlobCrypterSecurityToken fromToken(SecurityToken token) { BlobCrypterSecurityToken interpretedToken = new BlobCrypterSecurityToken(token.getContainer(), token.getDomain(), token.getActiveUrl(), null); interpretedToken .setAppId(token.getAppId()) .setAppUrl(token.getAppUrl()) .setExpiresAt(token.getExpiresAt()) .setModuleId(token.getModuleId()) .setOwnerId(token.getOwnerId()) .setTrustedJson(token.getTrustedJson()) .setViewerId(token.getViewerId()); return interpretedToken; } }
@Test public void testVerifyOAuthRequest() throws Exception { expectTokenEntry(); expectConsumer(); replay(); HttpServletRequest request = formEncodedPost.sign(TOKEN, FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.NONE); SecurityToken token = reqHandler.getSecurityTokenFromRequest(request); assertEquals(FakeOAuthRequest.REQUESTOR, token.getViewerId()); assertEquals(APP_ID, token.getAppId()); assertEquals(DOMAIN, token.getDomain()); assertEquals(CONTAINER, token.getContainer()); assertNotNull(token); assertTrue(token instanceof OAuthSecurityToken); verify(); }
@Test public void testVerifyOAuthRequest() throws Exception { expectTokenEntry(); expectConsumer(); replay(); HttpServletRequest request = formEncodedPost.sign(TOKEN, FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.NONE); SecurityToken token = reqHandler.getSecurityTokenFromRequest(request); assertEquals(FakeOAuthRequest.REQUESTOR, token.getViewerId()); assertEquals(APP_ID, token.getAppId()); assertEquals(DOMAIN, token.getDomain()); assertEquals(CONTAINER, token.getContainer()); assertNotNull(token); assertTrue(token instanceof OAuthSecurityToken); verify(); }
@Test public void testVerifyOAuthRequest() throws Exception { expectTokenEntry(); expectConsumer(); replay(); HttpServletRequest request = formEncodedPost.sign(TOKEN, FakeOAuthRequest.OAuthParamLocation.URI_QUERY, FakeOAuthRequest.BodySigning.NONE); SecurityToken token = reqHandler.getSecurityTokenFromRequest(request); assertEquals(FakeOAuthRequest.REQUESTOR, token.getViewerId()); assertEquals(APP_ID, token.getAppId()); assertEquals(DOMAIN, token.getDomain()); assertEquals(CONTAINER, token.getContainer()); assertNotNull(token); assertTrue(token instanceof OAuthSecurityToken); verify(); }