public String encodeToken(SecurityToken token) throws SecurityTokenException { if (token == null) { return null; } return codec.encodeToken(token); } }
public String encodeToken(SecurityToken token) throws SecurityTokenException { if (token == null) { return null; } return codec.encodeToken(token); }
public String encodeToken(SecurityToken token) throws SecurityTokenException { if (token == null) { return null; } return codec.encodeToken(token); }
public String encodeToken(SecurityToken token) throws SecurityTokenException { if (token == null) { return null; } return codec.encodeToken(token); } }
public String encodeToken(SecurityToken token) throws SecurityTokenException { if (token == null) { return null; } return codec.encodeToken(token); }
/** {@inheritDoc} */ public void contribute(Map<String,Object> config, String container, String host) { // Inject an anonymous security token TODO set TTL based on cachability of this JS? SecurityToken containerToken = new AnonymousSecurityToken(container, 0,"*", 1000L * 60 * 60 * 24); Map<String, String> authConfig = Maps.newHashMapWithExpectedSize(2); try { config.put("shindig.auth", authConfig); authConfig.put("authToken", securityTokenCodec.encodeToken(containerToken)); } catch (SecurityTokenException e) { // ignore } } }
/** {@inheritDoc} */ public void contribute(Map<String,Object> config, String container, String host) { // Inject an anonymous security token TODO set TTL based on cachability of this JS? SecurityToken containerToken = new AnonymousSecurityToken(container, 0,"*", 1000L * 60 * 60 * 24); Map<String, String> authConfig = Maps.newHashMapWithExpectedSize(2); try { config.put("shindig.auth", authConfig); authConfig.put("authToken", securityTokenCodec.encodeToken(containerToken)); } catch (SecurityTokenException e) { // ignore } } }
/** {@inheritDoc} */ public void contribute(Map<String,Object> config, String container, String host) { // TODO: This currently will throw an exception when using BlobCrypterSecurityTokens... // It seems to be ok for now, we need some good token cleanup. SecurityToken containerToken = new AnonymousSecurityToken(container, 0L, "*"); Map<String, String> authConfig = Maps.newHashMapWithExpectedSize(2); try { config.put("shindig.auth", authConfig); authConfig.put("authToken", securityTokenCodec.encodeToken(containerToken)); } catch (SecurityTokenException e) { // ignore } } }
protected String generateSecurityToken(Gadget gadget) { // Find a security token in the context try { SecurityToken token = gadget.getContext().getToken(); if (securityTokenCodec != null && token != null) { return securityTokenCodec.encodeToken(token); } } catch (SecurityTokenException e) { // ignore -- no security token } return null; }
protected String generateSecurityToken(Gadget gadget) { // Find a security token in the context try { SecurityToken token = gadget.getContext().getToken(); if (securityTokenCodec != null && token != null) { return securityTokenCodec.encodeToken(token); } } catch (SecurityTokenException e) { // ignore -- no security token } return null; }
protected String generateSecurityToken(Gadget gadget) { // Find a security token in the context try { SecurityToken token = gadget.getContext().getToken(); if (securityTokenCodec != null && token != null) { return securityTokenCodec.encodeToken(token); } } catch (SecurityTokenException e) { // ignore -- no security token } return null; }
@Test public void testTokenMultipleGadgetsWithSuccessAndFailure() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))).andReturn(TOKEN); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))).andThrow( new SecurityTokenException("blah")); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL, GADGET2_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, authContext, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget1 = response.getJSONObject(GADGET1_URL); assertEquals(TOKEN, gadget1.getString("token")); assertFalse(gadget1.has("error")); JSONObject gadget2 = response.getJSONObject(GADGET2_URL); assertFalse(gadget2.has("token")); assertEquals(GadgetsHandler.FAILURE_TOKEN, gadget2.getJSONObject("error").getString("message")); assertEquals(500, gadget2.getJSONObject("error").getInt("code")); }
@Test public void testTokenMultipleGadgetsWithSuccessAndFailure() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))).andReturn(TOKEN); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))).andThrow( new SecurityTokenException("blah")); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL, GADGET2_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, authContext, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget1 = response.getJSONObject(GADGET1_URL); assertEquals(TOKEN, gadget1.getString("token")); assertFalse(gadget1.has("error")); JSONObject gadget2 = response.getJSONObject(GADGET2_URL); assertFalse(gadget2.has("token")); assertEquals(GadgetsHandler.FAILURE_TOKEN, gadget2.getJSONObject("error").getString("message")); assertEquals(500, gadget2.getJSONObject("error").getInt("code")); }
@Test public void testTokenOneGadgetFailure() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))).andThrow( new SecurityTokenException("blah")); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, authContext, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget = response.getJSONObject(GADGET1_URL); assertFalse(gadget.has("token")); assertEquals(GadgetsHandler.FAILURE_TOKEN, gadget.getJSONObject("error").getString("message")); assertEquals(500, gadget.getJSONObject("error").getInt("code")); }
@Test public void testTokenMultipleGadgetsWithSuccessAndFailure() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))) .andReturn(TOKEN); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))) .andThrow(new SecurityTokenException("blah")); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL, GADGET2_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, token, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget1 = response.getJSONObject(GADGET1_URL); assertEquals(TOKEN, gadget1.getString("token")); assertFalse(gadget1.has("error")); JSONObject gadget2 = response.getJSONObject(GADGET2_URL); assertFalse(gadget2.has("token")); assertEquals(GadgetsHandler.FAILURE_TOKEN, gadget2.getString("error")); }
@Test public void testTokenOneGadgetFailure() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))).andThrow( new SecurityTokenException("blah")); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, authContext, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget = response.getJSONObject(GADGET1_URL); assertFalse(gadget.has("token")); assertEquals(GadgetsHandler.FAILURE_TOKEN, gadget.getJSONObject("error").getString("message")); assertEquals(500, gadget.getJSONObject("error").getInt("code")); }
@Test public void testTokenOneGadgetFailure() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); EasyMock.expect(codec.encodeToken(EasyMock.isA(SecurityToken.class))) .andThrow(new SecurityTokenException("blah")); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, token, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget = response.getJSONObject(GADGET1_URL); assertFalse(gadget.has("token")); assertEquals(GadgetsHandler.FAILURE_TOKEN, gadget.getString("error")); }
@Test public void testTokenOneGadget() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); Capture<SecurityToken> tokenCapture = new Capture<SecurityToken>(); EasyMock.expect(codec.encodeToken(EasyMock.capture(tokenCapture))).andReturn(TOKEN); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, token, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget = response.getJSONObject(GADGET1_URL); assertEquals(TOKEN, gadget.getString("token")); assertFalse(gadget.has("error")); // next checks verify all fiels that canbe used for token generation are passed in assertEquals("container", tokenCapture.getValue().getContainer()); assertEquals(GADGET1_URL, tokenCapture.getValue().getAppId()); assertEquals(GADGET1_URL, tokenCapture.getValue().getAppUrl()); assertSame(token.getOwnerId(), tokenCapture.getValue().getOwnerId()); assertSame(token.getViewerId(), tokenCapture.getValue().getViewerId()); }
@Test public void testTokenOneGadget() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); Capture<SecurityToken> authContextCapture = new Capture<SecurityToken>(); EasyMock.expect(codec.encodeToken(EasyMock.capture(authContextCapture))).andReturn(TOKEN) .anyTimes(); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, authContext, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget = response.getJSONObject(GADGET1_URL); assertEquals(TOKEN, gadget.getString("token")); assertFalse(gadget.has("error")); assertFalse(gadget.has("url")); // filtered out // next checks verify all fiels that canbe used for token generation are passed in assertEquals("container", authContextCapture.getValue().getContainer()); assertEquals(GADGET1_URL, authContextCapture.getValue().getAppId()); assertEquals(GADGET1_URL, authContextCapture.getValue().getAppUrl()); assertSame(authContext.getOwnerId(), authContextCapture.getValue().getOwnerId()); assertSame(authContext.getViewerId(), authContextCapture.getValue().getViewerId()); }
@Test public void testTokenOneGadget() throws Exception { SecurityTokenCodec codec = EasyMock.createMock(SecurityTokenCodec.class); Capture<SecurityToken> authContextCapture = new Capture<SecurityToken>(); EasyMock.expect(codec.encodeToken(EasyMock.capture(authContextCapture))).andReturn(TOKEN) .anyTimes(); replay(codec); registerGadgetsHandler(codec); JSONObject request = makeTokenRequest(GADGET1_URL); RpcHandler operation = registry.getRpcHandler(request); Object responseObj = operation.execute(emptyFormItems, authContext, converter).get(); JSONObject response = new JSONObject(converter.convertToString(responseObj)); JSONObject gadget = response.getJSONObject(GADGET1_URL); assertEquals(TOKEN, gadget.getString("token")); assertFalse(gadget.has("error")); assertFalse(gadget.has("url")); // filtered out // next checks verify all fiels that canbe used for token generation are passed in assertEquals("container", authContextCapture.getValue().getContainer()); assertEquals(GADGET1_URL, authContextCapture.getValue().getAppId()); assertEquals(GADGET1_URL, authContextCapture.getValue().getAppUrl()); assertSame(authContext.getOwnerId(), authContextCapture.getValue().getOwnerId()); assertSame(authContext.getViewerId(), authContextCapture.getValue().getViewerId()); }