[gatein-commits] gatein SVN: r1309 - in portal/trunk: component/portal/src/main/java/org/exoplatform/portal/resource and 7 other directories.

Author: trong.tran Date: 2010-01-15 05:13:34 -0500 (Fri, 15 Jan 2010) New Revision: 1309 Added: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/GateInToken.java portal/trunk/gadgets/core/src/main/java/conf/configuration.xml portal/trunk/gadgets/core/src/main/java/conf/gadgettoken-nodetypes.xml portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthStore.java portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetToken.java portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenContainer.java portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenEntry.java portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenInfoService.java Removed: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/resource/SkinConfigDeployer.java Modified: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserPortalConfigService.java portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestDataStorage.java portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestUserPortalConfigService.java portal/trunk/component/web/src/main/java/org/exoplatform/web/security/Token.java portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/AbstractTokenService.java portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/CookieTokenService.java portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenContainer.java portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenEntry.java portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TransientTokenService.java portal/trunk/gadgets/core/pom.xml portal/trunk/gadgets/core/src/main/java/conf/portal/configuration.xml portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthModule.java Log: GTNPORTAL-314 Fixing oAuth in gadgets Modified: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserPortalConfigService.java =================================================================== --- portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserPortalConfigService.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/portal/src/main/java/org/exoplatform/portal/config/UserPortalConfigService.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -379,6 +379,7 @@ */ public List<ModelChange> update(Page page) throws Exception { + System.out.println("\n\n\n show max window : " + page.isShowMaxWindow() + "\n\n"); List<ModelChange> changes = storage_.save(page); // Deleted: portal/trunk/component/portal/src/main/java/org/exoplatform/portal/resource/SkinConfigDeployer.java =================================================================== --- portal/trunk/component/portal/src/main/java/org/exoplatform/portal/resource/SkinConfigDeployer.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/portal/src/main/java/org/exoplatform/portal/resource/SkinConfigDeployer.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -1,135 +0,0 @@ -/** - * Copyright (C) 2009 eXo Platform SAS. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ - -package org.exoplatform.portal.resource; - -import groovy.lang.Binding; -import groovy.lang.GroovyShell; - -import org.exoplatform.commons.utils.Safe; -import org.exoplatform.container.PortalContainer; -import org.exoplatform.container.RootContainer.PortalContainerPostInitTask; -import org.exoplatform.services.log.ExoLogger; -import org.exoplatform.services.log.Log; -import org.gatein.wci.WebAppEvent; -import org.gatein.wci.WebAppLifeCycleEvent; - -import java.io.IOException; -import java.io.InputStream; - -import javax.servlet.ServletContext; - -/** - * Created by The eXo Platform SAS - * Jan 19, 2007 - */ - -public class SkinConfigDeployer extends AbstractResourceHandler -{ - - /** - * Logger - */ - private static final Log LOG = ExoLogger.getLogger(SkinConfigDeployer.class); - - /** . */ - private final SkinService skinService; - - /** - * The name of the portal container - */ - private final String portalContainerName; - - public SkinConfigDeployer(String portalContainerName, SkinService skinService) - { - this.skinService = skinService; - this.portalContainerName = portalContainerName; - } - - public void onEvent(WebAppEvent event) - { - if (event instanceof WebAppLifeCycleEvent) - { - WebAppLifeCycleEvent waEvent = (WebAppLifeCycleEvent)event; - if (waEvent.getType() == WebAppLifeCycleEvent.ADDED) - { - ServletContext scontext = null; - InputStream is = null; - try - { - scontext = event.getWebApp().getServletContext(); - is = scontext.getResourceAsStream("/WEB-INF/conf/script/groovy/SkinConfigScript.groovy"); - final PortalContainerPostInitTask task = new PortalContainerPostInitTask() - { - - public void execute(ServletContext scontext, PortalContainer portalContainer) - { - register(scontext, portalContainer); - } - }; - PortalContainer.addInitTask(scontext, task, portalContainerName); - } - catch (Exception ex) - { - LOG.error("An error occurs while registering 'SkinConfigScript.groovy' from the context '" - + (scontext == null ? "unknown" : scontext.getServletContextName()) + "'", ex); - } - finally - { - Safe.close(is); - } - } - } - } - - private void register(ServletContext scontext, PortalContainer container) - { - InputStream is = null; - try - { - is = scontext.getResourceAsStream("/WEB-INF/conf/script/groovy/SkinConfigScript.groovy"); - Binding binding = new Binding(); - binding.setVariable("SkinService", skinService); - binding.setVariable("ServletContext", scontext); - binding.setVariable("ServletContextName", scontext.getServletContextName()); - binding.setVariable("PortalContainerName", container.getName()); - GroovyShell shell = new GroovyShell(binding); - shell.evaluate(is); - } - catch (Exception ex) - { - LOG.error("An error occurs while processing 'SkinConfigScript.groovy' from the context '" - + scontext.getServletContextName() + "'", ex); - } - finally - { - if (is != null) - { - try - { - is.close(); - } - catch (IOException e) - { - // ignore me - } - } - } - } -} \ No newline at end of file Modified: portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestDataStorage.java =================================================================== --- portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestDataStorage.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestDataStorage.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -165,6 +165,7 @@ page.setOwnerType(PortalConfig.PORTAL_TYPE); page.setOwnerId("test"); page.setName("foo"); + page.setShowMaxWindow(false); // storage_.create(page); @@ -172,9 +173,10 @@ // Page page2 = storage_.getPage(page.getPageId()); page2.setTitle("MyTitle2"); + page2.setShowMaxWindow(true); storage_.save(page2); - // + page2 = storage_.getPage(page.getPageId()); assertNotNull(page2); assertEquals("portal::test::foo", page2.getPageId()); assertEquals("portal", page2.getOwnerType()); @@ -182,6 +184,7 @@ assertEquals("foo", page2.getName()); assertEquals("MyTitle2", page2.getTitle()); assertEquals(0, page2.getChildren().size()); + assertEquals(true, page2.isShowMaxWindow()); } public void testPageRemove() throws Exception Modified: portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestUserPortalConfigService.java =================================================================== --- portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestUserPortalConfigService.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/portal/src/test/java/org/exoplatform/portal/config/TestUserPortalConfigService.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -150,6 +150,29 @@ return map; } + public void testUpdatePortalConfig() { + new UnitTest() + { + public void execute() throws Exception + { + UserPortalConfig userPortalCfg = userPortalConfigSer_.getUserPortalConfig("classic", "root"); + assertNotNull(userPortalCfg); + PortalConfig portalCfg = userPortalCfg.getPortalConfig(); + assertNotNull(portalCfg); + assertEquals(PortalConfig.PORTAL_TYPE, portalCfg.getType()); + assertEquals("classic", portalCfg.getName()); + assertEquals("en", portalCfg.getLocale()); + portalCfg.setLocale("fr"); + + userPortalConfigSer_.update(portalCfg); + + userPortalCfg = userPortalConfigSer_.getUserPortalConfig("classic", "root"); + portalCfg = userPortalCfg.getPortalConfig(); + assertEquals("fr", portalCfg.getLocale()); + } + }.execute("root"); + } + public void testRootGetUserPortalConfig() { new UnitTest() @@ -497,6 +520,8 @@ page.setOwnerId("/platform/administrators"); page.setName("newAccount"); page.setCreator("someone"); + page.setShowMaxWindow(true); + page.setTitle("newAccount title"); assertTrue(events.isEmpty()); userPortalConfigSer_.create(page); assertEquals(1, events.size()); @@ -507,11 +532,41 @@ assertEquals("/platform/administrators", p.getOwnerId()); assertEquals("newAccount", p.getName()); assertEquals("someone", p.getCreator()); + assertEquals("newAccount title", p.getTitle()); + assertTrue(p.isShowMaxWindow()); + + p.setShowMaxWindow(false); + userPortalConfigSer_.update(p); + p = userPortalConfigSer_.getPage("group::/platform/administrators::newAccount"); + assertFalse(p.isShowMaxWindow()); + p.setShowMaxWindow(true); + userPortalConfigSer_.update(p); + p = userPortalConfigSer_.getPage("group::/platform/administrators::newAccount"); + assertTrue(p.isShowMaxWindow()); + p.setShowMaxWindow(false); + userPortalConfigSer_.update(p); + p = userPortalConfigSer_.getPage("group::/platform/administrators::newAccount"); + assertFalse(p.isShowMaxWindow()); + p.setShowMaxWindow(true); + userPortalConfigSer_.update(p); + p = userPortalConfigSer_.getPage("group::/platform/administrators::newAccount"); + assertTrue(p.isShowMaxWindow()); + Page p2 = userPortalConfigSer_.getPage("group::/platform/administrators::newAccount"); assertEquals("group", p2.getOwnerType()); assertEquals("/platform/administrators", p2.getOwnerId()); assertEquals("newAccount", p2.getName()); assertEquals("someone", p2.getCreator()); +// assertFalse(p2.isShowMaxWindow()); + p2.setTitle("newAccount title 1"); + p2.setShowMaxWindow(true); + userPortalConfigSer_.update(p2); + + Page p3 = userPortalConfigSer_.getPage("group::/platform/administrators::newAccount"); + assertEquals("newAccount title 1", p3.getTitle()); +// assertTrue(p3.isShowMaxWindow()); + + } }.execute(null); } Copied: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/GateInToken.java (from rev 1306, portal/trunk/component/web/src/main/java/org/exoplatform/web/security/Token.java) =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/GateInToken.java (rev 0) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/GateInToken.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,64 @@ +/** + * Copyright (C) 2009 eXo Platform SAS. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.exoplatform.web.security; + + +/** + * Created by The eXo Platform SAS + * Author : Tan Pham Dinh + * tan.pham(a)exoplatform.com + * May 6, 2009 + */ +public class GateInToken implements Token +{ + + public static String EXPIRE_MILI = "expirationMilis"; + + public static String USERNAME = "userName"; + + public static String PASSWORD = "password"; + + /** . */ + private final long expirationTimeMillis; + + /** . */ + private final Credentials payload; + + public GateInToken(long expirationTimeMillis, Credentials payload) + { + this.expirationTimeMillis = expirationTimeMillis; + this.payload = payload; + } + + public long getExpirationTimeMillis() + { + return expirationTimeMillis; + } + + public Credentials getPayload() + { + return payload; + } + + public boolean isExpired() + { + return System.currentTimeMillis() > expirationTimeMillis; + } +} Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/Token.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/Token.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/Token.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -1,64 +1,6 @@ -/** - * Copyright (C) 2009 eXo Platform SAS. - * - * This is free software; you can redistribute it and/or modify it - * under the terms of the GNU Lesser General Public License as - * published by the Free Software Foundation; either version 2.1 of - * the License, or (at your option) any later version. - * - * This software is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this software; if not, write to the Free - * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - * 02110-1301 USA, or see the FSF site: http://www.fsf.org. - */ - package org.exoplatform.web.security; - -/** - * Created by The eXo Platform SAS - * Author : Tan Pham Dinh - * tan.pham(a)exoplatform.com - * May 6, 2009 - */ -public class Token +public interface Token { - - public static String EXPIRE_MILI = "expirationMilis"; - - public static String USERNAME = "userName"; - - public static String PASSWORD = "password"; - - /** . */ - private final long expirationTimeMillis; - - /** . */ - private final Credentials payload; - - public Token(long expirationTimeMillis, Credentials payload) - { - this.expirationTimeMillis = expirationTimeMillis; - this.payload = payload; - } - - public long getExpirationTimeMillis() - { - return expirationTimeMillis; - } - - public Credentials getPayload() - { - return payload; - } - - public boolean isExpired() - { - return System.currentTimeMillis() > expirationTimeMillis; - } + public boolean isExpired(); } Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/AbstractTokenService.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/AbstractTokenService.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/AbstractTokenService.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -28,6 +28,7 @@ import org.exoplatform.management.jmx.annotations.Property; import org.exoplatform.web.login.InitiateLoginServlet; import org.exoplatform.web.security.Credentials; +import org.exoplatform.web.security.GateInToken; import org.exoplatform.web.security.Token; import org.exoplatform.web.security.TokenStore; import org.picocontainer.Startable; @@ -100,7 +101,7 @@ throw new NullPointerException(); } - Token token; + GateInToken token; try { if (remove) @@ -139,7 +140,7 @@ String[] ids = getAllTokens(); for (String s : ids) { - Token token = getToken(s); + GateInToken token = getToken(s); if (token.isExpired()) { deleteToken(s); @@ -164,15 +165,15 @@ @Managed @ManagedDescription("get a token by id") - public abstract Token getToken(String id); + public abstract <T extends Token> T getToken(Object id); @Managed @ManagedDescription("Delete a token by id") - public abstract Token deleteToken(String id); + public abstract <T extends Token> T deleteToken(Object id); @Managed @ManagedDescription("The list of all tokens") - public abstract String[] getAllTokens(); + public abstract <T extends Object> T[] getAllTokens(); @Managed @ManagedDescription("The number of tokens") Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/CookieTokenService.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/CookieTokenService.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/CookieTokenService.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -26,7 +26,7 @@ import org.exoplatform.commons.chromattic.SessionContext; import org.exoplatform.container.xml.InitParams; import org.exoplatform.web.security.Credentials; -import org.exoplatform.web.security.Token; +import org.exoplatform.web.security.GateInToken; import java.util.Collection; import java.util.Date; @@ -69,7 +69,7 @@ { String tokenId = nextTokenId(); long expirationTimeMillis = System.currentTimeMillis() + validityMillis; - Token token = new Token(expirationTimeMillis, credentials); + GateInToken token = new GateInToken(expirationTimeMillis, credentials); TokenContainer container = getTokenContainer(); container.saveToken(tokenId, token.getPayload(), new Date(token.getExpirationTimeMillis())); return tokenId; @@ -78,25 +78,25 @@ } @Override - public Token getToken(final String id) + public GateInToken getToken(final Object id) { - return new TokenTask<Token>() { + return new TokenTask<GateInToken>() { @Override - protected Token execute() + protected GateInToken execute() { - return getTokenContainer().getToken(id); + return getTokenContainer().getToken((String)id); } }.executeWith(chromatticLifeCycle); } @Override - public Token deleteToken(final String id) + public GateInToken deleteToken(final Object id) { - return new TokenTask<Token>() { + return new TokenTask<GateInToken>() { @Override - protected Token execute() + protected GateInToken execute() { - return getTokenContainer().removeToken(id); + return getTokenContainer().removeToken((String)id); } }.executeWith(chromatticLifeCycle); } Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenContainer.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenContainer.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenContainer.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -22,7 +22,7 @@ import org.chromattic.api.annotations.PrimaryType; import org.chromattic.api.annotations.OneToMany; import org.exoplatform.web.security.Credentials; -import org.exoplatform.web.security.Token; +import org.exoplatform.web.security.GateInToken; import java.util.Collection; import java.util.Date; @@ -47,20 +47,20 @@ return getTokens().values(); } - public Token getToken(String tokenId) + public GateInToken getToken(String tokenId) { Map<String, TokenEntry> tokens = getTokens(); TokenEntry entry = tokens.get(tokenId); return entry != null ? entry.getToken() : null; } - public Token removeToken(String tokenId) + public GateInToken removeToken(String tokenId) { Map<String, TokenEntry> tokens = getTokens(); TokenEntry entry = tokens.get(tokenId); if (entry != null) { - Token token = entry.getToken(); + GateInToken token = entry.getToken(); entry.remove(); return token; } @@ -70,7 +70,7 @@ } } - public Token saveToken(String tokenId, Credentials credentials, Date expirationTime) + public GateInToken saveToken(String tokenId, Credentials credentials, Date expirationTime) { Map<String, TokenEntry> tokens = getTokens(); TokenEntry entry = tokens.get(tokenId); Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenEntry.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenEntry.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TokenEntry.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -23,7 +23,7 @@ import org.chromattic.api.annotations.PrimaryType; import org.chromattic.api.annotations.Property; import org.exoplatform.web.security.Credentials; -import org.exoplatform.web.security.Token; +import org.exoplatform.web.security.GateInToken; import java.util.Date; @@ -56,9 +56,9 @@ @Destroy public abstract void remove(); - public Token getToken() + public GateInToken getToken() { - return new Token( + return new GateInToken( getExpirationTime().getTime(), new Credentials(getUserName(), getPassword())); } Modified: portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TransientTokenService.java =================================================================== --- portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TransientTokenService.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/component/web/src/main/java/org/exoplatform/web/security/security/TransientTokenService.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -21,7 +21,7 @@ import org.exoplatform.container.xml.InitParams; import org.exoplatform.web.security.Credentials; -import org.exoplatform.web.security.Token; +import org.exoplatform.web.security.GateInToken; import java.util.concurrent.ConcurrentHashMap; @@ -32,7 +32,7 @@ public class TransientTokenService extends AbstractTokenService { - protected final ConcurrentHashMap<String, Token> tokens = new ConcurrentHashMap<String, Token>(); + protected final ConcurrentHashMap<String, GateInToken> tokens = new ConcurrentHashMap<String, GateInToken>(); public TransientTokenService(InitParams initParams) { @@ -51,20 +51,20 @@ } String tokenId = nextTokenId(); long expirationTimeMillis = System.currentTimeMillis() + validityMillis; - tokens.put(tokenId, new Token(expirationTimeMillis, credentials)); + tokens.put(tokenId, new GateInToken(expirationTimeMillis, credentials)); return tokenId; } @Override - public Token getToken(String id) + public GateInToken getToken(Object id) { return tokens.get(id); } @Override - public Token deleteToken(String id) + public GateInToken deleteToken(Object id) { - Token token = tokens.get(id); + GateInToken token = tokens.get(id); tokens.remove(id); return token; } Modified: portal/trunk/gadgets/core/pom.xml =================================================================== --- portal/trunk/gadgets/core/pom.xml 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/gadgets/core/pom.xml 2010-01-15 10:13:34 UTC (rev 1309) @@ -1,93 +1,90 @@ <?xml version="1.0" encoding="UTF-8"?> -<!-- + <!-- - Copyright (C) 2009 eXo Platform SAS. - - This is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as - published by the Free Software Foundation; either version 2.1 of - the License, or (at your option) any later version. - - This software is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with this software; if not, write to the Free - Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA - 02110-1301 USA, or see the FSF site: http://www.fsf.org. + Copyright (C) 2009 eXo Platform SAS. This is free software; you can redistribute it and/or modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either version 2.1 of the License, or (at your option) any later version. This software is + distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR + PURPOSE. See the GNU Lesser General Public License for more details. You should have received a copy of the GNU Lesser General Public License along with + this software; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA, or see the FSF site: + http://www.fsf.org. + --> ---> - <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> - <modelVersion>4.0.0</modelVersion> - <parent> - <groupId>org.exoplatform.portal</groupId> - <artifactId>exo.portal.gadgets</artifactId> - <version>3.0.0-Beta05-SNAPSHOT</version> - </parent> - - <artifactId>exo.portal.gadgets-core</artifactId> - <packaging>jar</packaging> - <name>GateIn Portal eXo Gadgets Core</name> - <build> - <plugins> - <plugin> - <groupId>org.apache.maven.plugins</groupId> - <artifactId>maven-dependency-plugin</artifactId> - <executions> - <execution> - <id>unpack</id> - <phase>compile</phase> - <goals> - <goal>unpack</goal> - </goals> - <configuration> - <artifactItems> - <artifactItem> - <groupId>org.apache.shindig</groupId> - <artifactId>shindig-gadgets</artifactId> - <version>${org.shindig.version}</version> - <type>jar</type> - <overWrite>false</overWrite> - <outputDirectory>${project.build.directory}/classes</outputDirectory> - <excludes>config/oauth.json,containers/default/container.js</excludes> - </artifactItem> - </artifactItems> - </configuration> - </execution> - </executions> - </plugin> - - </plugins> - <resources> - <resource> - <directory>src/main/java</directory> - <includes> - <include>**/container.js</include> - <include>**/oauth.json</include> - <include>**/*.xml</include> - </includes> - </resource> - </resources> - </build> - <dependencies> - <dependency> + <modelVersion>4.0.0</modelVersion> + <parent> <groupId>org.exoplatform.portal</groupId> - <artifactId>exo.portal.component.web</artifactId> + <artifactId>exo.portal.gadgets</artifactId> <version>3.0.0-Beta05-SNAPSHOT</version> - <scope>provided</scope> - </dependency> - <dependency> - <groupId>org.apache.shindig</groupId> - <artifactId>shindig-common</artifactId> - <type>jar</type> - </dependency> - <dependency> - <groupId>org.apache.shindig</groupId> - <artifactId>shindig-features</artifactId> - <type>jar</type> - </dependency> - </dependencies> + </parent> + + <artifactId>exo.portal.gadgets-core</artifactId> + <packaging>jar</packaging> + <name>GateIn Portal eXo Gadgets Core</name> + <build> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-dependency-plugin</artifactId> + <executions> + <execution> + <id>unpack</id> + <phase>compile</phase> + <goals> + <goal>unpack</goal> + </goals> + <configuration> + <artifactItems> + <artifactItem> + <groupId>org.apache.shindig</groupId> + <artifactId>shindig-gadgets</artifactId> + <version>${org.shindig.version}</version> + <type>jar</type> + <overWrite>false</overWrite> + <outputDirectory>${project.build.directory}/classes</outputDirectory> + <excludes>config/oauth.json,containers/default/container.js</excludes> + </artifactItem> + </artifactItems> + </configuration> + </execution> + </executions> + </plugin> + + </plugins> + <resources> + <resource> + <directory>src/main/java</directory> + <includes> + <include>**/container.js</include> + <include>**/oauth.json</include> + <include>**/*.xml</include> + </includes> + </resource> + </resources> + </build> + <dependencies> + <dependency> + <groupId>org.exoplatform.portal</groupId> + <artifactId>exo.portal.component.web</artifactId> + <version>3.0.0-Beta05-SNAPSHOT</version> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>org.apache.shindig</groupId> + <artifactId>shindig-common</artifactId> + <type>jar</type> + </dependency> + <dependency> + <groupId>org.apache.shindig</groupId> + <artifactId>shindig-features</artifactId> + <type>jar</type> + </dependency> + <dependency> + <groupId>org.chromattic</groupId> + <artifactId>chromattic.api</artifactId> + </dependency> + <dependency> + <groupId>org.chromattic</groupId> + <artifactId>chromattic.spi</artifactId> + </dependency> + </dependencies> </project> Added: portal/trunk/gadgets/core/src/main/java/conf/configuration.xml =================================================================== --- portal/trunk/gadgets/core/src/main/java/conf/configuration.xml (rev 0) +++ portal/trunk/gadgets/core/src/main/java/conf/configuration.xml 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,27 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!-- + + Copyright (C) 2009 eXo Platform SAS. + + This is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + This software is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this software; if not, write to the Free + Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + 02110-1301 USA, or see the FSF site: http://www.fsf.org. + +--> + +<configuration + xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" + xsi:schemaLocation="http://www.exoplaform.org/xml/ns/kernel_1_0.xsd http://www.exoplaform.org/xml/ns/kernel_1_0.xsd" + xmlns="http://www.exoplaform.org/xml/ns/kernel_1_0.xsd"> +</configuration> \ No newline at end of file Added: portal/trunk/gadgets/core/src/main/java/conf/gadgettoken-nodetypes.xml =================================================================== --- portal/trunk/gadgets/core/src/main/java/conf/gadgettoken-nodetypes.xml (rev 0) +++ portal/trunk/gadgets/core/src/main/java/conf/gadgettoken-nodetypes.xml 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,75 @@ +<!-- + + Copyright (C) 2009 eXo Platform SAS. + + This is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of + the License, or (at your option) any later version. + + This software is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with this software; if not, write to the Free + Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + 02110-1301 USA, or see the FSF site: http://www.fsf.org. + +--> +<nodeTypes xmlns:nt="http://www.jcp.org/jcr/nt/1.0" xmlns:mix="http://www.jcp.org/jcr/mix/1.0" xmlns:jcr="http://www.jcp.org/jcr/1.0"> + + <nodeType name="lgn:gadgettokencontainer" isMixin="false" hasOrderableChildNodes="false" primaryItemName=""> + <supertypes> + <supertype>nt:base</supertype> + <supertype>mix:referenceable</supertype> + </supertypes> + <childNodeDefinitions> + <childNodeDefinition name="*" defaultPrimaryType="lgn:gadgettoken" autoCreated="false" mandatory="false" + onParentVersion="COPY" protected="false" sameNameSiblings="false"> + <requiredPrimaryTypes> + <requiredPrimaryType>lgn:gadgettoken</requiredPrimaryType> + </requiredPrimaryTypes> + </childNodeDefinition> + </childNodeDefinitions> + </nodeType> + + <nodeType name="lgn:gadgettoken" isMixin="false" hasOrderableChildNodes="false" primaryItemName=""> + <supertypes> + <supertype>nt:base</supertype> + <supertype>mix:referenceable</supertype> + </supertypes> + <propertyDefinitions> + <propertyDefinition name="userId" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="gadgetUri" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="moduleId" requiredType="Long" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="tokenName" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="serviceName" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + + <propertyDefinition name="accessToken" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="tokenSecret" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="sessionHandle" requiredType="String" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + <propertyDefinition name="tokenExpireMillis" requiredType="Long" autoCreated="false" mandatory="false" onParentVersion="COPY" protected="false" multiple="false"> + <valueConstraints/> + </propertyDefinition> + </propertyDefinitions> + </nodeType> + +</nodeTypes> Modified: portal/trunk/gadgets/core/src/main/java/conf/portal/configuration.xml =================================================================== --- portal/trunk/gadgets/core/src/main/java/conf/portal/configuration.xml 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/gadgets/core/src/main/java/conf/portal/configuration.xml 2010-01-15 10:13:34 UTC (rev 1309) @@ -24,8 +24,59 @@ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.exoplaform.org/xml/ns/kernel_1_0.xsd http://www.exoplaform.org/xml/ns/kernel_1_0.xsd" xmlns="http://www.exoplaform.org/xml/ns/kernel_1_0.xsd"> +<component> + <key>org.exoplatform.portal.gadget.core.SecurityTokenGenerator</key> + <type>org.exoplatform.portal.gadget.core.ExoDefaultSecurityTokenGenerator</type> + </component> <component> - <key>org.exoplatform.portal.gadget.core.SecurityTokenGenerator</key> - <type>org.exoplatform.portal.gadget.core.ExoDefaultSecurityTokenGenerator</type> + <type>org.exoplatform.portal.gadget.core.GadgetTokenInfoService</type> + <init-params> + <values-param> + <name>service.configuration</name> + <value>gadget-token</value> + <value>7</value> + <value>DAY</value> + </values-param> + </init-params> </component> + + <external-component-plugins> + <target-component>org.exoplatform.commons.chromattic.ChromatticManager</target-component> + <component-plugin> + <name>chromattic</name> + <set-method>addLifeCycle</set-method> + <type>org.exoplatform.commons.chromattic.ChromatticLifeCycle</type> + <init-params> + <value-param> + <name>domain-name</name> + <value>gadgettokens</value> + </value-param> + <value-param> + <name>workspace-name</name> + <value>portal-work</value> + </value-param> + <values-param> + <name>entities</name> + <value>org.exoplatform.portal.gadget.core.GadgetTokenContainer</value> + <value>org.exoplatform.portal.gadget.core.GadgetTokenEntry</value> + </values-param> + </init-params> + </component-plugin> + </external-component-plugins> + + <external-component-plugins> + <target-component>org.exoplatform.services.jcr.RepositoryService</target-component> + <component-plugin> + <name>add.nodeType</name> + <set-method>addPlugin</set-method> + <type>org.exoplatform.services.jcr.impl.AddNodeTypePlugin</type> + <init-params> + <values-param> + <name>autoCreatedInNewRepository</name> + <description>Node types configuration file</description> + <value>jar:/conf/gadgettoken-nodetypes.xml</value> + </values-param> + </init-params> + </component-plugin> + </external-component-plugins> </configuration> \ No newline at end of file Modified: portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthModule.java =================================================================== --- portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthModule.java 2010-01-15 08:36:46 UTC (rev 1308) +++ portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthModule.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -19,18 +19,28 @@ package org.exoplatform.portal.gadget.core; -import com.google.inject.Inject; -import com.google.inject.name.Names; +import java.util.logging.Level; +import java.util.logging.Logger; +import org.apache.commons.io.IOUtils; +import org.apache.commons.lang.StringUtils; import org.apache.shindig.auth.AnonymousAuthenticationHandler; import org.apache.shindig.common.crypto.BlobCrypter; +import org.apache.shindig.common.util.ResourceLoader; import org.apache.shindig.config.ContainerConfig; import org.apache.shindig.gadgets.http.HttpFetcher; +import org.apache.shindig.gadgets.oauth.BasicOAuthStore; +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret; import org.apache.shindig.gadgets.oauth.OAuthFetcherConfig; import org.apache.shindig.gadgets.oauth.OAuthModule; import org.apache.shindig.gadgets.oauth.OAuthRequest; import org.apache.shindig.gadgets.oauth.OAuthStore; +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret.KeyType; +import com.google.inject.Inject; +import com.google.inject.Provider; +import com.google.inject.name.Names; + /** * Created by IntelliJ IDEA. * User: jeremi @@ -45,6 +55,14 @@ private static final String SIGNING_KEY_NAME = "gadgets.signingKeyName"; private static final String CALLBACK_URL = "gadgets.signing.global-callback-url"; + + private static final String OAUTH_CONFIG = "config/oauth.json"; + private static final String OAUTH_SIGNING_KEY_FILE = "shindig.signing.key-file"; + private static final String OAUTH_SIGNING_KEY_NAME = "shindig.signing.key-name"; + private static final String OAUTH_CALLBACK_URL = "shindig.signing.global-callback-url"; + + + private static final Logger logger = Logger.getLogger(OAuthModule.class.getName()); @Override protected void configure() @@ -62,18 +80,73 @@ Boolean.TRUE); } - public static class ExoOAuthStoreProvider extends OAuthStoreProvider + public static class ExoOAuthStoreProvider implements Provider<OAuthStore> { - @Inject + + private final ExoOAuthStore store; + + @Inject public ExoOAuthStoreProvider(ContainerConfig config) { //super(config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_FILE), config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_NAME)); - super(config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_FILE), config.getString( - ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_NAME), config.getString(ContainerConfig.DEFAULT_CONTAINER, - CALLBACK_URL)); +// super(config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_FILE), config.getString( +// ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_NAME), config.getString(ContainerConfig.DEFAULT_CONTAINER, +// CALLBACK_URL)); + + store = new ExoOAuthStore(); + + String signingKeyFile = config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_FILE); + String signingKeyName = config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_NAME); + String defaultCallbackUrl = config.getString(ContainerConfig.DEFAULT_CONTAINER,CALLBACK_URL); + + loadDefaultKey(signingKeyFile, signingKeyName); + store.setDefaultCallbackUrl(defaultCallbackUrl); + loadConsumers(); } - } + + + private void loadDefaultKey(String signingKeyFile, String signingKeyName) { + BasicOAuthStoreConsumerKeyAndSecret key = null; + if (!StringUtils.isBlank(signingKeyFile)) { + try { + logger.info("Loading OAuth signing key from " + signingKeyFile); + String privateKey = IOUtils.toString(ResourceLoader.open(signingKeyFile), "UTF-8"); + privateKey = BasicOAuthStore.convertFromOpenSsl(privateKey); + key = new BasicOAuthStoreConsumerKeyAndSecret(null, privateKey, KeyType.RSA_PRIVATE, + signingKeyName, null); + } catch (Throwable t) { + logger.log(Level.WARNING, "Couldn't load key file " + signingKeyFile, t); + } + } + if (key != null) { + store.setDefaultKey(key); + } else { + logger.log(Level.WARNING, "Couldn't load OAuth signing key. To create a key, run:\n" + + " openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \\\n" + + " -out testkey.pem -subj '/CN=mytestkey'\n" + + " openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM\n" + + '\n' + + "Then edit gadgets.properties and add these lines:\n" + + OAUTH_SIGNING_KEY_FILE + "=<path-to-oauthkey.pem>\n" + + OAUTH_SIGNING_KEY_NAME + "=mykey\n"); + } + } + + private void loadConsumers() { + try { + String oauthConfigString = ResourceLoader.getContent(OAUTH_CONFIG); + store.initFromConfigString(oauthConfigString); + } catch (Throwable t) { + logger.log(Level.WARNING, "Failed to initialize OAuth consumers from " + OAUTH_CONFIG, t); + } + } + + public OAuthStore get() { + return store; + } + } + public static class ExoOAuthRequestProvider extends OAuthRequestProvider { private final HttpFetcher fetcher; Added: portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthStore.java =================================================================== --- portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthStore.java (rev 0) +++ portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/ExoOAuthStore.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,250 @@ +package org.exoplatform.portal.gadget.core; + +import com.google.common.collect.Maps; +import net.oauth.OAuth; +import net.oauth.OAuthConsumer; +import net.oauth.OAuthServiceProvider; +import net.oauth.signature.RSA_SHA1; + +import org.apache.shindig.auth.SecurityToken; +import org.apache.shindig.gadgets.GadgetException; +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerIndex; +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret; +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreTokenIndex; +import org.apache.shindig.gadgets.oauth.OAuthStore; +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret.KeyType; +import org.exoplatform.container.ExoContainer; +import org.exoplatform.container.PortalContainer; +import org.json.JSONException; +import org.json.JSONObject; + +import java.net.URI; +import java.net.URISyntaxException; +import java.util.Iterator; +import java.util.Map; + +/* +* Created by The eXo Platform SAS +* Author : tung.dang +* tungcnw(a)gmail.com +* Dec 10, 2009 +* +*/ + +/** + * Simple implementation of the {@link OAuthStore} interface. We use a + * in-memory hash map. If initialized with a private key, then the store will + * return an OAuthAccessor in {@code getOAuthAccessor} that uses that private + * key if no consumer key and secret could be found. + */ + +public class ExoOAuthStore implements OAuthStore { + + private static final String CONSUMER_SECRET_KEY = "consumer_secret"; + private static final String CONSUMER_KEY_KEY = "consumer_key"; + private static final String KEY_TYPE_KEY = "key_type"; + private static final String CALLBACK_URL = "callback_url"; + + /** + * HashMap of provider and consumer information. Maps BasicOAuthStoreConsumerIndexs (i.e. + * nickname of a service provider and the gadget that uses that nickname) to + * {@link BasicOAuthStoreConsumerKeyAndSecret}s. + */ + private final Map<BasicOAuthStoreConsumerIndex, BasicOAuthStoreConsumerKeyAndSecret> consumerInfos; + + /** + * HashMap of token information. Maps BasicOAuthStoreTokenIndexs (i.e. gadget id, token + * nickname, module id, etc.) to TokenInfos (i.e. access token and token + * secrets). + */ + // TODO: tung.dang don't need it, we store token in our memory. + //private Map<BasicOAuthStoreTokenIndex, TokenInfo> tokens = Maps.newHashMap(); + + + /** + * Key to use when no other key is found. + */ + private BasicOAuthStoreConsumerKeyAndSecret defaultKey; + + /** + * Callback to use when no per-key callback URL is found. + */ + private String defaultCallbackUrl; + + /** Number of times we looked up a consumer key */ + private int consumerKeyLookupCount = 0; + + /** Number of times we looked up an access token */ + private int accessTokenLookupCount = 0; + + /** Number of times we added an access token */ + private int accessTokenAddCount = 0; + + /** Number of times we removed an access token */ + private int accessTokenRemoveCount = 0; + + public ExoOAuthStore() { + consumerInfos = Maps.newHashMap(); + } + + public void initFromConfigString(String oauthConfigStr) throws GadgetException { + try { + JSONObject oauthConfigs = new JSONObject(oauthConfigStr); + for (Iterator<?> i = oauthConfigs.keys(); i.hasNext();) { + String url = (String) i.next(); + URI gadgetUri = new URI(url); + JSONObject oauthConfig = oauthConfigs.getJSONObject(url); + storeConsumerInfos(gadgetUri, oauthConfig); + } + } catch (JSONException e) { + throw new GadgetException(GadgetException.Code.OAUTH_STORAGE_ERROR, e); + } catch (URISyntaxException e) { + throw new GadgetException(GadgetException.Code.OAUTH_STORAGE_ERROR, e); + } + } + + private void storeConsumerInfos(URI gadgetUri, JSONObject oauthConfig) + throws JSONException, GadgetException { + for (String serviceName : JSONObject.getNames(oauthConfig)) { + JSONObject consumerInfo = oauthConfig.getJSONObject(serviceName); + storeConsumerInfo(gadgetUri, serviceName, consumerInfo); + } + } + + private void storeConsumerInfo(URI gadgetUri, String serviceName, JSONObject consumerInfo) + throws JSONException, GadgetException { + realStoreConsumerInfo(gadgetUri, serviceName, consumerInfo); + } + + private void realStoreConsumerInfo(URI gadgetUri, String serviceName, JSONObject consumerInfo) + throws JSONException { + String callbackUrl = consumerInfo.optString(CALLBACK_URL, null); + String consumerSecret = consumerInfo.getString(CONSUMER_SECRET_KEY); + String consumerKey = consumerInfo.getString(CONSUMER_KEY_KEY); + String keyTypeStr = consumerInfo.getString(KEY_TYPE_KEY); + KeyType keyType = KeyType.HMAC_SYMMETRIC; + + if (keyTypeStr.equals("RSA_PRIVATE")) { + keyType = KeyType.RSA_PRIVATE; + consumerSecret = convertFromOpenSsl(consumerSecret); + } + + BasicOAuthStoreConsumerKeyAndSecret kas = new BasicOAuthStoreConsumerKeyAndSecret( + consumerKey, consumerSecret, keyType, null, callbackUrl); + + BasicOAuthStoreConsumerIndex index = new BasicOAuthStoreConsumerIndex(); + index.setGadgetUri(gadgetUri.toASCIIString()); + index.setServiceName(serviceName); + setConsumerKeyAndSecret(index, kas); + } + + // Support standard openssl keys by stripping out the headers and blank lines + public static String convertFromOpenSsl(String privateKey) { + return privateKey.replaceAll("-----[A-Z ]*-----", "").replace("\n", ""); + } + + public void setDefaultKey(BasicOAuthStoreConsumerKeyAndSecret defaultKey) { + this.defaultKey = defaultKey; + } + + public void setDefaultCallbackUrl(String defaultCallbackUrl) { + this.defaultCallbackUrl = defaultCallbackUrl; + } + + public void setConsumerKeyAndSecret( + BasicOAuthStoreConsumerIndex providerKey, BasicOAuthStoreConsumerKeyAndSecret keyAndSecret) { + consumerInfos.put(providerKey, keyAndSecret); + } + + public ConsumerInfo getConsumerKeyAndSecret( + SecurityToken securityToken, String serviceName, OAuthServiceProvider provider) + throws GadgetException { + ++consumerKeyLookupCount; + BasicOAuthStoreConsumerIndex pk = new BasicOAuthStoreConsumerIndex(); + pk.setGadgetUri(securityToken.getAppUrl()); + pk.setServiceName(serviceName); + BasicOAuthStoreConsumerKeyAndSecret cks = consumerInfos.get(pk); + if (cks == null) { + cks = defaultKey; + } + if (cks == null) { + throw new GadgetException(GadgetException.Code.INTERNAL_SERVER_ERROR, + "No key for gadget " + securityToken.getAppUrl() + " and service " + serviceName); + } + OAuthConsumer consumer = null; + if (cks.getKeyType() == KeyType.RSA_PRIVATE) { + consumer = new OAuthConsumer(null, cks.getConsumerKey(), null, provider); + // The oauth.net java code has lots of magic. By setting this property here, code thousands + // of lines away knows that the consumerSecret value in the consumer should be treated as + // an RSA private key and not an HMAC key. + consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.RSA_SHA1); + consumer.setProperty(RSA_SHA1.PRIVATE_KEY, cks.getConsumerSecret()); + } else { + consumer = new OAuthConsumer(null, cks.getConsumerKey(), cks.getConsumerSecret(), provider); + consumer.setProperty(OAuth.OAUTH_SIGNATURE_METHOD, OAuth.HMAC_SHA1); + } + String callback = (cks.getCallbackUrl() != null ? cks.getCallbackUrl() : defaultCallbackUrl); + return new ConsumerInfo(consumer, cks.getKeyName(), callback); + } + + private BasicOAuthStoreTokenIndex makeBasicOAuthStoreTokenIndex( + SecurityToken securityToken, String serviceName, String tokenName) { + BasicOAuthStoreTokenIndex tokenKey = new BasicOAuthStoreTokenIndex(); + tokenKey.setGadgetUri(securityToken.getAppUrl()); + + // TODO: tung.dang need to improve, why moduleId different each time?. + //tokenKey.setModuleId(securityToken.getModuleId()); + + tokenKey.setServiceName(serviceName); + tokenKey.setTokenName(tokenName); + tokenKey.setUserId(securityToken.getViewerId()); + return tokenKey; + } + + public TokenInfo getTokenInfo(SecurityToken securityToken, ConsumerInfo consumerInfo, + String serviceName, String tokenName) { + ++accessTokenLookupCount; + BasicOAuthStoreTokenIndex tokenKey = + makeBasicOAuthStoreTokenIndex(securityToken, serviceName, tokenName); + + ExoContainer container = PortalContainer.getInstance(); + GadgetTokenInfoService tokenSer = (GadgetTokenInfoService)container.getComponentInstanceOfType(GadgetTokenInfoService.class); + return tokenSer.getToken(tokenKey); + } + + public void setTokenInfo(SecurityToken securityToken, ConsumerInfo consumerInfo, + String serviceName, String tokenName, TokenInfo tokenInfo) { + ++accessTokenAddCount; + BasicOAuthStoreTokenIndex tokenKey = + makeBasicOAuthStoreTokenIndex(securityToken, serviceName, tokenName); + ExoContainer container = PortalContainer.getInstance(); + GadgetTokenInfoService tokenSer = (GadgetTokenInfoService)container.getComponentInstanceOfType(GadgetTokenInfoService.class); + tokenSer.createToken(tokenKey, tokenInfo); + } + + public void removeToken(SecurityToken securityToken, ConsumerInfo consumerInfo, + String serviceName, String tokenName) { + ++accessTokenRemoveCount; + BasicOAuthStoreTokenIndex tokenKey = + makeBasicOAuthStoreTokenIndex(securityToken, serviceName, tokenName); + ExoContainer container = PortalContainer.getInstance(); + GadgetTokenInfoService tokenSer = (GadgetTokenInfoService)container.getComponentInstanceOfType(GadgetTokenInfoService.class); + tokenSer.deleteToken(tokenKey); + } + + public int getConsumerKeyLookupCount() { + return consumerKeyLookupCount; + } + + public int getAccessTokenLookupCount() { + return accessTokenLookupCount; + } + + public int getAccessTokenAddCount() { + return accessTokenAddCount; + } + + public int getAccessTokenRemoveCount() { + return accessTokenRemoveCount; + } +} Added: portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetToken.java =================================================================== --- portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetToken.java (rev 0) +++ portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetToken.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,19 @@ +package org.exoplatform.portal.gadget.core; + +import org.apache.shindig.gadgets.oauth.OAuthStore.TokenInfo; +import org.exoplatform.web.security.Token; + + +public class GadgetToken extends TokenInfo implements Token +{ + public GadgetToken(String accessToken, String tokenSecret, String sessionHandle, + long tokenExpireMillis) + { + super(accessToken, tokenSecret, sessionHandle, tokenExpireMillis); + } + + public boolean isExpired() + { + return false; + } +} Added: portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenContainer.java =================================================================== --- portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenContainer.java (rev 0) +++ portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenContainer.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,94 @@ +package org.exoplatform.portal.gadget.core; + +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreTokenIndex; +import org.apache.shindig.gadgets.oauth.OAuthStore.TokenInfo; +import org.chromattic.api.annotations.Create; +import org.chromattic.api.annotations.OneToMany; +import org.chromattic.api.annotations.PrimaryType; + +import java.util.Map; + +@PrimaryType(name = "lgn:gadgettokencontainer") +public abstract class GadgetTokenContainer +{ + @Create + protected abstract GadgetTokenEntry createGadgetToken(); + + @OneToMany + protected abstract Map<String, GadgetTokenEntry> getGadgetTokens(); + + public GadgetToken getToken(BasicOAuthStoreTokenIndex tokenKey) + { + Map<String, GadgetTokenEntry> tokens = getGadgetTokens(); + + for (GadgetTokenEntry tokenEntry : tokens.values()) + { + { + BasicOAuthStoreTokenIndex key = new BasicOAuthStoreTokenIndex(); + key.setGadgetUri(tokenEntry.getGadgetUri()); + key.setModuleId(tokenEntry.getModuleId()); + key.setServiceName(tokenEntry.getServiceName()); + key.setTokenName(tokenEntry.getTokenName()); + key.setUserId(tokenEntry.getUserId()); + if (tokenKey.equals(key)) return tokenEntry.getToken(); + } + } + return null; + } + + public GadgetToken removeToken(BasicOAuthStoreTokenIndex tokenKey) + { + Map<String, GadgetTokenEntry> tokens = getGadgetTokens(); + + for (GadgetTokenEntry tokenEntry : tokens.values()) + { + { + BasicOAuthStoreTokenIndex key = new BasicOAuthStoreTokenIndex(); + key.setGadgetUri(tokenEntry.getGadgetUri()); + key.setModuleId(tokenEntry.getModuleId()); + key.setServiceName(tokenEntry.getServiceName()); + key.setTokenName(tokenEntry.getTokenName()); + key.setUserId(tokenEntry.getUserId()); + if (tokenKey.equals(key)) tokenEntry.remove(); + return tokenEntry.getToken(); + } + } + return null; + } + + public GadgetToken saveToken(BasicOAuthStoreTokenIndex tokenKey, TokenInfo tokenInfo) + { + Map<String, GadgetTokenEntry> tokens = getGadgetTokens(); + GadgetTokenEntry entry = null; + for (GadgetTokenEntry item : tokens.values()) + { + { + BasicOAuthStoreTokenIndex key = new BasicOAuthStoreTokenIndex(); + key.setGadgetUri(item.getGadgetUri()); + key.setModuleId(item.getModuleId()); + key.setServiceName(item.getServiceName()); + key.setTokenName(item.getTokenName()); + key.setUserId(item.getUserId()); + if (tokenKey.equals(key)) + entry = item; + } + + } + if (entry == null) + { + entry = createGadgetToken(); + tokens.put("gadgettoken" + System.currentTimeMillis(), entry); + } + entry.setGadgetUri(tokenKey.getGadgetUri()); + entry.setModuleId(tokenKey.getModuleId()); + entry.setServiceName(tokenKey.getServiceName()); + entry.setTokenName(tokenKey.getTokenName()); + entry.setUserId(tokenKey.getUserId()); + + entry.setAccessToken(tokenInfo.getAccessToken()); + entry.setTokenSecret(tokenInfo.getTokenSecret()); + entry.setSessionHandle(tokenInfo.getSessionHandle() == null ? "" : tokenInfo.getSessionHandle()); + entry.setTokenExpireMillis(tokenInfo.getTokenExpireMillis()); + return entry.getToken(); + } +} \ No newline at end of file Added: portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenEntry.java =================================================================== --- portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenEntry.java (rev 0) +++ portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenEntry.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,63 @@ +package org.exoplatform.portal.gadget.core; + +import org.chromattic.api.annotations.Destroy; +import org.chromattic.api.annotations.PrimaryType; +import org.chromattic.api.annotations.Property; + +@PrimaryType(name = "lgn:gadgettoken") +public abstract class GadgetTokenEntry +{ + + @Property(name = "userId") + public abstract String getUserId(); + + public abstract void setUserId(String userId); + + @Property(name = "gadgetUri") + public abstract String getGadgetUri(); + + public abstract void setGadgetUri(String gadgetUri); + + @Property(name = "moduleId") + public abstract long getModuleId(); + + public abstract void setModuleId(long moduleId); + + @Property(name = "tokenName") + public abstract String getTokenName(); + + public abstract void setTokenName(String tokenName); + + @Property(name = "serviceName") + public abstract String getServiceName(); + + public abstract void setServiceName(String serviceName); + + @Property(name = "accessToken") + public abstract String getAccessToken(); + + public abstract void setAccessToken(String accessToken); + + @Property(name = "tokenSecret") + public abstract String getTokenSecret(); + + public abstract void setTokenSecret(String tokenSecret); + + @Property(name = "sessionHandle") + public abstract String getSessionHandle(); + + public abstract void setSessionHandle(String sessionHandle); + + @Property(name = "tokenExpireMillis") + public abstract long getTokenExpireMillis(); + + public abstract void setTokenExpireMillis(long tokenExpireMillis); + + @Destroy + public abstract void remove(); + + public GadgetToken getToken() + { + return new GadgetToken(getAccessToken(), getTokenSecret(), getServiceName(), getTokenExpireMillis()); + } +} Added: portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenInfoService.java =================================================================== --- portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenInfoService.java (rev 0) +++ portal/trunk/gadgets/core/src/main/java/org/exoplatform/portal/gadget/core/GadgetTokenInfoService.java 2010-01-15 10:13:34 UTC (rev 1309) @@ -0,0 +1,168 @@ +/** + * Copyright (C) 2009 eXo Platform SAS. + * + * This is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as + * published by the Free Software Foundation; either version 2.1 of + * the License, or (at your option) any later version. + * + * This software is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this software; if not, write to the Free + * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA + * 02110-1301 USA, or see the FSF site: http://www.fsf.org. + */ + +package org.exoplatform.portal.gadget.core; + +import org.apache.shindig.gadgets.oauth.BasicOAuthStoreTokenIndex; +import org.apache.shindig.gadgets.oauth.OAuthStore.TokenInfo; +import org.chromattic.api.ChromatticSession; +import org.exoplatform.commons.chromattic.ChromatticLifeCycle; +import org.exoplatform.commons.chromattic.ChromatticManager; +import org.exoplatform.commons.chromattic.ContextualTask; +import org.exoplatform.commons.chromattic.SessionContext; +import org.exoplatform.container.xml.InitParams; +import org.exoplatform.web.security.Credentials; +import org.exoplatform.web.security.security.AbstractTokenService; + +import java.util.Collection; + +public class GadgetTokenInfoService extends AbstractTokenService +{ + + private ChromatticLifeCycle chromatticLifeCycle; + + public GadgetTokenInfoService(InitParams initParams, ChromatticManager chromatticManager) + { + super(initParams); + chromatticLifeCycle = chromatticManager.getLifeCycle("gadgettokens"); + } + + public GadgetToken createToken(final BasicOAuthStoreTokenIndex key, final TokenInfo tokenInfo) + { + return new TokenTask<GadgetToken>() + { + @Override + protected GadgetToken execute() + { + GadgetTokenContainer container = getGadgetTokenContainer(); + return container.saveToken(key, tokenInfo); + } + }.executeWith(chromatticLifeCycle); + } + + @Override + public GadgetToken getToken(final Object key) + { + return new TokenTask<GadgetToken>() + { + @Override + protected GadgetToken execute() + { + return getGadgetTokenContainer().getToken((BasicOAuthStoreTokenIndex)key); + } + }.executeWith(chromatticLifeCycle); + } + + @Override + public GadgetToken deleteToken(final Object key) + { + return new TokenTask<GadgetToken>() + { + @Override + protected GadgetToken execute() + { + return getGadgetTokenContainer().removeToken((BasicOAuthStoreTokenIndex)key); + } + }.executeWith(chromatticLifeCycle); + } + + @Override + public GadgetToken[] getAllTokens() + { + return new TokenTask<GadgetToken[]>() + { + @Override + protected GadgetToken[] execute() + { + GadgetTokenContainer container = getGadgetTokenContainer(); + Collection<GadgetTokenEntry> tokens = container.getGadgetTokens().values(); + GadgetToken[] gadgetTokens = new GadgetToken[9]; + int count = 0; + for(GadgetTokenEntry tokenEntry : tokens) { + gadgetTokens[count++] = tokenEntry.getToken(); + } + return gadgetTokens; + } + }.executeWith(chromatticLifeCycle); + } + + @Override + public long getNumberTokens() throws Exception + { + return new TokenTask<Long>() + { + @Override + protected Long execute() + { + GadgetTokenContainer container = getGadgetTokenContainer(); + Collection<GadgetTokenEntry> tokens = container.getGadgetTokens().values(); + return (long)tokens.size(); + } + }.executeWith(chromatticLifeCycle); + } + + public String createToken(Credentials credentials) throws IllegalArgumentException, NullPointerException + { + // TODO Auto-generated method stub + return null; + } + + + /** + * Wraps token store logic conveniently. + * + * @param <V> the return type + */ + private abstract class TokenTask<V> extends ContextualTask<V> + { + + /** . */ + private SessionContext context; + + protected final GadgetTokenContainer getGadgetTokenContainer() + { + ChromatticSession session = context.getSession(); + GadgetTokenContainer container = session.findByPath(GadgetTokenContainer.class, "gadgettokens"); + if (container == null) + { + container = session.insert(GadgetTokenContainer.class, "gadgettokens"); + } + return container; + } + + @Override + protected V execute(SessionContext context) + { + this.context = context; + + // + try + { + return execute(); + } + finally + { + this.context = null; + } + } + + protected abstract V execute(); + + } +}