[gatein-issues] [JBoss JIRA] Resolved: (GTNPORTAL-314) Fixing oAuth in gadgets

Fixing oAuth in gadgets ----------------------- Key: GTNPORTAL-314 URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314 Project: GateIn Portal Issue Type: Bug Affects Versions: 3.0.0-Beta02 Reporter: jerem j Assignee: Trong Tran Fix For: 3.0.0-Beta05 Attachments: ExoOAuthStoreTest.java Right now in the gadgets, it is not possible to use backend that use an oAuth authentication. We need to implement the oAuth Store to store the tokens into the JCR and not in memory as it is done in the default implementation (BasicOAuthStore.java) http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/... the default implementation : http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/... In this class there is 2 different things to store : * Consumer key and secret getConsumerKeyAndSecret() Right now in the default implementation it is stored in a file oauth.json. This is information a user or an admin can set. I think, only admins have to set this key, so we can keep the storage in the oauth.json. If we find later that we need to often set new keys, it might be a good idea to create a specific UI for this and store it in the JCR. If stored in the JCR, it has to be indexed by : gadget and server * Tokens getTokenInfo() setTokenInfo() removeToken() The default implementation store them in memory, so everytime the object is recreated, we loose the information, and so the user has to authenticate again. We should store the information of TokenInfo into the JCR indexed by owner, viewer, gadget, server. Be careful tokens have an expiration date, so when getting a token, we should make sure it did not expire. To test if the implementation is working, you can try with any jira gadget that require authentication such as the watch gadget. This jira server has been configured to work with the dev version of gatein 1.0b2 : http://jira4j.exoplatform.org/secure/Dashboard.jspa