12:49 a.m.
Fixing oAuth in gadgets
-----------------------
Key: GTNPORTAL-314
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-Beta02
Reporter: jerem j
Fix For: 3.0.0-Beta03
Right now in the gadgets, it is not possible to use backend that use an oAuth
authentication.
We need to implement the oAuth Store to store the tokens into the JCR and not in memory as
it is done in the default implementation (BasicOAuthStore.java)
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
the default implementation :
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
In this class there is 2 different things to store :
* Consumer key and secret
getConsumerKeyAndSecret()
Right now in the default implementation it is stored in a file oauth.json. This is
information a user or an admin can set. I think, only admins have to set this key, so we
can keep the storage in the oauth.json. If we find later that we need to often set new
keys, it might be a good idea to create a specific UI for this and store it in the JCR.
If stored in the JCR, it has to be indexed by :
gadget and server
* Tokens
getTokenInfo()
setTokenInfo()
removeToken()
The default implementation store them in memory, so everytime the object is recreated, we
loose the information, and so the user has to authenticate again.
We should store the information of TokenInfo into the JCR indexed by owner, viewer,
gadget, server.
Be careful tokens have an expiration date, so when getting a token, we should make sure it
did not expire.
To test if the implementation is working, you can try with any jira gadget that require
authentication such as the watch gadget. This jira server has been configured to work with
the dev version of gatein 1.0b2 :
http://jira4j.exoplatform.org/secure/Dashboard.jspa
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
11:39 a.m.
New subject: [JBoss JIRA] Updated: (GTNPORTAL-314) Fixing oAuth in gadgets
[
https://jira.jboss.org/jira/browse/GTNPORTAL-314?page=com.atlassian.jira....
]
Thomas Heute updated GTNPORTAL-314:
-----------------------------------
Fix Version/s: 3.0.0-CR01
(was: 3.0.0-Beta03)
Fixing oAuth in gadgets
-----------------------
Key: GTNPORTAL-314
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-Beta02
Reporter: jerem j
Fix For: 3.0.0-CR01
Right now in the gadgets, it is not possible to use backend that use an oAuth
authentication.
We need to implement the oAuth Store to store the tokens into the JCR and not in memory
as it is done in the default implementation (BasicOAuthStore.java)
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
the default implementation :
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
In this class there is 2 different things to store :
* Consumer key and secret
getConsumerKeyAndSecret()
Right now in the default implementation it is stored in a file oauth.json. This is
information a user or an admin can set. I think, only admins have to set this key, so we
can keep the storage in the oauth.json. If we find later that we need to often set new
keys, it might be a good idea to create a specific UI for this and store it in the JCR.
If stored in the JCR, it has to be indexed by :
gadget and server
* Tokens
getTokenInfo()
setTokenInfo()
removeToken()
The default implementation store them in memory, so everytime the object is recreated, we
loose the information, and so the user has to authenticate again.
We should store the information of TokenInfo into the JCR indexed by owner, viewer,
gadget, server.
Be careful tokens have an expiration date, so when getting a token, we should make sure
it did not expire.
To test if the implementation is working, you can try with any jira gadget that require
authentication such as the watch gadget. This jira server has been configured to work with
the dev version of gatein 1.0b2 :
http://jira4j.exoplatform.org/secure/Dashboard.jspa
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
4:42 p.m.
New subject: [JBoss JIRA] Commented: (GTNPORTAL-314) Fixing oAuth in gadgets
[
https://jira.jboss.org/jira/browse/GTNPORTAL-314?page=com.atlassian.jira....
]
Julien Viet commented on GTNPORTAL-314:
---------------------------------------
Jeremi, could you explain how to test an implementation of the store appropriately ?
the best thing would be an existing unit test that would assure that the implementation is
properly done.
the other is how to check that it is correctly used.
also you mention about developping something but we do not have context about how it is
used in gatein and how / where it should be integrated.
Fixing oAuth in gadgets
-----------------------
Key: GTNPORTAL-314
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-Beta02
Reporter: jerem j
Fix For: 3.0.0-Beta04
Right now in the gadgets, it is not possible to use backend that use an oAuth
authentication.
We need to implement the oAuth Store to store the tokens into the JCR and not in memory
as it is done in the default implementation (BasicOAuthStore.java)
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
the default implementation :
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
In this class there is 2 different things to store :
* Consumer key and secret
getConsumerKeyAndSecret()
Right now in the default implementation it is stored in a file oauth.json. This is
information a user or an admin can set. I think, only admins have to set this key, so we
can keep the storage in the oauth.json. If we find later that we need to often set new
keys, it might be a good idea to create a specific UI for this and store it in the JCR.
If stored in the JCR, it has to be indexed by :
gadget and server
* Tokens
getTokenInfo()
setTokenInfo()
removeToken()
The default implementation store them in memory, so everytime the object is recreated, we
loose the information, and so the user has to authenticate again.
We should store the information of TokenInfo into the JCR indexed by owner, viewer,
gadget, server.
Be careful tokens have an expiration date, so when getting a token, we should make sure
it did not expire.
To test if the implementation is working, you can try with any jira gadget that require
authentication such as the watch gadget. This jira server has been configured to work with
the dev version of gatein 1.0b2 :
http://jira4j.exoplatform.org/secure/Dashboard.jspa
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:46 p.m.
New subject: [JBoss JIRA] Commented: (GTNPORTAL-314) Fixing oAuth in gadgets
[
https://jira.jboss.org/jira/browse/GTNPORTAL-314?page=com.atlassian.jira....
]
jerem j commented on GTNPORTAL-314:
-----------------------------------
Hi Julien,
I'm going to attach a test case to test your implementation based on shindig test
suit.
To test the implementation, you can use an existing application such as Jira, and try to
authenticate using oauth.
Here is a gadget:
http://jira4j.exoplatform.org/rest/gadgets/1.0/g/com.atlassian.jira.gadge...
I'll send you the credentials by email.
To integrate it in eXo, you need to modify:
In ExoOAuthModule
(http://fisheye.exoplatform.org/browse/GateIn-JBoss/portal/trunk/gadgets/c...)
change ExoOAuthStoreProvider.get to return the store you implemented instead of the
BasicOAuthStore. Right now we just change the parameters of the constructor of
OAuthStoreProvider, but like most of the class will have to be changed, it's better to
remove the subclass OAuthStoreProvider from ExoOAuthStoreProvider and implement all the
functions in ExoOAuthStoreProvider.
Fixing oAuth in gadgets
-----------------------
Key: GTNPORTAL-314
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-Beta02
Reporter: jerem j
Fix For: 3.0.0-Beta04
Right now in the gadgets, it is not possible to use backend that use an oAuth
authentication.
We need to implement the oAuth Store to store the tokens into the JCR and not in memory
as it is done in the default implementation (BasicOAuthStore.java)
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
the default implementation :
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
In this class there is 2 different things to store :
* Consumer key and secret
getConsumerKeyAndSecret()
Right now in the default implementation it is stored in a file oauth.json. This is
information a user or an admin can set. I think, only admins have to set this key, so we
can keep the storage in the oauth.json. If we find later that we need to often set new
keys, it might be a good idea to create a specific UI for this and store it in the JCR.
If stored in the JCR, it has to be indexed by :
gadget and server
* Tokens
getTokenInfo()
setTokenInfo()
removeToken()
The default implementation store them in memory, so everytime the object is recreated, we
loose the information, and so the user has to authenticate again.
We should store the information of TokenInfo into the JCR indexed by owner, viewer,
gadget, server.
Be careful tokens have an expiration date, so when getting a token, we should make sure
it did not expire.
To test if the implementation is working, you can try with any jira gadget that require
authentication such as the watch gadget. This jira server has been configured to work with
the dev version of gatein 1.0b2 :
http://jira4j.exoplatform.org/secure/Dashboard.jspa
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
9:03 p.m.
New subject: [JBoss JIRA] Updated: (GTNPORTAL-314) Fixing oAuth in gadgets
[
https://jira.jboss.org/jira/browse/GTNPORTAL-314?page=com.atlassian.jira....
]
jerem j updated GTNPORTAL-314:
------------------------------
Attachment: ExoOAuthStoreTest.java
the test case
Fixing oAuth in gadgets
-----------------------
Key: GTNPORTAL-314
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-Beta02
Reporter: jerem j
Fix For: 3.0.0-Beta04
Attachments: ExoOAuthStoreTest.java
Right now in the gadgets, it is not possible to use backend that use an oAuth
authentication.
We need to implement the oAuth Store to store the tokens into the JCR and not in memory
as it is done in the default implementation (BasicOAuthStore.java)
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
the default implementation :
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
In this class there is 2 different things to store :
* Consumer key and secret
getConsumerKeyAndSecret()
Right now in the default implementation it is stored in a file oauth.json. This is
information a user or an admin can set. I think, only admins have to set this key, so we
can keep the storage in the oauth.json. If we find later that we need to often set new
keys, it might be a good idea to create a specific UI for this and store it in the JCR.
If stored in the JCR, it has to be indexed by :
gadget and server
* Tokens
getTokenInfo()
setTokenInfo()
removeToken()
The default implementation store them in memory, so everytime the object is recreated, we
loose the information, and so the user has to authenticate again.
We should store the information of TokenInfo into the JCR indexed by owner, viewer,
gadget, server.
Be careful tokens have an expiration date, so when getting a token, we should make sure
it did not expire.
To test if the implementation is working, you can try with any jira gadget that require
authentication such as the watch gadget. This jira server has been configured to work with
the dev version of gatein 1.0b2 :
http://jira4j.exoplatform.org/secure/Dashboard.jspa
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
6:11 a.m.
New subject: [JBoss JIRA] Resolved: (GTNPORTAL-314) Fixing oAuth in gadgets
[
https://jira.jboss.org/jira/browse/GTNPORTAL-314?page=com.atlassian.jira....
]
Trong Tran resolved GTNPORTAL-314.
----------------------------------
Resolution: Done
Assignee: Trong Tran
Fixing oAuth in gadgets
-----------------------
Key: GTNPORTAL-314
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-314
Project: GateIn Portal
Issue Type: Bug
Affects Versions: 3.0.0-Beta02
Reporter: jerem j
Assignee: Trong Tran
Fix For: 3.0.0-Beta05
Attachments: ExoOAuthStoreTest.java
Right now in the gadgets, it is not possible to use backend that use an oAuth
authentication.
We need to implement the oAuth Store to store the tokens into the JCR and not in memory
as it is done in the default implementation (BasicOAuthStore.java)
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
the default implementation :
http://fisheye6.atlassian.com/browse/shindig/trunk/java/gadgets/src/main/...
In this class there is 2 different things to store :
* Consumer key and secret
getConsumerKeyAndSecret()
Right now in the default implementation it is stored in a file oauth.json. This is
information a user or an admin can set. I think, only admins have to set this key, so we
can keep the storage in the oauth.json. If we find later that we need to often set new
keys, it might be a good idea to create a specific UI for this and store it in the JCR.
If stored in the JCR, it has to be indexed by :
gadget and server
* Tokens
getTokenInfo()
setTokenInfo()
removeToken()
The default implementation store them in memory, so everytime the object is recreated, we
loose the information, and so the user has to authenticate again.
We should store the information of TokenInfo into the JCR indexed by owner, viewer,
gadget, server.
Be careful tokens have an expiration date, so when getting a token, we should make sure
it did not expire.
To test if the implementation is working, you can try with any jira gadget that require
authentication such as the watch gadget. This jira server has been configured to work with
the dev version of gatein 1.0b2 :
http://jira4j.exoplatform.org/secure/Dashboard.jspa
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
5768
days inactive
5817
days old
5 comments
4 participants
participants (4)
-
jerem j (JIRA) -
Julien Viet (JIRA)
-
Thomas Heute (JIRA)
-
Trong Tran (JIRA)