Package org.apache.shindig.auth

Examples of org.apache.shindig.auth.SecurityToken

103
104
105
106
107
108
109
110
111
112
113
        return encryptedToken;
    }

    @Override
    public SecurityToken decryptSecurityToken(String encryptedSecurityToken) throws SecurityTokenException {
        SecurityToken securityToken;

        try {
            if (logger.isTraceEnabled()) {
                logger.trace("Decrypting security token: " + encryptedSecurityToken);
            }
View Full Code Here
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
    }

    @Override
    public String refreshEncryptedSecurityToken(String encryptedSecurityToken) throws SecurityTokenException {
        //Decrypt the current token
        SecurityToken securityToken = this.decryptSecurityToken(encryptedSecurityToken);

        //Make sure the person is authorized to refresh this token
        String userId = String.valueOf(userService.getAuthenticatedUser().getUsername());
        if (!securityToken.getViewerId().equalsIgnoreCase(userId)) {
            throw new SecurityTokenException("Illegal attempt by user " + userId +
                    " to refresh security token with a viewerId of " + securityToken.getViewerId());
        }

        //Create a new RegionWidget instance from it so we can use it to generate a new encrypted token
        RegionWidget regionWidget = new RegionWidgetImpl(securityToken.getModuleId(),
                new WidgetImpl(-1L, securityToken.getAppUrl()),
                new RegionImpl(-1L, new PageImpl(-1L, userService.getUserByUsername(securityToken.getOwnerId())), -1));

        //Create and return the newly encrypted token
        return getEncryptedSecurityToken(regionWidget);
    }
View Full Code Here
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
      sendError(servletResponse,
                new ResponseItem(HttpServletResponse.SC_BAD_REQUEST, "Only POST/GET Allowed"));
      return;
    }

    SecurityToken token = getSecurityToken(servletRequest);
    if (token == null) {
      sendSecurityError(servletResponse);
      return;
    }

    HttpUtil.setCORSheader(servletResponse, containerConfig.<String>getList(token.getContainer(), "gadgets.parentOrigins"));

    try {
      String content = null;
      String callback = null; // for JSONP
      Map<String,FormDataItem> formData = Maps.newHashMap();
View Full Code Here
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
    // Requests that don't use authentication can share the result.
    return null;
  }

  protected static String getTokenOwner(HttpRequest request) {
    SecurityToken st = request.getSecurityToken();
    if (request.getAuthType() != AuthType.NONE && request.getAuthType() != AuthType.OAUTH2
        && st.getOwnerId() != null
        && st.getOwnerId().equals(st.getViewerId())
        && request.getOAuthArguments().mayUseToken()) {
      return st.getOwnerId();
    }
    // Requests that don't use authentication can share the result.
    return null;
  }
View Full Code Here
127
128
129
130
131
132
133
134
135
136
137
        false /* isSignViewer */,
        ImmutableMap.of("OAUTH_SERVICE_NAME", SERVICE_NAME, "OAUTH_TOKEN_NAME", TOKEN_NAME));
    replay(authInfo);

    String ownerId = "owner eye dee";
    SecurityToken securityToken = new BasicSecurityToken(ownerId, "", "", "",
        APP_URI.toString(), MODULE_ID, CONTAINER_NAME, null, null);

    HttpRequest request = new HttpRequest(DEFAULT_URI)
        .setAuthType(AuthType.SIGNED)
        .setOAuthArguments(new OAuthArguments(authInfo))
View Full Code Here
168
169
170
171
172
173
174
175
176
177
178
        true /* isSignViewer */,
        ImmutableMap.of("OAUTH_SERVICE_NAME", SERVICE_NAME, "OAUTH_TOKEN_NAME", TOKEN_NAME));
    replay(authInfo);

    String viewerId = "viewer eye dee";
    SecurityToken securityToken = new BasicSecurityToken(
        "", viewerId, "", "", APP_URI.toString(), MODULE_ID, CONTAINER_NAME, null, null);

    HttpRequest request = new HttpRequest(DEFAULT_URI)
        .setAuthType(AuthType.SIGNED)
        .setOAuthArguments(new OAuthArguments(authInfo))
View Full Code Here
198
199
200
201
202
203
204
205
206
207
208
        ImmutableMap.of("OAUTH_SERVICE_NAME", SERVICE_NAME, "OAUTH_TOKEN_NAME", TOKEN_NAME,
            "OAUTH_USE_TOKEN", "always"));
    replay(authInfo);

    String userId = "user id";
    SecurityToken securityToken = new BasicSecurityToken(
        userId, userId, "", "", APP_URI.toString(), MODULE_ID, CONTAINER_NAME, null, null);

    HttpRequest request = new HttpRequest(DEFAULT_URI)
        .setAuthType(AuthType.SIGNED)
        .setOAuthArguments(new OAuthArguments(authInfo))
View Full Code Here
338
339
340
341
342
343
344
345
346
347
348
    JSONArray people = db.getDb().getJSONArray("people");
    JSONObject jsonPerson = new JSONObject();
    jsonPerson.put("id", "updatePerson");
    people.put(people.length(),jsonPerson);

    SecurityToken updateToken = new FakeGadgetToken("appId", "appUrl", "domain", "updatePerson", "trustedJson", "updatePerson", "20");

    // Get user
    UserId userId = new UserId(UserId.Type.userId, "updatePerson");
    Person person = db
        .getPerson(userId, Person.Field.ALL_FIELDS, token).get();
View Full Code Here
365
366
367
368
369
370
371
372
373
374
375
    JSONArray people = db.getDb().getJSONArray("people");
    JSONObject jsonPerson = new JSONObject();
    jsonPerson.put("id", "updatePerson");
    people.put(people.length(),jsonPerson);

    SecurityToken updateToken = new FakeGadgetToken("appId", "appUrl", "domain", "viewer", "trustedJson", "viewer", "20");

    // Get user
    UserId userId = new UserId(UserId.Type.userId, "updatePerson");
    Person person = db
        .getPerson(userId, Person.Field.ALL_FIELDS, token).get();
View Full Code Here
254
255
256
257
258
259
260
261
262
263
264
    private void testGetPersonData(Set<String> fields, String ownerId, String viewerId, String applicationId,
                                   ApplicationData applicationData, Map<String, String> expectedData) throws Exception {

        Set<UserId> userIds = new HashSet<UserId>(Arrays.asList(new UserId(UserId.Type.userId, VALID_USER_ID)));

        SecurityToken securityToken = getMockSecurityToken(ownerId, viewerId, applicationId, VALID_MODULE_ID);

        List<Person> users = Arrays.asList(validPerson);
        GroupId groupId = new GroupId(GroupId.Type.self, "@self");
        expect(personService.getPeople(userIds, groupId, null, securityToken)).andReturn(users);
        replay(personService);
View Full Code Here
TOP

Related Classes of org.apache.shindig.auth.SecurityToken

  • org.apache.rave.opensocial.service.AppDataServiceTest
  • org.apache.rave.opensocial.service.impl.DefaultActivityStreamsService
  • org.apache.rave.provider.opensocial.service.impl.EncryptedBlobSecurityTokenService
  • org.apache.rave.provider.opensocial.service.SecurityTokenServiceTest
  • org.apache.shindig.gadgets.config.ShindigAuthConfigContributor
  • org.apache.shindig.gadgets.DefaultGadgetSpecFactoryTest
  • org.apache.shindig.gadgets.http.AbstractHttpCache
  • org.apache.shindig.gadgets.http.AbstractHttpCacheTest
  • org.apache.shindig.gadgets.oauth.OAuthFetcher
  • org.apache.shindig.gadgets.oauth.OAuthFetcherTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.