Examples of org.apache.shindig.auth.BlobCrypterSecurityToken

org.apache.shindig.auth.BlobCrypterSecurityToken
Authentication based on a provided BlobCrypter. Wire format is "<container>:<encrypted-and-signed-token>" Container is included so different containers can use different security tokens if necessary.

        values.put(AbstractSecurityToken.Keys.OWNER.getKey(),
                String.valueOf(regionWidget.getRegion().getPage().getOwner().getUsername()));
        values.put(AbstractSecurityToken.Keys.VIEWER.getKey(), String.valueOf(user.getUsername()));
        values.put(AbstractSecurityToken.Keys.TRUSTED_JSON.getKey(), "");


        BlobCrypterSecurityToken securityToken = new BlobCrypterSecurityToken(container, domain, null, values);


        if (logger.isTraceEnabled()) {
            logger.trace("Token created for regionWidget " + regionWidget.toString() + " and user " + user.toString());
        }

View Full Code Here

    if (instance.getWidget() == null || instance.getIdKey() == null) {
      throw new Exception(localizedMessages.getString("OpenSocialUtils.1")); //$NON-NLS-1$
    }
    
    BasicBlobCrypter crypter = new BasicBlobCrypter(key.getBytes());
    BlobCrypterSecurityToken token = new BlobCrypterSecurityToken(crypter, CONTAINER_ID, DOMAIN_ID);
    token.setAppUrl(getUrl(instance));
    // The ModuleId only takes a long, so we just have to hash the idKey for now. We could use the instance id,
    // but this would involve updating the instance object in a two-step create, which is more fiddly and expensive.
    token.setModuleId(instance.getIdKey().hashCode());
    token.setOwnerId(getOwnerId(instance));
    token.setViewerId(getUserId(instance));
    // The URL used in the active request
    token.setActiveUrl(getUrl(instance));
    
    String encryptedToken = token.encrypt();
    
    encryptedToken = URLEncoder.encode(encryptedToken, "UTF-8"); //$NON-NLS-1$
    
    return encryptedToken;
  }

View Full Code Here

    @Override
    public String getEncryptedSecurityToken(RegionWidget regionWidget, Widget widget) throws SecurityTokenException {
        String encryptedToken = null;


        try {
            BlobCrypterSecurityToken securityToken = this.getBlobCrypterSecurityToken(regionWidget, widget);
            encryptedToken = this.encryptSecurityToken(securityToken);
        } catch (Exception e) {
            throw new SecurityTokenException("Error creating security token from regionWidget", e);
        }

View Full Code Here

            //Remove the header container string and :
            encryptedSecurityToken = encryptedSecurityToken.substring((container + ":").length());


            //Decrypt
            Map<String, String> values = blobCrypter.unwrap(encryptedSecurityToken);
            securityToken = new BlobCrypterSecurityToken(container, domain, null, values);
        } catch (Exception e) {
            throw new SecurityTokenException("Error creating security token from encrypted string: " +
                    encryptedSecurityToken, e);
        }

View Full Code Here

        values.put(AbstractSecurityToken.Keys.OWNER.getKey(),
                String.valueOf(userService.getUserById(regionWidget.getRegion().getPage().getOwnerId()).getUsername()));
        values.put(AbstractSecurityToken.Keys.VIEWER.getKey(), String.valueOf(user.getUsername()));
        values.put(AbstractSecurityToken.Keys.TRUSTED_JSON.getKey(), "");


        BlobCrypterSecurityToken securityToken = new BlobCrypterSecurityToken(container, domain, null, values);


        if (logger.isTraceEnabled()) {
            logger.trace("Token created for regionWidget " + regionWidget.toString() + " and user " + user.toString());
        }

View Full Code Here

    }


    protected String createToken(String gadgetURL, String owner, String viewer, Long moduleId, String container) {
        try {
            BlobCrypter blobCrypter = getBlobCrypter();
            BlobCrypterSecurityToken t = new BlobCrypterSecurityToken(blobCrypter, container, null);


            t.setAppUrl(gadgetURL);
            t.setModuleId(moduleId);
            t.setOwnerId(owner);
            t.setViewerId(viewer);
            t.setTrustedJson("trusted");


            return t.encrypt();
        } catch (IOException e) {
            log.error(e.getMessage(), e);
        } catch (BlobCrypterException e) {
            log.error(e.getMessage(), e);
        }

View Full Code Here

    if (instance.getWidget() == null || instance.getIdKey() == null) {
      throw new Exception(localizedMessages.getString("OpenSocialUtils.1")); //$NON-NLS-1$
    }
    
    BasicBlobCrypter crypter = new BasicBlobCrypter(key.getBytes());
    BlobCrypterSecurityToken token = new BlobCrypterSecurityToken(crypter, CONTAINER_ID, DOMAIN_ID);
    token.setAppUrl(getUrl(instance));
    // The ModuleId only takes a long, so we just have to hash the idKey for now. We could use the instance id,
    // but this would involve updating the instance object in a two-step create, which is more fiddly and expensive.
    token.setModuleId(instance.getIdKey().hashCode());
    token.setOwnerId(getOwnerId(instance));
    token.setViewerId(getUserId(instance));
    // The URL used in the active request
    token.setActiveUrl(getUrl(instance));
    
    String encryptedToken = token.encrypt();
    
    encryptedToken = URLEncoder.encode(encryptedToken, "UTF-8"); //$NON-NLS-1$
    
    return encryptedToken;
  }

View Full Code Here

      sb.append(endpoint).append( "?method=" + SYSTEM_LIST_METHODS_METHOD );
      Map<String, String> parms = Maps.newHashMap();
      parms.put( OWNER.getKey(), ANONYMOUS_ID );
      parms.put( VIEWER.getKey(), ANONYMOUS_ID );
      parms.put( APP_URL.getKey(), "0" );
      SecurityToken token = new BlobCrypterSecurityToken(container, "*", "0", parms);
      sb.append( "&st=" ).append( codec.encodeToken( token ));
      Uri url = Uri.parse(sb.toString());
      HttpRequest request = new HttpRequest(url).setInternalRequest(true);


      HttpResponse response = fetcher.fetch(request);

View Full Code Here

    @Override
    public String getEncryptedSecurityToken(RegionWidget regionWidget) throws SecurityTokenException {
        String encryptedToken = null;


        try {
            BlobCrypterSecurityToken securityToken = this.getBlobCrypterSecurityToken(regionWidget);
            encryptedToken = this.encryptSecurityToken(securityToken);
        } catch (Exception e) {
            throw new SecurityTokenException("Error creating security token from regionWidget", e);
        }

View Full Code Here


    private BlobCrypterSecurityToken getBlobCrypterSecurityToken(RegionWidget regionWidget)
            throws SecurityTokenException {
        User user = userService.getAuthenticatedUser();


        BlobCrypterSecurityToken securityToken = new BlobCrypterSecurityToken(blobCrypter, container, domain);
        securityToken.setAppUrl(regionWidget.getWidget().getUrl());
        securityToken.setModuleId(regionWidget.getEntityId());
        securityToken.setOwnerId(String.valueOf(regionWidget.getRegion().getPage().getOwner().getEntityId()));
        securityToken.setViewerId(String.valueOf(user.getEntityId()));
        securityToken.setTrustedJson("");


        if (logger.isTraceEnabled()) {
            logger.trace("Token created for regionWidget " + regionWidget.toString() + " and user " + user.toString());
        }

View Full Code Here

0 1 2

TOP

Related Classes of org.apache.shindig.auth.BlobCrypterSecurityToken

org.apache.rave.provider.opensocial.service.impl.EncryptedBlobSecurityTokenService

org.apache.shindig.gadgets.render.DefaultServiceFetcher

org.apache.wookie.util.opensocial.OpenSocialUtils

org.exoplatform.portal.gadget.core.ExoDefaultSecurityTokenGenerator

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.