roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From snoopd...@apache.org
Subject svn commit: r755000 [2/4] - in /roller/trunk: apps/weblogger/ apps/weblogger/nbproject/ apps/weblogger/src/java/META-INF/ apps/weblogger/src/java/org/apache/roller/weblogger/business/ apps/weblogger/src/java/org/apache/roller/weblogger/business/jpa/ ap...
Date Mon, 16 Mar 2009 20:40:08 GMT
Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java?rev=755000&r1=754999&r2=755000&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java (original)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/util/MailUtil.java Mon
Mar 16 20:40:06 2009
@@ -79,8 +79,10 @@
     public static void sendPendingEntryNotice(WeblogEntry entry) 
             throws WebloggerException {
         
-        Session mailSession = WebloggerStartup.getMailProvider().getSession();
-        if(mailSession == null) {
+        Session mailSession = WebloggerStartup.getMailProvider() != null
+                ? WebloggerStartup.getMailProvider().getSession() : null;
+
+        if (mailSession == null) {
             throw new WebloggerException("Couldn't get mail Session");
         }
         
@@ -148,7 +150,9 @@
                                             User user)
             throws WebloggerException {
         
-        Session mailSession = WebloggerStartup.getMailProvider().getSession();
+        Session mailSession = WebloggerStartup.getMailProvider() != null
+                ? WebloggerStartup.getMailProvider().getSession() : null;
+
         if(mailSession == null) {
             throw new WebloggerException("ERROR: Notification email(s) not sent, "
                     + "Roller's mail session not properly configured");
@@ -205,7 +209,9 @@
     public static void sendUserActivationEmail(User user)
             throws WebloggerException {
         
-        Session mailSession = WebloggerStartup.getMailProvider().getSession();
+        Session mailSession = WebloggerStartup.getMailProvider() != null
+                ? WebloggerStartup.getMailProvider().getSession() : null;
+
         if(mailSession == null) {
             throw new WebloggerException("ERROR: Notification email(s) not sent, "
                     + "Roller's mail session not properly configured");
@@ -585,7 +591,7 @@
             throws MessagingException {
         
         MailProvider mailProvider = WebloggerStartup.getMailProvider();
-        if(mailProvider == null) {
+        if (mailProvider == null) {
             return;
         }
         

Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java?rev=755000&r1=754999&r2=755000&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java
(original)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandler.java
Mon Mar 16 20:40:06 2009
@@ -1,6 +1,6 @@
 /*
 * Licensed to the Apache Software Foundation (ASF) under one or more
-*  contributor license agreements.  The ASF licenses this file to You
+* contributor license agreements.  The ASF licenses this file to You
 * under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License.
 * You may obtain a copy of the License at
@@ -37,11 +37,18 @@
 import com.sun.syndication.propono.atom.server.AtomHandler;
 import com.sun.syndication.propono.atom.server.AtomMediaResource;
 import com.sun.syndication.propono.atom.server.AtomNotFoundException;
+import javax.servlet.http.HttpServletResponse;
+import net.oauth.OAuthAccessor;
+import net.oauth.OAuthMessage;
+import net.oauth.server.OAuthServlet;
 import org.apache.commons.lang.StringUtils;
 import org.apache.roller.weblogger.WebloggerException;
+import org.apache.roller.weblogger.business.OAuthManager;
 import org.apache.roller.weblogger.config.WebloggerConfig;
+import org.apache.roller.weblogger.config.WebloggerRuntimeConfig;
 import org.apache.roller.weblogger.pojos.WeblogPermission;
 
+
 /**
  * Weblogger's ROME Propono-based Atom Protocol implementation.
  * 
@@ -53,7 +60,6 @@
  * Here are the APP URIs suppored by Weblogger:
  * 
  * <pre>
- * 
  *    /roller-services/app
  *    Introspection doc
  * 
@@ -79,8 +85,8 @@
  * 
  *    /roller-services/app/[weblog-handle]/resource/[name]
  *    Individual resource data (GET)
- * 
  * </pre>
+ *
  * @author David M Johnson
  */
 public class RollerAtomHandler implements AtomHandler {
@@ -106,12 +112,20 @@
      * If user is authenticated, then getAuthenticatedUsername() will return
      * then user's name, otherwise it will return null.
      */
-    public RollerAtomHandler(HttpServletRequest request) {
+    public RollerAtomHandler(HttpServletRequest request, HttpServletResponse response) {
         roller = WebloggerFactory.getWeblogger();
-        
-        // TODO: decide what to do about authentication, is WSSE going to fly?
-        //String userName = authenticateWSSE(request);
-        String userName = authenticateBASIC(request);
+
+        String userName = null;
+        if ("oauth".equals(WebloggerRuntimeConfig.getProperty("webservices.atomPubAuth")))
{
+            userName = authenticationOAUTH(request, response);
+
+        } else if ("wsse".equals(WebloggerRuntimeConfig.getProperty("webservices.atomPubAuth")))
{
+            userName = authenticateWSSE(request);
+
+        } else { // default to basic
+            userName = authenticateBASIC(request);
+        }
+
         if (userName != null) {
             try {
                 this.user = roller.getUserManager().getUserByUserName(userName);
@@ -122,9 +136,6 @@
         
         atomURL = WebloggerFactory.getWeblogger().getUrlStrategy().getAtomProtocolURL(true);
     }
-    
-    /** For testing and for those who wish to extend */
-    public RollerAtomHandler() {}
 
     /**
      * Return weblogHandle of authenticated user or null if there is none.
@@ -462,6 +473,29 @@
     }
 
     
+    private String authenticationOAUTH(
+            HttpServletRequest request, HttpServletResponse response) {
+        try {
+            OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager();
+            OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
+            OAuthAccessor accessor = omgr.getAccessor(requestMessage);
+            omgr.getValidator().validateMessage(requestMessage, accessor);
+            return (String)accessor.consumer.getProperty("userId");
+
+        } catch (Exception ex) {
+            log.debug("ERROR authenticating user", ex);
+            String realm = (request.isSecure())?"https://":"http://";
+            realm += request.getLocalName();
+            try {
+                OAuthServlet.handleException(response, ex, realm, true);
+            } catch (Exception ioe) {
+                log.debug("ERROR writing error response", ioe);
+            }
+        }
+        return null;
+    }
+
+
     public static void oneSecondThrottle() {
         // Throttle one entry per second per weblog because time-
         // stamp in MySQL and other DBs has only 1 sec resolution
@@ -471,4 +505,5 @@
             }  
         } catch (Exception ignored) {} 
     }
+
 }

Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java?rev=755000&r1=754999&r2=755000&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java
(original)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/atomprotocol/RollerAtomHandlerFactory.java
Mon Mar 16 20:40:06 2009
@@ -1,6 +1,6 @@
 /*
 * Licensed to the Apache Software Foundation (ASF) under one or more
-*  contributor license agreements.  The ASF licenses this file to You
+* contributor license agreements.  The ASF licenses this file to You
 * under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License.
 * You may obtain a copy of the License at
@@ -21,6 +21,7 @@
 import com.sun.syndication.propono.atom.server.AtomHandlerFactory;
 import com.sun.syndication.propono.atom.server.AtomHandler;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 
 /**
  * Extends {@link com.sun.syndication.propono.atom.server.AtomHandlerFactory} to create and
return 
@@ -31,8 +32,9 @@
     /**
      * Create new AtomHandler.
      */
-    public AtomHandler newAtomHandler( HttpServletRequest req ) {
-        return new RollerAtomHandler(req);
+    public AtomHandler newAtomHandler(
+            HttpServletRequest req, HttpServletResponse res) {
+        return new RollerAtomHandler(req, res);
     }    
 }
       

Added: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java?rev=755000&view=auto
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java
(added)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AccessTokenServlet.java
Mon Mar 16 20:40:06 2009
@@ -0,0 +1,105 @@
+/*
+ * Copyright 2007 AOL, LLC.
+ * Portions Copyright 2009 Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.roller.weblogger.webservices.oauth;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import net.oauth.OAuth;
+import net.oauth.OAuthAccessor;
+import net.oauth.OAuthMessage;
+import net.oauth.OAuthProblemException;
+import net.oauth.server.OAuthServlet;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.business.OAuthManager;
+import org.apache.roller.weblogger.business.WebloggerFactory;
+
+/**
+ * Access Token request handler
+ *
+ * @author Praveen Alavilli
+ * @author Dave Johnson (adapted for Roller)
+ */
+public class AccessTokenServlet extends HttpServlet {
+    protected static Log log =
+            LogFactory.getFactory().getInstance(AccessTokenServlet.class);
+    
+    @Override
+    public void init(ServletConfig config) throws ServletException {
+        super.init(config);
+        // nothing at this point
+    }
+    
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+        processRequest(request, response);
+    }
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+        processRequest(request, response);
+    }
+        
+    public void processRequest(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+        try{
+            OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
+            
+            OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager();
+            OAuthAccessor accessor = omgr.getAccessor(requestMessage);
+            omgr.getValidator().validateMessage(requestMessage, accessor);
+            
+            // make sure token is authorized
+            if (!Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
+                 OAuthProblemException problem = new OAuthProblemException("permission_denied");
+                throw problem;
+            }
+            // generate access token and secret
+            omgr.generateAccessToken(accessor);
+            WebloggerFactory.getWeblogger().flush();
+            
+            response.setContentType("text/plain");
+            OutputStream out = response.getOutputStream();
+            OAuth.formEncode(OAuth.newList(
+                "oauth_token", accessor.accessToken,
+                "oauth_token_secret", accessor.tokenSecret), out);
+            out.close();
+            
+        } catch (Exception e){
+            handleException(e, request, response, true);
+        }
+    }
+
+    public void handleException(Exception e, HttpServletRequest request,
+            HttpServletResponse response, boolean sendBody)
+            throws IOException, ServletException {
+        log.debug("ERROR authorizing token", e);
+        String realm = (request.isSecure())?"https://":"http://";
+        realm += request.getLocalName();
+        OAuthServlet.handleException(response, e, realm, sendBody);
+    }
+
+}

Added: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java?rev=755000&view=auto
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
(added)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
Mon Mar 16 20:40:06 2009
@@ -0,0 +1,160 @@
+/*
+ * Copyright 2007 AOL, LLC.
+ * Portions Copyright 2009 Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.roller.weblogger.webservices.oauth;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import net.oauth.OAuth;
+import net.oauth.OAuthAccessor;
+import net.oauth.OAuthMessage;
+import net.oauth.server.OAuthServlet;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.business.OAuthManager;
+import org.apache.roller.weblogger.business.WebloggerFactory;
+
+/**
+ * Autherization request handler.
+ *
+ * @author Praveen Alavilli
+ * @author Dave Johnson (adapted for Roller)
+ */
+public class AuthorizationServlet extends HttpServlet {
+    protected static Log log =
+            LogFactory.getFactory().getInstance(AuthorizationServlet.class);
+    
+    @Override
+    public void init(ServletConfig config) throws ServletException {
+        super.init(config);
+        // nothing at this point
+    }
+    
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+        
+        try{
+            OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
+            
+            OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager();
+            OAuthAccessor accessor = omgr.getAccessor(requestMessage);
+           
+            if (Boolean.TRUE.equals(accessor.getProperty("authorized"))) {
+                // already authorized send the user back
+                returnToConsumer(request, response, accessor);
+            } else {
+                sendToAuthorizePage(request, response, accessor);
+            }
+        
+        } catch (Exception e){
+            handleException(e, request, response, true);
+        }
+    }
+    
+    @Override 
+    public void doPost(HttpServletRequest request, HttpServletResponse response) 
+            throws IOException, ServletException{
+        
+        try{
+            OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
+            
+            OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager();
+            OAuthAccessor accessor = omgr.getAccessor(requestMessage);
+            
+            String userId = request.getParameter("userId");
+            if (userId == null){
+                sendToAuthorizePage(request, response, accessor);
+            }
+            // set userId in accessor and mark it as authorized
+            omgr.markAsAuthorized(accessor, userId);
+            WebloggerFactory.getWeblogger().flush();
+            
+            returnToConsumer(request, response, accessor);
+
+            
+        } catch (Exception e){
+            handleException(e, request, response, true);
+        }
+    }
+    
+    private void sendToAuthorizePage(HttpServletRequest request, 
+            HttpServletResponse response, OAuthAccessor accessor)
+    throws IOException, ServletException{
+        String callback = request.getParameter("oauth_callback");
+        if(callback == null || callback.length() <=0) {
+            callback = "none";
+        }
+        String consumer_description = (String)accessor.consumer.getProperty("description");
+        request.setAttribute("CONS_DESC", consumer_description);
+        request.setAttribute("CALLBACK", callback);
+        request.setAttribute("TOKEN", accessor.requestToken);
+        request.getRequestDispatcher("/roller-ui/oauthAuthorize.rol").forward(request, response);
+    }
+    
+    private void returnToConsumer(HttpServletRequest request, 
+            HttpServletResponse response, OAuthAccessor accessor)
+        throws IOException, ServletException {
+
+        // send the user back to site's callBackUrl
+        String callback = request.getParameter("oauth_callback");
+        if ("none".equals(callback)
+            && accessor.consumer.callbackURL != null 
+                && accessor.consumer.callbackURL.length() > 0){
+            // first check if we have something in our properties file
+            callback = accessor.consumer.callbackURL;
+        }
+        
+        if ( "none".equals(callback) ) {
+            // no call back it must be a client
+            response.setContentType("text/plain");
+            PrintWriter out = response.getWriter();
+            out.println("You have successfully authorized for consumer key '"
+                    + accessor.consumer.consumerKey
+                    + "'. Please close this browser window and click continue"
+                    + " in the client.");
+            out.close();
+        } else {
+            // if callback is not passed in, use the callback from config
+            if(callback == null || callback.length() <=0 )
+                callback = accessor.consumer.callbackURL;
+            String token = accessor.requestToken;
+            if (token != null && callback != null) {
+                callback = OAuth.addParameters(callback, "oauth_token", token);
+            }
+
+            response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
+            response.setHeader("Location", callback);
+        }
+    }
+
+    public void handleException(Exception e, HttpServletRequest request,
+            HttpServletResponse response, boolean sendBody)
+            throws IOException, ServletException {
+        log.debug("ERROR authorizing token", e);
+        String realm = (request.isSecure())?"https://":"http://";
+        realm += request.getLocalName();
+        OAuthServlet.handleException(response, e, realm, sendBody);
+    }
+}

Added: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java?rev=755000&view=auto
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java
(added)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/RequestTokenServlet.java
Mon Mar 16 20:40:06 2009
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2007 AOL, LLC.
+ * Portions Copyright 2009 Apache Software Foundation
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.roller.weblogger.webservices.oauth;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+import javax.servlet.ServletConfig;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import net.oauth.OAuth;
+import net.oauth.OAuthAccessor;
+import net.oauth.OAuthConsumer;
+import net.oauth.OAuthMessage;
+import net.oauth.server.OAuthServlet;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.business.OAuthManager;
+import org.apache.roller.weblogger.business.WebloggerFactory;
+
+
+/**
+ * Request token request handler
+ * 
+ * @author Praveen Alavilli
+ * @author Dave Johnson (adapted for Roller)
+ */
+public class RequestTokenServlet extends HttpServlet {
+    protected static Log log =
+            LogFactory.getFactory().getInstance(RequestTokenServlet.class);
+    
+    @Override
+    public void init(ServletConfig config) throws ServletException {
+        super.init(config);
+    }
+    
+    @Override
+    public void doGet(HttpServletRequest request, HttpServletResponse response) 
+            throws IOException, ServletException {
+        processRequest(request, response);
+    }
+    
+    @Override
+    public void doPost(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+        processRequest(request, response);
+    }
+        
+    public void processRequest(HttpServletRequest request, HttpServletResponse response)
+            throws IOException, ServletException {
+
+        try {
+            OAuthMessage requestMessage = OAuthServlet.getMessage(request, null);
+            OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager();      
     
+            OAuthAccessor accessor = omgr.getAccessor(requestMessage);
+
+            if (accessor == null) {
+
+                OAuthConsumer consumer = omgr.getConsumer(requestMessage);
+                accessor = new OAuthAccessor(consumer);
+                omgr.getValidator().validateMessage(requestMessage, accessor);
+
+                {
+                    // Support the 'Variable Accessor Secret' extension
+                    // described in http://oauth.pbwiki.com/AccessorSecret
+                    String secret = requestMessage.getParameter("oauth_accessor_secret");
+                    if (secret != null) {
+                        accessor.setProperty(OAuthConsumer.ACCESSOR_SECRET, secret);
+                    }
+                }
+
+                // generate request_token and secret
+                omgr.generateRequestToken(accessor);
+                WebloggerFactory.getWeblogger().flush();
+            }
+
+            response.setContentType("text/plain");
+            OutputStream out = response.getOutputStream();
+            String token = accessor.requestToken != null
+                    ? accessor.requestToken: accessor.accessToken;
+            OAuth.formEncode(OAuth.newList(
+                    "oauth_token", token,
+                    "oauth_token_secret", accessor.tokenSecret), out);
+            out.close();
+            
+        } catch (Exception e){
+            handleException(e, request, response, true);
+        }
+        
+    }
+
+    public void handleException(Exception e, HttpServletRequest request,
+            HttpServletResponse response, boolean sendBody)
+            throws IOException, ServletException {
+        log.debug("ERROR authorizing token", e);
+        String realm = (request.isSecure())?"https://":"http://";
+        realm += request.getLocalName();
+        OAuthServlet.handleException(response, e, realm, sendBody);
+    }
+}

Modified: roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm?rev=755000&r1=754999&r2=755000&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm (original)
+++ roller/trunk/apps/weblogger/src/sql/400-to-500-migration.vm Mon Mar 16 20:40:06 2009
@@ -67,3 +67,22 @@
 create index ua_username_idx  on roller_userattribute( username$!db.INDEXSIZE );
 create index ua_attrname_idx  on roller_userattribute( attrname$!db.INDEXSIZE );
 create index ua_attrvalue_idx on roller_userattribute( attrvalue$!db.INDEXSIZE );
+
+create table rol_oauthconsumer (
+    consumerkey varchar(48) not null primary key,
+    consumersecret varchar(48) not null,
+    username varchar(48) not null
+);
+create index oc_username_idx  on rol_oauthconsumer( username$!db.INDEXSIZE );
+create index oc_consumerkey_idx  on rol_oauthconsumer( consumerkey$!db.INDEXSIZE );
+
+create table rol_oauthaccessor (
+    consumerkey varchar(48) not null primary key,
+    requesttoken varchar(48),
+    accesstoken varchar(48),
+    tokensecret varchar(48),
+    created $db.TIMESTAMP_SQL_TYPE not null,
+    updated $db.TIMESTAMP_SQL_TYPE not null,
+    authorized $db.BOOLEAN_SQL_TYPE_FALSE
+);
+create index oa_consumerkey_idx  on rol_oauthaccessor( consumerkey$!db.INDEXSIZE );

Modified: roller/trunk/apps/weblogger/src/sql/createdb.vm
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/sql/createdb.vm?rev=755000&r1=754999&r2=755000&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/sql/createdb.vm (original)
+++ roller/trunk/apps/weblogger/src/sql/createdb.vm Mon Mar 16 20:40:06 2009
@@ -435,7 +435,27 @@
 create index ea_entryid_idx on entryattribute( entryid );
 alter table entryattribute add constraint ea_name_uq unique ( entryid, name$!db.INDEXSIZE
);
 
-
+-- each record is an OAuth consumer key and secret, can be tied to just one user
+create table rol_oauthconsumer (
+    consumerkey varchar(48) not null primary key,
+    consumersecret varchar(48) not null,
+    username varchar(48)
+);
+create index oc_username_idx  on rol_oauthconsumer( username$!db.INDEXSIZE );
+create index oc_consumerkey_idx  on rol_oauthconsumer( consumerkey$!db.INDEXSIZE );
+
+-- each record is an OAuth accessor, always tied to just one user
+create table rol_oauthaccessor (
+    consumerkey varchar(48) not null primary key,
+    requesttoken varchar(48),
+    accesstoken varchar(48),
+    tokensecret varchar(48),
+    created $db.TIMESTAMP_SQL_TYPE not null,
+    updated $db.TIMESTAMP_SQL_TYPE not null,
+    username varchar(48) not null,
+    authorized $db.BOOLEAN_SQL_TYPE_FALSE
+);
+create index oa_consumerkey_idx  on rol_oauthaccessor( consumerkey$!db.INDEXSIZE );
 
 create table rag_properties (
     name     varchar(255) not null primary key,

Modified: roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java?rev=755000&r1=754999&r2=755000&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java
(original)
+++ roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/SupplementalWeblogServicesTestSuite.java
Mon Mar 16 20:40:06 2009
@@ -20,6 +20,7 @@
 
 import junit.framework.Test;
 import junit.framework.TestSuite;
+import org.apache.roller.weblogger.business.jpa.JPAOAuthManagerTest;
 
 
 /**
@@ -54,6 +55,8 @@
         // referrers
         suite.addTestSuite(RefererTest.class);
 
+        suite.addTestSuite(JPAOAuthManagerTest.class);
+
         return suite;
     }
     

Added: roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java?rev=755000&view=auto
==============================================================================
--- roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java
(added)
+++ roller/trunk/apps/weblogger/test/java/org/apache/roller/weblogger/business/jpa/JPAOAuthManagerTest.java
Mon Mar 16 20:40:06 2009
@@ -0,0 +1,87 @@
+/*
+* Licensed to the Apache Software Foundation (ASF) under one or more
+*  contributor license agreements.  The ASF licenses this file to You
+* under the Apache License, Version 2.0 (the "License"); you may not
+* use this file except in compliance with the License.
+* You may obtain a copy of the License at
+*
+*     http://www.apache.org/licenses/LICENSE-2.0
+*
+* Unless required by applicable law or agreed to in writing, software
+* distributed under the License is distributed on an "AS IS" BASIS,
+* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+* See the License for the specific language governing permissions and
+* limitations under the License.  For additional information regarding
+* copyright in this work, please see the NOTICE file in the top level
+* directory of this distribution.
+*/
+
+package org.apache.roller.weblogger.business.jpa;
+
+import junit.framework.TestCase;
+import net.oauth.OAuthAccessor;
+import net.oauth.OAuthConsumer;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.apache.roller.weblogger.TestUtils;
+import org.apache.roller.weblogger.business.WebloggerFactory;
+
+
+/**
+ * Test Weblogger Bookmark Management.
+ */
+public class JPAOAuthManagerTest extends TestCase {    
+    public static Log log = LogFactory.getLog(JPAOAuthManagerTest.class);
+
+    public void setUp() throws Exception {
+        
+        // setup weblogger
+        TestUtils.setupWeblogger();
+        
+        try {
+            TestUtils.endSession(true);
+        } catch (Exception ex) {
+            log.error(ex);
+            throw new Exception("Test setup failed", ex);
+        }
+    }
+    
+    public void tearDown() throws Exception {
+        
+        try {
+            TestUtils.endSession(true);
+        } catch (Exception ex) {
+            log.error("ERROR in tearDown", ex);
+            throw new Exception("Test teardown failed", ex);
+        }
+    }
+
+    public void testCRUD() throws Exception {
+        JPAOAuthManagerImpl omgr = (JPAOAuthManagerImpl)
+            WebloggerFactory.getWeblogger().getOAuthManager();
+
+        String consumerKey = "1111";
+        OAuthConsumer consumer = omgr.addConsumer("dummyusername", consumerKey);
+        TestUtils.endSession(true);
+
+        consumer = omgr.getConsumerByKey(consumer.consumerKey);
+        assertNotNull(consumer);
+        assertEquals(consumerKey, consumer.consumerKey);
+
+        OAuthAccessor accessor = new OAuthAccessor(consumer);
+        accessor.setProperty("userId", "dummyusername");
+        omgr.addAccessor(accessor);
+        TestUtils.endSession(true);
+
+        accessor = omgr.getAccessorByKey(consumerKey);
+        assertNotNull(accessor);
+
+        omgr.removeAccessor(accessor);
+        TestUtils.endSession(true);
+        assertNull(omgr.getAccessorByKey(consumerKey));
+
+        omgr.removeConsumer(consumer);
+        TestUtils.endSession(true);
+        assertNull(omgr.getConsumerByKey(consumerKey));
+    }
+}



Mime
View raw message