roller-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From snoopd...@apache.org
Subject svn commit: r756572 - in /roller/trunk/apps/weblogger: src/java/org/apache/roller/weblogger/ui/struts2/core/ src/java/org/apache/roller/weblogger/webservices/oauth/ web/WEB-INF/classes/ web/WEB-INF/jsps/core/
Date Fri, 20 Mar 2009 16:22:25 GMT
Author: snoopdave
Date: Fri Mar 20 16:22:24 2009
New Revision: 756572

URL: http://svn.apache.org/viewvc?rev=756572&view=rev
Log:
- Another fix to authorization step after testing with Shindig as client
- Added display of OAuth URLs to OAuth keys page

Modified:
    roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/OAuthKeys.java
    roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
    roller/trunk/apps/weblogger/web/WEB-INF/classes/ApplicationResources.properties
    roller/trunk/apps/weblogger/web/WEB-INF/jsps/core/OAuthKeys.jsp

Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/OAuthKeys.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/OAuthKeys.java?rev=756572&r1=756571&r2=756572&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/OAuthKeys.java
(original)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/ui/struts2/core/OAuthKeys.java
Fri Mar 20 16:22:24 2009
@@ -96,4 +96,18 @@
     public OAuthConsumer getSiteWideConsumer() {
         return siteWideConsumer;
     }
+
+    public String getRequestTokenURL() {
+        return WebloggerFactory.getWeblogger().getUrlStrategy().getOAuthRequestTokenURL();
+    }
+
+    public String getAuthorizationURL() {
+        return WebloggerFactory.getWeblogger().getUrlStrategy().getOAuthAuthorizationURL();
+    }
+
+    public String getAccessTokenURL() {
+        return WebloggerFactory.getWeblogger().getUrlStrategy().getOAuthAccessTokenURL();
+    }
+
+
 }

Modified: roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java?rev=756572&r1=756571&r2=756572&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
(original)
+++ roller/trunk/apps/weblogger/src/java/org/apache/roller/weblogger/webservices/oauth/AuthorizationServlet.java
Fri Mar 20 16:22:24 2009
@@ -83,19 +83,24 @@
             OAuthManager omgr = WebloggerFactory.getWeblogger().getOAuthManager();
             OAuthAccessor accessor = omgr.getAccessor(requestMessage);
 
-            String requestUserId = request.getParameter("xoauth_requestor_id");
-            String consumerUserId = (String)accessor.consumer.getProperty("userId");
+            String userId = request.getParameter("userId");
+            if (userId == null) {
+                userId = request.getParameter("xoauth_requestor_id");
+            }
             
-            if (consumerUserId == null) {
+            if (userId == null) {
                 // no user associted with the key, must be site-wide key,
                 // so get user to login and do the authorization process
                 sendToAuthorizePage(request, response, accessor);
             
-            } else if (!consumerUserId.equals(requestUserId)) {
-                // user is associated with key, but request has wrong or no username
-                throw new ServletException("ERROR: invalid or unspecified userId");
-
             } else {
+
+                // if consumer key is for specific user, check username match
+                String consumerUserId = (String)accessor.consumer.getProperty("userId");
+                if (consumerUserId != null && !userId.equals(consumerUserId)) {
+                    throw new ServletException("ERROR: invalid or unspecified userId");
+                }
+
                 // set userId in accessor and mark it as authorized
                 omgr.markAsAuthorized(accessor, consumerUserId);
                 WebloggerFactory.getWeblogger().flush();

Modified: roller/trunk/apps/weblogger/web/WEB-INF/classes/ApplicationResources.properties
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/web/WEB-INF/classes/ApplicationResources.properties?rev=756572&r1=756571&r2=756572&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/web/WEB-INF/classes/ApplicationResources.properties (original)
+++ roller/trunk/apps/weblogger/web/WEB-INF/classes/ApplicationResources.properties Fri Mar
20 16:22:24 2009
@@ -1033,6 +1033,13 @@
 access accounts on this site. Users will still have to authenticate access \
 by logging in to Roller.
 
+oauthKeys.urls=OAuth URLs
+oauthKeys.urlsTip=These are the URLs that your weblog client will need to \
+perform OAuth authorization against Roller.
+oauthKeys.requestTokenURL=Request Token URL
+oauthKeys.authorizationURL=Authorization URL
+oauthKeys.accessTokenURL=Access Token URL
+
 
 oauthAuthorize.title=OAuth Authorization
 oauthAuthorize.description=Authorize OAuth access to user account <span>{0}</span>?
@@ -1040,8 +1047,6 @@
 oauthAuthorize.tip=A web site is asking to to access your account. Press \
 the button below to allow access or simply close this window to deny it.
 
-#oauthAuthorize.tip=The website '{0}' would like to access your account. Press \
-#the button below to allow this or simply close this window to deny access.
 
 # -------------------------------------------------------------- Page management
 

Modified: roller/trunk/apps/weblogger/web/WEB-INF/jsps/core/OAuthKeys.jsp
URL: http://svn.apache.org/viewvc/roller/trunk/apps/weblogger/web/WEB-INF/jsps/core/OAuthKeys.jsp?rev=756572&r1=756571&r2=756572&view=diff
==============================================================================
--- roller/trunk/apps/weblogger/web/WEB-INF/jsps/core/OAuthKeys.jsp (original)
+++ roller/trunk/apps/weblogger/web/WEB-INF/jsps/core/OAuthKeys.jsp Fri Mar 20 16:22:24 2009
@@ -32,11 +32,11 @@
 
 <p><s:text name="oauthKeys.userKeysTip" /></p>
 
-<p><b><s:text name="oauthKeys.consumerKey" /></b>:
-    <s:property value="userConsumer.consumerKey" /></p>
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.consumerKey" /></b>:
+        <s:property value="userConsumer.consumerKey" /></p>
 
-<p><b><s:text name="oauthKeys.consumerSecret" /></b>:
-    <s:property value="userConsumer.consumerSecret" /></p>
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.consumerSecret"
/></b>:
+        <s:property value="userConsumer.consumerSecret" /></p>
 
 
 <s:if test="siteWideConsumer">
@@ -45,10 +45,28 @@
 
 <p><s:text name="oauthKeys.siteWideKeysTip" /></p>
 
-<p><b><s:text name="oauthKeys.consumerKey" /></b>:
-    <s:property value="siteWideConsumer.consumerKey" /></p>
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.consumerKey" /></b>:
+        <s:property value="siteWideConsumer.consumerKey" /></p>
+
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.consumerSecret"
/></b>:
+        <s:property value="siteWideConsumer.consumerSecret" /></p>
+
+</s:if>
+
+
+<h2><s:text name="oauthKeys.urls" /></h2>
+
+<p><s:text name="oauthKeys.urlsTip" /></p>
+
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.requestTokenURL"
/></b>:
+        <s:property value="requestTokenURL" /></p>
+
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.authorizationURL"
/></b>:
+        <s:property value="authorizationURL" /></p>
+
+    <p style="margin-left:2em"><b><s:text name="oauthKeys.accessTokenURL"
/></b>:
+        <s:property value="accessTokenURL" /></p>
+
+
 
-<p><b><s:text name="oauthKeys.consumerSecret" /></b>:
-    <s:property value="siteWideConsumer.consumerSecret" /></p>
 
-</s:if>
\ No newline at end of file



Mime
View raw message