org.apache.shindig.auth
Class BlobCrypterSecurityToken
java.lang.Object
org.apache.shindig.auth.AbstractSecurityToken
org.apache.shindig.auth.BlobCrypterSecurityToken
- All Implemented Interfaces:
- SecurityToken
public class BlobCrypterSecurityToken
- extends AbstractSecurityToken
- implements SecurityToken
Authentication based on a provided BlobCrypter.
Wire format is "<container>:<encrypted-and-signed-token>"
Container is included so different containers can use different security tokens if necessary.
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
MAX_TOKEN_LIFETIME_SECS
protected static final int MAX_TOKEN_LIFETIME_SECS
- See Also:
- Constant Field Values
OWNER_KEY
protected static final String OWNER_KEY
- See Also:
- Constant Field Values
VIEWER_KEY
protected static final String VIEWER_KEY
- See Also:
- Constant Field Values
GADGET_KEY
protected static final String GADGET_KEY
- See Also:
- Constant Field Values
GADGET_INSTANCE_KEY
protected static final String GADGET_INSTANCE_KEY
- See Also:
- Constant Field Values
TRUSTED_JSON_KEY
protected static final String TRUSTED_JSON_KEY
- See Also:
- Constant Field Values
EXPIRES_KEY
protected static final String EXPIRES_KEY
- See Also:
- Constant Field Values
GROUP_CONTEXT_KEY
protected static final String GROUP_CONTEXT_KEY
- See Also:
- Constant Field Values
crypter
protected final BlobCrypter crypter
container
protected final String container
domain
protected final String domain
ownerId
protected String ownerId
viewerId
protected String viewerId
appUrl
protected String appUrl
moduleId
protected long moduleId
expiresAt
protected Long expiresAt
groupContext
protected String groupContext
trustedJson
protected String trustedJson
activeUrl
protected String activeUrl
BlobCrypterSecurityToken
public BlobCrypterSecurityToken(BlobCrypter crypter,
String container,
String domain)
- Create a new security token.
- Parameters:
crypter - used for encryption and signingcontainer - container that is issuing the tokendomain - domain to use for signed fetch with default signed fetch key.
setTokenValues
protected static void setTokenValues(BlobCrypterSecurityToken token,
Map<String,String> values)
encrypt
public String encrypt()
throws BlobCrypterException
- Encrypt and sign the token. The returned value is *not* web safe, it should be URL
encoded before being used as a form parameter.
- Throws:
BlobCrypterException
buildValuesMap
protected Map<String,String> buildValuesMap()
getAppId
public String getAppId()
- Specified by:
getAppId in interface SecurityToken
- Returns:
- the application id from the token, or null if there is none.
getAppUrl
public String getAppUrl()
- Specified by:
getAppUrl in interface SecurityToken
- Returns:
- the URL of the application
setAppUrl
public void setAppUrl(String appUrl)
getContainer
public String getContainer()
- Specified by:
getContainer in interface SecurityToken
- Returns:
- The container.
getDomain
public String getDomain()
- Specified by:
getDomain in interface SecurityToken
- Returns:
- the domain from the token, or null if there is none.
getModuleId
public long getModuleId()
- Specified by:
getModuleId in interface SecurityToken
- Returns:
- the module ID of the application
setModuleId
public void setModuleId(long moduleId)
getExpiresAt
public Long getExpiresAt()
- Specified by:
getExpiresAt in interface SecurityToken
- Returns:
- the timestamp that this token expires or null if unknown or indeterminate
setExpiresAt
public void setExpiresAt(Long expiresAt)
getOwnerId
public String getOwnerId()
- Specified by:
getOwnerId in interface SecurityToken
- Returns:
- the owner from the token, or null if there is none.
setOwnerId
public void setOwnerId(String ownerId)
getTrustedJson
public String getTrustedJson()
- Specified by:
getTrustedJson in interface SecurityToken
- Returns:
- a string formatted JSON object from the container, or null if there
is no JSON from the container.
setTrustedJson
public void setTrustedJson(String trustedJson)
getUpdatedToken
public String getUpdatedToken()
- Specified by:
getUpdatedToken in interface SecurityToken
- Returns:
- an updated version of the token to return to the gadget, or null
if there is no need to update the token.
getAuthenticationMode
public String getAuthenticationMode()
- Specified by:
getAuthenticationMode in interface SecurityToken
- Returns:
- the authentication mechanism used to generate this security token
- See Also:
AuthenticationMode
getViewerId
public String getViewerId()
- Specified by:
getViewerId in interface SecurityToken
- Returns:
- the viewer from the token, or null if there is none.
setViewerId
public void setViewerId(String viewerId)
isAnonymous
public boolean isAnonymous()
- Specified by:
isAnonymous in interface SecurityToken
- Returns:
- true if the token is for an anonymous viewer/owner
setActiveUrl
public void setActiveUrl(String activeUrl)
getActiveUrl
public String getActiveUrl()
- Specified by:
getActiveUrl in interface SecurityToken- Overrides:
getActiveUrl in class AbstractSecurityToken
- Returns:
- the URL being used by the current request
The returned URL must contain at least protocol, host, and port.
The returned URL may contain path or query parameters.
getGroupContext
public String getGroupContext()
- Returns:
- the groupContext
setGroupContext
public void setGroupContext(String groupContext)
- Parameters:
groupContext - the groupContext to set
Copyright © 2007-2012. All Rights Reserved.