org.apache.shindig.auth
Class DefaultSecurityTokenCodec
java.lang.Object
org.apache.shindig.auth.DefaultSecurityTokenCodec
- All Implemented Interfaces:
- SecurityTokenCodec
public class DefaultSecurityTokenCodec
- extends Object
- implements SecurityTokenCodec
Default implementation of security tokens. Decides based on default container
configuration whether to use real crypto for security tokens or to use a
simple insecure implementation that is useful for testing.
Example configuration in container.js for insecure security tokens:
gadgets.securityTokenType = insecure
Example configuration in container.js for blob crypter based security tokens:
gadgets.securityTokenType = secure
The insecure implementation is BasicSecurityTokenCodec.
The secure implementation is BlobCrypterSecurityTokenCodec.
- Since:
- 2.0.0
| Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
DefaultSecurityTokenCodec
@Inject
public DefaultSecurityTokenCodec(@Nullable
String port,
ContainerConfig config)
createToken
public SecurityToken createToken(Map<String,String> tokenParameters)
throws SecurityTokenException
- Description copied from interface:
SecurityTokenCodec
- Decrypts and verifies a gadget security token to return a gadget token.
- Specified by:
createToken in interface SecurityTokenCodec
- Parameters:
tokenParameters - Map containing a entry 'token' in wire format (probably encrypted.)
- Returns:
- the decrypted and verified token.
- Throws:
SecurityTokenException - If tokenString is not a valid token
encodeToken
public String encodeToken(SecurityToken token)
throws SecurityTokenException
- Specified by:
encodeToken in interface SecurityTokenCodec
- Throws:
SecurityTokenException
Copyright © 2007-2012. All Rights Reserved.