Review Board 1.7.22


Allow ContainerConfig stack to load property values from external resources and update BlobCrypterSecurityTokenCodec to use this new feature.

Review Request #2824 - Created Nov. 14, 2011 and submitted

Jesse Ciancetta
shindig-1660
Reviewers
shindig
shindig
Update the ContainerConfig stack to allow for res://some-resource.txt and file:///some-file.txt style values in container.js and automatically resolve these references during initialization. This allows us to refactor BlobCrypterSecurityTokenCodec to expect to be given the actual encryption key rather than a key or resource pointer as it does currently.

This also opens the door for this functionality to be used for other configuration which we'd like to load from external files (which should be useful for third party implementers).
Updated/added tests.  Ran build, verified unit tests and tested common container.
http://svn.apache.org/repos/asf/shindig/trunk/config/container.js
Revision 1201745 New Change
[20] 41 lines
[+20]
42
// NOTE: Please _don't_ leave trailing commas because the php json parser
42
// NOTE: Please _don't_ leave trailing commas because the php json parser
43
// errors out on this.
43
// errors out on this.
44

    
   
44

   
45
// Container must be an array; this allows multiple containers
45
// Container must be an array; this allows multiple containers
46
// to share configuration.
46
// to share configuration.

    
   
47

   

    
   
48
// Note that you can embed values directly or you can choose to have values read from a file on disk

    
   
49
// or read from the classpath ("foo-key" : "file:///foo-file.txt" || "foo-key" : "res://foo-file.txt")
47
// TODO: Move out accel container config into a separate accel.js file.
50
// TODO: Move out accel container config into a separate accel.js file.
48
{"gadgets.container" : ["default", "accel"],
51
{"gadgets.container" : ["default", "accel"],
49

    
   
52

   
50
// Set of regular expressions to validate the parent parameter. This is
53
// Set of regular expressions to validate the parent parameter. This is
51
// necessary to support situations where you want a single container to support
54
// necessary to support situations where you want a single container to support
[+20] [20] 34 lines
[+20]
86
"gadgets.uri.js.path" : "${CONTEXT_ROOT}/gadgets/js",
89
"gadgets.uri.js.path" : "${CONTEXT_ROOT}/gadgets/js",
87

    
   
90

   
88
// Callback URL.  Scheme relative URL for easy switch between https/http.
91
// Callback URL.  Scheme relative URL for easy switch between https/http.
89
"gadgets.uri.oauth.callbackTemplate" : "//%host%${CONTEXT_ROOT}/gadgets/oauthcallback",
92
"gadgets.uri.oauth.callbackTemplate" : "//%host%${CONTEXT_ROOT}/gadgets/oauthcallback",
90

    
   
93

   
91
// Use an insecure security token by default

   
92
"gadgets.securityTokenType" : "insecure",

   
93

    
   

   
94
// Config param to load Opensocial data for social
94
// Config param to load Opensocial data for social
95
// preloads in data pipelining.  %host% will be
95
// preloads in data pipelining.  %host% will be
96
// substituted with the current host.
96
// substituted with the current host.
97
"gadgets.osDataUri" : "http://%host%${CONTEXT_ROOT}/rpc",
97
"gadgets.osDataUri" : "http://%host%${CONTEXT_ROOT}/rpc",
98

    
   
98

   
99
// Uncomment these to switch to a secure version. If both a key file and key are provided, the key
99
// Use an insecure security token by default
100
// will take precedence; thus, to use a key file, you must explicitly not provide a key. The
100
"gadgets.securityTokenType" : "insecure",
101
// best way to generate a key is to do something like this:
101

   

    
   
102
// Uncomment the securityTokenType and one of the securityTokenKey's to switch to a secure version.

    
   
103
// Note that you can choose to use an embedded key, a filesystem reference or a classpath reference.

    
   
104
// The best way to generate a key is to do something like this:
102
// dd if=/dev/random bs=32 count=1 | openssl base64
105
// dd if=/dev/random bs=32 count=1 | openssl base64
103
//
106
//
104
// "gadgets.securityTokenType" : "secure",
107
//"gadgets.securityTokenType" : "secure",
105
// "gadgets.securityTokenKeyFile" : "/path/to/key/file.txt",
108
//"gadgets.securityTokenKey" : "default-insecure-embedded-key",
106
// "gadgets.securityTokenKey" : "",
109
//"gadgets.securityTokenKey" : "file:///path/to/key/file.txt",

    
   
110
//"gadgets.securityTokenKey" : "res://some-file-on-the-classpath.txt",
107

    
   
111

   
108
// OS 2.0 Gadget DOCTYPE: used in Gadgets with @specificationVersion 2.0 or greater and
112
// OS 2.0 Gadget DOCTYPE: used in Gadgets with @specificationVersion 2.0 or greater and
109
// quirksmode on Gadget has not been set.
113
// quirksmode on Gadget has not been set.
110
"gadgets.doctype_qname" : "HTML",  //HTML5 doctype
114
"gadgets.doctype_qname" : "HTML",  //HTML5 doctype
111
"gadgets.doctype_pubid" : "",
115
"gadgets.doctype_pubid" : "",
[+20] [20] 203 lines
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/util/ResourceLoader.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/config/JsonContainerConfigLoader.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/config/JsonContainerConfigLoaderTest.java
Revision 1201745 New Change
 
http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/resources/classpath-accessible-test-file.txt
New File
 
  1. http://svn.apache.org/repos/asf/shindig/trunk/config/container.js: Loading...
  2. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodec.java: Loading...
  3. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/auth/DefaultSecurityTokenCodec.java: Loading...
  4. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/common/util/ResourceLoader.java: Loading...
  5. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/main/java/org/apache/shindig/config/JsonContainerConfigLoader.java: Loading...
  6. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/BlobCrypterSecurityTokenCodecTest.java: Loading...
  7. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/auth/DefaultSecurityTokenCodecTest.java: Loading...
  8. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/java/org/apache/shindig/config/JsonContainerConfigLoaderTest.java: Loading...
  9. http://svn.apache.org/repos/asf/shindig/trunk/java/common/src/test/resources/classpath-accessible-test-file.txt: Loading...