/* vim: set ts=2 et sw=2 cindent fo=qroca: */
package com.globant.katari.gadgetcontainer.application;
import static org.slf4j.LoggerFactory.getLogger;
import org.apache.commons.lang.Validate;
import org.apache.shindig.auth.BlobCrypterSecurityToken;
import org.apache.shindig.common.crypto.BlobCrypter;
import org.apache.shindig.common.crypto.BlobCrypterException;
import org.slf4j.Logger;
import com.globant.katari.gadgetcontainer.Utils;
import com.globant.katari.gadgetcontainer.domain.GadgetInstance;
/**
* Implementation of token service thay provides an strong encryption.
*
* @author waabox (emiliano[dot]arango[at]globant[dot]com)
*
*/
public class TokenService {
/** The class logger.
*/
private final Logger log = getLogger(TokenService.class);
/** The crypt implementation.
*/
private final BlobCrypter crypter;
/** The os container name.
*/
private final String container;
/** The os domain name.
*/
private final String domain;
/** Constructor.
*
* @param blobCrypter the object who crypt the token. It can not be null
* @param containerName the cotnainer name defined in the OS container. Can
* not be null.
*
* @param containerDomain the container name defined in the OS container.
* Can not be null.
*/
public TokenService(final BlobCrypter blobCrypter,
final String containerName, final String containerDomain) {
Validate.notNull(blobCrypter);
Validate.notEmpty(containerName);
Validate.notEmpty(containerDomain);
crypter = blobCrypter;
container = containerName;
domain = containerDomain;
}
/** Creates a new security token encrypted with the strong implementation
* define in katari-shindig.
*
* {@inheritDoc}
*/
public String createSecurityToken(final long viewerId, final long ownerId,
final GadgetInstance gadgetInstance) {
BlobCrypterSecurityToken token = new BlobCrypterSecurityToken(
crypter, container, domain);
token.setActiveUrl(gadgetInstance.getUrl());
token.setAppUrl(gadgetInstance.getUrl());
token.setModuleId(0L);
token.setOwnerId(Long.toString(ownerId));
token.setViewerId(Long.toString(viewerId));
token.setTrustedJson("trusted");
String cryptedToken;
try {
cryptedToken = Utils.urlEncode(token.encrypt());
log.debug("generated new security token: " + cryptedToken);
return cryptedToken;
} catch (BlobCrypterException e) {
throw new RuntimeException(e);
}
}
}