/**
* Copyright (C) 2009 eXo Platform SAS.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.exoplatform.portal.gadget.core;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.shindig.auth.AnonymousAuthenticationHandler;
import org.apache.shindig.common.crypto.BlobCrypter;
import org.apache.shindig.common.util.ResourceLoader;
import org.apache.shindig.config.ContainerConfig;
import org.apache.shindig.gadgets.oauth.BasicOAuthStore;
import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret;
import org.apache.shindig.gadgets.oauth.BasicOAuthStoreConsumerKeyAndSecret.KeyType;
import org.apache.shindig.gadgets.oauth.OAuthFetcherConfig;
import org.apache.shindig.gadgets.oauth.OAuthModule;
import org.apache.shindig.gadgets.oauth.OAuthRequest;
import org.apache.shindig.gadgets.oauth.OAuthStore;
import org.exoplatform.services.log.ExoLogger;
import org.exoplatform.services.log.Log;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import com.google.inject.name.Names;
/**
* Created by IntelliJ IDEA. User: jeremi Date: Jan 9, 2009 Time: 10:45:57 AM To change this template use File | Settings | File
* Templates.
*/
public class ExoOAuthModule extends OAuthModule {
public static final String SIGNING_KEY_FILE = "gadgets.signingKeyFile";
private static final String SIGNING_KEY_NAME = "gadgets.signingKeyName";
private static final String CALLBACK_URL = "gadgets.signing.global-callback-url";
private static final String OAUTH_CONFIG = "config/oauth.json";
private static final Log log = ExoLogger.getLogger(OAuthModule.class);;
@Override
protected void configure() {
// Used for encrypting client-side OAuth state.
bind(BlobCrypter.class).annotatedWith(Names.named(OAuthFetcherConfig.OAUTH_STATE_CRYPTER)).toProvider(
OAuthCrypterProvider.class);
// Used for persistent storage of OAuth access tokens.
bind(OAuthStore.class).toProvider(ExoOAuthStoreProvider.class);
bind(OAuthRequest.class).toProvider(OAuthRequestProvider.class);
// TODO: tung.dang add some missing implement
bind(Boolean.class).annotatedWith(Names.named(AnonymousAuthenticationHandler.ALLOW_UNAUTHENTICATED)).toInstance(
Boolean.TRUE);
}
@Singleton
public static class ExoOAuthStoreProvider implements Provider<OAuthStore> {
private final ExoOAuthStore store;
@Inject
public ExoOAuthStoreProvider(ContainerConfig config) {
store = new ExoOAuthStore();
String signingKeyFile = config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_FILE);
String signingKeyName = config.getString(ContainerConfig.DEFAULT_CONTAINER, SIGNING_KEY_NAME);
loadDefaultKey(signingKeyFile, signingKeyName);
String defaultCallbackUrl = config.getString(ContainerConfig.DEFAULT_CONTAINER, CALLBACK_URL);
store.setDefaultCallbackUrl(defaultCallbackUrl);
loadConsumers();
}
private void loadDefaultKey(String signingKeyFile, String signingKeyName) {
BasicOAuthStoreConsumerKeyAndSecret key = null;
if (!StringUtils.isBlank(signingKeyFile)) {
try {
log.info("Loading OAuth signing key from " + signingKeyFile);
String privateKey = IOUtils.toString(ResourceLoader.open(signingKeyFile), "UTF-8");
privateKey = BasicOAuthStore.convertFromOpenSsl(privateKey);
key = new BasicOAuthStoreConsumerKeyAndSecret(null, privateKey, KeyType.RSA_PRIVATE, signingKeyName, null);
} catch (Throwable t) {
log.warn("Couldn't load key file " + signingKeyFile);
}
}
if (key != null) {
store.setDefaultKey(key);
} else {
log.warn("Couldn't load OAuth signing key. To create a key, run:\n"
+ " openssl req -newkey rsa:1024 -days 365 -nodes -x509 -keyout testkey.pem \\\n"
+ " -out testkey.pem -subj '/CN=mytestkey'\n"
+ " openssl pkcs8 -in testkey.pem -out oauthkey.pem -topk8 -nocrypt -outform PEM\n" + '\n'
+ "Then edit gadgets.properties and add these lines:\n" + SIGNING_KEY_FILE
+ "=<path-to-oauthkey.pem>\n");
}
}
private void loadConsumers() {
try {
GateInContainerConfigLoader currentLoader = GateInGuiceServletContextListener.getCurrentLoader();
String oauthConfigString = currentLoader.loadContentAsString(OAUTH_CONFIG, "UTF-8");
store.initFromConfigString(oauthConfigString);
} catch (Throwable t) {
log.warn("Failed to initialize OAuth consumers from " + OAUTH_CONFIG, t);
}
}
public OAuthStore get() {
return store;
}
}
}