org.apache.shindig.auth

Class BlobCrypterSecurityToken

java.lang.Object

org.apache.shindig.auth.AbstractSecurityToken

org.apache.shindig.auth.BlobCrypterSecurityToken

All Implemented Interfaces:

SecurityToken

public class BlobCrypterSecurityToken
extends AbstractSecurityToken

Authentication based on a provided BlobCrypter. Wire format is "<container>:<encrypted-and-signed-token>" Container is included so different containers can use different security tokens if necessary.

Nested Class Summary

Nested classes/interfaces inherited from class org.apache.shindig.auth.AbstractSecurityToken

AbstractSecurityToken.Keys

Field Summary

Fields inherited from class org.apache.shindig.auth.AbstractSecurityToken

DEFAULT_MAX_TOKEN_TTL

Constructor Summary

Constructors

Constructor and Description
BlobCrypterSecurityToken(String container, String domain, String activeUrl, Map<String,String> values) Create a new security token.

Method Summary

Methods

Modifier and Type	Method and Description
static BlobCrypterSecurityToken	fromToken(SecurityToken token)
String	getAppId()
String	getAuthenticationMode()
protected EnumSet<AbstractSecurityToken.Keys>	getMapKeys() This method will govern the effectiveness of the protected AbstractSecurityToken.toMap() and #loadFromMap(SecurityToken, Map) helper methods.
String	getUpdatedToken()
boolean	isAnonymous()

Methods inherited from class org.apache.shindig.auth.AbstractSecurityToken

enforceNotExpired, getActiveUrl, getAppUrl, getContainer, getDomain, getExpiresAt, getMaxTokenTTL, getModuleId, getOwnerId, getTimeSource, getTrustedJson, getViewerId, isExpired, loadFromMap, setActiveUrl, setAppId, setAppUrl, setContainer, setDomain, setExpires, setExpires, setExpiresAt, setModuleId, setOwnerId, setTimeSource, setTrustedJson, setViewerId, toMap

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

BlobCrypterSecurityToken

public BlobCrypterSecurityToken(String container,
                        String domain,
                        String activeUrl,
                        Map<String,String> values)

Create a new security token.

Parameters:

container - container that is issuing the token

domain - domain to use for signed fetch with default signed fetch key.

activeUrl -

values - Other values to init into the token.

Method Detail

getUpdatedToken

public String getUpdatedToken()

Returns:

an updated version of the token to return to the gadget, or null if there is no need to update the token.

getAuthenticationMode

public String getAuthenticationMode()

Returns:

the authentication mechanism used to generate this security token

See Also:

AuthenticationMode

isAnonymous

public boolean isAnonymous()

Returns:

true if the token is for an anonymous viewer/owner

getAppId

public String getAppId()

Specified by:

getAppId in interface SecurityToken

Overrides:

getAppId in class AbstractSecurityToken

Returns:

the application id from the token, or null if there is none.

getMapKeys

protected EnumSet<AbstractSecurityToken.Keys> getMapKeys()

Description copied from class: AbstractSecurityToken

This method will govern the effectiveness of the protected AbstractSecurityToken.toMap() and #loadFromMap(SecurityToken, Map) helper methods.

If your implementation throws an exception on any of the get methods, you should not include the associated key here, and those values should be handled in an overridden implementation of AbstractSecurityToken.toMap() if they might contain useful information.

Specified by:

getMapKeys in class AbstractSecurityToken

Returns:

An EnumSet of the Enums supported by the implementation of this AbstractSecurityToken.

fromToken

public static BlobCrypterSecurityToken fromToken(SecurityToken token)