001
014
015 package com.liferay.taglib.security;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.CharPool;
020 import com.liferay.portal.kernel.util.Http;
021 import com.liferay.portal.kernel.util.HttpUtil;
022 import com.liferay.portal.kernel.util.StringBundler;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.StringUtil;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.model.Company;
027 import com.liferay.portal.util.PortalUtil;
028 import com.liferay.util.Encryptor;
029 import com.liferay.util.EncryptorException;
030
031 import java.security.Key;
032
033 import java.util.HashSet;
034 import java.util.Set;
035 import java.util.StringTokenizer;
036
037 import javax.servlet.http.HttpServletRequest;
038 import javax.servlet.jsp.JspException;
039 import javax.servlet.jsp.JspWriter;
040 import javax.servlet.jsp.tagext.TagSupport;
041
042
045 public class EncryptTag extends TagSupport {
046
047 @Override
048 public int doStartTag() throws JspException {
049 try {
050 StringBundler sb = new StringBundler();
051
052
053
054 sb.append("<a ");
055
056
057
058 if (Validator.isNotNull(_className)) {
059 sb.append("class=\"");
060 sb.append(_className);
061 sb.append("\" ");
062 }
063
064
065
066 sb.append("href=\"");
067 sb.append(_protocol);
068 sb.append(Http.PROTOCOL_DELIMITER);
069
070 int pos = _url.indexOf(CharPool.QUESTION);
071
072 if (pos == -1) {
073 sb.append(_url);
074 }
075 else {
076 sb.append(_url.substring(0, pos));
077 sb.append(StringPool.QUESTION);
078
079 Company company = PortalUtil.getCompany(
080 (HttpServletRequest)pageContext.getRequest());
081
082 Key key = company.getKeyObj();
083
084 StringTokenizer st = new StringTokenizer(
085 _url.substring(pos + 1, _url.length()),
086 StringPool.AMPERSAND);
087
088 while (st.hasMoreTokens()) {
089 String paramAndValue = st.nextToken();
090
091 int x = paramAndValue.indexOf(CharPool.EQUAL);
092
093 String param = paramAndValue.substring(0, x);
094 String value = paramAndValue.substring(
095 x + 1, paramAndValue.length());
096
097 sb.append(param).append(StringPool.EQUAL);
098
099 if (_unencryptedParamsSet.contains(param)) {
100 sb.append(HttpUtil.encodeURL(value));
101 }
102 else {
103 try {
104 sb.append(HttpUtil.encodeURL(
105 Encryptor.encrypt(key, value)));
106 }
107 catch (EncryptorException ee) {
108 _log.error(ee.getMessage());
109 }
110
111 if (st.hasMoreTokens()) {
112 sb.append(StringPool.AMPERSAND);
113 }
114 }
115 }
116
117 sb.append("&shuo=1");
118 }
119
120 sb.append("\" ");
121
122
123
124 if (Validator.isNotNull(_style)) {
125 sb.append("style=\"");
126 sb.append(_style);
127 sb.append("\" ");
128 }
129
130
131
132 if (Validator.isNotNull(_target)) {
133 sb.append("target=\"" + _target + "\"");
134 }
135
136
137
138 sb.append(">");
139
140 JspWriter jspWriter = pageContext.getOut();
141
142 jspWriter.write(sb.toString());
143
144 return EVAL_BODY_INCLUDE;
145 }
146 catch (Exception e) {
147 throw new JspException(e);
148 }
149 }
150
151 @Override
152 public int doEndTag() throws JspException {
153 try {
154 JspWriter jspWriter = pageContext.getOut();
155
156 jspWriter.write("</a>");
157
158 return EVAL_PAGE;
159 }
160 catch (Exception e) {
161 throw new JspException(e);
162 }
163 }
164
165 public void setClassName(String className) {
166 _className = className;
167 }
168
169 public void setStyle(String style) {
170 _style = style;
171 }
172
173 public void setProtocol(String protocol) {
174 _protocol = protocol;
175 }
176
177 public void setUnencryptedParams(String unencryptedParams) {
178 _unencryptedParamsSet.clear();
179
180 String[] unencryptedParamsArray = StringUtil.split(unencryptedParams);
181
182 for (int i = 0; i < unencryptedParamsArray.length; i++) {
183 _unencryptedParamsSet.add(unencryptedParamsArray[i]);
184 }
185 }
186
187 public void setUrl(String url) {
188 _url = url;
189 }
190
191 public void setTarget(String target) {
192 _target = target;
193 }
194
195 private static Log _log = LogFactoryUtil.getLog(EncryptTag.class);
196
197 private String _className;
198 private String _style;
199 private String _protocol;
200 private Set<String> _unencryptedParamsSet = new HashSet<String>();
201 private String _url;
202 private String _target;
203
204 }