001
014
015 package com.liferay.taglib.security;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.Http;
020 import com.liferay.portal.kernel.util.HttpUtil;
021 import com.liferay.portal.kernel.util.StringBundler;
022 import com.liferay.portal.kernel.util.StringPool;
023 import com.liferay.portal.kernel.util.StringUtil;
024 import com.liferay.portal.kernel.util.Validator;
025 import com.liferay.portal.model.Company;
026 import com.liferay.portal.util.PortalUtil;
027 import com.liferay.util.Encryptor;
028 import com.liferay.util.EncryptorException;
029
030 import java.security.Key;
031
032 import java.util.HashSet;
033 import java.util.Set;
034 import java.util.StringTokenizer;
035
036 import javax.servlet.http.HttpServletRequest;
037 import javax.servlet.jsp.JspException;
038 import javax.servlet.jsp.tagext.TagSupport;
039
040
043 public class EncryptTag extends TagSupport {
044
045 public int doStartTag() throws JspException {
046 try {
047 StringBundler sb = new StringBundler();
048
049
050
051 sb.append("<a ");
052
053
054
055 if (Validator.isNotNull(_className)) {
056 sb.append("class=\"");
057 sb.append(_className);
058 sb.append("\" ");
059 }
060
061
062
063 sb.append("href=\"");
064 sb.append(_protocol);
065 sb.append(Http.PROTOCOL_DELIMITER);
066
067 int pos = _url.indexOf(StringPool.QUESTION);
068
069 if (pos == -1) {
070 sb.append(_url);
071 }
072 else {
073 sb.append(_url.substring(0, pos));
074 sb.append(StringPool.QUESTION);
075
076 Company company = PortalUtil.getCompany(
077 (HttpServletRequest)pageContext.getRequest());
078
079 Key key = company.getKeyObj();
080
081 StringTokenizer st = new StringTokenizer(
082 _url.substring(pos + 1, _url.length()),
083 StringPool.AMPERSAND);
084
085 while (st.hasMoreTokens()) {
086 String paramAndValue = st.nextToken();
087
088 int x = paramAndValue.indexOf(StringPool.EQUAL);
089
090 String param = paramAndValue.substring(0, x);
091 String value = paramAndValue.substring(
092 x + 1, paramAndValue.length());
093
094 sb.append(param).append(StringPool.EQUAL);
095
096 if (_unencryptedParamsSet.contains(param)) {
097 sb.append(HttpUtil.encodeURL(value));
098 }
099 else {
100 try {
101 sb.append(HttpUtil.encodeURL(
102 Encryptor.encrypt(key, value)));
103 }
104 catch (EncryptorException ee) {
105 _log.error(ee.getMessage());
106 }
107
108 if (st.hasMoreTokens()) {
109 sb.append(StringPool.AMPERSAND);
110 }
111 }
112 }
113
114 sb.append("&shuo=1");
115 }
116
117 sb.append("\" ");
118
119
120
121 if (Validator.isNotNull(_style)) {
122 sb.append("style=\"");
123 sb.append(_style);
124 sb.append("\" ");
125 }
126
127
128
129 if (Validator.isNotNull(_target)) {
130 sb.append("target=\"" + _target + "\"");
131 }
132
133
134
135 sb.append(">");
136
137 pageContext.getOut().print(sb.toString());
138
139 return EVAL_BODY_INCLUDE;
140 }
141 catch (Exception e) {
142 throw new JspException(e);
143 }
144 }
145
146 public int doEndTag() throws JspException {
147 try {
148 pageContext.getOut().print("</a>");
149
150 return EVAL_PAGE;
151 }
152 catch (Exception e) {
153 throw new JspException(e);
154 }
155 }
156
157 public void setClassName(String className) {
158 _className = className;
159 }
160
161 public void setStyle(String style) {
162 _style = style;
163 }
164
165 public void setProtocol(String protocol) {
166 _protocol = protocol;
167 }
168
169 public void setUnencryptedParams(String unencryptedParams) {
170 _unencryptedParamsSet.clear();
171
172 String[] unencryptedParamsArray = StringUtil.split(unencryptedParams);
173
174 for (int i = 0; i < unencryptedParamsArray.length; i++) {
175 _unencryptedParamsSet.add(unencryptedParamsArray[i]);
176 }
177 }
178
179 public void setUrl(String url) {
180 _url = url;
181 }
182
183 public void setTarget(String target) {
184 _target = target;
185 }
186
187 private static Log _log = LogFactoryUtil.getLog(EncryptTag.class);
188
189 private String _className;
190 private String _style;
191 private String _protocol;
192 private Set<String> _unencryptedParamsSet = new HashSet<String>();
193 private String _url;
194 private String _target;
195
196 }