001
014
015 package com.liferay.taglib.security;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.CharPool;
020 import com.liferay.portal.kernel.util.Http;
021 import com.liferay.portal.kernel.util.HttpUtil;
022 import com.liferay.portal.kernel.util.StringBundler;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.StringUtil;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.model.Company;
027 import com.liferay.portal.util.PortalUtil;
028 import com.liferay.util.Encryptor;
029 import com.liferay.util.EncryptorException;
030
031 import java.security.Key;
032
033 import java.util.HashSet;
034 import java.util.Set;
035 import java.util.StringTokenizer;
036
037 import javax.servlet.http.HttpServletRequest;
038 import javax.servlet.jsp.JspException;
039 import javax.servlet.jsp.JspWriter;
040 import javax.servlet.jsp.tagext.TagSupport;
041
042
045 public class EncryptTag extends TagSupport {
046
047 @Override
048 public int doEndTag() throws JspException {
049 try {
050 JspWriter jspWriter = pageContext.getOut();
051
052 jspWriter.write("</a>");
053
054 return EVAL_PAGE;
055 }
056 catch (Exception e) {
057 throw new JspException(e);
058 }
059 }
060
061 @Override
062 public int doStartTag() throws JspException {
063 try {
064 StringBundler sb = new StringBundler();
065
066
067
068 sb.append("<a ");
069
070
071
072 if (Validator.isNotNull(_className)) {
073 sb.append("class=\"");
074 sb.append(_className);
075 sb.append("\" ");
076 }
077
078
079
080 sb.append("href=\"");
081 sb.append(_protocol);
082 sb.append(Http.PROTOCOL_DELIMITER);
083
084 int pos = _url.indexOf(CharPool.QUESTION);
085
086 if (pos == -1) {
087 sb.append(_url);
088 }
089 else {
090 sb.append(_url.substring(0, pos));
091 sb.append(StringPool.QUESTION);
092
093 Company company = PortalUtil.getCompany(
094 (HttpServletRequest)pageContext.getRequest());
095
096 Key key = company.getKeyObj();
097
098 StringTokenizer st = new StringTokenizer(
099 _url.substring(pos + 1, _url.length()),
100 StringPool.AMPERSAND);
101
102 while (st.hasMoreTokens()) {
103 String paramAndValue = st.nextToken();
104
105 int x = paramAndValue.indexOf(CharPool.EQUAL);
106
107 String param = paramAndValue.substring(0, x);
108 String value = paramAndValue.substring(x + 1);
109
110 sb.append(param).append(StringPool.EQUAL);
111
112 if (_unencryptedParamsSet.contains(param)) {
113 sb.append(HttpUtil.encodeURL(value));
114 }
115 else {
116 try {
117 sb.append(
118 HttpUtil.encodeURL(
119 Encryptor.encrypt(key, value)));
120 }
121 catch (EncryptorException ee) {
122 _log.error(ee.getMessage());
123 }
124
125 if (st.hasMoreTokens()) {
126 sb.append(StringPool.AMPERSAND);
127 }
128 }
129 }
130
131 sb.append("&shuo=1");
132 }
133
134 sb.append("\" ");
135
136
137
138 if (Validator.isNotNull(_style)) {
139 sb.append("style=\"");
140 sb.append(_style);
141 sb.append("\" ");
142 }
143
144
145
146 if (Validator.isNotNull(_target)) {
147 sb.append("target=\"" + _target + "\"");
148 }
149
150
151
152 sb.append(">");
153
154 JspWriter jspWriter = pageContext.getOut();
155
156 jspWriter.write(sb.toString());
157
158 return EVAL_BODY_INCLUDE;
159 }
160 catch (Exception e) {
161 throw new JspException(e);
162 }
163 }
164
165 public void setClassName(String className) {
166 _className = className;
167 }
168
169 public void setProtocol(String protocol) {
170 _protocol = protocol;
171 }
172
173 public void setStyle(String style) {
174 _style = style;
175 }
176
177 public void setTarget(String target) {
178 _target = target;
179 }
180
181 public void setUnencryptedParams(String unencryptedParams) {
182 _unencryptedParamsSet.clear();
183
184 String[] unencryptedParamsArray = StringUtil.split(unencryptedParams);
185
186 for (int i = 0; i < unencryptedParamsArray.length; i++) {
187 _unencryptedParamsSet.add(unencryptedParamsArray[i]);
188 }
189 }
190
191 public void setUrl(String url) {
192 _url = url;
193 }
194
195 private static Log _log = LogFactoryUtil.getLog(EncryptTag.class);
196
197 private String _className;
198 private String _protocol;
199 private String _style;
200 private String _target;
201 private Set<String> _unencryptedParamsSet = new HashSet<String>();
202 private String _url;
203
204 }