1
14
15 package com.liferay.taglib.security;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.util.CharPool;
20 import com.liferay.portal.kernel.util.Http;
21 import com.liferay.portal.kernel.util.HttpUtil;
22 import com.liferay.portal.kernel.util.StringBundler;
23 import com.liferay.portal.kernel.util.StringPool;
24 import com.liferay.portal.kernel.util.StringUtil;
25 import com.liferay.portal.kernel.util.Validator;
26 import com.liferay.portal.model.Company;
27 import com.liferay.portal.util.PortalUtil;
28 import com.liferay.util.Encryptor;
29 import com.liferay.util.EncryptorException;
30
31 import java.security.Key;
32
33 import java.util.HashSet;
34 import java.util.Set;
35 import java.util.StringTokenizer;
36
37 import javax.servlet.http.HttpServletRequest;
38 import javax.servlet.jsp.JspException;
39 import javax.servlet.jsp.tagext.TagSupport;
40
41
46 public class EncryptTag extends TagSupport {
47
48 public int doStartTag() throws JspException {
49 try {
50 StringBundler sb = new StringBundler();
51
52
54 sb.append("<a ");
55
56
58 if (Validator.isNotNull(_className)) {
59 sb.append("class=\"");
60 sb.append(_className);
61 sb.append("\" ");
62 }
63
64
66 sb.append("href=\"");
67 sb.append(_protocol);
68 sb.append(Http.PROTOCOL_DELIMITER);
69
70 int pos = _url.indexOf(CharPool.QUESTION);
71
72 if (pos == -1) {
73 sb.append(_url);
74 }
75 else {
76 sb.append(_url.substring(0, pos));
77 sb.append(StringPool.QUESTION);
78
79 Company company = PortalUtil.getCompany(
80 (HttpServletRequest)pageContext.getRequest());
81
82 Key key = company.getKeyObj();
83
84 StringTokenizer st = new StringTokenizer(
85 _url.substring(pos + 1, _url.length()),
86 StringPool.AMPERSAND);
87
88 while (st.hasMoreTokens()) {
89 String paramAndValue = st.nextToken();
90
91 int x = paramAndValue.indexOf(CharPool.EQUAL);
92
93 String param = paramAndValue.substring(0, x);
94 String value = paramAndValue.substring(
95 x + 1, paramAndValue.length());
96
97 sb.append(param).append(StringPool.EQUAL);
98
99 if (_unencryptedParamsSet.contains(param)) {
100 sb.append(HttpUtil.encodeURL(value));
101 }
102 else {
103 try {
104 sb.append(HttpUtil.encodeURL(
105 Encryptor.encrypt(key, value)));
106 }
107 catch (EncryptorException ee) {
108 _log.error(ee.getMessage());
109 }
110
111 if (st.hasMoreTokens()) {
112 sb.append(StringPool.AMPERSAND);
113 }
114 }
115 }
116
117 sb.append("&shuo=1");
118 }
119
120 sb.append("\" ");
121
122
124 if (Validator.isNotNull(_style)) {
125 sb.append("style=\"");
126 sb.append(_style);
127 sb.append("\" ");
128 }
129
130
132 if (Validator.isNotNull(_target)) {
133 sb.append("target=\"" + _target + "\"");
134 }
135
136
138 sb.append(">");
139
140 pageContext.getOut().print(sb.toString());
141
142 return EVAL_BODY_INCLUDE;
143 }
144 catch (Exception e) {
145 throw new JspException(e);
146 }
147 }
148
149 public int doEndTag() throws JspException {
150 try {
151 pageContext.getOut().print("</a>");
152
153 return EVAL_PAGE;
154 }
155 catch (Exception e) {
156 throw new JspException(e);
157 }
158 }
159
160 public void setClassName(String className) {
161 _className = className;
162 }
163
164 public void setStyle(String style) {
165 _style = style;
166 }
167
168 public void setProtocol(String protocol) {
169 _protocol = protocol;
170 }
171
172 public void setUnencryptedParams(String unencryptedParams) {
173 _unencryptedParamsSet.clear();
174
175 String[] unencryptedParamsArray = StringUtil.split(unencryptedParams);
176
177 for (int i = 0; i < unencryptedParamsArray.length; i++) {
178 _unencryptedParamsSet.add(unencryptedParamsArray[i]);
179 }
180 }
181
182 public void setUrl(String url) {
183 _url = url;
184 }
185
186 public void setTarget(String target) {
187 _target = target;
188 }
189
190 private static Log _log = LogFactoryUtil.getLog(EncryptTag.class);
191
192 private String _className;
193 private String _style;
194 private String _protocol;
195 private Set<String> _unencryptedParamsSet = new HashSet<String>();
196 private String _url;
197 private String _target;
198
199 }