001
014
015 package com.liferay.taglib.security;
016
017 import com.liferay.portal.kernel.log.Log;
018 import com.liferay.portal.kernel.log.LogFactoryUtil;
019 import com.liferay.portal.kernel.util.CharPool;
020 import com.liferay.portal.kernel.util.Http;
021 import com.liferay.portal.kernel.util.HttpUtil;
022 import com.liferay.portal.kernel.util.StringBundler;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.StringUtil;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.model.Company;
027 import com.liferay.portal.util.PortalUtil;
028 import com.liferay.util.Encryptor;
029 import com.liferay.util.EncryptorException;
030
031 import java.security.Key;
032
033 import java.util.HashSet;
034 import java.util.Set;
035 import java.util.StringTokenizer;
036
037 import javax.servlet.http.HttpServletRequest;
038 import javax.servlet.jsp.JspException;
039 import javax.servlet.jsp.tagext.TagSupport;
040
041
044 public class EncryptTag extends TagSupport {
045
046 public int doStartTag() throws JspException {
047 try {
048 StringBundler sb = new StringBundler();
049
050
051
052 sb.append("<a ");
053
054
055
056 if (Validator.isNotNull(_className)) {
057 sb.append("class=\"");
058 sb.append(_className);
059 sb.append("\" ");
060 }
061
062
063
064 sb.append("href=\"");
065 sb.append(_protocol);
066 sb.append(Http.PROTOCOL_DELIMITER);
067
068 int pos = _url.indexOf(CharPool.QUESTION);
069
070 if (pos == -1) {
071 sb.append(_url);
072 }
073 else {
074 sb.append(_url.substring(0, pos));
075 sb.append(StringPool.QUESTION);
076
077 Company company = PortalUtil.getCompany(
078 (HttpServletRequest)pageContext.getRequest());
079
080 Key key = company.getKeyObj();
081
082 StringTokenizer st = new StringTokenizer(
083 _url.substring(pos + 1, _url.length()),
084 StringPool.AMPERSAND);
085
086 while (st.hasMoreTokens()) {
087 String paramAndValue = st.nextToken();
088
089 int x = paramAndValue.indexOf(CharPool.EQUAL);
090
091 String param = paramAndValue.substring(0, x);
092 String value = paramAndValue.substring(
093 x + 1, paramAndValue.length());
094
095 sb.append(param).append(StringPool.EQUAL);
096
097 if (_unencryptedParamsSet.contains(param)) {
098 sb.append(HttpUtil.encodeURL(value));
099 }
100 else {
101 try {
102 sb.append(HttpUtil.encodeURL(
103 Encryptor.encrypt(key, value)));
104 }
105 catch (EncryptorException ee) {
106 _log.error(ee.getMessage());
107 }
108
109 if (st.hasMoreTokens()) {
110 sb.append(StringPool.AMPERSAND);
111 }
112 }
113 }
114
115 sb.append("&shuo=1");
116 }
117
118 sb.append("\" ");
119
120
121
122 if (Validator.isNotNull(_style)) {
123 sb.append("style=\"");
124 sb.append(_style);
125 sb.append("\" ");
126 }
127
128
129
130 if (Validator.isNotNull(_target)) {
131 sb.append("target=\"" + _target + "\"");
132 }
133
134
135
136 sb.append(">");
137
138 pageContext.getOut().print(sb.toString());
139
140 return EVAL_BODY_INCLUDE;
141 }
142 catch (Exception e) {
143 throw new JspException(e);
144 }
145 }
146
147 public int doEndTag() throws JspException {
148 try {
149 pageContext.getOut().print("</a>");
150
151 return EVAL_PAGE;
152 }
153 catch (Exception e) {
154 throw new JspException(e);
155 }
156 }
157
158 public void setClassName(String className) {
159 _className = className;
160 }
161
162 public void setStyle(String style) {
163 _style = style;
164 }
165
166 public void setProtocol(String protocol) {
167 _protocol = protocol;
168 }
169
170 public void setUnencryptedParams(String unencryptedParams) {
171 _unencryptedParamsSet.clear();
172
173 String[] unencryptedParamsArray = StringUtil.split(unencryptedParams);
174
175 for (int i = 0; i < unencryptedParamsArray.length; i++) {
176 _unencryptedParamsSet.add(unencryptedParamsArray[i]);
177 }
178 }
179
180 public void setUrl(String url) {
181 _url = url;
182 }
183
184 public void setTarget(String target) {
185 _target = target;
186 }
187
188 private static Log _log = LogFactoryUtil.getLog(EncryptTag.class);
189
190 private String _className;
191 private String _style;
192 private String _protocol;
193 private Set<String> _unencryptedParamsSet = new HashSet<String>();
194 private String _url;
195 private String _target;
196
197 }