1
14
15 package com.liferay.taglib.security;
16
17 import com.liferay.portal.kernel.log.Log;
18 import com.liferay.portal.kernel.log.LogFactoryUtil;
19 import com.liferay.portal.kernel.util.Http;
20 import com.liferay.portal.kernel.util.HttpUtil;
21 import com.liferay.portal.kernel.util.StringBundler;
22 import com.liferay.portal.kernel.util.StringPool;
23 import com.liferay.portal.kernel.util.StringUtil;
24 import com.liferay.portal.kernel.util.Validator;
25 import com.liferay.portal.model.Company;
26 import com.liferay.portal.util.PortalUtil;
27 import com.liferay.util.Encryptor;
28 import com.liferay.util.EncryptorException;
29
30 import java.security.Key;
31
32 import java.util.HashSet;
33 import java.util.Set;
34 import java.util.StringTokenizer;
35
36 import javax.servlet.http.HttpServletRequest;
37 import javax.servlet.jsp.JspException;
38 import javax.servlet.jsp.tagext.TagSupport;
39
40
45 public class EncryptTag extends TagSupport {
46
47 public int doStartTag() throws JspException {
48 try {
49 StringBundler sb = new StringBundler();
50
51
53 sb.append("<a ");
54
55
57 if (Validator.isNotNull(_className)) {
58 sb.append("class=\"");
59 sb.append(_className);
60 sb.append("\" ");
61 }
62
63
65 sb.append("href=\"");
66 sb.append(_protocol);
67 sb.append(Http.PROTOCOL_DELIMITER);
68
69 int pos = _url.indexOf(StringPool.QUESTION);
70
71 if (pos == -1) {
72 sb.append(_url);
73 }
74 else {
75 sb.append(_url.substring(0, pos));
76 sb.append(StringPool.QUESTION);
77
78 Company company = PortalUtil.getCompany(
79 (HttpServletRequest)pageContext.getRequest());
80
81 Key key = company.getKeyObj();
82
83 StringTokenizer st = new StringTokenizer(
84 _url.substring(pos + 1, _url.length()),
85 StringPool.AMPERSAND);
86
87 while (st.hasMoreTokens()) {
88 String paramAndValue = st.nextToken();
89
90 int x = paramAndValue.indexOf(StringPool.EQUAL);
91
92 String param = paramAndValue.substring(0, x);
93 String value = paramAndValue.substring(
94 x + 1, paramAndValue.length());
95
96 sb.append(param).append(StringPool.EQUAL);
97
98 if (_unencryptedParamsSet.contains(param)) {
99 sb.append(HttpUtil.encodeURL(value));
100 }
101 else {
102 try {
103 sb.append(HttpUtil.encodeURL(
104 Encryptor.encrypt(key, value)));
105 }
106 catch (EncryptorException ee) {
107 _log.error(ee.getMessage());
108 }
109
110 if (st.hasMoreTokens()) {
111 sb.append(StringPool.AMPERSAND);
112 }
113 }
114 }
115
116 sb.append("&shuo=1");
117 }
118
119 sb.append("\" ");
120
121
123 if (Validator.isNotNull(_style)) {
124 sb.append("style=\"");
125 sb.append(_style);
126 sb.append("\" ");
127 }
128
129
131 if (Validator.isNotNull(_target)) {
132 sb.append("target=\"" + _target + "\"");
133 }
134
135
137 sb.append(">");
138
139 pageContext.getOut().print(sb.toString());
140
141 return EVAL_BODY_INCLUDE;
142 }
143 catch (Exception e) {
144 throw new JspException(e);
145 }
146 }
147
148 public int doEndTag() throws JspException {
149 try {
150 pageContext.getOut().print("</a>");
151
152 return EVAL_PAGE;
153 }
154 catch (Exception e) {
155 throw new JspException(e);
156 }
157 }
158
159 public void setClassName(String className) {
160 _className = className;
161 }
162
163 public void setStyle(String style) {
164 _style = style;
165 }
166
167 public void setProtocol(String protocol) {
168 _protocol = protocol;
169 }
170
171 public void setUnencryptedParams(String unencryptedParams) {
172 _unencryptedParamsSet.clear();
173
174 String[] unencryptedParamsArray = StringUtil.split(unencryptedParams);
175
176 for (int i = 0; i < unencryptedParamsArray.length; i++) {
177 _unencryptedParamsSet.add(unencryptedParamsArray[i]);
178 }
179 }
180
181 public void setUrl(String url) {
182 _url = url;
183 }
184
185 public void setTarget(String target) {
186 _target = target;
187 }
188
189 private static Log _log = LogFactoryUtil.getLog(EncryptTag.class);
190
191 private String _className;
192 private String _style;
193 private String _protocol;
194 private Set<String> _unencryptedParamsSet = new HashSet<String>();
195 private String _url;
196 private String _target;
197
198 }