Update common container endpoint with response and expiry time

- This will be used to expire client/JS-side metadata cache, and better (more efficiently) refresh tokens.
- Introduce expiry time calculation for security tokens.

[zhoresh, 2010-10-12 16:52:57]

I cannot see a side by side diff for GadgetHandlerServiceTest.java, maybe do you
need to merge to latest?

http://codereview.appspot.com/2445041/diff/1/java/common/src/main/java/org/ap...
File
java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java
(right):

http://codereview.appspot.com/2445041/diff/1/java/common/src/main/java/org/ap...
java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java:22:
import org.apache.shindig.common.util.TimeSource;
Is that needed?

http://codereview.appspot.com/2445041/diff/1/java/common/src/main/java/org/ap...
java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java:27:
import com.google.inject.Inject;
same

http://codereview.appspot.com/2445041/diff/1/java/gadgets/src/main/java/org/a...
File
java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java
(right):

http://codereview.appspot.com/2445041/diff/1/java/gadgets/src/main/java/org/a...
java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java:167:
Long expiryTimeMs = securityTokenCodec.getTokenExpiration(tokenData);
Wouldn't this break since the default codec didn't implement expiration?
Maybe add default expiration to default codec, or use null for default here on
exception

[mhermanto, 2010-10-12 22:45:55]

On Tue, Oct 12, 2010 at 9:52 AM, <zhoresh@gmail.com> wrote:

> I cannot see a side by side diff for GadgetHandlerServiceTest.java,
> maybe do you need to merge to latest?
>

Done. It was renamed from GadgetHandlerServiceTest
to GadgetsHandlerServiceTest.


>
>
http://codereview.appspot.com/2445041/diff/1/java/common/src/main/java/org/ap...
> File
>
>
> java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java
> (right):
>
>
>
http://codereview.appspot.com/2445041/diff/1/java/common/src/main/java/org/ap...
>
>
java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java:22:
> import org.apache.shindig.common.util.TimeSource;
> Is that needed?
>

Done. Removed. I initially plan to use this for a 24-hour expiry time, but
uncertain from lack of code (beyond 24-hour comment) that suggest so. I'd
leave this to the implementor as needed.

http://codereview.appspot.com/2445041/diff/1/java/common/src/main/java/org/ap...
>
>
java/common/src/main/java/org/apache/shindig/auth/BasicSecurityTokenCodec.java:27:
> import com.google.inject.Inject;
> same
>

Done. Removed.

>
>
>
http://codereview.appspot.com/2445041/diff/1/java/gadgets/src/main/java/org/a...
> File
>
>
>
java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java
> (right):
>
>
>
http://codereview.appspot.com/2445041/diff/1/java/gadgets/src/main/java/org/a...
>
>
java/gadgets/src/main/java/org/apache/shindig/gadgets/servlet/GadgetsHandlerService.java:167:
> Long expiryTimeMs = securityTokenCodec.getTokenExpiration(tokenData);
> Wouldn't this break since the default codec didn't implement expiration?
> Maybe add default expiration to default codec, or use null for default
> here on exception


Done. Good catch. Now returns null with TODO.

>
>
> http://codereview.appspot.com/2445041/
>

Thanks!  New patch uploaded.

[zhoresh, 2010-10-13 04:48:04]

LGTM , committed to r1021995

[mhermanto, 2010-10-13 20:27:15]

Thanks!

On Tue, Oct 12, 2010 at 9:48 PM, <zhoresh@gmail.com> wrote:

> LGTM , committed to r1021995
>
>
> http://codereview.appspot.com/2445041/
>