Example #1
0
 /**
  * Returns true if the user is successfully associated with his openid provider; The {@link
  * OpenIdUser} is persisted if successful.
  */
 public boolean associate(
     OpenIdUser user, HttpServletRequest request, HttpServletResponse response) throws Exception {
   if (_context.getAssociation().associate(user, _context)) {
     _manager.saveUser(user, request, response);
     return true;
   }
   return false;
 }
Example #2
0
 /**
  * Returns true if the user has succeeded authentication on his openid provider; The {@link
  * OpenIdUser} is persisted if successful.
  */
 public boolean verifyAuth(
     OpenIdUser user, HttpServletRequest request, HttpServletResponse response) throws Exception {
   if (_context.getAssociation().verifyAuth(user, getAuthParameters(request), _context)) {
     _listener.onAuthenticate(user, request);
     _manager.saveUser(user, request, response);
     return true;
   }
   return false;
 }
Example #3
0
  /**
   * Return the current user, either an already authenticated one, or the one just discovered from
   * the <i>openid.identifier.parameter</i> (= "openid_identifier" by default).<br>
   * Returns <code>null</code> if the {@link Constants#OPENID_MODE} associated with the request is
   * set to {@link Constants.Mode#CANCEL} (in order to login under a different id), or if the
   * authentification is timed out.<br>
   * If returned user is <code>null</code> and {@link #isAuthResponse(HttpServletRequest)} is <code>
   * true</code> then we have an authentication timeout.
   *
   * @param request HttpServletRequest
   * @return user OpenIdUser
   */
  public OpenIdUser discover(HttpServletRequest request) throws Exception {
    OpenIdUser user = (OpenIdUser) request.getAttribute(OpenIdUser.ATTR_NAME);
    if (user == null) {
      System.err.println("vvvvvv RelyingParty: user NOT in request");
      user = _manager.getUser(request);
      String id = null;
      if (user != null) {
        System.err.println("vvvvvv RelyingParty: user in session");
        if (user.isAuthenticated()) {
          System.err.println("vvvvvv RelyingParty: user authenticated");
          _listener.onAccess(user, request);
          request.setAttribute(OpenIdUser.ATTR_NAME, user);
          return user;
        }
        System.err.println("vvvvvv RelyingParty: user NOT authenticated");
        if ((id = request.getParameter(_identifierParameter)) == null) {
          if (user.isAssociated()) {
            String mode = request.getParameter(Constants.OPENID_MODE);
            if (mode == null) return _automaticRedirect ? user : null;

            return Constants.Mode.CANCEL.equals(mode) ? null : user;
          }

          return user;
        } else if ((id = id.trim()).length() != 0) {
          Identifier identifier = Identifier.getIdentifier(id, _resolver, _context);
          if (identifier.isResolved()) {
            if (!identifier.getId().equals(user.getIdentifier())) {
              // new user or ... the user cancels authentication
              // and provides a different openid identifier
              return discover(identifier, request);
            }
          }
        }
      } else if ((id = request.getParameter(_identifierParameter)) != null
          && (id = id.trim()).length() != 0) {
        System.err.println(
            "vvvvvv RelyingParty: user NOT in session and parameter("
                + _identifierParameter
                + ") is NOT empty");
        Identifier identifier = Identifier.getIdentifier(id, _resolver, _context);
        if (identifier.isResolved()) return discover(identifier, request);
      } else {
        System.err.println(
            "vvvvvv RelyingParty: user NOT in session and parameter("
                + _identifierParameter
                + ") is empty");
      }
    }
    return user;
  }
Example #4
0
  public boolean authenticate(
      OpenIdUser user,
      HttpServletRequest request,
      HttpServletResponse response,
      String trustRoot,
      String realm,
      String returnTo)
      throws IOException {
    UrlEncodedParameterMap params = getAuthUrlMap(user, trustRoot, realm, returnTo);

    _listener.onPreAuthenticate(user, request, params);

    _manager.saveUser(user, request, response);

    _authRedirection.redirect(params, request, response);

    return true;
  }
Example #5
0
 /**
  * Invalidates/terminates the openid session of the user associated with the given {@code
  * request}; To logout an authenticated user, you invoke this method.
  */
 public boolean invalidate(HttpServletRequest request, HttpServletResponse response)
     throws IOException {
   return _manager.invalidate(request, response);
 }
Example #6
0
  /** Creates a new instance configured from the given {@code properties}. */
  public static RelyingParty newInstance(Properties properties) {
    // discovery
    String discoveryParam = properties.getProperty("openid.discovery");
    Discovery discovery =
        discoveryParam == null
            ? new DefaultDiscovery()
            : (Discovery) newObjectInstance(discoveryParam);

    // association
    String associationParam = properties.getProperty("openid.association");
    Association association =
        associationParam == null
            ? new DiffieHellmanAssociation()
            : (Association) newObjectInstance(associationParam);

    // http connector
    String httpConnectorParam = properties.getProperty("openid.httpconnector");
    HttpConnector httpConnector =
        httpConnectorParam == null
            ? new SimpleHttpConnector()
            : (HttpConnector) newObjectInstance(httpConnectorParam);

    // user manager
    String managerParam = properties.getProperty("openid.user.manager");
    OpenIdUserManager manager =
        managerParam == null
            ? new HttpSessionUserManager()
            : (OpenIdUserManager) newObjectInstance(managerParam);
    manager.init(properties);

    // openid user cache
    String userCacheParam = properties.getProperty("openid.user.cache");
    UserCache userCache =
        userCacheParam == null
            ? new IdentifierSelectUserCache()
            : (UserCache) newObjectInstance(userCacheParam);

    // openid automatic redirect
    // when the user is redirected to his provider and he somehow navigates away from his
    // provider and returns to your site ... the relying party will do an automatic redirect
    // back to his provider for authentication (if set to true)
    String automaticRedirectParam = properties.getProperty("openid.automatic_redirect");
    boolean automaticRedirect =
        automaticRedirectParam == null
            ? DEFAULT_AUTOMATIC_REDIRECT
            : Boolean.parseBoolean(automaticRedirectParam);

    // auth redirection
    String authRedirectionParam = properties.getProperty("openid.authredirection");
    AuthRedirection authRedirection =
        authRedirectionParam == null
            ? new SimpleRedirection()
            : (AuthRedirection) newObjectInstance(authRedirectionParam);

    // identifier parameter (default is openid_identifier)
    String identifierParameter =
        properties.getProperty("openid.identifier.parameter", DEFAULT_IDENTIFIER_PARAMETER);

    String identifierAsServerParam = properties.getProperty("openid.identifier_as_server");
    boolean identifierAsServer = "true".equals(identifierAsServerParam);

    RelyingParty relyingParty =
        new RelyingParty(
            new OpenIdContext(discovery, association, httpConnector),
            manager,
            userCache,
            automaticRedirect,
            identifierAsServer,
            authRedirection,
            identifierParameter);

    // relying party listeners
    String listenersParam = properties.getProperty("openid.relyingparty.listeners");
    if (listenersParam != null) {
      StringTokenizer tokenizer = new StringTokenizer(listenersParam, ",;");
      while (tokenizer.hasMoreTokens())
        relyingParty.addListener((Listener) newObjectInstance(tokenizer.nextToken().trim()));
    }

    // openid identifier resolvers
    String resolversParam = properties.getProperty("openid.identifier.resolvers");
    if (resolversParam != null) {
      StringTokenizer tokenizer = new StringTokenizer(resolversParam, ",;");
      while (tokenizer.hasMoreTokens())
        relyingParty.addResolver((Resolver) newObjectInstance(tokenizer.nextToken().trim()));
    }

    return relyingParty;
  }