public String addSorPerson(
      final ReconciliationCriteria reconciliationCriteria, final RequestContext context) {
    reconciliationCriteria.getSorPerson().setSourceSor(AbstractPersonServiceAction.STATIC_SOR_NAME);
    try {
      final ServiceExecutionResult<Person> result =
          getPersonService().addPerson(reconciliationCriteria);

      getSpringErrorValidationErrorConverter()
          .convertValidationErrors(result.getValidationErrors(), context.getMessageContext());

      if (context.getMessageContext().hasErrorMessages()) {
        return "validationError";
      }

      context.getFlowScope().put("serviceExecutionResult", result);
      return "success";
    } catch (final ReconciliationException e) {
      context.getFlowScope().put("reconciliationResult", e);
      return "reconciliation";
    }
    // TODO Need to add logic here to handle case where SoR already provided an SorPerson.
    // For example if OR is the SoR and reconciliation determines that OR
    // get the sorPerson that already exists from SorPersonAlreadyExistsException, update it with
    // the values from reconciliation.SorPerson
    // call updateSorPerson
    catch (final SorPersonAlreadyExistsException e) {
      return "error";
    }
  }
  @Override
  public void paused(RequestContext context) {

    if (isPersistenceContext(context.getActiveFlow())) {

      final EntityManager em =
          getEntityManager(context.getFlowExecutionContext().getActiveSession());

      /*
       * we were not be able to determine if entityManager has opened
       * connections, then the commit statement is always executed when
       * flow is paused
       */

      transactionTemplate.execute(
          new TransactionCallbackWithoutResult() {
            protected void doInTransactionWithoutResult(TransactionStatus status) {
              /*
               * Commit using the same connection retrieved by hibernate
               * lazy load,if exists, otherwise another connection will be
               * requested from pool
               */
              em.joinTransaction();
            }
          });
    }

    super.paused(context);
  }
  /** {@inheritDoc} */
  @Override
  @Nullable
  public String apply(@Nullable final ProfileRequestContext input) {
    if (input == null) {
      return null;
    }

    final SpringRequestContext springRequestContext =
        input.getSubcontext(SpringRequestContext.class, false);
    if (springRequestContext == null) {
      return null;
    }

    final RequestContext requestContext = springRequestContext.getRequestContext();
    if (requestContext == null) {
      return null;
    }

    final FlowExecutionContext flowExecutionContext = requestContext.getFlowExecutionContext();
    if (flowExecutionContext == null) {
      return null;
    }

    if (!flowExecutionContext.isActive()) {
      return null;
    }

    final FlowDefinition flowDefinition = requestContext.getActiveFlow();

    final String flowId = flowDefinition.getId();
    log.debug("Current flow id is '{}'", flowId);
    return flowId;
  }
  protected Event doExecute(final RequestContext context) {
    final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
    final String ticketGrantingTicketValueFromCookie =
        (String) context.getFlowScope().get("ticketGrantingTicketId");

    if (ticketGrantingTicketId == null) {
      return success();
    }

    this.ticketGrantingTicketCookieGenerator.addCookie(
        WebUtils.getHttpServletRequest(context),
        WebUtils.getHttpServletResponse(context),
        ticketGrantingTicketId);

    // add by yikeke 2015-08-13
    String logineduserid = (String) context.getRequestScope().get("logineduserid");

    this.loginedUserCookieGenerator.addCookie(
        WebUtils.getHttpServletRequest(context),
        WebUtils.getHttpServletResponse(context),
        logineduserid);
    logger.debug("now addCookie for loginedUserCookieGenerator value=" + logineduserid);
    // end add
    if (ticketGrantingTicketValueFromCookie != null
        && !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
      this.centralAuthenticationService.destroyTicketGrantingTicket(
          ticketGrantingTicketValueFromCookie);
    }

    return success();
  }
  public Event checkHomeLocation(RequestContext context) {
    // check location values
    UserAccount userAccount = (UserAccount) context.getFlowScope().get("userAccount");
    Location loc = userAccount.getLocation();

    // do we have lat/lon already?
    //		StringUtils.hasLength(loc.getLatitude());
    if (loc.getLatitude() != null && loc.getLongitude() != null) return success();

    try {
      Assert.hasLength(loc.getCity(), "City is empty");
      Assert.hasLength(loc.getStateInitial(), "State is empty");
      //			Assert.hasLength(loc.getZip(), "Zip is empty");
    } catch (IllegalArgumentException e) {
      context
          .getMessageContext()
          .addMessage(new MessageBuilder().error().defaultText(e.getMessage()).build());
      return result("needHomeLocation");
    }

    String homeLoc = loc.getAddress() + " " + loc.getCity() + " " + loc.getStateInitial();

    // get lat/lon from yahoo
    List<YahooPlaceResult> places = yahooPlaceFinderService.searchPlaceResult(homeLoc);
    Location location = userAccount.getLocation();
    if (places.size() > 0) {
      YahooPlaceResult place = places.get(0);
      location.setLatitude(place.getLatitude().floatValue());
      location.setLongitude(place.getLongitude().floatValue());
      location.setStateInitial(place.getStateCode());
      Zip zip = null;
      try {
        zip = Zip.findZipsByZipCode(place.getUzip().toString()).getSingleResult();
      } catch (Exception e) {
        zip = new Zip();
        zip.setZipCode(place.getUzip().toString());
        zip.setLatitude(place.getLatitude().floatValue());
        zip.setLongitude(place.getLongitude().floatValue());
        zip.persist();
      }
      location.setZip(zip);
      userAccount.setWktLocation(place.getLongitude(), place.getLatitude());
      // save
      userAccount = userAccountService.updateUserAccount(userAccount);
      // set to flow
      context.getFlowScope().asMap().put("userAccount", userAccount);
    } else {
      context
          .getMessageContext()
          .addMessage(
              new MessageBuilder()
                  .error()
                  .defaultText("Could not find Lat/Lon. Returned " + places.size() + " places.")
                  .build());
      return result("needHomeLocation");
    }

    return result("needBabysitterAvailableTimes");
  }
Example #6
0
 /**
  * Gets the http servlet response from the context.
  *
  * @param context the context
  * @return the http servlet response
  */
 public static HttpServletResponse getHttpServletResponse(final RequestContext context) {
   Assert.isInstanceOf(
       ServletExternalContext.class,
       context.getExternalContext(),
       "Cannot obtain HttpServletResponse from event of type: "
           + context.getExternalContext().getClass().getName());
   return (HttpServletResponse) context.getExternalContext().getNativeResponse();
 }
 public final String wrapGoogleCredentialsAndPlaceInFlowScopeSecond(
     RequestContext context, String accessToken, String userID, String userName) {
   context.getFlowScope().put("credentials", new GoogleCredentials(accessToken, userID));
   context.getFlowScope().put("credentialName", userID);
   context.getFlowScope().put("credentialType", "GOOGLE_ID");
   context.getFlowScope().put("userName", userName);
   context.getFlowScope().put("loginNumber", "two");
   return "success";
 }
 @Override
 public Object getState(FacesContext facesContext, String viewId) {
   if (!JsfUtils.isFlowRequest()) {
     return super.getState(facesContext, viewId);
   }
   RequestContext requestContext = RequestContextHolder.getRequestContext();
   Object state = requestContext.getViewScope().get(FACES_VIEW_STATE);
   if (state == null) {
     logger.debug("No matching view in view scope");
   }
   return state;
 }
  public Event findExistingPlayer(RequestContext context) {
    PlayerSearchCriteria criteria =
        (PlayerSearchCriteria) context.getFlowScope().get("playerSearchCriteria");
    if (criteria != null) {
      Player player = playerService.findExistingPlayer(criteria);
      context.getFlowScope().put("player", player);

      return success();
    } else {
      return error();
    }
  }
  /**
   * Validate event for transition.
   *
   * @param eventId the event id
   * @param context the context
   * @param attributes the attributes
   * @return the event
   */
  protected Event validateEventIdForMatchingTransitionInContext(
      final String eventId, final RequestContext context, final Map<String, Object> attributes) {
    try {
      final AttributeMap<Object> attributesMap = new LocalAttributeMap<>(attributes);
      final Event event = new Event(this, eventId, attributesMap);

      logger.debug(
          "Resulting event id is [{}]. Locating transitions in the context for that event id...",
          event.getId());

      final TransitionDefinition def = context.getMatchingTransition(event.getId());
      if (def == null) {
        logger.warn("Transition definition cannot be found for event [{}]", event.getId());
        throw new AuthenticationException();
      }
      logger.debug(
          "Found matching transition [{}] with target [{}] for event [{}] with attributes {}.",
          def.getId(),
          def.getTargetStateId(),
          event.getId(),
          event.getAttributes());
      return event;
    } catch (final Exception e) {
      throw Throwables.propagate(e);
    }
  }
  @Nonnull
  @Override
  protected Event doExecute(
      final @Nonnull RequestContext springRequestContext,
      final @Nonnull ProfileRequestContext profileRequestContext) {

    final ParameterMap params = springRequestContext.getRequestParameters();
    final String service = params.get(ProtocolParam.Service.id());
    if (service == null) {
      return ProtocolError.ServiceNotSpecified.event(this);
    }
    final String ticket = params.get(ProtocolParam.Ticket.id());
    if (ticket == null) {
      return ProtocolError.TicketNotSpecified.event(this);
    }
    final TicketValidationRequest ticketValidationRequest =
        new TicketValidationRequest(service, ticket);

    final String renew = params.get(ProtocolParam.Renew.id());
    if (renew != null) {
      ticketValidationRequest.setRenew(true);
    }
    ticketValidationRequest.setPgtUrl(params.get(ProtocolParam.PgtUrl.id()));

    final MessageContext messageContext = new MessageContext();
    messageContext.setMessage(ticketValidationRequest);
    profileRequestContext.setInboundMessageContext(messageContext);
    FlowStateSupport.setTicketValidationRequest(springRequestContext, ticketValidationRequest);
    return ActionSupport.buildProceedEvent(this);
  }
  @Override
  protected Event doExecute(final RequestContext context) throws Exception {
    final Service service = WebUtils.getService(context);
    // No service == plain /login request. Return success indicating transition to the login form
    if (service == null) {
      return success();
    }
    final RegisteredService registeredService = this.servicesManager.findServiceBy(service);

    if (registeredService == null) {
      logger.warn(
          "Unauthorized Service Access for Service: [ {} ] - service is not defined in the service registry.",
          service.getId());
      throw new UnauthorizedServiceException();
    } else if (!registeredService.isEnabled()) {
      logger.warn(
          "Unauthorized Service Access for Service: [ {} ] - service is not enabled in the service registry.",
          service.getId());
      if (registeredService instanceof RegisteredServiceWithAttributes) {
        String disabledServiceUrl =
            (String)
                RegisteredServiceWithAttributes.class
                    .cast(registeredService)
                    .getExtraAttributes()
                    .get(DISABLED_SERVICE_URL_ATTRIBUTE);
        if (disabledServiceUrl != null) {
          context.getRequestScope().put(DISABLED_SERVICE_URL_ATTRIBUTE, disabledServiceUrl);
          return no();
        }
      }
      throw new UnauthorizedServiceException();
    }
    return success();
  }
  public Event startFlow(RequestContext context) {
    // get from flow
    UserAccount userAccount = (UserAccount) context.getFlowScope().get("userAccount");

    // do we have type?
    //		if (isUserTypeNotSet(userAccount)) return
    // do we have locaiton?

    return null;
  }
 public boolean test(RequestContext context) {
   Event currentEvent = context.getCurrentEvent();
   if (currentEvent == null) {
     return false;
   }
   if (caseSensitive) {
     return eventId.equals(currentEvent.getId());
   } else {
     return eventId.equalsIgnoreCase(currentEvent.getId());
   }
 }
  /**
   * Grant ticket granting ticket.
   *
   * @param context the context
   * @param authenticationResultBuilder the authentication result builder
   * @param service the service
   * @return the event
   * @throws Exception the exception
   */
  protected Event grantTicketGrantingTicketToAuthenticationResult(
      final RequestContext context,
      final AuthenticationResultBuilder authenticationResultBuilder,
      final Service service)
      throws Exception {

    logger.debug("Finalizing authentication transactions and issuing ticket-granting ticket");
    final AuthenticationResult authenticationResult =
        this.authenticationSystemSupport.finalizeAllAuthenticationTransactions(
            authenticationResultBuilder, service);

    boolean issueTicketGrantingTicket = true;
    final Authentication authentication = authenticationResult.getAuthentication();
    final String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
    if (StringUtils.isNotBlank(ticketGrantingTicket)) {
      logger.debug(
          "Located ticket-granting ticket in the context. Retrieving associated authentication");
      final Authentication authenticationFromTgt =
          this.ticketRegistrySupport.getAuthenticationFrom(ticketGrantingTicket);
      if (authenticationFromTgt == null) {
        logger.debug(
            "Authentication session associated with {} is no longer valid", ticketGrantingTicket);
        this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicket);
      } else if (authentication.getPrincipal().equals(authenticationFromTgt.getPrincipal())) {
        logger.debug("Resulting authentication matches the authentication from context");
        issueTicketGrantingTicket = false;
      } else {
        logger.debug("Resulting authentication is different from the context");
      }
    }

    final TicketGrantingTicket tgt;
    if (issueTicketGrantingTicket) {
      tgt = this.centralAuthenticationService.createTicketGrantingTicket(authenticationResult);

    } else {
      tgt =
          this.centralAuthenticationService.getTicket(
              ticketGrantingTicket, TicketGrantingTicket.class);
      tgt.getAuthentication().update(authentication);
      this.centralAuthenticationService.updateTicket(tgt);
    }

    WebUtils.putTicketGrantingTicketInScopes(context, tgt);
    WebUtils.putAuthenticationResult(authenticationResult, context);
    WebUtils.putAuthentication(tgt.getAuthentication(), context);

    if (addWarningMessagesToMessageContextIfNeeded(tgt, context.getMessageContext())) {
      return newEvent(SUCCESS_WITH_WARNINGS);
    }

    return newEvent(CasWebflowConstants.TRANSITION_ID_SUCCESS);
  }
  /** {@inheritDoc} */
  @Override
  protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext) {

    if (!super.doPreExecute(profileRequestContext)) {
      return false;
    }

    final RequestContext requestContext = getRequestContext(profileRequestContext);
    if (requestContext == null) {
      log.error("{} Spring RequestContext is not set", getLogPrefix());
      ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_DECODE);
      return false;
    }

    final String sessionRef = requestContext.getRequestParameters().get(SESSION_PARAM_BYREF);
    final String sessionVal = requestContext.getRequestParameters().get(SESSION_PARAM_BYVAL);
    try {
      if (sessionRef != null) {
        sessionKey = sessionRef;
        session = getSessionByReference(requestContext, sessionKey);
      } else if (sessionVal != null) {
        session = getSessionByValue(sessionVal);
      } else {
        log.warn("{} No session parameter provided, nothing to do", getLogPrefix());
        ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_DECODE);
        return false;
      }
      log.debug("{} Got session to propagate logout: {}", getLogPrefix(), session);
    } catch (MessageDecodingException e) {
      log.warn("{} Message decoding exception: {}", e.getMessage());
      ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_DECODE);
      return false;
    } catch (MessageException e) {
      log.warn("{} Required state not found: {}", e.getMessage());
      ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
      return false;
    }

    return true;
  }
Example #17
0
 @Override
 protected Event doExecute(RequestContext context) throws Exception {
   final String userId = context.getFlowScope().getString(S.NICK);
   LOGGER.info("user id is:" + userId);
   try {
     WebUtils.putTicketGrantingTicketInRequestScope(
         context,
         centralAuthenticationService.createTicketGrantingTicket(creatCredentials(userId)));
   } catch (TicketException e) {
     LOGGER.error(e);
     return error();
   }
   return success();
 }
 protected void doRender(Map<String, ?> model) throws Exception {
   RequestContext context = getRequestContext();
   ExternalContext externalContext = context.getExternalContext();
   View view = getView();
   PortletContext portletContext = (PortletContext) externalContext.getNativeContext();
   PortletRequest request = (PortletRequest) externalContext.getNativeRequest();
   MimeResponse response = (MimeResponse) externalContext.getNativeResponse();
   if (response.getContentType() == null) {
     // No Portlet content type specified yet -> use the view-determined type.
     // (The Portlet spec requires the content type to be set on the RenderResponse)
     String contentType = view.getContentType();
     if (contentType != null) {
       response.setContentType(contentType);
     }
   }
   request.setAttribute(ViewRendererServlet.VIEW_ATTRIBUTE, view);
   request.setAttribute(ViewRendererServlet.MODEL_ATTRIBUTE, model);
   request.setAttribute(
       org.springframework.web.servlet.support.RequestContext.WEB_APPLICATION_CONTEXT_ATTRIBUTE,
       context.getActiveFlow().getApplicationContext());
   portletContext
       .getRequestDispatcher(DispatcherPortlet.DEFAULT_VIEW_RENDERER_URL)
       .include(request, response);
 }
  @Override
  protected Event doExecute(final RequestContext context) {
    final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
    final HttpServletResponse response = WebUtils.getHttpServletResponse(context);

    final String authorizationHeader = request.getHeader(SpnegoConstants.HEADER_AUTHORIZATION);
    final String userAgent = WebUtils.getHttpServletRequestUserAgent(request);

    LOGGER.debug(
        "Authorization header [{}], User Agent header [{}]", authorizationHeader, userAgent);

    if (!StringUtils.hasText(userAgent) || this.supportedBrowser.isEmpty()) {
      LOGGER.debug("User Agent header [{}] is empty, or no browsers are supported", userAgent);
      return success();
    }

    if (!isSupportedBrowser(userAgent)) {
      LOGGER.debug(
          "User Agent header [{}] is not supported in the list of supported browsers [{}]",
          userAgent,
          this.supportedBrowser);
      return success();
    }

    if (!StringUtils.hasText(authorizationHeader)
        || !authorizationHeader.startsWith(this.messageBeginPrefix)
        || authorizationHeader.length() <= this.messageBeginPrefix.length()) {

      final String wwwHeader = this.ntlm ? SpnegoConstants.NTLM : SpnegoConstants.NEGOTIATE;
      LOGGER.debug(
          "Authorization header not found or does not match the message prefix [{}]. Sending [{}] header [{}]",
          this.messageBeginPrefix,
          SpnegoConstants.HEADER_AUTHENTICATE,
          wwwHeader);
      response.setHeader(SpnegoConstants.HEADER_AUTHENTICATE, wwwHeader);

      response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
      // The responseComplete flag tells the pausing view-state not to render the response
      // because another object has taken care of it. If mixed mode authentication is allowed
      // then responseComplete should not be called so that webflow will display the login page.
      if (!this.mixedModeAuthentication) {
        LOGGER.debug("Mixed-mode authentication is disabled. Executing completion of response");
        context.getExternalContext().recordResponseComplete();
      }
    }
    return success();
  }
  @Override
  protected Event doExecute(final RequestContext context) throws Exception {
    final Service service = WebUtils.getService(context);

    if (service == null) {
      logger.debug("No service found in the request context, so resuming normally.");
      return success();
    }

    final RegisteredService registeredService = this.servicesManager.findServiceBy(service);

    if (registeredService == null) {
      logger.warn(
          "Unauthorized Service Access for Service: [{}] - service is not defined in the service registry.",
          service.getId());
      throw new UnauthorizedServiceException();
    }

    if (!registeredService.isEnabled()) {
      logger.warn(
          "Unauthorized Service Access for Service: [{}] - service is not enabled in the service registry.",
          service.getId());
      throw new UnauthorizedServiceException();
    }

    if (registeredService instanceof RegisteredServiceWithAttributes) {
      final RegisteredServiceWithAttributes regSvcWithAttr =
          RegisteredServiceWithAttributes.class.cast(registeredService);

      final String redirectToUrl =
          (String) regSvcWithAttr.getExtraAttributes().get(REDIRECT_TO_URL_ATTRIBUTE);
      if (redirectToUrl != null
          && this.redirectionAdvisor.shouldRedirectServiceRequest(
              context, regSvcWithAttr, redirectToUrl)) {
        logger.info("Redirecting to url [{}] for service [{}]", redirectToUrl, service.getId());
        context.getRequestScope().put(REDIRECT_TO_URL_ATTRIBUTE, redirectToUrl);
        return yes();
      }
    }

    logger.debug(
        "No redirect url is configured, or redirection for service [{}] is not needed",
        service.getId());
    return success();
  }
  /**
   * Get an {@link SPSession} by reference.
   *
   * @param requestContext Spring request context
   * @param sessionKey key identifying the SP session
   * @return the SP session
   * @throws MessageException if an error occurs
   */
  @Nonnull
  private SPSession getSessionByReference(
      @Nonnull final RequestContext requestContext, @Nonnull final String sessionKey)
      throws MessageException {
    final LogoutContext logoutCtx =
        requestContext
            .getExternalContext()
            .getSessionMap()
            .get(SaveLogoutContext.LOGOUT_CONTEXT_KEY, LogoutContext.class);
    if (logoutCtx == null) {
      throw new MessageException("LogoutContext not found in HTTP session.");
    }

    final SPSession s = logoutCtx.getKeyedSessionMap().get(sessionKey);
    if (s == null) {
      throw new MessageException("Session not found for key: " + sessionKey);
    }

    return s;
  }
 public final String wrapGoogleCredentialsAndPlaceInFlowScope(
     RequestContext context,
     String accessToken,
     String userID,
     String userName,
     String genericName,
     String genericEmail) {
   context.getFlowScope().put("credentials", new GoogleCredentials(accessToken, userID));
   context.getFlowScope().put("credentialName", userID);
   context.getFlowScope().put("credentialType", "GOOGLE_ID");
   context.getFlowScope().put("userName", userName);
   context.getFlowScope().put("credentialName2", userID);
   context.getFlowScope().put("credentialType2", "GOOGLE_ID");
   context.getFlowScope().put("userName2", userName);
   context.getFlowScope().put("loginNumber", "one");
   context.getFlowScope().put("loginNumber", "one");
   context.getFlowScope().put("genericName", genericName);
   context.getFlowScope().put("genericEmail", genericEmail);
   return "success";
 }
 private void saveState(Object state) {
   RequestContext requestContext = RequestContextHolder.getRequestContext();
   requestContext.getViewScope().put(FACES_VIEW_STATE, state);
 }
 private String getFlowExecutionKey() {
   RequestContext requestContext = RequestContextHolder.getRequestContext();
   return requestContext.getFlowExecutionContext().getKey().toString();
 }
 public final String placeGoogleApiInFlowScope(RequestContext context) {
   context.getFlowScope().put("googleappid", googleApiId);
   return "success";
 }
 /**
  * Gets resolved events as attribute.
  *
  * @param context the context
  * @return the resolved events as attribute
  */
 protected Set<Event> getResolvedEventsAsAttribute(final RequestContext context) {
   return context.getAttributes().get(RESOLVED_AUTHENTICATION_EVENTS, Set.class);
 }
 /**
  * Put resolved events as attribute.
  *
  * @param context the context
  * @param resolvedEvents the resolved events
  */
 protected void putResolvedEventsAsAttribute(
     final RequestContext context, final Set<Event> resolvedEvents) {
   context.getAttributes().put(RESOLVED_AUTHENTICATION_EVENTS, resolvedEvents);
 }
Example #28
0
  @Override
  protected Event doExecute(RequestContext context) throws Exception {

    HttpServletRequest request = WebUtils.getHttpServletRequest(context);
    HttpSession session = request.getSession();

    // get provider type
    String providerType = request.getParameter(OAUTH_PROVIDER);
    logger.debug("providerType : {}", providerType);
    // System.out.println("OAuthAction "+providerType+" "+StringUtils.isNotBlank(providerType));
    // it's an authentication
    if (StringUtils.isNotBlank(providerType)) {
      // get provider
      OAuthProvider provider = null;
      for (OAuthProvider aProvider : providers) {
        if (StringUtils.equals(providerType, aProvider.getType())) {
          provider = aProvider;
          break;
        }
      }
      logger.info("provider : {}", provider);

      // get credential
      System.out.println("Params " + request.getParameterMap());
      @SuppressWarnings("unchecked")
      OAuthCredential credential = provider.getCredential(request.getParameterMap());
      logger.info("credential : {}", credential);

      // retrieve service from session and put it into webflow
      Service service = (Service) session.getAttribute("service");
      context.getFlowScope().put("service", service);

      // create credentials
      Credentials credentials = new OAuthCredentials(credential);

      try {
        WebUtils.putTicketGrantingTicketInRequestScope(
            context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
        return success();
      } catch (final TicketException e) {
        e.printStackTrace();
        return error();
      }
    } else {
      // no authentication : go to login page

      // put service in session from flow scope
      Service service = (Service) context.getFlowScope().get("service");
      session.setAttribute("service", service);

      // for all providers, generate authorization urls
      for (OAuthProvider provider : providers) {
        String key = provider.getType() + "Url";
        String authorizatonUrl = provider.getAuthorizationUrl(new HttpUserSession(session));
        logger.debug("{} -> {}", key, authorizatonUrl);
        request.setAttribute(key, authorizatonUrl);
      }
    }

    return error();
  }