Exemple #1
0
  public void doReturn(StaplerRequest request, StaplerResponse rsp) throws IOException {
    try {
      // --- processing the authentication response

      // extract the parameters from the authentication response
      // (which comes in as a HTTP request from the OpenID provider)
      ParameterList responselist = new ParameterList(request.getParameterMap());

      // extract the receiving URL from the HTTP request
      StringBuffer receivingURL = request.getRequestURL();
      String queryString = request.getQueryString();
      if (queryString != null && queryString.length() > 0)
        receivingURL.append("?").append(request.getQueryString());

      // verify the response
      VerificationResult verification =
          manager.verify(receivingURL.toString(), responselist, discovered);

      // examine the verification result and extract the verified identifier
      Identifier verified = verification.getVerifiedId();
      if (verified != null) {
        AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

        openid = authSuccess.getIdentity();
        claimedOpenid = authSuccess.getClaimed();
        rsp.sendRedirect(".");
      } else {
        throw HttpResponses.error(500, "Failed to login");
      }
    } catch (OpenIDException e) {
      throw new Error(e);
    }
  }
  /**
   * Verify a previously authenticated user with the provider
   *
   * @param adapter protocol adapter
   * @param parameterMap request parameters
   * @param receivedURL url where the response will be received
   * @return
   * @throws OpenIDMessageException
   * @throws OpenIDDiscoveryException
   * @throws OpenIDAssociationException
   * @throws OpenIDLifeCycleException
   */
  public boolean verify(
      OpenIDProtocolAdapter adapter, Map<String, String> parameterMap, String receivedURL)
      throws OpenIDMessageException, OpenIDDiscoveryException, OpenIDAssociationException,
          OpenIDLifeCycleException {
    OpenIDLifecycle lifeCycle = null;

    if (adapter instanceof OpenIDLifecycle) {
      lifeCycle = (OpenIDLifecycle) adapter;
    }
    ParameterList responselist = new ParameterList(parameterMap);

    if (lifeCycle == null) throw new IllegalStateException("Lifecycle not found");

    DiscoveryInformation discovered =
        (DiscoveryInformation) lifeCycle.getAttributeValue(CONST.OPENID_DISC.get());

    // verify the response; ConsumerManager needs to be the same
    // (static) instance used to place the authentication request
    try {
      VerificationResult verification =
          this.consumerManager.verify(receivedURL, responselist, discovered);

      // examine the verification result and extract the verified identifier
      Identifier verified = verification.getVerifiedId();
      if (verified != null) {
        AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

        // Create an lifecycle event array
        OpenIDLifecycleEvent[] eventArr =
            new OpenIDLifecycleEvent[] {
              /** Store the id * */
              new OpenIDLifecycleEvent(
                  OpenIDLifecycleEvent.TYPE.SESSION,
                  OpenIDLifecycleEvent.OP.ADD,
                  CONST.OPENID.get(),
                  authSuccess.getIdentity()),

              /** Store the claimed * */
              new OpenIDLifecycleEvent(
                  OpenIDLifecycleEvent.TYPE.SESSION,
                  OpenIDLifecycleEvent.OP.ADD,
                  CONST.OPENID_CLAIMED.get(),
                  authSuccess.getClaimed()),

              /** Indicate success * */
              new OpenIDLifecycleEvent(OpenIDLifecycleEvent.TYPE.SUCCESS, null, null, null)
            };
        lifeCycle.handle(eventArr);
        return true;
      }
    } catch (MessageException e) {
      throw new OpenIDMessageException(e);
    } catch (DiscoveryException e) {
      throw new OpenIDDiscoveryException(e);
    } catch (AssociationException e) {
      throw new OpenIDAssociationException(e);
    }

    return false;
  }