public MarathonWS2Client(IWMainApplication iwma) { IWMainApplicationSettings settings = iwma.getSettings(); String propServiceUrl = settings.getProperty(PROP_GLITNIR_MARATHONWS_URL); String propUserName = settings.getProperty(PROP_GLITNIR_MARATHONWS_USERNAME); String propPassword = settings.getProperty(PROP_GLITNIR_MARATHONWS_PASSWORD); if (propServiceUrl != null) { setServiceUrl(propServiceUrl); } if (propUserName != null) { setUserName(propUserName); } if (propPassword != null) { setPassword(propPassword); } }
@SuppressWarnings("unchecked") protected void processRequest(HttpServletRequest req, HttpServletResponse resp, boolean isPost) throws ServletException, IOException { ServerManager manager = getServerManager(); IWMainApplication iwma = IWMainApplication.getIWMainApplication(req); // extract the parameters from the request ParameterList requestParameters = new ParameterList(req.getParameterMap()); OpenIDServerBean serverBean = ELUtil.getInstance().getBean("openIDServerBean"); ParameterList sessionStoredParameterList = serverBean.getParameterList(); if (sessionStoredParameterList != null) { if (!requestParameters.hasParameter(OpenIDConstants.PARAMETER_OPENID_MODE)) { sessionStoredParameterList.addParams(requestParameters); requestParameters = sessionStoredParameterList; } } String mode = requestParameters.hasParameter(OpenIDConstants.PARAMETER_OPENID_MODE) ? requestParameters.getParameterValue(OpenIDConstants.PARAMETER_OPENID_MODE) : null; String realm = requestParameters.hasParameter(OpenIDConstants.PARAMETER_REALM) ? requestParameters.getParameterValue(OpenIDConstants.PARAMETER_REALM) : null; if (realm != null) { serverBean.setReturnUrl(realm); realm = getRealmName(realm); serverBean.setRealm(realm); } Message response; String responseText = null; try { if (OpenIDConstants.PARAMETER_ASSOCIATE.equals(mode)) { // --- process an association request --- response = manager.associationResponse(requestParameters); responseText = response.keyValueFormEncoding(); } else if (OpenIDConstants.PARAMETER_CHECKID_SETUP.equals(mode) || OpenIDConstants.PARAMETER_CHECKID_IMMEDIATE.equals(mode)) { IWContext iwc = new IWContext(req, resp, getServletContext()); boolean goToLogin = doRedirectToLoginPage(manager, requestParameters, iwc, realm); if (!goToLogin) { serverBean.setParameterList(null); serverBean.setServerUrl(null); serverBean.setDoRedirect(null); serverBean.setUsername(null); // interact with the user and obtain data needed to continue User user = iwc.getCurrentUser(); String userSelectedClaimedId = getUserSelectedClaimedId(iwc, user); // --- process an authentication request --- AuthRequest authReq = AuthRequest.createAuthRequest(requestParameters, manager.getRealmVerifier()); storeRequestedAttributesToSession(iwc, authReq); Boolean authenticatedAndApproved = isAuthenticatedAndApproved(iwc, user, authReq); String opLocalId = null; // if the user chose a different claimed_id than the one in request if (userSelectedClaimedId != null && !userSelectedClaimedId.equals(authReq.getClaimed())) { opLocalId = userSelectedClaimedId; } response = manager.authResponse( requestParameters, opLocalId, userSelectedClaimedId, authenticatedAndApproved.booleanValue(), false); // Sign after we added extensions. if (response instanceof DirectError) { directResponse(resp, response.keyValueFormEncoding()); return; } else if (response instanceof AuthFailure) { redirectToAuthorisationPage(req, resp, requestParameters, serverBean); return; } else { String[] extensionsToSign = prepareResponse(serverBean, response, iwc, user, authReq); boolean signExtensions = iwma.getSettings().getBoolean(OpenIDConstants.PROPERTY_SIGN_EXTENSIONS, false); AuthSuccess success = (AuthSuccess) response; if (signExtensions) { success.setSignExtensions(extensionsToSign); } // Sign the auth success message. // This is required as AuthSuccess.buildSignedList has a `todo' tag now. manager.sign(success); // caller will need to decide which of the following to use: // option1: GET HTTP-redirect to the return_to URL // cleanUpBeforeReturning(iwc, loginExpireHandle); // Clean up before returning serverBean.invalidate(); getDAO().createLogEntry(user.getUniqueId(), realm, ""); resp.sendRedirect(response.getDestinationUrl(true)); return; // option2: HTML FORM Redirection // RequestDispatcher dispatcher = // getServletContext().getRequestDispatcher("formredirection.jsp"); // httpReq.setAttribute("parameterMap", response.getParameterMap()); // httpReq.setAttribute("destinationUrl", response.getDestinationUrl(false)); // dispatcher.forward(request, response); // return null; } } else { redirectToLoginPage(req, resp, requestParameters, serverBean, manager); return; } } else if (OpenIDConstants.PARAMETER_CHECK_AUTHENTICATION.equals(mode)) { // --- processing a verification request --- response = manager.verify(requestParameters); responseText = response.keyValueFormEncoding(); } else { // --- error response --- response = DirectError.createDirectError("Unknown request"); responseText = response.keyValueFormEncoding(); serverBean.invalidate(); } } catch (MessageException me) { me.printStackTrace(); responseText = me.getMessage(); serverBean.invalidate(); } catch (AssociationException ae) { ae.printStackTrace(); responseText = ae.getMessage(); serverBean.invalidate(); } catch (ServerException se) { se.printStackTrace(); responseText = se.getMessage(); serverBean.invalidate(); } // return the result to the user directResponse(resp, responseText); }