@Override public UserDetails loadUserDetails(OpenIDAuthenticationToken token) throws UsernameNotFoundException { log.debug("loadUserDetails: {}", token); String username = token.getIdentityUrl(); String email = ""; Usuario usuario = usuarioDao.obtienePorOpenId(username); log.debug("Usuario encontrado : {}", usuario); if (usuario == null) { log.debug("Buscando atributo email"); List<OpenIDAttribute> attrs = token.getAttributes(); for (OpenIDAttribute attr : attrs) { log.debug("Attr: {}", attr.getName()); if (attr.getName().equals("email")) { email = attr.getValues().get(0); } } log.debug("Buscando por email {}", email); usuario = usuarioDao.obtienePorCorreo(email); if (usuario == null) { throw new UsernameNotFoundException("No se encontro al usuario " + username); } usuario.setOpenId(username); usuarioDao.actualiza(usuario); } log.debug("Regresando usuario: {}", usuario); return (UserDetails) usuario; }
/** * @param supportedAttribute * @return */ public static OpenIDAttribute toOpenIDAttribute(SupportedOpenIDAttribute supportedAttribute) { OpenIDAttribute openIDAttribute = new OpenIDAttribute( supportedAttribute.getAttributeName(), supportedAttribute.getAttributeType()); openIDAttribute.setRequired(true); return openIDAttribute; }
@Override public UserDetails loadUserDetails(OpenIDAuthenticationToken token) throws UsernameNotFoundException { LOGGER.info("Got OpenIdAuth with token {}", token); Map<String, String> attributes = new HashMap<>(); UserEntity user = null; for (OpenIDAttribute attribute : token.getAttributes()) { attributes.put( attribute.getName().toLowerCase(), StringUtils.join(attribute.getValues(), " ")); if (attribute.getName().equalsIgnoreCase("email")) { for (String attributeValue : attribute.getValues()) { user = repository.findByEmail(attributeValue); if (user != null) { break; } } break; } } if (user == null) { user = new UserEntity(); user.setUsername(attributes.get("email")); user.setEmail(attributes.get("email")); // user.setFirstName(attributes.get("firstname")); // user.setFirstName(attributes.get("lastname")); user.getRoles().add(Role.USER); LOGGER.info("Saving user " + attributes.get("email")); LOGGER.info("User Attributes {}", attributes); user = repository.save(user); } else { // TODO: remove this - users were imported without any role. if (user.getRoles().size() == 0) { user.getRoles().add(Role.USER); user = repository.save(user); } } LOGGER.info("returning user {}", user); return user; }
/** * {@inheritDoc} * * @see org.springframework.security.providers.openid.OpenIDAuthenticationProvider#authenticate( * org.springframework.security.Authentication) */ @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { if (!supports(authentication.getClass())) { return null; } if (authentication instanceof OpenIDAuthenticationToken) { OpenIDAuthenticationToken response = (OpenIDAuthenticationToken) authentication; OpenIDAuthenticationStatus status = response.getStatus(); // handle the various possibilites if (status == OpenIDAuthenticationStatus.SUCCESS) { // Lookup user details final UserDetails userDetails; try { userDetails = this.userDetailsService.loadUserByUsername(response.getIdentityUrl()); } catch (final UsernameNotFoundException e) { LOGGER.error("OpenID authentication successful but but no account exists."); final User user = new User(); user.setUsername(response.getIdentityUrl()); for (OpenIDAttribute attribute : response.getAttributes()) { LOGGER.debug( "OpenIDAttribute: " + attribute.getType() + "; " + attribute.getName() + "; " + attribute.getValues()); if (UsedOpenIdAttribute.AX_FIRST_NAME .getOpenIdAttribute() .getName() .equals(attribute.getName())) { user.setFirstName(attribute.getValues().get(0)); } else if (UsedOpenIdAttribute.AX_LAST_NAME .getOpenIdAttribute() .getName() .equals(attribute.getName())) { user.setLastName(attribute.getValues().get(0)); } else if (UsedOpenIdAttribute.EMAIL .getOpenIdAttribute() .getName() .equals(attribute.getName())) { user.setEmail(attribute.getValues().get(0)); } else if (UsedOpenIdAttribute.FIRST_NAME .getOpenIdAttribute() .getName() .equals(attribute.getName()) && user.getFirstName() == null) { user.setFirstName(attribute.getValues().get(0)); } else if (UsedOpenIdAttribute.LAST_NAME .getOpenIdAttribute() .getName() .equals(attribute.getName()) && user.getLastName() == null) { user.setLastName(attribute.getValues().get(0)); } } if (StringUtils.isBlank(user.getFirstName()) && StringUtils.isBlank(user.getLastName())) { for (OpenIDAttribute attribute : response.getAttributes()) { if (UsedOpenIdAttribute.NAME_PERSON .getOpenIdAttribute() .getName() .equals(attribute.getName())) { user.setFirstName(attribute.getValues().get(0)); } } } throw new AuthenticationSucessButMissingRegistrationException( "User is authenticated via OpenID but no account exists, yet.", user); } return new OpenIDAuthenticationToken( userDetails, userDetails.getAuthorities(), response.getIdentityUrl(), response.getAttributes()); } if (status == OpenIDAuthenticationStatus.CANCELLED) { throw new AuthenticationCancelledException("Log in cancelled"); } if (status == OpenIDAuthenticationStatus.ERROR) { throw new AuthenticationServiceException("Error message from server: $response.message"); } if (status == OpenIDAuthenticationStatus.FAILURE) { throw new BadCredentialsException("Log in failed - identity could not be verified"); } if (status == OpenIDAuthenticationStatus.SETUP_NEEDED) { throw new AuthenticationServiceException( "The server responded setup was needed, which shouldn't happen"); } throw new AuthenticationServiceException("Unrecognized return value $status"); } return null; }