public HttpResponse doEndpoint(StaplerRequest request) throws IOException { final ParameterList requestp = new ParameterList(request.getParameterMap()); final String mode = requestp.getParameterValue("openid.mode"); final String realm = getRealm(requestp); if ("associate".equals(mode)) { // --- process an association extend --- return new MessageResponse(manager.associationResponse(requestp)); } else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode)) { // No need to redirect to a page with an HTML form // Skip the authentication step String identity = getUserIdentity(); Message rsp = manager.authResponse(requestp, identity, identity, true, false); try { respondToExtensions(requestp, rsp); } catch (MessageException ex) { throw new OperationFailure(ex.getMessage()); } // Need to sign after because SReg extension parameters are signed by openid4java if (rsp instanceof AuthSuccess) { try { manager.sign((AuthSuccess) rsp); } catch (ServerException e) { throw new OperationFailure(e.getMessage()); } catch (AssociationException e) { throw new OperationFailure(e.getMessage()); } } return new HttpRedirect(rsp.getDestinationUrl(true)); } else if ("check_authentication".equals(mode)) { return new MessageResponse(manager.verify(requestp)); } else { throw new OperationFailure("Unknown extend: " + mode); } }
@SuppressWarnings("unchecked") protected void processRequest(HttpServletRequest req, HttpServletResponse resp, boolean isPost) throws ServletException, IOException { ServerManager manager = getServerManager(); IWMainApplication iwma = IWMainApplication.getIWMainApplication(req); // extract the parameters from the request ParameterList requestParameters = new ParameterList(req.getParameterMap()); OpenIDServerBean serverBean = ELUtil.getInstance().getBean("openIDServerBean"); ParameterList sessionStoredParameterList = serverBean.getParameterList(); if (sessionStoredParameterList != null) { if (!requestParameters.hasParameter(OpenIDConstants.PARAMETER_OPENID_MODE)) { sessionStoredParameterList.addParams(requestParameters); requestParameters = sessionStoredParameterList; } } String mode = requestParameters.hasParameter(OpenIDConstants.PARAMETER_OPENID_MODE) ? requestParameters.getParameterValue(OpenIDConstants.PARAMETER_OPENID_MODE) : null; String realm = requestParameters.hasParameter(OpenIDConstants.PARAMETER_REALM) ? requestParameters.getParameterValue(OpenIDConstants.PARAMETER_REALM) : null; if (realm != null) { serverBean.setReturnUrl(realm); realm = getRealmName(realm); serverBean.setRealm(realm); } Message response; String responseText = null; try { if (OpenIDConstants.PARAMETER_ASSOCIATE.equals(mode)) { // --- process an association request --- response = manager.associationResponse(requestParameters); responseText = response.keyValueFormEncoding(); } else if (OpenIDConstants.PARAMETER_CHECKID_SETUP.equals(mode) || OpenIDConstants.PARAMETER_CHECKID_IMMEDIATE.equals(mode)) { IWContext iwc = new IWContext(req, resp, getServletContext()); boolean goToLogin = doRedirectToLoginPage(manager, requestParameters, iwc, realm); if (!goToLogin) { serverBean.setParameterList(null); serverBean.setServerUrl(null); serverBean.setDoRedirect(null); serverBean.setUsername(null); // interact with the user and obtain data needed to continue User user = iwc.getCurrentUser(); String userSelectedClaimedId = getUserSelectedClaimedId(iwc, user); // --- process an authentication request --- AuthRequest authReq = AuthRequest.createAuthRequest(requestParameters, manager.getRealmVerifier()); storeRequestedAttributesToSession(iwc, authReq); Boolean authenticatedAndApproved = isAuthenticatedAndApproved(iwc, user, authReq); String opLocalId = null; // if the user chose a different claimed_id than the one in request if (userSelectedClaimedId != null && !userSelectedClaimedId.equals(authReq.getClaimed())) { opLocalId = userSelectedClaimedId; } response = manager.authResponse( requestParameters, opLocalId, userSelectedClaimedId, authenticatedAndApproved.booleanValue(), false); // Sign after we added extensions. if (response instanceof DirectError) { directResponse(resp, response.keyValueFormEncoding()); return; } else if (response instanceof AuthFailure) { redirectToAuthorisationPage(req, resp, requestParameters, serverBean); return; } else { String[] extensionsToSign = prepareResponse(serverBean, response, iwc, user, authReq); boolean signExtensions = iwma.getSettings().getBoolean(OpenIDConstants.PROPERTY_SIGN_EXTENSIONS, false); AuthSuccess success = (AuthSuccess) response; if (signExtensions) { success.setSignExtensions(extensionsToSign); } // Sign the auth success message. // This is required as AuthSuccess.buildSignedList has a `todo' tag now. manager.sign(success); // caller will need to decide which of the following to use: // option1: GET HTTP-redirect to the return_to URL // cleanUpBeforeReturning(iwc, loginExpireHandle); // Clean up before returning serverBean.invalidate(); getDAO().createLogEntry(user.getUniqueId(), realm, ""); resp.sendRedirect(response.getDestinationUrl(true)); return; // option2: HTML FORM Redirection // RequestDispatcher dispatcher = // getServletContext().getRequestDispatcher("formredirection.jsp"); // httpReq.setAttribute("parameterMap", response.getParameterMap()); // httpReq.setAttribute("destinationUrl", response.getDestinationUrl(false)); // dispatcher.forward(request, response); // return null; } } else { redirectToLoginPage(req, resp, requestParameters, serverBean, manager); return; } } else if (OpenIDConstants.PARAMETER_CHECK_AUTHENTICATION.equals(mode)) { // --- processing a verification request --- response = manager.verify(requestParameters); responseText = response.keyValueFormEncoding(); } else { // --- error response --- response = DirectError.createDirectError("Unknown request"); responseText = response.keyValueFormEncoding(); serverBean.invalidate(); } } catch (MessageException me) { me.printStackTrace(); responseText = me.getMessage(); serverBean.invalidate(); } catch (AssociationException ae) { ae.printStackTrace(); responseText = ae.getMessage(); serverBean.invalidate(); } catch (ServerException se) { se.printStackTrace(); responseText = se.getMessage(); serverBean.invalidate(); } // return the result to the user directResponse(resp, responseText); }