/** * Return the current user, either an already authenticated one, or the one just discovered from * the <i>openid.identifier.parameter</i> (= "openid_identifier" by default).<br> * Returns <code>null</code> if the {@link Constants#OPENID_MODE} associated with the request is * set to {@link Constants.Mode#CANCEL} (in order to login under a different id), or if the * authentification is timed out.<br> * If returned user is <code>null</code> and {@link #isAuthResponse(HttpServletRequest)} is <code> * true</code> then we have an authentication timeout. * * @param request HttpServletRequest * @return user OpenIdUser */ public OpenIdUser discover(HttpServletRequest request) throws Exception { OpenIdUser user = (OpenIdUser) request.getAttribute(OpenIdUser.ATTR_NAME); if (user == null) { System.err.println("vvvvvv RelyingParty: user NOT in request"); user = _manager.getUser(request); String id = null; if (user != null) { System.err.println("vvvvvv RelyingParty: user in session"); if (user.isAuthenticated()) { System.err.println("vvvvvv RelyingParty: user authenticated"); _listener.onAccess(user, request); request.setAttribute(OpenIdUser.ATTR_NAME, user); return user; } System.err.println("vvvvvv RelyingParty: user NOT authenticated"); if ((id = request.getParameter(_identifierParameter)) == null) { if (user.isAssociated()) { String mode = request.getParameter(Constants.OPENID_MODE); if (mode == null) return _automaticRedirect ? user : null; return Constants.Mode.CANCEL.equals(mode) ? null : user; } return user; } else if ((id = id.trim()).length() != 0) { Identifier identifier = Identifier.getIdentifier(id, _resolver, _context); if (identifier.isResolved()) { if (!identifier.getId().equals(user.getIdentifier())) { // new user or ... the user cancels authentication // and provides a different openid identifier return discover(identifier, request); } } } } else if ((id = request.getParameter(_identifierParameter)) != null && (id = id.trim()).length() != 0) { System.err.println( "vvvvvv RelyingParty: user NOT in session and parameter(" + _identifierParameter + ") is NOT empty"); Identifier identifier = Identifier.getIdentifier(id, _resolver, _context); if (identifier.isResolved()) return discover(identifier, request); } else { System.err.println( "vvvvvv RelyingParty: user NOT in session and parameter(" + _identifierParameter + ") is empty"); } } return user; }