protected OpenIdManager getManager(ParmManipulator manip) {
if (manager == null) {
manager = new OpenIdManager();
manager.setReturnTo(manip.serverQualifyUrl("/openIdLoginResult"));
manager.setRealm(manip.getCurrentRealm());
}
return manager;
}
@Handle("/openIdLoginResult")
public Object loginResult(
HttpServletRequest request, ParmManipulator manip, String endpoint, Location location) {
byte[] mac_key = (byte[]) request.getSession().getAttribute(ATTR_MAC);
String alias = (String) request.getSession().getAttribute(ATTR_ALIAS);
Authentication auth = manager.getAuthentication(request, mac_key, alias);
checkNonce(request.getParameter("openid.response_nonce"));
if (auth == null || StringUtils.isBlank(auth.getEmail())) {
return new Show(failureShowPage);
}
User user = authenticationService.getUserByProfileName(auth.getEmail());
if (user == null) {
user =
todoService.createNewUser(
auth.getEmail(),
auth.getFullname(),
auth.getEmail(),
(String) request.getSession().getAttribute(ATTR_ENDPOINT));
}
((Location) location.get(Constants.SESSION_LOCATION)).put(Constants.CURRENT_USER_OBJECT, user);
// loading the object so it doesn't have a lazy init exception
user.getGroupNames();
return new Show(successShowPage);
}
@Handle("/openIdLogin")
public Object login(String endpoint, ParmManipulator manip, HttpServletRequest request) {
if (StringUtils.isBlank(endpoint)) {
throw new IllegalArgumentException(
"The endpoint for an Open ID login must not be null. Make sure it says Google, Yahoo, etc.");
}
Endpoint edp = getManager(manip).lookupEndpoint(endpoint);
Association asso = getManager(manip).lookupAssociation(edp);
request.getSession().setAttribute(ATTR_MAC, asso.getRawMacKey());
request.getSession().setAttribute(ATTR_ALIAS, edp.getAlias());
request.getSession().setAttribute(ATTR_ENDPOINT, endpoint);
return new Show(manager.getAuthenticationUrl(edp, asso));
}
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String pathUtente = request.getServletPath();
/** Gestione login OpenID */
if (pathUtente.equals("/openid")) {
String baseUrl =
request.getScheme()
+ "://"
+ request.getServerName()
+ ":"
+ request.getServerPort()
+ "/faccioshopping-war";
String returnUrl =
request.getScheme()
+ "://"
+ request.getServerName()
+ ":"
+ request.getServerPort()
+ "/faccioshopping-war/openid";
String redirectUrl = "";
manager.setRealm(baseUrl);
manager.setReturnTo(returnUrl);
String op = request.getParameter("op");
String oresponse = request.getParameter("openid.mode");
if (op == null && !oresponse.equals("cancel")) {
// check sign on result from Google or Yahoo:
checkNonce(request.getParameter("openid.response_nonce"));
// get authentication:
byte[] mac_key = (byte[]) request.getSession().getAttribute(ATTR_MAC);
String alias = (String) request.getSession().getAttribute(ATTR_ALIAS);
Authentication authentication = manager.getAuthentication(request, mac_key, alias);
redirectUrl = checkAuthentication(authentication, baseUrl, request);
} else if (op != null && (op.equals("Google") || op.equals("Yahoo"))) {
// redirect to Google or Yahoo sign on page:
Endpoint endpoint = manager.lookupEndpoint(op);
Association association = manager.lookupAssociation(endpoint);
request.getSession().setAttribute(ATTR_MAC, association.getRawMacKey());
request.getSession().setAttribute(ATTR_ALIAS, endpoint.getAlias());
redirectUrl = manager.getAuthenticationUrl(endpoint, association);
} else if (oresponse.equals("cancel")) {
request.setAttribute("err", "Processo di autenticazione annullato.");
request.getRequestDispatcher("/home").forward(request, response);
return;
} else {
throw new ServletException("Unsupported OP: " + op);
}
try {
response.sendRedirect(redirectUrl);
} catch (Exception ex) {
Logger.getLogger(this.getClass().getName()).log(Level.WARNING, null, ex);
}
} else {
/** Gestione login dal sito */
if (pathUtente.equals("/login")) {
Utente _utente =
gestoreUtente.login(request.getParameter("email"), request.getParameter("password"));
String action =
(request.getParameter("action") != null) ? request.getParameter("action") : "";
pathUtente = "/view/login";
if (action.equals("entra")) {
if (_utente == null) {
request.setAttribute("err", "Errore nel processo di login.");
} else {
request.getSession().setAttribute("utentefaccioshopping", _utente);
pathUtente = "index";
}
}
} else if (pathUtente.equals("/logout")) {
HttpSession session = request.getSession();
if (session != null) {
session.invalidate();
pathUtente = "index";
}
} else if (pathUtente.equals("/registra")) {
pathUtente = "/view/registra";
String action =
(request.getParameter("action") != null) ? request.getParameter("action") : "";
if (action.equals("inserisci")) {
boolean isInterno = (Integer.parseInt(request.getParameter("isInterno")) != 0);
Utente _nuovoUtente =
gestoreUtente.registrazione(
request.getParameter("lastname"),
request.getParameter("firstname"),
request.getParameter("email"),
request.getParameter("password"),
isInterno);
if (_nuovoUtente != null) {
request.setAttribute("ok", "Utente registrato con successo.");
request.getSession().setAttribute("utentefaccioshopping", _nuovoUtente);
request.getSession().setAttribute("authentication", null);
pathUtente = "index";
} else {
request.setAttribute(
"err", "Errore durante la registrazione. Email già utilizzato!");
pathUtente = "/view/registra";
}
} else if (action.equals("openID")) {
request.setAttribute("ok", "Utente riconosciuto! Controlla i dati e conferma.");
pathUtente = "/view/registra";
}
} else if (pathUtente.equals("/modifica")) {
pathUtente = "/view/modificautente";
String action =
(request.getParameter("action") != null) ? request.getParameter("action") : "";
if (action.equals("aggiorna")) {
Utente _utente = (Utente) request.getSession().getAttribute("utentefaccioshopping");
Utente _nuovoUtente =
gestoreUtente.modifica(
_utente.getId(),
request.getParameter("lastname"),
request.getParameter("firstname"),
request.getParameter("email"),
request.getParameter("opassword"),
request.getParameter("npassword"),
_utente.getIsInterno());
if (_nuovoUtente != null) {
request.getSession().setAttribute("utentefaccioshopping", _nuovoUtente);
request.setAttribute("ok", "Utente modificato con successo.");
} else {
request.setAttribute("err", "Errore durante la modifica dell'utente.");
}
pathUtente = "index";
}
}
// use RequestDispatcher to forward request internally
String url = pathUtente + ".jsp";
try {
request.getRequestDispatcher(url).forward(request, response);
} catch (Exception ex) {
Logger.getLogger(this.getClass().getName()).log(Level.WARNING, null, ex);
}
}
}