示例#1
0
  protected OpenIdManager getManager(ParmManipulator manip) {
    if (manager == null) {
      manager = new OpenIdManager();
      manager.setReturnTo(manip.serverQualifyUrl("/openIdLoginResult"));
      manager.setRealm(manip.getCurrentRealm());
    }

    return manager;
  }
示例#2
0
  @Handle("/openIdLoginResult")
  public Object loginResult(
      HttpServletRequest request, ParmManipulator manip, String endpoint, Location location) {
    byte[] mac_key = (byte[]) request.getSession().getAttribute(ATTR_MAC);
    String alias = (String) request.getSession().getAttribute(ATTR_ALIAS);

    Authentication auth = manager.getAuthentication(request, mac_key, alias);
    checkNonce(request.getParameter("openid.response_nonce"));

    if (auth == null || StringUtils.isBlank(auth.getEmail())) {
      return new Show(failureShowPage);
    }

    User user = authenticationService.getUserByProfileName(auth.getEmail());
    if (user == null) {
      user =
          todoService.createNewUser(
              auth.getEmail(),
              auth.getFullname(),
              auth.getEmail(),
              (String) request.getSession().getAttribute(ATTR_ENDPOINT));
    }
    ((Location) location.get(Constants.SESSION_LOCATION)).put(Constants.CURRENT_USER_OBJECT, user);

    // loading the object so it doesn't have a lazy init exception
    user.getGroupNames();

    return new Show(successShowPage);
  }
示例#3
0
  @Handle("/openIdLogin")
  public Object login(String endpoint, ParmManipulator manip, HttpServletRequest request) {
    if (StringUtils.isBlank(endpoint)) {
      throw new IllegalArgumentException(
          "The endpoint for an Open ID login must not be null.  Make sure it says Google, Yahoo, etc.");
    }

    Endpoint edp = getManager(manip).lookupEndpoint(endpoint);
    Association asso = getManager(manip).lookupAssociation(edp);

    request.getSession().setAttribute(ATTR_MAC, asso.getRawMacKey());
    request.getSession().setAttribute(ATTR_ALIAS, edp.getAlias());
    request.getSession().setAttribute(ATTR_ENDPOINT, endpoint);

    return new Show(manager.getAuthenticationUrl(edp, asso));
  }
  protected void processRequest(HttpServletRequest request, HttpServletResponse response)
      throws ServletException, IOException {
    String pathUtente = request.getServletPath();
    /** Gestione login OpenID */
    if (pathUtente.equals("/openid")) {
      String baseUrl =
          request.getScheme()
              + "://"
              + request.getServerName()
              + ":"
              + request.getServerPort()
              + "/faccioshopping-war";
      String returnUrl =
          request.getScheme()
              + "://"
              + request.getServerName()
              + ":"
              + request.getServerPort()
              + "/faccioshopping-war/openid";
      String redirectUrl = "";
      manager.setRealm(baseUrl);
      manager.setReturnTo(returnUrl);

      String op = request.getParameter("op");
      String oresponse = request.getParameter("openid.mode");

      if (op == null && !oresponse.equals("cancel")) {
        // check sign on result from Google or Yahoo:
        checkNonce(request.getParameter("openid.response_nonce"));
        // get authentication:
        byte[] mac_key = (byte[]) request.getSession().getAttribute(ATTR_MAC);
        String alias = (String) request.getSession().getAttribute(ATTR_ALIAS);
        Authentication authentication = manager.getAuthentication(request, mac_key, alias);
        redirectUrl = checkAuthentication(authentication, baseUrl, request);
      } else if (op != null && (op.equals("Google") || op.equals("Yahoo"))) {
        // redirect to Google or Yahoo sign on page:
        Endpoint endpoint = manager.lookupEndpoint(op);
        Association association = manager.lookupAssociation(endpoint);
        request.getSession().setAttribute(ATTR_MAC, association.getRawMacKey());
        request.getSession().setAttribute(ATTR_ALIAS, endpoint.getAlias());
        redirectUrl = manager.getAuthenticationUrl(endpoint, association);
      } else if (oresponse.equals("cancel")) {
        request.setAttribute("err", "Processo di autenticazione annullato.");
        request.getRequestDispatcher("/home").forward(request, response);
        return;
      } else {
        throw new ServletException("Unsupported OP: " + op);
      }
      try {
        response.sendRedirect(redirectUrl);
      } catch (Exception ex) {
        Logger.getLogger(this.getClass().getName()).log(Level.WARNING, null, ex);
      }
    } else {
      /** Gestione login dal sito */
      if (pathUtente.equals("/login")) {
        Utente _utente =
            gestoreUtente.login(request.getParameter("email"), request.getParameter("password"));
        String action =
            (request.getParameter("action") != null) ? request.getParameter("action") : "";
        pathUtente = "/view/login";
        if (action.equals("entra")) {
          if (_utente == null) {
            request.setAttribute("err", "Errore nel processo di login.");
          } else {
            request.getSession().setAttribute("utentefaccioshopping", _utente);
            pathUtente = "index";
          }
        }
      } else if (pathUtente.equals("/logout")) {
        HttpSession session = request.getSession();
        if (session != null) {
          session.invalidate();
          pathUtente = "index";
        }
      } else if (pathUtente.equals("/registra")) {
        pathUtente = "/view/registra";
        String action =
            (request.getParameter("action") != null) ? request.getParameter("action") : "";
        if (action.equals("inserisci")) {
          boolean isInterno = (Integer.parseInt(request.getParameter("isInterno")) != 0);
          Utente _nuovoUtente =
              gestoreUtente.registrazione(
                  request.getParameter("lastname"),
                  request.getParameter("firstname"),
                  request.getParameter("email"),
                  request.getParameter("password"),
                  isInterno);
          if (_nuovoUtente != null) {
            request.setAttribute("ok", "Utente registrato con successo.");
            request.getSession().setAttribute("utentefaccioshopping", _nuovoUtente);
            request.getSession().setAttribute("authentication", null);
            pathUtente = "index";
          } else {
            request.setAttribute(
                "err", "Errore durante la registrazione. Email già utilizzato!");
            pathUtente = "/view/registra";
          }
        } else if (action.equals("openID")) {
          request.setAttribute("ok", "Utente riconosciuto! Controlla i dati e conferma.");
          pathUtente = "/view/registra";
        }
      } else if (pathUtente.equals("/modifica")) {
        pathUtente = "/view/modificautente";
        String action =
            (request.getParameter("action") != null) ? request.getParameter("action") : "";
        if (action.equals("aggiorna")) {
          Utente _utente = (Utente) request.getSession().getAttribute("utentefaccioshopping");
          Utente _nuovoUtente =
              gestoreUtente.modifica(
                  _utente.getId(),
                  request.getParameter("lastname"),
                  request.getParameter("firstname"),
                  request.getParameter("email"),
                  request.getParameter("opassword"),
                  request.getParameter("npassword"),
                  _utente.getIsInterno());
          if (_nuovoUtente != null) {
            request.getSession().setAttribute("utentefaccioshopping", _nuovoUtente);
            request.setAttribute("ok", "Utente modificato con successo.");
          } else {
            request.setAttribute("err", "Errore durante la modifica dell'utente.");
          }
          pathUtente = "index";
        }
      }
      // use RequestDispatcher to forward request internally
      String url = pathUtente + ".jsp";
      try {
        request.getRequestDispatcher(url).forward(request, response);
      } catch (Exception ex) {
        Logger.getLogger(this.getClass().getName()).log(Level.WARNING, null, ex);
      }
    }
  }