Package org.openid4java.message

Examples of org.openid4java.message.AuthSuccess

234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
     */
    public OpenIDDTO validateOpenIDAuthentication(HttpServletRequest request)
            throws IdentityException {

        ParameterList response = null;
        AuthSuccess authSuccess = null;
        String mode = null;
        OpenIDExtension extension = null;
        List<ClaimDTO> claimList = null;
        OpenIDDTO openID = null;

        try {
            // Extract the parameters from the authentication response
            // (which comes in as a HTTP request from the OpenID provider)
            response = new ParameterList(request.getParameterMap());

            mode = response.getParameterValue(IdentityConstants.OpenId.ATTR_MODE);

            if (mode != null && IdentityConstants.OpenId.CANCEL.equals(mode)) {
                // User has denied sending his profile info :(
                throw new IdentityException("User has denied sending his profile info");
            }

            authSuccess = (AuthSuccess) verifyOpenID(request, response);

            claimList = new ArrayList<ClaimDTO>();

            for (Object alias : authSuccess.getExtensions()) {
                extension = OpenIDExtensionFactory.getInstance().getExtension((String) alias,
                        authSuccess);
                if (extension != null)
                    extension.setSessionAttributes(claimList);
            }

            openID = new OpenIDDTO();
            openID.setOpenID(authSuccess.getIdentity());
            openID.setClaims(claimList.toArray(new ClaimDTO[claimList.size()]));

            return openID;

        } catch (OpenIDException e) {
View Full Code Here
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
    // we're only interested if this is a successful auth response.
    if (!"id_res".equals(authResponse.getParameterValue("openid.mode"))) {
      return null;
    }

    AuthSuccess authResp = AuthSuccess.createAuthSuccess(authResponse);

    // also, if the auth response isn't well-formed, we're not bothering with
    // the discovery. The consumer manager will reject this later on.
    if (authResp == null || ! authResp.isVersion2() ||
        authResp.getIdentity() == null || authResp.getClaimed() == null) {
      return null;
    }

    // asserted identifier in the AuthResponse
    String assertId = authResp.getIdentity();

    // claimed identifier in the AuthResponse, without fragment
    Identifier respClaimed =
      consumerManager.getDiscovery().parseIdentifier(authResp.getClaimed(), true);

    // the OP endpoint sent in the response
    String respEndpoint = authResp.getOpEndpoint();

    // now let's check whether we already have new-style discovery information
    // for this claimed id
    if ((discovered instanceof SecureDiscoveryInformation) // implies non-null
        && discovered.hasClaimedIdentifier()
        && discovered.getClaimedIdentifier().equals(respClaimed)) {

      // OP-endpoint, OP-specific ID and protocol version must match
      String opSpecific = discovered.hasDelegateIdentifier()
          ? discovered.getDelegateIdentifier()
          : discovered.getClaimedIdentifier().getIdentifier();

      if (opSpecific.equals(assertId)
          && discovered.isVersion2()
          && discovered.getOPEndpoint().toString().equals(respEndpoint)) {
            return (SecureDiscoveryInformation) discovered;
      }
    }

    // ok, the discovery information provided was either not new-style,
    // or didn't match the auth response.

    // perform discovery on the claimed identifier in the assertion
    @SuppressWarnings("unchecked")
    List<SecureDiscoveryInformation> discoveries =
        consumerManager.getDiscovery().discover(respClaimed);

    SecureDiscoveryInformation firstServiceMatch = null;

    // find the newly discovered service endpoint that matches the assertion
    // - OP endpoint, OP-specific ID and protocol version must match
    // - prefer (first = highest priority) endpoint with an association
    for (SecureDiscoveryInformation service : discoveries) {

      if (DiscoveryInformation.OPENID2_OP.equals(service.getVersion())) {
        continue;
      }

      String opSpecific = service.hasDelegateIdentifier()
          ? service.getDelegateIdentifier()
          : service.getClaimedIdentifier().getIdentifier();

      if (!opSpecific.equals(assertId)
          || !service.isVersion2()
          || !service.getOPEndpoint().toString().equals(respEndpoint)) {
        continue;
      }

      // keep the first endpoint that matches
      if (firstServiceMatch == null) {
        firstServiceMatch = service;
      }

      // we'll keep looking for a service for which we already have an
      // association. Only if we don't find any do we return the first match
      Association assoc = consumerManager.getPrivateAssociationStore().load(
          service.getOPEndpoint().toString(),
          authResp.getHandle());

      // don't look further if there is an association with this endpoint
      if (assoc != null) {
        return service;
      }
View Full Code Here
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
    ParameterList params = new ParameterList();

    params.set(new Parameter("openid.ns", Message.OPENID2_NS));
    params.set(new Parameter("openid.mode", AuthRequest.MODE_IDRES));

    AuthSuccess resp = new GenericAuthSuccess(params);

    resp.setOpEndpoint(opEndpoint);
    resp.setNonce(nonce);
    resp.setReturnTo(returnTo);

    if (invalidateHandle != null) {
      resp.setInvalidateHandle(invalidateHandle);
    }

    resp.setHandle(assoc.getHandle());

    resp.buildSignedList();

    // just for now, so we pass validation...
    resp.setSignature("");

    return resp;
  }
View Full Code Here
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
            // examine the verification result and extract the verified
            // identifier
            Identifier verified = verification.getVerifiedId();
            log.info("verified = " + verified);
            if (verified != null) {
                AuthSuccess authSuccess = (AuthSuccess) verification
                        .getAuthResponse();

                if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
                    FetchRequest fetchResp = (FetchRequest) authSuccess
                            .getExtension(AxMessage.OPENID_NS_AX);

                    MessageExtension ext = authSuccess
                            .getExtension(AxMessage.OPENID_NS_AX);
                    if (ext instanceof FetchRequest) {
                        // FetchRequest fetchReq = (FetchRequest) ext;
                        Map<String, String> required = fetchResp
                                .getAttributes(true);
View Full Code Here
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
            // examine the verification result and extract the verified
            // identifier
            Identifier verified = verification.getVerifiedId();
            l.info("verified = " + verified);
            if (verified != null) {
                AuthSuccess authSuccess = (AuthSuccess) verification
                        .getAuthResponse();

                if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
                    FetchResponse fetchResp = (FetchResponse) authSuccess
                            .getExtension(AxMessage.OPENID_NS_AX);

                    MessageExtension ext = authSuccess
                            .getExtension(AxMessage.OPENID_NS_AX);
                    if (ext instanceof FetchResponse) {
                        List<String> aliases = fetchResp.getAttributeAliases();
                        for (String alias : aliases) {
                            String value = fetchResp.getAttributeValue(alias);
View Full Code Here
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
            // examine the verification result and extract the verified identifier
            Identifier verified = verification.getVerifiedId();
            if (verified != null)
            {
                AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

                HttpSession session = httpReq.getSession(true);
                session.setAttribute("openid_identifier", authSuccess.getIdentity());

                if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX))
                {
                    FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);
                    session.setAttribute("emailFromFetch", fetchResp.getAttributeValues("email").get(0));
                }
                if (authSuccess.hasExtension(SRegMessage.OPENID_NS_SREG))
                {
                    SRegResponse sregResp = (SRegResponse) authSuccess.getExtension(SRegMessage.OPENID_NS_SREG);
                    session.setAttribute("emailFromSReg", sregResp.getAttributeValue("email"));
                }
                return verified;  // success
            }
        }
View Full Code Here
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
        }

        // nonces not used: OP invalidates private assoc handle on first use
        String nonce = _nonceGenerator.next();

        AuthSuccess openidResp;
        try
        {
            openidResp = AuthSuccess.createAuthSuccess(
            _opEndpoint, claimedID, claimedID,
            compat, uriAppliesTo.toString(), nonce,
            null, assoc, false);

            if (! compat)
            {
                FetchResponse fetchResp = FetchResponse.createFetchResponse();
                fetchResp.addAttributes(attrs);
                openidResp.addExtension(fetchResp);
            }

            // sign the message
            openidResp.setSignature(assoc.sign(openidResp.getSignedText()));
        }
        catch (OpenIDException e)
        {
            setWstFault(constants, response,
                "Cannot generate OpenID assertion",
                e.getMessage());
            return;
        }

        // set the attached / unattached token reference hash
        MessageDigest md;
        try
        {
            md = MessageDigest.getInstance("SHA-1");
        }
        catch (NoSuchAlgorithmException e)
        {
            setWstFault(constants, response,
                "Cannot create SHA-1 hash for Requested(Un)AttachedReference",
                e.getMessage());
            return;
        }

        String sha1base64 = null;
        try
        {
            sha1base64 = Base64.encode(
            md.digest(openidResp.keyValueFormEncoding().getBytes("utf-8")));
        }
        catch (UnsupportedEncodingException e)
        {
            setWstFault(constants, response,
                "Unsupported encoding for the OpenID message",
                e.getMessage());
            return;
        }

        omKeyIdentifier1.setText(sha1base64);
        omKeyIdentifier2.setText(sha1base64);

        //todo: move this to OMElement OpenIDToken.getToken()?
        //OpenIDToken openidToken = new OpenIDToken(openidResp);
        final OMNamespace omOpenIDNamespace = omFactory.createOMNamespace(
            org.openid4java.message.Message.OPENID2_NS, "openid");
        OMElement omOpenIDToken = omFactory.createOMElement(
            "OpenIDToken", omOpenIDNamespace, omRequestedSecurityToken);

        omOpenIDToken.setText(openidResp.keyValueFormEncoding());


        final java.util.List listRSTR =
            response.getRequestSecurityTokenResponseCollection();
    if (0 == listRSTR.size())
View Full Code Here
172
173
174
175
176
177
178
179
180
181
182
                    discoveryInformation);

            // examine the verification result and extract the verified identifier
            final Identifier verified = verification.getVerifiedId();
            if (verified != null) {
                final AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
                logger.debug("authSuccess : {}", authSuccess);

                final U profile = createProfile(authSuccess);
                profile.setId(verified.getIdentifier());
                logger.debug("profile : {}", profile);
View Full Code Here
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
      if (id != null) {
        System.out.println("id found");
        UserDetails userDetails = new UserDetails();
        userDetails.setUniqueId(HttpCookies.getCookieValue(request, uniqueIdCookieName));
        userDetails.setOpenId(id.getIdentifier());
        AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
        System.out.println("retrieved auth response");
        if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
          System.out.println("doing stuff for auth extension");
          MessageExtension ext = authSuccess.getExtension(AxMessage.OPENID_NS_AX);

          if (ext instanceof FetchResponse) {
            FetchResponse fetchResp = (FetchResponse) ext;
            System.out.println("adding attributes to user details");
            userDetails = addAttributes(fetchResp, userDetails);
View Full Code Here
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
                    response, discovered);

            // examine the verification result and extract the verified identifier
            Identifier verified = verification.getVerifiedId();
            if (verified != null) {
                AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

                HttpSession session = httpReq.getSession(true);
                session.setAttribute("openid_identifier", authSuccess.getIdentity());

                if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
                    FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);
                    session.setAttribute("emailFromFetch", fetchResp.getAttributeValues("email").get(0));
                }
                if (authSuccess.hasExtension(SRegMessage.OPENID_NS_SREG)) {
                    SRegResponse sregResp = (SRegResponse) authSuccess.getExtension(SRegMessage.OPENID_NS_SREG);
                    session.setAttribute("emailFromSReg", sregResp.getAttributeValue("email"));
                }
                return verified;  // success
            }
        } catch (OpenIDException e) {
View Full Code Here
TOP

Related Classes of org.openid4java.message.AuthSuccess

  • at.molindo.wicketutils.openid.OpenIdSession
  • cgl.shindig.usermanage.servlet.OpenIdAuth
  • com.data2semantics.yasgui.server.openid.OpenIdServlet
  • com.google.step2.ConsumerHelper
  • com.google.step2.openid.ax2.GenericAuthSuccess
  • edu.stanford.bmir.protege.web.server.openid.OpenIdAuthenticationResponseServlet
  • er.openid.EROpenIDManager
  • net.vinant.idp4java.openid4javaImpl.SimpleConsumer
  • nz.ac.massey.softwarec.group3.login.OpenId4Java
  • org.apache.jetspeed.openid.OpenIDRelayingPartyServlet
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.