VerificationResults results = new VerificationResults();
// verify OpenId authentication request
String openIdMode = authParams.getParameterValue("openid.mode");
if ((openIdMode != null) && openIdMode.equals("id_res"))
{
AuthSuccess authResponse = AuthSuccess.createAuthSuccess(authParams);
if ((authResponse != null) && authResponse.isVersion2() && (authResponse.getIdentity() != null) && (authResponse.getClaimed() != null))
{
// get OpenId identifier
String providerId = authResponse.getIdentity();
Identifier responseClaimedId = openIDStep2ConsumerManager.getDiscovery().parseIdentifier(authResponse.getClaimed(), true);
String responseEndpoint = authResponse.getOpEndpoint();
if (log.isDebugEnabled())
{
log.debug("Step2 discovery for identity: "+responseClaimedId);
}
// get Step2 secure discovery information
SecureDiscoveryInformation secureDiscovered = null;
// validate previously discovered secure discovery information
if (discovered instanceof SecureDiscoveryInformation)
{
// check for matching version, identifiers, and endpoints
if (discovered.isVersion2() && discovered.hasClaimedIdentifier() && discovered.getClaimedIdentifier().equals(responseClaimedId) && discovered.getOPEndpoint().equals(responseEndpoint))
{
String discoveredProviderId = (discovered.hasDelegateIdentifier() ? discovered.getDelegateIdentifier() : discovered.getClaimedIdentifier().getIdentifier());
if (discoveredProviderId.equals(providerId))
{
secureDiscovered = (SecureDiscoveryInformation)discovered;
if (log.isDebugEnabled())
{
log.debug("Matched previously discovered Step2 secure discovery information for "+responseClaimedId+" identity: "+secureDiscovered.getOPEndpoint());
}
}
}
}
// discover secure discovery information if necessary
if (secureDiscovered == null)
{
// perform discovery on claimed identifier
List<SecureDiscoveryInformation> discoveredInfos = openIDStep2ConsumerManager.getDiscovery().discover(responseClaimedId);
// match secure discovered information: prefer previously associated matches
for (SecureDiscoveryInformation discoveredInfo : discoveredInfos)
{
// match secure discovered information
String version = discoveredInfo.getVersion();
if ((version != null) && version.equals(DiscoveryInformation.OPENID2_OP) && discoveredInfo.isVersion2() && discoveredInfo.getOPEndpoint().equals(responseEndpoint))
{
String discoveredProviderId = (discoveredInfo.hasDelegateIdentifier() ? discoveredInfo.getDelegateIdentifier() : discoveredInfo.getClaimedIdentifier().getIdentifier());
if (discoveredProviderId.equals(providerId))
{
// match previously associated or first discovered
if (openIDStep2ConsumerManager.getPrivateAssociationStore().load(discoveredInfo.getOPEndpoint().toString(), authResponse.getHandle()) != null)
{
secureDiscovered = discoveredInfo;
break;
}
else if (secureDiscovered == null)