/**
* Copyright 2010 Philippe Beaudoin
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.puzzlebazar.server;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.net.UnknownHostException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.dyuproject.openid.Constants;
import com.dyuproject.openid.OpenIdServletFilter;
import com.dyuproject.openid.OpenIdUser;
import com.dyuproject.openid.RelyingParty;
import com.dyuproject.openid.YadisDiscovery;
import com.dyuproject.openid.ext.AxSchemaExtension;
import com.dyuproject.util.http.UrlEncodedParameterMap;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;
import com.puzzlebazar.server.model.UserDAO;
/**
* @author Philippe Beaudoin
*/
@Singleton
public class OpenIdServlet extends HttpServlet {
private static final long serialVersionUID = 6314103753523555658L;
private static final String CLOSE_POPUP_URI = "/openid/ClosePopup.html";
private final Provider<UserDAO> userDAO;
@Inject
public OpenIdServlet(Provider<UserDAO> userDAO) {
this.userDAO = userDAO;
}
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
doPost(request, response);
}
@Override
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws IOException, ServletException {
String provider = request.getParameter("provider");
if (provider != null) {
// If the ui supplies a number of buttons for default providers.
// This will speed up the openid process by skipping discovery.
// The override is done by adding the OpenIdUser to the request attribute.
if (provider.equals("google")) {
OpenIdUser user = OpenIdUser.populate("https://www.google.com/accounts/o8/id",
YadisDiscovery.IDENTIFIER_SELECT,
"https://www.google.com/accounts/o8/ud");
request.setAttribute(OpenIdUser.ATTR_NAME, user);
} else if (provider.equals("yahoo")) {
OpenIdUser user = OpenIdUser.populate("http://yahoo.com/",
YadisDiscovery.IDENTIFIER_SELECT,
"https://open.login.yahooapis.com/openid/op/auth");
request.setAttribute(OpenIdUser.ATTR_NAME, user);
}
}
RelyingParty relyingParty = RelyingParty.getInstance();
String errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
try {
OpenIdUser user = relyingParty.discover(request);
if (user == null) {
if (RelyingParty.isAuthResponse(request)) {
// authentication timeout
response.sendRedirect(request.getRequestURI());
} else {
// set error msg if the openid_identifier is not resolved.
if (request.getParameter(relyingParty.getIdentifierParameter()) != null) {
request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg);
}
// TODO: Simply close the window? Alert?
request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
}
return;
}
if (user.isAuthenticated()) {
// user already authenticated
request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
return;
}
if (user.isAssociated() && RelyingParty.isAuthResponse(request)) {
// verify authentication
if (relyingParty.verifyAuth(user, request, response)) {
// authenticated
userDAO.get().setSessionUser(user);
// redirect to home to remove the query params instead of doing:
request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
} else {
// failed verification
// TODO: Simply close the window? Alert?
request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
}
return;
}
// associate and authenticate user
StringBuffer url = request.getRequestURL();
String trustRoot = url.substring(0, url.indexOf("/", 9));
String realm = url.substring(0, url.lastIndexOf("/"));
String returnTo = url.toString();
if (relyingParty.associateAndAuthenticate(user, request, response, trustRoot, realm,
returnTo)) {
return;
}
} catch (UnknownHostException uhe) {
System.err.println("not found");
errorMsg = OpenIdServletFilter.ID_NOT_FOUND_MSG;
} catch (FileNotFoundException fnfe) {
System.err.println("could not be resolved");
errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
} catch (Exception e) {
e.printStackTrace();
errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
}
request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg);
// TODO: Simply close the window? Alert?
request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
}
@Override
public void init() throws ServletException {
super.init();
// One-time initialization of RelyingParty.
RelyingParty.getInstance()
.addListener(new AxSchemaExtension()
.addExchange("email")
.addExchange("language")
)
.addListener(new RelyingParty.Listener()
{
@Override
public void onDiscovery(OpenIdUser user, HttpServletRequest request) {
}
@Override
public void onPreAuthenticate(OpenIdUser user, HttpServletRequest request,
UrlEncodedParameterMap params) {
if ("true".equals(request.getParameter("popup"))) {
String returnTo = params.get(Constants.OPENID_TRUST_ROOT) + request.getRequestURI();
params.put(Constants.OPENID_RETURN_TO, returnTo);
params.put(Constants.OPENID_REALM, returnTo);
params.put("openid.ns.ui", "http://specs.openid.net/extensions/ui/1.0");
params.put("openid.ui.mode", "popup");
}
}
@Override
public void onAuthenticate(OpenIdUser user, HttpServletRequest request) {
}
@Override
public void onAccess(OpenIdUser user, HttpServletRequest request) {
}
});
}
}