Package nz.ac.massey.softwarec.group3.login

Source Code of nz.ac.massey.softwarec.group3.login.OpenId4Java

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
/*
New Scotland Yard is an online multiplayer adaptation
of the boardgame  "Scotland Yard". Copyright (C) 2011 
Massey University Software C Group 3

This program is free software: you can redistribute it
and/or modify it under the terms of the GNU General
Public License as published by the Free Software
Foundation, either version 3 of the License, or (at
your option) any later version.

This program is distributed in the hope that it will
be useful, but WITHOUT ANY WARRANTY; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public
License for more details.

You should have received a copy of the GNU General
Public License along with this program.  If not, see
<http://www.gnu.org/licenses/>.
*/

package nz.ac.massey.softwarec.group3.login;

import java.io.IOException;
import java.net.InetAddress;
import java.util.List;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.InMemoryConsumerAssociationStore;
import org.openid4java.consumer.InMemoryNonceVerifier;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryException;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.openid4java.util.HttpClientFactory;
import org.openid4java.util.ProxyProperties;

/**
* OpenId4Java - Handles the OpenID authentication.
* @version 1.0 Release
* @since 1.0
* @authors Natalie Eustace | Wanting Huang | Paul Smith | Craig Spence
*/
@WebServlet(name = "OpenId4Java", urlPatterns = {"/openid"})
public class OpenId4Java extends HttpServlet {

    private static ConsumerManager consumerManager;
   
    final static String YAHOO_ENDPOINT = "https://me.yahoo.com";
    final static String GOOGLE_ENDPOINT = "https://www.google.com/accounts/o8/id";
    final static String REDIRECT_LOCATION = "/Software_Engineering_C/Resources/JavaServerPages/lobby.jsp";
   
    private static ConsumerManager getConsumerManager() {
        try {
            // Proxy stuff, comment out when not at Massey.
            InetAddress myLocalHost = InetAddress.getLocalHost();
            //If have a 10 prefixed ip comment out this block of code if not at massey           
            if(myLocalHost.getHostAddress().startsWith("10")){
                final ProxyProperties proxyProps = new ProxyProperties();
                proxyProps.setProxyHostName("tur-cache2.massey.ac.nz");
                proxyProps.setProxyPort(8080);
                proxyProps.setUserName("08497818");
                proxyProps.setPassword("6891");
                HttpClientFactory.setProxyProperties(proxyProps);
            }
        } catch (IOException ex) {
            System.err.print(ex.getMessage());
        }
        try {
            if (consumerManager == null) {
                consumerManager = new ConsumerManager();
                consumerManager.setAssociations(new InMemoryConsumerAssociationStore());
                consumerManager.setNonceVerifier(new InMemoryNonceVerifier(10000));
            }
        } catch (Exception ex) {
            final String message = "Exception creating ConsumerManager!";
            throw new RuntimeException(message, ex);
        }
        return consumerManager;
    }
   
    public static DiscoveryInformation performDiscoveryOnUserSuppliedIdentifier(final String userSuppliedIdentifier) {
        DiscoveryInformation ret = null;
        consumerManager = getConsumerManager();
        try {
            // Perform discover on the User-Supplied Identifier
            final List<DiscoveryInformation> discoveries =
                    consumerManager.discover(userSuppliedIdentifier);
            // Pass the discoveries to the associate() method...
            ret = consumerManager.associate(discoveries);
        } catch (DiscoveryException de) {
            final String message = "Error occurred during discovery!";
            throw new RuntimeException(message, de);
        }
        return ret;
    }
   
    public static AuthRequest createOpenIdAuthRequest(final DiscoveryInformation discoveryInformation, final String returnToUrl, final String endpoint) {
        AuthRequest ret = null;
        //
        try {
            // Create the AuthRequest object
            ret = getConsumerManager().authenticate(discoveryInformation, returnToUrl);
           
            final FetchRequest fetch = FetchRequest.createFetchRequest();
            if (endpoint.startsWith(GOOGLE_ENDPOINT)) {
                fetch.addAttribute("email", "http://axschema.org/contact/email", true);
                fetch.addAttribute("FirstName", "http://axschema.org/namePerson/first", true);
                fetch.addAttribute("LastName", "http://axschema.org/namePerson/last", true);
            } else if (endpoint.startsWith(YAHOO_ENDPOINT)) {
                fetch.addAttribute("email", "http://axschema.org/contact/email", true);
                fetch.addAttribute("Fullname", "http://axschema.org/namePerson", true);
            }
            ret.addExtension(fetch);
        } catch (Exception e) {
            final String message = "Exception occurred while building "
                    + "AuthRequest object!";
            throw new RuntimeException(message, e);
        }
        return ret;
    }
   
    private Identifier verifyResponse(final HttpServletRequest request) {
        try {
            // extract the parameters from the authentication response
            // (which comes in as a HTTP request from the OpenID provider)
            final ParameterList response = new ParameterList(request.getParameterMap());
            // retrieve the previously stored discovery information
            final DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute("openid-disc");

            // extract the receiving URL from the HTTP request
            final StringBuffer receivingURL = request.getRequestURL();
            final String queryString = request.getQueryString();
            if (queryString != null && queryString.length() > 0) {
                receivingURL.append("?").append(request.getQueryString());
            }

            // verify the response; ConsumerManager needs to be the same
            // (static) instance used to place the authentication request

            final VerificationResult verification = consumerManager.verify(receivingURL.toString(), response, discovered);

            // examine the verification result and extract the verified
            // identifier

            final Identifier verified = verification.getVerifiedId();
            if (verified != null) {
                final AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
                if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
                    final FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);
                    final String email = fetchResp.getAttributeValue("email");
                    final String lastname = fetchResp.getAttributeValue("LastName");
                    final String firstname = fetchResp.getAttributeValue("FirstName");
                    final String fullname = fetchResp.getAttributeValue("fullname");
                    final HttpSession session = request.getSession();
                    if (fullname == null) {
                        session.setAttribute("username", firstname + " " + lastname);
                    }
                    else {
                        session.setAttribute("username", fullname);
                    }
                    session.setAttribute("email", email);
                }
                return verified; // success
            }
        } catch (OpenIDException ex) {
            System.err.print(ex);
        }
        return null;
    }
   
    /**
     * Handles the HTTP <code>GET</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(final HttpServletRequest request, final HttpServletResponse response)
            throws ServletException, IOException {
        final Identifier identifier = this.verifyResponse(request);
        response.sendRedirect(REDIRECT_LOCATION);
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(final HttpServletRequest request, final HttpServletResponse response)
            throws ServletException, IOException {
        final String url = request.getParameter("openid");
        final DiscoveryInformation discoveryInformation = performDiscoveryOnUserSuppliedIdentifier(url);
        final InetAddress myLocalHost = InetAddress.getLocalHost();
        final AuthRequest authRequest = createOpenIdAuthRequest(discoveryInformation, "http://" + myLocalHost.getHostAddress() + ":8080/Software_Engineering_C/openid", url);
        response.sendRedirect(authRequest.getDestinationUrl(true));
    }
   
    /**
     * Returns a short description of the servlet.
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "This servlet allows user authentication with OpenId";
    }
}
TOP

Related Classes of nz.ac.massey.softwarec.group3.login.OpenId4Java

  • nz.ac.massey.softwarec.group3.actions.ActionInterfaceTest
  • nz.ac.massey.softwarec.group3.actions.ActionPerformer
  • nz.ac.massey.softwarec.group3.actions.ActionPerformerInterfaceTest
  • nz.ac.massey.softwarec.group3.actions.ActionPerformerTest
  • nz.ac.massey.softwarec.group3.actions.ActionTest
  • nz.ac.massey.softwarec.group3.actions.DataGetter
  • nz.ac.massey.softwarec.group3.actions.DataGetterInterfaceTest
  • nz.ac.massey.softwarec.group3.actions.GetData
  • nz.ac.massey.softwarec.group3.actions.GetDataTest
  • nz.ac.massey.softwarec.group3.actions.PerformAction
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.