Example 1 with DeviceVerificationPageModel
use of com.authlete.jaxrs.DeviceVerificationPageModel in project java-oauth-server by authlete.
the class DeviceVerificationEndpoint method authenticateUser.
private void authenticateUser(HttpSession session, MultivaluedMap<String, String> parameters) {
// Look up the user in the session to see if they're already logged in.
User sessionUser = (User) session.getAttribute("user");
if (sessionUser != null) {
// OK. The user has been already authenticated.
return;
}
// The user has not been authenticated yet. Then, check the user credentials
// in the submitted parameters
// Look up an end-user who has the login credentials.
User loginUser = UserDao.getByCredentials(parameters.getFirst("loginId"), parameters.getFirst("password"));
if (loginUser != null) {
// OK. The user having the credentials was found.
// Set the login information about the user in the session.
session.setAttribute("user", loginUser);
session.setAttribute("authTime", new Date());
return;
}
// Error. The user authentication has failed.
// Urge the user to input valid login credentials again.
// The model for rendering the verification page.
DeviceVerificationPageModel model = new DeviceVerificationPageModel().setLoginId(parameters.getFirst("loginId")).setUserCode(parameters.getFirst("userCode")).setNotification("User authentication failed.");
// Throw a "401 Unauthorized" exception and show the verification page.
throw unauthorizedException(new Viewable(TEMPLATE, model), CHALLENGE);
}
Also used :
User(com.authlete.common.types.User)
DeviceVerificationPageModel(com.authlete.jaxrs.DeviceVerificationPageModel)
Viewable(org.glassfish.jersey.server.mvc.Viewable)
Date(java.util.Date)
Example 2 with DeviceVerificationPageModel
use of com.authlete.jaxrs.DeviceVerificationPageModel in project java-oauth-server by authlete.
the class DeviceVerificationEndpoint method get.
/**
* The verification endpoint for {@code GET} method. This method returns a
* verification page where the end-user is asked to input her login credentials
* (if not authenticated) and a user code.
*/
@GET
public Response get(@Context HttpServletRequest request, @Context UriInfo uriInfo) {
// Get user information from the existing session if present.
User user = getUserFromSessionIfPresent(request);
// Get the user code from the query parameters if present.
String userCode = uriInfo.getQueryParameters().getFirst("user_code");
// The model for rendering the verification page.
DeviceVerificationPageModel model = new DeviceVerificationPageModel().setUser(user).setUserCode(userCode);
// Create a response of "200 OK" having the verification page.
return ok(new Viewable(TEMPLATE, model));
}
Also used :
User(com.authlete.common.types.User)
DeviceVerificationPageModel(com.authlete.jaxrs.DeviceVerificationPageModel)
Viewable(org.glassfish.jersey.server.mvc.Viewable)
GET(javax.ws.rs.GET)
Example 3 with DeviceVerificationPageModel
use of com.authlete.jaxrs.DeviceVerificationPageModel in project java-oauth-server by authlete.
the class DeviceVerificationRequestHandlerSpiImpl method onNotExist.
@Override
public Response onNotExist() {
// Urge the user to re-input a valid user code.
// The user.
User user = (User) mSession.getAttribute("user");
// The model for rendering the verification page.
DeviceVerificationPageModel model = new DeviceVerificationPageModel().setUserCode(mUserCode).setUser(user).setNotification("The user code does not exist.");
// urge the user to re-input a valid user code.
return notFound(new Viewable(VERIFICATION_PAGE_TEMPLATE, model));
}
Also used :
User(com.authlete.common.types.User)
DeviceVerificationPageModel(com.authlete.jaxrs.DeviceVerificationPageModel)
Viewable(org.glassfish.jersey.server.mvc.Viewable)
Aggregations
User (com.authlete.common.types.User)3
DeviceVerificationPageModel (com.authlete.jaxrs.DeviceVerificationPageModel)3
Viewable (org.glassfish.jersey.server.mvc.Viewable)3
Date (java.util.Date)1
GET (javax.ws.rs.GET)1
