use of fi.otavanopisto.muikku.auth.AuthenticationResult in project muikku by otavanopisto.
the class InternalAuthenticationStrategy method processLogin.
@Override
public AuthenticationResult processLogin(AuthSource authSource, Map<String, String[]> requestParameters) {
String email = StringUtils.lowerCase(getFirstRequestParameter(requestParameters, "email"));
String password = getFirstRequestParameter(requestParameters, "password");
InternalAuth internalAuth = internalLoginController.findInternalAuthByEmailAndPassword(email, password);
if (internalAuth != null) {
UserEntity userEntity = userEntityController.findUserEntityById(internalAuth.getUserEntityId());
if (userEntity != null) {
return processLogin(authSource, requestParameters, DigestUtils.md5Hex("INTERNAL-" + internalAuth.getId()), Arrays.asList(email), null, null);
}
}
return new AuthenticationResult(Status.INVALID_CREDENTIALS);
}
use of fi.otavanopisto.muikku.auth.AuthenticationResult in project muikku by otavanopisto.
the class GoogleAuthenticationStrategy method processResponse.
@Override
protected AuthenticationResult processResponse(AuthSource authSource, Map<String, String[]> requestParameters, OAuthService service, String[] requestedScopes) {
ObjectMapper objectMapper = new ObjectMapper();
String verifier = getFirstRequestParameter(requestParameters, "code");
Verifier v = new Verifier(verifier);
Token accessToken = service.getAccessToken(null, v);
GoogleAccessToken googleAccessToken;
try {
googleAccessToken = objectMapper.readValue(accessToken.getRawResponse(), GoogleAccessToken.class);
Calendar calendar = new GregorianCalendar();
calendar.setTime(new Date());
calendar.add(Calendar.SECOND, googleAccessToken.getExpiresIn());
Date expires = calendar.getTime();
sessionController.addOAuthAccessToken("google", expires, accessToken.getToken(), null);
} catch (IOException e) {
logger.log(Level.SEVERE, "Token extraction failed a JSON parsing error", e);
return new AuthenticationResult(AuthenticationResult.Status.ERROR);
}
List<String> scopesList = Arrays.asList(requestedScopes);
boolean hasProfileScope = scopesList.contains("https://www.googleapis.com/auth/userinfo.profile");
GoogleUserInfo userInfo = null;
if (hasProfileScope) {
OAuthRequest request = new OAuthRequest(Verb.GET, "https://www.googleapis.com/oauth2/v1/userinfo?alt=json");
service.signRequest(accessToken, request);
Response response = request.send();
try {
userInfo = objectMapper.readValue(response.getBody(), GoogleUserInfo.class);
} catch (IOException e) {
logger.log(Level.SEVERE, "Logging in failed because of a JSON parsing exception", e);
return new AuthenticationResult(AuthenticationResult.Status.ERROR);
}
}
if (userInfo != null)
return processLogin(authSource, requestParameters, userInfo.getId(), Arrays.asList(userInfo.getEmail()), userInfo.getGivenName(), userInfo.getFamilyName());
else {
return new AuthenticationResult(AuthenticationResult.Status.GRANT);
}
}
use of fi.otavanopisto.muikku.auth.AuthenticationResult in project muikku by otavanopisto.
the class FacebookAuthenticationStrategy method processResponse.
@Override
protected AuthenticationResult processResponse(AuthSource authSource, Map<String, String[]> requestParameters, OAuthService service, String[] requestedScopes) {
ObjectMapper objectMapper = new ObjectMapper();
String verifier = getFirstRequestParameter(requestParameters, "code");
Verifier v = new Verifier(verifier);
Token accessToken = service.getAccessToken(null, v);
FacebookUser meObject = null;
OAuthRequest request = new OAuthRequest(Verb.GET, "https://graph.facebook.com/me");
service.signRequest(accessToken, request);
Response response = request.send();
try {
meObject = objectMapper.readValue(response.getBody(), FacebookUser.class);
} catch (IOException e) {
logger.log(Level.SEVERE, "Logging in failed because of a JSON parsing exception", e);
return new AuthenticationResult(AuthenticationResult.Status.ERROR);
}
Integer expiresIn = extractExpires(accessToken);
Date expires = null;
if (expiresIn != null) {
Calendar calendar = new GregorianCalendar();
calendar.setTime(new Date());
calendar.add(Calendar.SECOND, expiresIn);
expires = calendar.getTime();
sessionController.addOAuthAccessToken("facebook", expires, accessToken.getToken(), null);
}
if (meObject != null)
return processLogin(authSource, requestParameters, meObject.getId(), Arrays.asList(meObject.getEmail()), meObject.getFirstName(), meObject.getLastName());
else {
return new AuthenticationResult(AuthenticationResult.Status.GRANT);
}
}
use of fi.otavanopisto.muikku.auth.AuthenticationResult in project muikku by otavanopisto.
the class PyramusAuthenticationStrategy method processResponse.
@Override
protected AuthenticationResult processResponse(AuthSource authSource, Map<String, String[]> requestParameters, OAuthService service, String[] requestedScopes) {
ObjectMapper objectMapper = new ObjectMapper();
String verifier = getFirstRequestParameter(requestParameters, "code");
Verifier v = new Verifier(verifier);
Token accessToken = service.getAccessToken(null, v);
PyramusAccessToken pyramusAccessToken;
try {
pyramusAccessToken = objectMapper.readValue(accessToken.getRawResponse(), PyramusAccessToken.class);
Calendar calendar = new GregorianCalendar();
calendar.setTime(new Date());
calendar.add(Calendar.SECOND, pyramusAccessToken.getExpiresIn());
Date expires = calendar.getTime();
sessionController.addOAuthAccessToken("pyramus", expires, accessToken.getToken(), pyramusAccessToken.getRefreshToken());
} catch (IOException e) {
logger.log(Level.SEVERE, "Token extraction failed a JSON parsing error", e);
return new AuthenticationResult(AuthenticationResult.Status.ERROR);
}
WhoAmI whoAmI = null;
OAuthRequest request = new OAuthRequest(Verb.GET, getWhoAmIUrl());
service.signRequest(accessToken, request);
Response response = request.send();
try {
whoAmI = objectMapper.readValue(response.getBody(), WhoAmI.class);
} catch (IOException e) {
logger.log(Level.SEVERE, "Logging in failed because of a JSON parsing exception", e);
return new AuthenticationResult(AuthenticationResult.Status.ERROR);
}
return processLogin(authSource, requestParameters, whoAmI.getId().toString(), whoAmI.getEmails(), whoAmI.getFirstName(), whoAmI.getLastName());
}
use of fi.otavanopisto.muikku.auth.AuthenticationResult in project muikku by otavanopisto.
the class LoginBackingBean method init.
@RequestAction
@Deferred
public String init() {
try {
FacesContext facesContext = FacesContext.getCurrentInstance();
ExternalContext externalContext = facesContext.getExternalContext();
Map<String, String[]> requestParameters = externalContext.getRequestParameterValuesMap();
if (authSourceId == null) {
authSourceId = loginSessionBean.getAuthSourceId();
} else {
loginSessionBean.setAuthSourceId(authSourceId);
}
if (StringUtils.isNotBlank(redirectUrl)) {
loginSessionBean.setPostLoginRedirectUrl(redirectUrl);
}
if (authSourceId == null) {
// authentication source id is not defined, which means that we need to ask the user which he or she is
// going to use, unless only one source is defined and it's credentialess one, in which case we use that one.
List<AuthSource> credentialAuthSources = authSourceController.listCredentialAuthSources();
List<AuthSource> credentialessAuthSources = authSourceController.listCredentialessAuthSources();
if (credentialAuthSources.isEmpty() && credentialessAuthSources.size() == 1) {
authSourceId = credentialessAuthSources.get(0).getId();
}
}
if (authSourceId != null) {
AuthSource authSource = authSourceController.findAuthSourceById(authSourceId);
if (authSource != null) {
AuthenticationProvider authenticationProvider = authSourceController.findAuthenticationProvider(authSource);
if (authenticationProvider != null) {
AuthenticationResult result = authenticationProvider.processLogin(authSource, requestParameters);
if (StringUtils.isNotBlank(result.getRedirectUrl())) {
externalContext.redirect(result.getRedirectUrl());
} else {
loginSessionBean.setAuthSourceId(null);
String postLoginRedirectUrl = loginSessionBean.getPostLoginRedirectUrl();
switch(result.getStatus()) {
case GRANT:
// User granted additional scopes in existing authentication source
break;
case LOGIN:
// User logged in
break;
case NEW_ACCOUNT:
// User created new account
break;
case CONFLICT:
switch(result.getConflictReason()) {
case EMAIL_BELONGS_TO_ANOTHER_USER:
// Could not login, one or more of the email addresses belong to another user
break;
case LOGGED_IN_AS_DIFFERENT_USER:
// Could not login, user is already logged in as a another user
break;
case SEVERAL_USERS_BY_EMAILS:
// Could not login, several users found by email addresses
break;
}
logger.log(Level.SEVERE, String.format("Authentication failed on with following message: %s", result.getConflictReason().toString()));
return NavigationRules.INTERNAL_ERROR;
case INVALID_CREDENTIALS:
logger.log(Level.SEVERE, "Erroneous authentication provider status: INVALID_CREDENTIALS in external login page");
return NavigationRules.INTERNAL_ERROR;
case NO_EMAIL:
return NavigationRules.AUTH_NOEMAIL;
case PROCESSING:
logger.log(Level.SEVERE, "Erroneous authentication provider status: PROCESSING without redirectUrl");
return NavigationRules.INTERNAL_ERROR;
case ERROR:
return NavigationRules.INTERNAL_ERROR;
}
if (StringUtils.isBlank(postLoginRedirectUrl)) {
postLoginRedirectUrl = externalContext.getRequestContextPath() + "/";
}
externalContext.redirect(postLoginRedirectUrl);
}
} else {
logger.log(Level.SEVERE, "Invalid authenticationProvider");
return NavigationRules.INTERNAL_ERROR;
}
} else {
logger.log(Level.SEVERE, "Invalid authSourceId");
return NavigationRules.INTERNAL_ERROR;
}
}
} catch (IOException e) {
logger.log(Level.SEVERE, "Login failed because of an internal error", e);
return NavigationRules.INTERNAL_ERROR;
}
return null;
}
Aggregations