Example 1 with OAuthRegistration
use of org.olat.login.oauth.model.OAuthRegistration in project OpenOLAT by OpenOLAT.
the class OAuthDispatcher method execute.
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String uri = request.getRequestURI();
try {
uri = URLDecoder.decode(uri, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new AssertException("UTF-8 encoding not supported!!!!");
}
String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
uri = uri.substring(uriPrefix.length());
UserRequest ureq = null;
try {
// upon creation URL is checked for
ureq = new UserRequestImpl(uriPrefix, request, response);
} catch (NumberFormatException nfe) {
if (log.isDebug()) {
log.debug("Bad Request " + request.getPathInfo());
}
DispatcherModule.sendBadRequest(request.getPathInfo(), response);
return;
}
String error = request.getParameter("error");
if (null != error) {
error(ureq, translateOauthError(ureq, error));
return;
}
String problem = request.getParameter("oauth_problem");
if (problem != null && "token_rejected".equals(problem.trim())) {
error(ureq, translateOauthError(ureq, error));
return;
}
try {
HttpSession sess = request.getSession();
// OAuth 2.0 hasn't any request token
Token requestToken = (Token) sess.getAttribute(OAuthConstants.REQUEST_TOKEN);
OAuthService service = (OAuthService) sess.getAttribute(OAuthConstants.OAUTH_SERVICE);
OAuthSPI provider = (OAuthSPI) sess.getAttribute(OAuthConstants.OAUTH_SPI);
Token accessToken;
if (provider == null) {
log.audit("OAuth Login failed, no provider in request");
DispatcherModule.redirectToDefaultDispatcher(response);
return;
} else if (provider.isImplicitWorkflow()) {
String idToken = ureq.getParameter("id_token");
if (idToken == null) {
redirectImplicitWorkflow(ureq);
return;
} else {
Verifier verifier = OpenIDVerifier.create(ureq, sess);
accessToken = service.getAccessToken(requestToken, verifier);
}
} else {
String requestVerifier = request.getParameter("oauth_verifier");
if (requestVerifier == null) {
// OAuth 2.0 as a code
requestVerifier = request.getParameter("code");
}
accessToken = service.getAccessToken(requestToken, new Verifier(requestVerifier));
}
OAuthUser infos = provider.getUser(service, accessToken);
if (infos == null || !StringHelper.containsNonWhitespace(infos.getId())) {
error(ureq, translate(ureq, "error.no.id"));
log.error("OAuth Login failed, no infos extracted from access token: " + accessToken);
return;
}
OAuthRegistration registration = new OAuthRegistration(provider.getProviderName(), infos);
login(infos, registration);
if (provider instanceof OAuthUserCreator) {
Identity newIdentity;
OAuthUserCreator userCreator = (OAuthUserCreator) provider;
if (registration.getIdentity() == null) {
newIdentity = userCreator.createUser(infos);
} else {
newIdentity = userCreator.updateUser(infos, registration.getIdentity());
}
if (newIdentity != null) {
registration.setIdentity(newIdentity);
}
}
if (registration.getIdentity() == null) {
if (CoreSpringFactory.getImpl(OAuthLoginModule.class).isAllowUserCreation()) {
register(request, response, registration);
} else {
error(ureq, translate(ureq, "error.account.creation"));
log.error("OAuth Login ok but the user has not an account on OpenOLAT: " + infos);
}
} else {
if (ureq.getUserSession() != null) {
// re-init the activity logger
ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(request);
}
Identity identity = registration.getIdentity();
int loginStatus = AuthHelper.doLogin(identity, provider.getProviderName(), ureq);
if (loginStatus != AuthHelper.LOGIN_OK) {
if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
DispatcherModule.redirectToServiceNotAvailable(response);
} else {
// error, redirect to login screen
DispatcherModule.redirectToDefaultDispatcher(response);
}
} else {
// update last login date and register active user
UserDeletionManager.getInstance().setIdentityAsActiv(identity);
MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
if (mr instanceof RedirectMediaResource) {
RedirectMediaResource rmr = (RedirectMediaResource) mr;
rmr.prepare(response);
} else {
// error, redirect to login screen
DispatcherModule.redirectToDefaultDispatcher(response);
}
}
}
} catch (Exception e) {
log.error("Unexpected error", e);
error(ureq, translate(ureq, "error.generic"));
}
}
Also used :
AssertException(org.olat.core.logging.AssertException)
HttpSession(javax.servlet.http.HttpSession)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Token(org.scribe.model.Token)
OpenIDVerifier(org.olat.login.oauth.spi.OpenIDVerifier)
Verifier(org.scribe.model.Verifier)
AssertException(org.olat.core.logging.AssertException)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
OAuthService(org.scribe.oauth.OAuthService)
OAuthUser(org.olat.login.oauth.model.OAuthUser)
OAuthRegistration(org.olat.login.oauth.model.OAuthRegistration)
RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource)
MediaResource(org.olat.core.gui.media.MediaResource)
RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource)
Identity(org.olat.core.id.Identity)
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
Example 2 with OAuthRegistration
use of org.olat.login.oauth.model.OAuthRegistration in project openolat by klemens.
the class OAuthDispatcher method execute.
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String uri = request.getRequestURI();
try {
uri = URLDecoder.decode(uri, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new AssertException("UTF-8 encoding not supported!!!!");
}
String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
uri = uri.substring(uriPrefix.length());
UserRequest ureq = null;
try {
// upon creation URL is checked for
ureq = new UserRequestImpl(uriPrefix, request, response);
} catch (NumberFormatException nfe) {
if (log.isDebug()) {
log.debug("Bad Request " + request.getPathInfo());
}
DispatcherModule.sendBadRequest(request.getPathInfo(), response);
return;
}
String error = request.getParameter("error");
if (null != error) {
error(ureq, translateOauthError(ureq, error));
return;
}
String problem = request.getParameter("oauth_problem");
if (problem != null && "token_rejected".equals(problem.trim())) {
error(ureq, translateOauthError(ureq, error));
return;
}
try {
HttpSession sess = request.getSession();
// OAuth 2.0 hasn't any request token
Token requestToken = (Token) sess.getAttribute(OAuthConstants.REQUEST_TOKEN);
OAuthService service = (OAuthService) sess.getAttribute(OAuthConstants.OAUTH_SERVICE);
OAuthSPI provider = (OAuthSPI) sess.getAttribute(OAuthConstants.OAUTH_SPI);
Token accessToken;
if (provider == null) {
log.audit("OAuth Login failed, no provider in request");
DispatcherModule.redirectToDefaultDispatcher(response);
return;
} else if (provider.isImplicitWorkflow()) {
String idToken = ureq.getParameter("id_token");
if (idToken == null) {
redirectImplicitWorkflow(ureq);
return;
} else {
Verifier verifier = OpenIDVerifier.create(ureq, sess);
accessToken = service.getAccessToken(requestToken, verifier);
}
} else {
String requestVerifier = request.getParameter("oauth_verifier");
if (requestVerifier == null) {
// OAuth 2.0 as a code
requestVerifier = request.getParameter("code");
}
accessToken = service.getAccessToken(requestToken, new Verifier(requestVerifier));
}
OAuthUser infos = provider.getUser(service, accessToken);
if (infos == null || !StringHelper.containsNonWhitespace(infos.getId())) {
error(ureq, translate(ureq, "error.no.id"));
log.error("OAuth Login failed, no infos extracted from access token: " + accessToken);
return;
}
OAuthRegistration registration = new OAuthRegistration(provider.getProviderName(), infos);
login(infos, registration);
if (provider instanceof OAuthUserCreator) {
Identity newIdentity;
OAuthUserCreator userCreator = (OAuthUserCreator) provider;
if (registration.getIdentity() == null) {
newIdentity = userCreator.createUser(infos);
} else {
newIdentity = userCreator.updateUser(infos, registration.getIdentity());
}
if (newIdentity != null) {
registration.setIdentity(newIdentity);
}
}
if (registration.getIdentity() == null) {
if (CoreSpringFactory.getImpl(OAuthLoginModule.class).isAllowUserCreation()) {
register(request, response, registration);
} else {
error(ureq, translate(ureq, "error.account.creation"));
log.error("OAuth Login ok but the user has not an account on OpenOLAT: " + infos);
}
} else {
if (ureq.getUserSession() != null) {
// re-init the activity logger
ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(request);
}
Identity identity = registration.getIdentity();
int loginStatus = AuthHelper.doLogin(identity, provider.getProviderName(), ureq);
if (loginStatus != AuthHelper.LOGIN_OK) {
if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
DispatcherModule.redirectToServiceNotAvailable(response);
} else {
// error, redirect to login screen
DispatcherModule.redirectToDefaultDispatcher(response);
}
} else {
// update last login date and register active user
UserDeletionManager.getInstance().setIdentityAsActiv(identity);
MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
if (mr instanceof RedirectMediaResource) {
RedirectMediaResource rmr = (RedirectMediaResource) mr;
rmr.prepare(response);
} else {
// error, redirect to login screen
DispatcherModule.redirectToDefaultDispatcher(response);
}
}
}
} catch (Exception e) {
log.error("Unexpected error", e);
error(ureq, translate(ureq, "error.generic"));
}
}
Also used :
AssertException(org.olat.core.logging.AssertException)
HttpSession(javax.servlet.http.HttpSession)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
Token(org.scribe.model.Token)
OpenIDVerifier(org.olat.login.oauth.spi.OpenIDVerifier)
Verifier(org.scribe.model.Verifier)
AssertException(org.olat.core.logging.AssertException)
ServletException(javax.servlet.ServletException)
IOException(java.io.IOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
OAuthService(org.scribe.oauth.OAuthService)
OAuthUser(org.olat.login.oauth.model.OAuthUser)
OAuthRegistration(org.olat.login.oauth.model.OAuthRegistration)
RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource)
MediaResource(org.olat.core.gui.media.MediaResource)
RedirectMediaResource(org.olat.core.gui.media.RedirectMediaResource)
Identity(org.olat.core.id.Identity)
UserRequest(org.olat.core.gui.UserRequest)
UserRequestImpl(org.olat.core.gui.UserRequestImpl)
Aggregations
IOException (java.io.IOException)2
UnsupportedEncodingException (java.io.UnsupportedEncodingException)2
ServletException (javax.servlet.ServletException)2
HttpSession (javax.servlet.http.HttpSession)2
UserRequest (org.olat.core.gui.UserRequest)2
UserRequestImpl (org.olat.core.gui.UserRequestImpl)2
MediaResource (org.olat.core.gui.media.MediaResource)2
RedirectMediaResource (org.olat.core.gui.media.RedirectMediaResource)2
Identity (org.olat.core.id.Identity)2
AssertException (org.olat.core.logging.AssertException)2
OAuthRegistration (org.olat.login.oauth.model.OAuthRegistration)2
OAuthUser (org.olat.login.oauth.model.OAuthUser)2
OpenIDVerifier (org.olat.login.oauth.spi.OpenIDVerifier)2
Token (org.scribe.model.Token)2
Verifier (org.scribe.model.Verifier)2
OAuthService (org.scribe.oauth.OAuthService)2
