Example 1 with DiscoveryInformation
use of org.openid4java.discovery.DiscoveryInformation in project spring-security by spring-projects.
the class OpenID4JavaConsumer method endConsumption.
public OpenIDAuthenticationToken endConsumption(HttpServletRequest request) throws OpenIDConsumerException {
// extract the parameters from the authentication response
// (which comes in as a HTTP request from the OpenID provider)
ParameterList openidResp = new ParameterList(request.getParameterMap());
// retrieve the previously stored discovery information
DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute(DISCOVERY_INFO_KEY);
if (discovered == null) {
throw new OpenIDConsumerException("DiscoveryInformation is not available. Possible causes are lost session or replay attack");
}
List<OpenIDAttribute> attributesToFetch = (List<OpenIDAttribute>) request.getSession().getAttribute(ATTRIBUTE_LIST_KEY);
request.getSession().removeAttribute(DISCOVERY_INFO_KEY);
request.getSession().removeAttribute(ATTRIBUTE_LIST_KEY);
// extract the receiving URL from the HTTP request
StringBuffer receivingURL = request.getRequestURL();
String queryString = request.getQueryString();
if (StringUtils.hasLength(queryString)) {
receivingURL.append("?").append(request.getQueryString());
}
// verify the response
VerificationResult verification;
try {
verification = consumerManager.verify(receivingURL.toString(), openidResp, discovered);
} catch (MessageException e) {
throw new OpenIDConsumerException("Error verifying openid response", e);
} catch (DiscoveryException e) {
throw new OpenIDConsumerException("Error verifying openid response", e);
} catch (AssociationException e) {
throw new OpenIDConsumerException("Error verifying openid response", e);
}
// examine the verification result and extract the verified identifier
Identifier verified = verification.getVerifiedId();
if (verified == null) {
Identifier id = discovered.getClaimedIdentifier();
return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, id == null ? "Unknown" : id.getIdentifier(), "Verification status message: [" + verification.getStatusMsg() + "]", Collections.<OpenIDAttribute>emptyList());
}
List<OpenIDAttribute> attributes = fetchAxAttributes(verification.getAuthResponse(), attributesToFetch);
return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, verified.getIdentifier(), "some message", attributes);
}
Also used :
Identifier(org.openid4java.discovery.Identifier)
VerificationResult(org.openid4java.consumer.VerificationResult)
MessageException(org.openid4java.message.MessageException)
DiscoveryInformation(org.openid4java.discovery.DiscoveryInformation)
ParameterList(org.openid4java.message.ParameterList)
AssociationException(org.openid4java.association.AssociationException)
ParameterList(org.openid4java.message.ParameterList)
ArrayList(java.util.ArrayList)
List(java.util.List)
DiscoveryException(org.openid4java.discovery.DiscoveryException)
Example 2 with DiscoveryInformation
use of org.openid4java.discovery.DiscoveryInformation in project spring-security by spring-projects.
the class OpenID4JavaConsumerTests method successfulVerificationReturnsExpectedAuthentication.
@SuppressWarnings("serial")
@Test
public void successfulVerificationReturnsExpectedAuthentication() throws Exception {
ConsumerManager mgr = mock(ConsumerManager.class);
OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory());
VerificationResult vr = mock(VerificationResult.class);
DiscoveryInformation di = mock(DiscoveryInformation.class);
Identifier id = new Identifier() {
public String getIdentifier() {
return "id";
}
};
Message msg = mock(Message.class);
when(mgr.verify(anyString(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr);
when(vr.getVerifiedId()).thenReturn(id);
when(vr.getAuthResponse()).thenReturn(msg);
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(DiscoveryInformation.class.getName(), di);
request.getSession().setAttribute("SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST", attributes);
OpenIDAuthenticationToken auth = consumer.endConsumption(request);
assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.SUCCESS);
}
Also used :
Identifier(org.openid4java.discovery.Identifier)
ConsumerManager(org.openid4java.consumer.ConsumerManager)
VerificationResult(org.openid4java.consumer.VerificationResult)
AxMessage(org.openid4java.message.ax.AxMessage)
Message(org.openid4java.message.Message)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
DiscoveryInformation(org.openid4java.discovery.DiscoveryInformation)
ParameterList(org.openid4java.message.ParameterList)
Example 3 with DiscoveryInformation
use of org.openid4java.discovery.DiscoveryInformation in project oxTrust by GluuFederation.
the class OxChooserWebService method requestHandler.
@Path("/Request")
@GET
@POST
@Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
public Response requestHandler(@Context HttpServletRequest request, @Context HttpServletResponse response, @QueryParam("idRequest") String idReq) throws Exception {
try {
byte[] decodedIdreq = Base64.decodeBase64(idReq);
IdentityRequest idRequest = (IdentityRequest) jsonToObject(decodedIdreq, IdentityRequest.class);
log.debug("openid_identifier_operation : ", idRequest.getIdentifier());
log.debug("instantiating manager");
log.debug("manager instantiated ");
String returnToUrl = idRequest.getReturnToUrl();
log.debug("getting list of discoveries");
List discoveries = manager.discover(idRequest.getIdentifier());
log.debug("retrieving descovered");
DiscoveryInformation discovered = manager.associate(discoveries);
log.debug("saving request");
request.getSession().setAttribute("openid-disc", discovered);
log.debug("instantiating AuthRequest");
AuthRequest authReq = manager.authenticate(discovered, returnToUrl, idRequest.getRealm());
FetchRequest fetch = FetchRequest.createFetchRequest();
if (idRequest.getAxschema().contains("axschema")) {
fetch.addAttribute("nickname", "http://axschema.org/namePerson/friendly", true);
fetch.addAttribute("fullname", "http://axschema.org/namePerson", true);
fetch.addAttribute("email", "http://axschema.org/contact/email", true);
fetch.addAttribute("gender", "http://axschema.org/person/gender", true);
fetch.addAttribute("language", "http://axschema.org/pref/language", true);
fetch.addAttribute("timezone", "http://axschema.org/pref/timezone", true);
fetch.addAttribute("image", "http://axschema.org/media/image/default", true);
} else {
fetch.addAttribute("firstname", "http://schema.openid.net/namePerson/first", true);
fetch.addAttribute("lastname", "http://schema.openid.net/namePerson/last", true);
fetch.addAttribute("email", "http://schema.openid.net/contact/email", true);
fetch.addAttribute("country", "http://axschema.org/contact/country/home", true);
fetch.addAttribute("language", "http://axschema.org/pref/language", true);
}
log.debug("adding fetch data");
authReq.addExtension(fetch);
log.debug("redirecting");
response.sendRedirect(authReq.getDestinationUrl(true));
log.debug("reterning build");
return Response.ok().build();
} catch (ConsumerException e) {
log.debug("Error occured : ", e.getMessage(), " ", e.getCause());
OxChooserError error = new OxChooserError();
error.setDescription("An Error occured , request didnt go through.");
return Response.status(400).entity(error).build();
} finally {
identity.logout();
}
}
Also used :
AuthRequest(org.openid4java.message.AuthRequest)
IdentityRequest(org.gluu.oxtrust.model.oxchooser.IdentityRequest)
DiscoveryInformation(org.openid4java.discovery.DiscoveryInformation)
FetchRequest(org.openid4java.message.ax.FetchRequest)
OxChooserError(org.gluu.oxtrust.model.oxchooser.OxChooserError)
List(java.util.List)
ParameterList(org.openid4java.message.ParameterList)
ConsumerException(org.openid4java.consumer.ConsumerException)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 4 with DiscoveryInformation
use of org.openid4java.discovery.DiscoveryInformation in project spring-security by spring-projects.
the class OpenID4JavaConsumerTests method beginConsumptionCreatesExpectedSessionData.
@SuppressWarnings("deprecation")
@Test
public void beginConsumptionCreatesExpectedSessionData() throws Exception {
ConsumerManager mgr = mock(ConsumerManager.class);
AuthRequest authReq = mock(AuthRequest.class);
DiscoveryInformation di = mock(DiscoveryInformation.class);
when(mgr.authenticate(any(DiscoveryInformation.class), anyString(), anyString())).thenReturn(authReq);
when(mgr.associate(anyList())).thenReturn(di);
OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new MockAttributesFactory());
MockHttpServletRequest request = new MockHttpServletRequest();
consumer.beginConsumption(request, "", "", "");
assertThat(request.getSession().getAttribute("SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST")).isEqualTo(attributes);
assertThat(request.getSession().getAttribute(DiscoveryInformation.class.getName())).isEqualTo(di);
// Check with empty attribute fetch list
consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory());
request = new MockHttpServletRequest();
consumer.beginConsumption(request, "", "", "");
}
Also used :
AuthRequest(org.openid4java.message.AuthRequest)
ConsumerManager(org.openid4java.consumer.ConsumerManager)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
DiscoveryInformation(org.openid4java.discovery.DiscoveryInformation)
Example 5 with DiscoveryInformation
use of org.openid4java.discovery.DiscoveryInformation in project spring-security by spring-projects.
the class OpenID4JavaConsumerTests method failedVerificationReturnsFailedAuthenticationStatus.
@Test
public void failedVerificationReturnsFailedAuthenticationStatus() throws Exception {
ConsumerManager mgr = mock(ConsumerManager.class);
OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory());
VerificationResult vr = mock(VerificationResult.class);
DiscoveryInformation di = mock(DiscoveryInformation.class);
when(mgr.verify(anyString(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr);
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(DiscoveryInformation.class.getName(), di);
OpenIDAuthenticationToken auth = consumer.endConsumption(request);
assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.FAILURE);
}
Also used :
ConsumerManager(org.openid4java.consumer.ConsumerManager)
VerificationResult(org.openid4java.consumer.VerificationResult)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
DiscoveryInformation(org.openid4java.discovery.DiscoveryInformation)
ParameterList(org.openid4java.message.ParameterList)
Aggregations
DiscoveryInformation (org.openid4java.discovery.DiscoveryInformation)8
ParameterList (org.openid4java.message.ParameterList)5
VerificationResult (org.openid4java.consumer.VerificationResult)4
DiscoveryException (org.openid4java.discovery.DiscoveryException)4
List (java.util.List)3
ConsumerManager (org.openid4java.consumer.ConsumerManager)3
Identifier (org.openid4java.discovery.Identifier)3
AuthRequest (org.openid4java.message.AuthRequest)3
MessageException (org.openid4java.message.MessageException)3
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3
Consumes (javax.ws.rs.Consumes)2
GET (javax.ws.rs.GET)2
POST (javax.ws.rs.POST)2
Path (javax.ws.rs.Path)2
Produces (javax.ws.rs.Produces)2
AssociationException (org.openid4java.association.AssociationException)2
ConsumerException (org.openid4java.consumer.ConsumerException)2
FetchRequest (org.openid4java.message.ax.FetchRequest)2
UrlEncoded (com.google.gerrit.server.UrlEncoded)1
ArrayList (java.util.ArrayList)1
