use of org.openid4java.discovery.Identifier in project spring-security by spring-projects.
the class OpenID4JavaConsumer method endConsumption.
public OpenIDAuthenticationToken endConsumption(HttpServletRequest request) throws OpenIDConsumerException {
// extract the parameters from the authentication response
// (which comes in as a HTTP request from the OpenID provider)
ParameterList openidResp = new ParameterList(request.getParameterMap());
// retrieve the previously stored discovery information
DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute(DISCOVERY_INFO_KEY);
if (discovered == null) {
throw new OpenIDConsumerException("DiscoveryInformation is not available. Possible causes are lost session or replay attack");
}
List<OpenIDAttribute> attributesToFetch = (List<OpenIDAttribute>) request.getSession().getAttribute(ATTRIBUTE_LIST_KEY);
request.getSession().removeAttribute(DISCOVERY_INFO_KEY);
request.getSession().removeAttribute(ATTRIBUTE_LIST_KEY);
// extract the receiving URL from the HTTP request
StringBuffer receivingURL = request.getRequestURL();
String queryString = request.getQueryString();
if (StringUtils.hasLength(queryString)) {
receivingURL.append("?").append(request.getQueryString());
}
// verify the response
VerificationResult verification;
try {
verification = consumerManager.verify(receivingURL.toString(), openidResp, discovered);
} catch (MessageException e) {
throw new OpenIDConsumerException("Error verifying openid response", e);
} catch (DiscoveryException e) {
throw new OpenIDConsumerException("Error verifying openid response", e);
} catch (AssociationException e) {
throw new OpenIDConsumerException("Error verifying openid response", e);
}
// examine the verification result and extract the verified identifier
Identifier verified = verification.getVerifiedId();
if (verified == null) {
Identifier id = discovered.getClaimedIdentifier();
return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, id == null ? "Unknown" : id.getIdentifier(), "Verification status message: [" + verification.getStatusMsg() + "]", Collections.<OpenIDAttribute>emptyList());
}
List<OpenIDAttribute> attributes = fetchAxAttributes(verification.getAuthResponse(), attributesToFetch);
return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, verified.getIdentifier(), "some message", attributes);
}
use of org.openid4java.discovery.Identifier in project spring-security by spring-projects.
the class OpenID4JavaConsumerTests method successfulVerificationReturnsExpectedAuthentication.
@SuppressWarnings("serial")
@Test
public void successfulVerificationReturnsExpectedAuthentication() throws Exception {
ConsumerManager mgr = mock(ConsumerManager.class);
OpenID4JavaConsumer consumer = new OpenID4JavaConsumer(mgr, new NullAxFetchListFactory());
VerificationResult vr = mock(VerificationResult.class);
DiscoveryInformation di = mock(DiscoveryInformation.class);
Identifier id = new Identifier() {
public String getIdentifier() {
return "id";
}
};
Message msg = mock(Message.class);
when(mgr.verify(anyString(), any(ParameterList.class), any(DiscoveryInformation.class))).thenReturn(vr);
when(vr.getVerifiedId()).thenReturn(id);
when(vr.getAuthResponse()).thenReturn(msg);
MockHttpServletRequest request = new MockHttpServletRequest();
request.getSession().setAttribute(DiscoveryInformation.class.getName(), di);
request.getSession().setAttribute("SPRING_SECURITY_OPEN_ID_ATTRIBUTES_FETCH_LIST", attributes);
OpenIDAuthenticationToken auth = consumer.endConsumption(request);
assertThat(auth.getStatus()).isEqualTo(OpenIDAuthenticationStatus.SUCCESS);
}
use of org.openid4java.discovery.Identifier in project oxTrust by GluuFederation.
the class OxChooserWebService method responseHandler.
@Path("/Response")
@GET
@POST
@Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
@Produces({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
public Response responseHandler(@Context HttpServletRequest httpReq, @Context HttpServletResponse httpRes, ForwardedRequest frequest) throws ConsumerException {
try {
log.debug("instantiating a ParameterList ");
ParameterList response = new ParameterList(frequest.getParameterMap());
log.debug("getting DiscoveryInformation ");
DiscoveryInformation discovered = (DiscoveryInformation) httpReq.getSession().getAttribute("openid-disc");
log.debug("getting StringBuffer ");
StringBuffer receivingURL = frequest.getRequestURL();
log.debug("getting QueryString ");
String queryString = frequest.getQueryString();
if (queryString != null && queryString.length() > 0)
log.debug("getting receivingURL ");
receivingURL.append("?").append(frequest.getQueryString());
log.debug("getting VerificationResult ");
VerificationResult verification = manager.verify(receivingURL.toString(), response, discovered);
log.debug("getting VerificationResult ");
Identifier verified = verification.getVerifiedId();
log.debug(" VerificationResult retrieved ");
if (verified != null) {
log.debug("verified != null");
AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
log.debug("getting FetchResponse");
FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);
log.debug("getting emails");
List emails = fetchResp.getAttributeValues("email");
log.debug("getting FirstName");
String firstName = fetchResp.getAttributeValue("firstname");
log.debug("getting LastName");
String lastName = fetchResp.getAttributeValue("lastname");
log.debug("getting one Email");
String email = (String) emails.get(0);
log.debug("email : ", email);
String nickName = fetchResp.getAttributeValue("nickname");
String Image = fetchResp.getAttributeValue("image");
String Language = fetchResp.getAttributeValue("language");
String Country = fetchResp.getAttributeValue("country");
String Timezone = fetchResp.getAttributeValue("timezone");
String Gender = fetchResp.getAttributeValue("gender");
String Fullname = fetchResp.getAttributeValue("fullname");
IdentityResponse idResponse = new IdentityResponse();
idResponse.setFirstname(firstName);
idResponse.setLastname(lastName);
idResponse.setEmail(email);
idResponse.setNickname(nickName);
idResponse.setImage(Image);
idResponse.setLanguage(Language);
idResponse.setCountry(Country);
idResponse.setTimezone(Timezone);
idResponse.setGender(Gender);
idResponse.setFullname(Fullname);
return Response.ok(idResponse).build();
}
return errorResponse("Could not get fetched attributes");
}
} catch (AssociationException e) {
return errorResponse("An AssociationException occured , please check your request.");
} catch (MessageException e) {
return errorResponse("An MessageException occured , please check your request.");
} catch (DiscoveryException e) {
return errorResponse("An DiscoveryException occured , please check your request.");
} finally {
identity.logout();
}
return errorResponse("An Error occured , please check your request.");
}
Aggregations