svn commit: r1482863 - in /sling/whiteboard/asanso/openidconnect: pom.xml src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIDConnectAuthenticationHandler.java src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIdConnectLoginModule.java

Wed, 15 May 2013 07:22:54 -0700 

Author: asanso
Date: Wed May 15 14:22:27 2013
New Revision: 1482863

URL: http://svn.apache.org/r1482863
Log:
SLING-2759 - Provide an OpenId Connect Authentication Handler 

Modified:
    sling/whiteboard/asanso/openidconnect/pom.xml
    
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIDConnectAuthenticationHandler.java
    
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIdConnectLoginModule.java

Modified: sling/whiteboard/asanso/openidconnect/pom.xml
URL: 
http://svn.apache.org/viewvc/sling/whiteboard/asanso/openidconnect/pom.xml?rev=1482863&r1=1482862&r2=1482863&view=diff
==============================================================================
--- sling/whiteboard/asanso/openidconnect/pom.xml (original)
+++ sling/whiteboard/asanso/openidconnect/pom.xml Wed May 15 14:22:27 2013
@@ -55,7 +55,7 @@
                 <configuration>
                     <instructions>
                         <Import-Package>
-                               *;resolution:=optional
+                               *
                         </Import-Package>                        
                     </instructions>
                 </configuration>

Modified: 
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIDConnectAuthenticationHandler.java
URL: 
http://svn.apache.org/viewvc/sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIDConnectAuthenticationHandler.java?rev=1482863&r1=1482862&r2=1482863&view=diff
==============================================================================
--- 
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIDConnectAuthenticationHandler.java
 (original)
+++ 
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIDConnectAuthenticationHandler.java
 Wed May 15 14:22:27 2013
@@ -18,7 +18,6 @@
  */
 package org.apache.sling.auth.openidconnect.impl;
 
- 
 import java.io.IOException;
 import java.util.Dictionary;
 import javax.security.auth.spi.LoginModule;
@@ -35,88 +34,107 @@ import org.apache.felix.scr.annotations.
 import org.apache.felix.scr.annotations.Properties;
 import org.apache.felix.scr.annotations.Property;
 import org.apache.felix.scr.annotations.Service;
+import org.apache.oltu.oauth2.client.OAuthClient;
+import org.apache.oltu.oauth2.client.URLConnectionClient;
 import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
-import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
+import org.apache.oltu.oauth2.client.response.OAuthAccessTokenResponse;
+import org.apache.oltu.oauth2.client.response.OAuthAuthzResponse;
+import org.apache.oltu.oauth2.client.response.OAuthJSONAccessTokenResponse;
+import org.apache.oltu.oauth2.common.OAuth;
+import org.apache.oltu.oauth2.common.message.types.GrantType;
 import org.apache.oltu.oauth2.common.message.types.ResponseType;
 import org.apache.sling.auth.core.spi.AuthenticationHandler;
 import org.apache.sling.auth.core.spi.AuthenticationInfo;
 import org.apache.sling.commons.osgi.OsgiUtil;
 
-@Component(
-               metatype = true,
-               policy = ConfigurationPolicy.REQUIRE,
-               label = "Open ID Connect",
-               description = "Open ID Connect")
+@Component(metatype = true, policy = ConfigurationPolicy.REQUIRE, label = 
"Open ID Connect", description = "Open ID Connect")
 @Service
 @Properties({
-       @Property(name = AuthenticationHandler.PATH_PROPERTY, value = "/"), 
-       @Property(name = Constants.SERVICE_RANKING, intValue = 50000) 
-}) 
-public class OpenIDConnectAuthenticationHandler implements 
AuthenticationHandler,LoginModuleFactory{
-       
-        /** default log */
-    private final Logger log = LoggerFactory.getLogger(getClass());
-    
-    @Property
-    public static final String PROP_AUTHORIZATION_ENDPOINT= 
"oauth.authorization.endpoint";
-    
-    @Property
-    public static final String PROP_TOKEN_ENDPOINT= "oauth.token.endpoint";
-    
-    @Property
-    public static final String PROP_CLIENT_ID= "oauth.clientId";
-    
-    @Property
-    //TODO
-    public static final String PROP_CLIENT_SECRET= "oauth.client.secret";
-    
-    @Property
-    public static final String PROP_REDIRECT_URI= "oauth.redirect.uri";
-    
-    @Property
-    public static final String PROP_SCOPES= "oauth.scopes";
-    
-    private String authorizationEndpoint;
-    private String tokenEndpoint;
-    private String clientId;
-    private String redirectUri;
-    private String scopes;
-    
-    @Activate
+               @Property(name = AuthenticationHandler.PATH_PROPERTY, value = 
"/"),
+               @Property(name = Constants.SERVICE_RANKING, intValue = 50000) })
+public class OpenIDConnectAuthenticationHandler implements
+               AuthenticationHandler, LoginModuleFactory {
+
+       /** default log */
+       private final Logger log = LoggerFactory.getLogger(getClass());
+
+       @Property
+       public static final String PROP_AUTHORIZATION_ENDPOINT = 
"oauth.authorization.endpoint";
+
+       @Property
+       public static final String PROP_TOKEN_ENDPOINT = "oauth.token.endpoint";
+
+       @Property
+       public static final String PROP_CLIENT_ID = "oauth.clientId";
+
+       @Property
+       // TODO
+       public static final String PROP_CLIENT_SECRET = "oauth.client.secret";
+
+       @Property
+       public static final String PROP_REDIRECT_URI = "oauth.redirect.uri";
+
+       @Property
+       public static final String PROP_SCOPES = "oauth.scopes";
+
+       private String authorizationEndpoint;
+       private String tokenEndpoint;
+       private String clientId;
+       private String clientSecret;
+       private String redirectUri;
+       private String scopes;
+
+       @Activate
        protected void activate(ComponentContext componentContext) throws 
Exception {
-       
-       final Dictionary props = componentContext.getProperties();
-       
-               authorizationEndpoint = 
OsgiUtil.toString(props.get(PROP_AUTHORIZATION_ENDPOINT),"");
-               tokenEndpoint = 
OsgiUtil.toString(props.get(PROP_TOKEN_ENDPOINT),"");
-       clientId =  OsgiUtil.toString(props.get(PROP_CLIENT_ID),"");
-       redirectUri =  OsgiUtil.toString(props.get(PROP_REDIRECT_URI),"");
-       scopes =  OsgiUtil.toString(props.get(PROP_SCOPES),"");
-    }
-       
+
+               final Dictionary props = componentContext.getProperties();
+
+               authorizationEndpoint = OsgiUtil.toString(
+                               props.get(PROP_AUTHORIZATION_ENDPOINT), "");
+               tokenEndpoint = 
OsgiUtil.toString(props.get(PROP_TOKEN_ENDPOINT), "");
+               clientId = OsgiUtil.toString(props.get(PROP_CLIENT_ID), "");
+               clientSecret = OsgiUtil.toString(props.get(PROP_CLIENT_SECRET), 
"");
+               redirectUri = OsgiUtil.toString(props.get(PROP_REDIRECT_URI), 
"");
+               scopes = OsgiUtil.toString(props.get(PROP_SCOPES), "");
+       }
 
        public AuthenticationInfo extractCredentials(HttpServletRequest request,
-                       HttpServletResponse response) {                         
-        try {
-                       OAuthClientRequest clientRequest = OAuthClientRequest
-                       .authorizationLocation(authorizationEndpoint)
-                       .setClientId(clientId)
-                       .setRedirectURI(redirectUri)
-                       .setResponseType(ResponseType.CODE.toString())
-                       .setScope(scopes)
-                       .buildQueryMessage();
-                       response.sendRedirect(clientRequest.getLocationUri());
-                       return AuthenticationInfo.DOING_AUTH;
-                       
-               } catch (OAuthSystemException e) {
-                       // TODO Auto-generated catch block
-                       e.printStackTrace();
-               } catch (IOException e) {
+                       HttpServletResponse response) {
+               try {
+                       if (request.getParameter(OAuth.OAUTH_CODE) != null) {
+                               OAuthAuthzResponse oar = OAuthAuthzResponse
+                                               
.oauthCodeAuthzResponse(request);
+                               String code = oar.getCode();
+
+                               OAuthClientRequest req = OAuthClientRequest
+                                               
.tokenLocation(tokenEndpoint).setClientId(clientId)
+                                               .setClientSecret(clientSecret)
+                                               
.setRedirectURI(redirectUri).setCode(code)
+                                               
.setGrantType(GrantType.AUTHORIZATION_CODE)
+                                               .buildBodyMessage();
+
+                               OAuthClient client = new OAuthClient(new 
URLConnectionClient());
+                               OAuthAccessTokenResponse oauthResponse = 
client.accessToken(
+                                               req, 
OAuthJSONAccessTokenResponse.class);
+
+                               log.error("oauthResponse " + 
oauthResponse.getAccessToken());
+
+                       } else {
+                               OAuthClientRequest clientRequest = 
OAuthClientRequest
+                                               
.authorizationLocation(authorizationEndpoint)
+                                               
.setClientId(clientId).setRedirectURI(redirectUri)
+                                               
.setResponseType(ResponseType.CODE.toString())
+                                               
.setScope(scopes).buildQueryMessage();
+                               
response.sendRedirect(clientRequest.getLocationUri());
+                               return AuthenticationInfo.DOING_AUTH;
+                       }
+
+               } catch (Exception e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                }
-               
-               return null;
+
+               return null;
        }
 
        public boolean requestCredentials(HttpServletRequest request,
@@ -129,7 +147,6 @@ public class OpenIDConnectAuthentication
                // TODO Auto-generated method stub
        }
 
-
        public LoginModule createLoginModule() {
                return new OpenIdConnectLoginModule(this);
        }

Modified: 
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIdConnectLoginModule.java
URL: 
http://svn.apache.org/viewvc/sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIdConnectLoginModule.java?rev=1482863&r1=1482862&r2=1482863&view=diff
==============================================================================
--- 
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIdConnectLoginModule.java
 (original)
+++ 
sling/whiteboard/asanso/openidconnect/src/main/java/org/apache/sling/auth/openidconnect/impl/OpenIdConnectLoginModule.java
 Wed May 15 14:22:27 2013
@@ -17,7 +17,6 @@
  * under the License.
  */
 package org.apache.sling.auth.openidconnect.impl;
- 
 
 import java.util.Map;
 import javax.security.auth.Subject;
@@ -28,12 +27,12 @@ import javax.security.auth.spi.LoginModu
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-public class OpenIdConnectLoginModule implements LoginModule{
-       
-        /** default log */
-    private final Logger log = LoggerFactory.getLogger(getClass());
-       
-       private final  OpenIDConnectAuthenticationHandler authHandler;
+public class OpenIdConnectLoginModule implements LoginModule {
+
+       /** default log */
+       private final Logger log = LoggerFactory.getLogger(getClass());
+
+       private final OpenIDConnectAuthenticationHandler authHandler;
 
        public OpenIdConnectLoginModule(
                        OpenIDConnectAuthenticationHandler authHandler) {
@@ -53,7 +52,7 @@ public class OpenIdConnectLoginModule im
        public void initialize(Subject arg0, CallbackHandler arg1,
                        Map<String, ?> arg2, Map<String, ?> arg3) {
                // TODO Auto-generated method stub
-               
+
        }
 
        public boolean login() throws LoginException {

Reply via email to