Author: prabath
Date: Tue Dec 11 11:54:33 2007
New Revision: 10984
Log:
Added OpenID authentication logic
Modified:
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
Modified:
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
==============================================================================
---
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
(original)
+++
branches/solutions/identity/openid-poc/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIdProvider.java
Tue Dec 11 11:54:33 2007
@@ -9,6 +9,8 @@
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
import org.wso2.solutions.identity.UserStore;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.DirectError;
@@ -31,6 +33,7 @@
// instantiate a ServerManager object
public static ServerManager manager = new ServerManager();
+ private String authPage;
// configure the OpenID Provider's endpoint URL
static {
@@ -41,14 +44,28 @@
public String processRequest(HttpServletRequest httpReq,
HttpServletResponse httpResp) throws Exception {
- // extract the parameters from the request
- ParameterList request = new
ParameterList(httpReq.getParameterMap());
-
- String mode = request.hasParameter("openid.mode") ? request
- .getParameterValue("openid.mode") : null;
-
+ ParameterList request = null;
Message response;
String responseText;
+ HttpSession session;
+
+ session = httpReq.getSession();
+
+ // Completing the authz and authn process by redirecting here
+ if ("complete".equals(httpReq.getParameter("_action")))
+ {
+ // On a redirect from the OP authn & authz sequence
+ request=(ParameterList)
session.getAttribute("parameterlist");
+ }
+ else
+ {
+ // extract the parameters from the request
+ request = new ParameterList(httpReq.getParameterMap());
+ }
+
+ String mode = request.hasParameter("openid.mode") ? request
+ .getParameterValue("openid.mode") : null;
+
if ("associate".equals(mode)) {
// process an association request
@@ -56,16 +73,25 @@
responseText = response.keyValueFormEncoding();
} else if ("checkid_setup".equals(mode)
|| "checkid_immediate".equals(mode)) {
+
+ boolean authenticatedAndApproved = false;
+
// interact with the user and obtain data needed to
continue
List userData = userInteraction(request);
-
- // TODO : do the authentication
- Boolean authenticatedAndApproved = true;
-
+
String userSelectedClaimedId = (String) userData.get(0);
String nickName = (String) userData.get(1);
String fullName = (String) userData.get(2);
String email = (String) userData.get(3);
+
+ authenticatedAndApproved = doLogin(nickName,
httpReq.getParameter("password"));
+
+ if (!authenticatedAndApproved)
+ {
+ session.setAttribute("parameterlist", request);
+ httpResp.sendRedirect(authPage);
+ }
+
// process an authentication request
AuthRequest authReq =
AuthRequest.createAuthRequest(request,
@@ -80,8 +106,7 @@
}
response = manager.authResponse(request, opLocalId,
- userSelectedClaimedId,
authenticatedAndApproved
- .booleanValue());
+ userSelectedClaimedId,
authenticatedAndApproved);
if (response instanceof DirectError)
return directResponse(httpResp,
response.keyValueFormEncoding());
@@ -216,5 +241,22 @@
return null;
}
+
+ private boolean doLogin(String username, String password) {
+ try {
+ UserStore userStore = UserStore.getInstance();
+ return userStore.authenticate(username, password);
+ } catch (Exception e) {
+
+ return false;
+ }
+
+ }
+
+ public void setAuthPage(String authPage)
+ {
+ this.authPage = authPage;
+ }
+
}
\ No newline at end of file
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
