Author: prabath
Date: Wed Mar 19 01:47:07 2008
New Revision: 14983
Log:
code refactoring
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
Modified:
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
==============================================================================
---
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
(original)
+++
trunk/solutions/identity/modules/user-ui/src/main/java/org/wso2/solutions/identity/user/ui/action/OpenIDAuthVerificationAction.java
Wed Mar 19 01:47:07 2008
@@ -1,5 +1,6 @@
package org.wso2.solutions.identity.user.ui.action;
+import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;
@@ -47,20 +48,15 @@
ActionContext context = null;
HttpServletRequest request = null;
- HttpServletResponse response = null;
- String password = null;
String openID = null;
HttpSession session = null;
ParameterList requestParam = null;
String user = null;
String infoCardSignin = null;
String rpUrl = null;
- String[] policies = null;
context = ActionContext.getContext();
request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
- response = (HttpServletResponse) context
- .get(StrutsStatics.HTTP_RESPONSE);
session = request.getSession();
infoCardSignin = request.getParameter("InfoCardSignin");
@@ -91,172 +87,217 @@
if (infoCardSignin != null && "Log in".equals(infoCardSignin)) {
// User logs in with an information card
+ return handleInforCardLogin(openID, user, rpUrl);
+ } else {
+ // User logs in with user-name/password.
+ return handleUserNameLogin(openID, user, rpUrl);
+ }
+ }
- boolean isRedirected = false;
+ /**
+ * Handles user-name/password login
+ * @param openID OpenID
+ * @param user User name
+ * @param rpUrl Relying party URL
+ * @return Success/Failure
+ * @throws RelyingPartyException
+ * @throws IdentityProviderException
+ * @throws IOException
+ */
+ protected String handleUserNameLogin(String openID, String user,
+ String rpUrl) throws RelyingPartyException,
+ IdentityProviderException, IOException {
- if (UserUtil.verifyInfoCardLogin(context, openID)) {
+ ActionContext context = null;
+ HttpServletRequest request = null;
+ HttpServletResponse response = null;
+ HttpSession session = null;
+ String password = null;
- policies = OpenIDUtil
- .getRequestedAuthenticationPolicies(requestParam);
+ context = ActionContext.getContext();
+ request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
+ response = (HttpServletResponse) context
+ .get(StrutsStatics.HTTP_RESPONSE);
+ session = request.getSession();
- if (policies != null) {
- for (String policy : policies) {
- if (policy
-
.equalsIgnoreCase(IdentityConstants.OpenId.PapeAttributes.MULTI_FACTOR)) {
- session
- .setAttribute(
-
"multiFactorAuthenticationWithUsernamePassword",
- "true");
- session.setAttribute("multifactorlogin", "true");
- isRedirected = true;
- response
-
.sendRedirect("OpenIDAuthentication.action");
- break;
- }
- }
- }
+ password = request
+ .getParameter(IdentityProviderConstants.OpenId.PASSWORD);
+ if (password == null) {
+ password = (String) session
+ .getAttribute(IdentityProviderConstants.OpenId.PASSWORD);
+ if (password != null)
+ session
+
.removeAttribute(IdentityProviderConstants.OpenId.PASSWORD);
+ }
- populateUserProfiles(user, rpUrl);
+ if (UserUtil.doLogin(user, password)) {
- // Okay - user used InfoCards to login - next when tries
- // login
- // we'll let him use his InfoCard directly, by passing the
- // authentication page.
+ populateUserProfiles(user, rpUrl);
- // Encode the password
- Cookie infocardCookie = new Cookie("infocardCookie", openID);
- infocardCookie.setMaxAge(60 * 60 * 24 * 14);
- infocardCookie.setSecure(true);
- response.addCookie(infocardCookie);
-
- // OpenID Provider needs to know which authentication
- // mechanism the user went through while authenticating to the
- // OP.
- session
- .setAttribute("phishingResistanceAuthentication",
- "true");
- if (!isRedirected) {
-
- String message = getText("successful_for",
- new String[] { openID });
- ReportAdmin.record(openID,
- ActionDO.ACTION_USER_LOG_IN_SELF_ISSUED_CARD,
- message);
-
- if (!isRequiredUserApproval(request)) {
-
- String authMessage = getText("successful_for",
- new String[] { openID });
- ReportAdmin.record(openID,
- ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
- authMessage);
-
- // User has already agreed to accept request from this
- // RP always.
- response
-
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
- }
- }
+ String remeberMe = null;
- return SUCCESS;
- } else {
+ if (request.getParameter("remember") != null) {
+ remeberMe = request.getParameter("remember");
+ }
- Cookie[] cookies = request.getCookies();
- Cookie curCookie = null;
- String useInfoCard = null;
-
- for (int x = 0; x < cookies.length; x++) {
- curCookie = cookies[x];
- if
(curCookie.getName().equalsIgnoreCase("infocardCookie")) {
- useInfoCard = curCookie.getValue();
-
- if (useInfoCard != null && useInfoCard.equals(openID))
{
- curCookie.setMaxAge(0);
- response.addCookie(curCookie);
- }
- }
- }
+ if (remeberMe != null && remeberMe.equalsIgnoreCase("true")) {
+ // Add cookie
+ Cookie rememberMeCookie = new Cookie("rememberme", "true");
+ // Expires in two weeks
+ rememberMeCookie.setMaxAge(60 * 60 * 24 * 14);
+ response.addCookie(rememberMeCookie);
+
+ Cookie openIDCookie = new Cookie("openid", openID);
+ openIDCookie.setMaxAge(60 * 60 * 24 * 14);
+ openIDCookie.setSecure(true);
+ response.addCookie(openIDCookie);
- String message = getText("invalid_user_password");
- ReportAdmin.record(openID, ActionDO.ACTION_USER_FAILURE,
- message);
+ // Encode the password
+ Cookie passwordCookie = new Cookie("password",
+ new sun.misc.BASE64Encoder().encode(password
+ .getBytes("UTF-8")));
+ passwordCookie.setMaxAge(60 * 60 * 24 * 14);
+ passwordCookie.setSecure(true);
+ response.addCookie(passwordCookie);
+ }
- this.addErrorMessage(getText("invalid_card_login"));
- return ERROR;
+ String message = getText("successful_for", new String[] { user });
+ ReportAdmin.record(user, ActionDO.ACTION_USER_LOG_IN_OPENID,
+ message);
+
+ if (!isRequiredUserApproval(request)) {
+ String authMessage = getText("successful_for",
+ new String[] { user });
+ ReportAdmin.record(user,
+ ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
+ authMessage);
+
+ // User has already agreed to accept request from this RP
+ // always.
+ response
+
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
}
+ return SUCCESS;
} else {
- // User logs in with user-name/password.
- password = request
- .getParameter(IdentityProviderConstants.OpenId.PASSWORD);
+ String message = getText("invalid_user_password");
+ ReportAdmin.record(user, ActionDO.ACTION_USER_FAILURE, message);
+ this.addErrorMessage(getText("invalid_user_password"));
+ return ERROR;
+ }
+ }
- if (password == null) {
- password = (String) session
-
.getAttribute(IdentityProviderConstants.OpenId.PASSWORD);
-
- if (password != null)
- session
-
.removeAttribute(IdentityProviderConstants.OpenId.PASSWORD);
- }
+ /**
+ * Handles information card login
+ * @param openID OpenID
+ * @param user User name
+ * @param rpUrl Relying party URL
+ * @return Success/Failure
+ * @throws RelyingPartyException
+ * @throws IdentityProviderException
+ * @throws IOException
+ */
+ protected String handleInforCardLogin(String openID, String user,
+ String rpUrl) throws RelyingPartyException,
+ IdentityProviderException, IOException {
+
+ ActionContext context = null;
+ HttpServletRequest request = null;
+ HttpServletResponse response = null;
+ HttpSession session = null;
+ ParameterList requestParam = null;
+ boolean isRedirected = false;
+ String[] policies = null;
+
+ context = ActionContext.getContext();
+ request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
+ response = (HttpServletResponse) context
+ .get(StrutsStatics.HTTP_RESPONSE);
+ session = request.getSession();
- if (UserUtil.doLogin(user, password)) {
+ requestParam = (ParameterList) session
+ .getAttribute(IdentityConstants.OpenId.PARAM_LIST);
- populateUserProfiles(user, rpUrl);
+ if (UserUtil.verifyInfoCardLogin(context, openID)) {
- String remeberMe = null;
+ policies = OpenIDUtil
+ .getRequestedAuthenticationPolicies(requestParam);
- if (request.getParameter("remember") != null) {
- remeberMe = request.getParameter("remember");
+ if (policies != null) {
+ for (String policy : policies) {
+ if (policy
+
.equalsIgnoreCase(IdentityConstants.OpenId.PapeAttributes.MULTI_FACTOR)) {
+ session
+ .setAttribute(
+
"multiFactorAuthenticationWithUsernamePassword",
+ "true");
+ session.setAttribute("multifactorlogin", "true");
+ isRedirected = true;
+ response.sendRedirect("OpenIDAuthentication.action");
+ break;
+ }
}
+ }
- if (remeberMe != null && remeberMe.equalsIgnoreCase("true")) {
- // Add cookie
+ populateUserProfiles(user, rpUrl);
- Cookie rememberMeCookie = new Cookie("rememberme", "true");
- // Expires in two weeks
- rememberMeCookie.setMaxAge(60 * 60 * 24 * 14);
- response.addCookie(rememberMeCookie);
-
- Cookie openIDCookie = new Cookie("openid", openID);
- openIDCookie.setMaxAge(60 * 60 * 24 * 14);
- openIDCookie.setSecure(true);
- response.addCookie(openIDCookie);
-
- // Encode the password
- Cookie passwordCookie = new Cookie("password",
- new sun.misc.BASE64Encoder().encode(password
- .getBytes("UTF-8")));
- passwordCookie.setMaxAge(60 * 60 * 24 * 14);
- passwordCookie.setSecure(true);
- response.addCookie(passwordCookie);
- }
+ // Okay - user used InfoCards to login - next when tries
+ // login we'll let him use his InfoCard directly, by passing the
+ // authentication page.
+
+ // Encode the password
+ Cookie infocardCookie = new Cookie("infocardCookie", openID);
+ infocardCookie.setMaxAge(60 * 60 * 24 * 14);
+ infocardCookie.setSecure(true);
+ response.addCookie(infocardCookie);
+
+ // OpenID Provider needs to know which authentication
+ // mechanism the user went through while authenticating to the
+ // OP.
+ session.setAttribute("phishingResistanceAuthentication", "true");
+ if (!isRedirected) {
String message = getText("successful_for",
- new String[] { openID });
- ReportAdmin.record(openID, ActionDO.ACTION_USER_LOG_IN_OPENID,
- message);
+ new String[] { user });
+ ReportAdmin.record(user,
+ ActionDO.ACTION_USER_LOG_IN_SELF_ISSUED_CARD, message);
if (!isRequiredUserApproval(request)) {
-
String authMessage = getText("successful_for",
- new String[] { openID });
- ReportAdmin.record(openID,
+ new String[] { user });
+ ReportAdmin.record(user,
ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
authMessage);
- // User has already agreed to accept request from this RP
- // always.
+ // User has already agreed to accept request from this
+ // RP always.
response
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
}
+ }
+ return SUCCESS;
+ } else {
- return SUCCESS;
- } else {
- String message = getText("invalid_user_password");
- ReportAdmin.record(openID, ActionDO.ACTION_USER_FAILURE,
- message);
- this.addErrorMessage(getText("invalid_user_password"));
- return ERROR;
+ Cookie[] cookies = request.getCookies();
+ Cookie curCookie = null;
+ String useInfoCard = null;
+
+ for (int x = 0; x < cookies.length; x++) {
+ curCookie = cookies[x];
+ if (curCookie.getName().equalsIgnoreCase("infocardCookie")) {
+ useInfoCard = curCookie.getValue();
+
+ if (useInfoCard != null && useInfoCard.equals(openID)) {
+ curCookie.setMaxAge(0);
+ response.addCookie(curCookie);
+ }
+ }
}
+
+ String message = getText("invalid_user_password");
+ ReportAdmin.record(user, ActionDO.ACTION_USER_FAILURE, message);
+
+ this.addErrorMessage(getText("invalid_card_login"));
+ return ERROR;
}
}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
