Adding OpenID login support to Mashup
-------------------------------------
Key: MASHUP-689
URL: https://wso2.org/jira/browse/MASHUP-689
Project: WSO2 Mashup Server
Issue Type: New Feature
Reporter: Channa Gunawardena
Assignee: Channa Gunawardena
Fix For: 1.1
I documented the steps that you need to follow to add OpenID login support to
Mashup.
Please let me know if you have any doubts or need any clarifications.
Also, we have included a complete example with WSO2 IS distribution, which you
may find useful as well.
With OpenID, we can totally skip the registration step. So no sign up required
for OpenID.
In your sign-in page there will be a place holder to accept OpenID.
OpenID is a url, such as; http://prabath.myopenid.com or
http://me.yahoo.com/prabathsisiriwardena.
signin.jsp
----------
<form name="openidsignin" id="openidsignin" method="post"
action="openidsubmit.jsp">
Enter Your OpenID Url:<input type="text" name="openIdUrl"/>
<input type="submit" name="submit" value="Login" />
</form>
So, your openidsubmit.jsp page will accept the OpenID url and will do
authentication using Identity Solution's relying parting components.So you need
to have wso2is-token-verifier-core.jar and wso2is-base.jar in your build path,
which you already have.
openidsubmit.jsp
----------------
<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDAuthenticationRequest"%>
<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer"%>
<%
OpenIDAuthenticationRequest openIDAuthRequest = null;
openIDAuthRequest = new OpenIDAuthenticationRequest(request,response);
openIDAuthRequest.setOpenIDUrl((String)request.getParameter("openIdUrl"));
// you need to set an absolute url as the return url.
// once the user authenticated successfully or failed at the OpenID
// Provider, the browser will be redirected to this url
openIDAuthRequest.setReturnUrl("http://mooshup.com/openidcallback.jsp";);
// If user successfully authenticated I need his nick name
openIDAuthRequest.addRequiredClaims(
IdentityConstants.OpenId.SimpleRegAttributes.NICK_NAME);
OpenIDConsumer.getInstance().doOpenIDAuthentication(openIDAuthRequest);
%>
openidcallback.jsp
-------------------
<[EMAIL PROTECTED] import="org.wso2.solutions.identity.IdentityConstants"%>
<[EMAIL PROTECTED]
import="org.wso2.solutions.identity.openid.relyingparty.OpenIDConsumer "%>
<%
String nickname = null;
String auth =
(String)request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE);
if(auth != null && TokenVerifierConstants.STATE_SUCCESS.equals(auth)) {
//user authenticated successfully at his OpenID Provider
//let me get his nick name - which I requested.
if (request.getAttribute("nickname") != null)
{
nickname =
request.getAttribute(IdentityConstants.OpenId.SimpleRegAttributes.NICK_NAME);
}else {
// there can be OpenID Providers, who do not maintain a list of user
// attributes. In such case you won't receive any value here -
// though you requested. Anyway, if you desperately need any attributes
// - you can ask the user to enter those now - and may store those
against his
// OpenID, so for the next time when he logs in, we don't ask for the
// missing attributes once again.
}
}
else
{
//user authentication failed at his OpenID Provider
}
%>
- Prabath
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
