Author: channa Date: Mon May 5 02:14:58 2008 New Revision: 16518 Log:
Comments and some error handling updated to match OpenID inclusion. Modified: trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/IdentityHandler.java trunk/mashup/java/modules/www/identityaccept.jsp Modified: trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java ============================================================================== --- trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java (original) +++ trunk/mashup/java/modules/admin/service/src/org/wso2/mashup/admin/service/MashupLoginServiceIC.java Mon May 5 02:14:58 2008 @@ -1,3 +1,18 @@ +/* + * Copyright 2006,2007 WSO2, Inc. http://www.wso2.org + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ package org.wso2.mashup.admin.service; import org.apache.axis2.context.MessageContext; @@ -10,10 +25,18 @@ import org.wso2.registry.users.UserStoreException; import org.wso2.registry.users.UserStoreReader; - +/** + * Handles login when an identity such as InfoCard or OpenID is used. + */ public class MashupLoginServiceIC { - public String login(String ppid) throws MashupFault { + /** + * Logs in user based on identifier provided by identity solution. + * @param identifier can be InfoCard ppid or OpenID URL. + * @return name of authenticated user. + * @throws MashupFault if an error occurs during login. + */ + public String login(String identifier) throws MashupFault { MessageContext msgCtx = MessageContext.getCurrentMessageContext(); @@ -26,18 +49,18 @@ try { UserStoreReader storeReader = realm.getUserStoreReader(); // Null for key gets all users with the PPID - there can be only one. - String[] userNames = storeReader.getUserNamesWithPropertyValue(null, ppid); + String[] userNames = storeReader.getUserNamesWithPropertyValue(null, identifier); // If a name is returned, instantiate a secure registry for user. if (userNames.length == 1) { username = userNames[0]; } } catch (UserStoreException e) { - throw new MashupFault("Exception while processing ppid : " + ppid, e); + throw new MashupFault("Exception while processing identifier : " + identifier, e); } if (username == null) { - throw new MashupFault("User cannot be found for the ppid : " + ppid); + throw new MashupFault("User cannot be found for the identifier : " + identifier); } LoginUtil.updateDB(msgCtx, username); Modified: trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java ============================================================================== --- trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java (original) +++ trunk/mashup/java/modules/core/src/org/wso2/mashup/utils/MashupUtils.java Mon May 5 02:14:58 2008 @@ -508,7 +508,14 @@ } } - public static String login(String ppid, String cookieString) throws MashupFault { + /** + * Call login service using identifier. + * @param identifier InfoCard ppid or OpenID URL. + * @param cookieString + * @return + * @throws MashupFault + */ + public static String login(String identifier, String cookieString) throws MashupFault { Parameter parameter = null; AxisConfiguration configuration = null; try { @@ -538,7 +545,7 @@ // parameters to the service ServiceName string, service file name, // dataHandler of the bundled archive - Object[] opAddEntryArgs = new Object[] { ppid }; + Object[] opAddEntryArgs = new Object[] { identifier }; OMElement omElement = client.invokeBlocking(opAddEntry, opAddEntryArgs); OMElement returnElement = omElement.getFirstChildWithName(new QName( "http://service.admin.mashup.wso2.org/xsd";, "return")); Modified: trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/IdentityHandler.java ============================================================================== --- trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/IdentityHandler.java (original) +++ trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/identity/IdentityHandler.java Mon May 5 02:14:58 2008 @@ -15,7 +15,6 @@ */ package org.wso2.mashup.webapp.identity; -import org.apache.axis2.AxisFault; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.wso2.mashup.MashupConstants; @@ -45,22 +44,22 @@ import java.util.Map; /** - * Encapsulates the infocard based sign-in process logic. + * Encapsulates the identity based sign-in process logic. */ public class IdentityHandler { private static final Log log = LogFactory.getLog(IdentityHandler.class); /** - * Retrieves the infocard parameters and uses the ppid to validate the user. + * Retrieves the identity values and uses the identifier to validate the user. * - * @param request Servlet request object, contains the attributes supplied by the infocard. + * @param request Servlet request object, contains attributes supplied by the identity solution. * @return true if values have been retrieved successfully. */ - public static boolean signIn(HttpServletRequest request) throws MashupFault { - log.debug("Signing in using info card."); + public static boolean signIn(HttpServletRequest request) { + log.debug("Signing in using InfoCard or OpenID."); boolean success = false; - // If infocard has been successfully used, proceed. + // If the identity (InfoCard or OpenID) has been successfully used, proceed. String auth = (String) request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE); String authMethod = (String) request.getAttribute(MashupConstants.AUTHENTICATION_METHOD); if (TokenVerifierConstants.STATE_SUCCESS.equals(auth)) { @@ -69,7 +68,7 @@ EmbeddedRegistry embeddedRegistry = (EmbeddedRegistry) context.getAttribute(RegistryConstants.REGISTRY); - // Attempt to get card information and create a secure registry instance. + // Attempt to get information from Identity and create a registry instance. try { String identifier = (String) (MashupConstants.INFOCARD.equals(authMethod) ? request.getAttribute(IdentityConstants.CLAIM_PPID) : @@ -79,24 +78,26 @@ embeddedRegistry); request.getSession().setAttribute(MashupConstants.USER_REGISTRY, userRegistry); success = true; - } catch (AxisFault e) { - log.error("Infocard login failed.", e); + } catch (MashupFault e) { + log.error("Identity login failed.", e); } } else { String reason = (String) request.getAttribute(TokenVerifierConstants.FAILURE_REASON); - log.error("Infocard based login failed. Reason: " + reason); + log.error("Identity based login failed. Reason: " + reason); } return success; } /** - * Associates the ppid of a given infocard with the current user. + * Associates the identifier with the current user. * - * @param request Servlet request object, contains attributes provided by the info card. + * @param request Servlet request object, contains attributes provided by the identity used. + * @return true if the identity is successfuly associated with the user profile. + * @throws MashupFault thrown if an error occurs when checking for prior registrations. */ public static boolean associateIdentifierWithUser(HttpServletRequest request) throws MashupFault { - boolean cardAdded = false; + boolean idAdded = false; String identifier; try { // Get the available user properties. @@ -107,7 +108,7 @@ UserStoreAdmin userStoreAdmin = realm.getUserStoreAdmin(); Map userProps = realm.getUserStoreAdmin().getUserProperties(currentUser); - // If infocard or openid has been successfully used, add the card's identifier to user's properties. + // If identifier has been successfully used, add it to user's properties. String auth = (String) request.getAttribute(TokenVerifierConstants.SERVLET_ATTR_STATE); String authMethod = (String) request.getAttribute(MashupConstants.AUTHENTICATION_METHOD); if (TokenVerifierConstants.STATE_SUCCESS.equals(auth)) { @@ -116,42 +117,44 @@ if (MashupConstants.INFOCARD.equals(authMethod)) { identifier = (String) request.getAttribute(IdentityConstants.CLAIM_PPID); } else { - identifier = (String) request.getAttribute(IdentityConstants.OpenId.OPENID_IDENTIFIER); + identifier = (String) request.getAttribute(IdentityConstants.OpenId. + OPENID_IDENTIFIER); } // Add only if this identifier has not been associated with a user. - if (!org.wso2.mashup.webapp.identity.IdentityHandler.isIdentifierRegistered(request, identifier)) { - int regCardCount = 0; + if (!org.wso2.mashup.webapp.identity.IdentityHandler.isIdentifierRegistered(request, + identifier)) { + int identCount = 0; if (MashupConstants.INFOCARD.equals(authMethod)) { // There will be a count if keys have been registered, so append. if (userProps.containsKey(MashupConstants.INFOCARD_COUNT)) { - regCardCount = Integer.parseInt((String) userProps.get( + identCount = Integer.parseInt((String) userProps.get( MashupConstants.INFOCARD_COUNT)); } - userProps.put(MashupConstants.INFOCARD_PPID + regCardCount, identifier); - userProps.put(MashupConstants.INFOCARD_COUNT, Integer.toString(regCardCount + userProps.put(MashupConstants.INFOCARD_PPID + identCount, identifier); + userProps.put(MashupConstants.INFOCARD_COUNT, Integer.toString(identCount + 1)); } else { // There will be a count if keys have been registered, so append. if (userProps.containsKey(MashupConstants.OPENID_COUNT)) { - regCardCount = Integer.parseInt((String) userProps.get( + identCount = Integer.parseInt((String) userProps.get( MashupConstants.OPENID_COUNT)); } - userProps.put(MashupConstants.OPENID + regCardCount, identifier); - userProps.put(MashupConstants.OPENID_COUNT, Integer.toString(regCardCount + userProps.put(MashupConstants.OPENID + identCount, identifier); + userProps.put(MashupConstants.OPENID_COUNT, Integer.toString(identCount + 1)); } userStoreAdmin.setUserProperties(currentUser, userProps); - cardAdded = true; + idAdded = true; } } } catch (RegistryException e) { log.error("Error retrieving current user", e); } catch (UserStoreException e) { - log.error("Error adding info card to profile", e); + log.error("Error adding identifier to profile", e); } - return cardAdded; + return idAdded; } /** @@ -189,12 +192,12 @@ */ public static String[] getUsersOpenIds(Map userProperties) { String[] openIds = null; - // Make sure there are associated cards. + // Make sure there are associated OpenID's. if (userProperties.containsKey(MashupConstants.OPENID_COUNT)) { - int cardCount = Integer.parseInt((String) userProperties.get(MashupConstants. + int idCount = Integer.parseInt((String) userProperties.get(MashupConstants. OPENID_COUNT)); - openIds = new String[cardCount]; - for (int id = 0; id < cardCount; id++) { + openIds = new String[idCount]; + for (int id = 0; id < idCount; id++) { String openId = userProperties.get(MashupConstants.OPENID + id).toString(); openIds[id] = openId; } @@ -210,8 +213,8 @@ * @return true id the identifier has already been registered. * @throws MashupFault if an error is encoutered getting user details. */ - public static boolean isIdentifierRegistered(HttpServletRequest request, String identifier) throws - MashupFault { + public static boolean isIdentifierRegistered(HttpServletRequest request, String identifier) + throws MashupFault { boolean isRegistered = false; UserRegistry userRegistry = (UserRegistry) request.getSession().getAttribute( MashupConstants.USER_REGISTRY); @@ -232,18 +235,19 @@ } /** - * - * @param request - * @param response + * Submits the authentication request to the OpenID provider, after creating the callback URL + * based on the origin of the authentication request. + * @param request HttpServletRequest instance. + * @param response HttpServletResponse instance. */ public static void openIDSubmit(HttpServletRequest request, HttpServletResponse response) { String calledFrom = request.getParameter("calledfrom"); try { - OpenIDAuthenticationRequest openIDAuthRequest = null; + OpenIDAuthenticationRequest openIDAuthReq; - openIDAuthRequest = new OpenIDAuthenticationRequest(request, response); + openIDAuthReq = new OpenIDAuthenticationRequest(request, response); - openIDAuthRequest.setOpenIDUrl((String) request.getParameter("openIdUrl")); + openIDAuthReq.setOpenIDUrl(request.getParameter("openIdUrl")); // you need to set an absolute url as the return url. // once the user authenticated successfully or failed at the OpenID @@ -251,28 +255,28 @@ StringBuffer returnUrl = new StringBuffer(); returnUrl.append(request.getSession().getServletContext().getAttribute( MashupConstants.WEBAPP_URL)); - returnUrl.append("registration".equals(calledFrom) ? "register_self_identity.jsp" : "identityaccept.jsp"); - returnUrl.append("?calledfrom=" + calledFrom + "&" + MashupConstants.AUTHENTICATION_METHOD + - "=openid&FromIdentityProvider=true"); - openIDAuthRequest.setReturnUrl(returnUrl.toString()); + returnUrl.append("registration".equals(calledFrom) ? "register_self_identity.jsp" : + "identityaccept.jsp"); + returnUrl.append("?calledfrom=" + calledFrom + "&" + MashupConstants. + AUTHENTICATION_METHOD + "=openid&FromIdentityProvider=true"); + openIDAuthReq.setReturnUrl(returnUrl.toString()); // Use Simple Attribute Registration 1.1 - openIDAuthRequest.addRequestType(OpenIDRequestType.SIMPLE_REGISTRATION); + openIDAuthReq.addRequestType(OpenIDRequestType.SIMPLE_REGISTRATION); - // Set the required claims - I need these claims from the OpenID - // Provider. - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.NICK_NAME); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.FULL_NAME); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.EMAIL); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.DOB); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.GENDER); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.POSTAL_CODE); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.COUNTRY); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.LANGUAGE); - openIDAuthRequest.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.TIMEZONE); + // Set the required claims - I need these claims from the OpenID provider. + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.NICK_NAME); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.FULL_NAME); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.EMAIL); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.DOB); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.GENDER); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.POSTAL_CODE); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.COUNTRY); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.LANGUAGE); + openIDAuthReq.addRequiredClaims(IdentityConstants.OpenId.SimpleRegAttributes.TIMEZONE); - // Performs authentication : this will redirect you to OpenID Provider for authentication - OpenIDConsumer.getInstance().doOpenIDAuthentication(openIDAuthRequest); + // Performs authentication : will redirect you to OpenID Provider for authentication. + OpenIDConsumer.getInstance().doOpenIDAuthentication(openIDAuthReq); } catch (RelyingPartyException e) { // handle exceptions Modified: trunk/mashup/java/modules/www/identityaccept.jsp ============================================================================== --- trunk/mashup/java/modules/www/identityaccept.jsp (original) +++ trunk/mashup/java/modules/www/identityaccept.jsp Mon May 5 02:14:58 2008 @@ -49,11 +49,11 @@ bounceback = URLDecoder.decode(bounceback, "UTF-8"); } - // Check if the user is validated already. If so, this is to associate the user with the card. + // Check if user is logged in already; if so, this is to associate the user with the identity. if (isLoggedIn) { title = "Associate Identifier with user profile"; if (org.wso2.mashup.webapp.identity.IdentityHandler.associateIdentifierWithUser(request)) { - // Send the user back to the caling page on success - it'll show the added card ppid. + // Send the user back to the caling page on success - it'll show the added identifier. response.sendRedirect(bounceback); } else { message = "Could not add Identifier to user profile."; @@ -66,7 +66,7 @@ return; } else { message = "Identifier based login failed." + - "<br/><strong>If your browser supports CardSpace authentication, please make sure you have registered your Identifier</strong>."; + "<br/><strong>Please make sure you have registered your Identifier</strong>."; } } %> _______________________________________________ Mashup-dev mailing list [email protected] http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev
