yeah:(
I have something working only partially though, cant get email and name
attribute back from the openid provider properly.. Seems to work with
openid.org, but not claimid.com or myopenid.com
But I do not think it has anything todo with wicket:
Wicket sign in panel, sender of request:
public class OpenIdSignInPanel extends SignInPanel {
public OpenIdSignInPanel(String id) {
super(id);
}
@Override
public boolean signIn(String username, String password) {
try {
OpenIdHelper openIdHelper = new OpenIdHelper();
ServletWebRequest swr = (ServletWebRequest)
this.getRequestCycle()
.getRequest();
BufferedWebResponse bwr = (BufferedWebResponse) this
.getRequestCycle().getResponse();
String returnPage = urlFor(OpenIdSignInPage.class, new
PageParameters())
.toString();
returnPage=RequestUtils.toAbsolutePath(returnPage);
openIdHelper.authRequest(username,
swr.getHttpServletRequest(), bwr
.getHttpServletResponse(),returnPage);
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
throw new AbortException() {
};
}
}
// server endpoint
public class OpenIdSignInPage extends AbstractHasRepositoryPage {
private static final long serialVersionUID = 1L;
public static final String MOUNTPATH = "/openid";
public OpenIdSignInPage(PageParameters pageParameters) {
super(pageParameters);
try {
OpenIdHelper oih = new OpenIdHelper();
ServletWebRequest swr = (ServletWebRequest)
this.getRequestCycle()
.getRequest();
User openIdUser =
oih.verifyResponse(swr.getHttpServletRequest());
User user =
userRepository.getUserByEmail(openIdUser.getEmail());
if (user!=null && user.getPassword() != null) {
error("You cannot have both a openid user acount and
local account either, you can only log on with open id now");
user.setPassword(null);
}
SocratesSession socratesSession = (SocratesSession)
getSession();
if (user == null) {
user = new User();
user.setEmail(openIdUser.getEmail());
user.setName(openIdUser.getEmail());
userRepository.add(user);
}
// userwasthere
socratesSession.setUserId(user.getId());
socratesSession.setAuthorized(true);
setResponsePage(MyEventsPage.class);
} catch (ConsumerException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
// helper class using openid4java
public class OpenIdHelper {
public ConsumerManager manager;
public static final String OPENID_NS_SREG1_1 =
"http://openid.net/extensions/sreg/1.1";
private static org.apache.log4j.Logger log =
org.apache.log4j.Logger.getLogger(OpenIdHelper.class);
public OpenIdHelper() throws ConsumerException {
// instantiate a ConsumerManager object
manager = WicketApplication.consumerManager;
}
// --- placing the authentication request ---
public String authRequest(String userSuppliedString,
HttpServletRequest httpReq, HttpServletResponse httpResp,
String returnToUrl) throws IOException, ServletException {
try {
// configure the return_to URL where your application will
receive
// the authentication responses from the OpenID provider
// perform discovery on the user-supplied identifier
List discoveries = manager.discover(userSuppliedString);
// attempt to associate with the OpenID provider
// and retrieve one service endpoint for authentication
DiscoveryInformation discovered =
manager.associate(discoveries);
// store the discovery information in the user's session
httpReq.getSession().setAttribute("openid-disc", discovered);
// obtain a AuthRequest message to be sent to the OpenID
provider
AuthRequest authReq = manager.authenticate(discovered,
returnToUrl);
FetchRequest fetch = FetchRequest.createFetchRequest();
//
// SRegRequest sregReq = SRegRequest.createFetchRequest();
//
// sregReq.addAttribute("fullname", true);
// sregReq.addAttribute("nickname", true);
// sregReq.addAttribute("email", true);
fetch.addAttribute("Fullname",
"http://axschema.org/namePerson/", true);
fetch.addAttribute("Email",
"http://axschema.org/contact/email", true);
// wants up to three email addresses
fetch.setCount("Email", 1);
AuthRequest req = manager.authenticate(discovered, returnToUrl);
req.addExtension(fetch);
// authReq.addExtension(sregReq);
if (!discovered.isVersion2()) {
// Option 1: GET HTTP-redirect to the OpenID Provider
endpoint
// The only method supported in OpenID 1.x
// redirect-URL usually limited ~2048 bytes
httpResp.sendRedirect(authReq.getDestinationUrl(true));
return null;
} else {
httpResp.sendRedirect(authReq.getDestinationUrl(true));
return null;
// // Option 2: HTML FORM Redirection (Allows payloads >2048
// bytes)
// RequestDispatcher dispatcher =
// httpReq.getRequestDispatcher(OpenIdSignInPage.MOUNTPATH);
// httpReq.setAttribute("parameterMap",
// authReq.getParameterMap());
// httpReq.setAttribute("destinationUrl",
// authReq.getDestinationUrl(false));
// dispatcher.forward(httpReq, httpResp);
}
} catch (OpenIDException e) {
// present error to the user
}
return null;
}
// --- processing the authentication response ---
public User verifyResponse(HttpServletRequest httpReq) {
try {
// extract the parameters from the authentication response
// (which comes in as a HTTP request from the OpenID provider)
ParameterList response = new ParameterList(httpReq
.getParameterMap());
// retrieve the previously stored discovery information
DiscoveryInformation discovered = (DiscoveryInformation) httpReq
.getSession().getAttribute("openid-disc");
// extract the receiving URL from the HTTP request
StringBuffer receivingURL = httpReq.getRequestURL();
String queryString = httpReq.getQueryString();
if (queryString != null && queryString.length() > 0)
receivingURL.append("?").append(httpReq.getQueryString());
// verify the response; ConsumerManager needs to be the same
// (static) instance used to place the authentication request
VerificationResult verification = manager.verify(receivingURL
.toString(), response, discovered);
// examine the verification result and extract the verified
// identifier
Identifier verified = verification.getVerifiedId();
if (verified != null) {
AuthSuccess authSuccess = (AuthSuccess) verification
.getAuthResponse();
if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
FetchResponse fetchResp = (FetchResponse) authSuccess
.getExtension(AxMessage.OPENID_NS_AX);
return filluser(fetchResp);
}
if (authSuccess.hasExtension(OPENID_NS_SREG1_1)) {
log.info("got
info:"+authSuccess.getParameterValue("openid.sreg.email"));
log.info("got
info:"+authSuccess.getParameterValue("openid.sreg.fullname"));
User user = new User();
user.setEmail(authSuccess.getParameterValue("openid.sreg.email"));
user.setName(authSuccess.getParameterValue("openid.sreg.fullname"));
return user;
}
// return verified; // success
}
} catch (OpenIDException e) {
// present error to the user
}
return null;
}
private User filluser(FetchResponse fetchResp) {
List<String> emails = fetchResp.getAttributeValues("email");
String email = emails.get(0);
List<String> names = fetchResp.getAttributeValues("name");
String name = names.get(0);
User user = new User();
user.setEmail(email);
user.setName(name);
return user;
}
}
Michael Sparer wrote:
Looks pretty empty, doesn't it? :-)
Nino.Martinez wrote:
Hmm just saw this :
http://code.google.com/p/wicket-auth-openid/
Nino Saturnino Martinez Vazquez Wael wrote:
Hi Guys
Have any of you tried to do a openid integration ?
--
-Wicket for love
Nino Martinez Wael
Java Specialist @ Jayway DK
http://www.jayway.dk
+45 2936 7684
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
-----
Michael Sparer
http://talk-on-tech.blogspot.com
--
-Wicket for love
Nino Martinez Wael
Java Specialist @ Jayway DK
http://www.jayway.dk
+45 2936 7684
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]