imeredith/openid.scala

## openid.scala
package controllers

import play.api.mvc.Action
import play.api.mvc.Controller
import play.api.mvc.AsyncResult
import views.html.index
import play.api.libs.openid.OpenID
import play.api.libs.concurrent.Redeemed
import play.api.libs.concurrent.Thrown
import play.api._
import play.api.mvc._
import org.openid4java.consumer.ConsumerManager
import javax.servlet.http.HttpServletRequest
import javax.servlet.http.HttpServletResponse
import org.openid4java.message.ax.FetchRequest
import org.openid4java.message.ParameterList
import org.openid4java.consumer.VerificationResult
import org.openid4java.message.AuthSuccess
import org.openid4java.message.ax.AxMessage
import org.openid4java.message.ax.FetchResponse
import org.openid4java.OpenIDException
import java.util.Arrays
import org.openid4java.discovery.DiscoveryInformation
import org.openid4java.discovery.Identifier
import configuration.GeneralConfig
import play.api.libs.concurrent.Akka
import play.api.Play.current
import play.api.templates.Html

object LoginController extends Controller {
  val manager = new ConsumerManager();
  def showLogin = Action { request =>
    Ok(views.html.badlogin(null))
  }
  val openIdIdentifier = <providerurl>
  val discovered = manager.associate(manager.discover(openIdIdentifier))

  /**
   * Perform login synchrounously since discovery happens during initialization
   */
  def login() = Action { implicit request =>
    val authReq = manager.authenticate(discovered, routes.LoginController.openIDCallback.absoluteURL(false))
    Redirect(authReq.getDestinationUrl(true))
  }

  def openIDCallback() = Action { request =>
    Logger.info("authenticated")
    try {
      // extract the parameters from the authentication response
      // (which comes in as a HTTP request from the OpenID provider)
      import collection.JavaConversions._
      val p = request.queryString
      Logger.info("parameters:" + p)

      def convert(src: Map[String, Seq[String]]): java.util.Map[String, Object] = {
        val result = new java.util.HashMap[String, Object]()
        for (a <- src.keys) {
          val extractedLocalValue = src(a).toArray
          val value = if (extractedLocalValue.length > 1) {
            extractedLocalValue
          } else {
            extractedLocalValue(0)
          }
          result.put(a, value)
          Logger.info(a + "=" + value)
        }
        //src.transform(value => value.asInstanceOf[String[]]);
        result;
      }
      val response = new ParameterList(convert(p))

      val receivingURL = "http://" + request.host + request.uri

      val verification: VerificationResult = manager.verify(
        receivingURL.toString(),
        response, discovered);
      // examine the verification result and extract the verified identifier
      val verified: Identifier = verification.getVerifiedId();
      if (verified != null) {
        val authSuccess: AuthSuccess =
          verification.getAuthResponse().asInstanceOf[AuthSuccess];

        val fetchResp: FetchResponse = authSuccess
          .getExtension(AxMessage.OPENID_NS_AX).asInstanceOf[FetchResponse]
        val emails = fetchResp.getAttributeValues("email");
        emails.get(0).asInstanceOf[String];

        Redirect("/").withSession(
          Security.username -> fetchResp.getAttributeValue("email"))

      } else {
        Unauthorized("not valid[" + verified + "]")
      }
    } catch {
      case e: OpenIDException =>
        Unauthorized("error to the user" + e)
    }
  }

  def logout = Action { implicit request =>
    Redirect("tosomeurl").withNewSession
  }
}
	package controllers

	import play.api.mvc.Action
	import play.api.mvc.Controller
	import play.api.mvc.AsyncResult
	import views.html.index
	import play.api.libs.openid.OpenID
	import play.api.libs.concurrent.Redeemed
	import play.api.libs.concurrent.Thrown
	import play.api._
	import play.api.mvc._
	import org.openid4java.consumer.ConsumerManager
	import javax.servlet.http.HttpServletRequest
	import javax.servlet.http.HttpServletResponse
	import org.openid4java.message.ax.FetchRequest
	import org.openid4java.message.ParameterList
	import org.openid4java.consumer.VerificationResult
	import org.openid4java.message.AuthSuccess
	import org.openid4java.message.ax.AxMessage
	import org.openid4java.message.ax.FetchResponse
	import org.openid4java.OpenIDException
	import java.util.Arrays
	import org.openid4java.discovery.DiscoveryInformation
	import org.openid4java.discovery.Identifier
	import configuration.GeneralConfig
	import play.api.libs.concurrent.Akka
	import play.api.Play.current
	import play.api.templates.Html

	object LoginController extends Controller {
	val manager = new ConsumerManager();
	def showLogin = Action { request =>
	Ok(views.html.badlogin(null))
	}
	val openIdIdentifier = <providerurl>
	val discovered = manager.associate(manager.discover(openIdIdentifier))

	/**
	* Perform login synchrounously since discovery happens during initialization
	*/
	def login() = Action { implicit request =>
	val authReq = manager.authenticate(discovered, routes.LoginController.openIDCallback.absoluteURL(false))
	Redirect(authReq.getDestinationUrl(true))
	}

	def openIDCallback() = Action { request =>
	Logger.info("authenticated")
	try {
	// extract the parameters from the authentication response
	// (which comes in as a HTTP request from the OpenID provider)
	import collection.JavaConversions._
	val p = request.queryString
	Logger.info("parameters:" + p)

	def convert(src: Map[String, Seq[String]]): java.util.Map[String, Object] = {
	val result = new java.util.HashMap[String, Object]()
	for (a <- src.keys) {
	val extractedLocalValue = src(a).toArray
	val value = if (extractedLocalValue.length > 1) {
	extractedLocalValue
	} else {
	extractedLocalValue(0)
	}
	result.put(a, value)
	Logger.info(a + "=" + value)
	}
	//src.transform(value => value.asInstanceOf[String[]]);
	result;
	}
	val response = new ParameterList(convert(p))

	val receivingURL = "http://" + request.host + request.uri

	val verification: VerificationResult = manager.verify(
	receivingURL.toString(),
	response, discovered);
	// examine the verification result and extract the verified identifier
	val verified: Identifier = verification.getVerifiedId();
	if (verified != null) {
	val authSuccess: AuthSuccess =
	verification.getAuthResponse().asInstanceOf[AuthSuccess];

	val fetchResp: FetchResponse = authSuccess
	.getExtension(AxMessage.OPENID_NS_AX).asInstanceOf[FetchResponse]
	val emails = fetchResp.getAttributeValues("email");
	emails.get(0).asInstanceOf[String];

	Redirect("/").withSession(
	Security.username -> fetchResp.getAttributeValue("email"))

	} else {
	Unauthorized("not valid[" + verified + "]")
	}
	} catch {
	case e: OpenIDException =>
	Unauthorized("error to the user" + e)
	}
	}

	def logout = Action { implicit request =>
	Redirect("tosomeurl").withNewSession
	}
	}