Created
December 16, 2012 07:07
-
-
Save jdkanani/4303956 to your computer and use it in GitHub Desktop.
OpenID for Java web application - OpenID Provider (OP)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> | |
<html> | |
<head> | |
<title>OpenID Consumer Redirection</title> | |
</head> | |
<body onload="document.forms['openid-consumer-redirection'].submit();"> | |
<form name="openid-consumer-redirection" action="${destinationUrl}" method="post"> | |
<c:forEach var="parameter" items="${parameterMap}"> | |
<input type="hidden" name="${parameter.key}" value="${parameter.value}"/> | |
</c:forEach> | |
<button type="submit">Continue</button> | |
</form> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!DOCTYPE html> | |
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%> | |
<html xmlns="http://www.w3.org/1999/xhtml"> | |
<head> | |
<title>OpenID-Provider Login</title> | |
</head> | |
<body> | |
<form name="openid-login-form" action="${destinationUrl}" method="post"> | |
<table> | |
<tr> | |
<td>OpenId :</td> | |
<td> | |
${identifier} | |
<input type="hidden" name="identifier" value="${identifier}"/> | |
<input type="hidden" name="_loginAction" value="true"/> | |
</td> | |
</tr> | |
<tr> | |
<td>Password :</td> | |
<td><input type="password" name="password" value="bond007"/> | |
</td> | |
</tr> | |
<tr> | |
<td align="center" colspan="2"> | |
<button type="submit">Login</button> | |
</td> | |
</tr> | |
</table> | |
</form> | |
</body> | |
</html> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<xrds:XRDS | |
xmlns:xrds="xri://$xrds" | |
xmlns:openid="http://openid.net/xmlns/1.0" | |
xmlns="xri://$xrd*($v*2.0)"> | |
<XRD version="2.0"> | |
<Service priority="10"> | |
<Type>http://specs.openid.net/auth/2.0/signon</Type> | |
<Type>http://openid.net/sreg/1.0</Type> | |
<Type>http://openid.net/extensions/sreg/1.1</Type> | |
<Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type> | |
<Type>http://openid.net/srv/ax/1.0</Type> | |
<URI>http://localhost:8080/openid_provider/provider/server/o2</URI> | |
</Service> | |
</XRD> | |
</xrds:XRDS> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package org.myprovider.services; | |
import java.io.File; | |
import java.io.IOException; | |
import java.net.URISyntaxException; | |
import java.util.Calendar; | |
import java.util.HashMap; | |
import java.util.Iterator; | |
import java.util.List; | |
import java.util.Map; | |
import javax.servlet.RequestDispatcher; | |
import javax.servlet.ServletConfig; | |
import javax.servlet.ServletContext; | |
import javax.servlet.ServletException; | |
import javax.servlet.http.HttpServletRequest; | |
import javax.servlet.http.HttpServletResponse; | |
import javax.servlet.http.HttpSession; | |
import javax.ws.rs.GET; | |
import javax.ws.rs.POST; | |
import javax.ws.rs.Path; | |
import javax.ws.rs.PathParam; | |
import javax.ws.rs.Produces; | |
import javax.ws.rs.core.Context; | |
import javax.ws.rs.core.MultivaluedMap; | |
import javax.ws.rs.core.Response; | |
import javax.ws.rs.core.Response.Status; | |
import javax.ws.rs.core.UriInfo; | |
import org.apache.commons.logging.Log; | |
import org.apache.commons.logging.LogFactory; | |
import org.myprovider.model.UserModel; | |
import org.openid4java.association.AssociationException; | |
import org.openid4java.message.AuthRequest; | |
import org.openid4java.message.AuthSuccess; | |
import org.openid4java.message.DirectError; | |
import org.openid4java.message.Message; | |
import org.openid4java.message.MessageException; | |
import org.openid4java.message.MessageExtension; | |
import org.openid4java.message.ParameterList; | |
import org.openid4java.message.ax.AxMessage; | |
import org.openid4java.message.ax.FetchRequest; | |
import org.openid4java.message.ax.FetchResponse; | |
import org.openid4java.message.sreg.SRegMessage; | |
import org.openid4java.message.sreg.SRegRequest; | |
import org.openid4java.message.sreg.SRegResponse; | |
import org.openid4java.server.ServerException; | |
import org.openid4java.server.ServerManager; | |
/** | |
* ProviderService - OpenID provider | |
* NOTE: Some part of the code has been adopted from `OpenID4Java` library wiki. | |
* */ | |
@Path("/") | |
public class ProviderService { | |
private static final String SERVER_ENDPOINT = "http://localhost:8080/openid_provider/provider/server/o2"; | |
private static String SAMPLE_PASSWORD = "bond007"; | |
private static ServerManager manager = null; | |
@Context | |
ServletContext context; | |
@Context | |
ServletConfig config; | |
@Context | |
UriInfo uriInfo; | |
static { | |
manager = new ServerManager(); | |
manager.setOPEndpointUrl(SERVER_ENDPOINT); | |
manager.getRealmVerifier().setEnforceRpId(false); | |
} | |
@GET | |
@Path("{userId}") | |
@Produces("application/xrds+xml") | |
public Response discovery(@PathParam("userId") String userId) { | |
return Response | |
.ok() | |
.entity(new File( | |
"myxrds.xml")) | |
.build(); | |
} | |
@POST | |
@Path("server/o2") | |
public Response associateOrAuthenticate( | |
MultivaluedMap<String, String> params, | |
@Context HttpServletRequest httpRequest, | |
@Context HttpServletResponse httpResponse) | |
throws URISyntaxException, ServerException, AssociationException, | |
MessageException, ServletException, IOException { | |
// extract the parameters from the request | |
Map<String, String> paramsMap = ProviderService.getParamMap(params); | |
ParameterList parameterList = new ParameterList(paramsMap); | |
// Login Action | |
boolean isLoginAction = paramsMap.containsKey("_loginAction"); | |
if(isLoginAction){ | |
String loginIdentifier = paramsMap.get("identifier"); | |
if(this.authenticate(paramsMap.get("password"), loginIdentifier, httpRequest, httpResponse)){ | |
HttpSession session = httpRequest.getSession(); | |
paramsMap = (Map)session.getAttribute("paramsMap"); | |
parameterList = new ParameterList(paramsMap); | |
} else { | |
this.redirectToLogin(loginIdentifier, httpRequest, httpResponse); | |
return null; | |
} | |
} | |
//End - Login Action | |
String mode = paramsMap.containsKey("openid.mode") ? paramsMap.get("openid.mode") : null; | |
Message messageResponse; | |
if ("associate".equals(mode)) { | |
// process an association request | |
messageResponse = manager.associationResponse(parameterList); | |
} else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode)) { | |
// interact with the user and obtain data needed to continue | |
String userSelectedId = paramsMap.get("openid.identity"); | |
HttpSession session = httpRequest.getSession(); | |
Boolean isAuthenticated = Boolean.parseBoolean((String) session.getAttribute("isAuthenticated")); | |
if (!isAuthenticated) { | |
session.setAttribute("paramsMap", paramsMap); | |
this.redirectToLogin(userSelectedId, httpRequest, httpResponse); | |
return null; | |
} | |
String userSelectedClaimedId = parameterList.getParameterValue("openid.claimed_id"); | |
// process an authentication request | |
AuthRequest authReq = AuthRequest.createAuthRequest(parameterList, manager.getRealmVerifier()); | |
messageResponse = manager.authResponse(parameterList, userSelectedId, userSelectedClaimedId, isAuthenticated.booleanValue(), | |
false); // Sign after we added extensions. | |
if (messageResponse instanceof DirectError) { | |
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(httpResponse).build(); | |
} else { | |
UserModel registrationModel = (UserModel) session.getAttribute("userModel"); | |
if (authReq.hasExtension(AxMessage.OPENID_NS_AX)) { | |
Map<String, String> axData = new HashMap<String, String>(); | |
MessageExtension extensionRequestObject = authReq.getExtension(AxMessage.OPENID_NS_AX); | |
if (extensionRequestObject instanceof FetchRequest) { | |
FetchRequest fetchReq = (FetchRequest) extensionRequestObject; | |
Map required = fetchReq.getAttributes(true); | |
if(required!=null && required.size() > 0){ | |
if (required.containsKey("email")) { | |
axData.put("email",registrationModel.getEmailAddress()); | |
FetchResponse fetchResp = FetchResponse.createFetchResponse(fetchReq, axData); | |
fetchResp.addAttribute("email", "http://schema.openid.net/contact/email", registrationModel.getEmailAddress()); | |
messageResponse.addExtension(fetchResp); | |
} | |
} | |
} | |
} | |
if (authReq.hasExtension(SRegMessage.OPENID_NS_SREG)) { | |
MessageExtension extensionRequestObject = authReq.getExtension(SRegMessage.OPENID_NS_SREG); | |
if (extensionRequestObject instanceof SRegRequest) { | |
Map<String, String> registrationData = new HashMap<String, String>(); | |
registrationData.put("fullname", registrationModel.getFullName()); | |
registrationData.put("dob", Long.toString(registrationModel.getDateOfBirth().getTime())); | |
SRegRequest sregReq = (SRegRequest) extensionRequestObject; | |
SRegResponse sregResp = SRegResponse.createSRegResponse(sregReq, registrationData); | |
messageResponse.addExtension(sregResp); | |
} | |
} | |
// Sign the auth success message. | |
manager.sign((AuthSuccess) messageResponse); | |
RequestDispatcher dispatcher = context.getRequestDispatcher("/consumer-redirection.jsp"); | |
httpRequest.setAttribute("parameterMap", messageResponse.getParameterMap()); | |
httpRequest.setAttribute("destinationUrl", messageResponse.getDestinationUrl(false)); | |
dispatcher.forward(httpRequest, httpResponse); | |
return null; | |
} | |
} else if ("check_authentication".equals(mode)) { | |
messageResponse = manager.verify(parameterList); | |
} else { | |
return Response.status(Status.BAD_REQUEST).entity(httpResponse).build(); | |
} | |
// return the result to the user | |
return Response.ok().entity(messageResponse.keyValueFormEncoding()).build(); | |
} | |
public boolean authenticate(String password, | |
String identifier, | |
@Context HttpServletRequest httpRequest, | |
@Context HttpServletResponse httpResponse) throws ServletException,IOException { | |
if (identifier != null && password != null && SAMPLE_PASSWORD.equalsIgnoreCase(password)) { | |
if(identifier!=null) { | |
HttpSession httpSession = httpRequest.getSession(); | |
httpSession.setAttribute("userModel",getRegistrationModel(identifier)); | |
httpSession.setAttribute("isAuthenticated", "true"); | |
return true; | |
} | |
} | |
return false; | |
} | |
public void redirectToLogin(String identifier, | |
HttpServletRequest httpRequest, | |
HttpServletResponse httpResponse) | |
throws ServletException, IOException { | |
RequestDispatcher dispatcher = context.getRequestDispatcher("/login.jsp"); | |
httpRequest.setAttribute("identifier", identifier); | |
httpRequest.setAttribute("destinationUrl", SERVER_ENDPOINT); | |
dispatcher.forward(httpRequest, httpResponse); | |
} | |
/** | |
* Utility function | |
* */ | |
public static Map<String, String> getParamMap(MultivaluedMap<String, String> multiValuedMap) { | |
Map<String, String> map = new HashMap<String, String>(); | |
Iterator<String> keysIter = multiValuedMap.keySet().iterator(); | |
while (keysIter.hasNext()) { | |
String name = (String) keysIter.next(); | |
Object v = multiValuedMap.get(name); | |
String value = null; | |
if (v instanceof List) { | |
@SuppressWarnings("unchecked") | |
List<String> values = (List<String>) v; | |
if (values.size() > 1 && name.startsWith("openid.")) | |
throw new IllegalArgumentException( | |
"Multiple parameters with the same name: " + values); | |
value = values.size() > 0 ? values.get(0).toString() : null; | |
} | |
map.put(name, value); | |
} | |
return map; | |
} | |
/** | |
* This method serves as the "database" | |
*/ | |
protected UserModel getUserModel(String userSelectedId) { | |
//UserModel - Simple Java Class with user properties in it. | |
UserModel ret = new UserModel(); | |
Calendar cad = Calendar.getInstance(); | |
cad.set(1990, 01, 01); | |
ret.setDateOfBirth(cad.getTime()); | |
ret.setEmailAddress("jamesbond@mi6.com"); | |
ret.setFullName("James Bond"); | |
ret.setOpenId(userSelectedId); | |
return ret; | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0" encoding="UTF-8"?> | |
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5"> | |
<display-name>openid_provider</display-name> | |
<welcome-file-list> | |
<welcome-file>index.html</welcome-file> | |
<welcome-file>index.htm</welcome-file> | |
<welcome-file>index.jsp</welcome-file> | |
<welcome-file>default.html</welcome-file> | |
<welcome-file>default.htm</welcome-file> | |
<welcome-file>default.jsp</welcome-file> | |
</welcome-file-list> | |
<servlet> | |
<servlet-name>Jersey REST Service</servlet-name> | |
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class> | |
<init-param> | |
<param-name>com.sun.jersey.config.property.packages</param-name> | |
<param-value>org.myprovider.services</param-value> | |
</init-param> | |
<load-on-startup>1</load-on-startup> | |
</servlet> | |
<servlet-mapping> | |
<servlet-name>Jersey REST Service</servlet-name> | |
<url-pattern>/provider/*</url-pattern> | |
</servlet-mapping> | |
</web-app> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Where is your USerModel class??