Skip to content

Instantly share code, notes, and snippets.

@jdkanani

jdkanani/ProviderService.java

Created December 16, 2012 07:07
Show Gist options
  • Star 4 You must be signed in to star a gist
  • Fork 2 You must be signed in to fork a gist
  • Save jdkanani/4303956 to your computer and use it in GitHub Desktop.
Save jdkanani/4303956 to your computer and use it in GitHub Desktop.
Download ZIP
OpenID for Java web application - OpenID Provider (OP)
Raw
consumer-redirection.jsp
<!DOCTYPE html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html>
<head>
<title>OpenID Consumer Redirection</title>
</head>
<body onload="document.forms['openid-consumer-redirection'].submit();">
<form name="openid-consumer-redirection" action="${destinationUrl}" method="post">
<c:forEach var="parameter" items="${parameterMap}">
<input type="hidden" name="${parameter.key}" value="${parameter.value}"/>
</c:forEach>
<button type="submit">Continue</button>
</form>
</body>
</html>
Raw
login.jsp
<!DOCTYPE html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>OpenID-Provider Login</title>
</head>
<body>
<form name="openid-login-form" action="${destinationUrl}" method="post">
<table>
<tr>
<td>OpenId :</td>
<td>
${identifier}
<input type="hidden" name="identifier" value="${identifier}"/>
<input type="hidden" name="_loginAction" value="true"/>
</td>
</tr>
<tr>
<td>Password :</td>
<td><input type="password" name="password" value="bond007"/>
</td>
</tr>
<tr>
<td align="center" colspan="2">
<button type="submit">Login</button>
</td>
</tr>
</table>
</form>
</body>
</html>
Raw
myxrds.xml
<?xml version="1.0" encoding="UTF-8"?>
<xrds:XRDS
xmlns:xrds="xri://$xrds"
xmlns:openid="http://openid.net/xmlns/1.0"
xmlns="xri://$xrd*($v*2.0)">
<XRD version="2.0">
<Service priority="10">
<Type>http://specs.openid.net/auth/2.0/signon</Type>
<Type>http://openid.net/sreg/1.0</Type>
<Type>http://openid.net/extensions/sreg/1.1</Type>
<Type>http://schemas.openid.net/pape/policies/2007/06/phishing-resistant</Type>
<Type>http://openid.net/srv/ax/1.0</Type>
<URI>http://localhost:8080/openid_provider/provider/server/o2</URI>
</Service>
</XRD>
</xrds:XRDS>
Raw
ProviderService.java
package org.myprovider.services;
import java.io.File;
import java.io.IOException;
import java.net.URISyntaxException;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MultivaluedMap;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriInfo;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.myprovider.model.UserModel;
import org.openid4java.association.AssociationException;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.DirectError;
import org.openid4java.message.Message;
import org.openid4java.message.MessageException;
import org.openid4java.message.MessageExtension;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.openid4java.message.sreg.SRegMessage;
import org.openid4java.message.sreg.SRegRequest;
import org.openid4java.message.sreg.SRegResponse;
import org.openid4java.server.ServerException;
import org.openid4java.server.ServerManager;
/**
* ProviderService - OpenID provider
* NOTE: Some part of the code has been adopted from `OpenID4Java` library wiki.
* */
@Path("/")
public class ProviderService {
private static final String SERVER_ENDPOINT = "http://localhost:8080/openid_provider/provider/server/o2";
private static String SAMPLE_PASSWORD = "bond007";
private static ServerManager manager = null;
@Context
ServletContext context;
@Context
ServletConfig config;
@Context
UriInfo uriInfo;
static {
manager = new ServerManager();
manager.setOPEndpointUrl(SERVER_ENDPOINT);
manager.getRealmVerifier().setEnforceRpId(false);
}
@GET
@Path("{userId}")
@Produces("application/xrds+xml")
public Response discovery(@PathParam("userId") String userId) {
return Response
.ok()
.entity(new File(
"myxrds.xml"))
.build();
}
@POST
@Path("server/o2")
public Response associateOrAuthenticate(
MultivaluedMap<String, String> params,
@Context HttpServletRequest httpRequest,
@Context HttpServletResponse httpResponse)
throws URISyntaxException, ServerException, AssociationException,
MessageException, ServletException, IOException {
// extract the parameters from the request
Map<String, String> paramsMap = ProviderService.getParamMap(params);
ParameterList parameterList = new ParameterList(paramsMap);
// Login Action
boolean isLoginAction = paramsMap.containsKey("_loginAction");
if(isLoginAction){
String loginIdentifier = paramsMap.get("identifier");
if(this.authenticate(paramsMap.get("password"), loginIdentifier, httpRequest, httpResponse)){
HttpSession session = httpRequest.getSession();
paramsMap = (Map)session.getAttribute("paramsMap");
parameterList = new ParameterList(paramsMap);
} else {
this.redirectToLogin(loginIdentifier, httpRequest, httpResponse);
return null;
}
}
//End - Login Action
String mode = paramsMap.containsKey("openid.mode") ? paramsMap.get("openid.mode") : null;
Message messageResponse;
if ("associate".equals(mode)) {
// process an association request
messageResponse = manager.associationResponse(parameterList);
} else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode)) {
// interact with the user and obtain data needed to continue
String userSelectedId = paramsMap.get("openid.identity");
HttpSession session = httpRequest.getSession();
Boolean isAuthenticated = Boolean.parseBoolean((String) session.getAttribute("isAuthenticated"));
if (!isAuthenticated) {
session.setAttribute("paramsMap", paramsMap);
this.redirectToLogin(userSelectedId, httpRequest, httpResponse);
return null;
}
String userSelectedClaimedId = parameterList.getParameterValue("openid.claimed_id");
// process an authentication request
AuthRequest authReq = AuthRequest.createAuthRequest(parameterList, manager.getRealmVerifier());
messageResponse = manager.authResponse(parameterList, userSelectedId, userSelectedClaimedId, isAuthenticated.booleanValue(),
false); // Sign after we added extensions.
if (messageResponse instanceof DirectError) {
return Response.status(Status.INTERNAL_SERVER_ERROR).entity(httpResponse).build();
} else {
UserModel registrationModel = (UserModel) session.getAttribute("userModel");
if (authReq.hasExtension(AxMessage.OPENID_NS_AX)) {
Map<String, String> axData = new HashMap<String, String>();
MessageExtension extensionRequestObject = authReq.getExtension(AxMessage.OPENID_NS_AX);
if (extensionRequestObject instanceof FetchRequest) {
FetchRequest fetchReq = (FetchRequest) extensionRequestObject;
Map required = fetchReq.getAttributes(true);
if(required!=null && required.size() > 0){
if (required.containsKey("email")) {
axData.put("email",registrationModel.getEmailAddress());
FetchResponse fetchResp = FetchResponse.createFetchResponse(fetchReq, axData);
fetchResp.addAttribute("email", "http://schema.openid.net/contact/email", registrationModel.getEmailAddress());
messageResponse.addExtension(fetchResp);
}
}
}
}
if (authReq.hasExtension(SRegMessage.OPENID_NS_SREG)) {
MessageExtension extensionRequestObject = authReq.getExtension(SRegMessage.OPENID_NS_SREG);
if (extensionRequestObject instanceof SRegRequest) {
Map<String, String> registrationData = new HashMap<String, String>();
registrationData.put("fullname", registrationModel.getFullName());
registrationData.put("dob", Long.toString(registrationModel.getDateOfBirth().getTime()));
SRegRequest sregReq = (SRegRequest) extensionRequestObject;
SRegResponse sregResp = SRegResponse.createSRegResponse(sregReq, registrationData);
messageResponse.addExtension(sregResp);
}
}
// Sign the auth success message.
manager.sign((AuthSuccess) messageResponse);
RequestDispatcher dispatcher = context.getRequestDispatcher("/consumer-redirection.jsp");
httpRequest.setAttribute("parameterMap", messageResponse.getParameterMap());
httpRequest.setAttribute("destinationUrl", messageResponse.getDestinationUrl(false));
dispatcher.forward(httpRequest, httpResponse);
return null;
}
} else if ("check_authentication".equals(mode)) {
messageResponse = manager.verify(parameterList);
} else {
return Response.status(Status.BAD_REQUEST).entity(httpResponse).build();
}
// return the result to the user
return Response.ok().entity(messageResponse.keyValueFormEncoding()).build();
}
public boolean authenticate(String password,
String identifier,
@Context HttpServletRequest httpRequest,
@Context HttpServletResponse httpResponse) throws ServletException,IOException {
if (identifier != null && password != null && SAMPLE_PASSWORD.equalsIgnoreCase(password)) {
if(identifier!=null) {
HttpSession httpSession = httpRequest.getSession();
httpSession.setAttribute("userModel",getRegistrationModel(identifier));
httpSession.setAttribute("isAuthenticated", "true");
return true;
}
}
return false;
}
public void redirectToLogin(String identifier,
HttpServletRequest httpRequest,
HttpServletResponse httpResponse)
throws ServletException, IOException {
RequestDispatcher dispatcher = context.getRequestDispatcher("/login.jsp");
httpRequest.setAttribute("identifier", identifier);
httpRequest.setAttribute("destinationUrl", SERVER_ENDPOINT);
dispatcher.forward(httpRequest, httpResponse);
}
/**
* Utility function
* */
public static Map<String, String> getParamMap(MultivaluedMap<String, String> multiValuedMap) {
Map<String, String> map = new HashMap<String, String>();
Iterator<String> keysIter = multiValuedMap.keySet().iterator();
while (keysIter.hasNext()) {
String name = (String) keysIter.next();
Object v = multiValuedMap.get(name);
String value = null;
if (v instanceof List) {
@SuppressWarnings("unchecked")
List<String> values = (List<String>) v;
if (values.size() > 1 && name.startsWith("openid."))
throw new IllegalArgumentException(
"Multiple parameters with the same name: " + values);
value = values.size() > 0 ? values.get(0).toString() : null;
}
map.put(name, value);
}
return map;
}
/**
* This method serves as the "database"
*/
protected UserModel getUserModel(String userSelectedId) {
//UserModel - Simple Java Class with user properties in it.
UserModel ret = new UserModel();
Calendar cad = Calendar.getInstance();
cad.set(1990, 01, 01);
ret.setDateOfBirth(cad.getTime());
ret.setEmailAddress("jamesbond@mi6.com");
ret.setFullName("James Bond");
ret.setOpenId(userSelectedId);
return ret;
}
}
Raw
web.xml
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
<display-name>openid_provider</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
</welcome-file-list>
<servlet>
<servlet-name>Jersey REST Service</servlet-name>
<servlet-class>com.sun.jersey.spi.container.servlet.ServletContainer</servlet-class>
<init-param>
<param-name>com.sun.jersey.config.property.packages</param-name>
<param-value>org.myprovider.services</param-value>
</init-param>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Jersey REST Service</servlet-name>
<url-pattern>/provider/*</url-pattern>
</servlet-mapping>
</web-app>
@jonathanlinadv
Copy link

Where is your USerModel class??

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment