Examples of com.google.step2.discovery.Discovery2

com.google.step2.discovery.DefaultHostMetaFetcher
Implements Next-Generation OpenID discovery, based on Link-headers, link-elements, and host-meta. There are two different discovery operations available: (1) discover the OP endpoint(s) for a "site", and (2) discover the OP endpoint(s) for an OpenID (aka claimed id, which is the id of a user) Case (1) is for when users merely indicate the IdP to the RP, case (2) is for when users actually submit their OpenID (claimed id) to the RP, and also used during the validation of an authentication response from an IdP. The strategy for case (1) is as follows: - find the host-meta file for the site. - find a link in the host-meta that points to an XRD(S) metadata document for the site - follow the links in the XRD(S) to find the OP endpoint. The strategy for case (2) is as follows: - Try host-meta strategy (2a) - If that fails, link-header strategy (2b) - If that fails, try link-element strategy (2c) Strategy (2a) works as follows: - find the host-meta file for the host identified in the claimed id. - in the host-meta file, check whether a Link-Pattern in the host-meta points to an XRD(S) for the claimed id, and if so, skip the next two steps. - if not, find a Link in the host-meta that points to an XRD(S) metadata document for the site. - follow the URITemplate link in the site XRD(S) to find the XRD(S) for the the claimed id. - follow the links in the XRD(S) to find the OP endpoint. Strategy (2b) works as follow: - Find a link in the HTTP headers in the HTTP response that points to an XRD(S) metadata document for the claimed id. - follow the links in the XRD(S) to find the OP endpoint. Strategy (2c) works as follow: - Find an HTML link element in the document returned from the claimed id that points to an XRD(S) metadata document for the claimed id. - follow the links in the XRD(S) to find the OP endpoint. For backwards compatibility, we also provide a generic discover() method, which decides whether to use site-discovery or user-id-discovery based on the type of the provided identifier. This allows us to use this class inside the openid4java library. When calling this class through the legacy generic discover() method, we also employ a "fallback" strategy, i.e. we first try the strategy described above, and then fall back to OpenID 2.0-style discovery, if the strategy above doesn't yield any results.

    protected String authRequest(OpenIDAuthenticationRequest request) throws IdentityException {


        try {
            IdpIdentifier openId = new IdpIdentifier(request.getOpenIDUrl());


            AuthRequestHelper helper = consumerHelper.getAuthRequestHelper(openId,
                    request.getReturnUrl());
            addAttributes(helper, request);


            HttpSession session = request.getRequest().getSession();
            AuthRequest authReq = helper.generateRequest();


            UiMessageRequest uiExtension = new UiMessageRequest();
            uiExtension.setIconRequest(true);
            authReq.addExtension(uiExtension);


            session.setAttribute(IdentityConstants.OpenId.DISC, helper.getDiscoveryInformation());


            if (request.getRealm() != null && request.getRealm().trim().length() != 0) {
                authReq.setRealm(request.getRealm());
            }

View Full Code Here

    openid = openid.replaceFirst(".*@", "");


    // we assume that the user typed an identifier for an IdP, not for a user
    IdpIdentifier openId = new IdpIdentifier(openid);


    AuthRequestHelper helper = consumerHelper.getAuthRequestHelper(
        openId, returnToUrl.toString());


    helper.requestUxIcon(true);


    if (YES_STRING.equals(req.getParameter("oauth"))) {
      try {
        OAuthAccessor accessor = providerStore.getOAuthAccessor("google");
        helper.requestOauthAuthorization(accessor.consumer.consumerKey,
            "http://www.google.com/m8/feeds/");
      } catch (ProviderInfoNotFoundException e) {
        log("could not find provider info for Google", e);
        // we'll just ignore the OAuth request and proceed without it.
      }
    }


    if (YES_STRING.equals(req.getParameter("email"))) {
      helper.requestAxAttribute(Step2.AxSchema.EMAIL, true);
    }


    if (YES_STRING.equals(req.getParameter("country"))) {
      helper.requestAxAttribute(Step2.AxSchema.COUNTRY, true);
    }


    if (YES_STRING.equals(req.getParameter("language"))) {
      helper.requestAxAttribute(Step2.AxSchema.LANGUAGE, true);
    }


    if (YES_STRING.equals(req.getParameter("firstName"))) {
      helper.requestAxAttribute(Step2.AxSchema.FIRST_NAME, true);
    }


    if (YES_STRING.equals(req.getParameter("lastName"))) {
      helper.requestAxAttribute(Step2.AxSchema.LAST_NAME, true);
    }


    HttpSession session = req.getSession();
    AuthRequest authReq = null;
    try {
      authReq = helper.generateRequest();
      authReq.setRealm(realm);
      session.setAttribute("discovered", helper.getDiscoveryInformation());
    } catch (DiscoveryException e) {
      throw new ServletException(e);
    } catch (MessageException e) {
      throw new ServletException(e);
    } catch (ConsumerException e) {

View Full Code Here

    openid = openid.replaceFirst(".*@", "");


    // we assume that the user typed an identifier for an IdP, not for a user
    IdpIdentifier openId = new IdpIdentifier(openid);


    AuthRequestHelper helper = consumerHelper.getAuthRequestHelper(
        openId, returnToUrl.toString());


    helper.requestUxIcon(true);


    if (YES_STRING.equals(req.getParameter("oauth"))) {
      try {
        OAuthAccessor accessor = providerStore.getOAuthAccessor("google");
        helper.requestOauthAuthorization(accessor.consumer.consumerKey,
            "http://www.google.com/m8/feeds/");
      } catch (ProviderInfoNotFoundException e) {
        log("could not find provider info for Google", e);
        // we'll just ignore the OAuth request and proceed without it.
      }
    }


    if (YES_STRING.equals(req.getParameter("email"))) {
      helper.requestAxAttribute(Step2.AxSchema.EMAIL, true);
    }


    if (YES_STRING.equals(req.getParameter("country"))) {
      helper.requestAxAttribute(Step2.AxSchema.COUNTRY, true);
    }


    if (YES_STRING.equals(req.getParameter("language"))) {
      helper.requestAxAttribute(Step2.AxSchema.LANGUAGE, true);
    }


    if (YES_STRING.equals(req.getParameter("firstName"))) {
      helper.requestAxAttribute(Step2.AxSchema.FIRST_NAME, true);
    }


    if (YES_STRING.equals(req.getParameter("lastName"))) {
      helper.requestAxAttribute(Step2.AxSchema.LAST_NAME, true);
    }


    HttpSession session = req.getSession();
    AuthRequest authReq = null;
    try {
      authReq = helper.generateRequest();
      authReq.setRealm(realm);
      session.setAttribute("discovered", helper.getDiscoveryInformation());
    } catch (DiscoveryException e) {
      handleDiscoveryFailed(resp);
      return;
    } catch (MessageException e) {
      throw new ServletException(e);

View Full Code Here

    }


    // we assume that the user typed an identifier for an IdP, not for a user
    IdpIdentifier openId = new IdpIdentifier(req.getParameter("openid"));


    AuthRequestHelper helper = consumerHelper.getAuthRequestHelper(
        openId, returnToUrl.toString());


    helper.requestUxIcon(true);


    if (accessor != null) {
      log.debug("Requesting OAuth scope : " +
          (String) accessor.getProperty("scope"));
      helper.requestOauthAuthorization(accessor.consumer.consumerKey,
          (String) accessor.getProperty("scope"));
    }


    if (YES_STRING.equals(req.getParameter("email"))) {
      log.debug("Requesting AX email");
      helper.requestAxAttribute(Step2.AxSchema.EMAIL, true);
    }


    if (YES_STRING.equals(req.getParameter("country"))) {
      log.debug("Requesting AX country");
      helper.requestAxAttribute(Step2.AxSchema.COUNTRY, true);
    }


    if (YES_STRING.equals(req.getParameter("language"))) {
      log.debug("Requesting AX country");
      helper.requestAxAttribute(Step2.AxSchema.LANGUAGE, true);
    }


    if (YES_STRING.equals(req.getParameter("firstName"))) {
      log.debug("Requesting AX country");
      helper.requestAxAttribute(Step2.AxSchema.FIRST_NAME, true);
    }


    if (YES_STRING.equals(req.getParameter("lastName"))) {
      log.debug("Requesting AX country");
      helper.requestAxAttribute(Step2.AxSchema.LAST_NAME, true);
    }


    HttpSession session = req.getSession();
    AuthRequest authReq = null;
    try {
      authReq = helper.generateRequest();
      authReq.setRealm(realm);


      // add PAPE, if requested
      if (YES_STRING.equals(req.getParameter("reauth"))) {
        log.debug("Requesting PAPE reauth");
        PapeRequest pape = PapeRequest.createPapeRequest();
        pape.setMaxAuthAge(1);
        authReq.addExtension(pape);
      }


      session.setAttribute("discovered", helper.getDiscoveryInformation());
    } catch (DiscoveryException e) {
      StringBuffer errorMessage =
        new StringBuffer("Could not discover OpenID endpoint.");
      errorMessage.append("\n\n").append("Check if URL is valid: ");
      errorMessage.append(openId).append("\n\n");

View Full Code Here

        IdpIdentifier openId = new IdpIdentifier(op);


        String realm = realm(request);
        String returnToUrl = returnTo(request);


        AuthRequestHelper helper = consumerHelper.getAuthRequestHelper(openId, returnToUrl);
        addAttributes(helper);


        HttpSession session = request.getSession();
        AuthRequest authReq = helper.generateRequest();
        authReq.setRealm(realm);


        UiMessageRequest uiExtension = new UiMessageRequest();
        uiExtension.setIconRequest(true);
        authReq.addExtension(uiExtension);


        session.setAttribute("discovered", helper.getDiscoveryInformation());
        return authReq;
    }

View Full Code Here

        if (log.isDebugEnabled()) {
            log.debug("OpenID receiving url from the reponse: " + receivingURL);
            log.debug("OpenID query string from the reponse: " + queryString);
        }


        AuthResponseHelper authResponse = consumerHelper.verify(receivingURL, openidResp,
                discovered);
        if (authResponse.getAuthResultType() == AuthResponseHelper.ResultType.AUTH_SUCCESS) {
            return authResponse.getAuthResponse();
        } else {
            log.error("OpenID verification failed");
            throw new IdentityException("OpenID verification failed");
        }

View Full Code Here


    String requestToken = NO_TOKEN;


    // Try to get the OpenId, AX, and OAuth values from the auth response
    try {
      AuthResponseHelper authResponse =
        helper.verify(receivingUrl, openidResp, discovered);


      // Clean up stale session state if any
      for (Step2.AxSchema schema : SUPPORTED_AX_SCHEMAS) {
        session.removeAttribute(schema.getShortName());
      }
      session.removeAttribute("request_token");
      session.removeAttribute("access_token");
      session.removeAttribute("access_token_secret");
      session.removeAttribute("accessor");
      session.removeAttribute("user");


      // Get Claimed Identifier
      Identifier claimedId = authResponse.getClaimedId();
      session.setAttribute("user",
          (claimedId == null) ? UNKNOWN : claimedId.getIdentifier());




      if (authResponse.getAuthResultType() == ResultType.SETUP_NEEDED) {
        throw new ServletException("setup needed");
      }


      if (authResponse.getAuthResultType() == ResultType.AUTH_FAILURE) {
        throw new ServletException("auth failure");
      }


      if (authResponse.getAuthResultType() == ResultType.AUTH_SUCCESS) {
        Class<? extends AxMessage> axExtensionType =
            authResponse.getAxExtensionType();
        if (axExtensionType != null) {
          if (axExtensionType.equals(FetchResponse.class)) {
            FetchResponse fetchResponse = authResponse.getAxFetchResponse();
            List<String> aliases = fetchResponse.getAttributeAliases();
            for (String alias : aliases) {
              String typeUri = fetchResponse.getAttributeTypeUri(alias);
              String value = fetchResponse.getAttributeValueByTypeUri(typeUri);


              // check if it's a known type
              Step2.AxSchema schema = Step2.AxSchema.ofTypeUri(typeUri);
              if (null != schema) {
                session.setAttribute(schema.getShortName(), value);
              } else {
                session.setAttribute(alias + " (" + typeUri + ")", value);
              }
            }
          }
        }
        if (authResponse.hasHybridOauthExtension()) {
          requestToken = authResponse.getHybridOauthResponse().getRequestToken();
          session.setAttribute("request_token", "yes (" + requestToken + ")");
        }
      }
    } catch (MessageException e) {
      throw new ServletException(e);

View Full Code Here

        String receivingUrl = currentUrl(request);
        DiscoveryInformation discovered =
                (DiscoveryInformation) session.getAttribute("discovered");




        AuthResponseHelper authResponse =
                consumerHelper.verify(receivingUrl, openidResp, discovered);
        if (authResponse.getAuthResultType() == AuthResponseHelper.ResultType.AUTH_SUCCESS) {
            return onSuccess(authResponse, request);
        }
        return onFail(authResponse, request);
    }

View Full Code Here

  public OAuthAccessor getOAuthAccessor(String providerKey)
      throws ProviderInfoNotFoundException {
    OAuthAccessor result = accessors.get(providerKey);


    if (result == null) {
      throw new ProviderInfoNotFoundException(
          "no such provider: " + providerKey);
    } else {
      return copyAccessor(result);
    }
  }

View Full Code Here

            // robust HTTPFetcher implementation since the DefaultHttpFetcher
            // may not be entirely thread safe due to connection manager
            // configuration in HttpComponents, (this is why there are 4
            // discrete instances of DefaultHttpFetcher used below).
            HostMetaFetcher step2GoogleHostMetaFetcher = new GoogleHostMetaFetcher(new DefaultHttpFetcher());
            HostMetaFetcher step2DefaultHostMetaFetcher = new DefaultHostMetaFetcher(new DefaultHttpFetcher());
            ThreadFactory parallelThreadFactory = new ThreadFactory()
            {
                public Thread newThread(Runnable r)
                {
                    Thread newThread = Executors.defaultThreadFactory().newThread(r);

View Full Code Here

0 1 2 3 4 5 6 7 8 9

TOP

Related Classes of com.google.step2.discovery.Discovery2

com.google.appengine.api.urlfetch.HTTPRequest

com.google.appengine.api.urlfetch.HTTPResponse

com.google.code.samples.apps.marketplace.OpenIdServlet

com.google.step2.AuthRequestHelper

com.google.step2.AuthResponseHelper

com.google.step2.ConsumerHelper

com.google.step2.discovery.DefaultHostMetaFetcherTest

com.google.step2.discovery.IdpIdentifier

com.google.step2.discovery.LegacyXrdsResolver

com.google.step2.discovery.LegacyXrdsResolverTest

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.