}
if(accessAuthPageAnon) {
// Causes anonymous login
// but does not respect SlingAuthenticator allowAnonymous
return new AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE, null);
}
}
}
}
if(user != null) {
if(user.isAuthenticated()) {
// user already authenticated
request.setAttribute(OpenIdUser.ATTR_NAME, user);
return getAuthInfoFromUser(user);
} else if(user.isAssociated()) {
if(RelyingParty.isAuthResponse(request)) {
if(relyingParty.verifyAuth(user, request, response)) {
// authenticated
response.sendRedirect(request.getRequestURI());
return AuthenticationInfo.DOING_AUTH;
} else {
// failed verification
AuthenticationInfo authInfo = handleAuthFailure(OpenIDFailure.VERIFICATION, request, response);
if(authInfo != null) {
return authInfo;
}
}
} else {
// Assume a cancel or some other non-successful response from provider
// failed verification
relyingParty.invalidate(request, response);
user = null;
AuthenticationInfo authInfo = handleAuthFailure(OpenIDFailure.AUTHENTICATION, request, response);
if(authInfo != null) {
return authInfo;
}
}
} else {
// associate and authenticate user
StringBuffer url = null;
String trustRoot = null;
String returnTo = null;
if(externalUrlPrefix != null && !"".equals(externalUrlPrefix.trim())) {
url = new StringBuffer(externalUrlPrefix).append(request.getRequestURI());
trustRoot = externalUrlPrefix;
} else {
url = request.getRequestURL();
trustRoot = url.substring(0, url.indexOf(SLASH, 9));
}
String realm = url.substring(0, url.lastIndexOf(SLASH));
if(redirectToOriginalUrl) {
returnTo = url.toString();
} else {
request.setAttribute(OpenIDConstants.ORIGINAL_URL_ATTRIBUTE, request.getRequestURI());
returnTo = authSuccessUrl;
}
if(relyingParty.associateAndAuthenticate(user, request, response, trustRoot, realm,
returnTo)) {
// user is associated and then redirected to his openid provider for authentication
return AuthenticationInfo.DOING_AUTH;
} else {
// failed association or auth request generation
AuthenticationInfo authInfo = handleAuthFailure(OpenIDFailure.ASSOCIATION, request, response);
if(authInfo != null) {
return authInfo;
}
}
}