boolean completed = IdentityConstants.OpenId.COMPLETE.equals(session
.getAttribute(IdentityConstants.OpenId.ACTION));
boolean approved = "true".equals(session.getAttribute(IdentityConstants.USER_APPROVED));
OpenIDAdminClient openIDAdmin = null;
String serverURL = CarbonUIUtil.getServerURL(session.getServletContext(), session);
ConfigurationContext configContext = (ConfigurationContext) session.getServletContext()
.getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);
openIDAdmin = new OpenIDAdminClient(configContext, serverURL, (String) session
.getAttribute(OpenIDAdminClient.OPENID_ADMIN_COOKIE));
if (completed && approved) {
session.removeAttribute(IdentityConstants.USER_APPROVED);
session.removeAttribute(IdentityConstants.OpenId.ACTION);
profileName = (String) session.getAttribute("profile");
session.removeAttribute("profile");
// Done - authenticated.
authenticated = true;
if (log.isDebugEnabled()) {
log.debug("Authenticated and user confirmed :" + openId);
}
}
if (IdentityConstants.OpenId.CANCEL.equals(session
.getAttribute(IdentityConstants.OpenId.ACTION))) {
if (log.isDebugEnabled()) {
log.debug("User cancelled :" + openId);
}
authenticated = false;
} else if (!authenticated) {
// Not authenticated, redirect to the authentication page.
session.setAttribute(IdentityConstants.OpenId.PARAM_LIST, params);
if (log.isDebugEnabled()) {
log.debug("User not authenticated. Redirecting to the authentication page :"
+ openId);
}
PapeInfoRequestDTO papeInfoRequestDTO = new PapeInfoRequestDTO();
papeInfoRequestDTO.setParamList(OpenIDUtil.getOpenIDAuthRequest(params));
papeInfoRequestDTO.setOpenID(openId);
PapeInfoResponseDTO papeInfoResponseDTO = openIDAdmin.getPapeInfo(papeInfoRequestDTO);
OpenIDParameterDTO[] parameterSet = papeInfoResponseDTO.getPolicies();
String tenant = TenantUtils.getDomainNameFromOpenId(openId);
String returnUrl = null;
if (parameterSet[0].getValue().equals("true")
|| parameterSet[1].getValue().equals("true")) {
returnUrl = CarbonUIUtil.getAdminConsoleURL(request)
+ "openid-provider/PAPE_info.jsp";
session.setAttribute("papePhishingResistance", parameterSet[0].getValue());
session.setAttribute("multiFactorAuth", parameterSet[1].getValue());
session.setAttribute("infoCardBasedMultiFacotrAuth", parameterSet[2].getValue());
session.setAttribute("xmppBasedMultiFacotrAuth", parameterSet[3].getValue());
if (tenant != null && tenant.trim().length() > 0) {
return returnUrl.replace("/carbon/", "/t/" + tenant + "/carbon/");
}
return returnUrl;
}
returnUrl = frontEndUrl;
Cookie[] cookies = request.getCookies();
String token = null;
if (cookies != null) {
Cookie curCookie = null;
for (int x = 0; x < cookies.length; x++) {
curCookie = cookies[x];
if (curCookie.getName().equalsIgnoreCase("openidtoken")) {
token = curCookie.getValue();
break;
}
}
}
if (token!=null && !"null".equals(token)){
session.setAttribute("openId", openId);
returnUrl = returnUrl.replace("openid-provider/openid_auth.jsp","openid-provider/openid_auth_submit.jsp");
}
if (tenant != null && tenant.trim().length() > 0) {
return returnUrl.replace("/carbon/", "/t/" + tenant + "/carbon/");
}
return returnUrl;
}
session.removeAttribute(IdentityConstants.OpenId.PARAM_LIST);
String opLocalId = null;
OpenIDAuthRequestDTO openIDAuthRequest = null;
OpenIDAuthResponseDTO openIDAuthResponse = null;
openIDAuthRequest = new OpenIDAuthRequestDTO();
if (IdentityConstants.TRUE.equals(session
.getAttribute(IdentityConstants.PHISHING_RESISTANCE))) {
openIDAuthRequest.setPhishiingResistanceAuthRequest(true);
// Clear the session.
session.removeAttribute(IdentityConstants.PHISHING_RESISTANCE);
}
if (IdentityConstants.TRUE
.equals(session.getAttribute(IdentityConstants.MULTI_FACTOR_AUTH))) {
openIDAuthRequest.setMultiFactorAuthRequested(true);
// Clear the cache.
session.removeAttribute(IdentityConstants.MULTI_FACTOR_AUTH);
}
openIDAuthRequest.setParams(OpenIDUtil.getOpenIDAuthRequest(params));
openIDAuthRequest.setOpLocalId(opLocalId);
openIDAuthRequest.setUserSelectedClaimedId(userSelectedClaimedId);
openIDAuthRequest.setAuthenticated(authenticated);
openIDAuthRequest.setOpenID(openId);
openIDAuthRequest.setProfileName(profileName);
openIDAuthResponse = openIDAdmin.getOpenIDAuthResponse(openIDAuthRequest);
if (openIDAuthResponse != null) {
return openIDAuthResponse.getDestinationUrl();
}