Package org.apache.rave.portal.web.controller.handler

Source Code of org.apache.rave.portal.web.controller.handler.OpenIDAuthenticationFailureHandler

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements.  See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership.  The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License.  You may obtain a copy of the License at
*
*      http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied.  See the License for the
* specific language governing permissions and limitations
* under the License.
*/

package org.apache.rave.portal.web.controller.handler;

import java.io.IOException;
import java.util.List;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.apache.rave.portal.model.User;
import org.apache.rave.portal.model.impl.UserImpl;
import org.apache.rave.portal.web.util.ModelKeys;
import org.apache.rave.portal.web.util.ViewNames;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.openid.OpenIDAttribute;
import org.springframework.security.openid.OpenIDAuthenticationStatus;
import org.springframework.security.openid.OpenIDAuthenticationToken;
import org.springframework.security.web.DefaultRedirectStrategy;
import org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler;
import org.springframework.stereotype.Controller;

/**
* Controller which processes openid authentication failure. If the user record for particular
* openid user is not found in the DB, it redirects to the account creation page. Otherwise
* it redirects to the default authentication failure page.
*
*/
@Controller
public class OpenIDAuthenticationFailureHandler extends  SimpleUrlAuthenticationFailureHandler {

  private static Logger log = LoggerFactory.getLogger(OpenIDAuthenticationFailureHandler.class);

  @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
    if(exception instanceof UsernameNotFoundException
      && exception.getAuthentication() instanceof OpenIDAuthenticationToken
            && ((OpenIDAuthenticationToken)exception.getAuthentication()).getStatus().equals(OpenIDAuthenticationStatus.SUCCESS)) {
     
      OpenIDAuthenticationToken token = (OpenIDAuthenticationToken)exception.getAuthentication();
      String url = token.getIdentityUrl();
      User user = createTemporaryUser(token, url);
      request.getSession(true).setAttribute(ModelKeys.NEW_USER, user);

      DefaultRedirectStrategy redirectStrategy = new DefaultRedirectStrategy();
      log.info("Redirecting to new user account creation page");
      super.setRedirectStrategy(redirectStrategy);
      redirectStrategy.sendRedirect(request, response, "/"+ViewNames.CREATE_ACCOUNT_PAGE);
      return;
    } else {
      super.onAuthenticationFailure(request, response, exception);
    }
  }

  private User createTemporaryUser(OpenIDAuthenticationToken token,
      final String openId) {
    final List<OpenIDAttribute> attributes = token.getAttributes();
    String email = null;
    String firstName = null;
    String lastName = null;
    String displayName = null;
    for (OpenIDAttribute attribute : attributes) {
      if ("email".equals(attribute.getName())
          && !attribute.getValues().isEmpty()) {
        email = attribute.getValues().get(0);
      } else if ("firstname".equals(attribute.getName())
          && !attribute.getValues().isEmpty()) {
        firstName = attribute.getValues().get(0);
      } else if ("lastname".equals(attribute.getName())
          && !attribute.getValues().isEmpty()) {
        lastName = attribute.getValues().get(0);
      } else if ("fullname".equals(attribute.getName())
          && !attribute.getValues().isEmpty()) {
        displayName = attribute.getValues().get(0);
      }
    }
    User user = new UserImpl();
    String username = StringUtils.substringAfter(openId, "://").replace("/", "");
    if (username.length() > 35) {
      username = username.substring(0, 35);
    }
    if (displayName == null && firstName != null && lastName != null) {
      displayName = firstName + " " + lastName;
    }
    user.setUsername(username);
    user.setEmail(email);
    user.setGivenName(firstName);
    user.setFamilyName(lastName);
    user.setDisplayName(displayName);
    user.setOpenId(openId);

    return user;
  }
}
TOP

Related Classes of org.apache.rave.portal.web.controller.handler.OpenIDAuthenticationFailureHandler

  • org.apache.rave.model.User
  • org.apache.rave.portal.model.impl.UserImpl
  • org.apache.rave.portal.model.User
  • org.springframework.security.openid.OpenIDAuthenticationToken
  • org.springframework.security.web.DefaultRedirectStrategy
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.