Package org.cedj.geekseek.service.security.picketlink

Source Code of org.cedj.geekseek.service.security.picketlink.OAuthAuthenticator

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
package org.cedj.geekseek.service.security.picketlink;

import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Event;
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.agorava.Twitter;
import org.agorava.core.api.UserProfile;
import org.agorava.core.api.oauth.OAuthService;
import org.agorava.core.api.oauth.OAuthSession;
import org.agorava.core.cdi.Current;
import org.agorava.twitter.model.TwitterProfile;
import org.cedj.geekseek.domain.Repository;
import org.cedj.geekseek.domain.user.model.User;
import org.cedj.geekseek.service.security.oauth.SuccessfulAuthentication;
import org.picketlink.annotations.PicketLink;
import org.picketlink.authentication.BaseAuthenticator;

@ApplicationScoped
@PicketLink
public class OAuthAuthenticator extends BaseAuthenticator {

    private static final String AUTH_COOKIE_NAME = "auth";
    private static final String LOCATION = "Location";

    @Inject @PicketLink
    private Instance<HttpServletRequest> requestInst;

    @Inject @PicketLink
    private Instance<HttpServletResponse> responseInst;

    @Inject
    private Repository<User> repository;

    @Inject
    private OAuthService service;

    @Inject @Twitter @Current
    private OAuthSession session;

    @Inject
    private Event<SuccessfulAuthentication> successful;

    @Override
    public void authenticate() {
        HttpServletRequest request = requestInst.get();
        HttpServletResponse response = responseInst.get();

        if(request == null || response == null) {
            setStatus(AuthenticationStatus.FAILURE);
        } else {
            if(session.isConnected()) { // already got a active session going
                OAuthSession session = service.getSession();
                UserProfile userProfile = session.getUserProfile();

                User user = repository.get(userProfile.getId());
                if(user == null) {  // can't find a matching account, shouldn't really happen
                    setStatus(AuthenticationStatus.FAILURE);
                } else {
                    setAccount(new UserAccount(user));
                    setStatus(AuthenticationStatus.SUCCESS);
                }
            } else {
                // Callback
                String verifier = request.getParameter(service.getVerifierParamName());
                if(verifier != null) {
                    session.setVerifier(verifier);
                    service.initAccessToken();

                    // https://issues.jboss.org/browse/AGOVA-53
                    successful.fire(new SuccessfulAuthentication(service.getSession().getUserProfile(), service.getAccessToken()));

                    String screenName = ((TwitterProfile)service.getSession().getUserProfile()).getScreenName();
                    User user = repository.get(screenName);
                    if(user == null) { // can't find a matching account
                        setStatus(AuthenticationStatus.FAILURE);
                    } else {
                        setAccount(new UserAccount(user));
                        setStatus(AuthenticationStatus.SUCCESS);
                        response.addCookie(new Cookie(AUTH_COOKIE_NAME, user.getApiToken()));
                    }

                } else {
                    // initiate redirect request to 3. party
                    String redirectUrl = service.getAuthorizationUrl();

                    response.setStatus(302);
                    response.setHeader(LOCATION, redirectUrl);
                    setStatus(AuthenticationStatus.DEFERRED);
                }
            }
        }
    }
}
TOP

Related Classes of org.cedj.geekseek.service.security.picketlink.OAuthAuthenticator

  • org.agorava.core.api.oauth.OAuthSession
  • org.agorava.core.api.UserProfile
  • org.cedj.geekseek.domain.user.model.User
  • org.cedj.geekseek.service.security.oauth.SuccessfulAuthentication
  • javax.servlet.http.Cookie
  • javax.servlet.http.HttpServletResponse
  • javax.servlet.http.HttpServletRequest
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.