/src/main/java/com/google/ie/common/openid/GuiceModule.java
Java | 165 lines | 113 code | 25 blank | 27 comment | 4 complexity | 44ef33e43b41d706078b4b8b59e49b61 MD5 | raw file
1/* Copyright 2010 Google Inc. 2 * 3 * Licensed under the Apache License, Version 2.0 (the "License"); 4 * you may not use this file except in compliance with the License. 5 * You may obtain a copy of the License at 6 * 7 * http://www.apache.org/licenses/LICENSE-2.0 8 * 9 * Unless required by applicable law or agreed to in writing, software 10 * distributed under the License is distributed on an "AS IS" BASIS. 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 * See the License for the specific language governing permissions and 13 * limitations under the License 14 */ 15 16package com.google.ie.common.openid; 17 18import com.google.appengine.api.urlfetch.URLFetchService; 19import com.google.appengine.api.urlfetch.URLFetchServiceFactory; 20import com.google.ie.common.openid.appengine.AppEngineHttpFetcher; 21import com.google.ie.common.openid.appengine.AppEngineTrustsRootProvider; 22import com.google.ie.common.openid.appengine.Openid4javaFetcher; 23import com.google.ie.common.openid.appengine.SerialExecutorService; 24import com.google.inject.AbstractModule; 25import com.google.inject.CreationException; 26import com.google.inject.Provides; 27import com.google.inject.Scopes; 28import com.google.inject.Singleton; 29import com.google.inject.name.Named; 30import com.google.inject.name.Names; 31import com.google.step2.consumer.OAuthProviderInfoStore; 32import com.google.step2.discovery.DefaultHostMetaFetcher; 33import com.google.step2.discovery.HostMetaFetcher; 34import com.google.step2.discovery.ParallelHostMetaFetcher; 35import com.google.step2.http.HttpFetcher; 36import com.google.step2.hybrid.HybridOauthMessage; 37import com.google.step2.openid.ax2.AxMessage2; 38import com.google.step2.xmlsimplesign.CertValidator; 39import com.google.step2.xmlsimplesign.CnConstraintCertValidator; 40import com.google.step2.xmlsimplesign.DefaultCertValidator; 41import com.google.step2.xmlsimplesign.DisjunctiveCertValidator; 42import com.google.step2.xmlsimplesign.TrustRootsProvider; 43 44import org.openid4java.consumer.ConsumerAssociationStore; 45import org.openid4java.consumer.InMemoryConsumerAssociationStore; 46import org.openid4java.message.Message; 47import org.openid4java.message.MessageException; 48 49import java.util.concurrent.ExecutorService; 50import java.util.concurrent.Executors; 51 52/** 53 * 54 * @author Dirk Balfanz (dirk.balfanz@gmail.com) 55 * @author Breno de Medeiros (breno.demedeiros@gmail.com) 56 */ 57public class GuiceModule extends AbstractModule { 58 @Override 59 protected void configure() { 60 61 try { 62 Message.addExtensionFactory(AxMessage2.class); 63 } catch (MessageException e) { 64 throw new CreationException(null); 65 } 66 67 try { 68 Message.addExtensionFactory(HybridOauthMessage.class); 69 } catch (MessageException e) { 70 throw new CreationException(null); 71 } 72 73 bind(ConsumerAssociationStore.class) 74 .to(InMemoryConsumerAssociationStore.class) 75 .in(Scopes.SINGLETON); 76 77 bind(OAuthProviderInfoStore.class) 78 .to(SimpleProviderInfoStore.class).in(Scopes.SINGLETON); 79 80 if (isRunningOnAppengine()) { 81 install(new AppEngineModule()); 82 } else { 83 install(new JettyModule()); 84 } 85 } 86 87 private boolean isRunningOnAppengine() { 88 89 if (System.getSecurityManager() == null) { 90 return false; 91 } 92 93 return System.getSecurityManager().getClass().getCanonicalName() 94 .startsWith("com.google"); 95 } 96 97 // we're using a cert validator that will validate certs either if they 98 // belong to the expected signer of the XRD, or if they're signed 99 // by Google. 100 @Provides 101 @Singleton 102 public CertValidator provideCertValidator(DefaultCertValidator defaultValidator) { 103 CertValidator hardCodedValidator = new CnConstraintCertValidator() { 104 @Override 105 protected String getRequiredCn(String authority) { 106 return "hosted-id.google.com"; 107 } 108 }; 109 110 return new DisjunctiveCertValidator(defaultValidator, hardCodedValidator); 111 } 112 113 // we're using a ParallelHostMetaFetcher to fetch host-metas both from their 114 // default location, and from a special location at Google. 115 @Provides 116 @Singleton 117 public HostMetaFetcher provideHostMetaFetcher( 118 @Named("HostMetaFetcherExecutor") ExecutorService executor, 119 DefaultHostMetaFetcher fetcher1, 120 GoogleHostedHostMetaFetcher fetcher2) { 121 122 // we're waiting at most 10 seconds for the two host-meta fetchers to 123 // find 124 // a host-meta 125 long hostMetatimeout = 10; // seconds. 126 127 return new ParallelHostMetaFetcher(executor, hostMetatimeout, 128 fetcher1, fetcher2); 129 } 130 131 public static class JettyModule extends AbstractModule { 132 @Override 133 protected void configure() { 134 bind(ExecutorService.class) 135 .annotatedWith(Names.named("HostMetaFetcherExecutor")) 136 .toInstance(Executors.newFixedThreadPool(20)); 137 } 138 } 139 140 public static class AppEngineModule extends AbstractModule { 141 @Override 142 protected void configure() { 143 bind(HttpFetcher.class) 144 .to(AppEngineHttpFetcher.class).in(Scopes.SINGLETON); 145 146 bind(TrustRootsProvider.class) 147 .to(AppEngineTrustsRootProvider.class).in(Scopes.SINGLETON); 148 149 bind(ExecutorService.class) 150 .annotatedWith(Names.named("HostMetaFetcherExecutor")) 151 .to(SerialExecutorService.class).in(Scopes.SINGLETON); 152 153 bind(org.openid4java.util.HttpFetcher.class) 154 .to(Openid4javaFetcher.class) 155 .in(Scopes.SINGLETON); 156 } 157 } 158 159 @Provides 160 @Singleton 161 public URLFetchService provideUrlFetchService() { 162 return URLFetchServiceFactory.getURLFetchService(); 163 } 164} 165