/src/main/java/com/puzzlebazar/server/OpenIdServlet.java
Java | 190 lines | 132 code | 25 blank | 33 comment | 18 complexity | 1cc063081c4ce6f92c849ee6afb34d3c MD5 | raw file
- /**
- * Copyright 2010 Philippe Beaudoin
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- package com.puzzlebazar.server;
- import java.io.FileNotFoundException;
- import java.io.IOException;
- import java.net.UnknownHostException;
-
- import javax.servlet.ServletException;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
-
- import com.dyuproject.openid.Constants;
- import com.dyuproject.openid.OpenIdServletFilter;
- import com.dyuproject.openid.OpenIdUser;
- import com.dyuproject.openid.RelyingParty;
- import com.dyuproject.openid.YadisDiscovery;
- import com.dyuproject.openid.ext.AxSchemaExtension;
- import com.dyuproject.util.http.UrlEncodedParameterMap;
- import com.google.inject.Inject;
- import com.google.inject.Provider;
- import com.google.inject.Singleton;
- import com.puzzlebazar.server.model.UserDAO;
-
- /**
- * @author Philippe Beaudoin
- */
- @Singleton
- public class OpenIdServlet extends HttpServlet {
- private static final long serialVersionUID = 6314103753523555658L;
-
- private static final String CLOSE_POPUP_URI = "/openid/ClosePopup.html";
- private final Provider<UserDAO> userDAO;
-
- @Inject
- public OpenIdServlet(Provider<UserDAO> userDAO) {
- this.userDAO = userDAO;
- }
-
- @Override
- public void doGet(HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
- doPost(request, response);
- }
-
- @Override
- public void doPost(HttpServletRequest request, HttpServletResponse response)
- throws IOException, ServletException {
- String provider = request.getParameter("provider");
- if (provider != null) {
- // If the ui supplies a number of buttons for default providers.
- // This will speed up the openid process by skipping discovery.
- // The override is done by adding the OpenIdUser to the request attribute.
- if (provider.equals("google")) {
- OpenIdUser user = OpenIdUser.populate("https://www.google.com/accounts/o8/id",
- YadisDiscovery.IDENTIFIER_SELECT,
- "https://www.google.com/accounts/o8/ud");
- request.setAttribute(OpenIdUser.ATTR_NAME, user);
- } else if (provider.equals("yahoo")) {
- OpenIdUser user = OpenIdUser.populate("http://yahoo.com/",
- YadisDiscovery.IDENTIFIER_SELECT,
- "https://open.login.yahooapis.com/openid/op/auth");
- request.setAttribute(OpenIdUser.ATTR_NAME, user);
- }
- }
-
- RelyingParty relyingParty = RelyingParty.getInstance();
-
- String errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
- try {
- OpenIdUser user = relyingParty.discover(request);
- if (user == null) {
- if (RelyingParty.isAuthResponse(request)) {
- // authentication timeout
- response.sendRedirect(request.getRequestURI());
- } else {
- // set error msg if the openid_identifier is not resolved.
- if (request.getParameter(relyingParty.getIdentifierParameter()) != null) {
- request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg);
- }
-
- // TODO: Simply close the window? Alert?
- request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
- }
- return;
- }
-
- if (user.isAuthenticated()) {
- // user already authenticated
- request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
- return;
- }
-
- if (user.isAssociated() && RelyingParty.isAuthResponse(request)) {
- // verify authentication
- if (relyingParty.verifyAuth(user, request, response)) {
- // authenticated
- userDAO.get().setSessionUser(user);
-
- // redirect to home to remove the query params instead of doing:
- request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
- } else {
- // failed verification
-
- // TODO: Simply close the window? Alert?
- request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
- }
- return;
- }
-
- // associate and authenticate user
- StringBuffer url = request.getRequestURL();
- String trustRoot = url.substring(0, url.indexOf("/", 9));
- String realm = url.substring(0, url.lastIndexOf("/"));
- String returnTo = url.toString();
- if (relyingParty.associateAndAuthenticate(user, request, response, trustRoot, realm,
- returnTo)) {
- return;
- }
- } catch (UnknownHostException uhe) {
- System.err.println("not found");
- errorMsg = OpenIdServletFilter.ID_NOT_FOUND_MSG;
- } catch (FileNotFoundException fnfe) {
- System.err.println("could not be resolved");
- errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
- } catch (Exception e) {
- e.printStackTrace();
- errorMsg = OpenIdServletFilter.DEFAULT_ERROR_MSG;
- }
- request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg);
-
- // TODO: Simply close the window? Alert?
- request.getRequestDispatcher(CLOSE_POPUP_URI).forward(request, response);
- }
-
- @Override
- public void init() throws ServletException {
- super.init();
-
- // One-time initialization of RelyingParty.
- RelyingParty.getInstance()
- .addListener(new AxSchemaExtension()
- .addExchange("email")
- .addExchange("language")
- )
- .addListener(new RelyingParty.Listener()
- {
- @Override
- public void onDiscovery(OpenIdUser user, HttpServletRequest request) {
- }
-
- @Override
- public void onPreAuthenticate(OpenIdUser user, HttpServletRequest request,
- UrlEncodedParameterMap params) {
- if ("true".equals(request.getParameter("popup"))) {
- String returnTo = params.get(Constants.OPENID_TRUST_ROOT) + request.getRequestURI();
- params.put(Constants.OPENID_RETURN_TO, returnTo);
- params.put(Constants.OPENID_REALM, returnTo);
- params.put("openid.ns.ui", "http://specs.openid.net/extensions/ui/1.0");
- params.put("openid.ui.mode", "popup");
- }
- }
-
- @Override
- public void onAuthenticate(OpenIdUser user, HttpServletRequest request) {
- }
-
- @Override
- public void onAccess(OpenIdUser user, HttpServletRequest request) {
- }
- });
- }
-
- }