📄 openidauthverificationaction.java
字号:
/*
* Copyright 2005-2008 WSO2, Inc. (http://wso2.com) Licensed under the Apache
* License, Version 2.0 (the "License"); you may not use this file except in
* compliance with the License. You may obtain a copy of the License at
* http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law
* or agreed to in writing, software distributed under the License is
* distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the specific language
* governing permissions and limitations under the License.
*/
package org.wso2.solutions.identity.user.ui.action;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Map.Entry;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import org.openid4java.message.ParameterList;
import org.apache.struts2.StrutsStatics;
import org.wso2.solutions.identity.IdentityConstants;
import org.wso2.solutions.identity.IdentityProviderConstants;
import org.wso2.solutions.identity.IdentityProviderException;
import org.wso2.solutions.identity.UserStore;
import org.wso2.solutions.identity.admin.ClaimsAdmin;
import org.wso2.solutions.identity.admin.ReportAdmin;
import org.wso2.solutions.identity.openid.OpenIDClaim;
import org.wso2.solutions.identity.openid.OpenIDUtil;
import org.wso2.solutions.identity.persistence.IPPersistenceManager;
import org.wso2.solutions.identity.persistence.dataobject.ActionDO;
import org.wso2.solutions.identity.persistence.dataobject.OpenIDUserRPDO;
import org.wso2.solutions.identity.relyingparty.RelyingPartyException;
import org.wso2.solutions.identity.user.ui.ClaimValue;
import org.wso2.solutions.identity.user.ui.util.UserUtil;
import org.wso2.solutions.identity.users.IdentityDefaultRealm;
import org.wso2.solutions.identity.users.IdentityUserStoreReader;
import org.wso2.usermanager.UserManagerException;
import com.opensymphony.xwork2.ActionContext;
public class OpenIDAuthVerificationAction extends ManagedAction {
/**
*
*/
private static final long serialVersionUID = 7880796322220751491L;
private List<String> profile = null;
private List<ClaimValue> claimValues = null;
private String defaultUserProfileName = null;
private List<String> requiredAttributes = null;
/**
* This will get executed once the user provided his login credentials
*/
public String execute() throws Exception {
ActionContext context = null;
HttpServletRequest request = null;
String openID = null;
HttpSession session = null;
ParameterList requestParam = null;
String user = null;
String infoCardSignin = null;
String rpUrl = null;
context = ActionContext.getContext();
request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
session = request.getSession();
infoCardSignin = request.getParameter("InfoCardSignin");
requestParam = (ParameterList) session
.getAttribute(IdentityConstants.OpenId.PARAM_LIST);
if (requestParam != null
&& requestParam
.hasParameter(IdentityConstants.OpenId.ATTR_IDENTITY)) {
openID = requestParam.getParameter(
IdentityConstants.OpenId.ATTR_IDENTITY).getValue();
} else {
addErrorMessage(getText("openid_required"));
return ERROR;
}
if (requestParam.hasParameter(IdentityConstants.OpenId.ATTR_RETURN_TO)) {
rpUrl = requestParam.getParameter(
IdentityConstants.OpenId.ATTR_RETURN_TO).getValue();
rpUrl = UserUtil.getRelyingPartyUrl(rpUrl);
} else {
addErrorMessage(getText("returnTo_required"));
return ERROR;
}
requiredAttributes = (List<String>) session
.getAttribute("RequestedAttr");
user = UserUtil.getUserName(openID);
if (infoCardSignin != null && "Log in".equals(infoCardSignin)) {
// User logs in with an information card
return handleInforCardLogin(openID, user, rpUrl);
} else {
// User logs in with user-name/password.
return handleUserNameLogin(openID, user, rpUrl);
}
}
/**
* Handles user-name/password login
* @param openID OpenID
* @param user User name
* @param rpUrl Relying party URL
* @return Success/Failure
* @throws RelyingPartyException
* @throws IdentityProviderException
* @throws IOException
*/
protected String handleUserNameLogin(String openID, String user,
String rpUrl) throws RelyingPartyException,
IdentityProviderException, IOException {
ActionContext context = null;
HttpServletRequest request = null;
HttpServletResponse response = null;
HttpSession session = null;
String password = null;
context = ActionContext.getContext();
request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
response = (HttpServletResponse) context
.get(StrutsStatics.HTTP_RESPONSE);
session = request.getSession();
password = request
.getParameter(IdentityProviderConstants.OpenId.PASSWORD);
if (password == null) {
password = (String) session
.getAttribute(IdentityProviderConstants.OpenId.PASSWORD);
if (password != null)
session
.removeAttribute(IdentityProviderConstants.OpenId.PASSWORD);
}
if (UserUtil.doLogin(user, password)) {
populateUserProfiles(user, rpUrl);
String remeberMe = null;
if (request.getParameter("remember") != null) {
remeberMe = request.getParameter("remember");
}
if (remeberMe != null && remeberMe.equalsIgnoreCase("true")) {
// Add cookie
Cookie rememberMeCookie = new Cookie("rememberme", "true");
// Expires in two weeks
rememberMeCookie.setMaxAge(60 * 60 * 24 * 14);
response.addCookie(rememberMeCookie);
Cookie openIDCookie = new Cookie("openid", openID);
openIDCookie.setMaxAge(60 * 60 * 24 * 14);
openIDCookie.setSecure(true);
response.addCookie(openIDCookie);
// Encode the password
Cookie passwordCookie = new Cookie("password",
new sun.misc.BASE64Encoder().encode(password
.getBytes("UTF-8")));
passwordCookie.setMaxAge(60 * 60 * 24 * 14);
passwordCookie.setSecure(true);
response.addCookie(passwordCookie);
}
String message = getText("successful_for", new String[] { user });
ReportAdmin.record(user, ActionDO.ACTION_USER_LOG_IN_OPENID,
message);
if (!isRequiredUserApproval(request)) {
String authMessage = getText("successful_for",
new String[] { user });
ReportAdmin.record(user,
ActionDO.ACTION_USER_APPROVED_OPENID_RP_ALWAYS,
authMessage);
// User has already agreed to accept request from this RP
// always.
response
.sendRedirect("server?_action=complete&authenticatedAndApproved=true");
}
return SUCCESS;
} else {
String message = getText("invalid_user_password");
ReportAdmin.record(user, ActionDO.ACTION_USER_FAILURE, message);
this.addErrorMessage(getText("invalid_user_password"));
return ERROR;
}
}
/**
* Handles information card login
* @param openID OpenID
* @param user User name
* @param rpUrl Relying party URL
* @return Success/Failure
* @throws RelyingPartyException
* @throws IdentityProviderException
* @throws IOException
*/
protected String handleInforCardLogin(String openID, String user,
String rpUrl) throws RelyingPartyException,
IdentityProviderException, IOException {
ActionContext context = null;
HttpServletRequest request = null;
HttpServletResponse response = null;
HttpSession session = null;
ParameterList requestParam = null;
boolean isRedirected = false;
String[] policies = null;
context = ActionContext.getContext();
request = (HttpServletRequest) context.get(StrutsStatics.HTTP_REQUEST);
response = (HttpServletResponse) context
.get(StrutsStatics.HTTP_RESPONSE);
session = request.getSession();
requestParam = (ParameterList) session
.getAttribute(IdentityConstants.OpenId.PARAM_LIST);
if (UserUtil.verifyInfoCardLogin(context, openID)) {
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -