📄 openidpape.java
字号:
/*
* Copyright 2005-2008 WSO2, Inc. (http://wso2.com)
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.wso2.solutions.identity.relyingparty.openid.extensions;
import javax.servlet.http.HttpServletRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.MessageException;
import org.openid4java.message.MessageExtension;
import org.openid4java.message.pape.PapeMessage;
import org.openid4java.message.pape.PapeRequest;
import org.openid4java.message.pape.PapeResponse;
import org.wso2.solutions.identity.IdentityConstants;
import org.wso2.solutions.identity.relyingparty.RelyingPartyException;
import org.wso2.solutions.identity.relyingparty.openid.AuthPolicyType;
import org.wso2.solutions.identity.relyingparty.openid.OpenIDAuthenticationRequest;
public class OpenIDPape implements OpenIDExtension {
private AuthSuccess authSuccess;
/**
* Default constructor
*/
public OpenIDPape() {
}
/**
* Constructed during building the response
* @param authSuccess An instance of AuthSuccess
*/
public OpenIDPape(AuthSuccess authSuccess) {
this.authSuccess = authSuccess;
}
/**
* Creates an instance of MessageExtension for the OpenID authentication
* request
* @param request OpenID authentication request
* @return An instance of MessageExtension
* @throws RelyingPartyException
*/
public MessageExtension getMessageExtension(
OpenIDAuthenticationRequest request) throws RelyingPartyException {
PapeRequest papeReq = null;
papeReq = PapeRequest.createPapeRequest();
for (AuthPolicyType authType : request.getAuthTypes()) {
switch (authType) {
case PAPE_POLICY_MULTI_FACTOR:
papeReq
.addPreferredAuthPolicy(PapeMessage.PAPE_POLICY_MULTI_FACTOR);
break;
case PAPE_POLICY_MULTI_FACTOR_PHYSICAL:
papeReq
.addPreferredAuthPolicy(PapeMessage.PAPE_POLICY_MULTI_FACTOR_PHYSICAL);
break;
case PAPE_POLICY_PHISHING_RESISTANT:
papeReq
.addPreferredAuthPolicy(PapeMessage.PAPE_POLICY_PHISHING_RESISTANT);
break;
default:
break;
}
}
return papeReq;
}
/**
* Set session attributes with the received OpenID response
* @param request HttpServletRequest
* @throws RelyingPartyException
*/
public void setSessionAttributes(HttpServletRequest request)
throws RelyingPartyException {
try {
PapeResponse papeResponse = null;
if (authSuccess.hasExtension(PapeResponse.OPENID_NS_PAPE)) {
papeResponse = (PapeResponse) authSuccess
.getExtension(PapeResponse.OPENID_NS_PAPE);
if (papeResponse != null) {
request
.setAttribute(
IdentityConstants.OpenId.PapeAttributes.AUTH_POLICIES,
papeResponse.getAuthPolicies());
request.setAttribute(
IdentityConstants.OpenId.PapeAttributes.AUTH_AGE,
papeResponse.getAuthAge());
request
.setAttribute(
IdentityConstants.OpenId.PapeAttributes.NIST_AUTH_LEVEL,
papeResponse.getNistAuthLevel());
}
}
} catch (MessageException e) {
throw new RelyingPartyException(
IdentityConstants.ErrorCodes.OPENID_AUTHENTICATION_FAILED,
e);
}
}
}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -