cardissuer.java

开源的OpenId的一个java实现

            throw new IdentityProviderException("keyStoreException",
                    new String[] { serverConfig
                            .getFirstProperty("Security.KeyStore.Location") },
                    e);
        }
    }

    private InformationCard getInfoCard(UserCredential credential, Identity id,
            boolean requireAppliesTo, String primaryUserId)
            throws CardModelException, IdentityProviderException {

        InformationCard card = new InformationCard();

        InformationCardReference ref = new InformationCardReference(
                "http://identity.wso2.org/" + UUIDGenerator.getUUID(), 1);
        card.setInformationCardReference(ref);
        card.setIssuer(issuerConfig.getIssuer());

        Calendar cal = new GregorianCalendar(TimeZone.getTimeZone("UTC"));
        Date now = cal.getTime();
        long lifetime = issuerConfig.getValidPeriod() * 1000l * 60l * 60l * 24l;
        Date exp = new Date(now.getTime() + lifetime);

        if (log.isDebugEnabled()) {
            DateFormat zulu = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'");
            log.info(messages.getMessage("createdInfocardAt",
                    new String[] { zulu.format(now) }));
            log.info(messages.getMessage("infocardExpiresAt",
                    new String[] { zulu.format(exp) }));
        }

        card.setTimeIssued(now);
        card.setTimeExpires(exp);

        if (!isOpenIdInfoCard)
            card.setCardName("WSO2 Managed Card");
        else
            card.setCardName("WSO2 OpenID Information Card");

        byte[] imgBytes = getCardImageBytes();
        CardImage img = new CardImage("image/jpeg", Base64.encode(imgBytes));
        card.setCardImage(img);

        ServerConfiguration config = ServerConfiguration.getInstance();
        String host = config.getFirstProperty("HostName");
        String httpsPort = config.getFirstProperty("Ports.HTTPS");

        EndpointReference stsEpr = null;
        Metadata mexEpr = null;

        String stsAddress = "https://" + host + ":" + httpsPort
                + "/wsas/services/";
        String mexAddress = "https://" + host + ":" + httpsPort
                + "/wsas/services/";

        if (issuerConfig.isUseSymmetricBinding()) { // TODO post beta
            if (credential.getCredential() instanceof UsernamePasswordCredential) {
                stsAddress += IdentityProviderConstants.SERVICE_NAME_STS_UT_SYMM;
                mexAddress += IdentityProviderConstants.SERVICE_NAME_MEX_UT_SYMM
                        + "/get";
            } else if (credential.getCredential() instanceof SelfIssuedCredential) {
                stsAddress += IdentityProviderConstants.SERVICE_NAME_STS_IC_SYMM;
                mexAddress += IdentityProviderConstants.SERVICE_NAME_MEX_IC_SYMM
                        + "/get";
            }
        } else {
            if (credential.getCredential() instanceof UsernamePasswordCredential) {
                if (isOpenIdInfoCard) {
                    stsAddress += IdentityProviderConstants.OpenId.SERVICE_NAME_STS_OPENID;
                    mexAddress += IdentityProviderConstants.OpenId.SERVICE_NAME_MEX_OPENID
                            + "/get";
                } else {
                    stsAddress += IdentityProviderConstants.SERVICE_NAME_STS_UT;
                    mexAddress += IdentityProviderConstants.SERVICE_NAME_MEX_UT
                            + "/get";
                }
            } else if (credential.getCredential() instanceof SelfIssuedCredential) {
                if (isOpenIdInfoCard) {
                    stsAddress += IdentityProviderConstants.OpenId.SERVICE_NAME_STS_IC_OPENID;
                    mexAddress += IdentityProviderConstants.OpenId.SERVICE_NAME_MEX_IC_OPENID
                            + "/get";
                } else {
                    stsAddress += IdentityProviderConstants.SERVICE_NAME_STS_IC;
                    mexAddress += IdentityProviderConstants.SERVICE_NAME_MEX_IC
                            + "/get";
                }
            }
        }

        stsEpr = new EndpointReference(stsAddress);

        mexEpr = new Metadata(mexAddress);

        stsEpr.addExtensibleElement(id.serialize());
        stsEpr.addMetaData(mexEpr.serialize());

        TokenService service = new TokenService(stsEpr, credential);
        TokenServiceList serviceList = new TokenServiceList();
        serviceList.addTokenService(service);

        card.setTokenServiceList(serviceList);

        card.setSupportedTokenTypeList(issuerConfig.getTokenTypeList());

        // Get the list of supported claims
        IPPersistenceManager db = IPPersistenceManager.getPersistanceManager();
        ClaimDO[] supportedClaims = db.getAllSupportedClaims();
        SupportedClaimTypeList claimTypeList = new SupportedClaimTypeList();

        if (isOpenIdInfoCard) {
            for (int i = 0; i < supportedClaims.length; i++) {
                // Right now we do not accept OpenID from the user.
                // We generate it for him, based on his user id and store it in
                // the database.
                // But, this claim needs to be included in the InfoCard.
                if (supportedClaims[i].isSupported()
                        && isValidClaim(primaryUserId, supportedClaims[i])
                        || supportedClaims[i].getUri().equals(
                                IdentityConstants.CLAIM_OPENID)) {
                    SupportedClaimType claim = new SupportedClaimType(
                            OpenIDUtil.getMappedAxSchema(supportedClaims[i]
                                    .getUri()));
                    claim.setDisplayTag(supportedClaims[i].getDisplayTag());
                    claim.setDescription(supportedClaims[i].getDescription());
                    claimTypeList.addSupportedClaimType(claim);
                }
            }
        } else {
            for (int i = 0; i < supportedClaims.length; i++) {
                if (supportedClaims[i].isSupported()
                        && isValidClaim(primaryUserId, supportedClaims[i])) {
                    SupportedClaimType claim = new SupportedClaimType(
                            supportedClaims[i].getUri());
                    claim.setDisplayTag(supportedClaims[i].getDisplayTag());
                    claim.setDescription(supportedClaims[i].getDescription());
                    claimTypeList.addSupportedClaimType(claim);
                }
            }
        }

        card.setSupportedClaimTypeList(claimTypeList);
        final RequireAppliesTo appliesTo = new RequireAppliesTo();
        if (requireAppliesTo) {
            card.setRequireAppliesTo(appliesTo);
        } else {
            appliesTo.setOptional(true);
            card.setRequireAppliesTo(appliesTo);
        }
        return card;

    }

    private byte[] getCardImageBytes() throws CardModelException {
        try {
            FileInputStream is = new FileInputStream(System
                    .getProperty(ServerConstants.WSO2WSAS_HOME)
                    + IdentityConstants.CARD_IMAGE_PATH);
            ByteArrayOutputStream baos = new ByteArrayOutputStream();
            byte[] data = new byte[1024];
            int length = 0;
            while (is.available() > 0) {
                length = is.read(data);
                baos.write(data, 0, length);
            }

            return baos.toByteArray();
        } catch (Exception e) {
            throw new CardModelException(e.getMessage(), e);
        }
    }

    private void storeCard(InformationCard card, String userId)
            throws IdentityProviderException {

        IPPersistenceManager dbman = IPPersistenceManager
                .getPersistanceManager();
        InfoCardDO cardDo = new InfoCardDO();
        cardDo.setCardId(card.getInformationCardReference().getCardId());
        cardDo.setDateIssued(card.getTimeIssued());
        cardDo.setUserId(userId);
        cardDo.setDateExpires(card.getTimeExpires());
        cardDo.setOpenIDInfoCard(this.isOpenIdInfoCard);

        dbman.create(cardDo);
        log.info("Information card details stored for card id : "
                + card.getInformationCardReference().getCardId());
    }

    private boolean isValidClaim(String user, ClaimDO claim)
            throws IdentityProviderException {
        UserStore userStore = null;
        Map<String, String> mapValues = null;

        if (IdentityConstants.CLAIM_PPID.equals(claim.getUri()))
            return true;

        userStore = UserStore.getInstance();
        mapValues = userStore.getClaimValues(user, null);

        if (mapValues != null && !mapValues.isEmpty()) {
            if (mapValues.get(claim.getAttrId()) != null) {
                return true;
            }
        }

        return false;
    }

    public void setIsOpenIdInfoCard(boolean isOpenIdInfoCard) {
        this.isOpenIdInfoCard = isOpenIdInfoCard;
    }

}