Author: anil.saldhana(a)jboss.com
Date: 2012-03-19 15:01:13 -0400 (Mon, 19 Mar 2012)
New Revision: 1525
Modified:
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookAuthenticator.java
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookProcessor.java
social/trunk/openid/src/main/java/org/picketlink/social/openid/auth/OpenIDProcessor.java
social/trunk/social/src/main/java/org/picketlink/social/auth/ExternalAuthenticator.java
Log:
deal with negative responses
Modified:
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookAuthenticator.java
===================================================================
---
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookAuthenticator.java 2012-03-19
15:59:04 UTC (rev 1524)
+++
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookAuthenticator.java 2012-03-19
19:01:13 UTC (rev 1525)
@@ -187,7 +187,12 @@
Principal principal = processor.getPrincipal(request, response,
context.getRealm());
if(principal == null)
- throw new RuntimeException("Principal was null. Maybe login modules need
to be configured properly.");
+ {
+ log.error("Principal was null. Maybe login modules need to be configured
properly.");
+ response.sendError(HttpServletResponse.SC_FORBIDDEN);
+ return false;
+ }
+
String userName = principal.getName();
request.getSessionInternal().setNote(Constants.SESS_USERNAME_NOTE, userName);
Modified:
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookProcessor.java
===================================================================
---
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookProcessor.java 2012-03-19
15:59:04 UTC (rev 1524)
+++
social/trunk/facebook/src/main/java/org/picketlink/social/facebook/FacebookProcessor.java 2012-03-19
19:01:13 UTC (rev 1525)
@@ -156,6 +156,8 @@
{
Principal principal = null;
Principal facebookPrincipal = handleAuthenticationResponse(request, response);
+ if(facebookPrincipal == null)
+ return null;
request.getSession().setAttribute("PRINCIPAL", facebookPrincipal);
cachedPrincipal.set(facebookPrincipal);
@@ -186,7 +188,8 @@
String authorizationCode = request.getParameter(OAuthConstants.CODE_PARAMETER);
if (authorizationCode == null)
{
- throw new RuntimeException("Authorization code parameter not
found");
+ log.error("Authorization code parameter not found");
+ return null;
}
URLConnection connection = sendAccessTokenRequest(returnUrl, authorizationCode,
response);
Modified:
social/trunk/openid/src/main/java/org/picketlink/social/openid/auth/OpenIDProcessor.java
===================================================================
---
social/trunk/openid/src/main/java/org/picketlink/social/openid/auth/OpenIDProcessor.java 2012-03-19
15:59:04 UTC (rev 1524)
+++
social/trunk/openid/src/main/java/org/picketlink/social/openid/auth/OpenIDProcessor.java 2012-03-19
19:01:13 UTC (rev 1525)
@@ -241,7 +241,7 @@
{
throw new RuntimeException(e);
}
-
+
// examine the verification result and extract the verified identifier
Identifier identifier = verification.getVerifiedId();
Modified:
social/trunk/social/src/main/java/org/picketlink/social/auth/ExternalAuthenticator.java
===================================================================
---
social/trunk/social/src/main/java/org/picketlink/social/auth/ExternalAuthenticator.java 2012-03-19
15:59:04 UTC (rev 1524)
+++
social/trunk/social/src/main/java/org/picketlink/social/auth/ExternalAuthenticator.java 2012-03-19
19:01:13 UTC (rev 1525)
@@ -32,7 +32,6 @@
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
-import org.apache.catalina.Session;
import org.apache.catalina.authenticator.Constants;
import org.apache.catalina.authenticator.FormAuthenticator;
import org.apache.catalina.connector.Request;
@@ -219,6 +218,11 @@
{
principal = facebookProcessor.getPrincipal(request, response,
context.getRealm());
}
+ if(principal == null)
+ {
+ response.sendError(HttpServletResponse.SC_FORBIDDEN);
+ return false;
+ }
return dealWithFacebookPrincipal(request, response, principal);
}
@@ -242,7 +246,11 @@
Principal principal = facebookProcessor.getPrincipal(request, response,
context.getRealm());
if(principal == null)
- throw new RuntimeException("Principal was null. Maybe login modules need
to be configured properly. Or user chose no data");
+ {
+ log.error("Principal was null. Maybe login modules need to be
configured properly. Or user chose no data");
+ response.sendError(HttpServletResponse.SC_FORBIDDEN);
+ return false;
+ }
return dealWithFacebookPrincipal(request, response, principal);
}
@@ -274,9 +282,14 @@
HttpSession httpSession = request.getSession();
String state = (String) httpSession.getAttribute("STATE");
if(trace) log.trace("state="+ state);
-
+
if( STATES.FINISH.name().equals(state))
- return true;
+ {
+ //This is a replay. We need to resend a request back to the OpenID provider
+ httpSession.setAttribute("STATE", STATES.AUTH.name());
+
+ return openidProcessor.prepareAndSendAuthRequest(request, response);
+ }
if( state == null || state.isEmpty())
{
@@ -284,32 +297,16 @@
}
//We have sent an auth request
if( state.equals(STATES.AUTH.name()))
- {
- Session session = request.getSessionInternal(true);
- if (saveRestoreRequest)
- {
- this.saveRequest(request, session);
- }
-
+ {
Principal principal = openidProcessor.processIncomingAuthResult(request,
response, context.getRealm());
if(principal == null)
- throw new RuntimeException("Principal was null. Maybe login modules need
to be configured properly. Or user chose no data");
-
- String principalName = principal.getName();
- request.getSessionInternal().setNote(Constants.SESS_USERNAME_NOTE,
principalName);
- request.getSessionInternal().setNote(Constants.SESS_PASSWORD_NOTE,
"");
- request.setUserPrincipal(principal);
-
- if (saveRestoreRequest)
{
- this.restoreRequest(request, request.getSessionInternal());
+ log.error("Principal was null. Maybe login modules need to be
configured properly. Or user chose no data");
+ return false;
}
-
- if(trace)
- log.trace("Logged in as:" + principal);
- registerWithAuthenticatorBase(request,response,principal,principalName);
- return true;
+
+ return dealWithOpenIDPrincipal(request, response, principal);
}
return false;
}
@@ -365,4 +362,25 @@
return true;
}
+
+ private boolean dealWithOpenIDPrincipal(Request request, Response response, Principal
principal) throws IOException
+ {
+ HttpSession httpSession = request.getSession();
+
+ String principalName = principal.getName();
+ request.getSessionInternal().setNote(Constants.SESS_USERNAME_NOTE,
principalName);
+ request.getSessionInternal().setNote(Constants.SESS_PASSWORD_NOTE, "");
+ request.setUserPrincipal(principal);
+
+ if (saveRestoreRequest)
+ {
+ this.restoreRequest(request, request.getSessionInternal());
+ }
+
+ if(trace)
+ log.trace("Logged in as:" + principal);
+ registerWithAuthenticatorBase(request,response,principal,principalName);
+ httpSession.setAttribute("STATE", STATES.FINISH.name());
+ return true;
+ }
}
\ No newline at end of file