[seam-commits] Seam SVN: r13765 - in modules/security/trunk/external: src/main/java/org/jboss/seam/security/external and 17 other directories.
seam-commits at lists.jboss.org
seam-commits at lists.jboss.org
Sat Sep 18 07:03:56 EDT 2010
Author: marcelkolsteren
Date: 2010-09-18 07:03:55 -0400 (Sat, 18 Sep 2010)
New Revision: 13765
Added:
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInApplicationScopeProducer.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInVirtualApplicationScopeProducer.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderOrRelyingParty.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServerManagerFactory.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdUsersServlet.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/
modules/security/trunk/external/src/test/resources/WEB-INF/op-beans.xml
modules/security/trunk/external/src/test/resources/WEB-INF/rp-beans.xml
Removed:
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdAttribute.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdSingleLoginService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdXrdsProvider.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/OpenIdSpiMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/idp/
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/sp/
Modified:
modules/security/trunk/external/pom.xml
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/EntityBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdService.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java
modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java
modules/security/trunk/external/src/main/resources/META-INF/web-fragment.xml
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/MetaDataLoader.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/AfterDeployEventHandler.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/ArchiveBuilder.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/BeforeUnDeployEventHandler.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java
modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpVirtualApplicationCreator.java
Log:
- Added OpenID Provider support
- Added integration test for OpenID (covers Relying Party and Provider)
Modified: modules/security/trunk/external/pom.xml
===================================================================
--- modules/security/trunk/external/pom.xml 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/pom.xml 2010-09-18 11:03:55 UTC (rev 13765)
@@ -18,6 +18,7 @@
<arquillian.version>1.0.0.Alpha3</arquillian.version>
<jbossas.server.manager.version>1.0.3.GA</jbossas.server.manager.version>
<jbossas.client.version>6.0.0.20100721-M4</jbossas.client.version>
+ <weld.extensions.version>1.0.0.Alpha2</weld.extensions.version>
</properties>
<build>
@@ -70,6 +71,7 @@
<dependency>
<groupId>org.jboss.weld</groupId>
<artifactId>weld-extensions</artifactId>
+ <version>${weld.extensions.version}</version>
</dependency>
<dependency>
@@ -180,7 +182,14 @@
<version>3.1</version>
</dependency>
+ <!-- Needed by openid4java -->
<dependency>
+ <groupId>nekohtml</groupId>
+ <artifactId>nekohtml</artifactId>
+ <version>1.9.12</version>
+ </dependency>
+
+ <dependency>
<groupId>org.jboss.arquillian</groupId>
<artifactId>arquillian-junit</artifactId>
<scope>test</scope>
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,86 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external;
+
+import java.io.IOException;
+
+import javax.inject.Inject;
+import javax.servlet.Filter;
+import javax.servlet.FilterChain;
+import javax.servlet.FilterConfig;
+import javax.servlet.ServletException;
+import javax.servlet.ServletRequest;
+import javax.servlet.ServletResponse;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.dialogues.DialogueManager;
+
+ at WebFilter(filterName = "DialogueFilter", urlPatterns = "/*")
+public class DialogueFilter implements Filter
+{
+ public final static String DIALOGUE_ID_PARAM = "dialogueId";
+
+ @Inject
+ private DialogueManager manager;
+
+ @Inject
+ private ResponseHolder responseHolder;
+
+ public void init(FilterConfig filterConfig) throws ServletException
+ {
+ }
+
+ public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException
+ {
+ responseHolder.setResponse((HttpServletResponse) response);
+
+ if (manager.isAttached())
+ {
+ manager.detachDialogue();
+ }
+
+ String dialogueId = request.getParameter(DIALOGUE_ID_PARAM);
+
+ if (dialogueId != null)
+ {
+ if (!manager.isExistingDialogue(dialogueId))
+ {
+ ((HttpServletResponse) response).sendError(HttpServletResponse.SC_BAD_REQUEST, "dialogue " + dialogueId + " does not exist");
+ return;
+ }
+ manager.attachDialogue(dialogueId);
+ }
+
+ chain.doFilter(request, response);
+
+ if (manager.isAttached())
+ {
+ manager.detachDialogue();
+ }
+ }
+
+ public void destroy()
+ {
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/DialogueFilter.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/EntityBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/EntityBean.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/EntityBean.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -21,6 +21,9 @@
*/
package org.jboss.seam.security.external;
+import java.net.MalformedURLException;
+import java.net.URL;
+
/**
* @author Marcel Kolsteren
*
@@ -61,4 +64,23 @@
{
this.port = port;
}
+
+ protected String createURL(String path)
+ {
+ try
+ {
+ if (protocol.equals("http") && port == 80 || protocol.equals("https") && port == 443)
+ {
+ return new URL(protocol, hostName, path).toExternalForm();
+ }
+ else
+ {
+ return new URL(protocol, hostName, port, path).toExternalForm();
+ }
+ }
+ catch (MalformedURLException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
}
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdAttribute.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdAttribute.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdAttribute.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -1,71 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.api;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class OpenIdAttribute
-{
- private String alias;
- private String typeUri;
- private boolean required;
-
- public OpenIdAttribute(String alias, String typeUri, boolean required)
- {
- super();
- this.alias = alias;
- this.typeUri = typeUri;
- this.required = required;
- }
-
- public String getAlias()
- {
- return alias;
- }
-
- public void setAlias(String alias)
- {
- this.alias = alias;
- }
-
- public String getTypeUri()
- {
- return typeUri;
- }
-
- public void setTypeUri(String typeUri)
- {
- this.typeUri = typeUri;
- }
-
- public boolean isRequired()
- {
- return required;
- }
-
- public void setRequired(boolean required)
- {
- this.required = required;
- }
-}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdPrincipal.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -36,14 +36,14 @@
private URL openIdProvider;
- private Map<String, List<String>> attributes;
+ private Map<String, List<String>> attributeValues;
- public OpenIdPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributes)
+ public OpenIdPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues)
{
super();
this.identifier = identifier;
this.openIdProvider = openIdProvider;
- this.attributes = attributes;
+ this.attributeValues = attributeValues;
}
public String getIdentifier()
@@ -56,9 +56,26 @@
return openIdProvider;
}
- public Map<String, List<String>> getAttributes()
+ public Map<String, List<String>> getAttributeValues()
{
- return attributes;
+ return attributeValues;
}
+ public String getAttribute(String alias)
+ {
+ List<String> values = attributeValues.get(alias);
+ if (values.size() == 0)
+ {
+ return null;
+ }
+ else if (values.size() == 1)
+ {
+ return (String) attributeValues.get(alias).get(0);
+ }
+ else
+ {
+ throw new RuntimeException("Attribute has multiple values");
+ }
+ }
+
}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,40 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.api;
+
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdProviderApi
+{
+ void authenticationSucceeded(String userName);
+
+ void authenticationFailed();
+
+ void setAttributes(Map<String, List<String>> attributeValues);
+
+ String getOpLocalIdentifierForUserName(String userName);
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderApi.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,29 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.api;
+
+public interface OpenIdProviderConfigurationApi extends EntityConfigurationApi
+{
+ String getXrdsURL();
+
+ String getRealm();
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdProviderConfigurationApi.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyApi.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -29,5 +29,13 @@
*/
public interface OpenIdRelyingPartyApi
{
- public void login(String openId, List<OpenIdAttribute> attributes);
+ /**
+ * Start an OpenID login dialogue.
+ *
+ * @param identifier either a Claimed Identifier (identifying the user) or an
+ * OP Identifier (identifying the OpenID Provider where the user
+ * has an account)
+ * @param attributes attributes that are requested
+ */
+ void login(String identifier, List<OpenIdRequestedAttribute> attributes);
}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRelyingPartyConfigurationApi.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -23,5 +23,7 @@
public interface OpenIdRelyingPartyConfigurationApi extends EntityConfigurationApi
{
+ String getXrdsURL();
+ String getRealm();
}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,89 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.api;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class OpenIdRequestedAttribute
+{
+ private String alias;
+ private String typeUri;
+ private boolean required;
+ private Integer count;
+
+ public OpenIdRequestedAttribute()
+ {
+
+ }
+
+ public OpenIdRequestedAttribute(String alias, String typeUri, boolean required, Integer count)
+ {
+ super();
+ this.alias = alias;
+ this.typeUri = typeUri;
+ this.required = required;
+ this.count = count;
+ }
+
+ public String getAlias()
+ {
+ return alias;
+ }
+
+ public void setAlias(String alias)
+ {
+ this.alias = alias;
+ }
+
+ public String getTypeUri()
+ {
+ return typeUri;
+ }
+
+ public void setTypeUri(String typeUri)
+ {
+ this.typeUri = typeUri;
+ }
+
+ public boolean isRequired()
+ {
+ return required;
+ }
+
+ public void setRequired(boolean required)
+ {
+ this.required = required;
+ }
+
+ public Integer getCount()
+ {
+ return count;
+ }
+
+ public void setCount(Integer count)
+ {
+ this.count = count;
+ }
+
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/api/OpenIdRequestedAttribute.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,53 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.dialogues;
+
+import static org.jboss.weld.servlet.ServletHelper.getModuleBeanManager;
+
+import javax.enterprise.inject.spi.Bean;
+import javax.servlet.ServletContext;
+
+import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.weld.manager.BeanManagerImpl;
+
+/**
+ * Provides dialogue beans to classes that are not able to inject.
+ *
+ * @author Marcel Kolsteren
+ *
+ */
+public class DialogueBeanProvider
+{
+ public static Dialogue dialogue(ServletContext servletContext)
+ {
+ BeanManagerImpl beanManager = getModuleBeanManager(servletContext);
+ Bean<?> bean = beanManager.resolve(beanManager.getBeans(Dialogue.class));
+ return (Dialogue) beanManager.getReference(bean, Dialogue.class, beanManager.createCreationalContext(bean));
+ }
+
+ public static DialogueManager dialogueManager(ServletContext servletContext)
+ {
+ BeanManagerImpl beanManager = getModuleBeanManager(servletContext);
+ Bean<?> bean = beanManager.resolve(beanManager.getBeans(DialogueManager.class));
+ return (DialogueManager) beanManager.getReference(bean, DialogueManager.class, beanManager.createCreationalContext(bean));
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/dialogues/DialogueBeanProvider.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,242 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import java.io.IOException;
+import java.io.Writer;
+import java.util.LinkedList;
+import java.util.List;
+import java.util.Map;
+
+import javax.enterprise.inject.Instance;
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+
+import org.jboss.seam.security.external.InvalidRequestException;
+import org.jboss.seam.security.external.ResponseHandler;
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
+import org.openid4java.message.AuthRequest;
+import org.openid4java.message.DirectError;
+import org.openid4java.message.Message;
+import org.openid4java.message.MessageException;
+import org.openid4java.message.MessageExtension;
+import org.openid4java.message.ParameterList;
+import org.openid4java.message.ax.AxMessage;
+import org.openid4java.message.ax.FetchRequest;
+import org.openid4java.message.ax.FetchResponse;
+import org.openid4java.server.ServerManager;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class OpenIdProviderAuthenticationService
+{
+ @Inject
+ private Instance<OpenIdProviderRequest> openIdProviderRequest;
+
+ @Inject
+ private Instance<ServerManager> openIdServerManager;
+
+ @Inject
+ private Instance<OpenIdProviderSpi> openIdProviderSpi;
+
+ @Inject
+ private ResponseHandler responseHandler;
+
+ @Inject
+ private DialogueManager dialogueManager;
+
+ @Inject
+ private Instance<Dialogue> dialogue;
+
+ @Inject
+ private Instance<OpenIdProviderBean> opBean;
+
+ public void handleIncomingMessage(HttpServletRequest httpRequest) throws InvalidRequestException
+ {
+ ParameterList parameterList = new ParameterList(httpRequest.getParameterMap());
+
+ String mode = parameterList.getParameterValue("openid.mode");
+
+ Message response;
+
+ if ("associate".equals(mode))
+ {
+ response = openIdServerManager.get().associationResponse(parameterList);
+ writeMessageToResponse(response);
+ }
+ else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode))
+ {
+ dialogueManager.beginDialogue();
+ String claimedIdentifier = parameterList.getParameterValue("openid.claimed_id");
+ String opLocalIdentifier = parameterList.getParameterValue("openid.identity");
+
+ openIdProviderRequest.get().setParameterList(parameterList);
+ openIdProviderRequest.get().setClaimedIdentifier(claimedIdentifier);
+
+ MessageExtension ext = null;
+ try
+ {
+ AuthRequest authReq = AuthRequest.createAuthRequest(parameterList, openIdServerManager.get().getRealmVerifier());
+ if (authReq.hasExtension(AxMessage.OPENID_NS_AX))
+ {
+ ext = authReq.getExtension(AxMessage.OPENID_NS_AX);
+ }
+ }
+ catch (MessageException e)
+ {
+ throw new RuntimeException(e);
+ }
+
+ if (ext instanceof FetchRequest)
+ {
+ FetchRequest fetchRequest = (FetchRequest) ext;
+
+ List<OpenIdRequestedAttribute> requestedAttributes = new LinkedList<OpenIdRequestedAttribute>();
+ handleAttributeRequests(fetchRequest, requestedAttributes, false);
+ handleAttributeRequests(fetchRequest, requestedAttributes, true);
+ openIdProviderRequest.get().setRequestedAttributes(requestedAttributes);
+ openIdProviderRequest.get().setFetchRequest(fetchRequest);
+ }
+
+ if (claimedIdentifier != null && opLocalIdentifier != null)
+ {
+ boolean immediate = "checkid_immediate".equals(mode);
+ String realm = parameterList.getParameterValue("openid.realm");
+ if (realm == null)
+ {
+ realm = parameterList.getParameterValue("openid.return_to");
+ }
+
+ if (opLocalIdentifier.equals(AuthRequest.SELECT_ID))
+ {
+ openIdProviderSpi.get().authenticate(realm, null, immediate);
+ }
+ else
+ {
+ String userName = opBean.get().getUserNameFromOpLocalIdentifier(opLocalIdentifier);
+ openIdProviderSpi.get().authenticate(realm, userName, immediate);
+ }
+ }
+ else
+ {
+ response = DirectError.createDirectError("Invalid request; claimed_id or identity attribute is missing");
+ writeMessageToResponse(response);
+ }
+ dialogueManager.detachDialogue();
+ }
+ else if ("check_authentication".equals(mode))
+ {
+ response = openIdServerManager.get().verify(parameterList);
+ writeMessageToResponse(response);
+ }
+ else
+ {
+ response = DirectError.createDirectError("Unknown request");
+ writeMessageToResponse(response);
+ }
+ }
+
+ private void handleAttributeRequests(FetchRequest fetchRequest, List<OpenIdRequestedAttribute> requestedAttributes, boolean required)
+ {
+ @SuppressWarnings("unchecked")
+ Map<String, String> attributes = fetchRequest.getAttributes(required);
+
+ for (Map.Entry<String, String> entry : attributes.entrySet())
+ {
+ OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute();
+ requestedAttribute.setAlias(entry.getKey());
+ requestedAttribute.setTypeUri(entry.getValue());
+ requestedAttribute.setRequired(required);
+ requestedAttribute.setCount(fetchRequest.getCount(entry.getKey()));
+ requestedAttributes.add(requestedAttribute);
+ }
+ }
+
+ public void sendAuthenticationResponse(boolean authenticationSuccesful, Map<String, List<String>> attributeValues)
+ {
+ ParameterList parameterList = openIdProviderRequest.get().getParameterList();
+ String userName = openIdProviderRequest.get().getUserName();
+ String opLocalIdentifier = opBean.get().getOpLocalIdentifierForUserName(userName);
+ String claimedIdentifier = openIdProviderRequest.get().getClaimedIdentifier();
+ if (claimedIdentifier.equals(AuthRequest.SELECT_ID))
+ {
+ claimedIdentifier = opLocalIdentifier;
+ }
+
+ Message response = openIdServerManager.get().authResponse(parameterList, opLocalIdentifier, claimedIdentifier, authenticationSuccesful);
+
+ if (response instanceof DirectError)
+ {
+ writeMessageToResponse(response);
+ }
+ else
+ {
+ if (openIdProviderRequest.get().getRequestedAttributes() != null)
+ {
+ try
+ {
+ FetchResponse fetchResponse = FetchResponse.createFetchResponse(openIdProviderRequest.get().getFetchRequest(), attributeValues);
+ response.addExtension(fetchResponse);
+ }
+ catch (MessageException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ // caller will need to decide which of the following to use:
+
+ // option1: GET HTTP-redirect to the return_to URL
+ String destinationUrl = response.getDestinationUrl(true);
+ responseHandler.sendHttpRedirectToUserAgent(destinationUrl);
+
+ // option2: HTML FORM Redirection
+ // RequestDispatcher dispatcher =
+ // getServletContext().getRequestDispatcher("formredirection.jsp");
+ // httpReq.setAttribute("prameterMap", response.getParameterMap());
+ // httpReq.setAttribute("destinationUrl",
+ // response.getDestinationUrl(false));
+ // dispatcher.forward(request, response);
+ // return null;
+ }
+
+ dialogue.get().setFinished(true);
+ }
+
+ private void writeMessageToResponse(Message message)
+ {
+ Writer writer = responseHandler.getWriter("text/plain");
+ try
+ {
+ writer.append(message.keyValueFormEncoding());
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderAuthenticationService.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,237 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import java.io.UnsupportedEncodingException;
+import java.io.Writer;
+import java.net.URLDecoder;
+import java.net.URLEncoder;
+import java.util.List;
+import java.util.Map;
+
+import javax.enterprise.inject.Instance;
+import javax.inject.Inject;
+import javax.servlet.ServletContext;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+
+import org.jboss.seam.security.external.EntityBean;
+import org.jboss.seam.security.external.JaxbContext;
+import org.jboss.seam.security.external.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi;
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.jaxb.xrds.LocalID;
+import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory;
+import org.jboss.seam.security.external.jaxb.xrds.Service;
+import org.jboss.seam.security.external.jaxb.xrds.Type;
+import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern;
+import org.jboss.seam.security.external.jaxb.xrds.XRD;
+import org.jboss.seam.security.external.jaxb.xrds.XRDS;
+import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
+import org.openid4java.discovery.DiscoveryInformation;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class OpenIdProviderBean extends EntityBean implements OpenIdProviderApi, OpenIdProviderConfigurationApi
+{
+ @Inject
+ private Instance<OpenIdProviderRequest> openIdProviderRequest;
+
+ @Inject
+ private OpenIdProviderAuthenticationService openIdSingleLoginSender;
+
+ @Inject
+ private ServletContext servletContext;
+
+ @Inject
+ private Instance<OpenIdProviderSpi> openIdProviderSpi;
+
+ @Inject
+ @JaxbContext(ObjectFactory.class)
+ private JAXBContext jaxbContext;
+
+ public String getServiceURL(OpenIdService service)
+ {
+ String path = servletContext.getContextPath() + "/openid/OP/" + service.getName();
+ return createURL(path);
+ }
+
+ public String getRealm()
+ {
+ return createURL("");
+ }
+
+ public String getXrdsURL()
+ {
+ return getServiceURL(OpenIdService.XRDS_SERVICE);
+ }
+
+ /**
+ * Write XRDS with OP identifier (see OpenId 2.0 Authentication spec, section
+ * 7.3.2.1.1.)
+ *
+ * @param writer writer to use
+ */
+ public void writeOpIdentifierXrds(Writer writer)
+ {
+ try
+ {
+ ObjectFactory objectFactory = new ObjectFactory();
+
+ XRDS xrds = objectFactory.createXRDS();
+
+ XRD xrd = objectFactory.createXRD();
+
+ Type type = objectFactory.createType();
+ type.setValue(DiscoveryInformation.OPENID2_OP);
+ URIPriorityAppendPattern uri = objectFactory.createURIPriorityAppendPattern();
+ uri.setValue(getServiceURL(OpenIdService.OPEN_ID_SERVICE));
+
+ Service service = objectFactory.createService();
+ service.getType().add(type);
+ service.getURI().add(uri);
+
+ xrd.getService().add(service);
+
+ xrds.getOtherelement().add(xrd);
+
+ Marshaller marshaller = jaxbContext.createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
+ marshaller.marshal(xrds, writer);
+ }
+ catch (JAXBException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public void writeClaimedIdentifierXrds(Writer writer, String opLocalIdentifier)
+ {
+ try
+ {
+ ObjectFactory objectFactory = new ObjectFactory();
+
+ XRDS xrds = objectFactory.createXRDS();
+
+ XRD xrd = objectFactory.createXRD();
+
+ Type type = objectFactory.createType();
+ type.setValue(DiscoveryInformation.OPENID2);
+ URIPriorityAppendPattern uri = objectFactory.createURIPriorityAppendPattern();
+ uri.setValue(getServiceURL(OpenIdService.OPEN_ID_SERVICE));
+
+ Service service = objectFactory.createService();
+ service.getType().add(type);
+ service.getURI().add(uri);
+
+ LocalID localId = new LocalID();
+ localId.setValue(opLocalIdentifier);
+ service.getLocalID().add(localId);
+
+ xrd.getService().add(service);
+
+ xrds.getOtherelement().add(xrd);
+
+ Marshaller marshaller = jaxbContext.createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
+ marshaller.marshal(xrds, writer);
+ }
+ catch (JAXBException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public String getOpLocalIdentifierForUserName(String userName)
+ {
+ try
+ {
+ return createURL(getUsersPath() + URLEncoder.encode(userName, "UTF-8"));
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public String getUserNameFromOpLocalIdentifier(String opLocalIdentifier)
+ {
+ String prefix = createURL(getUsersPath());
+ if (opLocalIdentifier.startsWith(prefix))
+ {
+ String urlEncodedUserName = opLocalIdentifier.replace(prefix, "");
+ try
+ {
+ return URLDecoder.decode(urlEncodedUserName, "UTF-8");
+ }
+ catch (UnsupportedEncodingException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+ else
+ {
+ return null;
+ }
+ }
+
+ public String getUsersPath()
+ {
+ return servletContext.getContextPath() + "/users/";
+ }
+
+ public String getUsersUrlPrefix()
+ {
+ return createURL(getUsersPath());
+ }
+
+ @Dialogued(join = true)
+ public void authenticationFailed()
+ {
+ openIdSingleLoginSender.sendAuthenticationResponse(false, null);
+ }
+
+ @Dialogued(join = true)
+ public void authenticationSucceeded(String userName)
+ {
+ openIdProviderRequest.get().setUserName(userName);
+ if (openIdProviderRequest.get().getRequestedAttributes() == null)
+ {
+ openIdSingleLoginSender.sendAuthenticationResponse(true, null);
+ }
+ else
+ {
+ openIdProviderSpi.get().fetchParameters(openIdProviderRequest.get().getRequestedAttributes());
+ }
+ }
+
+ @Dialogued(join = true)
+ public void setAttributes(Map<String, List<String>> attributeValues)
+ {
+ openIdSingleLoginSender.sendAuthenticationResponse(true, attributeValues);
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderBean.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInApplicationScopeProducer.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInApplicationScopeProducer.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInApplicationScopeProducer.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,42 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.enterprise.inject.Alternative;
+import javax.enterprise.inject.New;
+import javax.enterprise.inject.Produces;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+ at Alternative
+public class OpenIdProviderInApplicationScopeProducer
+{
+ @Produces
+ @ApplicationScoped
+ public OpenIdProviderBean produce(@New OpenIdProviderBean op)
+ {
+ return op;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInApplicationScopeProducer.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInVirtualApplicationScopeProducer.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInVirtualApplicationScopeProducer.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInVirtualApplicationScopeProducer.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,43 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import javax.enterprise.inject.Alternative;
+import javax.enterprise.inject.New;
+import javax.enterprise.inject.Produces;
+
+import org.jboss.seam.security.external.virtualapplications.api.VirtualApplicationScoped;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+ at Alternative
+public class OpenIdProviderInVirtualApplicationScopeProducer
+{
+ @Produces
+ @VirtualApplicationScoped
+ public OpenIdProviderBean produce(@New OpenIdProviderBean op)
+ {
+ return op;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderInVirtualApplicationScopeProducer.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderOrRelyingParty.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderOrRelyingParty.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderOrRelyingParty.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,27 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+public enum OpenIdProviderOrRelyingParty
+{
+ OP, RP;
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderOrRelyingParty.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,100 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import java.io.Serializable;
+import java.util.List;
+
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.dialogues.api.DialogueScoped;
+import org.openid4java.message.ParameterList;
+import org.openid4java.message.ax.FetchRequest;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+ at DialogueScoped
+public class OpenIdProviderRequest implements Serializable
+{
+ private static final long serialVersionUID = -6701058408595984106L;
+
+ private ParameterList parameterList;
+
+ private String claimedIdentifier;
+
+ private List<OpenIdRequestedAttribute> requestedAttributes;
+
+ private FetchRequest fetchRequest;
+
+ private String userName;
+
+ public ParameterList getParameterList()
+ {
+ return parameterList;
+ }
+
+ public void setParameterList(ParameterList parameterList)
+ {
+ this.parameterList = parameterList;
+ }
+
+ public String getClaimedIdentifier()
+ {
+ return claimedIdentifier;
+ }
+
+ public void setClaimedIdentifier(String claimedIdentifier)
+ {
+ this.claimedIdentifier = claimedIdentifier;
+ }
+
+ public List<OpenIdRequestedAttribute> getRequestedAttributes()
+ {
+ return requestedAttributes;
+ }
+
+ public void setRequestedAttributes(List<OpenIdRequestedAttribute> requestedAttributes)
+ {
+ this.requestedAttributes = requestedAttributes;
+ }
+
+ public FetchRequest getFetchRequest()
+ {
+ return fetchRequest;
+ }
+
+ public void setFetchRequest(FetchRequest fetchRequest)
+ {
+ this.fetchRequest = fetchRequest;
+ }
+
+ public String getUserName()
+ {
+ return userName;
+ }
+
+ public void setUserName(String userName)
+ {
+ this.userName = userName;
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdProviderRequest.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Copied: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java (from rev 13692, modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdSingleLoginService.java)
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpAuthenticationService.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,182 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import java.net.URL;
+import java.util.List;
+import java.util.Map;
+
+import javax.enterprise.inject.Instance;
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.InvalidRequestException;
+import org.jboss.seam.security.external.ResponseHandler;
+import org.jboss.seam.security.external.api.OpenIdPrincipal;
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
+import org.openid4java.OpenIDException;
+import org.openid4java.consumer.ConsumerManager;
+import org.openid4java.consumer.VerificationResult;
+import org.openid4java.discovery.DiscoveryInformation;
+import org.openid4java.discovery.Identifier;
+import org.openid4java.message.AuthRequest;
+import org.openid4java.message.AuthSuccess;
+import org.openid4java.message.ParameterList;
+import org.openid4java.message.ax.AxMessage;
+import org.openid4java.message.ax.FetchRequest;
+import org.openid4java.message.ax.FetchResponse;
+import org.slf4j.Logger;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class OpenIdRpAuthenticationService
+{
+ @Inject
+ private OpenIdRequest openIdRequest;
+
+ @Inject
+ private ConsumerManager openIdConsumerManager;
+
+ @Inject
+ private Instance<OpenIdRelyingPartySpi> openIdRelyingPartySpi;
+
+ @Inject
+ private OpenIdRpBean relyingPartyBean;
+
+ @Inject
+ private ResponseHandler responseHandler;
+
+ @Inject
+ private Logger log;
+
+ @Inject
+ private Instance<Dialogue> dialogue;
+
+ @Inject
+ private DialogueManager dialogueManager;
+
+ public void handleIncomingMessage(HttpServletRequest httpRequest) throws InvalidRequestException
+ {
+ try
+ {
+ // extract the parameters from the authentication response
+ // (which comes in as a HTTP request from the OpenID provider)
+ ParameterList response = new ParameterList(httpRequest.getParameterMap());
+
+ // retrieve the previously stored discovery information
+ DiscoveryInformation discovered = openIdRequest.getDiscoveryInformation();
+
+ // extract the receiving URL from the HTTP request
+ StringBuffer receivingURL = httpRequest.getRequestURL();
+ String queryString = httpRequest.getQueryString();
+ if (queryString != null && queryString.length() > 0)
+ receivingURL.append("?").append(httpRequest.getQueryString());
+
+ // verify the response; ConsumerManager needs to be the same
+ // (static) instance used to place the authentication request
+ VerificationResult verification = openIdConsumerManager.verify(receivingURL.toString(), response, discovered);
+
+ // examine the verification result and extract the verified identifier
+ Identifier identifier = verification.getVerifiedId();
+
+ if (identifier != null)
+ {
+ AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
+
+ Map<String, List<String>> attributeValues = null;
+ if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX))
+ {
+ FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);
+ @SuppressWarnings("unchecked")
+ Map<String, List<String>> attrValues = fetchResp.getAttributes();
+ attributeValues = attrValues;
+ }
+
+ OpenIdPrincipal principal = createPrincipal(identifier.getIdentifier(), discovered.getOPEndpoint(), attributeValues);
+
+ openIdRelyingPartySpi.get().loginSucceeded(principal);
+ }
+ else
+ {
+ openIdRelyingPartySpi.get().loginFailed(verification.getStatusMsg());
+ }
+ }
+ catch (OpenIDException e)
+ {
+ responseHandler.sendError(HttpServletResponse.SC_BAD_REQUEST, e.getMessage());
+ return;
+ }
+
+ dialogue.get().setFinished(true);
+ }
+
+ @Dialogued(join = true)
+ public void sendAuthRequest(String openId, List<OpenIdRequestedAttribute> attributes)
+ {
+ try
+ {
+ @SuppressWarnings("unchecked")
+ List<DiscoveryInformation> discoveries = openIdConsumerManager.discover(openId);
+
+ DiscoveryInformation discovered = openIdConsumerManager.associate(discoveries);
+
+ openIdRequest.setDiscoveryInformation(discovered);
+
+ String openIdServiceUrl = relyingPartyBean.getServiceURL(OpenIdService.OPEN_ID_SERVICE);
+ String realm = relyingPartyBean.getRealm();
+ String returnTo = openIdServiceUrl + "?dialogueId=" + dialogue.get().getDialogueId();
+ AuthRequest authReq = openIdConsumerManager.authenticate(discovered, returnTo, realm);
+
+ if (attributes != null && attributes.size() > 0)
+ {
+ FetchRequest fetch = FetchRequest.createFetchRequest();
+ for (OpenIdRequestedAttribute attribute : attributes)
+ {
+ fetch.addAttribute(attribute.getAlias(), attribute.getTypeUri(), attribute.isRequired());
+ }
+ // attach the extension to the authentication request
+ authReq.addExtension(fetch);
+ }
+
+ String url = authReq.getDestinationUrl(true);
+
+ responseHandler.sendHttpRedirectToUserAgent(url);
+ }
+ catch (OpenIDException e)
+ {
+ log.warn("Authentication failed", e);
+ openIdRelyingPartySpi.get().loginFailed(e.getMessage());
+ }
+ }
+
+ private OpenIdPrincipal createPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributeValues)
+ {
+ return new OpenIdPrincipal(identifier, openIdProvider, attributeValues);
+ }
+}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdRpBean.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -21,18 +21,28 @@
*/
package org.jboss.seam.security.external.openid;
-import java.net.MalformedURLException;
-import java.net.URL;
+import java.io.Writer;
import java.util.List;
import javax.inject.Inject;
import javax.servlet.ServletContext;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
import org.jboss.seam.security.external.EntityBean;
-import org.jboss.seam.security.external.api.OpenIdAttribute;
+import org.jboss.seam.security.external.JaxbContext;
import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi;
import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory;
+import org.jboss.seam.security.external.jaxb.xrds.Service;
+import org.jboss.seam.security.external.jaxb.xrds.Type;
+import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern;
+import org.jboss.seam.security.external.jaxb.xrds.XRD;
+import org.jboss.seam.security.external.jaxb.xrds.XRDS;
+import org.openid4java.discovery.DiscoveryInformation;
/**
* @author Marcel Kolsteren
@@ -41,20 +51,24 @@
public class OpenIdRpBean extends EntityBean implements OpenIdRelyingPartyApi, OpenIdRelyingPartyConfigurationApi
{
@Inject
- private OpenIdSingleLoginService openIdSingleLoginSender;
+ private OpenIdRpAuthenticationService openIdSingleLoginSender;
@Inject
private ServletContext servletContext;
- @Dialogued
- public void login(String openId, List<OpenIdAttribute> attributes)
+ @Inject
+ @JaxbContext(ObjectFactory.class)
+ private JAXBContext jaxbContext;
+
+ @Dialogued(join = true)
+ public void login(String identifier, List<OpenIdRequestedAttribute> attributes)
{
- openIdSingleLoginSender.sendAuthRequest(openId, attributes);
+ openIdSingleLoginSender.sendAuthRequest(identifier, attributes);
}
public String getServiceURL(OpenIdService service)
{
- String path = servletContext.getContextPath() + "/openid/" + service.getName();
+ String path = servletContext.getContextPath() + "/openid/RP/" + service.getName();
return createURL(path);
}
@@ -63,20 +77,40 @@
return createURL("");
}
- private String createURL(String path)
+ public String getXrdsURL()
{
+ return getServiceURL(OpenIdService.XRDS_SERVICE);
+ }
+
+ public void writeRpXrds(Writer writer)
+ {
try
{
- if (protocol.equals("http") && port == 80 || protocol.equals("https") && port == 443)
- {
- return new URL(protocol, hostName, path).toExternalForm();
- }
- else
- {
- return new URL(protocol, hostName, port, path).toExternalForm();
- }
+ ObjectFactory objectFactory = new ObjectFactory();
+
+ XRDS xrds = objectFactory.createXRDS();
+
+ XRD xrd = objectFactory.createXRD();
+
+ Type type = objectFactory.createType();
+ type.setValue(DiscoveryInformation.OPENID2_RP);
+ URIPriorityAppendPattern uri = objectFactory.createURIPriorityAppendPattern();
+ uri.setValue(getServiceURL(OpenIdService.OPEN_ID_SERVICE));
+
+ Service service = objectFactory.createService();
+ service.getType().add(type);
+ service.getURI().add(uri);
+
+ xrd.getService().add(service);
+
+ xrds.getOtherelement().add(xrd);
+
+ Marshaller marshaller = jaxbContext.createMarshaller();
+ marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
+ marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
+ marshaller.marshal(xrds, writer);
}
- catch (MalformedURLException e)
+ catch (JAXBException e)
{
throw new RuntimeException(e);
}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServerManagerFactory.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServerManagerFactory.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServerManagerFactory.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,54 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.enterprise.inject.Produces;
+import javax.inject.Inject;
+
+import org.openid4java.server.ServerManager;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+ at ApplicationScoped
+public class OpenIdServerManagerFactory
+{
+ private ServerManager serverManager;
+
+ @Inject
+ private OpenIdProviderBean providerBean;
+
+ @Produces
+ public ServerManager getServerManager()
+ {
+ return serverManager;
+ }
+
+ @Inject
+ public void startup() throws Exception
+ {
+ serverManager = new ServerManager();
+ serverManager.setOPEndpointUrl(providerBean.getServiceURL(OpenIdService.OPEN_ID_SERVICE));
+ }
+}
\ No newline at end of file
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServerManagerFactory.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdService.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdService.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -21,7 +21,6 @@
*/
package org.jboss.seam.security.external.openid;
-
/**
* @author Marcel Kolsteren
*
@@ -30,7 +29,7 @@
{
OPEN_ID_SERVICE("OpenIdService"),
- OPEN_ID_XRDS_SERVICE("OpenIdXrdsService");
+ XRDS_SERVICE("XrdsService");
private String name;
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdServlet.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -25,6 +25,7 @@
import java.util.regex.Matcher;
import java.util.regex.Pattern;
+import javax.enterprise.inject.Instance;
import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
@@ -54,11 +55,17 @@
private ResponseHandler responseHandler;
@Inject
- private OpenIdSingleLoginService openIdSingleLoginService;
+ private OpenIdProviderAuthenticationService openIdProviderAuthenticationService;
@Inject
- private OpenIdXrdsProvider openIdXrdsProvider;
+ private OpenIdRpAuthenticationService openIdRpAuthenticationService;
+ @Inject
+ private Instance<OpenIdRpBean> rpBean;
+
+ @Inject
+ private Instance<OpenIdProviderBean> opBean;
+
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
{
@@ -90,14 +97,15 @@
private void handleMessage(HttpServletRequest httpRequest) throws InvalidRequestException
{
- Matcher matcher = Pattern.compile("/([^/]*?)$").matcher(httpRequest.getRequestURI());
+ Matcher matcher = Pattern.compile("/(OP|RP)/([^/]*?)$").matcher(httpRequest.getRequestURI());
boolean found = matcher.find();
if (!found)
{
responseHandler.sendError(HttpServletResponse.SC_NOT_FOUND, "No service endpoint exists for this URL.");
return;
}
- OpenIdService service = OpenIdService.getByName(matcher.group(1));
+ OpenIdProviderOrRelyingParty opOrRp = OpenIdProviderOrRelyingParty.valueOf(matcher.group(1));
+ OpenIdService service = OpenIdService.getByName(matcher.group(2));
if (service == null)
{
@@ -108,10 +116,24 @@
switch (service)
{
case OPEN_ID_SERVICE:
- openIdSingleLoginService.handleIncomingMessage(httpRequest);
+ if (opOrRp == OpenIdProviderOrRelyingParty.OP)
+ {
+ openIdProviderAuthenticationService.handleIncomingMessage(httpRequest);
+ }
+ else
+ {
+ openIdRpAuthenticationService.handleIncomingMessage(httpRequest);
+ }
break;
- case OPEN_ID_XRDS_SERVICE:
- openIdXrdsProvider.writeMetaData(responseHandler.getWriter("application/xrds+xml"));
+ case XRDS_SERVICE:
+ if (opOrRp == OpenIdProviderOrRelyingParty.OP)
+ {
+ opBean.get().writeOpIdentifierXrds(responseHandler.getWriter("application/xrds+xml"));
+ }
+ else
+ {
+ rpBean.get().writeRpXrds(responseHandler.getWriter("application/xrds+xml"));
+ }
break;
default:
throw new RuntimeException("Unsupported service " + service);
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdSingleLoginService.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdSingleLoginService.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdSingleLoginService.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -1,162 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.openid;
-
-import java.net.URL;
-import java.util.List;
-import java.util.Map;
-
-import javax.enterprise.inject.Instance;
-import javax.inject.Inject;
-import javax.servlet.http.HttpServletRequest;
-
-import org.jboss.seam.security.external.InvalidRequestException;
-import org.jboss.seam.security.external.ResponseHandler;
-import org.jboss.seam.security.external.api.OpenIdAttribute;
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
-import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
-import org.openid4java.OpenIDException;
-import org.openid4java.consumer.ConsumerManager;
-import org.openid4java.consumer.VerificationResult;
-import org.openid4java.discovery.DiscoveryInformation;
-import org.openid4java.discovery.Identifier;
-import org.openid4java.message.AuthRequest;
-import org.openid4java.message.AuthSuccess;
-import org.openid4java.message.ParameterList;
-import org.openid4java.message.ax.AxMessage;
-import org.openid4java.message.ax.FetchRequest;
-import org.openid4java.message.ax.FetchResponse;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class OpenIdSingleLoginService
-{
- @Inject
- private OpenIdRequest openIdRequest;
-
- @Inject
- private ConsumerManager openIdConsumerManager;
-
- @Inject
- private Instance<OpenIdRelyingPartySpi> openIdRelyingPartySpi;
-
- @Inject
- private OpenIdRpBean relyingPartyBean;
-
- @Inject
- private ResponseHandler responseHandler;
-
- @SuppressWarnings("unchecked")
- public void handleIncomingMessage(HttpServletRequest httpRequest) throws InvalidRequestException
- {
- try
- {
- // extract the parameters from the authentication response
- // (which comes in as a HTTP request from the OpenID provider)
- ParameterList response = new ParameterList(httpRequest.getParameterMap());
-
- // retrieve the previously stored discovery information
- DiscoveryInformation discovered = openIdRequest.getDiscoveryInformation();
-
- // extract the receiving URL from the HTTP request
- StringBuffer receivingURL = httpRequest.getRequestURL();
- String queryString = httpRequest.getQueryString();
- if (queryString != null && queryString.length() > 0)
- receivingURL.append("?").append(httpRequest.getQueryString());
-
- // verify the response; ConsumerManager needs to be the same
- // (static) instance used to place the authentication request
- VerificationResult verification = openIdConsumerManager.verify(receivingURL.toString(), response, discovered);
-
- // examine the verification result and extract the verified identifier
- Identifier identifier = verification.getVerifiedId();
-
- if (identifier != null)
- {
- AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
-
- Map<String, List<String>> attributes = null;
- if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX))
- {
- FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);
-
- attributes = fetchResp.getAttributes();
- }
-
- OpenIdPrincipal principal = createPrincipal(identifier.getIdentifier(), discovered.getOPEndpoint(), attributes);
-
- openIdRelyingPartySpi.get().loginSucceeded(principal);
- }
- else
- {
- openIdRelyingPartySpi.get().loginFailed();
- }
- }
- catch (OpenIDException e)
- {
- throw new RuntimeException(e);
- }
- }
-
- private OpenIdPrincipal createPrincipal(String identifier, URL openIdProvider, Map<String, List<String>> attributes)
- {
- return new OpenIdPrincipal(identifier, openIdProvider, attributes);
- }
-
- public void sendAuthRequest(String openId, List<OpenIdAttribute> attributes)
- {
- try
- {
- @SuppressWarnings("unchecked")
- List<DiscoveryInformation> discoveries = openIdConsumerManager.discover(openId);
-
- DiscoveryInformation discovered = openIdConsumerManager.associate(discoveries);
-
- openIdRequest.setDiscoveryInformation(discovered);
-
- String openIdServiceUrl = relyingPartyBean.getServiceURL(OpenIdService.OPEN_ID_SERVICE);
- String realm = relyingPartyBean.getRealm();
- AuthRequest authReq = openIdConsumerManager.authenticate(discovered, openIdServiceUrl, realm);
-
- if (attributes != null && attributes.size() > 0)
- {
- FetchRequest fetch = FetchRequest.createFetchRequest();
- for (OpenIdAttribute attribute : attributes)
- {
- fetch.addAttribute(attribute.getAlias(), attribute.getTypeUri(), attribute.isRequired());
- }
- // attach the extension to the authentication request
- authReq.addExtension(fetch);
- }
-
- String url = authReq.getDestinationUrl(true);
-
- responseHandler.sendHttpRedirectToUserAgent(url);
- }
- catch (OpenIDException e)
- {
- openIdRelyingPartySpi.get().loginFailed();
- }
- }
-}
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdUsersServlet.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdUsersServlet.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdUsersServlet.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,73 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.openid;
+
+import java.io.IOException;
+import java.net.URLDecoder;
+
+import javax.enterprise.inject.Instance;
+import javax.inject.Inject;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public class OpenIdUsersServlet extends HttpServlet
+{
+ private static final long serialVersionUID = 1476698956314628568L;
+
+ @Inject
+ private Instance<OpenIdProviderBean> opBean;
+
+ @Inject
+ private Instance<OpenIdProviderSpi> providerSpi;
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
+ {
+ String prefix = opBean.get().getUsersUrlPrefix();
+ if (!request.getRequestURL().toString().startsWith(prefix))
+ {
+ response.sendError(HttpServletResponse.SC_NOT_FOUND, "Only accepting requests for URLs starting with " + prefix);
+ return;
+ }
+
+ String userNamePart = request.getRequestURL().substring(prefix.length());
+ String userName = URLDecoder.decode(userNamePart, "UTF-8");
+
+ if (providerSpi.get().userExists(userName))
+ {
+ response.setContentType("application/xrds+xml");
+ opBean.get().writeClaimedIdentifierXrds(response.getWriter(), opBean.get().getOpLocalIdentifierForUserName(userName));
+ }
+ else
+ {
+ response.sendError(HttpServletResponse.SC_NOT_FOUND, "User " + userName + " does not exist.");
+ }
+ }
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdUsersServlet.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Deleted: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdXrdsProvider.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdXrdsProvider.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/openid/OpenIdXrdsProvider.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -1,86 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.external.openid;
-
-import java.io.Writer;
-
-import javax.inject.Inject;
-import javax.xml.bind.JAXBContext;
-import javax.xml.bind.JAXBException;
-import javax.xml.bind.Marshaller;
-
-import org.jboss.seam.security.external.JaxbContext;
-import org.jboss.seam.security.external.jaxb.xrds.ObjectFactory;
-import org.jboss.seam.security.external.jaxb.xrds.Service;
-import org.jboss.seam.security.external.jaxb.xrds.Type;
-import org.jboss.seam.security.external.jaxb.xrds.URIPriorityAppendPattern;
-import org.jboss.seam.security.external.jaxb.xrds.XRD;
-import org.jboss.seam.security.external.jaxb.xrds.XRDS;
-import org.openid4java.discovery.DiscoveryInformation;
-
-/**
- * @author Marcel Kolsteren
- *
- */
-public class OpenIdXrdsProvider
-{
- @Inject
- private OpenIdRpBean serviceProvider;
-
- @Inject
- @JaxbContext(ObjectFactory.class)
- private JAXBContext jaxbContext;
-
- public void writeMetaData(Writer writer)
- {
- try
- {
- ObjectFactory objectFactory = new ObjectFactory();
-
- XRDS xrds = objectFactory.createXRDS();
-
- XRD xrd = objectFactory.createXRD();
-
- Type type = objectFactory.createType();
- type.setValue(DiscoveryInformation.OPENID2_RP);
- URIPriorityAppendPattern uri = objectFactory.createURIPriorityAppendPattern();
- uri.setValue(serviceProvider.getServiceURL(OpenIdService.OPEN_ID_SERVICE));
-
- Service service = objectFactory.createService();
- service.getType().add(type);
- service.getURI().add(uri);
-
- xrd.getService().add(service);
-
- xrds.getOtherelement().add(xrd);
-
- Marshaller marshaller = jaxbContext.createMarshaller();
- marshaller.setProperty(Marshaller.JAXB_ENCODING, "UTF-8");
- marshaller.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, Boolean.TRUE);
- marshaller.marshal(xrds, writer);
- }
- catch (JAXBException e)
- {
- throw new RuntimeException(e);
- }
- }
-}
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlEntityBean.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -78,16 +78,7 @@
public String getServiceURL(SamlServiceType service)
{
- String portString;
- if (protocol.equals("http") && port != 80 || protocol.equals("https") && port != 443)
- {
- portString = ":" + port;
- }
- else
- {
- portString = "";
- }
- return protocol + "://" + hostName + portString + servletContext.getContextPath() + "/saml/" + getIdpOrSp() + "/" + service.getName();
+ return createURL(servletContext.getContextPath() + "/saml/" + getIdpOrSp() + "/" + service.getName());
}
public String getMetaDataURL()
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/SamlMessageReceiver.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -43,7 +43,6 @@
import org.jboss.seam.security.external.InvalidRequestException;
import org.jboss.seam.security.external.JaxbContext;
import org.jboss.seam.security.external.dialogues.DialogueManager;
-import org.jboss.seam.security.external.dialogues.api.Dialogue;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.RequestAbstractType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.ResponseType;
import org.jboss.seam.security.external.jaxb.samlv2.protocol.StatusResponseType;
@@ -71,9 +70,6 @@
private DialogueManager dialogueManager;
@Inject
- private Instance<Dialogue> dialogue;
-
- @Inject
private Instance<SamlDialogue> samlDialogue;
@Inject
@@ -294,14 +290,7 @@
throw new RuntimeException(e);
}
- if (dialogue.get().isFinished())
- {
- dialogueManager.endDialogue();
- }
- else
- {
- dialogueManager.detachDialogue();
- }
+ dialogueManager.detachDialogue();
}
private RequestAbstractType getSamlRequest(Document document) throws InvalidRequestException
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/idp/SamlIdpBean.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -28,7 +28,6 @@
import java.util.Set;
import javax.enterprise.inject.Instance;
-import javax.enterprise.inject.Typed;
import javax.inject.Inject;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Marshaller;
@@ -57,7 +56,6 @@
* @author Marcel Kolsteren
*
*/
- at Typed(SamlIdpBean.class)
public class SamlIdpBean extends SamlEntityBean implements SamlMultiUserIdentityProviderApi, SamlIdentityProviderConfigurationApi
{
@Inject
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/saml/sp/SamlSpBean.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -50,7 +50,6 @@
* @author Marcel Kolsteren
*
*/
- at Typed(SamlSpBean.class)
public class SamlSpBean extends SamlEntityBean implements SamlMultiUserServiceProviderApi, SamlServiceProviderConfigurationApi
{
private List<SamlExternalIdentityProvider> identityProviders = new LinkedList<SamlExternalIdentityProvider>();
Added: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java (rev 0)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,65 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.external.spi;
+
+import java.util.List;
+
+import org.jboss.seam.security.external.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+
+/**
+ * @author Marcel Kolsteren
+ *
+ */
+public interface OpenIdProviderSpi
+{
+ /**
+ * This method is called after receipt of an authentication request from a
+ * relying party. Upon receipt of this call, the application should try to
+ * authenticate the user (either silently or interacting with the user). The
+ * result of the authentication needs to be reported back using the API calls
+ * {@link OpenIdProviderApi#authenticationSucceeded} or
+ * {@link OpenIdProviderApi#authenticationFailed}.
+ *
+ * @param realm represents the part of URL-space for which the authentication
+ * is valid; realms are designed to give the end user an indication
+ * of the scope of the authentication request; the application
+ * should present the realm when requesting the end user's approval
+ * for the authentication request
+ * @param userName this optional attribute indicates the end user that needs
+ * to be authenticated; if this parameter is null, the application
+ * needs to ask the use for her username
+ * @param immediate if this is true, there must be no interaction with the
+ * user (silent authentication)
+ */
+ void authenticate(String realm, String userName, boolean immediate);
+
+ /**
+ * This method is called to check whether a username exists.
+ *
+ * @param userName the username
+ * @return true if a user with that username exists, false otherwise
+ */
+ boolean userExists(String userName);
+
+ void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes);
+}
Property changes on: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdProviderSpi.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Modified: modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java
===================================================================
--- modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/java/org/jboss/seam/security/external/spi/OpenIdRelyingPartySpi.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -31,5 +31,5 @@
{
public void loginSucceeded(OpenIdPrincipal principal);
- public void loginFailed();
+ public void loginFailed(String message);
}
Modified: modules/security/trunk/external/src/main/resources/META-INF/web-fragment.xml
===================================================================
--- modules/security/trunk/external/src/main/resources/META-INF/web-fragment.xml 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/main/resources/META-INF/web-fragment.xml 2010-09-18 11:03:55 UTC (rev 13765)
@@ -13,6 +13,11 @@
<servlet-class>org.jboss.seam.security.external.openid.OpenIdServlet</servlet-class>
</servlet>
+ <servlet>
+ <servlet-name>OpenIdUsersServlet</servlet-name>
+ <servlet-class>org.jboss.seam.security.external.openid.OpenIdUsersServlet</servlet-class>
+ </servlet>
+
<servlet-mapping>
<servlet-name>SamlServlet</servlet-name>
<url-pattern>/saml/*</url-pattern>
@@ -23,4 +28,9 @@
<url-pattern>/openid/*</url-pattern>
</servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>OpenIdUsersServlet</servlet-name>
+ <url-pattern>/users/*</url-pattern>
+ </servlet-mapping>
+
</web-fragment>
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/MetaDataLoader.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/MetaDataLoader.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/MetaDataLoader.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -31,13 +31,13 @@
import javax.enterprise.inject.Instance;
import javax.inject.Inject;
-import org.jboss.seam.security.external.api.SamlEntityConfigurationApi;
+import org.jboss.seam.security.external.saml.SamlEntityBean;
@ApplicationScoped
public class MetaDataLoader
{
@Inject
- private Instance<SamlEntityConfigurationApi> samlEntityBean;
+ private Instance<SamlEntityBean> samlEntityBean;
public void loadMetaDataOfOtherSamlEntity(String hostName, String idpOrSp)
{
Deleted: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/OpenIdSpiMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/OpenIdSpiMock.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/OpenIdSpiMock.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -1,54 +0,0 @@
-/*
- * JBoss, Home of Professional Open Source
- * Copyright 2010, Red Hat, Inc., and individual contributors
- * by the @authors tag. See the copyright.txt in the distribution for a
- * full listing of individual contributors.
- *
- * This is free software; you can redistribute it and/or modify it
- * under the terms of the GNU Lesser General Public License as
- * published by the Free Software Foundation; either version 2.1 of
- * the License, or (at your option) any later version.
- *
- * This software is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this software; if not, write to the Free
- * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
- * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
- */
-package org.jboss.seam.security.externaltest.integration;
-
-import org.jboss.seam.security.external.api.OpenIdPrincipal;
-import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
-
-public class OpenIdSpiMock implements OpenIdRelyingPartySpi
-{
-
- public void loginFailed()
- {
- // TODO Auto-generated method stub
-
- }
-
- public void loginSucceeded(OpenIdPrincipal principal)
- {
- // TODO Auto-generated method stub
-
- }
-
- public void logoutFailed(OpenIdPrincipal principal, String statusCode)
- {
- // TODO Auto-generated method stub
-
- }
-
- public void logoutSucceeded(OpenIdPrincipal principal)
- {
- // TODO Auto-generated method stub
-
- }
-
-}
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/AfterDeployEventHandler.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/AfterDeployEventHandler.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/AfterDeployEventHandler.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -31,7 +31,9 @@
public void callback(Context context, AfterDeploy event) throws Exception
{
DeployableContainer container = context.get(DeployableContainer.class);
- container.deploy(context, ArchiveBuilder.createTestArchive("idp"));
+ container.deploy(context, ArchiveBuilder.getArchive("idp"));
+ container.deploy(context, ArchiveBuilder.getArchive("op"));
+ container.deploy(context, ArchiveBuilder.getArchive("rp"));
}
}
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/ArchiveBuilder.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/ArchiveBuilder.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/ArchiveBuilder.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -21,14 +21,19 @@
*/
package org.jboss.seam.security.externaltest.integration.client;
+import java.util.HashMap;
+import java.util.Map;
+
import javax.enterprise.inject.spi.Extension;
import org.jboss.seam.security.external.ResponseHandler;
import org.jboss.seam.security.external.dialogues.DialogueContextExtension;
import org.jboss.seam.security.external.virtualapplications.VirtualApplicationContextExtension;
import org.jboss.seam.security.externaltest.integration.MetaDataLoader;
-import org.jboss.seam.security.externaltest.integration.idp.IdpCustomizer;
-import org.jboss.seam.security.externaltest.integration.sp.SpCustomizer;
+import org.jboss.seam.security.externaltest.integration.openid.op.OpCustomizer;
+import org.jboss.seam.security.externaltest.integration.openid.rp.RpCustomizer;
+import org.jboss.seam.security.externaltest.integration.saml.idp.IdpCustomizer;
+import org.jboss.seam.security.externaltest.integration.saml.sp.SpCustomizer;
import org.jboss.seam.security.externaltest.util.MavenArtifactResolver;
import org.jboss.shrinkwrap.api.ShrinkWrap;
import org.jboss.shrinkwrap.api.spec.JavaArchive;
@@ -40,53 +45,55 @@
static WebArchive spArchive;
- static WebArchive getArchive(String idpOrSp)
+ static Map<String, WebArchive> webArchives = new HashMap<String, WebArchive>();
+
+ static WebArchive getArchive(String entity)
{
- if (idpOrSp.equals("sp"))
+ WebArchive webArchive = webArchives.get(entity);
+ if (webArchive == null)
{
- return spArchive;
+ webArchive = createTestArchive(entity);
+ webArchives.put(entity, webArchive);
}
- else
- {
- return idpArchive;
- }
+ return webArchive;
}
- static WebArchive createTestArchive(String idpOrSp)
+ static private WebArchive createTestArchive(String entity)
{
- WebArchive war = ShrinkWrap.create(WebArchive.class, idpOrSp + ".war");
+ WebArchive war = ShrinkWrap.create(WebArchive.class, entity + ".war");
war.addLibraries(MavenArtifactResolver.resolve("org.jboss.seam.servlet:seam-servlet"));
war.addLibraries(MavenArtifactResolver.resolve("org.jboss.seam.servlet:seam-servlet-api"));
war.addLibraries(MavenArtifactResolver.resolve("org.openid4java", "openid4java"));
+ war.addLibraries(MavenArtifactResolver.resolve("nekohtml", "nekohtml"));
war.addLibraries(MavenArtifactResolver.resolve("org.jboss.weld:weld-extensions"));
war.addLibraries(MavenArtifactResolver.resolve("commons-httpclient:commons-httpclient"));
- war.addWebResource("test_keystore.jks");
- war.addWebResource("WEB-INF/" + idpOrSp + "-beans.xml", "beans.xml");
+ war.addWebResource("WEB-INF/" + entity + "-beans.xml", "beans.xml");
war.addWebResource("WEB-INF/context.xml", "context.xml");
war.addPackage(MetaDataLoader.class.getPackage());
- if (idpOrSp.equals("sp"))
+ if (entity.equals("sp"))
{
war.addPackage(SpCustomizer.class.getPackage());
+ war.addWebResource("test_keystore.jks");
}
- else
+ else if (entity.equals("idp"))
{
war.addPackage(IdpCustomizer.class.getPackage());
+ war.addWebResource("test_keystore.jks");
}
-
- war.addLibrary(createJarModule());
-
- if (idpOrSp.equals("sp"))
+ else if (entity.equals("op"))
{
- spArchive = war;
+ war.addPackage(OpCustomizer.class.getPackage());
}
- else
+ else if (entity.equals("rp"))
{
- idpArchive = war;
+ war.addPackage(RpCustomizer.class.getPackage());
}
+ war.addLibrary(createJarModule());
+
return war;
}
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/BeforeUnDeployEventHandler.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/BeforeUnDeployEventHandler.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/BeforeUnDeployEventHandler.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -32,5 +32,7 @@
{
DeployableContainer container = context.get(DeployableContainer.class);
container.undeploy(context, ArchiveBuilder.getArchive("idp"));
+ container.undeploy(context, ArchiveBuilder.getArchive("op"));
+ container.undeploy(context, ArchiveBuilder.getArchive("rp"));
}
}
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java 2010-09-17 19:42:59 UTC (rev 13764)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/client/IntegrationTest.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -27,7 +27,6 @@
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
-import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.regex.Matcher;
@@ -61,6 +60,8 @@
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
+import com.google.common.collect.Maps;
+
@RunWith(Arquillian.class)
@Run(RunModeType.AS_CLIENT)
public class IntegrationTest
@@ -86,14 +87,13 @@
public static Archive<?> createTestArchive()
{
/*
- * We need to deploy two war files: one for the service provider and one
- * for the identity provider. Current version of Arquillian (1.0.0.Alpha3)
- * doesn't support multiple archives. See ARQ-67. For the time being, we
- * add the first war here, and we add the second war using a listener that
- * is registered by using the Arquillian SPI (see {@Link
- * AfterDeployEventHandler}).
+ * We need to deploy 4 war files. Current version of Arquillian
+ * (1.0.0.Alpha3) doesn't support multiple archives. See ARQ-67. For the
+ * time being, we add the first war here, and we add the other war files
+ * using a listener that is registered through the Arquillian SPI (see
+ * {@Link AfterDeployEventHandler}).
*/
- return ArchiveBuilder.createTestArchive("sp");
+ return ArchiveBuilder.getArchive("sp");
}
@Before
@@ -106,15 +106,15 @@
@Test
public void samlTest()
{
- Map<String, String> params = new HashMap<String, String>();
+ Map<String, String> params = Maps.newHashMap();
params.put("command", "loadMetaData");
sendMessageToApplication("www.sp1.com", "sp", params);
sendMessageToApplication("www.sp2.com", "sp", params);
sendMessageToApplication("www.idp.com", "idp", params);
// Login one user at each service provider application
- signOn("www.sp1.com", "https://www.idp.com", "John Doe");
- signOn("www.sp2.com", "https://www.idp.com", "Jane Doe");
+ samlSignOn("www.sp1.com", "https://www.idp.com", "John Doe");
+ samlSignOn("www.sp2.com", "https://www.idp.com", "Jane Doe");
// Check that the IDP has two sessions (one for each user) and that each
// SP has one
@@ -151,24 +151,84 @@
checkDialogueTermination("www.sp2.com", "sp");
}
+ @Test
+ public void openIdLoginWithOpIdentifierTest()
+ {
+ String opIdentifier = "http://localhost:8080/op/openid/OP/XrdsService";
+ String userName = "john_doe";
+
+ Map<String, String> params = Maps.newHashMap();
+ params.put("command", "login");
+ params.put("identifier", opIdentifier);
+ params.put("fetchEmail", "false");
+ sendMessageToApplication("localhost", "rp", params);
+
+ checkApplicationMessage("Please login.");
+
+ params = Maps.newHashMap();
+ params.put("command", "authenticate");
+ params.put("userName", userName);
+ sendMessageToApplication("localhost", "op", params);
+
+ checkApplicationMessage("Login succeeded (http://localhost:8080/op/users/" + userName + ")");
+
+ // All dialogues should be terminated by now.
+ checkDialogueTermination("www.op.com", "op");
+ checkDialogueTermination("www.rp.com", "rp");
+ }
+
+ @Test
+ public void openIdLoginWithClaimedIdentifierAndAttributeExchangeTest()
+ {
+ String userName = "jane_doe";
+ String claimedId = "http://localhost:8080/op/users/" + userName;
+
+ Map<String, String> params = Maps.newHashMap();
+ params.put("command", "login");
+ params.put("identifier", claimedId);
+ params.put("fetchEmail", "true");
+ sendMessageToApplication("localhost", "rp", params);
+
+ checkApplicationMessage("Please provide the password for " + userName + ".");
+
+ params = Maps.newHashMap();
+ params.put("command", "authenticate");
+ params.put("userName", userName);
+ sendMessageToApplication("localhost", "op", params);
+
+ checkApplicationMessage("Please provide your email.");
+
+ params = Maps.newHashMap();
+ params.put("command", "setAttribute");
+ String email = "jane_doe at op.com";
+ params.put("email", email);
+ sendMessageToApplication("localhost", "op", params);
+
+ checkApplicationMessage("Login succeeded (" + claimedId + ", email " + email + ")");
+
+ // All dialogues should be terminated by now.
+ checkDialogueTermination("www.op.com", "op");
+ checkDialogueTermination("www.rp.com", "rp");
+ }
+
private void checkNrOfSessions(String serverName, String spOrIdp, int expectedNumber)
{
- Map<String, String> params = new HashMap<String, String>();
+ Map<String, String> params = Maps.newHashMap();
params.put("command", "getNrOfSessions");
sendMessageToApplication(serverName, spOrIdp, params);
checkApplicationMessage(Integer.toString(expectedNumber));
}
- private void signOn(String spHostName, String idpEntityId, String userName)
+ private void samlSignOn(String spHostName, String idpEntityId, String userName)
{
- Map<String, String> params = new HashMap<String, String>();
+ Map<String, String> params = Maps.newHashMap();
params.put("command", "login");
params.put("idpEntityId", idpEntityId);
sendMessageToApplication(spHostName, "sp", params);
checkApplicationMessage("Please login");
- params = new HashMap<String, String>();
+ params = Maps.newHashMap();
params.put("command", "authenticate");
params.put("userName", userName);
sendMessageToApplication("www.idp.com", "idp", params);
@@ -176,7 +236,7 @@
checkApplicationMessage("Login succeeded (" + userName + ")");
}
- private void sendMessageToApplication(String hostName, String spOrIdp, Map<String, String> params)
+ private void sendMessageToApplication(String hostName, String contextRoot, Map<String, String> params)
{
List<NameValuePair> qParams = new ArrayList<NameValuePair>();
for (Map.Entry<String, String> mapEntry : params.entrySet())
@@ -186,21 +246,24 @@
URI uri;
try
{
- uri = URIUtils.createURI("http", "localhost", 8080, "/" + spOrIdp + "/testservlet", URLEncodedUtils.format(qParams, "UTF-8"), null);
+ uri = URIUtils.createURI("http", "localhost", 8080, "/" + contextRoot + "/testservlet", URLEncodedUtils.format(qParams, "UTF-8"), null);
}
catch (URISyntaxException e)
{
throw new RuntimeException(e);
}
request = new HttpGet(uri);
- request.getParams().setParameter(ClientPNames.VIRTUAL_HOST, new HttpHost(hostName));
+ if (!hostName.equals("localhost"))
+ {
+ request.getParams().setParameter(ClientPNames.VIRTUAL_HOST, new HttpHost(hostName, 8080));
+ }
executeHttpRequestAndRelay();
}
private void checkDialogueTermination(String serverName, String spOrIdp)
{
- Map<String, String> params = new HashMap<String, String>();
+ Map<String, String> params = Maps.newHashMap();
params.put("command", "getNrOfDialogues");
sendMessageToApplication(serverName, spOrIdp, params);
checkApplicationMessage("0");
@@ -229,7 +292,10 @@
String serverName = extractServerNameFromUri(uri);
uri = uri.replace(serverName, "localhost");
HttpPost httpPost = new HttpPost(uri);
- httpPost.getParams().setParameter(ClientPNames.VIRTUAL_HOST, new HttpHost(serverName));
+ if (!serverName.equals("localhost"))
+ {
+ httpPost.getParams().setParameter(ClientPNames.VIRTUAL_HOST, new HttpHost(serverName, 8080));
+ }
List<NameValuePair> formparams = new ArrayList<NameValuePair>();
formparams.add(new BasicNameValuePair(name, value));
UrlEncodedFormEntity entity;
@@ -250,7 +316,7 @@
log.info("Received redirect to " + location);
String serverName = extractServerNameFromUri(location);
HttpGet httpGet = new HttpGet(location.replace(serverName, "localhost"));
- httpGet.getParams().setParameter(ClientPNames.VIRTUAL_HOST, new HttpHost(serverName));
+ httpGet.getParams().setParameter(ClientPNames.VIRTUAL_HOST, new HttpHost(serverName, 8080));
request = httpGet;
}
else if (responseType == ResponseType.ERROR)
Added: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java (rev 0)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.externaltest.integration.openid.op;
+
+import javax.enterprise.event.Observes;
+import javax.servlet.ServletContextEvent;
+
+import org.jboss.seam.security.external.api.OpenIdProviderConfigurationApi;
+import org.jboss.seam.servlet.event.qualifier.Initialized;
+
+public class OpCustomizer
+{
+ public void servletInitialized(@Observes @Initialized final ServletContextEvent e, OpenIdProviderConfigurationApi op)
+ {
+ op.setHostName("localhost");
+ op.setProtocol("http");
+ op.setPort(8080);
+ }
+}
Property changes on: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpCustomizer.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java (rev 0)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,60 @@
+package org.jboss.seam.security.externaltest.integration.openid.op;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+import javax.inject.Inject;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.api.ResponseHolder;
+
+ at WebServlet(name = "OpTestServlet", urlPatterns = { "/testservlet" })
+public class OpTestServlet extends HttpServlet
+{
+ private static final long serialVersionUID = -4551548646707243449L;
+
+ @Inject
+ private OpenIdProviderApplicationMock openIdProviderApplicationMock;
+
+ @Inject
+ private ResponseHolder responseHolder;
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
+ {
+ responseHolder.setResponse(response);
+ String command = request.getParameter("command");
+ if (command.equals("authenticate"))
+ {
+ String userName = request.getParameter("userName");
+ openIdProviderApplicationMock.handleLogin(userName);
+ }
+ else if (command.equals("setAttribute"))
+ {
+ String email = request.getParameter("email");
+ openIdProviderApplicationMock.setAttribute("email", email);
+ }
+ else if (command.equals("getNrOfDialogues"))
+ {
+ int count = 0;
+ Enumeration<String> attributeNames = request.getServletContext().getAttributeNames();
+ while (attributeNames.hasMoreElements())
+ {
+ String attributeName = attributeNames.nextElement();
+ if (attributeName.startsWith("DialogueContextBeanStore"))
+ {
+ count++;
+ }
+ }
+ response.getWriter().print(count);
+ }
+ else
+ {
+ throw new RuntimeException("Invalid command: " + command);
+ }
+ }
+}
Property changes on: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpTestServlet.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java (rev 0)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,109 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.externaltest.integration.openid.op;
+
+import java.io.IOException;
+import java.util.List;
+import java.util.Map;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.inject.Inject;
+
+import org.jboss.seam.security.external.api.OpenIdProviderApi;
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.dialogues.DialogueManager;
+import org.jboss.seam.security.external.dialogues.api.Dialogue;
+import org.jboss.seam.security.external.spi.OpenIdProviderSpi;
+
+import com.google.common.collect.Lists;
+import com.google.common.collect.Maps;
+
+ at ApplicationScoped
+public class OpenIdProviderApplicationMock implements OpenIdProviderSpi
+{
+ @Inject
+ private ResponseHolder responseHolder;
+
+ @Inject
+ private OpenIdProviderApi opApi;
+
+ private String dialogueId;
+
+ @Inject
+ private Dialogue dialogue;
+
+ @Inject
+ private DialogueManager dialogueManager;
+
+ public void handleLogin(String userName)
+ {
+ dialogueManager.attachDialogue(dialogueId);
+ opApi.authenticationSucceeded(userName);
+ dialogueManager.detachDialogue();
+ }
+
+ public void setAttribute(String alias, String value)
+ {
+ dialogueManager.attachDialogue(dialogueId);
+ Map<String, List<String>> attributes = Maps.newHashMap();
+ attributes.put(alias, Lists.newArrayList(value));
+ opApi.setAttributes(attributes);
+ dialogueManager.detachDialogue();
+ }
+
+ public void authenticate(String realm, String userName, boolean immediate)
+ {
+ if (userName == null)
+ {
+ writeMessageToResponse("Please login.");
+ }
+ else
+ {
+ writeMessageToResponse("Please provide the password for " + userName + ".");
+ }
+ dialogueId = dialogue.getDialogueId();
+ }
+
+ private void writeMessageToResponse(String message)
+ {
+ try
+ {
+ responseHolder.getResponse().getWriter().print(message);
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+
+ public boolean userExists(String userName)
+ {
+ return true;
+ }
+
+ public void fetchParameters(List<OpenIdRequestedAttribute> requestedAttributes)
+ {
+ writeMessageToResponse("Please provide your " + requestedAttributes.get(0).getAlias() + ".");
+ dialogueId = dialogue.getDialogueId();
+ }
+}
Property changes on: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/op/OpenIdProviderApplicationMock.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java (rev 0)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,88 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.externaltest.integration.openid.rp;
+
+import java.io.IOException;
+
+import javax.inject.Inject;
+
+import org.jboss.seam.security.external.api.OpenIdPrincipal;
+import org.jboss.seam.security.external.api.OpenIdRelyingPartyApi;
+import org.jboss.seam.security.external.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.api.ResponseHolder;
+import org.jboss.seam.security.external.dialogues.api.Dialogued;
+import org.jboss.seam.security.external.spi.OpenIdRelyingPartySpi;
+
+import com.google.common.collect.Lists;
+
+public class OpenIdRpApplicationMock implements OpenIdRelyingPartySpi
+{
+ @Inject
+ private ResponseHolder responseHolder;
+
+ @Inject
+ private OpenIdRelyingPartyApi rpApi;
+
+ @Dialogued
+ public void login(String identifier, boolean fetchEmail)
+ {
+ if (fetchEmail)
+ {
+ OpenIdRequestedAttribute requestedAttribute = new OpenIdRequestedAttribute("email", "http://axschema.org/contact/email", true, 1);
+ rpApi.login(identifier, Lists.newArrayList(requestedAttribute));
+ }
+ else
+ {
+ rpApi.login(identifier, null);
+ }
+ }
+
+ public void loginFailed(String message)
+ {
+ writeMessageToResponse("Login failed: " + message);
+ }
+
+ public void loginSucceeded(OpenIdPrincipal principal)
+ {
+ if (principal.getAttributeValues() != null)
+ {
+ String email = (String) principal.getAttribute("email");
+ writeMessageToResponse("Login succeeded (" + principal.getIdentifier() + ", email " + email + ")");
+ }
+ else
+ {
+ writeMessageToResponse("Login succeeded (" + principal.getIdentifier() + ")");
+ }
+ }
+
+ private void writeMessageToResponse(String message)
+ {
+ try
+ {
+ responseHolder.getResponse().getWriter().print(message);
+ }
+ catch (IOException e)
+ {
+ throw new RuntimeException(e);
+ }
+ }
+}
Property changes on: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/OpenIdRpApplicationMock.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java (rev 0)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,38 @@
+/*
+ * JBoss, Home of Professional Open Source
+ * Copyright 2010, Red Hat, Inc., and individual contributors
+ * by the @authors tag. See the copyright.txt in the distribution for a
+ * full listing of individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+package org.jboss.seam.security.externaltest.integration.openid.rp;
+
+import javax.enterprise.event.Observes;
+import javax.servlet.ServletContextEvent;
+
+import org.jboss.seam.security.external.api.OpenIdRelyingPartyConfigurationApi;
+import org.jboss.seam.servlet.event.qualifier.Initialized;
+
+public class RpCustomizer
+{
+ public void servletInitialized(@Observes @Initialized final ServletContextEvent e, OpenIdRelyingPartyConfigurationApi rp)
+ {
+ rp.setHostName("localhost");
+ rp.setProtocol("http");
+ rp.setPort(8080);
+ }
+}
Property changes on: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpCustomizer.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Added: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java (rev 0)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,56 @@
+package org.jboss.seam.security.externaltest.integration.openid.rp;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+import javax.inject.Inject;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.external.api.ResponseHolder;
+
+ at WebServlet(name = "RpTestServlet", urlPatterns = { "/testservlet" })
+public class RpTestServlet extends HttpServlet
+{
+ private static final long serialVersionUID = -4551548646707243449L;
+
+ @Inject
+ private OpenIdRpApplicationMock openIdRpApplicationMock;
+
+ @Inject
+ private ResponseHolder responseHolder;
+
+ @Override
+ protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
+ {
+ responseHolder.setResponse(response);
+ String command = request.getParameter("command");
+ if (command.equals("login"))
+ {
+ String identifier = request.getParameter("identifier");
+ boolean fetchEmail = Boolean.parseBoolean(request.getParameter("fetchEmail"));
+ openIdRpApplicationMock.login(identifier, fetchEmail);
+ }
+ else if (command.equals("getNrOfDialogues"))
+ {
+ int count = 0;
+ Enumeration<String> attributeNames = request.getServletContext().getAttributeNames();
+ while (attributeNames.hasMoreElements())
+ {
+ String attributeName = attributeNames.nextElement();
+ if (attributeName.startsWith("DialogueContextBeanStore"))
+ {
+ count++;
+ }
+ }
+ response.getWriter().print(count);
+ }
+ else
+ {
+ throw new RuntimeException("Invalid command: " + command);
+ }
+ }
+}
Property changes on: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/openid/rp/RpTestServlet.java
___________________________________________________________________
Name: svn
+ eol-style=native
Name: svn:keywords
+ Revision Author Date
Copied: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp (from rev 13738, modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/idp)
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/idp/IdpCustomizer.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpCustomizer.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -19,7 +19,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
-package org.jboss.seam.security.externaltest.integration.idp;
+package org.jboss.seam.security.externaltest.integration.saml.idp;
import javax.enterprise.event.Observes;
import javax.servlet.ServletContextEvent;
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/idp/IdpTestServlet.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/IdpTestServlet.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -1,4 +1,4 @@
-package org.jboss.seam.security.externaltest.integration.idp;
+package org.jboss.seam.security.externaltest.integration.saml.idp;
import java.io.IOException;
import java.util.Enumeration;
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/idp/SamlIdpApplicationMock.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/idp/SamlIdpApplicationMock.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -19,7 +19,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
-package org.jboss.seam.security.externaltest.integration.idp;
+package org.jboss.seam.security.externaltest.integration.saml.idp;
import java.io.IOException;
Copied: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp (from rev 13738, modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/sp)
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/sp/SamlSpApplicationMock.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SamlSpApplicationMock.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -19,7 +19,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
-package org.jboss.seam.security.externaltest.integration.sp;
+package org.jboss.seam.security.externaltest.integration.saml.sp;
import java.io.IOException;
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/sp/SpCustomizer.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpCustomizer.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -19,7 +19,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
-package org.jboss.seam.security.externaltest.integration.sp;
+package org.jboss.seam.security.externaltest.integration.saml.sp;
import javax.enterprise.event.Observes;
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/sp/SpTestServlet.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpTestServlet.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -1,4 +1,4 @@
-package org.jboss.seam.security.externaltest.integration.sp;
+package org.jboss.seam.security.externaltest.integration.saml.sp;
import java.io.IOException;
import java.util.Enumeration;
Modified: modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpVirtualApplicationCreator.java
===================================================================
--- modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/sp/SpVirtualApplicationCreator.java 2010-09-13 10:43:33 UTC (rev 13738)
+++ modules/security/trunk/external/src/test/java/org/jboss/seam/security/externaltest/integration/saml/sp/SpVirtualApplicationCreator.java 2010-09-18 11:03:55 UTC (rev 13765)
@@ -19,7 +19,7 @@
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
-package org.jboss.seam.security.externaltest.integration.sp;
+package org.jboss.seam.security.externaltest.integration.saml.sp;
import javax.enterprise.context.ApplicationScoped;
import javax.enterprise.event.Observes;
Added: modules/security/trunk/external/src/test/resources/WEB-INF/op-beans.xml
===================================================================
--- modules/security/trunk/external/src/test/resources/WEB-INF/op-beans.xml (rev 0)
+++ modules/security/trunk/external/src/test/resources/WEB-INF/op-beans.xml 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,6 @@
+<beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd">
+ <alternatives>
+ <classes>org.jboss.seam.security.external.openid.OpenIdProviderInApplicationScopeProducer</classes>
+ </alternatives>
+</beans>
Added: modules/security/trunk/external/src/test/resources/WEB-INF/rp-beans.xml
===================================================================
--- modules/security/trunk/external/src/test/resources/WEB-INF/rp-beans.xml (rev 0)
+++ modules/security/trunk/external/src/test/resources/WEB-INF/rp-beans.xml 2010-09-18 11:03:55 UTC (rev 13765)
@@ -0,0 +1,6 @@
+<beans xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd">
+ <alternatives>
+ <classes>org.jboss.seam.security.external.openid.OpenIdRpInApplicationScopeProducer</classes>
+ </alternatives>
+</beans>
More information about the seam-commits
mailing list