org.openid4java.message.ax.FetchRequest Java Examples

The following examples show how to use org.openid4java.message.ax.FetchRequest. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: ConsumerServlet.java    From openid4java with Apache License 2.0 6 votes vote down vote up 
/**
 * Attribute exchange example.
 * 
 * @param httpReq
 * @param authReq
 * @throws MessageException
 * @see <a href="http://code.google.com/p/openid4java/wiki/AttributeExchangeHowTo">Attribute Exchange HowTo</a>
 * @see <a href="http://openid.net/specs/openid-attribute-exchange-1_0.html">OpenID Attribute Exchange 1.0 - Final</a>
 */
private void addAttributeExchangeToAuthRequest(HttpServletRequest httpReq,
		AuthRequest authReq) throws MessageException {
	String[] aliases = httpReq.getParameterValues("alias");
	String[] typeUris = httpReq.getParameterValues("typeUri");
	String[] counts = httpReq.getParameterValues("count");
	FetchRequest fetch = FetchRequest.createFetchRequest();
	for (int i = 0, l = typeUris == null ? 0 : typeUris.length; i < l; i++) {
		String typeUri = typeUris[i];
		if (StringUtils.isNotBlank(typeUri)) {
			String alias = aliases[i];
			boolean required = httpReq.getParameter("required" + i) != null;
			int count = NumberUtils.toInt(counts[i], 1);
			fetch.addAttribute(alias, typeUri, required, count);
		}
	}
	authReq.addExtension(fetch);
}
Example #2
Source File: InfocardInvocation.java    From openid4java with Apache License 2.0 5 votes vote down vote up 
/**
 * Creates an InfocardInvocation object from an Attribute Exchange
 * Fetch Request.
 * <p>
 * Attriute type URIs are mapped to Infocard claim URIs.
 * Attribute value count and update_url features are cannot be
 * expressed in InfocardInvocation data structures.
 *
 * @param fetch     The Fetch Request.
 */
public InfocardInvocation(FetchRequest fetch)
{
    _requiredClaims.add(OpenIDTokenType.OPENID_CLAIM);
    _tokenType = OpenIDTokenType.OPENID20_TOKEN;
    
    _requiredClaims.addAll(fetch.getAttributes(true).values());
    _optionalClaims.addAll(fetch.getAttributes(false).values());

    if (DEBUG)
        _log.debug("Created " + _tokenType +
            " token type InfocardInvocation from a FetchRequest.");
}
Example #3
Source File: CustomOpenIdProcessor.java    From OpenID-Attacker with GNU General Public License v2.0 5 votes vote down vote up 
private Message processAxExtension(Message token, final AuthRequest authRequest) throws MessageException {
    if (authRequest.hasExtension(AxMessage.OPENID_NS_AX)) {
        MessageExtension extension = authRequest.getExtension(AxMessage.OPENID_NS_AX);
        if (extension instanceof FetchRequest) {
            final FetchRequest fetchRequest = (FetchRequest) extension;
            final Map userDataMap = getValidUser().getUserDataMap();
            final FetchResponse fetchResponse = FetchResponse.createFetchResponse(fetchRequest, userDataMap);
            token.addExtension(fetchResponse, "ax");
        } else {
            throw new UnsupportedOperationException("TODO: if (ext instanceof StoreRequest)");
        }
    }
    return token;
}
Example #4
Source File: SampleConsumer.java    From openid4java with Apache License 2.0 4 votes vote down vote up 
public String authRequest(String userSuppliedString,
                          HttpServletRequest httpReq,
                          HttpServletResponse httpResp)
        throws IOException
{
    try
    {

        // --- Forward proxy setup (only if needed) ---
        // ProxyProperties proxyProps = new ProxyProperties();
        // proxyProps.setProxyName("proxy.example.com");
        // proxyProps.setProxyPort(8080);
        // HttpClientFactory.setProxyProperties(proxyProps);

        // perform discovery on the user-supplied identifier
        List discoveries = manager.discover(userSuppliedString);

        // attempt to associate with the OpenID provider
        // and retrieve one service endpoint for authentication
        DiscoveryInformation discovered = manager.associate(discoveries);

        // store the discovery information in the user's session
        httpReq.getSession().setAttribute("openid-disc", discovered);

        // obtain a AuthRequest message to be sent to the OpenID provider
        AuthRequest authReq = manager.authenticate(discovered, returnToUrl);

        // Attribute Exchange example: fetching the 'email' attribute
        FetchRequest fetch = FetchRequest.createFetchRequest();
        fetch.addAttribute("email", // attribute alias
            "http://schema.openid.net/contact/email", // type URI
            true); // required
        // attach the extension to the authentication request
        authReq.addExtension(fetch);

        // example using Simple Registration to fetching the 'email' attribute
        SRegRequest sregReq = SRegRequest.createFetchRequest();
        sregReq.addAttribute("email", true);
        authReq.addExtension(sregReq);

        if (! discovered.isVersion2() )
        {
            // Option 1: GET HTTP-redirect to the OpenID Provider endpoint
            // The only method supported in OpenID 1.x
            // redirect-URL usually limited ~2048 bytes
            httpResp.sendRedirect(authReq.getDestinationUrl(true));
            return null;
        }
        else
        {
            // Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

            //RequestDispatcher dispatcher =
            //        getServletContext().getRequestDispatcher("formredirection.jsp");
            //httpReq.setAttribute("prameterMap", response.getParameterMap());
            //httpReq.setAttribute("destinationUrl", response.getDestinationUrl(false));
            //dispatcher.forward(request, response);
        }
    }
    catch (OpenIDException e)
    {
        // present error to the user
        throw new RuntimeException("wrap:" + e.getMessage(), e);
    }

    return null;
}
Example #5
Source File: IndexController.java    From openid4java with Apache License 2.0 4 votes vote down vote up 
private ModelAndView buildFetchReq(String identifier, HttpSession session, String return_to)
    throws OpenIDException
{
    _logger.info("Building auth + fetch request for: " + identifier);

    Map<String,Object> model = new HashMap<String,Object>();
    List discoveries;
    String errorMsg = "";

    try
    {
        discoveries = _consumerManager.discover(identifier);
    }
    catch (DiscoveryException e)
    {
        _logger.error("Error while performing HTML discovery on "
                      + identifier, e);
        discoveries = null;
        errorMsg = "<br /><br /><em>" + e.getMessage() + "</em>";
    }

    if (discoveries == null || discoveries.size() == 0)
    {
        _logger.error("Discovery failed on: " + identifier);
        
        model.put("message", "The " + identifier + " identifier could not be resolved." + errorMsg);

        return new ModelAndView(_loginView, model);
    }

    DiscoveryInformation discovered = _consumerManager.associate(discoveries);

    // store the discovery information in the session for later use
    session.setAttribute("discovered", discovered);

    FetchRequest fetch = FetchRequest.createFetchRequest();

    for (String typeUri : _attributes.keySet())
    {
        fetch.addAttribute(_attributes.get(typeUri), typeUri, false);
    }

    AuthRequest req = _consumerManager.authenticate(discovered, return_to);
    req.addExtension(fetch);

    model.put("message", req);

    _logger.info("Sending fetch request / auto-post view...");

    return new ModelAndView(_postView, model);
}
Example #6
Source File: OpenIdImpl.java    From socialauth with MIT License 4 votes vote down vote up 
private String authRequest(final String userSuppliedString,
		final String returnToUrl) throws IOException {
	try {
		// perform discovery on the user-supplied identifier
		List discoveries = manager.discover(userSuppliedString);

		// attempt to associate with the OpenID provider
		// and retrieve one service endpoint for authentication
		discovered = manager.associate(discoveries);

		// // store the discovery information in the user's session
		// httpReq.getSession().setAttribute("openid-disc", discovered);

		// obtain a AuthRequest message to be sent to the OpenID provider
		AuthRequest authReq = manager.authenticate(discovered, returnToUrl);

		// Attribute Exchange example: fetching the 'email' attribute
		FetchRequest fetch = FetchRequest.createFetchRequest();

		// Using axschema
		fetch.addAttribute("emailax", "http://axschema.org/contact/email",
				true);

		fetch.addAttribute("firstnameax",
				"http://axschema.org/namePerson/first", true);

		fetch.addAttribute("lastnameax",
				"http://axschema.org/namePerson/last", true);

		fetch.addAttribute("fullnameax", "http://axschema.org/namePerson",
				true);

		fetch.addAttribute("email",
				"http://schema.openid.net/contact/email", true);

		// Using schema.openid.net (for compatibility)
		fetch.addAttribute("firstname",
				"http://schema.openid.net/namePerson/first", true);

		fetch.addAttribute("lastname",
				"http://schema.openid.net/namePerson/last", true);

		fetch.addAttribute("fullname",
				"http://schema.openid.net/namePerson", true);

		// attach the extension to the authentication request
		authReq.addExtension(fetch);

		return authReq.getDestinationUrl(true);
	} catch (OpenIDException e) {
		e.printStackTrace();
	}

	return null;
}
Example #7
Source File: OpenIdConsumer.java    From jerseyoauth2 with MIT License 4 votes vote down vote up 
@SuppressWarnings("unchecked")
public void authRequest(String openidServiceId, String returnToUrl, HttpServletRequest httpReq, HttpServletResponse httpResp) throws IOException, ServletException {
	try {
		// --- Forward proxy setup (only if needed) ---
		// ProxyProperties proxyProps = new ProxyProperties();
		// proxyProps.setProxyName("proxy.example.com");
		// proxyProps.setProxyPort(8080);
		// HttpClientFactory.setProxyProperties(proxyProps);

		// perform discovery on the user-supplied identifier
		List<?> discoveries = manager.discover(openidServiceId);

		// attempt to associate with the OpenID provider
		// and retrieve one service endpoint for authentication
		DiscoveryInformation discovered = manager.associate(discoveries);

		// store the discovery information in the user's session
		httpReq.getSession().setAttribute(OpenIdConstants.OPENID_DISC, discovered);

		// obtain a AuthRequest message to be sent to the OpenID provider
		AuthRequest authReq = manager.authenticate(discovered, returnToUrl);

		// Attribute Exchange example: fetching the 'email' attribute
		FetchRequest fetch = FetchRequest.createFetchRequest();
		fetch.addAttribute("email",
		// attribute alias
				"http://schema.openid.net/contact/email", // type URI
				true); // required

		// attach the extension to the authentication request
		authReq.addExtension(fetch);

		if (!discovered.isVersion2()) {
			// Option 1: GET HTTP-redirect to the OpenID Provider endpoint
			// The only method supported in OpenID 1.x
			// redirect-URL usually limited ~2048 bytes
			httpResp.sendRedirect(authReq.getDestinationUrl(true));
		} else {
			// Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

			sendFormRedirect(httpResp, authReq.getDestinationUrl(false), (Map<String,String>)authReq.getParameterMap());
		}
	} catch (OpenIDException e) {
		e.printStackTrace(System.err);
	}

}