Java Code Examples for org.openid4java.association.Association#isHmacSupported()

The following examples show how to use org.openid4java.association.Association#isHmacSupported() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: ConsumerManager.java    From openid4java with Apache License 2.0 5 votes vote down vote up 
/**
 * Constructs an Association Request message of the specified session and
 * association type, taking into account the user preferences (encryption
 * level, default Diffie-Hellman parameters).
 *
 * @param type      The type of the association (session and association)
 * @param opUrl    The OP for which the association request is created
 * @return          An AssociationRequest message ready to be sent back
 *                  to the OpenID Provider, or null if an association
 *                  of the requested type cannot be built.
 */
private AssociationRequest createAssociationRequest(
        AssociationSessionType type, URL opUrl)
{
    try
    {
        if (_minAssocSessEnc.isBetter(type))
            return null;

        AssociationRequest assocReq = null;

        DiffieHellmanSession dhSess;
        if (type.getHAlgorithm() != null) // DH session
        {
            dhSess = DiffieHellmanSession.create(type, _dhParams);
            if (DiffieHellmanSession.isDhSupported(type)
                && Association.isHmacSupported(type.getAssociationType()))
                assocReq = AssociationRequest.createAssociationRequest(type, dhSess);
        }

        else if ( opUrl.getProtocol().equals("https") && // no-enc sess
                 Association.isHmacSupported(type.getAssociationType()))
                assocReq = AssociationRequest.createAssociationRequest(type);

        if (assocReq == null)
            _log.warn("Could not create association of type: " + type);

        return assocReq;
    }
    catch (OpenIDException e)
    {
        _log.error("Error trying to create association request.", e);
        return null;
    }
}
Example 2
Source File: ServerManager.java    From openid4java with Apache License 2.0 5 votes vote down vote up 
/**
 * Sets the preferred association / session type.
 *
 * @see AssociationSessionType
 */
public void setPrefAssocSessEnc(AssociationSessionType type)
        throws ServerException
{
    if (! Association.isHmacSupported(type.getAssociationType()) ||
        ! DiffieHellmanSession.isDhSupported(type) )
        throw new ServerException("Unsupported association / session type: "
        + type.getSessionType() + " : " + type.getAssociationType());

    if (_minAssocSessEnc.isBetter(type) )
        throw new ServerException(
                "Minimum encryption settings cannot be better than the preferred");

    this._prefAssocSessEnc = type;
}
Example 3
Source File: ServerManager.java    From openid4java with Apache License 2.0 4 votes vote down vote up 
/**
 * Processes a Association Request and returns a Association Response
 * message, according to the request parameters and the preferences
 * configured for the OpenID Provider
 *
 * @return AssociationResponse      upon successfull association,
 *                                  or AssociationError if no association
 *                                  was established
 *
 */
public Message associationResponse(ParameterList requestParams)
{
    boolean isVersion2 = requestParams.hasParameter("openid.ns");

    _log.info("Processing association request...");

    try
    {
        // build request message from response params (+ integrity check)
        AssociationRequest assocReq =
                AssociationRequest.createAssociationRequest(requestParams);

        isVersion2 = assocReq.isVersion2();

        AssociationSessionType type = assocReq.getType();

        // is supported / allowed ?
        if (! Association.isHmacSupported(type.getAssociationType()) ||
                ! DiffieHellmanSession.isDhSupported(type) ||
                _minAssocSessEnc.isBetter(type))
        {
            throw new AssociationException("Unable create association for: "
                    + type.getSessionType() + " / "
                    + type.getAssociationType() );
        }
        else // all ok, go ahead
        {
            Association assoc = _sharedAssociations.generate(
                    type.getAssociationType(), _expireIn);

            _log.info("Returning shared association; handle: " + assoc.getHandle());

            return AssociationResponse.createAssociationResponse(assocReq, assoc);
        }
    }
    catch (OpenIDException e)
    {
        // association failed, respond accordingly
        if (isVersion2)
        {
            _log.warn("Cannot establish association, " +
                       "responding with an OpenID2 association error.", e);

            return AssociationError.createAssociationError(
                    e.getMessage(), _prefAssocSessEnc);
        }
        else
        {
            _log.warn("Error processing an OpenID1 association request: " +
                      e.getMessage() +
                      " Responding with a dummy association.", e);
            try
            {
                // generate dummy association & no-encryption response
                // for compatibility mode
                Association dummyAssoc = _sharedAssociations.generate(
                        Association.TYPE_HMAC_SHA1, 0);

                AssociationRequest dummyRequest =
                        AssociationRequest.createAssociationRequest(
                        AssociationSessionType.NO_ENCRYPTION_COMPAT_SHA1MAC);


                return AssociationResponse.createAssociationResponse(
                        dummyRequest, dummyAssoc);
            }
            catch (OpenIDException ee)
            {
                _log.error("Error creating negative OpenID1 association response.", e);
                return null;
            }

        }

    }
}