Java Code Examples for org.openid4java.message.ParameterList#getParameterValue()
The following examples show how to use
org.openid4java.message.ParameterList#getParameterValue() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SmartOpenIdController.java From springboot-shiro-cas-mybatis with MIT License | 6 votes |
|
/**
* Gets the association response. Determines the mode first.
* If mode is set to associate, will set the response. Then
* builds the response parameters next and returns.
*
* @param request the request
* @return the association response
*/
public Map<String, String> getAssociationResponse(final HttpServletRequest request) {
final ParameterList parameters = new ParameterList(request.getParameterMap());
final String mode = parameters.hasParameter(OpenIdConstants.OPENID_MODE)
? parameters.getParameterValue(OpenIdConstants.OPENID_MODE)
: null;
Message response = null;
if (StringUtils.equals(mode, OpenIdConstants.ASSOCIATE)) {
response = serverManager.associationResponse(parameters);
}
final Map<String, String> responseParams = new HashMap<>();
if (response != null) {
responseParams.putAll(response.getParameterMap());
}
return responseParams;
}
Example 2
| Source File: SmartOpenIdController.java From cas4.0.x-server-wechat with Apache License 2.0 | 6 votes |
|
public Map<String, String> getAssociationResponse(final HttpServletRequest request) {
ParameterList parameters = new ParameterList(request.getParameterMap());
final String mode = parameters.hasParameter("openid.mode")
? parameters.getParameterValue("openid.mode")
: null;
Message response = null;
if (mode != null && mode.equals("associate")) {
response = serverManager.associationResponse(parameters);
}
final Map<String, String> responseParams = new HashMap<String, String>();
if (response != null) {
responseParams.putAll(response.getParameterMap());
}
return responseParams;
}
Example 3
| Source File: CustomOpenIdProviderHandler.java From OpenID-Attacker with GNU General Public License v2.0 | 6 votes |
|
private void handleCheckAuthentication(String info, HttpServletResponse response, final ParameterList requestParameter) throws IOException {
LOG.info("--> BEGIN handleCheckAuthentication");
String assocHandle = requestParameter.getParameterValue("openid.assoc_handle");
String shortLog = String.format("Returning check_authentication = true for %s", assocHandle);
LOG.info(String.format(" --> assoc_handle = %s", assocHandle));
Message responseMessage;
if (idpType.equals(IdpType.ATTACKER)) {
responseMessage = getOpenIdProcessor().generatePositiveCheckAuthenticationResponse();
} else {
responseMessage = getOpenIdProcessor().generateCorrectCheckAuthenticationResponse(requestParameter);
}
String responseText = responseMessage.keyValueFormEncoding();
response.getWriter().println(responseText);
response.setStatus(HttpServletResponse.SC_OK);
String requestText = String.format("%s\n\n%s", info, requestParameter.toString());
RequestLogger.getInstance().add(RequestType.CHECK_AUTHENTICATION, shortLog, requestText, responseText, idpType);
LOG.info("--> END handleCheckAuthentication");
}
Example 4
| Source File: OpenIDHandler.java From carbon-identity with Apache License 2.0 | 6 votes |
|
/**
* Returns the mode field of the OpenID message.
*
* @param paramList
* @param response
* @param request
* @return
* @throws IOException
*/
private String getOpenIDMessageMode(ParameterList paramList, HttpServletResponse response,
HttpServletRequest request) throws IOException {
String mode = null;
if (paramList == null) {
if (log.isDebugEnabled()) {
log.debug("Invalid OpenID message :" + request.getQueryString());
}
directResponse(response, getErrorResponseText("Invalid OpenID message"));
return null;
}
mode = paramList.hasParameter(OpenId.ATTR_MODE) ? paramList.getParameterValue(OpenId.ATTR_MODE) : null;
if (log.isDebugEnabled()) {
log.debug("OpenID authentication mode :" + mode);
}
return mode;
}
Example 5
| Source File: CustomOpenIdProviderHandler.java From OpenID-Attacker with GNU General Public License v2.0 | 5 votes |
|
public void handleTokenRequestWithPostRedirect(String info, HttpServletResponse response, final ParameterList requestParameter) throws OpenIdAttackerServerException, IOException {
String assoc_handle = requestParameter.getParameterValue("openid.assoc_handle");
LOG.info(String.format("--> BEGIN handleTokenRequestwithGetRedirect for assoc_handle='%s'",
assoc_handle != null ? assoc_handle : "<NONE>"));
AttackParameterKeeper keeper = getOpenIdProcessor().processTokenRequest(requestParameter);
response.setStatus(HttpServletResponse.SC_OK);
String destinationUrl = getDestinationUrl(keeper);
boolean performAttack;
boolean interceptIdpResponse;
if (idpType == IdpType.ATTACKER) {
performAttack = OpenIdServerConfiguration.getAttackerInstance().isPerformAttack();
interceptIdpResponse = OpenIdServerConfiguration.getAttackerInstance().isInterceptIdPResponse();
} else {
performAttack = OpenIdServerConfiguration.getAnalyzerInstance().isPerformAttack();
interceptIdpResponse = OpenIdServerConfiguration.getAnalyzerInstance().isInterceptIdPResponse();
}
Map<String, String> getParameters = AttackParameterHandler.createMapByMethod(keeper, HttpMethod.GET, performAttack);
Map<String, String> postParamters = AttackParameterHandler.createMapByMethod(keeper, HttpMethod.POST, performAttack);
String postRedirectHtml = HttpPostRedirect.createPostRedirect(destinationUrl, getParameters, postParamters, interceptIdpResponse);
response.getWriter().println(postRedirectHtml);
RequestType type;
if (performAttack) {
type = RequestType.TOKEN_ATTACK;
} else {
type = RequestType.TOKEN_VALID;
}
String responseText = String.format("GET:\n\n%s\nPOST:\n\n%s", PrintHelper.mapToString(getParameters), PrintHelper.mapToString(postParamters));
RequestLogger.getInstance().add(type, "Token generated", info + "\n\n" + requestParameter.toString(), responseText, idpType);
LOG.info("--> END handleTokenRequestwithGetRedirect");
}
Example 6
| Source File: CustomOpenIdProviderHandler.java From OpenID-Attacker with GNU General Public License v2.0 | 5 votes |
|
public void handleTokenRequestwithGetRedirect(HttpServletResponse response, final ParameterList requestParameter)
throws OpenIdAttackerServerException {
String assoc_handle = requestParameter.getParameterValue("openid.assoc_handle");
LOG.info(String.format("--> BEGIN handleTokenRequestwithGetRedirect for assoc_handle='%s'",
assoc_handle != null ? assoc_handle : "<NONE>"));
AttackParameterKeeper keeper = openIdProcessor.processTokenRequest(requestParameter);
response.setStatus(HttpServletResponse.SC_SEE_OTHER);
boolean performAttack = false;
if (idpType == IdpType.ATTACKER) {
performAttack = OpenIdServerConfiguration.getAttackerInstance().isPerformAttack();
} else {
performAttack = OpenIdServerConfiguration.getAnalyzerInstance().isPerformAttack();
}
RequestType type;
if (performAttack) {
type = RequestType.TOKEN_ATTACK;
} else {
type = RequestType.TOKEN_VALID;
}
Map<String, String> getParameters = AttackParameterHandler.createMapByMethod(keeper, HttpMethod.GET, performAttack);
String location = HttpPostRedirect.createGetRequest(getDestinationUrl(keeper), getParameters);
response.setHeader("Location", location);
String responseText = String.format("GET:\n\n%s", PrintHelper.mapToString(getParameters));
RequestLogger.getInstance().add(type, "Token generated", requestParameter.toString(), responseText, idpType);
LOG.info("--> END handleTokenRequestwithGetRedirect");
}
Example 7
| Source File: CustomOpenIdProviderHandler.java From OpenID-Attacker with GNU General Public License v2.0 | 5 votes |
|
private void handleRequest(ParameterList requestParameter, String target, HttpServletResponse response, Request baseRequest) throws IOException, OpenIdAttackerServerException, TransformerException {
// get the openIdProcessor.mode
final String method = baseRequest.getMethod();
final HttpURI uri = baseRequest.getUri();
final String protocol = baseRequest.getProtocol();
final String info = String.format("%s %s %s", method, uri, protocol);
final String mode = requestParameter.hasParameter("openid.mode")
? requestParameter.getParameterValue("openid.mode") : null;
if (uri.getCompletePath().equals("/favicon.ico")) {
handleFaviconRequest(info, response);
} else if (target.contains("xxe")) {
// Case: XXE
handleXxeRequest(info, response, requestParameter);
} /*else if (target.contains("dtd")) {
// Case: DTD
handleDtdRequest(info, response, requestParameter);
}*/ else if (mode == null) {
if (target.contains("xrds") || requestParameter.toString().contains("xrds")) {
// Case: Request XRDS Document
handleXrdsRequest(info, response);
} else {
// Case: Request HTML Document
handleHtmlDiscovery(info, response);
}
} else if ("associate".equals(mode)) {
// Case: Process Association
handleAssociationRequest(info, response, requestParameter);
} else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode)) {
// Case: Generate Token
handleTokenRequest(info, response, requestParameter);
} else if ("check_authentication".equals(mode)) {
handleCheckAuthentication(info, response, requestParameter);
} else {
throw new IllegalStateException("Unknown Request");
}
baseRequest.setHandled(true);
}
Example 8
| Source File: OpenIDHandler.java From carbon-identity with Apache License 2.0 | 4 votes |
|
/**
* Returns the login page URL. User will be redirected to this URL when they
* are not authenticated.
*
* @param claimedID
* @param request
* @param params
* @return loginPageUrl
* @throws IdentityException
* @throws IOException
*/
private String getLoginPageUrl(String claimedID, HttpServletRequest request, ParameterList params)
throws IdentityException, IOException {
/*
* We are setting the request's openid identifier to the session
* here.
*/
request.getSession().setAttribute(OpenIDConstants.SessionAttribute.OPENID, claimedID);
String commonAuthURL = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, false, true);
String selfPath = request.getContextPath();
String sessionDataKey = UUIDGenerator.generateUUID();
//Authentication context keeps data which should be sent to commonAuth endpoint
AuthenticationRequest authenticationRequest = new
AuthenticationRequest();
authenticationRequest.setRelyingParty(getRelyingParty(request));
authenticationRequest.setCommonAuthCallerPath(selfPath);
String username = null;
String tenantDomain = null;
if (params.getParameterValue(FrameworkConstants.OPENID_IDENTITY) != null) {
username = OpenIDUtil.getUserName(params.getParameterValue(FrameworkConstants.OPENID_IDENTITY));
authenticationRequest.addRequestQueryParam(FrameworkConstants.USERNAME, new String[] { username });
}
if (params.getParameterValue(FrameworkConstants.RequestParams.TENANT_DOMAIN) != null) {
tenantDomain = params.getParameterValue(FrameworkConstants.RequestParams.TENANT_DOMAIN);
authenticationRequest.setTenantDomain(tenantDomain);
}
boolean forceAuthenticate = false;
if (!claimedID.endsWith("/openid/")) {
String authenticatedUser =
(String) request.getSession().getAttribute(OpenIDConstants.SessionAttribute.AUTHENTICATED_OPENID);
if (log.isDebugEnabled()) {
log.debug("claimedID : " + claimedID + ", authenticated user : " + authenticatedUser);
}
if (authenticatedUser != null && !"".equals(authenticatedUser.trim())
&& !claimedID.equals(authenticatedUser.trim())) {
if (log.isDebugEnabled()) {
log.debug("Overriding previously authenticated OpenID : " + authenticatedUser
+ " with the OpenID in the current request :" + claimedID
+ " and setting forceAuthenticate.");
}
forceAuthenticate = true;
}
}
authenticationRequest.setForceAuth(forceAuthenticate);
//Add request headers to authentication request context. ie to cache
authenticationRequest.setRequestQueryParams(request.getParameterMap());
for (Enumeration headerNames = request.getHeaderNames(); headerNames.hasMoreElements(); ) {
String headerName = headerNames.nextElement().toString();
authenticationRequest.addHeader(headerName, request.getHeader(headerName));
}
AuthenticationRequestCacheEntry authRequest = new AuthenticationRequestCacheEntry(authenticationRequest);
FrameworkUtils.addAuthenticationRequestToCache(sessionDataKey, authRequest);
StringBuilder queryStringBuilder = new StringBuilder();
queryStringBuilder.append(commonAuthURL).
append("?").
append(FrameworkConstants.SESSION_DATA_KEY).
append("=").
append(sessionDataKey).
append("&").
append(FrameworkConstants.RequestParams.TYPE).
append("=").
append(FrameworkConstants.RequestType.CLAIM_TYPE_OPENID);
// reading the authorization header for request path authentication
FrameworkUtils.setRequestPathCredentials(request);
return queryStringBuilder.toString();
}
Example 9
| Source File: OpenIDUtil.java From carbon-identity with Apache License 2.0 | 4 votes |
|
public static String getLoginPageQueryParams(ParameterList params) throws IdentityException {
String queryParams = null;
try {
String realm = params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_REALM) != null ?
URLEncoder.encode(params.getParameterValue(
OpenIDConstants.OpenIDRequestParameters.OPENID_REALM),
StandardCharsets.UTF_8.name()) : "";
String returnTo =
params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_RETURN_TO) != null ?
URLEncoder.encode(
params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_RETURN_TO),
StandardCharsets.UTF_8.name()) : "";
String claimedId =
params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_CLAIMED_ID) != null ?
URLEncoder.encode(
params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_CLAIMED_ID),
StandardCharsets.UTF_8.name()) : "";
String identity =
params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_IDENTITY) != null ?
URLEncoder.encode(params.getParameterValue(OpenIDConstants.OpenIDRequestParameters.OPENID_IDENTITY),
StandardCharsets.UTF_8.name()) : "";
queryParams = "?" + OpenIDConstants.OpenIDRequestParameters.OPENID_REALM + "=" + realm
+ "&" + OpenIDConstants.OpenIDRequestParameters.OPENID_RETURN_TO + "=" + returnTo
+ "&" + OpenIDConstants.OpenIDRequestParameters.OPENID_CLAIMED_ID + "=" + claimedId
+ "&" + OpenIDConstants.OpenIDRequestParameters.OPENID_IDENTITY + "=" + identity;
} catch (UnsupportedEncodingException e) {
log.error("UTF-8 encoding is not supported", e);
throw IdentityException.error("UTF-8 encoding is not supported");
}
String username = null;
if (params.getParameterValue(OpenIDConstants.OpenIDRequestParameters
.OPENID_IDENTITY) != null) {
username = OpenIDUtil.getUserName(params.getParameterValue(OpenIDConstants.OpenIDRequestParameters
.OPENID_IDENTITY));
queryParams = queryParams + "&" + OpenIDConstants.RequestParameter.USERNAME + "=" + username;
}
return queryParams;
}
