org.openid4java.server.ServerManager Java Examples

The following examples show how to use org.openid4java.server.ServerManager. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: OpenIdServiceTests.java    From springboot-shiro-cas-mybatis with MIT License 6 votes vote down vote up
@Before
public void setUp() throws Exception {
    request.addParameter("openid.identity", "http://openid.ja-sig.org/battags");
    request.addParameter("openid.return_to", "http://www.ja-sig.org/?service=fa");
    request.addParameter("openid.mode", "checkid_setup");
    sharedAssociations = mock(ServerAssociationStore.class);
    manager = new ServerManager();
    manager.setOPEndpointUrl("https://localshot:8443/cas/login");
    manager.setEnforceRpId(false);
    manager.setSharedAssociations(sharedAssociations);
    context = mock(ApplicationContext.class);
    cas = mock(CentralAuthenticationService.class);

    when(context.getBean("serverManager")).thenReturn(manager);
    when(context.getBean("centralAuthenticationService", CentralAuthenticationService.class)).thenReturn(cas);

    final ApplicationContextProvider contextProvider = new ApplicationContextProvider();
    contextProvider.setApplicationContext(context);
}
 
Example #2
Source File: SmartOpenIdControllerTest.java    From springboot-shiro-cas-mybatis with MIT License 5 votes vote down vote up
@Before
public void setUp() {
    manager = new ServerManager();
    manager.setOPEndpointUrl("https://localshot:8443/cas/login");
    manager.setEnforceRpId(false);
    smartOpenIdController.setServerManager(manager);
}
 
Example #3
Source File: SmartOpenIdControllerTest.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Before
public void setUp() {
    manager = new ServerManager();
    manager.setOPEndpointUrl("https://localshot:8443/cas/login");
    manager.setEnforceRpId(false);
    smartOpenIdController.setServerManager(manager);
}
 
Example #4
Source File: OpenIdServiceTests.java    From cas4.0.x-server-wechat with Apache License 2.0 5 votes vote down vote up
@Before
public void setUp() throws Exception {
    request.addParameter("openid.identity", "http://openid.ja-sig.org/battags");
    request.addParameter("openid.return_to", "http://www.ja-sig.org/?service=fa");
    request.addParameter("openid.mode", "checkid_setup");
    sharedAssociations = mock(ServerAssociationStore.class);
    manager = new ServerManager();
    manager.setOPEndpointUrl("https://localshot:8443/cas/login");
    manager.setEnforceRpId(false);
    manager.setSharedAssociations(sharedAssociations);
    context = mock(ApplicationContext.class);
    ApplicationContextProvider contextProvider = new ApplicationContextProvider();
    contextProvider.setApplicationContext(context);
    cas = mock(CentralAuthenticationService.class);
}
 
Example #5
Source File: SmartOpenIdController.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
@NotNull
public void setServerManager(final ServerManager serverManager) {
    this.serverManager = serverManager;
}
 
Example #6
Source File: OpenIdService.java    From springboot-shiro-cas-mybatis with MIT License 4 votes vote down vote up
/**
 * Generates an Openid response.
 * If no ticketId is found, response is negative.
 * If we have a ticket id, then we check if we have an association.
 * If so, we ask OpenId server manager to generate the answer according with the existing association.
 * If not, we send back an answer with the ticket id as association handle.
 * This will force the consumer to ask a verification, which will validate the service ticket.
 * @param ticketId the service ticket to provide to the service.
 * @return the generated authentication answer
 */
@Override
public Response getResponse(final String ticketId) {
    final Map<String, String> parameters = new HashMap<>();
    if (ticketId != null) {

        final ServerManager manager = (ServerManager) ApplicationContextProvider.getApplicationContext().getBean("serverManager");
        final CentralAuthenticationService cas = ApplicationContextProvider.getApplicationContext()
                                            .getBean("centralAuthenticationService", CentralAuthenticationService.class);
        boolean associated = false;
        boolean associationValid = true;
        try {
            final AuthRequest authReq = AuthRequest.createAuthRequest(requestParameters, manager.getRealmVerifier());
            final Map parameterMap = authReq.getParameterMap();
            if (parameterMap != null && parameterMap.size() > 0) {
                final String assocHandle = (String) parameterMap.get(OpenIdConstants.OPENID_ASSOCHANDLE);
                if (assocHandle != null) {
                    final Association association = manager.getSharedAssociations().load(assocHandle);
                    if (association != null) {
                        associated = true;
                        if (association.hasExpired()) {
                            associationValid = false;
                        }
                    }

                }
            }
        } catch (final MessageException me) {
            LOGGER.error("Message exception : {}", me.getMessage(), me);
        }

        boolean successFullAuthentication = true;
        Assertion assertion = null;
        try {
            if (associated) {
                if (associationValid) {
                    assertion = cas.validateServiceTicket(ticketId, this);
                    LOGGER.info("Validated openid ticket");
                } else {
                    successFullAuthentication = false;
                }
            }
        } catch (final TicketException te) {
            LOGGER.error("Could not validate ticket : {}", te.getMessage(), te);
            successFullAuthentication = false;
        }

        final String id;
        if (assertion != null && OpenIdConstants.OPENID_IDENTIFIERSELECT.equals(this.identity)) {
            id = this.openIdPrefixUrl + '/' + assertion.getPrimaryAuthentication().getPrincipal().getId();
        } else {
            id = this.identity;
        }
        // We sign directly (final 'true') because we don't add extensions
        // response message can be either a DirectError or an AuthSuccess here.
        // Anyway, handling is the same : send the response message
        final Message response = manager.authResponse(requestParameters,
                id,
                id,
                successFullAuthentication,
                true);
        parameters.putAll(response.getParameterMap());
        if (!associated) {
            parameters.put(OpenIdConstants.OPENID_ASSOCHANDLE, ticketId);
        }
    } else {
        parameters.put(OpenIdConstants.OPENID_MODE, OpenIdConstants.CANCEL);
    }
    return DefaultResponse.getRedirectResponse(getOriginalUrl(), parameters);
}
 
Example #7
Source File: SmartOpenIdController.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
@NotNull
public void setServerManager(final ServerManager serverManager) {
    this.serverManager = serverManager;
}
 
Example #8
Source File: OpenIdService.java    From cas4.0.x-server-wechat with Apache License 2.0 4 votes vote down vote up
/**
 * Generates an Openid response.
 * If no ticketId is found, response is negative.
 * If we have a ticket id, then we check if we have an association.
 * If so, we ask OpenId server manager to generate the answer according with the existing association.
 * If not, we send back an answer with the ticket id as association handle.
 * This will force the consumer to ask a verification, which will validate the service ticket.
 * @param ticketId the service ticket to provide to the service.
 * @return the generated authentication answer
 */
@Override
public Response getResponse(final String ticketId) {
    final Map<String, String> parameters = new HashMap<String, String>();
    if (ticketId != null) {

        ServerManager manager = (ServerManager) ApplicationContextProvider.getApplicationContext().getBean("serverManager");
        CentralAuthenticationService cas = (CentralAuthenticationService) ApplicationContextProvider.getApplicationContext()
                                            .getBean("centralAuthenticationService");
        boolean associated = false;
        boolean associationValid = true;
        try {
            AuthRequest authReq = AuthRequest.createAuthRequest(requestParameters, manager.getRealmVerifier());
            Map parameterMap = authReq.getParameterMap();
            if (parameterMap != null && parameterMap.size() > 0) {
                String assocHandle = (String) parameterMap.get("openid.assoc_handle");
                if (assocHandle != null) {
                    Association association = manager.getSharedAssociations().load(assocHandle);
                    if (association != null) {
                        associated = true;
                        if (association.hasExpired()) {
                            associationValid = false;
                        }
                    }

                }
            }
        } catch (final MessageException me) {
            LOGGER.error("Message exception : {}", me.getMessage(), me);
        }

        boolean successFullAuthentication = true;
        try {
            if (associated) {
                if (associationValid) {
                    cas.validateServiceTicket(ticketId, this);
                    LOGGER.info("Validated openid ticket");
                } else {
                    successFullAuthentication = false;
                }
            }
        } catch (final TicketException te) {
            LOGGER.error("Could not validate ticket : {}", te.getMessage(), te);
            successFullAuthentication = false;
        }

        // We sign directly (final 'true') because we don't add extensions
        // response message can be either a DirectError or an AuthSuccess here.
        // Anyway, handling is the same : send the response message
        Message response = manager.authResponse(requestParameters,
                this.identity,
                this.identity,
                successFullAuthentication,
                true);
        parameters.putAll(response.getParameterMap());
        if (!associated) {
            parameters.put("openid.assoc_handle", ticketId);
        }
    } else {
        parameters.put("openid.mode", "cancel");
    }
    return Response.getRedirectResponse(getOriginalUrl(), parameters);
}
 
Example #9
Source File: InfocardOPController.java    From openid4java with Apache License 2.0 4 votes vote down vote up
public void setServerManager(ServerManager manger)
{
    this._manager = manger;
}
 
Example #10
Source File: InfocardOPController.java    From openid4java with Apache License 2.0 4 votes vote down vote up
public ServerManager getManager()
{
    return _manager;
}
 
Example #11
Source File: OpenIDProvider.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
/**
 * @return ServerManager instance.
 */
public ServerManager getManager() {
    return manager;
}
 
Example #12
Source File: CustomOpenIdProcessor.java    From OpenID-Attacker with GNU General Public License v2.0 2 votes vote down vote up
/**
 * This is just needed for testing
 *
 * @return
 */
protected ServerManager getServerManager() {
    return serverManager;
}