|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Objectcom.dyuproject.openid.RelyingParty
public final class RelyingParty
Relying party which discovers, associates and verifies the authentication of a user. An implementation of RelyingParty.Listener will enable you to listen to events during a user's authentication lifecycle.
OpenIdUser user = _relyingParty.discover(request); if(user==null) { if(RelyingParty.isAuthResponse(request)) { // authentication timeout response.sendRedirect(request.getRequestURI()); } else { // set error msg if the openid_identifier is not resolved. if(request.getParameter(_relyingParty.getIdentifierParameter())!=null) request.setAttribute(OpenIdServletFilter.ERROR_MSG_ATTR, errorMsg); // new user request.getRequestDispatcher("/login.jsp").forward(request, response); } return; } if(user.isAuthenticated()) { // user already authenticated request.getRequestDispatcher("/home.jsp").forward(request, response); return; } if(user.isAssociated() && RelyingParty.isAuthResponse(request)) { // verify authentication if(_relyingParty.verifyAuth(user, request, response)) { // authenticated // redirect to home to remove the query params instead of doing: // request.setAttribute("user", user); request.getRequestDispatcher("/home.jsp").forward(request, response); response.sendRedirect(request.getContextPath() + "/home/"); } else { // failed verification request.getRequestDispatcher("/login.jsp").forward(request, response); } return; } StringBuffer url = request.getRequestURL(); String trustRoot = url.substring(0, url.indexOf("/", 9)); String realm = url.substring(0, url.lastIndexOf("/")); String returnTo = url.toString(); if(_relyingParty.associateAndAuthenticate(user, request, response, trustRoot, realm, returnTo)) { // successful association return; }
Nested Class Summary | |
---|---|
static interface |
RelyingParty.Listener
Enables users to get notified on certain points of the openid authentication lifecycle. |
static class |
RelyingParty.ListenerCollection
A collection of listeners that wraps an array to delegate the methods from the relying party listener . |
Field Summary | |
---|---|
static String |
DEFAULT_IDENTIFIER_PARAMETER
"openid_identifier" |
static String |
DEFAULT_RESOURCE_PATH
The default resource path ("openid.properties" from classpath). |
Constructor Summary | |
---|---|
RelyingParty()
|
|
RelyingParty(boolean automaticRedirect)
|
|
RelyingParty(OpenIdContext context,
OpenIdUserManager manager)
|
|
RelyingParty(OpenIdContext context,
OpenIdUserManager manager,
boolean automaticRedirect)
|
|
RelyingParty(OpenIdContext context,
OpenIdUserManager manager,
Discovery.UserCache userCache,
boolean automaticRedirect)
|
|
RelyingParty(OpenIdContext context,
OpenIdUserManager manager,
Discovery.UserCache userCache,
boolean automaticRedirect,
boolean identifierAsServer,
AuthRedirection authRedirection,
String identifierParameter)
|
|
RelyingParty(OpenIdUserManager manager,
Discovery.UserCache userCache)
|
Method Summary | |
---|---|
RelyingParty |
addListener(RelyingParty.Listener listener)
Adds a custom listener. |
RelyingParty |
addResolver(Identifier.Resolver resolver)
Adds a custom resolver. |
boolean |
associate(OpenIdUser user,
HttpServletRequest request,
HttpServletResponse response)
Returns true if the user is successfully associated with his openid provider; The OpenIdUser is persisted if successful. |
boolean |
associateAndAuthenticate(OpenIdUser user,
HttpServletRequest request,
HttpServletResponse response,
String trustRoot,
String realm,
String returnTo)
Returns true if the user is successfully associated and redirected to his openid provider for authentication; The OpenIdUser is persisted if successful. |
boolean |
authenticate(OpenIdUser user,
HttpServletRequest request,
HttpServletResponse response,
String trustRoot,
String realm,
String returnTo)
|
OpenIdUser |
discover(HttpServletRequest request)
Return the current user, either an already authenticated one, or the one just discovered from the openid.identifier.parameter (= "openid_identifier" by default). Returns null if the Constants.OPENID_MODE associated
with the request is set to Constants.Mode.CANCEL
(in order to login under a different id),
or if the authentification is timed out.If returned user is null
and isAuthResponse(HttpServletRequest) is true
then we have an authentication timeout. |
protected OpenIdUser |
discover(Identifier identifier,
HttpServletRequest request)
|
static Map<String,String> |
getAuthParameters(HttpServletRequest request)
Copies all the request parameters into a Map |
AuthRedirection |
getAuthRedirection()
Gets the auth redirection scheme. |
static StringBuilder |
getAuthUrlBuffer(OpenIdUser user,
String trustRoot,
String realm,
String returnTo)
Gets the StringBuilder filled with the openid parameters that is used to redirect the user to his openid provider. |
static UrlEncodedParameterMap |
getAuthUrlMap(OpenIdUser user,
String trustRoot,
String realm,
String returnTo)
Gets the UrlEncodedParameterMap filled with the openid parameters that is used to redirect the user to his openid provider. |
static String |
getAuthUrlString(OpenIdUser user,
String trustRoot,
String realm,
String returnTo)
Gets the string url with the openid parameters that is used to redirect the user to his openid provider. |
String |
getIdentifierParameter()
Gets the identifier parameter - default is "openid_identifier". |
static RelyingParty |
getInstance()
Gets the default instance configured from the properties file found in the default resource path . |
OpenIdContext |
getOpenIdContext()
Gets the OpenIdContext . |
OpenIdUserManager |
getOpenIdUserManager()
Gets the OpenIdUser manager . |
Discovery.UserCache |
getUserCache()
Gets the user cache. |
boolean |
invalidate(HttpServletRequest request,
HttpServletResponse response)
Invalidates/terminates the openid session of the user associated with the given request ; To logout an authenticated user, you invoke this method. |
static boolean |
isAuthCancel(HttpServletRequest request)
Returns true if the user has cancelled the authentication on his openid provider. |
static boolean |
isAuthResponse(HttpServletRequest request)
Returns true if we have a positive response from the OpenID provider. |
boolean |
isAutomaticRedirect()
Checks whether the relying party should automatically redirect the user if he navigates back to the relying party's site. |
static RelyingParty |
newInstance(InputStream in)
Creates a new instance from the specified InputStream in , which will be
parsed/loaded to a Properties . |
static RelyingParty |
newInstance(Properties properties)
Creates a new instance configured from the given properties . |
static RelyingParty |
newInstance(String resourceLoc)
Creates a new instance from the specified resourceLoc in the classpath, which
will be parsed/loaded to a Properties . |
static RelyingParty |
newInstance(URL resource)
Creates a new instance from the specified URL resource , which will be
parsed/loaded to a Properties . |
boolean |
verifyAuth(OpenIdUser user,
HttpServletRequest request,
HttpServletResponse response)
Returns true if the user has succeeded authentication on his openid provider; The OpenIdUser is persisted if successful. |
Methods inherited from class java.lang.Object |
---|
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
---|
public static final String DEFAULT_RESOURCE_PATH
public static final String DEFAULT_IDENTIFIER_PARAMETER
Constructor Detail |
---|
public RelyingParty()
public RelyingParty(boolean automaticRedirect)
public RelyingParty(OpenIdContext context, OpenIdUserManager manager)
public RelyingParty(OpenIdUserManager manager, Discovery.UserCache userCache)
public RelyingParty(OpenIdContext context, OpenIdUserManager manager, boolean automaticRedirect)
public RelyingParty(OpenIdContext context, OpenIdUserManager manager, Discovery.UserCache userCache, boolean automaticRedirect)
public RelyingParty(OpenIdContext context, OpenIdUserManager manager, Discovery.UserCache userCache, boolean automaticRedirect, boolean identifierAsServer, AuthRedirection authRedirection, String identifierParameter)
Method Detail |
---|
public static RelyingParty getInstance()
default resource path
.
If its not found, a new instance will be created (using the default constructor of
the RelyingParty) and set as the default instance.
public static RelyingParty newInstance(String resourceLoc)
resourceLoc
in the classpath, which
will be parsed/loaded to a Properties
.
public static RelyingParty newInstance(URL resource) throws IOException
resource
, which will be
parsed/loaded to a Properties
.
IOException
public static RelyingParty newInstance(InputStream in) throws IOException
in
, which will be
parsed/loaded to a Properties
.
IOException
public static RelyingParty newInstance(Properties properties)
properties
.
public static Map<String,String> getAuthParameters(HttpServletRequest request)
public static boolean isAuthResponse(HttpServletRequest request)
is associated
and we have an auth response, then we can
verify
the user.
public static boolean isAuthCancel(HttpServletRequest request)
public static UrlEncodedParameterMap getAuthUrlMap(OpenIdUser user, String trustRoot, String realm, String returnTo)
public static StringBuilder getAuthUrlBuffer(OpenIdUser user, String trustRoot, String realm, String returnTo)
public static String getAuthUrlString(OpenIdUser user, String trustRoot, String realm, String returnTo)
public OpenIdUserManager getOpenIdUserManager()
OpenIdUser
manager
.
public OpenIdContext getOpenIdContext()
OpenIdContext
.
public String getIdentifierParameter()
public boolean isAutomaticRedirect()
public AuthRedirection getAuthRedirection()
public Discovery.UserCache getUserCache()
public OpenIdUser discover(HttpServletRequest request) throws Exception
null
if the Constants.OPENID_MODE
associated
with the request is set to Constants.Mode.CANCEL
(in order to login under a different id),
or if the authentification is timed out.null
and isAuthResponse(HttpServletRequest)
is true
then we have an authentication timeout.
request
- HttpServletRequest
Exception
protected OpenIdUser discover(Identifier identifier, HttpServletRequest request) throws Exception
Exception
public boolean verifyAuth(OpenIdUser user, HttpServletRequest request, HttpServletResponse response) throws Exception
OpenIdUser
is persisted if successful.
Exception
public boolean associate(OpenIdUser user, HttpServletRequest request, HttpServletResponse response) throws Exception
OpenIdUser
is persisted if successful.
Exception
public boolean associateAndAuthenticate(OpenIdUser user, HttpServletRequest request, HttpServletResponse response, String trustRoot, String realm, String returnTo) throws Exception
OpenIdUser
is persisted if successful.
Exception
public boolean authenticate(OpenIdUser user, HttpServletRequest request, HttpServletResponse response, String trustRoot, String realm, String returnTo) throws IOException
IOException
public boolean invalidate(HttpServletRequest request, HttpServletResponse response) throws IOException
request
; To logout an authenticated user, you invoke this method.
IOException
public RelyingParty addListener(RelyingParty.Listener listener)
public RelyingParty addResolver(Identifier.Resolver resolver)
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |