| Home | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Java Source Code / Java Documentation 2 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
| Java Source Code / Java Documentation 2 » OpenID » openid4java |
| openid4java - OpenID 2.0 Java Libraries | |
| License: | Apache License 2.0 |
| URL: | http://code.google.com/p/openid4java/ |
| Description: | OpenID 2.0 Java Libraries |
| Package Name | Comment |
| net.sxip.openidcards.icdemo.web | |
| net.sxip.openidcards.infocardop.web | |
| org.openid4java | |
| org.openid4java.appengine | |
| org.openid4java.association | |
| org.openid4java.consumer |
Provides functionality for OpenID-enabling Consumer (Relying Party) sites.
The general usage pattern for a Consumer site is outlined below:
/*
* Copyright 2006-2008 Sxip Identity Corporation
*/
package org.openid4java.consumer;
import org.openid4java.discovery.Identifier;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.*;
import org.openid4java.OpenIDException;
import javax.servlet.http.HttpSession;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;
import java.io.IOException;
/**
* Sample Consumer (Relying Party) implementation.
*/
public class SampleConsumer
{
public ConsumerManager manager;
public SampleConsumer() throws ConsumerException
{
// instantiate a ConsumerManager object
manager = new ConsumerManager();
}
// --- placing the authentication request ---
public String authRequest(String userSuppliedString,
HttpServletRequest httpReq,
HttpServletResponse httpResp)
throws IOException
{
try
{
// configure the return_to URL where your application will receive
// the authentication responses from the OpenID provider
String returnToUrl = "http://example.com/openid";
// --- Forward proxy setup (only if needed) ---
// ProxyProperties proxyProps = new ProxyProperties();
// proxyProps.setProxyName("proxy.example.com");
// proxyProps.setProxyPort(8080);
// HttpClientFactory.setProxyProperties(proxyProps);
// perform discovery on the user-supplied identifier
List discoveries = manager.discover(userSuppliedString);
// attempt to associate with the OpenID provider
// and retrieve one service endpoint for authentication
DiscoveryInformation discovered = manager.associate(discoveries);
// store the discovery information in the user's session
httpReq.getSession().setAttribute("openid-disc", discovered);
// obtain a AuthRequest message to be sent to the OpenID provider
AuthRequest authReq = manager.authenticate(discovered, returnToUrl);
// Attribute Exchange example: fetching the 'email' attribute
FetchRequest fetch = FetchRequest.createFetchRequest();
fetch.addAttribute("email",
// attribute alias
"http://schema.openid.net/contact/email", // type URI
true); // required
// attach the extension to the authentication request
authReq.addExtension(fetch);
if (! discovered.isVersion2() )
{
// Option 1: GET HTTP-redirect to the OpenID Provider endpoint
// The only method supported in OpenID 1.x
// redirect-URL usually limited ~2048 bytes
httpResp.sendRedirect(authReq.getDestinationUrl(true));
return null;
}
else
{
// Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)
//RequestDispatcher dispatcher =
// getServletContext().getRequestDispatcher("formredirection.jsp");
//httpReq.setAttribute("parameterMap", response.getParameterMap());
//httpReq.setAttribute("destinationUrl", response.getDestinationUrl(false));
//dispatcher.forward(request, response);
}
}
catch (OpenIDException e)
{
// present error to the user
}
return null;
}
// --- processing the authentication response ---
public Identifier verifyResponse(HttpServletRequest httpReq)
{
try
{
// extract the parameters from the authentication response
// (which comes in as a HTTP request from the OpenID provider)
ParameterList response =
new ParameterList(httpReq.getParameterMap());
// retrieve the previously stored discovery information
DiscoveryInformation discovered = (DiscoveryInformation)
httpReq.getSession().getAttribute("openid-disc");
// extract the receiving URL from the HTTP request
StringBuffer receivingURL = httpReq.getRequestURL();
String queryString = httpReq.getQueryString();
if (queryString != null && queryString.length() > 0)
receivingURL.append("?").append(httpReq.getQueryString());
// verify the response; ConsumerManager needs to be the same
// (static) instance used to place the authentication request
VerificationResult verification = manager.verify(
receivingURL.toString(),
response, discovered);
// examine the verification result and extract the verified identifier
Identifier verified = verification.getVerifiedId();
if (verified != null)
{
AuthSuccess authSuccess =
(AuthSuccess) verification.getAuthResponse();
if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX))
{
FetchResponse fetchResp = (FetchResponse) authSuccess
.getExtension(AxMessage.OPENID_NS_AX);
List emails = fetchResp.getAttributeValues("email");
String email = (String) emails.get(0);
}
return verified; // success
}
}
catch (OpenIDException e)
{
// present error to the user
}
return null;
}
}
|
| org.openid4java.discovery | |
| org.openid4java.discovery.html | |
| org.openid4java.discovery.xrds | |
| org.openid4java.discovery.xri | |
| org.openid4java.discovery.yadis | |
| org.openid4java.infocard |
Provides support for
OpenID-InforCards.
RP support:
OP support:
See also:
|
| org.openid4java.infocard.rp | |
| org.openid4java.infocard.sts | |
| org.openid4java.message | |
| org.openid4java.message.ax | |
| org.openid4java.message.pape | |
| org.openid4java.message.sreg | |
| org.openid4java.samples | |
| org.openid4java.samples.consumerservlet | |
| org.openid4java.samples.servlet | |
| org.openid4java.server |
Offers support for implementing an OpenID Provider server.
The general usage pattern for a OpenID Provider is outlined below:
// instantiate a ServerManager object
public static ServerManager manager = new ServerManager();
// configure the OpenID Provider's endpoint URL
static
{
manager.setOPEndpointUrl("Http://my.openidprovider.com/server");
}
// extract the parameters from the request
ParameterList request = new ParameterList(httpReq.getParameterMap());
String mode = request.hasParameter("openid.mode") ?
request.getParameterValue("openid.mode") : null;
Message response;
String responseText;
if ("associate".equals(mode))
{
// --- process an association request ---
response = manager.associationResponse(request);
responseText = response.keyValueFormEncoding();
}
else if ("checkid_setup".equals(mode)
|| "checkid_immediate".equals(mode))
{
// interact with the user and obtain data needed to continue
List userData = userInteraction(request);
String userSelectedId = (String) userData.get(0);
String userSelectedClaimedId = (String) userData.get(1);
Boolean authenticatedAndApproved = (Boolean) userData.get(2);
// --- process an authentication request ---
response = manager.authResponse(request,
userSelectedId,
userSelectedClaimedId,
authenticatedAndApproved.booleanValue());
// caller will need to decide which of the following to use:
// - GET HTTP-redirect to the return_to URL
// - HTML FORM Redirection
responseText = response.wwwFormEncoding();
}
else if ("check_authentication".equals(mode))
{
// --- processing a verification request ---
response = manager.verify(request);
responseText = response.keyValueFormEncoding();
}
else
{
// --- error response ---
response = DirectError.createDirectError("Unknown request");
responseText = response.keyValueFormEncoding();
}
// return the result to the user
return responseText;
|
| org.openid4java.util |