From fd3f4b908a050f2909de90aa593a752dffe7df7a Mon Sep 17 00:00:00 2001 From: =?utf8?q?David=20=E2=80=98Bombe=E2=80=99=20Roden?= Date: Fri, 27 Apr 2012 16:44:04 +0200 Subject: [PATCH] Add first stab at OpenID verification. --- .../demoscenemusic/page/OpenIdPage.java | 90 ++++++++++++++++++++++ .../demoscenemusic/page/RegisterPage.java | 88 +++++++++++++++++++++ src/main/resources/templates/openid | 13 ++++ src/main/resources/templates/register | 23 ++++++ src/main/webapp/WEB-INF/web.xml.template | 8 ++ 5 files changed, 222 insertions(+) create mode 100644 src/main/java/net/pterodactylus/demoscenemusic/page/OpenIdPage.java create mode 100644 src/main/java/net/pterodactylus/demoscenemusic/page/RegisterPage.java create mode 100644 src/main/resources/templates/openid create mode 100644 src/main/resources/templates/register diff --git a/src/main/java/net/pterodactylus/demoscenemusic/page/OpenIdPage.java b/src/main/java/net/pterodactylus/demoscenemusic/page/OpenIdPage.java new file mode 100644 index 0000000..cb164e7 --- /dev/null +++ b/src/main/java/net/pterodactylus/demoscenemusic/page/OpenIdPage.java @@ -0,0 +1,90 @@ +/* + * DemosceneMusic - OpenIdPage.java - Copyright © 2012 David Roden + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package net.pterodactylus.demoscenemusic.page; + +import net.pterodactylus.demoscenemusic.core.Core; +import net.pterodactylus.util.template.Template; +import net.pterodactylus.util.template.TemplateContext; +import net.pterodactylus.util.template.TemplateContextFactory; +import net.pterodactylus.util.web.RedirectException; + +import org.openid4java.association.AssociationException; +import org.openid4java.consumer.VerificationResult; +import org.openid4java.discovery.DiscoveryException; +import org.openid4java.discovery.DiscoveryInformation; +import org.openid4java.discovery.Identifier; +import org.openid4java.message.AuthSuccess; +import org.openid4java.message.MessageException; +import org.openid4java.message.ParameterList; +import org.openid4java.message.ax.AxMessage; +import org.openid4java.message.ax.FetchResponse; + +/** + * TODO + * + * @author David ‘Bombe’ Roden + */ +public class OpenIdPage extends BasePage { + + /** + * @param core + * @param templateContextFactory + * @param template + * @param pageName + */ + public OpenIdPage(Core core, TemplateContextFactory templateContextFactory, Template template) { + super(core, templateContextFactory, template, "openid"); + } + + /** + * {@inheritDoc} + */ + @Override + protected void processTemplate(TemplateContext templateContext, ServletRequest request) throws RedirectException { + super.processTemplate(templateContext, request); + ParameterList parameterList = new ParameterList(request.getServletRequest().getParameterMap()); + DiscoveryInformation discoveryInformation = (DiscoveryInformation) request.getServletRequest().getAttribute("openid-discovery"); + templateContext.set("openid", discoveryInformation.getClaimedIdentifier()); + StringBuffer receivingURL = request.getServletRequest().getRequestURL(); + String queryString = request.getServletRequest().getQueryString(); + if (queryString != null && queryString.length() > 0) { + receivingURL.append("?").append(queryString); + } + try { + VerificationResult verification = getCore().getConsumerManager().verify(receivingURL.toString(), parameterList, discoveryInformation); + Identifier verified = verification.getVerifiedId(); + if (verified != null) { + System.out.println("verified."); + templateContext.set("verified", true); + templateContext.set("openid", verified.getIdentifier()); + AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse(); + if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) { + FetchResponse fetchResponse = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX); + System.out.println(fetchResponse.getAttributes()); + } + } + } catch (MessageException me1) { + me1.printStackTrace(); + } catch (DiscoveryException de1) { + de1.printStackTrace(); + } catch (AssociationException ae1) { + ae1.printStackTrace(); + } + } + +} diff --git a/src/main/java/net/pterodactylus/demoscenemusic/page/RegisterPage.java b/src/main/java/net/pterodactylus/demoscenemusic/page/RegisterPage.java new file mode 100644 index 0000000..45d3534 --- /dev/null +++ b/src/main/java/net/pterodactylus/demoscenemusic/page/RegisterPage.java @@ -0,0 +1,88 @@ +/* + * DemosceneMusic - RegisterPage.java - Copyright © 2012 David Roden + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ + +package net.pterodactylus.demoscenemusic.page; + +import java.util.List; + +import net.pterodactylus.demoscenemusic.core.Core; +import net.pterodactylus.util.object.Default; +import net.pterodactylus.util.template.Template; +import net.pterodactylus.util.template.TemplateContext; +import net.pterodactylus.util.template.TemplateContextFactory; +import net.pterodactylus.util.web.Method; +import net.pterodactylus.util.web.RedirectException; + +import org.openid4java.consumer.ConsumerException; +import org.openid4java.discovery.DiscoveryException; +import org.openid4java.discovery.DiscoveryInformation; +import org.openid4java.message.AuthRequest; +import org.openid4java.message.MessageException; + +/** + * TODO + * + * @author David ‘Bombe’ Roden + */ +public class RegisterPage extends BasePage { + + private static final String RETURN_URL = "http://www.demoscenemusic.org/openid"; + + /** + * @param core + * @param templateContextFactory + * @param template + * @param pageName + */ + public RegisterPage(Core core, TemplateContextFactory templateContextFactory, Template template) { + super(core, templateContextFactory, template, "register"); + } + + /** + * {@inheritDoc} + */ + @Override + @SuppressWarnings("unchecked") + protected void processTemplate(TemplateContext templateContext, ServletRequest request) throws RedirectException { + super.processTemplate(templateContext, request); + if (request.getMethod() == Method.POST) { + String openId = Default.forNull(request.getServletRequest().getParameter("openid_url"), "").trim(); + templateContext.set("openid_url", openId); + if ("".equals(openId)) { + templateContext.set("error", "openid-empty"); + return; + } + try { + List discoveries = getCore().getConsumerManager().discover(openId); + DiscoveryInformation discoveryInformation = getCore().getConsumerManager().associate(discoveries); + request.getServletRequest().setAttribute("openid-discovery", discoveryInformation); + AuthRequest authRequest = getCore().getConsumerManager().authenticate(discoveryInformation, RETURN_URL); +// if (discoveryInformation.isVersion2()) { +// } else { + throw new RedirectException(authRequest.getDestinationUrl(true)); +// } + } catch (DiscoveryException de1) { + templateContext.set("error", "openid"); + } catch (MessageException me1) { + me1.printStackTrace(); + } catch (ConsumerException ce1) { + ce1.printStackTrace(); + } + } + } + +} diff --git a/src/main/resources/templates/openid b/src/main/resources/templates/openid new file mode 100644 index 0000000..08c2ec7 --- /dev/null +++ b/src/main/resources/templates/openid @@ -0,0 +1,13 @@ +<%include include/header title=="Result of Registration"> + +

Result of Registration

+ +

+ <%if verified> + You have verified successfully as <% openid|html>. + <%else> + You could not verify that you are <% openid|html>. Please register again. + <%/if> +

+ +<%include include/footer> diff --git a/src/main/resources/templates/register b/src/main/resources/templates/register new file mode 100644 index 0000000..0713e6e --- /dev/null +++ b/src/main/resources/templates/register @@ -0,0 +1,23 @@ +<%include include/header title=="Register"> + +

Register

+ +

+ In order to register with demoscenemusic.org you need an + OpenID. You can get it from + scene.org (using + sceneid.net) but the one from e.g. + Google will do fine, too. +

+ +
+

+ OpenID: + +

+

+ +

+
+ +<%include include/footer> diff --git a/src/main/webapp/WEB-INF/web.xml.template b/src/main/webapp/WEB-INF/web.xml.template index b9d19fb..aecdf26 100644 --- a/src/main/webapp/WEB-INF/web.xml.template +++ b/src/main/webapp/WEB-INF/web.xml.template @@ -40,6 +40,14 @@ net.pterodactylus.demoscenemusic.page.ArtistsPage + openid + net.pterodactylus.demoscenemusic.page.OpenIdPage + + + register + net.pterodactylus.demoscenemusic.page.RegisterPage + + track net.pterodactylus.demoscenemusic.page.TrackPage -- 2.7.4