List of usage examples for org.springframework.security.openid OpenIDAttribute getName
public String getName()
From source file:org.opendatakit.common.security.spring.WrappingOpenIDAuthenticationProvider.java
@Override protected Authentication createSuccessfulAuthentication(UserDetails rawUserDetails, OpenIDAuthenticationToken auth) { String eMail = null;/*from w ww .java 2s . com*/ List<OpenIDAttribute> oAttrList = auth.getAttributes(); for (OpenIDAttribute oAttr : oAttrList) { if ("email".equals(oAttr.getName())) { Object o = oAttr.getValues().get(0); if (o != null) { eMail = (String) o; } } } if (eMail == null) { logger.warn("OpenId attributes did not include an e-mail address! "); throw new UsernameNotFoundException("email address not supplied in OpenID attributes"); } eMail = WrappingOpenIDAuthenticationProvider.normalizeMailtoAddress(eMail); String mailtoDomain = WrappingOpenIDAuthenticationProvider.getMailtoDomain(eMail); UserDetails userDetails = rawUserDetails; Set<GrantedAuthority> authorities = new HashSet<GrantedAuthority>(); authorities.addAll(userDetails.getAuthorities()); // add the AUTH_OPENID granted authority, authorities.add(new SimpleGrantedAuthority(GrantedAuthorityName.AUTH_OPENID.toString())); // attempt to look user up in registered users table... String username = null; UserDetails partialDetails = null; boolean noRights = false; try { partialDetails = wrappingUserDetailsService.loadUserByUsername(eMail); // found the user in the table -- fold in authorizations and get uriUser. authorities.addAll(partialDetails.getAuthorities()); // users are blacklisted by registering them and giving them no rights. noRights = partialDetails.getAuthorities().isEmpty(); username = partialDetails.getUsername(); } catch (Exception e) { e.printStackTrace(); logger.warn("OpenId attribute e-mail: " + eMail + " did not match any known e-mail addresses! " + e.getMessage()); throw new UsernameNotFoundException("account not recognized"); } AggregateUser trueUser = new AggregateUser(username, partialDetails.getPassword(), UUID.randomUUID().toString(), // junk... mailtoDomain, partialDetails.isEnabled(), partialDetails.isAccountNonExpired(), partialDetails.isCredentialsNonExpired(), partialDetails.isAccountNonLocked(), authorities); if (noRights || !(trueUser.isEnabled() && trueUser.isAccountNonExpired() && trueUser.isAccountNonLocked())) { logger.warn("OpenId attribute e-mail: " + eMail + " account is blocked! "); throw new UsernameNotFoundException("account is blocked"); } return new OpenIDAuthenticationToken(trueUser, trueUser.getAuthorities(), auth.getIdentityUrl(), auth.getAttributes()); }
From source file:org.springframework.security.openid.OpenID4JavaConsumer.java
List<OpenIDAttribute> fetchAxAttributes(Message authSuccess, List<OpenIDAttribute> attributesToFetch)
throws OpenIDConsumerException {
if (attributesToFetch == null || !authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
return Collections.emptyList();
}// w w w . j a v a 2 s .c o m
logger.debug("Extracting attributes retrieved by attribute exchange");
List<OpenIDAttribute> attributes = Collections.emptyList();
try {
MessageExtension ext = authSuccess.getExtension(AxMessage.OPENID_NS_AX);
if (ext instanceof FetchResponse) {
FetchResponse fetchResp = (FetchResponse) ext;
attributes = new ArrayList<>(attributesToFetch.size());
for (OpenIDAttribute attr : attributesToFetch) {
List<String> values = fetchResp.getAttributeValues(attr.getName());
if (!values.isEmpty()) {
OpenIDAttribute fetched = new OpenIDAttribute(attr.getName(), attr.getType(), values);
fetched.setRequired(attr.isRequired());
attributes.add(fetched);
}
}
}
} catch (MessageException e) {
throw new OpenIDConsumerException("Attribute retrieval failed", e);
}
if (logger.isDebugEnabled()) {
logger.debug("Retrieved attributes" + attributes);
}
return attributes;
}