Example usage for org.springframework.security.openid OpenIDAuthenticationStatus FAILURE

List of usage examples for org.springframework.security.openid OpenIDAuthenticationStatus FAILURE

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.openid.*
  5. OpenIDAuthenticationStatus
  6. FAILURE

Introduction

In this page you can find the example usage for org.springframework.security.openid OpenIDAuthenticationStatus FAILURE.

Prototype

OpenIDAuthenticationStatus FAILURE

To view the source code for org.springframework.security.openid OpenIDAuthenticationStatus FAILURE.

Click Source Link

Document

This code indicates a failed authentication request

Usage

From source file:org.mitre.provenance.openid.OpenId4JavaProxyConsumer.java

public OpenIDAuthenticationToken endConsumption(HttpServletRequest request) throws OpenIDConsumerException {
    // extract the parameters from the authentication response
    // (which comes in as a HTTP request from the OpenID provider)
    ParameterList openidResp = new ParameterList(request.getParameterMap());

    // retrieve the previously stored discovery information
    DiscoveryInformation discovered = (DiscoveryInformation) request.getSession()
            .getAttribute(DISCOVERY_INFO_KEY);

    if (discovered == null) {
        throw new OpenIDConsumerException(
                "DiscoveryInformation is not available. Possible causes are lost session or replay attack");
    }//from ww w.ja  v  a2  s  .c  o m

    List<OpenIDAttribute> attributesToFetch = (List<OpenIDAttribute>) request.getSession()
            .getAttribute(ATTRIBUTE_LIST_KEY);

    request.getSession().removeAttribute(DISCOVERY_INFO_KEY);
    request.getSession().removeAttribute(ATTRIBUTE_LIST_KEY);

    // extract the receiving URL from the HTTP request
    StringBuffer receivingURL = request.getRequestURL();
    String queryString = request.getQueryString();

    if (StringUtils.hasLength(queryString)) {
        receivingURL.append("?").append(request.getQueryString());
    }

    // verify the response
    VerificationResult verification;

    try {
        verification = consumerManager.verify(receivingURL.toString(), openidResp, discovered);
    } catch (MessageException e) {
        throw new OpenIDConsumerException("Error verifying openid response", e);
    } catch (DiscoveryException e) {
        throw new OpenIDConsumerException("Error verifying openid response", e);
    } catch (AssociationException e) {
        throw new OpenIDConsumerException("Error verifying openid response", e);
    }

    // examine the verification result and extract the verified identifier
    Identifier verified = verification.getVerifiedId();

    if (verified == null) {
        Identifier id = discovered.getClaimedIdentifier();
        return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE,
                id == null ? "Unknown" : id.getIdentifier(),
                "Verification status message: [" + verification.getStatusMsg() + "]",
                Collections.<OpenIDAttribute>emptyList());
    }

    List<OpenIDAttribute> attributes = fetchAxAttributes(verification.getAuthResponse(), attributesToFetch);

    return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, verified.getIdentifier(),
            "some message", attributes);
}