List of usage examples for org.springframework.security.openid OpenIDAuthenticationToken getPrincipal
public Object getPrincipal()
From source file:grails.plugin.springsecurity.openid.OpenIdAuthenticationFailureHandler.java
@Override public void onAuthenticationFailure(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException exception) throws IOException, ServletException { if (exception.getMessage().contains("Unable to process claimed identity")) { //TODO Not the best way super.onAuthenticationFailure(request, response, new InvalidOpenidEndpoint(exception)); return;// w w w. j av a 2 s. c om } boolean createMissingUsers = Boolean.TRUE .equals(ReflectionUtils.getConfigProperty("openid.registration.autocreate")); if (!createMissingUsers || !isSuccessfulLoginUnknownUser(exception)) { super.onAuthenticationFailure(request, response, exception); return; } OpenIDAuthenticationToken authentication = (OpenIDAuthenticationToken) exception.getAuthentication(); request.getSession().setAttribute(LAST_OPENID_USERNAME, authentication.getPrincipal().toString()); request.getSession().setAttribute(LAST_OPENID_ATTRIBUTES, extractAttrsWithValues(authentication)); String createAccountUri = (String) ReflectionUtils .getConfigProperty("openid.registration.createAccountUri"); getRedirectStrategy().sendRedirect(request, response, createAccountUri); }
From source file:org.mitre.provenance.openid.OpenIDInterceptorFilter.java
/** * Handle turning an OpenID (2) token into a user. *//*from w w w.j av a 2 s .com*/ protected User handle(OpenIDAuthenticationToken oidToken) { String oid2UniqueId = oidToken.getName(); System.err.println("FILTER: OpenID2 Token ID " + oid2UniqueId + " cred " + oidToken.getCredentials() + " details " + oidToken.getDetails() + " principal " + oidToken.getPrincipal() + " message " + oidToken.getMessage()); User existingUser = null; try { PLUSActor a = Neo4JPLUSObjectFactory.getActor(oid2UniqueId); if (a instanceof User) existingUser = (User) a; } catch (PLUSException exc) { log.severe("Could not load actor by ID " + oid2UniqueId); exc.printStackTrace(); } if (existingUser != null) { // System.err.println("FILTER: OpenID2 existing user " + existingUser); return existingUser; } else { List<OpenIDAttribute> attributes = oidToken.getAttributes(); System.err.println("FILTER: OpenID2 new user with " + attributes.size() + " attributes."); String oid2DisplayName = null; String oid2FirstName = null; String oid2LastName = null; String email = null; for (OpenIDAttribute attr : attributes) { String attrName = attr.getName(); StringBuffer vals = new StringBuffer(""); for (String val : attr.getValues()) vals.append(val + "/"); System.err.println("OPEN ID ATTRIBUTE: " + attrName + " type " + attr.getType() + " vals " + vals); if (attrName.equals("name")) { //This is the OpenID 2.0 display name. //OpenID 2.0 Attribute Exchange (AX) is a little finicky, so this value //may not be populated or may be stored uner a different attribute name. oid2DisplayName = attr.getValues().get(0); } else if (attrName.equals("firstName")) { oid2FirstName = attr.getValues().get(0); } else if (attrName.equals("lastName")) { oid2LastName = attr.getValues().get(0); } else if (attrName.equals("email")) { email = attr.getValues().get(0); } } if (oid2DisplayName == null) { // Google sends first and last rather than "name" oid2DisplayName = oid2FirstName + oid2LastName; } OpenIDUser oid2User = new OpenIDUser(oid2UniqueId, (oid2DisplayName != null) ? oid2DisplayName : "Name Not Provided"); oid2User.setEmail(email); // TODO: Remove oid2User.addPrivilege(PrivilegeClass.ADMIN); oid2User.addPrivilege(PrivilegeClass.PUBLIC); try { if (client.actorExists(oid2User.getId()) == null) client.report(ProvenanceCollection.collect(oid2User)); } catch (PLUSException exc) { log.severe("Could not save new user entry " + oid2User); exc.printStackTrace(); } System.err.println("FILTER: set new OpenID2 user " + oid2User); return oid2User; } }
From source file:org.mitre.provenance.openid.OpenIDInterceptorFilter.java
public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; HttpSession session = httpRequest.getSession(); Authentication auth = SecurityContextHolder.getContext().getAuthentication(); //Only proceed if we have a logged-in user AND there is no PlusUser in the request //already. /* www. ja va 2s . c o m*/ if (auth != null && session.getAttribute(PLUS_USER) == null) { System.err.println("FILTER: checking auth type"); //If OpenID Connect: if (auth instanceof OIDCAuthenticationToken) { System.err.println("FILTER: OIDC"); User user = handle((OIDCAuthenticationToken) auth); session.setAttribute(PLUS_USER, user); } else if (auth instanceof OpenIDAuthenticationToken) { OpenIDAuthenticationToken oidToken = (OpenIDAuthenticationToken) auth; String oid2UniqueId = oidToken.getName(); System.err.println("FILTER: OpenID2 Token ID " + oid2UniqueId + " cred " + oidToken.getCredentials() + " details " + oidToken.getDetails() + " principal " + oidToken.getPrincipal() + " message " + oidToken.getMessage()); User user = handle(oidToken); session.setAttribute(PLUS_USER, user); } else log.warning("Unrecognized token " + auth.getClass().getName()); } //Continue the filter chain filterChain.doFilter(httpRequest, response); }
From source file:org.bibsonomy.webapp.util.spring.security.rememberMeServices.OpenIDRememberMeServices.java
@Override protected void onLoginSuccess(final HttpServletRequest request, final HttpServletResponse response, final Authentication successfulAuthentication) { if (successfulAuthentication instanceof OpenIDAuthenticationToken) { final OpenIDAuthenticationToken token = (OpenIDAuthenticationToken) successfulAuthentication; final Object principal = token.getPrincipal(); if (principal instanceof UserDetails) { final UserDetails userDetails = (UserDetails) principal; final String username = userDetails.getUsername(); final String openID = token.getIdentityUrl(); final int tokenLifetime = this.getTokenValiditySeconds(); final long expiryTime = this.calculateExpiryTime(tokenLifetime); final String signatureValue = this .makeTokenSignature(new String[] { Long.toString(expiryTime), username, openID }); this.setCookie(new String[] { openID, username, Long.toString(expiryTime), signatureValue }, tokenLifetime, request, response); if (log.isDebugEnabled()) { log.debug("Added remember-me cookie for user '" + username + "', expiry: '" + new Date(expiryTime) + "'"); }//w w w . j a v a 2 s . c om } } }