Example usage for org.springframework.security.openid OpenIDConsumerException OpenIDConsumerException

List of usage examples for org.springframework.security.openid OpenIDConsumerException OpenIDConsumerException

  1. HOME
  2. Java
  3. org.springframework
  4. org.springframework.security.openid.*
  5. OpenIDConsumerException
  6. OpenIDConsumerException

Introduction

In this page you can find the example usage for org.springframework.security.openid OpenIDConsumerException OpenIDConsumerException.

Prototype

public OpenIDConsumerException(String message)

Source Link

Usage

From source file:org.mitre.provenance.openid.OpenId4JavaProxyConsumer.java

public OpenIDAuthenticationToken endConsumption(HttpServletRequest request) throws OpenIDConsumerException {
    // extract the parameters from the authentication response
    // (which comes in as a HTTP request from the OpenID provider)
    ParameterList openidResp = new ParameterList(request.getParameterMap());

    // retrieve the previously stored discovery information
    DiscoveryInformation discovered = (DiscoveryInformation) request.getSession()
            .getAttribute(DISCOVERY_INFO_KEY);

    if (discovered == null) {
        throw new OpenIDConsumerException(
                "DiscoveryInformation is not available. Possible causes are lost session or replay attack");
    }//from  ww w  .j  a  v a  2 s.  com

    List<OpenIDAttribute> attributesToFetch = (List<OpenIDAttribute>) request.getSession()
            .getAttribute(ATTRIBUTE_LIST_KEY);

    request.getSession().removeAttribute(DISCOVERY_INFO_KEY);
    request.getSession().removeAttribute(ATTRIBUTE_LIST_KEY);

    // extract the receiving URL from the HTTP request
    StringBuffer receivingURL = request.getRequestURL();
    String queryString = request.getQueryString();

    if (StringUtils.hasLength(queryString)) {
        receivingURL.append("?").append(request.getQueryString());
    }

    // verify the response
    VerificationResult verification;

    try {
        verification = consumerManager.verify(receivingURL.toString(), openidResp, discovered);
    } catch (MessageException e) {
        throw new OpenIDConsumerException("Error verifying openid response", e);
    } catch (DiscoveryException e) {
        throw new OpenIDConsumerException("Error verifying openid response", e);
    } catch (AssociationException e) {
        throw new OpenIDConsumerException("Error verifying openid response", e);
    }

    // examine the verification result and extract the verified identifier
    Identifier verified = verification.getVerifiedId();

    if (verified == null) {
        Identifier id = discovered.getClaimedIdentifier();
        return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE,
                id == null ? "Unknown" : id.getIdentifier(),
                "Verification status message: [" + verification.getStatusMsg() + "]",
                Collections.<OpenIDAttribute>emptyList());
    }

    List<OpenIDAttribute> attributes = fetchAxAttributes(verification.getAuthResponse(), attributesToFetch);

    return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, verified.getIdentifier(),
            "some message", attributes);
}