`
sillycat
  • 浏览: 2552715 次
  • 性别: Icon_minigender_1
  • 来自: 成都
社区版块
存档分类
最新评论

Dealing with OpenId(I)

阅读更多
Dealing with OpenId(I)

1. download the openid4java packages.
the file name is openid4java-full-0.9.5.593.tar.gz
unzip and find the directory openid4java-0.9.5.593/samples/simple-openid

try to run the simple sample with my maven

>mvn jetty:run

try the URL http://localhost:8080/simple-openid/

type in the OpenId:
https://www.google.com/accounts/o8/id

We can have this sample.

2. Try the demo consumer-servlet
We can authenticate successfully, but we can not fetch the data from google site.

3. Try to make a easyopenid project.
ivy.xml:
<!-- commons -->
<dependency org="commons-logging" name="commons-logging" rev="1.1.1" />
<dependency org="commons-httpclient" name="commons-httpclient" rev="3.1" />
<dependency org="commons-codec" name="commons-codec" rev="1.4" />
<!--  openid -->
<dependency org="org/openid4java" name="openid4java-nodeps" rev="0.9.5" />
<!--  spring -->
<dependency org="org/springframework" name="spring-web" rev="3.0.5.RELEASE"/>
<dependency org="org/springframework" name="spring-context" rev="3.0.5.RELEASE"/>
<dependency org="org/springframework" name="spring-beans" rev="3.0.5.RELEASE"/>
<dependency org="org/springframework" name="spring-core" rev="3.0.5.RELEASE"/>
<dependency org="org/springframework" name="spring-asm" rev="3.0.5.RELEASE"/>
<dependency org="org/springframework" name="spring-expression" rev="3.0.5.RELEASE"/>
<!--  log4j -->
<dependency org="log4j" name="log4j" rev="1.2.16" />
<!--  jstl -->
<dependency org="jstl" name="jstl" rev="1.1.2" />
<dependency org="taglibs" name="standard" rev="1.1.2" />

servlet in web.xml:
<servlet>
<servlet-name>Consumer Servlet</servlet-name>
<servlet-class>com.sillycat.easyopenid.ConsumerServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>Consumer Servlet</servlet-name>
<url-pattern>/consumer</url-pattern>
</servlet-mapping>

My servlet class(only can be used in google OPENID API):
package com.sillycat.easyopenid;

import java.io.IOException;
import java.util.Iterator;
import java.util.List;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.openid4java.OpenIDException;
import org.openid4java.consumer.ConsumerException;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.InMemoryConsumerAssociationStore;
import org.openid4java.consumer.InMemoryNonceVerifier;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.MessageExtension;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.openid4java.message.sreg.SRegMessage;
import org.openid4java.message.sreg.SRegRequest;
import org.openid4java.message.sreg.SRegResponse;

public class ConsumerServlet extends javax.servlet.http.HttpServlet {

private static final long serialVersionUID = -5998885243419513055L;

private final Log log = LogFactory.getLog(this.getClass());

private ServletContext context;

private ConsumerManager manager;

public void init(ServletConfig config) throws ServletException {
super.init(config);

context = config.getServletContext();

log.debug("context: " + context);

try {
// --- Forward proxy setup (only if needed) ---
// ProxyProperties proxyProps = new ProxyProperties();
// proxyProps.setProxyName("proxy.example.com");
// proxyProps.setProxyPort(8080);
// HttpClientFactory.setProxyProperties(proxyProps);
this.manager = new ConsumerManager();
manager.setAssociations(new InMemoryConsumerAssociationStore());
manager.setNonceVerifier(new InMemoryNonceVerifier(5000));
} catch (ConsumerException e) {
throw new ServletException(e);
}
}

protected void doGet(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
doPost(req, resp);
}

protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
if ("true".equals(req.getParameter("is_return"))) {
processReturn(req, resp);
} else {
String identifier = req.getParameter("openid_identifier");
if (identifier != null) {
this.authRequest(identifier, req, resp);
} else {
this.getServletContext().getRequestDispatcher("/index.jsp")
.forward(req, resp);
}
}
}

private void processReturn(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {
Identifier identifier = this.verifyResponse(req);
log.debug("identifier: " + identifier);
if (identifier == null) {
this.getServletContext().getRequestDispatcher("/index.jsp")
.forward(req, resp);
} else {
req.setAttribute("identifier", identifier.getIdentifier());

this.getServletContext().getRequestDispatcher("/return.jsp")
.forward(req, resp);
}
}

// --- placing the authentication request ---
public String authRequest(String userSuppliedString,
HttpServletRequest httpReq, HttpServletResponse httpResp)
throws IOException, ServletException {
try {
// configure the return_to URL where your application will receive
// the authentication responses from the OpenID provider
// String returnToUrl = "http://example.com/openid";
String returnToUrl = httpReq.getRequestURL().toString()
+ "?is_return=true";

// perform discovery on the user-supplied identifier
List<?> discoveries = manager.discover(userSuppliedString);

// attempt to associate with the OpenID provider
// and retrieve one service endpoint for authentication
DiscoveryInformation discovered = manager.associate(discoveries);

// store the discovery information in the user's session
httpReq.getSession().setAttribute("openid-disc", discovered);

// obtain a AuthRequest message to be sent to the OpenID provider
AuthRequest authReq = manager.authenticate(discovered, returnToUrl);

// Attribute Exchange example: fetching the 'email' attribute
FetchRequest fetch = FetchRequest.createFetchRequest();
SRegRequest sregReq = SRegRequest.createFetchRequest();

if ("1".equals(httpReq.getParameter("nickname"))) {
fetch.addAttribute("nickname",
"http://axschema.org/namePerson/last", true);
sregReq.addAttribute("nickname", true);
}
if ("1".equals(httpReq.getParameter("email"))) {
fetch.addAttribute("email",
"http://schema.openid.net/contact/email", true);
sregReq.addAttribute("email", true);
}
if ("1".equals(httpReq.getParameter("fullname"))) {
fetch.addAttribute("fullname",
"http://axschema.org/namePerson/first", true);
sregReq.addAttribute("fullname", true);
}
if ("1".equals(httpReq.getParameter("country"))) {
fetch.addAttribute("country",
"http://axschema.org/contact/country/home", true);
sregReq.addAttribute("country", true);
}
if ("1".equals(httpReq.getParameter("language"))) {
fetch.addAttribute("language",
"http://axschema.org/pref/language", true);
sregReq.addAttribute("language", true);
}

// attach the extension to the authentication request
if (!sregReq.getAttributes().isEmpty()
|| !fetch.getAttributes().isEmpty()) {
authReq.addExtension(sregReq);
authReq.addExtension(fetch);
}

if (!discovered.isVersion2()) {
// Option 1: GET HTTP-redirect to the OpenID Provider endpoint
// The only method supported in OpenID 1.x
// redirect-URL usually limited ~2048 bytes
httpResp.sendRedirect(authReq.getDestinationUrl(true));
return null;
} else {
// Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

RequestDispatcher dispatcher = getServletContext()
.getRequestDispatcher("/formredirection.jsp");
httpReq.setAttribute("prameterMap", httpReq.getParameterMap());
httpReq.setAttribute("message", authReq);
// httpReq.setAttribute("destinationUrl", httpResp
// .getDestinationUrl(false));
dispatcher.forward(httpReq, httpResp);
}
} catch (OpenIDException e) {
// present error to the user
e.printStackTrace();
}

return null;
}

// --- processing the authentication response ---
public Identifier verifyResponse(HttpServletRequest httpReq) {
try {
// extract the parameters from the authentication response
// (which comes in as a HTTP request from the OpenID provider)
ParameterList response = new ParameterList(
httpReq.getParameterMap());

// retrieve the previously stored discovery information
DiscoveryInformation discovered = (DiscoveryInformation) httpReq
.getSession().getAttribute("openid-disc");

// extract the receiving URL from the HTTP request
StringBuffer receivingURL = httpReq.getRequestURL();
String queryString = httpReq.getQueryString();
if (queryString != null && queryString.length() > 0)
receivingURL.append("?").append(httpReq.getQueryString());

// verify the response; ConsumerManager needs to be the same
// (static) instance used to place the authentication request
VerificationResult verification = manager.verify(
receivingURL.toString(), response, discovered);

// examine the verification result and extract the verified
// identifier
Identifier verified = verification.getVerifiedId();
if (verified != null) {
AuthSuccess authSuccess = (AuthSuccess) verification
.getAuthResponse();

if (authSuccess.hasExtension(SRegMessage.OPENID_NS_SREG)) {
MessageExtension ext = authSuccess
.getExtension(SRegMessage.OPENID_NS_SREG);
if (ext instanceof SRegResponse) {
SRegResponse sregResp = (SRegResponse) ext;
for (Iterator<?> iter = sregResp.getAttributeNames()
.iterator(); iter.hasNext();) {
String name = (String) iter.next();
String value = sregResp.getParameterValue(name);
httpReq.setAttribute(name, value);
}
}
}
if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
FetchResponse fetchResp = (FetchResponse) authSuccess
.getExtension(AxMessage.OPENID_NS_AX);

List<?> aliases = fetchResp.getAttributeAliases();
for (Iterator<?> iter = aliases.iterator(); iter.hasNext();) {
String alias = (String) iter.next();
List<?> values = fetchResp.getAttributeValues(alias);
if (values.size() > 0) {
log.debug(alias + " : " + values.get(0));
httpReq.setAttribute(alias, values.get(0));
}
}
}

return verified; // success
}
} catch (OpenIDException e) {
e.printStackTrace();
// present error to the user
}
return null;
}
}


references:
http://www.blogjava.net/i369/articles/238670.html
http://code.google.com/p/openid4java/
http://code.google.com/p/openid4java/wiki/SRegHowTo
http://code.google.com/p/openid4java/wiki/SampleConsumer
http://www.bookfm.com/discussion/discussionview.html?did=100647
http://code.google.com/apis/accounts/docs/OpenID.html

分享到:
评论

相关推荐

    八年级英语Dealing with troublePPT课件.pptx

    这篇PPT课件是针对八年级英语教学的内容,主题为“应对困难”(Dealing with trouble)。通过一系列的填空练习和情景模拟,旨在帮助学生掌握如何在不同情况下正确处理问题,尤其是面对紧急情况时的应对策略。以下是...

    Dealing with Undesirable Outputs in DEA: A Slacks-based Measure(SBM) Approach

    在进行数据包络分析(Data Envelopment Analysis, DEA)研究时,经常需要面对的问题之一是如何处理非期望产出(undesirable outputs)。传统DEA模型在处理生产效率分析时通常假设决策单元(Decision Making Units, ...

    Image Processing:Dealing With Texture

    《图像处理:处理纹理》是图像处理领域内一部权威性的著作,由Maria Petrou和Pedro Garcia Sevilla两位学者共同编写,他们分别来自英国伦敦帝国理工学院和西班牙卡斯特利翁的Jaume I大学。该书由全球知名的学术出版...

    r scripts for dealing with mturk survey

    R scripts for dealing with mturk

    Dealing with stress.doc

    "Dealing With Stress" 这个主题的工作坊就是为此而设,旨在帮助参与者理解和管理他们面临的压力。 首先,我们要理解压力的来源。在大学生活中,学生面临的主要压力源包括: 1. **学术压力**:大学课程繁重,报告...

    Chapter 3 Dealing with trouble测试题2.doc

    Chapter 3 Dealing with trouble测试题2.doc

    dealing with hard people

    "Dealing with Hard People"这一主题,虽然看似不直接涉及技术,但它实际上对提升工作效率和团队协作至关重要。在这个知识领域,我们将深入探讨如何在复杂的职场环境中处理人际关系,特别是那些难缠的人物。 首先,...

    Dealing_With_Difficult_People (en)

    - - 与人交往中注意的一些容易被跳过的细节.以及基础理论分析与人交往出现的情况.

    一个进行 Unicode 相关字符串转换的易语言库 An Eyuyan library dealing with Unicode string conversion.zip

    An Eyuyan library dealing with Unicode string conversion.Unicode-Eyuyan一个进行 Unicode 相关字符串转换的易语言库。一个处理 Unicode 字符串转换的 Eyuyan 库。背景 Background易语言是一个面向初学者的编程...

    Dealing with Audio Ground Loops

    音频地环回问题详解 音频地环回是音频系统中常见的问题,主要由于不同设备通过不同的路径连接到共同的地线而产生。这种多路径接地方式实际上就像一个天线,会拾取并引入干扰。当地环回发生时,地线(通常是屏蔽层)...

    八年级英语Dealing with troublePPT学习教案.pptx

    这篇PPT学习教案是针对八年级英语的一课,主题为"Dealing with trouble",旨在帮助学生学习如何处理各种突发状况。以下是对其中涉及的知识点的详细解释: 1. **词汇与短语**: - **hurry**:匆忙,表示动作迅速。 ...

    处理不均衡数据 (深度学习)! Dealing with imbalanced data (deep learning)

    处理不均衡数据_(深度学习)!_Dealing_with_imbalanced_data_(deep_learning)

    ASTM E178 - 21 Standard Practice for Dealing With Outlying Obser

    标题中的"ASTM E178 - 21"指的是美国材料与...通过阅读提供的"ASTM E178 - 21 Standard Practice for Dealing With Outlying Observations - 完整英文版(11页).pdf"文件,可以深入学习这一标准的细节和具体实施步骤。

    MFC dealing with window size_IntheFrame_MFC实例_

    在Microsoft Foundation Class (MFC)库中,"MFC dealing with window size_IntheFrame_MFC实例_" 主题涉及如何在框架窗口(Frame Window)中管理子窗口(Subwindow)的大小。MFC是C++的一个类库,它为Windows应用...

    Introduction to Mathematica with Applications

    A chapter on several sorting algorithmsFunctions (planar and solid) with many interesting examplesOrdinary differential equationsAdvantages of Mathematica® dealing with the Pi numberThe power of ...

    【Dealing with Data, User Defaults, SQLite, Web Services】[PDF] [iPhone/iPad/iOS]

    标题与描述中提到的知识点主要围绕在iOS应用开发中如何处理数据、用户默认设置(User Defaults)、SQLite数据库以及网络服务(Web Services)。以下是对这些关键概念的深入解析: ### 处理iOS应用中的数据 ...

    Pro Android with Kotlin

    There are chapters dealing with all the important aspects of the Android platform, including GUI design, file- and data-handling, coping with phone calls, multimedia apps, interaction with location ...

    071431_VB_picture_dealing_with.rar_vb matlab

    标题中的"071431_VB_picture_dealing_with.rar_vb matlab"指的是一个关于VB(Visual Basic)和MATLAB结合使用的图像处理压缩包。这个压缩包可能包含了一系列的VB代码和MATLAB脚本,用于图像的导入、处理和分析。 在...

    Multi-Label classification: Dealing with Imbalance by Combining Labels

    ### 多标签分类:通过合并标签处理不平衡问题 #### 摘要与介绍 本文讨论了一个在多标签分类(Multi-Label Classification, MLC)领域中的常见问题——数据不平衡,并提出了一种新颖的方法来解决这一难题。...

    Data Wrangling with JavaScript

    Chapter 7 Dealing With Huge Data Files Chapter 8 Working With A Mountain Of Data Chapter 9 Practical Data Analysis Chapter 10 Browser-Based Visualization Chapter 11 Server-Side Visualization Chapter ...

Global site tag (gtag.js) - Google Analytics