Author: fmeschbe
Date: Wed Jan 6 10:10:46 2010
New Revision: 896366
URL: http://svn.apache.org/viewvc?rev=896366&view=rev
Log:
SLING-1265 Adapt to new AuthenticationHandler API and replace SimpleCredentials
credentials with specific (private) OpenID credentials class directly conveying
the OpenID user to the LoginModule.
Added:
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
(with props)
Modified:
sling/trunk/bundles/extensions/openidauth/pom.xml
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
Modified: sling/trunk/bundles/extensions/openidauth/pom.xml
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/pom.xml?rev=896366&r1=896365&r2=896366&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/openidauth/pom.xml (original)
+++ sling/trunk/bundles/extensions/openidauth/pom.xml Wed Jan 6 10:10:46 2010
@@ -116,11 +116,23 @@
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.api</artifactId>
<version>2.0.8</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>javax.jcr</groupId>
+ <artifactId>jcr</artifactId>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.commons.auth</artifactId>
+ <version>0.9.0-SNAPSHOT</version>
+ <scope>provided</scope>
</dependency>
<dependency>
<groupId>org.apache.sling</groupId>
- <artifactId>org.apache.sling.engine</artifactId>
- <version>2.0.6</version>
+ <artifactId>org.apache.sling.commons.osgi</artifactId>
+ <version>2.0.4-incubator</version>
+ <scope>provided</scope>
</dependency>
<dependency>
<groupId>commons-codec</groupId>
@@ -167,6 +179,7 @@
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.jcr.jackrabbit.server</artifactId>
<version>2.0.5-SNAPSHOT</version>
+ <scope>provided</scope>
</dependency>
</dependencies>
</project>
Modified:
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java?rev=896366&r1=896365&r2=896366&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
(original)
+++
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
Wed Jan 6 10:10:46 2010
@@ -27,20 +27,18 @@
import javax.jcr.Credentials;
import javax.jcr.RepositoryException;
import javax.jcr.Session;
-import javax.jcr.SimpleCredentials;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.login.FailedLoginException;
import javax.security.auth.login.LoginException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
+import org.apache.sling.commons.auth.spi.AuthenticationHandler;
+import org.apache.sling.commons.auth.spi.AuthenticationInfo;
import org.apache.sling.commons.osgi.OsgiUtil;
-import org.apache.sling.engine.auth.AuthenticationHandler;
-import org.apache.sling.engine.auth.AuthenticationInfo;
import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin;
import org.apache.sling.openidauth.OpenIDConstants;
-import org.apache.sling.openidauth.OpenIDUserUtil;
import org.apache.sling.openidauth.OpenIDConstants.OpenIDFailure;
import org.osgi.service.component.ComponentContext;
import org.slf4j.Logger;
@@ -250,14 +248,7 @@
*/
public AuthenticationInfo authenticate(HttpServletRequest request,
HttpServletResponse response) {
-
- // extract credentials and return
- AuthenticationInfo info = this.extractAuthentication(request,
response);
- if (info != null) {
- return info;
- }
-
- return null;
+ return this.extractAuthentication(request, response);
}
/**
@@ -310,6 +301,22 @@
return true;
}
+ /**
+ * Invalidates the request with the Relying Party if a user is actually
+ * available for the request.
+ */
+ public void dropAuthentication(HttpServletRequest request,
+ HttpServletResponse response) {
+ try {
+ final OpenIdUser user = relyingParty.discover(request);
+ if (user != null) {
+ relyingParty.invalidate(request, response);
+ }
+ } catch (Exception e) {
+ log.warn("dropAuthentication: Problem checking whether the user is
logged in at all, assuming not logged in and therefore not logging out");
+ }
+ }
+
protected AuthenticationInfo handleAuthFailure(OpenIDFailure failure,
HttpServletRequest request, HttpServletResponse response)
throws IOException {
@@ -479,11 +486,12 @@
request);
}
- if(accessAuthPageAnon) {
- // Causes anonymous login
- // but does not respect
SlingAuthenticator allowAnonymous
- return new
AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE, null);
- }
+ if (accessAuthPageAnon) {
+ // Causes anonymous login but does not respect
+ // SlingAuthenticator allowAnonymous
+ return new AuthenticationInfo(
+ OpenIDConstants.OPEN_ID_AUTH_TYPE);
+ }
}
}
}
@@ -572,17 +580,15 @@
}
private AuthenticationInfo getAuthInfoFromUser(OpenIdUser user) {
- String jcrId = OpenIDUserUtil.getPrincipalName(user.getIdentity());
-
- SimpleCredentials creds = new SimpleCredentials(jcrId,new char[0]);
- creds.setAttribute(getClass().getName(), user);
- return new AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE,
creds);
+ final AuthenticationInfo info = new
AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE);
+ info.setCredentials(new OpenIdCredentials(user));
+ return info;
}
public boolean canHandle(Credentials credentials) {
- if(credentials != null && credentials instanceof
SimpleCredentials) {
- SimpleCredentials sc = (SimpleCredentials)credentials;
- OpenIdUser user =
(OpenIdUser)sc.getAttribute(getClass().getName());
+ if(credentials instanceof OpenIdCredentials) {
+ OpenIdCredentials creds = (OpenIdCredentials)credentials;
+ OpenIdUser user = creds.getUser();
if(user != null) {
return user.isAssociated();
}
@@ -602,12 +608,12 @@
}
public Principal getPrincipal(Credentials credentials) {
- if(credentials != null && credentials instanceof
SimpleCredentials) {
- SimpleCredentials sc = (SimpleCredentials)credentials;
- OpenIdUser user =
(OpenIdUser)sc.getAttribute(getClass().getName());
- if(user != null) {
- return new OpenIDPrincipal(user);
- }
+ if(credentials instanceof OpenIdCredentials) {
+ OpenIdCredentials creds = (OpenIdCredentials) credentials;
+ OpenIdUser user = creds.getUser();
+ if (user != null) {
+ return new OpenIDPrincipal(user);
+ }
}
return null;
}
Modified:
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java?rev=896366&r1=896365&r2=896366&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
(original)
+++
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
Wed Jan 6 10:10:46 2010
@@ -22,8 +22,6 @@
import javax.jcr.Credentials;
import javax.jcr.RepositoryException;
-import javax.jcr.SimpleCredentials;
-
import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
import org.apache.sling.openidauth.OpenIDUserUtil;
@@ -32,20 +30,19 @@
public class OpenIDAuthenticationPlugin implements AuthenticationPlugin {
private Principal principal;
-
+
public OpenIDAuthenticationPlugin(Principal p) {
this.principal = p;
}
-
+
public boolean authenticate(Credentials credentials)
throws RepositoryException {
- if(credentials instanceof SimpleCredentials) {
- OpenIdUser user =
(OpenIdUser)((SimpleCredentials)credentials)
-
.getAttribute(OpenIDAuthenticationHandler.class.getName());
+ if(credentials instanceof OpenIdCredentials) {
+ OpenIdUser user = ((OpenIdCredentials) credentials).getUser();
if(user != null) {
return principal.getName().equals(
OpenIDUserUtil.getPrincipalName(
-
user.getIdentity())) &&
+
user.getIdentity())) &&
user.isAuthenticated();
}
}
Added:
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java?rev=896366&view=auto
==============================================================================
---
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
(added)
+++
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
Wed Jan 6 10:10:46 2010
@@ -0,0 +1,30 @@
+/*
+ * Copyright 1997-2010 Day Management AG
+ * Barfuesserplatz 6, 4001 Basel, Switzerland
+ * All Rights Reserved.
+ *
+ * This software is the confidential and proprietary information of
+ * Day Management AG, ("Confidential Information"). You shall not
+ * disclose such Confidential Information and shall use it only in
+ * accordance with the terms of the license agreement you entered into
+ * with Day.
+ */
+package org.apache.sling.openidauth.impl;
+
+import javax.jcr.Credentials;
+
+import com.dyuproject.openid.OpenIdUser;
+
+...@suppresswarnings("serial")
+class OpenIdCredentials implements Credentials {
+
+ private final OpenIdUser user;
+
+ public OpenIdCredentials(final OpenIdUser user) {
+ this.user = user;
+ }
+
+ public OpenIdUser getUser() {
+ return user;
+ }
+}
Propchange:
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
------------------------------------------------------------------------------
svn:keywords = Author Date Id Revision Rev Url
