Author: prabath
Date: Fri Jan 25 00:51:13 2008
New Revision: 12879
Log:
override the openid4java functionality to fix an issue associated with when
using normal OpenID together with OpenIDInfoCards
Added:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIDServerManager.java
Added:
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIDServerManager.java
==============================================================================
--- (empty file)
+++
trunk/solutions/identity/modules/identity-provider/src/main/java/org/wso2/solutions/identity/openid/OpenIDServerManager.java
Fri Jan 25 00:51:13 2008
@@ -0,0 +1,93 @@
+package org.wso2.solutions.identity.openid;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.openid4java.OpenIDException;
+import org.openid4java.association.Association;
+import org.openid4java.association.AssociationException;
+import org.openid4java.association.AssociationSessionType;
+import org.openid4java.association.DiffieHellmanSession;
+import org.openid4java.message.AssociationError;
+import org.openid4java.message.AssociationRequest;
+import org.openid4java.message.AssociationResponse;
+import org.openid4java.message.Message;
+import org.openid4java.message.ParameterList;
+import org.openid4java.server.ServerManager;
+
+public class OpenIDServerManager extends ServerManager {
+
+ private static Log _log = LogFactory.getLog(OpenIDServerManager.class);
+
+ /**
+ *
+ */
+ public Message associationResponse(ParameterList requestParams) {
+ boolean isVersion2 = requestParams.hasParameter("openid.ns");
+
+ _log.info("Processing association request...");
+
+ try {
+ // build request message from response params (+ integrity check)
+ AssociationRequest assocReq = AssociationRequest
+ .createAssociationRequest(requestParams);
+
+ isVersion2 = assocReq.isVersion2();
+
+ AssociationSessionType type = assocReq.getType();
+
+ // is supported / allowed ?
+ if (!Association.isHmacSupported(type.getAssociationType())
+ || !DiffieHellmanSession.isDhSupported(type)
+ || getMinAssocSessEnc().isBetter(type)) {
+ throw new AssociationException(
+ "Unable create association for: "
+ + type.getSessionType() + " / "
+ + type.getAssociationType());
+ } else // all ok, go ahead
+ {
+ Association assoc = getPrivateAssociations().generate(
+ type.getAssociationType(), getExpireIn());
+
+ _log.info("Returning private association; handle: "
+ + assoc.getHandle());
+
+ return AssociationResponse.createAssociationResponse(assocReq,
+ assoc);
+ }
+ } catch (OpenIDException e) {
+ // association failed, respond accordingly
+ if (isVersion2) {
+ _log.warn("Cannot establish association, "
+ + "responding with an OpenID2 association error.", e);
+
+ return AssociationError.createAssociationError(e.getMessage(),
+ getPrefAssocSessEnc());
+ } else {
+ _log.warn("Error processing an OpenID1 association request: "
+ + e.getMessage()
+ + " Responding with a dummy association.", e);
+ try {
+ // generate dummy association & no-encryption response
+ // for compatibility mode
+ Association dummyAssoc = getPrivateAssociations().generate(
+ Association.TYPE_HMAC_SHA1, 0);
+
+ AssociationRequest dummyRequest = AssociationRequest
+
.createAssociationRequest(AssociationSessionType.NO_ENCRYPTION_COMPAT_SHA1MAC);
+
+ return AssociationResponse.createAssociationResponse(
+ dummyRequest, dummyAssoc);
+ } catch (OpenIDException ee) {
+ _log
+ .error(
+ "Error creating negative OpenID1
association response.",
+ e);
+ return null;
+ }
+
+ }
+
+ }
+ }
+
+}
_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev
