openid

prabath Thu, 05 Jun 2008 03:06:56 -0700

Author: prabath
Date: Thu Jun  5 03:06:52 2008
New Revision: 17990
URL: http://wso2.org/svn/browse/wso2?view=rev&revision=17990


Log:
do the host/port mapping for the OpenID returning url - this is required when 
the RP hosted Tomcat is behind an Apache front-end

Modified:
   
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDConsumer.java
   
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDUtil.java

Modified: 
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDConsumer.java
URL: 
http://wso2.org/svn/browse/wso2/trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDConsumer.java?rev=17990&r1=17989&r2=17990&view=diff
==============================================================================
--- 
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDConsumer.java
      (original)
+++ 
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDConsumer.java
      Thu Jun  5 03:06:52 2008
@@ -178,6 +178,7 @@
         VerificationResult verification = null;
         Identifier verified = null;
         HttpSession session = null;
+        String recUrl = null;
 
         session = request.getSession();
 
@@ -191,9 +192,10 @@
         if (queryString != null && queryString.length() > 0)
             receivingURL.append("?").append(request.getQueryString());
 
+        recUrl = OpenIDUtil.getMappedReturningUrl(receivingURL.toString());
+
         // Verify the response
-        verification = manager.verify(receivingURL.toString(), openidResp,
-                discovered);
+        verification = manager.verify(recUrl, openidResp, discovered);
 
         // Examine the verification result and extract the verified
         // identifier
@@ -258,4 +260,5 @@
                     IdentityConstants.ErrorCodes.INVALID_OPENID, e);
         }
     }
-}
+
+}
\ No newline at end of file

Modified: 
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDUtil.java
URL: 
http://wso2.org/svn/browse/wso2/trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDUtil.java?rev=17990&r1=17989&r2=17990&view=diff
==============================================================================
--- 
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDUtil.java
  (original)
+++ 
trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid/OpenIDUtil.java
  Thu Jun  5 03:06:52 2008
@@ -24,9 +24,12 @@
 import org.openid4java.infocard.OpenIDToken;
 import org.openid4java.message.ParameterList;
 import org.wso2.solutions.identity.IdentityConstants;
+import org.wso2.solutions.identity.relyingparty.servletfilter.RelyingPartyData;
 
 public class OpenIDUtil {
 
+    private static RelyingPartyData rpData;
+
     /**
      * Validates whether the given XMLToken corresponding to an OpenID
      * information card.
@@ -47,6 +50,40 @@
     }
 
     /**
+     * When the RP hosted Tomcat is behind an Apache serever, OpenID
+     * verification fails since return_to url mismatches with the returning 
url.
+     * To avoid that - only when the Tomcat is behind an Apache frontend we 
need
+     * to provide a host/port mapping in the web.xml.
+     * @param returnUrl
+     * @return mapped returing irl
+     */
+    public static String getMappedReturningUrl(String returnUrl) {
+
+        if (rpData != null) {
+            if (rpData.getMappedHostName() != null
+                    && rpData.getMappingHostName() != null) {
+                if (returnUrl.contains(rpData.getMappingHostName())) {
+                    returnUrl = returnUrl.replace(rpData.getMappingHostName(),
+                            rpData.getMappedHostName());
+                }
+
+            }
+
+            if (rpData.getMappedPortNumber() != null
+                    && rpData.getMappingPortNumber() != null) {
+                if (returnUrl.contains(rpData.getMappingPortNumber())) {
+                    returnUrl = returnUrl.replace(
+                            rpData.getMappingPortNumber(), rpData
+                                    .getMappedPortNumber());
+                }
+
+            }
+        }
+
+        return returnUrl;
+    }
+
+    /**
      * Validates whether the provided request is an OpenID authentication
      * request.
      * @param request HttpServletRequest
@@ -84,4 +121,12 @@
             return false;
         }
     }
+
+    public static RelyingPartyData getRpData() {
+        return rpData;
+    }
+
+    public static void setRpData(RelyingPartyData rpData) {
+        OpenIDUtil.rpData = rpData;
+    }
 }

_______________________________________________
Identity-dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/identity-dev

[Identity-dev] svn commit r17990 - trunk/solutions/identity/modules/token-verifier-core/src/main/java/org/wso2/solutions/identity/relyingparty/openid

Reply via email to