incubator-sling-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fmesc...@apache.org
Subject svn commit: r896366 - in /sling/trunk/bundles/extensions/openidauth: ./ src/main/java/org/apache/sling/openidauth/impl/
Date Wed, 06 Jan 2010 10:10:47 GMT
Author: fmeschbe
Date: Wed Jan  6 10:10:46 2010
New Revision: 896366

URL: http://svn.apache.org/viewvc?rev=896366&view=rev
Log:
SLING-1265 Adapt to new AuthenticationHandler API and replace SimpleCredentials credentials
with specific (private) OpenID credentials class directly conveying the OpenID user to the
LoginModule.

Added:
    sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
  (with props)
Modified:
    sling/trunk/bundles/extensions/openidauth/pom.xml
    sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
    sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java

Modified: sling/trunk/bundles/extensions/openidauth/pom.xml
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/pom.xml?rev=896366&r1=896365&r2=896366&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/openidauth/pom.xml (original)
+++ sling/trunk/bundles/extensions/openidauth/pom.xml Wed Jan  6 10:10:46 2010
@@ -116,11 +116,23 @@
             <groupId>org.apache.sling</groupId>
             <artifactId>org.apache.sling.api</artifactId>
             <version>2.0.8</version>
+            <scope>provided</scope>
+        </dependency>
+		<dependency>
+            <groupId>javax.jcr</groupId>
+            <artifactId>jcr</artifactId>
+        </dependency>
+		<dependency>
+            <groupId>org.apache.sling</groupId>
+            <artifactId>org.apache.sling.commons.auth</artifactId>
+            <version>0.9.0-SNAPSHOT</version>
+            <scope>provided</scope>
         </dependency>
 		<dependency>
             <groupId>org.apache.sling</groupId>
-            <artifactId>org.apache.sling.engine</artifactId>
-            <version>2.0.6</version>
+            <artifactId>org.apache.sling.commons.osgi</artifactId>
+            <version>2.0.4-incubator</version>
+            <scope>provided</scope>
         </dependency>
 		<dependency>
             <groupId>commons-codec</groupId>
@@ -167,6 +179,7 @@
 	    	<groupId>org.apache.sling</groupId>
 	    	<artifactId>org.apache.sling.jcr.jackrabbit.server</artifactId>
 	    	<version>2.0.5-SNAPSHOT</version>
+            <scope>provided</scope>
 	    </dependency>
     </dependencies>
 </project>

Modified: sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java?rev=896366&r1=896365&r2=896366&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
(original)
+++ sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationHandler.java
Wed Jan  6 10:10:46 2010
@@ -27,20 +27,18 @@
 import javax.jcr.Credentials;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
-import javax.jcr.SimpleCredentials;
 import javax.security.auth.callback.CallbackHandler;
 import javax.security.auth.login.FailedLoginException;
 import javax.security.auth.login.LoginException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.sling.commons.auth.spi.AuthenticationHandler;
+import org.apache.sling.commons.auth.spi.AuthenticationInfo;
 import org.apache.sling.commons.osgi.OsgiUtil;
-import org.apache.sling.engine.auth.AuthenticationHandler;
-import org.apache.sling.engine.auth.AuthenticationInfo;
 import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
 import org.apache.sling.jcr.jackrabbit.server.security.LoginModulePlugin;
 import org.apache.sling.openidauth.OpenIDConstants;
-import org.apache.sling.openidauth.OpenIDUserUtil;
 import org.apache.sling.openidauth.OpenIDConstants.OpenIDFailure;
 import org.osgi.service.component.ComponentContext;
 import org.slf4j.Logger;
@@ -250,14 +248,7 @@
      */
     public AuthenticationInfo authenticate(HttpServletRequest request,
             HttpServletResponse response) {
-
-        // extract credentials and return
-        AuthenticationInfo info = this.extractAuthentication(request, response);
-        if (info != null) {
-            return info;
-        }
-
-        return null;
+        return this.extractAuthentication(request, response);
     }
 
     /**
@@ -310,6 +301,22 @@
         return true;
     }
 
+    /**
+     * Invalidates the request with the Relying Party if a user is actually
+     * available for the request.
+     */
+    public void dropAuthentication(HttpServletRequest request,
+            HttpServletResponse response) {
+        try {
+            final OpenIdUser user = relyingParty.discover(request);
+            if (user != null) {
+                relyingParty.invalidate(request, response);
+            }
+        } catch (Exception e) {
+            log.warn("dropAuthentication: Problem checking whether the user is logged in
at all, assuming not logged in and therefore not logging out");
+        }
+    }
+
     protected AuthenticationInfo handleAuthFailure(OpenIDFailure failure, HttpServletRequest
request, HttpServletResponse response)
     	throws IOException {
 
@@ -479,11 +486,12 @@
 		    						request);
 	    				}
 
-	    				if(accessAuthPageAnon) {
-	    					// Causes anonymous login
-	    					// but does not respect SlingAuthenticator allowAnonymous
-	    					return new AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE, null);
-	    				}
+                        if (accessAuthPageAnon) {
+                            // Causes anonymous login but does not respect
+                            // SlingAuthenticator allowAnonymous
+                            return new AuthenticationInfo(
+                                OpenIDConstants.OPEN_ID_AUTH_TYPE);
+                        }
 	    			}
 	    		}
 	    	}
@@ -572,17 +580,15 @@
     }
 
     private AuthenticationInfo getAuthInfoFromUser(OpenIdUser user) {
-    	String jcrId = OpenIDUserUtil.getPrincipalName(user.getIdentity());
-
-    	SimpleCredentials creds = new SimpleCredentials(jcrId,new char[0]);
-    	creds.setAttribute(getClass().getName(), user);
-        return new AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE, creds);
+    	final AuthenticationInfo info = new AuthenticationInfo(OpenIDConstants.OPEN_ID_AUTH_TYPE);
+        info.setCredentials(new OpenIdCredentials(user));
+        return info;
     }
 
 	public boolean canHandle(Credentials credentials) {
-		if(credentials != null && credentials instanceof SimpleCredentials) {
-			SimpleCredentials sc = (SimpleCredentials)credentials;
-			OpenIdUser user = (OpenIdUser)sc.getAttribute(getClass().getName());
+		if(credentials instanceof OpenIdCredentials) {
+		    OpenIdCredentials creds = (OpenIdCredentials)credentials;
+			OpenIdUser user = creds.getUser();
 			if(user != null) {
 				return user.isAssociated();
 			}
@@ -602,12 +608,12 @@
 	}
 
 	public Principal getPrincipal(Credentials credentials) {
-		if(credentials != null && credentials instanceof SimpleCredentials) {
-			SimpleCredentials sc = (SimpleCredentials)credentials;
-			OpenIdUser user = (OpenIdUser)sc.getAttribute(getClass().getName());
-			if(user != null) {
-				return new OpenIDPrincipal(user);
-			}
+		if(credentials instanceof OpenIdCredentials) {
+            OpenIdCredentials creds = (OpenIdCredentials) credentials;
+            OpenIdUser user = creds.getUser();
+            if (user != null) {
+                return new OpenIDPrincipal(user);
+            }
 		}
 		return null;
 	}

Modified: sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java?rev=896366&r1=896365&r2=896366&view=diff
==============================================================================
--- sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
(original)
+++ sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIDAuthenticationPlugin.java
Wed Jan  6 10:10:46 2010
@@ -22,8 +22,6 @@
 
 import javax.jcr.Credentials;
 import javax.jcr.RepositoryException;
-import javax.jcr.SimpleCredentials;
-
 import org.apache.sling.jcr.jackrabbit.server.security.AuthenticationPlugin;
 import org.apache.sling.openidauth.OpenIDUserUtil;
 
@@ -32,20 +30,19 @@
 public class OpenIDAuthenticationPlugin implements AuthenticationPlugin {
 
 	private Principal principal;
-	
+
 	public OpenIDAuthenticationPlugin(Principal p) {
 		this.principal = p;
 	}
-	
+
 	public boolean authenticate(Credentials credentials)
 			throws RepositoryException {
-		if(credentials instanceof SimpleCredentials) {
-			OpenIdUser user = (OpenIdUser)((SimpleCredentials)credentials)
-				.getAttribute(OpenIDAuthenticationHandler.class.getName());
+		if(credentials instanceof OpenIdCredentials) {
+            OpenIdUser user = ((OpenIdCredentials) credentials).getUser();
 			if(user != null) {
 				return principal.getName().equals(
 						OpenIDUserUtil.getPrincipalName(
-								user.getIdentity())) && 
+								user.getIdentity())) &&
 						user.isAuthenticated();
 			}
 		}

Added: sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
URL: http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java?rev=896366&view=auto
==============================================================================
--- sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
(added)
+++ sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
Wed Jan  6 10:10:46 2010
@@ -0,0 +1,30 @@
+/*
+ * Copyright 1997-2010 Day Management AG
+ * Barfuesserplatz 6, 4001 Basel, Switzerland
+ * All Rights Reserved.
+ *
+ * This software is the confidential and proprietary information of
+ * Day Management AG, ("Confidential Information"). You shall not
+ * disclose such Confidential Information and shall use it only in
+ * accordance with the terms of the license agreement you entered into
+ * with Day.
+ */
+package org.apache.sling.openidauth.impl;
+
+import javax.jcr.Credentials;
+
+import com.dyuproject.openid.OpenIdUser;
+
+@SuppressWarnings("serial")
+class OpenIdCredentials implements Credentials {
+
+    private final OpenIdUser user;
+
+    public OpenIdCredentials(final OpenIdUser user) {
+        this.user = user;
+    }
+
+    public OpenIdUser getUser() {
+        return user;
+    }
+}

Propchange: sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
------------------------------------------------------------------------------
    svn:eol-style = native

Propchange: sling/trunk/bundles/extensions/openidauth/src/main/java/org/apache/sling/openidauth/impl/OpenIdCredentials.java
------------------------------------------------------------------------------
    svn:keywords = Author Date Id Revision Rev Url



Mime
View raw message