Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Removing $Id$ markers and stripping trailing whitespace from the codebase.

Browse Source
This commit is contained in:
Luke Taylor
2010-01-08 16:06:05 +00:00
parent 9a323f15bc
commit 052537c8b0
877 changed files with 12140 additions and 12851 deletions
Download Patch File Download Diff File Expand all files Collapse all files
openid/src/main/java/org/springframework/security/openid/AuthenticationCancelledException.java
+35 -36
View File
@@ -1,36 +1,35 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import org.springframework.security.core.AuthenticationException;
/**
* Indicates that OpenID authentication was cancelled
*
* @author Robin Bramley, Opsera Ltd
* @version $Id$
*/
public class AuthenticationCancelledException extends AuthenticationException {
//~ Constructors ===================================================================================================
public AuthenticationCancelledException(String msg) {
super(msg);
}
public AuthenticationCancelledException(String msg, Throwable t) {
super(msg, t);
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import org.springframework.security.core.AuthenticationException;
/**
* Indicates that OpenID authentication was cancelled
*
* @author Robin Bramley, Opsera Ltd
*/
public class AuthenticationCancelledException extends AuthenticationException {
//~ Constructors ===================================================================================================
public AuthenticationCancelledException(String msg) {
super(msg);
}
public AuthenticationCancelledException(String msg, Throwable t) {
super(msg, t);
}
}
openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java
-1
View File
@@ -41,7 +41,6 @@ import org.openid4java.message.ax.FetchResponse;
/**
* @author Ray Krueger
* @version $Id$
*/
public class OpenID4JavaConsumer implements OpenIDConsumer {
private static final String DISCOVERY_INFO_KEY = DiscoveryInformation.class.getName();
openid/src/main/java/org/springframework/security/openid/OpenIDAttribute.java
-1
View File
@@ -12,7 +12,6 @@ import org.springframework.util.Assert;
* fetch request, or to hold values for an attribute which are returned during the authentication process.
*
* @author Luke Taylor
* @version $Id$
* @since 3.0
*/
public class OpenIDAttribute implements Serializable {
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationFilter.java
-1
View File
@@ -59,7 +59,6 @@ import org.springframework.util.StringUtils;
* @author Robin Bramley
* @author Ray Krueger
* @author Luke Taylor
* @version $Id$
* @since 2.0
* @see OpenIDAuthenticationProvider
*/
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationProvider.java
+118 -118
View File
@@ -1,118 +1,118 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.util.Assert;
/**
* Finalises the OpenID authentication by obtaining local authorities for the authenticated user.
* <p>
* The authorities are obtained by calling the configured <tt>UserDetailsService</tt>.
* The <code>UserDetails</code> it returns must, at minimum, contain the username and <code>GrantedAuthority[]</code>
* objects applicable to the authenticated user. Note that by default, Spring Security ignores the password and
* enabled/disabled status of the <code>UserDetails</code> because this is
* authentication-related and should have been enforced by another provider server.
* <p>
* The <code>UserDetails</code> returned by implementations is stored in the generated <code>AuthenticationToken</code>,
* so additional properties such as email addresses, telephone numbers etc can easily be stored.
*
* @author Robin Bramley, Opsera Ltd.
*/
public class OpenIDAuthenticationProvider implements AuthenticationProvider, InitializingBean {
//~ Instance fields ================================================================================================
private UserDetailsService userDetailsService;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.userDetailsService, "The userDetailsService must be set");
}
/* (non-Javadoc)
* @see org.springframework.security.authentication.AuthenticationProvider#authenticate(org.springframework.security.Authentication)
*/
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
if (!supports(authentication.getClass())) {
return null;
}
if (authentication instanceof OpenIDAuthenticationToken) {
OpenIDAuthenticationToken response = (OpenIDAuthenticationToken) authentication;
OpenIDAuthenticationStatus status = response.getStatus();
// handle the various possibilities
if (status == OpenIDAuthenticationStatus.SUCCESS) {
// Lookup user details
UserDetails userDetails = userDetailsService.loadUserByUsername(response.getIdentityUrl());
return createSuccessfulAuthentication(userDetails, response);
} else if (status == OpenIDAuthenticationStatus.CANCELLED) {
throw new AuthenticationCancelledException("Log in cancelled");
} else if (status == OpenIDAuthenticationStatus.ERROR) {
throw new AuthenticationServiceException("Error message from server: " + response.getMessage());
} else if (status == OpenIDAuthenticationStatus.FAILURE) {
throw new BadCredentialsException("Log in failed - identity could not be verified");
} else if (status == OpenIDAuthenticationStatus.SETUP_NEEDED) {
throw new AuthenticationServiceException(
"The server responded setup was needed, which shouldn't happen");
} else {
throw new AuthenticationServiceException("Unrecognized return value " + status.toString());
}
}
return null;
}
/**
* Handles the creation of the final <tt>Authentication</tt> object which will be returned by the provider.
* <p>
* The default implementation just creates a new OpenIDAuthenticationToken from the original, but with the
* UserDetails as the principal and including the authorities loaded by the UserDetailsService.
*
* @param userDetails the loaded UserDetails object
* @param auth the token passed to the authenticate method, containing
* @return the token which will represent the authenticated user.
*/
protected Authentication createSuccessfulAuthentication(UserDetails userDetails, OpenIDAuthenticationToken auth) {
return new OpenIDAuthenticationToken(userDetails, userDetails.getAuthorities(),
auth.getIdentityUrl(), auth.getAttributes());
}
/**
* Used to load the authorities for the authenticated OpenID user.
*/
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
}
/* (non-Javadoc)
* @see org.springframework.security.authentication.AuthenticationProvider#supports(java.lang.Class)
*/
public boolean supports(Class<? extends Object> authentication) {
return OpenIDAuthenticationToken.class.isAssignableFrom(authentication);
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import org.springframework.beans.factory.InitializingBean;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.util.Assert;
/**
* Finalises the OpenID authentication by obtaining local authorities for the authenticated user.
* <p>
* The authorities are obtained by calling the configured <tt>UserDetailsService</tt>.
* The <code>UserDetails</code> it returns must, at minimum, contain the username and <code>GrantedAuthority[]</code>
* objects applicable to the authenticated user. Note that by default, Spring Security ignores the password and
* enabled/disabled status of the <code>UserDetails</code> because this is
* authentication-related and should have been enforced by another provider server.
* <p>
* The <code>UserDetails</code> returned by implementations is stored in the generated <code>AuthenticationToken</code>,
* so additional properties such as email addresses, telephone numbers etc can easily be stored.
*
* @author Robin Bramley, Opsera Ltd.
*/
public class OpenIDAuthenticationProvider implements AuthenticationProvider, InitializingBean {
//~ Instance fields ================================================================================================
private UserDetailsService userDetailsService;
//~ Methods ========================================================================================================
public void afterPropertiesSet() throws Exception {
Assert.notNull(this.userDetailsService, "The userDetailsService must be set");
}
/* (non-Javadoc)
* @see org.springframework.security.authentication.AuthenticationProvider#authenticate(org.springframework.security.Authentication)
*/
public Authentication authenticate(final Authentication authentication) throws AuthenticationException {
if (!supports(authentication.getClass())) {
return null;
}
if (authentication instanceof OpenIDAuthenticationToken) {
OpenIDAuthenticationToken response = (OpenIDAuthenticationToken) authentication;
OpenIDAuthenticationStatus status = response.getStatus();
// handle the various possibilities
if (status == OpenIDAuthenticationStatus.SUCCESS) {
// Lookup user details
UserDetails userDetails = userDetailsService.loadUserByUsername(response.getIdentityUrl());
return createSuccessfulAuthentication(userDetails, response);
} else if (status == OpenIDAuthenticationStatus.CANCELLED) {
throw new AuthenticationCancelledException("Log in cancelled");
} else if (status == OpenIDAuthenticationStatus.ERROR) {
throw new AuthenticationServiceException("Error message from server: " + response.getMessage());
} else if (status == OpenIDAuthenticationStatus.FAILURE) {
throw new BadCredentialsException("Log in failed - identity could not be verified");
} else if (status == OpenIDAuthenticationStatus.SETUP_NEEDED) {
throw new AuthenticationServiceException(
"The server responded setup was needed, which shouldn't happen");
} else {
throw new AuthenticationServiceException("Unrecognized return value " + status.toString());
}
}
return null;
}
/**
* Handles the creation of the final <tt>Authentication</tt> object which will be returned by the provider.
* <p>
* The default implementation just creates a new OpenIDAuthenticationToken from the original, but with the
* UserDetails as the principal and including the authorities loaded by the UserDetailsService.
*
* @param userDetails the loaded UserDetails object
* @param auth the token passed to the authenticate method, containing
* @return the token which will represent the authenticated user.
*/
protected Authentication createSuccessfulAuthentication(UserDetails userDetails, OpenIDAuthenticationToken auth) {
return new OpenIDAuthenticationToken(userDetails, userDetails.getAuthorities(),
auth.getIdentityUrl(), auth.getAttributes());
}
/**
* Used to load the authorities for the authenticated OpenID user.
*/
public void setUserDetailsService(UserDetailsService userDetailsService) {
this.userDetailsService = userDetailsService;
}
/* (non-Javadoc)
* @see org.springframework.security.authentication.AuthenticationProvider#supports(java.lang.Class)
*/
public boolean supports(Class<? extends Object> authentication) {
return OpenIDAuthenticationToken.class.isAssignableFrom(authentication);
}
}
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationStatus.java
+69 -69
View File
@@ -1,69 +1,69 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import java.io.ObjectStreamException;
import java.io.Serializable;
/**
* Based on JanRain status codes
*
* @author JanRain Inc.
* @author Robin Bramley, Opsera Ltd
*/
public class OpenIDAuthenticationStatus implements Serializable {
//~ Static fields/initializers =====================================================================================
private static final long serialVersionUID = -998877665544332211L;
private static int nextOrdinal = 0;
/** This code indicates a successful authentication request */
public static final OpenIDAuthenticationStatus SUCCESS = new OpenIDAuthenticationStatus("success");
/** This code indicates a failed authentication request */
public static final OpenIDAuthenticationStatus FAILURE = new OpenIDAuthenticationStatus("failure");
/** This code indicates the server reported an error */
public static final OpenIDAuthenticationStatus ERROR = new OpenIDAuthenticationStatus("error");
/** This code indicates that the user needs to do additional work to prove their identity */
public static final OpenIDAuthenticationStatus SETUP_NEEDED = new OpenIDAuthenticationStatus("setup needed");
/** This code indicates that the user cancelled their login request */
public static final OpenIDAuthenticationStatus CANCELLED = new OpenIDAuthenticationStatus("cancelled");
private static final OpenIDAuthenticationStatus[] PRIVATE_VALUES = {SUCCESS, FAILURE, ERROR, SETUP_NEEDED, CANCELLED};
//~ Instance fields ================================================================================================
private String name;
private final int ordinal = nextOrdinal++;
//~ Constructors ===================================================================================================
private OpenIDAuthenticationStatus(String name) {
this.name = name;
}
//~ Methods ========================================================================================================
private Object readResolve() throws ObjectStreamException {
return PRIVATE_VALUES[ordinal];
}
public String toString() {
return name;
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import java.io.ObjectStreamException;
import java.io.Serializable;
/**
* Based on JanRain status codes
*
* @author JanRain Inc.
* @author Robin Bramley, Opsera Ltd
*/
public class OpenIDAuthenticationStatus implements Serializable {
//~ Static fields/initializers =====================================================================================
private static final long serialVersionUID = -998877665544332211L;
private static int nextOrdinal = 0;
/** This code indicates a successful authentication request */
public static final OpenIDAuthenticationStatus SUCCESS = new OpenIDAuthenticationStatus("success");
/** This code indicates a failed authentication request */
public static final OpenIDAuthenticationStatus FAILURE = new OpenIDAuthenticationStatus("failure");
/** This code indicates the server reported an error */
public static final OpenIDAuthenticationStatus ERROR = new OpenIDAuthenticationStatus("error");
/** This code indicates that the user needs to do additional work to prove their identity */
public static final OpenIDAuthenticationStatus SETUP_NEEDED = new OpenIDAuthenticationStatus("setup needed");
/** This code indicates that the user cancelled their login request */
public static final OpenIDAuthenticationStatus CANCELLED = new OpenIDAuthenticationStatus("cancelled");
private static final OpenIDAuthenticationStatus[] PRIVATE_VALUES = {SUCCESS, FAILURE, ERROR, SETUP_NEEDED, CANCELLED};
//~ Instance fields ================================================================================================
private String name;
private final int ordinal = nextOrdinal++;
//~ Constructors ===================================================================================================
private OpenIDAuthenticationStatus(String name) {
this.name = name;
}
//~ Methods ========================================================================================================
private Object readResolve() throws ObjectStreamException {
return PRIVATE_VALUES[ordinal];
}
public String toString() {
return name;
}
}
openid/src/main/java/org/springframework/security/openid/OpenIDAuthenticationToken.java
+109 -110
View File
@@ -1,110 +1,109 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
/**
* OpenID Authentication Token
*
* @author Robin Bramley
* @version $Id$
*/
public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
//~ Instance fields ================================================================================================
private final OpenIDAuthenticationStatus status;
private final Object principal;
private final String identityUrl;
private final String message;
private final List<OpenIDAttribute> attributes;
//~ Constructors ===================================================================================================
public OpenIDAuthenticationToken(OpenIDAuthenticationStatus status, String identityUrl,
String message, List<OpenIDAttribute> attributes) {
super(new ArrayList<GrantedAuthority>(0));
this.principal = identityUrl;
this.status = status;
this.identityUrl = identityUrl;
this.message = message;
this.attributes = attributes;
setAuthenticated(false);
}
/**
* Created by the <tt>OpenIDAuthenticationProvider</tt> on successful authentication.
*
* @param principal usually the <tt>UserDetails</tt> returned by the the configured <tt>UserDetailsService</tt>
* used by the <tt>OpenIDAuthenticationProvider</tt>.
*
*/
public OpenIDAuthenticationToken(Object principal, Collection<GrantedAuthority> authorities,
String identityUrl, List<OpenIDAttribute> attributes) {
super(authorities);
this.principal = principal;
this.status = OpenIDAuthenticationStatus.SUCCESS;
this.identityUrl = identityUrl;
this.message = null;
this.attributes = attributes;
setAuthenticated(true);
}
//~ Methods ========================================================================================================
/**
* Returns 'null' always, as no credentials are processed by the OpenID provider.
* @see org.springframework.security.core.Authentication#getCredentials()
*/
public Object getCredentials() {
return null;
}
public String getIdentityUrl() {
return identityUrl;
}
public String getMessage() {
return message;
}
/**
* Returns the <tt>principal</tt> value.
*
* @see org.springframework.security.core.Authentication#getPrincipal()
*/
public Object getPrincipal() {
return principal;
}
public OpenIDAuthenticationStatus getStatus() {
return status;
}
public List<OpenIDAttribute> getAttributes() {
return attributes;
}
@Override
public String toString() {
return "[" + super.toString() + ", attributes : " + attributes +"]";
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
/**
* OpenID Authentication Token
*
* @author Robin Bramley
*/
public class OpenIDAuthenticationToken extends AbstractAuthenticationToken {
//~ Instance fields ================================================================================================
private final OpenIDAuthenticationStatus status;
private final Object principal;
private final String identityUrl;
private final String message;
private final List<OpenIDAttribute> attributes;
//~ Constructors ===================================================================================================
public OpenIDAuthenticationToken(OpenIDAuthenticationStatus status, String identityUrl,
String message, List<OpenIDAttribute> attributes) {
super(new ArrayList<GrantedAuthority>(0));
this.principal = identityUrl;
this.status = status;
this.identityUrl = identityUrl;
this.message = message;
this.attributes = attributes;
setAuthenticated(false);
}
/**
* Created by the <tt>OpenIDAuthenticationProvider</tt> on successful authentication.
*
* @param principal usually the <tt>UserDetails</tt> returned by the the configured <tt>UserDetailsService</tt>
* used by the <tt>OpenIDAuthenticationProvider</tt>.
*
*/
public OpenIDAuthenticationToken(Object principal, Collection<GrantedAuthority> authorities,
String identityUrl, List<OpenIDAttribute> attributes) {
super(authorities);
this.principal = principal;
this.status = OpenIDAuthenticationStatus.SUCCESS;
this.identityUrl = identityUrl;
this.message = null;
this.attributes = attributes;
setAuthenticated(true);
}
//~ Methods ========================================================================================================
/**
* Returns 'null' always, as no credentials are processed by the OpenID provider.
* @see org.springframework.security.core.Authentication#getCredentials()
*/
public Object getCredentials() {
return null;
}
public String getIdentityUrl() {
return identityUrl;
}
public String getMessage() {
return message;
}
/**
* Returns the <tt>principal</tt> value.
*
* @see org.springframework.security.core.Authentication#getPrincipal()
*/
public Object getPrincipal() {
return principal;
}
public OpenIDAuthenticationStatus getStatus() {
return status;
}
public List<OpenIDAttribute> getAttributes() {
return attributes;
}
@Override
public String toString() {
return "[" + super.toString() + ", attributes : " + attributes +"]";
}
}
openid/src/main/java/org/springframework/security/openid/OpenIDConsumer.java
+46 -46
View File
@@ -1,46 +1,46 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import javax.servlet.http.HttpServletRequest;
/**
* An interface for OpenID library implementations
*
* @author Ray Krueger
* @author Robin Bramley, Opsera Ltd
*/
public interface OpenIDConsumer {
/**
* Given the request, the claimedIdentity, the return to url, and a realm, lookup the openId authentication
* page the user should be redirected to.
*
* @param req HttpServletRequest
* @param claimedIdentity String URI the user presented during authentication
* @param returnToUrl String URI of the URL we want the user sent back to by the OP
* @param realm URI pattern matching the realm we want the user to see
* @return String URI to redirect user to for authentication
* @throws OpenIDConsumerException if anything bad happens
*/
public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm)
throws OpenIDConsumerException;
public OpenIDAuthenticationToken endConsumption(HttpServletRequest req)
throws OpenIDConsumerException;
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import javax.servlet.http.HttpServletRequest;
/**
* An interface for OpenID library implementations
*
* @author Ray Krueger
* @author Robin Bramley, Opsera Ltd
*/
public interface OpenIDConsumer {
/**
* Given the request, the claimedIdentity, the return to url, and a realm, lookup the openId authentication
* page the user should be redirected to.
*
* @param req HttpServletRequest
* @param claimedIdentity String URI the user presented during authentication
* @param returnToUrl String URI of the URL we want the user sent back to by the OP
* @param realm URI pattern matching the realm we want the user to see
* @return String URI to redirect user to for authentication
* @throws OpenIDConsumerException if anything bad happens
*/
public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm)
throws OpenIDConsumerException;
public OpenIDAuthenticationToken endConsumption(HttpServletRequest req)
throws OpenIDConsumerException;
}
openid/src/main/java/org/springframework/security/openid/OpenIDConsumerException.java
+32 -32
View File
@@ -1,32 +1,32 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
/**
* Thrown by an OpenIDConsumer if it cannot process a request
*
* @author Robin Bramley, Opsera Ltd
*/
public class OpenIDConsumerException extends Exception {
//~ Constructors ===================================================================================================
public OpenIDConsumerException(String message) {
super(message);
}
public OpenIDConsumerException(String message, Throwable t) {
super(message, t);
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
/**
* Thrown by an OpenIDConsumer if it cannot process a request
*
* @author Robin Bramley, Opsera Ltd
*/
public class OpenIDConsumerException extends Exception {
//~ Constructors ===================================================================================================
public OpenIDConsumerException(String message) {
super(message);
}
public OpenIDConsumerException(String message, Throwable t) {
super(message, t);
}
}
openid/src/main/java/org/springframework/security/openid/package.html
+4 -4
View File
@@ -1,5 +1,5 @@
<html>
<body>
Authenticates standard web browser users via <a href="http://openid.net">OpenID</a>.
</body>
<html>
<body>
Authenticates standard web browser users via <a href="http://openid.net">OpenID</a>.
</body>
</html>
openid/src/test/java/org/springframework/security/openid/MockOpenIDConsumer.java
+81 -81
View File
@@ -1,81 +1,81 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import org.springframework.security.openid.OpenIDAuthenticationToken;
import org.springframework.security.openid.OpenIDConsumer;
import org.springframework.security.openid.OpenIDConsumerException;
import javax.servlet.http.HttpServletRequest;
/**
* @author Robin Bramley, Opsera Ltd
*/
public class MockOpenIDConsumer implements OpenIDConsumer {
//~ Instance fields ================================================================================================
private OpenIDAuthenticationToken token;
private String redirectUrl;
public MockOpenIDConsumer() {
}
public MockOpenIDConsumer(String redirectUrl, OpenIDAuthenticationToken token) {
this.redirectUrl = redirectUrl;
this.token = token;
}
public MockOpenIDConsumer(String redirectUrl) {
this.redirectUrl = redirectUrl;
}
public MockOpenIDConsumer(OpenIDAuthenticationToken token) {
this.token = token;
}
//~ Methods ========================================================================================================
public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm) throws OpenIDConsumerException {
return redirectUrl;
}
public OpenIDAuthenticationToken endConsumption(HttpServletRequest req)
throws OpenIDConsumerException {
return token;
}
/**
* Set the redirectUrl to be returned by beginConsumption
*
* @param redirectUrl
*/
public void setRedirectUrl(String redirectUrl) {
this.redirectUrl = redirectUrl;
}
public void setReturnToUrl(String returnToUrl) {
// TODO Auto-generated method stub
}
/**
* Set the token to be returned by endConsumption
*
* @param token
*/
public void setToken(OpenIDAuthenticationToken token) {
this.token = token;
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import org.springframework.security.openid.OpenIDAuthenticationToken;
import org.springframework.security.openid.OpenIDConsumer;
import org.springframework.security.openid.OpenIDConsumerException;
import javax.servlet.http.HttpServletRequest;
/**
* @author Robin Bramley, Opsera Ltd
*/
public class MockOpenIDConsumer implements OpenIDConsumer {
//~ Instance fields ================================================================================================
private OpenIDAuthenticationToken token;
private String redirectUrl;
public MockOpenIDConsumer() {
}
public MockOpenIDConsumer(String redirectUrl, OpenIDAuthenticationToken token) {
this.redirectUrl = redirectUrl;
this.token = token;
}
public MockOpenIDConsumer(String redirectUrl) {
this.redirectUrl = redirectUrl;
}
public MockOpenIDConsumer(OpenIDAuthenticationToken token) {
this.token = token;
}
//~ Methods ========================================================================================================
public String beginConsumption(HttpServletRequest req, String claimedIdentity, String returnToUrl, String realm) throws OpenIDConsumerException {
return redirectUrl;
}
public OpenIDAuthenticationToken endConsumption(HttpServletRequest req)
throws OpenIDConsumerException {
return token;
}
/**
* Set the redirectUrl to be returned by beginConsumption
*
* @param redirectUrl
*/
public void setRedirectUrl(String redirectUrl) {
this.redirectUrl = redirectUrl;
}
public void setReturnToUrl(String returnToUrl) {
// TODO Auto-generated method stub
}
/**
* Set the token to be returned by endConsumption
*
* @param token
*/
public void setToken(OpenIDAuthenticationToken token) {
this.token = token;
}
}
openid/src/test/java/org/springframework/security/openid/OpenIDAuthenticationProviderTests.java
+205 -205
View File
@@ -1,205 +1,205 @@
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import junit.framework.TestCase;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
/**
* Tests {@link OpenIDAuthenticationProvider}
*
* @author Robin Bramley, Opsera Ltd
*/
public class OpenIDAuthenticationProviderTests extends TestCase {
//~ Static fields/initializers =====================================================================================
private static final String USERNAME = "user.acegiopenid.com";
//~ Methods ========================================================================================================
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateCancel() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.CANCELLED, USERNAME, "" ,null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (AuthenticationCancelledException expected) {
assertEquals("Log in cancelled", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateError() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.ERROR, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (AuthenticationServiceException expected) {
assertEquals("Error message from server: ", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateFailure() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (BadCredentialsException expected) {
assertEquals("Log in failed - identity could not be verified", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateSetupNeeded() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SETUP_NEEDED, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (AuthenticationServiceException expected) {
assertEquals("The server responded setup was needed, which shouldn't happen", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateSuccess() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
Authentication postAuth = provider.authenticate(preAuth);
assertNotNull(postAuth);
assertTrue(postAuth instanceof OpenIDAuthenticationToken);
assertTrue(postAuth.isAuthenticated());
assertNotNull(postAuth.getPrincipal());
assertTrue(postAuth.getPrincipal() instanceof UserDetails);
assertNotNull(postAuth.getAuthorities());
assertTrue(postAuth.getAuthorities().size() > 0);
assertTrue(((OpenIDAuthenticationToken) postAuth).getStatus() == OpenIDAuthenticationStatus.SUCCESS);
assertTrue(((OpenIDAuthenticationToken) postAuth).getMessage() == null);
}
public void testDetectsMissingAuthoritiesPopulator() throws Exception {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
try {
provider.afterPropertiesSet();
fail("Should have thrown Exception");
} catch (IllegalArgumentException expected) {
//ignored
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.supports(Class)'
*/
public void testDoesntSupport() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
assertFalse(provider.supports(UsernamePasswordAuthenticationToken.class));
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testIgnoresUserPassAuthToken() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(USERNAME, "password");
assertEquals(null, provider.authenticate(token));
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.supports(Class)'
*/
public void testSupports() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
assertTrue(provider.supports(OpenIDAuthenticationToken.class));
}
public void testValidation() throws Exception {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
provider.afterPropertiesSet();
provider.setUserDetailsService(null);
try {
provider.afterPropertiesSet();
fail("IllegalArgumentException expected, ssoAuthoritiesPopulator is null");
} catch (IllegalArgumentException e) {
//expected
}
}
static class MockUserDetailsService implements UserDetailsService {
public UserDetails loadUserByUsername(String ssoUserId) throws AuthenticationException {
return new User(ssoUserId, "password", true, true, true, true,
AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"));
}
}
}
/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.springframework.security.openid;
import junit.framework.TestCase;
import org.springframework.security.authentication.AuthenticationServiceException;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
/**
* Tests {@link OpenIDAuthenticationProvider}
*
* @author Robin Bramley, Opsera Ltd
*/
public class OpenIDAuthenticationProviderTests extends TestCase {
//~ Static fields/initializers =====================================================================================
private static final String USERNAME = "user.acegiopenid.com";
//~ Methods ========================================================================================================
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateCancel() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.CANCELLED, USERNAME, "" ,null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (AuthenticationCancelledException expected) {
assertEquals("Log in cancelled", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateError() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.ERROR, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (AuthenticationServiceException expected) {
assertEquals("Error message from server: ", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateFailure() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (BadCredentialsException expected) {
assertEquals("Log in failed - identity could not be verified", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateSetupNeeded() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SETUP_NEEDED, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
try {
provider.authenticate(preAuth);
fail("Should throw an AuthenticationException");
} catch (AuthenticationServiceException expected) {
assertEquals("The server responded setup was needed, which shouldn't happen", expected.getMessage());
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testAuthenticateSuccess() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
Authentication preAuth = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, USERNAME, "", null);
assertFalse(preAuth.isAuthenticated());
Authentication postAuth = provider.authenticate(preAuth);
assertNotNull(postAuth);
assertTrue(postAuth instanceof OpenIDAuthenticationToken);
assertTrue(postAuth.isAuthenticated());
assertNotNull(postAuth.getPrincipal());
assertTrue(postAuth.getPrincipal() instanceof UserDetails);
assertNotNull(postAuth.getAuthorities());
assertTrue(postAuth.getAuthorities().size() > 0);
assertTrue(((OpenIDAuthenticationToken) postAuth).getStatus() == OpenIDAuthenticationStatus.SUCCESS);
assertTrue(((OpenIDAuthenticationToken) postAuth).getMessage() == null);
}
public void testDetectsMissingAuthoritiesPopulator() throws Exception {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
try {
provider.afterPropertiesSet();
fail("Should have thrown Exception");
} catch (IllegalArgumentException expected) {
//ignored
}
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.supports(Class)'
*/
public void testDoesntSupport() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
assertFalse(provider.supports(UsernamePasswordAuthenticationToken.class));
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.authenticate(Authentication)'
*/
public void testIgnoresUserPassAuthToken() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(USERNAME, "password");
assertEquals(null, provider.authenticate(token));
}
/*
* Test method for 'org.springframework.security.authentication.openid.OpenIDAuthenticationProvider.supports(Class)'
*/
public void testSupports() {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
assertTrue(provider.supports(OpenIDAuthenticationToken.class));
}
public void testValidation() throws Exception {
OpenIDAuthenticationProvider provider = new OpenIDAuthenticationProvider();
provider.setUserDetailsService(new MockUserDetailsService());
provider.afterPropertiesSet();
provider.setUserDetailsService(null);
try {
provider.afterPropertiesSet();
fail("IllegalArgumentException expected, ssoAuthoritiesPopulator is null");
} catch (IllegalArgumentException e) {
//expected
}
}
static class MockUserDetailsService implements UserDetailsService {
public UserDetails loadUserByUsername(String ssoUserId) throws AuthenticationException {
return new User(ssoUserId, "password", true, true, true, true,
AuthorityUtils.createAuthorityList("ROLE_A", "ROLE_B"));
}
}
}