diff --git a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java index e668eb063f..d42e44922e 100644 --- a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java +++ b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationProvider.java @@ -44,8 +44,8 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider, Ini /* (non-Javadoc) * @see org.springframework.security.providers.AuthenticationProvider#authenticate(org.springframework.security.Authentication) */ - public Authentication authenticate(Authentication authentication) - throws AuthenticationException { + public Authentication authenticate(final Authentication authentication) + throws AuthenticationException { if (!supports(authentication.getClass())) { return null; @@ -57,20 +57,13 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider, Ini // handle the various possibilites if (status == OpenIDAuthenticationStatus.SUCCESS) { - //String message = "Log in succeeded: ";// + savedId; - - /* TODO: allow for regex for mapping URL - * e.g. http://mydomain.com/username - * or http://{username}.mydomain.com - */ // Lookup user details UserDetails userDetails = this.authoritiesPopulator.getUserDetails(response.getIdentityUrl()); - authentication = new OpenIDAuthenticationToken(userDetails.getAuthorities(), response.getStatus(), + return new OpenIDAuthenticationToken(userDetails.getAuthorities(), response.getStatus(), response.getIdentityUrl()); - return authentication; } else if (status == OpenIDAuthenticationStatus.CANCELLED) { throw new AuthenticationCancelledException("Log in cancelled"); } else if (status == OpenIDAuthenticationStatus.ERROR) { @@ -79,7 +72,7 @@ public class OpenIDAuthenticationProvider implements AuthenticationProvider, Ini throw new BadCredentialsException("Log in failed - identity could not be verified"); } else if (status == OpenIDAuthenticationStatus.SETUP_NEEDED) { throw new AuthenticationServiceException( - "The server responded setup was needed, which shouldn't happen"); + "The server responded setup was needed, which shouldn't happen"); } else { throw new AuthenticationServiceException("Unrecognized return value " + status.toString()); } diff --git a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationToken.java b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationToken.java index 877e2af7a0..f9aac0a772 100644 --- a/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationToken.java +++ b/openid/src/main/java/org/springframework/security/providers/openid/OpenIDAuthenticationToken.java @@ -49,8 +49,7 @@ public class OpenIDAuthenticationToken extends AbstractAuthenticationToken { * @param status * @param identityUrl */ - public OpenIDAuthenticationToken(GrantedAuthority[] authorities, OpenIDAuthenticationStatus status, - String identityUrl) { + public OpenIDAuthenticationToken(GrantedAuthority[] authorities, OpenIDAuthenticationStatus status, String identityUrl) { super(authorities); this.status = status; this.identityUrl = identityUrl; diff --git a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConstants.java b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConstants.java deleted file mode 100644 index f441a5387a..0000000000 --- a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDConstants.java +++ /dev/null @@ -1,26 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.ui.openid; - -/** - * Constants required by OpenID classes - * - * @author Robin Bramley, Opsera Ltd - */ -public class OpenIDConstants { - //~ Static fields/initializers ===================================================================================== - - public static final String OPENID_SESSION_MAP_KEY = "openid.session"; -} diff --git a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java b/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java deleted file mode 100644 index eb26f1e7d7..0000000000 --- a/openid/src/main/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilter.java +++ /dev/null @@ -1,88 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.ui.openid; - -import org.springframework.security.Authentication; -import org.springframework.security.AuthenticationException; -import org.springframework.security.AuthenticationServiceException; - -import org.springframework.security.providers.openid.OpenIDAuthenticationToken; - -import org.springframework.security.ui.AbstractProcessingFilter; -import org.springframework.security.ui.webapp.AuthenticationProcessingFilter; - -import javax.servlet.http.HttpServletRequest; - - -/** - * Process the response from the OpenID server to the returnTo URL. - * - * @author Robin Bramley, Opsera Ltd - * @version $Id$ - */ -public class OpenIDResponseProcessingFilter extends AbstractProcessingFilter { - //~ Instance fields ================================================================================================ - - private OpenIDConsumer consumer; - - //~ Methods ======================================================================================================== - - /* (non-Javadoc) - * @see org.springframework.security.ui.AbstractProcessingFilter#attemptAuthentication(javax.servlet.http.HttpServletRequest) - * @Override - */ - public Authentication attemptAuthentication(HttpServletRequest req) - throws AuthenticationException { - OpenIDAuthenticationToken token; - - try { - token = consumer.endConsumption(req); - } catch (OpenIDConsumerException oice) { - throw new AuthenticationServiceException("Consumer error", oice); - } - - // delegate to the auth provider - Authentication authentication = this.getAuthenticationManager().authenticate(token); - - if (authentication.isAuthenticated()) { - req.getSession() - .setAttribute(AuthenticationProcessingFilter.SPRING_SECURITY_LAST_USERNAME_KEY, token.getIdentityUrl()); - } - - return authentication; - } - - /* (non-Javadoc) - * @see org.springframework.security.ui.AbstractProcessingFilter#getDefaultFilterProcessesUrl() - * @Override - */ - public String getDefaultFilterProcessesUrl() { - return "/j_spring_openid_security_check"; - } - - // dependency injection - /** - * DOCUMENT ME! - * - * @param consumer The OpenIDConsumer to set. - */ - public void setConsumer(OpenIDConsumer consumer) { - this.consumer = consumer; - } - - public int getOrder() { - throw new UnsupportedOperationException(); - } -} diff --git a/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java b/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java deleted file mode 100644 index 576f1d95cd..0000000000 --- a/openid/src/test/java/org/springframework/security/ui/openid/OpenIDResponseProcessingFilterTests.java +++ /dev/null @@ -1,135 +0,0 @@ -/* Copyright 2004, 2005, 2006 Acegi Technology Pty Limited - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ -package org.springframework.security.ui.openid; - -import junit.framework.TestCase; -import org.springframework.mock.web.MockHttpServletRequest; -import org.springframework.security.AbstractAuthenticationManager; -import org.springframework.security.Authentication; -import org.springframework.security.AuthenticationException; -import org.springframework.security.BadCredentialsException; -import org.springframework.security.providers.AuthoritiesPopulator; -import org.springframework.security.providers.openid.MockAuthoritiesPopulator; -import org.springframework.security.providers.openid.OpenIDAuthenticationStatus; -import org.springframework.security.providers.openid.OpenIDAuthenticationToken; -import org.springframework.security.ui.openid.consumers.MockOpenIDConsumer; - - -/** - * Tests {@link OpenIDResponseProcessingFilter} - * - * @author Robin Bramley, Opsera Ltd - */ -public class OpenIDResponseProcessingFilterTests extends TestCase { - //~ Static fields/initializers ===================================================================================== - - private static final String USERNAME = "user.acegiopenid.com"; - - //~ Methods ======================================================================================================== - - /* - * Test method for 'org.springframework.security.ui.openid.OpenIDResponseProcessingFilter.attemptAuthentication(HttpServletRequest)' - */ - public void testAttemptAuthenticationFailure() { - // set up mock objects - MockOpenIDAuthenticationManager mockAuthManager = new MockOpenIDAuthenticationManager(false); - - OpenIDAuthenticationToken token = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE, USERNAME, ""); - MockOpenIDConsumer mockConsumer = new MockOpenIDConsumer(); - mockConsumer.setToken(token); - - MockHttpServletRequest req = new MockHttpServletRequest(); - - OpenIDResponseProcessingFilter filter = new OpenIDResponseProcessingFilter(); - filter.setConsumer(mockConsumer); - filter.setAuthenticationManager(mockAuthManager); - - // run test - try { - filter.attemptAuthentication(req); - fail("Should've thrown exception"); - } catch (BadCredentialsException expected) { - assertEquals("MockOpenIDAuthenticationManager instructed to deny access", expected.getMessage()); - } - } - - /* - * Test method for 'org.springframework.security.ui.openid.OpenIDResponseProcessingFilter.attemptAuthentication(HttpServletRequest)' - */ - public void testAttemptAuthenticationHttpServletRequest() { - // set up mock objects - MockOpenIDAuthenticationManager mockAuthManager = new MockOpenIDAuthenticationManager(true); - - OpenIDAuthenticationToken token = new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.SUCCESS, USERNAME, ""); - MockOpenIDConsumer mockConsumer = new MockOpenIDConsumer(); - mockConsumer.setToken(token); - - MockHttpServletRequest req = new MockHttpServletRequest(); - - OpenIDResponseProcessingFilter filter = new OpenIDResponseProcessingFilter(); - filter.setConsumer(mockConsumer); - filter.setAuthenticationManager(mockAuthManager); - - // run test - Authentication authentication = filter.attemptAuthentication(req); - - // assertions - assertNotNull(authentication); - assertTrue(authentication.isAuthenticated()); - assertTrue(authentication instanceof OpenIDAuthenticationToken); - assertNotNull(authentication.getPrincipal()); - assertEquals(USERNAME, authentication.getPrincipal()); - assertNotNull(authentication.getAuthorities()); - assertTrue(authentication.getAuthorities().length > 0); - assertTrue(((OpenIDAuthenticationToken) authentication).getStatus() == OpenIDAuthenticationStatus.SUCCESS); - assertTrue(((OpenIDAuthenticationToken) authentication).getMessage() == null); - } - - /* - * Test method for 'org.springframework.security.ui.openid.OpenIDResponseProcessingFilter.getDefaultFilterProcessesUrl()' - */ - public void testGetDefaultFilterProcessesUrl() { - OpenIDResponseProcessingFilter filter = new OpenIDResponseProcessingFilter(); - assertEquals("/j_spring_openid_security_check", filter.getDefaultFilterProcessesUrl()); - } - - //~ Inner Classes ================================================================================================== - - // private mock AuthenticationManager - private class MockOpenIDAuthenticationManager extends AbstractAuthenticationManager { - private AuthoritiesPopulator ssoAuthoritiesPopulator; - private boolean grantAccess = true; - - public MockOpenIDAuthenticationManager(boolean grantAccess) { - this.grantAccess = grantAccess; - ssoAuthoritiesPopulator = new MockAuthoritiesPopulator(); - } - - public MockOpenIDAuthenticationManager() { - super(); - ssoAuthoritiesPopulator = new MockAuthoritiesPopulator(); - } - - public Authentication doAuthentication(Authentication authentication) - throws AuthenticationException { - if (grantAccess) { - return new OpenIDAuthenticationToken(ssoAuthoritiesPopulator.getUserDetails(USERNAME).getAuthorities(), - OpenIDAuthenticationStatus.SUCCESS, USERNAME); - } else { - throw new BadCredentialsException("MockOpenIDAuthenticationManager instructed to deny access"); - } - } - } -}