org.eclipse.orion.server.authentication.formopenid.FormOpenIdAuthenticationService.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.eclipse.orion.server.authentication.formopenid.FormOpenIdAuthenticationService.java

Introduction

Here is the source code for org.eclipse.orion.server.authentication.formopenid.FormOpenIdAuthenticationService.java

Source

/*******************************************************************************
 * Copyright (c) 2010, 2012 IBM Corporation and others 
 * All rights reserved. This program and the accompanying materials
 * are made available under the terms of the Eclipse Public License v1.0
 * which accompanies this distribution, and is available at
 * http://www.eclipse.org/legal/epl-v10.html
 * 
 * Contributors:
 * IBM Corporation - initial API and implementation
 *******************************************************************************/
package org.eclipse.orion.server.authentication.formopenid;

import java.io.IOException;
import java.util.Properties;
import javax.servlet.ServletException;
import javax.servlet.http.*;
import org.eclipse.core.runtime.IStatus;
import org.eclipse.core.runtime.Status;
import org.eclipse.orion.internal.server.servlets.ProtocolConstants;
import org.eclipse.orion.server.authentication.Activator;
import org.eclipse.orion.server.core.LogHelper;
import org.eclipse.orion.server.core.authentication.IAuthenticationService;
import org.json.JSONException;
import org.json.JSONObject;
import org.osgi.framework.Version;
import org.osgi.service.http.HttpService;
import org.osgi.service.http.NamespaceException;

public class FormOpenIdAuthenticationService implements IAuthenticationService {

    private Properties defaultAuthenticationProperties;
    public static final String OPENIDS_PROPERTY = "openids"; //$NON-NLS-1$

    private boolean registered = false;

    public Properties getDefaultAuthenticationProperties() {
        return defaultAuthenticationProperties;
    }

    public String authenticateUser(HttpServletRequest req, HttpServletResponse resp, Properties properties)
            throws IOException {
        String user = getAuthenticatedUser(req, resp, properties);
        if (user == null) {
            setNotAuthenticated(req, resp, properties);
        }
        return user;
    }

    public String getAuthenticatedUser(HttpServletRequest req, HttpServletResponse resp, Properties properties)
            throws IOException {
        HttpSession s = req.getSession(true);
        return (String) s.getAttribute("user");//$NON-NLS-1$
    }

    public String getAuthType() {
        // TODO What shall I return?
        return "FORM"; //$NON-NLS-1$
    }

    public void configure(Properties properties) {
        this.defaultAuthenticationProperties = properties;
    }

    private void setNotAuthenticated(HttpServletRequest req, HttpServletResponse resp, Properties properties)
            throws IOException {
        resp.setHeader("WWW-Authenticate", HttpServletRequest.FORM_AUTH); //$NON-NLS-1$
        resp.setStatus(HttpServletResponse.SC_UNAUTHORIZED);

        // redirection from FormAuthenticationService.setNotAuthenticated
        String versionString = req.getHeader("Orion-Version"); //$NON-NLS-1$
        Version version = versionString == null ? null : new Version(versionString);

        // TODO: This is a workaround for calls
        // that does not include the WebEclipse version header
        String xRequestedWith = req.getHeader("X-Requested-With"); //$NON-NLS-1$

        if (version == null && !"XMLHttpRequest".equals(xRequestedWith)) { //$NON-NLS-1$
            resp.sendRedirect(
                    req.getContextPath() + "/mixloginstatic/LoginWindow.html?redirect=" + req.getRequestURL());
        } else {
            resp.setContentType(ProtocolConstants.CONTENT_TYPE_JSON);
            JSONObject result = new JSONObject();
            try {
                result.put("SignInLocation", req.getContextPath() + "/mixloginstatic/LoginWindow.html");
                result.put("label", "Orion workspace server");
                result.put("SignInKey", "FORMOpenIdUser");
            } catch (JSONException e) {
                LogHelper.log(new Status(IStatus.ERROR, Activator.PI_AUTHENTICATION_SERVLETS, 1,
                        "An error occured during authenitcation", e));
            }
            resp.getWriter().print(result.toString());
        }
    }

    public void setHttpService(HttpService httpService) {
        try {
            httpService.registerServlet("/mixlogin/manageopenids", new ManageOpenidsServlet(this), null, null);
            httpService.registerServlet("/login", new FormOpenIdLoginServlet(this), null, null); //$NON-NLS-1$
            httpService.registerServlet("/logout", new FormOpenIdLogoutServlet(), null, null); //$NON-NLS-1$
        } catch (ServletException e) {
            LogHelper.log(new Status(IStatus.ERROR, Activator.PI_AUTHENTICATION_SERVLETS, 1,
                    "An error occured when registering servlets", e));
        } catch (NamespaceException e) {
            LogHelper.log(new Status(IStatus.ERROR, Activator.PI_AUTHENTICATION_SERVLETS, 1,
                    "A namespace error occured when registering servlets", e));
        }
    }

    public void unsetHttpService(HttpService httpService) {
        if (httpService != null) {
            httpService.unregister("/mixlogin/manageopenids"); //$NON-NLS-1$
            httpService.unregister("/login"); //$NON-NLS-1$
            httpService.unregister("/logout"); //$NON-NLS-1$
            httpService = null;
        }
    }

    public void setRegistered(boolean registered) {
        this.registered = registered;
    }

    public boolean getRegistered() {
        return registered;
    }
}