Examples of uk.co.froot.demo.openid.model.security.User

  @GET
  @Path("/logout")
  public Response logout() {


    BaseModel model = modelBuilder.newBaseModel(httpHeaders);
    User user = model.getUser();
    if (user != null) {
      // Invalidate the session token
      user.setSessionToken(null);
      // (We'll delete the user but really this would just be an update)
      InMemoryUserCache.INSTANCE.hardDelete(user);
      model.setUser(null);
    }

      memento.setTypes(discovered.getTypes());
      memento.setVersion(discovered.getVersion());


      // Create a temporary User to preserve state between requests without
      // using a session (we could be in a cluster)
      User tempUser = new User(null, sessionToken);
      tempUser.setOpenIDDiscoveryInformationMemento(memento);
      tempUser.setSessionToken(sessionToken);


      // Persist the User
      InMemoryUserCache.INSTANCE.put(sessionToken, tempUser);


      // Build the AuthRequest message to be sent to the OpenID provider

    Optional<User> tempUserOptional = InMemoryUserCache.INSTANCE.getBySessionToken(sessionToken);
    if (!tempUserOptional.isPresent()) {
      log.debug("Authentication failed due to no temp User matching session token {}", rawToken);
      throw new WebApplicationException(Response.Status.UNAUTHORIZED);
    }
    User tempUser = tempUserOptional.get();


    // Retrieve the discovery information
    final DiscoveryInformationMemento memento = tempUser.getOpenIDDiscoveryInformationMemento();
    Identifier identifier = new Identifier() {
      @Override
      public String getIdentifier() {
        return memento.getClaimedIdentifier();
      }
    };


    DiscoveryInformation discovered;
    try {
      discovered = new DiscoveryInformation(
        URI.create(memento.getOpEndpoint()).toURL(),
        identifier,
        memento.getDelegate(),
        memento.getVersion(),
        memento.getTypes()
      );
    } catch (DiscoveryException e) {
      throw new WebApplicationException(e, Response.Status.UNAUTHORIZED);
    } catch (MalformedURLException e) {
      throw new WebApplicationException(e, Response.Status.UNAUTHORIZED);
    }


    // Extract the receiving URL from the HTTP request
    StringBuffer receivingURL = request.getRequestURL();
    String queryString = request.getQueryString();
    if (queryString != null && queryString.length() > 0) {
      receivingURL.append("?").append(request.getQueryString());
    }
    log.debug("Receiving URL = '{}", receivingURL.toString());


    // Extract the parameters from the authentication response
    // (which comes in as a HTTP request from the OpenID provider)
    ParameterList parameterList = new ParameterList(request.getParameterMap());


    try {


      // Verify the response
      // ConsumerManager needs to be the same (static) instance used
      // to place the authentication request
      // This could be tricky if this service is load-balanced
      VerificationResult verification = consumerManager.verify(
        receivingURL.toString(),
        parameterList,
        discovered);


      // Examine the verification result and extract the verified identifier
      Optional<Identifier> verified = Optional.fromNullable(verification.getVerifiedId());
      if (verified.isPresent()) {
        // Verified
        AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();


        // We have successfully authenticated so remove the temp user
        // and replace it with a potentially new one
        InMemoryUserCache.INSTANCE.hardDelete(tempUser);


        tempUser = new User(null, UUID.randomUUID());
        tempUser.setOpenIDIdentifier(verified.get().getIdentifier());


        // Provide a basic authority in light of successful authentication
        tempUser.getAuthorities().add(Authority.ROLE_PUBLIC);


        // Extract additional information
        if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
          tempUser.setEmailAddress(extractEmailAddress(authSuccess));
          tempUser.setFirstName(extractFirstName(authSuccess));
          tempUser.setLastName(extractLastName(authSuccess));
        }
        log.info("Extracted a temporary {}", tempUser);


        // Search for a pre-existing User matching the temp User
        Optional<User> userOptional = InMemoryUserCache.INSTANCE.getByOpenIDIdentifier(tempUser.getOpenIDIdentifier());
        User user;
        if (!userOptional.isPresent()) {
          // This is either a new registration or the OpenID identifier has changed
          if (tempUser.getEmailAddress() != null) {
            userOptional = InMemoryUserCache.INSTANCE.getByEmailAddress(tempUser.getEmailAddress());
            if (!userOptional.isPresent()) {
              // This is a new User
              log.debug("Registering new {}", tempUser);
              user = tempUser;
            } else {
              // The OpenID identifier has changed so update it
              log.debug("Updating OpenID identifier for {}", tempUser);
              user = userOptional.get();
              user.setOpenIDIdentifier(tempUser.getOpenIDIdentifier());
            }


          } else {
            // No email address to use as backup
            log.warn("Rejecting valid authentication. No email address for {}");
            throw new WebApplicationException(Response.Status.UNAUTHORIZED);
          }
        } else {
          // The User has been located by their OpenID identifier
          log.debug("Found an existing User using OpenID identifier {}", tempUser);
          user = userOptional.get();


        }


        // Persist the user with the current session token
        user.setSessionToken(sessionToken);
        InMemoryUserCache.INSTANCE.put(sessionToken, user);


        // Create a suitable view for the response
        // The session token has changed so we create the base model directly
        BaseModel model = new BaseModel();

Examples of uk.co.froot.demo.openid.model.security.User

Related Classes of uk.co.froot.demo.openid.model.security.User