oltu-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sebastien DIAZ <sebastien.d...@gmail.com>
Subject Re: Oltu as a OAuth 2 identity server
Date Fri, 22 May 2015 11:27:18 GMT
My function

public Response authenticate(HttpServletRequest request,
MultivaluedMap<String, String> form,
        RespType resType) {
    try {
        NewCookie cookie = new NewCookie(config.getCookieAuthAttrName(), "");
        Token tok = autheManager.login(form.getFirst(OAuth.OAUTH_USERNAME),
                form.getFirst(OAuth.OAUTH_PASSWORD), request.getRemoteHost());
        if (tok == null) {
            // return builder.entity(res.getBody()).build();
            final Response.ResponseBuilder responseBuilder = Response
                    .status(HttpServletResponse.SC_FOUND);
            final OAuthResponse response = OAuthASResponse
                    .errorResponse(HttpServletResponse.SC_FOUND)
                    .location(config.getLoginPage())
                    .setParam(OAuth.OAUTH_REDIRECT_URI,
form.getFirst(OAuth.OAUTH_REDIRECT_URI))
                    .setParam(OAuth.OAUTH_CLIENT_ID,
form.getFirst(OAuth.OAUTH_CLIENT_ID))
                    .setParam(OAuth.OAUTH_CLIENT_SECRET,
                            form.getFirst(OAuth.OAUTH_CLIENT_SECRET))
                    .setParam(OAuth.OAUTH_STATE,
form.getFirst(OAuth.OAUTH_STATE))
                    .setParam(OAuth.OAUTH_SCOPE,
form.getFirst(OAuth.OAUTH_SCOPE))
                    .setParam(OAuth.OAUTH_RESPONSE_TYPE,
                            form.getFirst(OAuth.OAUTH_RESPONSE_TYPE))
                    .setParam("ERROR", "Bad login or
password.").buildQueryMessage();
            final URI location = new URI(response.getLocationUri());
            if (hasSession(request) && config.isWithCookie()) {
                // clean the cookie
                responseBuilder.cookie(cookie);
            }
            return responseBuilder.location(location).build();

        }
        if (form.getFirst("authorize") != null &&
form.getFirst("authorize").equals("true")) {
            final Response.ResponseBuilder responseBuilder = Response
                    .status(HttpServletResponse.SC_FOUND);

            LOGGER.debug("User authentication value is false");
            OAuthResponseBuilder builder = OAuthProperResponse
                    .create(HttpServletResponse.SC_FOUND)
                    .location(config.getAuthorizationPage())
                    .setParam(OAuth.OAUTH_REDIRECT_URI,
form.getFirst(OAuth.OAUTH_REDIRECT_URI))
                    .setParam(OAuth.OAUTH_CLIENT_ID,
form.getFirst(OAuth.OAUTH_CLIENT_ID))
                    .setParam(OAuth.OAUTH_CLIENT_SECRET,
                            form.getFirst(OAuth.OAUTH_CLIENT_SECRET))
                    .setParam(OAuth.OAUTH_STATE,
form.getFirst(OAuth.OAUTH_STATE))
                    .setParam(OAuth.OAUTH_SCOPE,
form.getFirst(OAuth.OAUTH_SCOPE))
                    .setParam(OAuth.OAUTH_RESPONSE_TYPE,
                            form.getFirst(OAuth.OAUTH_RESPONSE_TYPE));
            if (!config.isWithCookie()) {
                builder.setParam(OAuth.OAUTH_ACCESS_TOKEN, tok.getToken());
            }
            OAuthResponse response = builder.buildQueryMessage();
            final URI location = new URI(response.getLocationUri());

            ResponseBuilder builderUrl =
Response.status(response.getResponseStatus());
            builderUrl.location(location);
            if (config.isWithCookie()) {
                builderUrl
                        .cookie(new
NewCookie(config.getCookieAuthAttrName(), tok.getToken()));
            }
            return builderUrl.build();
        } else {
            cookie = new NewCookie(config.getCookieAuthAttrName(),
tok.getToken());
            OAuthTokenResponseBuilder responseBuilder = OAuthASResponse

.tokenResponse(HttpServletResponse.SC_OK).setAccessToken(tok.getToken())
                    .setRefreshToken(tok.getRefresh_token())
                    .setTokenType(TokenType.BEARER.toString())
                    .setExpiresIn(autheManager.getTokenLife());
            OAuthResponse response =
OauthTools.manageResponseType(responseBuilder, resType);
            ResponseBuilder builder =
Response.status(response.getResponseStatus());
            if (config.isWithCookie()) {
                // clean the cookie
                builder.cookie(cookie);
            }

            return builder.entity(response.getBody()).build();
        }
    } catch (Exception e) {
        final Response.ResponseBuilder responseBuilder = Response
                .status(HttpServletResponse.SC_BAD_REQUEST);
        throw new
WebApplicationException(responseBuilder.entity(e.getMessage()).build());
    }
}


2015-05-22 12:10 GMT+02:00 Dimuthu Upeksha <dimuthu@adroitlogic.com>:

> Do you mean that you designed those login UIs? Is there any sample you have
> used?
>
> On Fri, May 22, 2015 at 2:31 PM, Sebastien DIAZ <sebastien.diaz@gmail.com>
> wrote:
>
> > Hi
> >
> > You are right. The authentication phase of the third party is not taken
> > into account.
> >
> > In my case I reuse some components for the pure authentication
> >
> > as OAuthTokenResponseBuilder
> >
> > I guess that I hope one day to have oltu as a open id provider and a good
> > identity server example.
> >
> > Regards
> >
> > S DIAZ
> >
> >
> >
> > 2015-05-22 10:38 GMT+02:00 Dimuthu Upeksha <dimuthu@adroitlogic.com>:
> >
> > > Hi Diaz,
> > >
> > > Thank you for quick response.
> > >
> > > Yes I referred to it. Problem is, in authorization code grant type,
> first
> > > user is requested to log in if he hasn't already when he requests
> > > authorization code. This login html and other parts of the web
> > application
> > > is not given in documentation. What I would prefer is a sample web
> > > application that can provide Oauth 2 endpoints and those login pages.
> > >
> > > On Fri, May 22, 2015 at 1:27 PM, Sebastien DIAZ <
> > sebastien.diaz@gmail.com>
> > > wrote:
> > >
> > > > hello
> > > >
> > > > I use some sample from the documentation.
> > > > https://cwiki.apache.org/confluence/display/OLTU/Documentation
> > > >
> > > > Regards
> > > >
> > > > S DIAZ
> > > >
> > > > 2015-05-22 9:52 GMT+02:00 Dimuthu Upeksha <dimuthu@adroitlogic.com>:
> > > >
> > > > > Hi,
> > > > >
> > > > > I need to create an OAuth 2 server using Oltu libraries that gives
> > > > support
> > > > > to authorization code grant type. Is there any opensource identity
> > > > provider
> > > > > implementation that already do this? Or where can I find some
> samples
> > > > > describing how Oltu can be used to do this?
> > > > >
> > > > > Thanks
> > > > > Dimuthu
> > > > >
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message