Coverage Report

Coverage Report - org.restafarian.core.filters.OpenIdFilter

Classes in this File

Line Coverage

Branch Coverage

Complexity

OpenIdFilter

0/79

0/26

2.778

 package org.restafarian.core.filters;
 
 import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
 
 import javax.servlet.Filter;
 import javax.servlet.FilterChain;
 import javax.servlet.FilterConfig;
 import javax.servlet.ServletException;
 import javax.servlet.ServletRequest;
 import javax.servlet.ServletResponse;
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.restafarian.core.beans.Person;
 import org.verisign.joid.OpenIdRuntimeException;
 import org.verisign.joid.consumer.AuthenticationException;
 import org.verisign.joid.consumer.AuthenticationResult;
 import org.verisign.joid.consumer.JoidConsumer;
 
 /**
  * <p>
  * This filter is a modified version of the OpenIdFilter that ships with JOID.
  * </p>
  */
 public class OpenIdFilter implements Filter {
         private static Log log = LogFactory.getLog(OpenIdFilter.class);
         private static JoidConsumer joid = new JoidConsumer();
         public static final String OPENID_ATTRIBUTE = "openid.identity";
         boolean saveIdentityUrlAsCookie = false;
         private String cookieDomain;
         private List ignorePaths = new ArrayList();
         private static boolean configuredProperly = false;
 
         public void init(FilterConfig filterConfig) throws ServletException {
                 log.info("init OpenIdFilter");
                 String saveInCookie = filterConfig.getInitParameter("saveInCookie");
                 if (saveInCookie != null) {
                         saveIdentityUrlAsCookie = org.verisign.joid.util.Boolean.parseBoolean(saveInCookie);
                         // saveIdentityUrlAsCookie = Boolean.parseBoolean(saveInCookie);
                         log.debug("saving identities in cookie: " + saveIdentityUrlAsCookie);
                 }
                 cookieDomain = filterConfig.getInitParameter("cookieDomain");
                 String ignorePaths = filterConfig.getInitParameter("ignorePaths");
                 if (ignorePaths != null) {
                         String paths[] = ignorePaths.split(",");
                         for (int i = 0; i < paths.length; i++) {
                                 String path = paths[i].trim();
                                 this.ignorePaths.add(path);
                         }
                 }
                 configuredProperly = true;
                 log.debug("end init OpenIdFilter");
         }
 
         /**
          * This is to check to make sure the OpenIdFilter is setup propertly in the
          * web.xml.
          */
         private static void ensureFilterConfiguredProperly() {
                 if (!configuredProperly) {
                         // log.warn("OpenIdFilter Not Configured Properly!");
                         throw new OpenIdRuntimeException("OpenIdFilter Not Configured Properly! Check your web.xml for OpenIdFilter.");
                 }
         }
 
         public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
                 // basically just check for openId parameters
                 HttpServletRequest request = (HttpServletRequest) servletRequest;
                 if (servletRequest.getParameter(OPENID_ATTRIBUTE) != null && !ignored(request)) {
                         try {
                                 AuthenticationResult result = joid.authenticate(convertToStringValueMap(servletRequest.getParameterMap()));
                                 String identity = result.getIdentity();
                                 if (identity != null) {
                                         HttpServletRequest req = (HttpServletRequest) servletRequest;
                                         req.getSession().setAttribute(OPENID_ATTRIBUTE, identity);
 // custom additions begin here ***************************************************
                                         Person user = new Person();
                                         user.setId(identity);
                                         user.setUri(identity);
                                         user.setName(request.getParameter("openid.sreg.fullname"));
                                         user.setEmail(request.getParameter("openid.sreg.email"));
                                         req.getSession().setAttribute("authenticatedUser", user);
 // custom additions end here *****************************************************
                                         HttpServletResponse resp = (HttpServletResponse) servletResponse; 
                                         Cookie cookie = new Cookie(OPENID_ATTRIBUTE, identity);
                                         if (cookieDomain != null) {
                                                 cookie.setDomain(cookieDomain);
                                         }
                                         resp.addCookie(cookie);
                                         String redirectTo = (String) req.getSession().getAttribute("postLogonReturnPath");
 System.out.println("redirectTo: " + redirectTo);
                                         if (redirectTo == null || redirectTo.length() == 0) {
                                                 redirectTo = result.getResponse().getReturnTo();
 System.out.println("redirectTo: " + redirectTo);
                                         }
 System.out.println("redirectTo: " + redirectTo);
                                         resp.sendRedirect(redirectTo);
                                         return;
                                 }
                         } catch (AuthenticationException e) {
                                 e.printStackTrace();
                                 log.info("auth failed: " + e.getMessage());
                                 // should this be handled differently?
                         } catch (Exception e) {
                                 e.printStackTrace();
                         }
                 }
                 filterChain.doFilter(servletRequest, servletResponse);
         }
 
         private boolean ignored(HttpServletRequest request) {
                 String servletPath = request.getServletPath();
                 for (int i = 0; i < ignorePaths.size(); i++) {
                         String s = (String) ignorePaths.get(i);
                         if (servletPath.startsWith(s)) {
                                 // System.out.println("IGNORING: " + servletPath);
                                 return true;
                         }
                 }
                 return false;
         }
 
         public static void logout(HttpSession session) {
                 session.removeAttribute(OPENID_ATTRIBUTE);
         }
 
         private Map convertToStringValueMap(Map parameterMap) {
                 Map ret = new HashMap();
                 Set set = parameterMap.entrySet();
                 for (Iterator iter = set.iterator(); iter.hasNext();) {
                         Map.Entry mapEntry = (Map.Entry) iter.next();
                         String key = (String) mapEntry.getKey();
                         String[] value = (String[]) mapEntry.getValue();
                         ret.put(key, value[0]);
                 }
                 return ret;
         }
 
         public void destroy() {
         }
 
         public static JoidConsumer joid() {
                 return joid;
         }
 
         public static String getCurrentUser(HttpSession session) {
                 ensureFilterConfiguredProperly();
                 return (String) session.getAttribute(OPENID_ATTRIBUTE);
         }
 }

1		package org.restafarian.core.filters;
2
3		import java.io.IOException;
4		import java.util.ArrayList;
5		import java.util.HashMap;
6		import java.util.Iterator;
7		import java.util.List;
8		import java.util.Map;
9		import java.util.Set;
10
11		import javax.servlet.Filter;
12		import javax.servlet.FilterChain;
13		import javax.servlet.FilterConfig;
14		import javax.servlet.ServletException;
15		import javax.servlet.ServletRequest;
16		import javax.servlet.ServletResponse;
17		import javax.servlet.http.Cookie;
18		import javax.servlet.http.HttpServletRequest;
19		import javax.servlet.http.HttpServletResponse;
20		import javax.servlet.http.HttpSession;
21
22		import org.apache.commons.logging.Log;
23		import org.apache.commons.logging.LogFactory;
24		import org.restafarian.core.beans.Person;
25		import org.verisign.joid.OpenIdRuntimeException;
26		import org.verisign.joid.consumer.AuthenticationException;
27		import org.verisign.joid.consumer.AuthenticationResult;
28		import org.verisign.joid.consumer.JoidConsumer;
29
30		/**
31		* <p>
32		* This filter is a modified version of the OpenIdFilter that ships with JOID.
33		* </p>
34		*/
35	0	public class OpenIdFilter implements Filter {
36	0	private static Log log = LogFactory.getLog(OpenIdFilter.class);
37	0	private static JoidConsumer joid = new JoidConsumer();
38		public static final String OPENID_ATTRIBUTE = "openid.identity";
39	0	boolean saveIdentityUrlAsCookie = false;
40		private String cookieDomain;
41	0	private List ignorePaths = new ArrayList();
42	0	private static boolean configuredProperly = false;
43
44		public void init(FilterConfig filterConfig) throws ServletException {
45	0	log.info("init OpenIdFilter");
46	0	String saveInCookie = filterConfig.getInitParameter("saveInCookie");
47	0	if (saveInCookie != null) {
48	0	saveIdentityUrlAsCookie = org.verisign.joid.util.Boolean.parseBoolean(saveInCookie);
49		// saveIdentityUrlAsCookie = Boolean.parseBoolean(saveInCookie);
50	0	log.debug("saving identities in cookie: " + saveIdentityUrlAsCookie);
51		}
52	0	cookieDomain = filterConfig.getInitParameter("cookieDomain");
53	0	String ignorePaths = filterConfig.getInitParameter("ignorePaths");
54	0	if (ignorePaths != null) {
55	0	String paths[] = ignorePaths.split(",");
56	0	for (int i = 0; i < paths.length; i++) {
57	0	String path = paths[i].trim();
58	0	this.ignorePaths.add(path);
59		}
60		}
61	0	configuredProperly = true;
62	0	log.debug("end init OpenIdFilter");
63	0	}
64
65		/**
66		* This is to check to make sure the OpenIdFilter is setup propertly in the
67		* web.xml.
68		*/
69		private static void ensureFilterConfiguredProperly() {
70	0	if (!configuredProperly) {
71		// log.warn("OpenIdFilter Not Configured Properly!");
72	0	throw new OpenIdRuntimeException("OpenIdFilter Not Configured Properly! Check your web.xml for OpenIdFilter.");
73		}
74	0	}
75
76		public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
77		// basically just check for openId parameters
78	0	HttpServletRequest request = (HttpServletRequest) servletRequest;
79	0	if (servletRequest.getParameter(OPENID_ATTRIBUTE) != null && !ignored(request)) {
80		try {
81	0	AuthenticationResult result = joid.authenticate(convertToStringValueMap(servletRequest.getParameterMap()));
82	0	String identity = result.getIdentity();
83	0	if (identity != null) {
84	0	HttpServletRequest req = (HttpServletRequest) servletRequest;
85	0	req.getSession().setAttribute(OPENID_ATTRIBUTE, identity);
86		// custom additions begin here ***************************************************
87	0	Person user = new Person();
88	0	user.setId(identity);
89	0	user.setUri(identity);
90	0	user.setName(request.getParameter("openid.sreg.fullname"));
91	0	user.setEmail(request.getParameter("openid.sreg.email"));
92	0	req.getSession().setAttribute("authenticatedUser", user);
93		// custom additions end here *****************************************************
94	0	HttpServletResponse resp = (HttpServletResponse) servletResponse;
95	0	Cookie cookie = new Cookie(OPENID_ATTRIBUTE, identity);
96	0	if (cookieDomain != null) {
97	0	cookie.setDomain(cookieDomain);
98		}
99	0	resp.addCookie(cookie);
100	0	String redirectTo = (String) req.getSession().getAttribute("postLogonReturnPath");
101	0	System.out.println("redirectTo: " + redirectTo);
102	0	if (redirectTo == null \|\| redirectTo.length() == 0) {
103	0	redirectTo = result.getResponse().getReturnTo();
104	0	System.out.println("redirectTo: " + redirectTo);
105		}
106	0	System.out.println("redirectTo: " + redirectTo);
107	0	resp.sendRedirect(redirectTo);
108	0	return;
109		}
110	0	} catch (AuthenticationException e) {
111	0	e.printStackTrace();
112	0	log.info("auth failed: " + e.getMessage());
113		// should this be handled differently?
114	0	} catch (Exception e) {
115	0	e.printStackTrace();
116	0	}
117		}
118	0	filterChain.doFilter(servletRequest, servletResponse);
119	0	}
120
121		private boolean ignored(HttpServletRequest request) {
122	0	String servletPath = request.getServletPath();
123	0	for (int i = 0; i < ignorePaths.size(); i++) {
124	0	String s = (String) ignorePaths.get(i);
125	0	if (servletPath.startsWith(s)) {
126		// System.out.println("IGNORING: " + servletPath);
127	0	return true;
128		}
129		}
130	0	return false;
131		}
132
133		public static void logout(HttpSession session) {
134	0	session.removeAttribute(OPENID_ATTRIBUTE);
135	0	}
136
137		private Map convertToStringValueMap(Map parameterMap) {
138	0	Map ret = new HashMap();
139	0	Set set = parameterMap.entrySet();
140	0	for (Iterator iter = set.iterator(); iter.hasNext();) {
141	0	Map.Entry mapEntry = (Map.Entry) iter.next();
142	0	String key = (String) mapEntry.getKey();
143	0	String[] value = (String[]) mapEntry.getValue();
144	0	ret.put(key, value[0]);
145	0	}
146	0	return ret;
147		}
148
149		public void destroy() {
150	0	}
151
152		public static JoidConsumer joid() {
153	0	return joid;
154		}
155
156		public static String getCurrentUser(HttpSession session) {
157	0	ensureFilterConfiguredProperly();
158	0	return (String) session.getAttribute(OPENID_ATTRIBUTE);
159		}
160		}