diff options
| author | Simon Rettberg | 2015-07-15 17:33:19 +0200 |
|---|---|---|
| committer | Simon Rettberg | 2015-07-15 17:33:19 +0200 |
| commit | 2987d0992a0609a3c9eb23048d87df630225b978 (patch) | |
| tree | 4f9a778563b2da0316bc3e637d2dd31ee5280b70 /dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java | |
| parent | [cilent] check if vmdk parsed from vmx is relative or absolute and do proper ... (diff) | |
| download | tutor-module-2987d0992a0609a3c9eb23048d87df630225b978.tar.gz tutor-module-2987d0992a0609a3c9eb23048d87df630225b978.tar.xz tutor-module-2987d0992a0609a3c9eb23048d87df630225b978.zip | |
Adapt to changed thrift api for improved session validation
Diffstat (limited to 'dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java')
| -rw-r--r-- | dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java | 115 |
1 files changed, 60 insertions, 55 deletions
diff --git a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java index e0eabb91..99c55be6 100644 --- a/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java +++ b/dozentenmodul/src/main/java/org/openslx/dozmod/authentication/ShibbolethEcp.java @@ -12,8 +12,8 @@ import org.apache.http.client.ClientProtocolException; import org.apache.http.client.methods.HttpGet; import org.apache.http.util.EntityUtils; import org.apache.log4j.Logger; -import org.openslx.bwlp.thrift.iface.AuthenticationError; -import org.openslx.bwlp.thrift.iface.TAuthenticationException; +import org.openslx.bwlp.thrift.iface.AuthorizationError; +import org.openslx.bwlp.thrift.iface.TAuthorizationException; import com.google.gson.Gson; import com.google.gson.GsonBuilder; @@ -33,44 +33,46 @@ public class ShibbolethEcp { * Static gson object for (de)serialization */ private static final Gson GSON = new GsonBuilder().create(); - + /** * ServiceProviderResponse Object representing the last response we received */ private static ServiceProviderResponse lastResponse = null; /** - * URL for bwLehrpool registration + * URL for bwLehrpool registration */ private static URL registrationUrl = null; + /** * Return codes */ public static enum ReturnCode { // TODO rework this... - NO_ERROR(0, "Authentication against the identity provider and request of the service provider resource worked."), + NO_ERROR(0, + "Authentication against the identity provider and request of the service provider resource worked."), IDENTITY_PROVIDER_ERROR(1, "Authentication against the identity provider failed."), UNREGISTERED_ERROR(2, "User not registered to use bwLehrpool."), SERVICE_PROVIDER_ERROR(3, "Invalid resource of the service provider."), INVALID_URL_ERROR(4, "Invalid URL received from master server."), GENERIC_ERROR(5, "Internal error."); - private final int id; - private final String msg; + private final int id; + private final String msg; - ReturnCode(int id, String msg) { - this.id = id; - this.msg = msg; - } + ReturnCode(int id, String msg) { + this.id = id; + this.msg = msg; + } - public int getId() { - return this.id; - } + public int getId() { + return this.id; + } - public String getMsg() { - return this.msg; - } + public String getMsg() { + return this.msg; + } } - + /** * Static URI to the SP. */ @@ -90,21 +92,23 @@ public class ShibbolethEcp { public static ServiceProviderResponse getResponse() { return lastResponse; } + /** * Fetches the resource - * + * * @param idpUrl - * URL of the identity provider to authenticate against, as String. + * URL of the identity provider to authenticate against, as + * String. * @param user * Username as String. * @param pass * Password as String. * @return - * true if login worked, false otherwise. - * @throws TAuthenticationException + * true if login worked, false otherwise. + * @throws TAuthorizationException */ public static ReturnCode doLogin(final String idpUrl, final String user, final String pass) - throws TAuthenticationException, URISyntaxException, ClientProtocolException, IOException, + throws TAuthorizationException, URISyntaxException, ClientProtocolException, IOException, ParseException, JsonSyntaxException, MalformedURLException { // first lets do some sanity checks @@ -127,43 +131,44 @@ public class ShibbolethEcp { // now init the authenticator for that idp and our static sp final ECPAuthenticator auth = new ECPAuthenticator(user, pass, new URI(idpUrl), BWLP_SP); - - try { + + try { auth.authenticate(); - } catch (ECPAuthenticationException e) { + } catch (ECPAuthenticationException e) { LOGGER.error("ECP Authentication Exception, see trace: ", e); - throw new TAuthenticationException(AuthenticationError.GENERIC_ERROR, e.getMessage()); - } - // here test again for the SP's URL - final HttpGet testSp = new HttpGet(BWLP_SP); - final HttpResponse response = auth.getHttpClient().execute(testSp); - - LOGGER.debug("SP request returned: " + response.getStatusLine()); - final String responseBody = EntityUtils.toString(response.getEntity()); - - lastResponse = GSON.fromJson(responseBody, ServiceProviderResponse.class); - - // TODO: here we will need to parse the answer accordingly. - // no errors, meaning everything worked fine. - if (lastResponse.status.equals("unregistered")) { + throw new TAuthorizationException(AuthorizationError.GENERIC_ERROR, e.getMessage()); + } + // here test again for the SP's URL + final HttpGet testSp = new HttpGet(BWLP_SP); + final HttpResponse response = auth.getHttpClient().execute(testSp); + + LOGGER.debug("SP request returned: " + response.getStatusLine()); + final String responseBody = EntityUtils.toString(response.getEntity()); + + lastResponse = GSON.fromJson(responseBody, ServiceProviderResponse.class); + + // TODO: here we will need to parse the answer accordingly. + // no errors, meaning everything worked fine. + if (lastResponse.status.equals("unregistered")) { registrationUrl = new URL(lastResponse.url); return ReturnCode.UNREGISTERED_ERROR; - } - // TODO the rest of the cases... - if (lastResponse.status.equals("error")) { - LOGGER.error("Server side error: " + lastResponse.error); - return ReturnCode.GENERIC_ERROR; - } - if (lastResponse.status.equals("anonymous")) { - LOGGER.error("IdP did not forward user account information to SP. Contact developper."); - return ReturnCode.GENERIC_ERROR; - } - if (lastResponse.status.equals("ok")) { - return ReturnCode.NO_ERROR; - } - // still here? then something else went wrong - return ReturnCode.GENERIC_ERROR; + } + // TODO the rest of the cases... + if (lastResponse.status.equals("error")) { + LOGGER.error("Server side error: " + lastResponse.error); + return ReturnCode.GENERIC_ERROR; + } + if (lastResponse.status.equals("anonymous")) { + LOGGER.error("IdP did not forward user account information to SP. Contact developper."); + return ReturnCode.GENERIC_ERROR; + } + if (lastResponse.status.equals("ok")) { + return ReturnCode.NO_ERROR; + } + // still here? then something else went wrong + return ReturnCode.GENERIC_ERROR; } + /** * @return Registration URL given by the SP. */ |