1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
package util;
import java.io.IOException;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.ClientProtocolException;
import org.apache.http.client.HttpClient;
import org.apache.http.client.ResponseHandler;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.util.EntityUtils;
import org.apache.log4j.Logger;
import org.opensaml.DefaultBootstrap;
import org.opensaml.xml.ConfigurationException;
import de.tudarmstadt.ukp.shibhttpclient.ShibHttpClient;
public class ShibbolethECP {
// Logger
private final static Logger LOGGER = Logger.getLogger(ShibbolethECP.class);
// IdP URL
private static String identityProviderUrl;
public static void setIdentityProviderUrl(String identityProviderUrl) {
ShibbolethECP.identityProviderUrl = identityProviderUrl;
}
public static boolean init(String idpUrl) {
try {
DefaultBootstrap.bootstrap();
} catch (ConfigurationException ce) {
ce.printStackTrace();
LOGGER.error("OpenSAML wrongly configured.");
return false;
}
if (idpUrl != null) {
// TODO sanity check on the URL?
setIdentityProviderUrl(idpUrl);
} else {
// no IdP given
return false;
}
// everything fine, return true
return true;
}
public static Boolean doLogin(final String user, final String pass) {
// first lets do some sanity checks
if (user == null) {
LOGGER.error("No username given, aborting...");
return false;
}
if (pass == null) {
LOGGER.error("No password given, aborting...");
return false;
}
if (identityProviderUrl == null) {
LOGGER.error("Identity provider is not set, did you initialize this class correctly?");
return false;
}
// The last argument indicates to accept any certificate
HttpClient client = new ShibHttpClient(identityProviderUrl, user, pass, true);
HttpGet req = new HttpGet("https://bwlp-masterserver.ruf.uni-freiburg.de/secure-all/test.php");
String res = null;
ResponseHandler<String> respHandler = new ResponseHandler<String>() {
public String handleResponse(final HttpResponse response) throws ClientProtocolException, IOException {
int status = response.getStatusLine().getStatusCode();
if (status == 200 || status == 302) {
HttpEntity entity = response.getEntity();
return entity != null ? EntityUtils.toString(entity) : null;
} else {
throw new ClientProtocolException("Unexpected response status: " + status);
}
}
};
try {
res = client.execute(req, respHandler);
} catch (ClientProtocolException e) {
// this is thrown on http return code not 200 or 302, indicates wrong login
// TODO handle this with possible error causes: creds wrong, etc...
LOGGER.error("Fatal error requesting '" + req.getURI() + "':", e);
return false;
} catch (IOException e) {
LOGGER.error("Fatal protocol error requesting '" + req.getURI() + "':", e);
return false;
}
// did we get a response?
if (res != null) {
LOGGER.info(res);
// return true, to signal a successful login
return true;
} else {
// we shouldn't actually reach this code...
LOGGER.error("Seems like the request worked, but the response is empty. Something is very wrong...");
return false;
}
}
}
|
