[Carbon-dev] svn commit r32355 - in trunk/carbon-components/identity: org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/internal org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/mex org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/admin org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/intenal org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/util
prabath at wso2.com
prabath at wso2.com
Sun Mar 22 02:32:59 PDT 2009
Author: prabath
Date: Sun Mar 22 02:32:59 2009
New Revision: 32355
URL: http://wso2.org/svn/browse/wso2?view=rev&revision=32355
Log:
identity
Added:
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/InitialClaimsProcessor.java
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/Initializer.java
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/internal/
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/internal/Activator.java
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardHeader.java
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardProviderData.java
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardToken.java
trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/intenal/
trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/intenal/Activator.java
trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/util/
trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/util/STSUtil.java
Removed:
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/mex/
Modified:
trunk/carbon-components/identity/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java
trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/IdentityProviderUtil.java
trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/admin/STSConfigAdmin.java
Modified: trunk/carbon-components/identity/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java?rev=32355&r1=32354&r2=32355&view=diff
==============================================================================
--- trunk/carbon-components/identity/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java (original)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.core/src/main/java/org/wso2/carbon/identity/core/persistence/IdentityPersistenceManager.java Sun Mar 22 02:32:59 2009
@@ -4,6 +4,7 @@
import org.wso2.carbon.identity.core.IdentityException;
import org.wso2.carbon.identity.core.model.ClaimDO;
+import org.wso2.carbon.identity.core.model.DialectDO;
import org.wso2.carbon.identity.core.model.InfoCardDO;
import org.wso2.carbon.identity.core.model.IssuedTokensDO;
import org.wso2.carbon.identity.core.model.OpenIDUserRPDO;
@@ -182,4 +183,16 @@
}
+ public DialectDO[] getAllSupportedDialects() {
+ return null;
+ }
+
+ public void createDialect(DialectDO dialect) {
+
+ }
+
+ public void createClaim(ClaimDO claim) {
+
+ }
+
}
Modified: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/IdentityProviderUtil.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/IdentityProviderUtil.java?rev=32355&r1=32354&r2=32355&view=diff
==============================================================================
--- trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/IdentityProviderUtil.java (original)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/IdentityProviderUtil.java Sun Mar 22 02:32:59 2009
@@ -32,6 +32,16 @@
private static Log log = LogFactory.getLog(IdentityProviderUtil.class);
private static Registry registry;
+
+ private static boolean intial;
+
+ public static boolean isIntial() {
+ return intial;
+ }
+
+ public static void setIntial(boolean intial) {
+ IdentityProviderUtil.intial = intial;
+ }
public static Registry getRegistry() {
return registry;
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/InitialClaimsProcessor.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/InitialClaimsProcessor.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/InitialClaimsProcessor.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,157 @@
+/*
+ * Copyright 2005,2006 WSO2, Inc. http://www.wso2.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.identity.provider;
+
+import org.apache.axiom.om.OMElement;
+import org.apache.axiom.om.impl.builder.StAXOMBuilder;
+import org.wso2.carbon.identity.core.IdentityException;
+import org.wso2.carbon.identity.core.model.ClaimDO;
+import org.wso2.carbon.identity.core.model.DialectDO;
+
+import javax.xml.namespace.QName;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+
+/**
+ * This processes the list of initial claims given to the identity provider at the initial start up.
+ */
+public class InitialClaimsProcessor {
+
+ public final static String LN_CLAIMS = "Claims";
+ public final static String LN_CLAIM_TYPE = "ClaimType";
+ public final static String LN_DISPLAY_TAG = "DisplayTag";
+ public final static String LN_DESCRIPTION = "Description";
+ public final static String LN_OPENID_TAG = "OpenIDTag";
+ public final static String ATTR_DIALECT = "Dialect";
+ public final static String ATTR_DIALECT_INFO = "DialectInfo";
+ public final static String ATTR_URI = "Uri";
+
+ private ArrayList<ClaimDO> claimList = new ArrayList<ClaimDO>();
+ private ArrayList<DialectDO> dialectList = new ArrayList<DialectDO>();
+
+ /**
+ *
+ * @param initialClaims
+ * @throws IdentityProviderException
+ */
+ public void process(OMElement initialClaims) throws IdentityException {
+ Iterator claims = null;
+
+ claims = initialClaims.getChildrenWithName(new QName(LN_CLAIMS));
+
+ while (claims.hasNext()) {
+ OMElement claimsElement = null;
+ String dialectUri = null;
+
+ claimsElement = (OMElement) claims.next();
+ dialectUri = claimsElement.getAttributeValue(new QName(ATTR_DIALECT));
+
+ if (dialectUri != null && dialectUri.length() != 0) {
+ String dialectInfo = null;
+ DialectDO dialect = null;
+ Iterator claimTypes = null;
+
+ dialectInfo = claimsElement.getAttributeValue(new QName(ATTR_DIALECT_INFO));
+ dialect = new DialectDO();
+ dialect.setDialectUri(dialectUri);
+ dialect.setDialectInfo(dialectInfo);
+
+ claimTypes = claimsElement.getChildrenWithName(new QName(LN_CLAIM_TYPE));
+
+ while (claimTypes.hasNext()) {
+ OMElement claimTypeElem = null;
+ String claimUri = null;
+
+ claimTypeElem = (OMElement) claimTypes.next();
+ claimUri = claimTypeElem.getAttributeValue(new QName(ATTR_URI));
+
+ if (claimUri != null && claimUri.length() != 0) {
+ OMElement dnElem = null;
+ String displayTag = null;
+ OMElement descElem = null;
+ String description = null;
+ OMElement openIDElem = null;
+ String openIDTag = null;
+ ClaimDO claimDO = null;
+
+ dnElem = claimTypeElem.getFirstChildWithName(new QName(LN_DISPLAY_TAG));
+
+ if (dnElem != null) {
+ displayTag = dnElem.getText();
+ }
+
+ descElem = claimTypeElem.getFirstChildWithName(new QName(LN_DISPLAY_TAG));
+
+ if (dnElem != null) {
+ description = descElem.getText();
+ }
+
+ // Claims which are supported by OpenID will have a OpenIDTag.
+ openIDElem = claimTypeElem.getFirstChildWithName(new QName(LN_OPENID_TAG));
+
+ if (openIDElem != null) {
+ openIDTag = openIDElem.getText();
+ }
+
+ claimDO = new ClaimDO();
+ claimDO.setUri(claimUri);
+ claimDO.setDisplayTag(displayTag);
+ claimDO.setDescription(description);
+ claimDO.setOpenIDTag(openIDTag);
+ claimDO.setDialect(dialect);
+
+ this.claimList.add(claimDO);
+ } else {
+ throw new IdentityException(LN_CLAIM_TYPE + " element MUST contain a "
+ + ATTR_URI + " uri value");
+ }
+ }
+ this.dialectList.add(dialect);
+ } else {
+ throw new IdentityException(LN_CLAIMS + " element MUST contain a " + ATTR_DIALECT
+ + " uri value");
+ }
+ }
+ }
+
+ /**
+ *
+ * @param filePath
+ * @throws IdentityProviderException
+ */
+ public void process(String filePath) throws IdentityException {
+ StAXOMBuilder builder = null;
+ OMElement element = null;
+
+ try {
+ builder = new StAXOMBuilder(filePath);
+ element = builder.getDocumentElement();
+ this.process(element);
+ } catch (Exception e) {
+ throw new IdentityException(e.getMessage(), e);
+ }
+ }
+
+ public ArrayList<ClaimDO> getClaimList() {
+ return claimList;
+ }
+
+ public ArrayList<DialectDO> getDialectList() {
+ return dialectList;
+ }
+
+}
\ No newline at end of file
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/Initializer.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/Initializer.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/Initializer.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,195 @@
+/*
+ * Copyright 2005,2006 WSO2, Inc. http://www.wso2.org
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.wso2.carbon.identity.provider;
+
+import java.util.ArrayList;
+import java.util.Iterator;
+
+import org.apache.axis2.AxisFault;
+import org.wso2.carbon.identity.core.IdentityConstants;
+import org.wso2.carbon.identity.core.IdentityException;
+import org.wso2.carbon.identity.core.admin.ClaimsAdmin;
+import org.wso2.carbon.identity.core.admin.ParameterAdmin;
+import org.wso2.carbon.identity.core.model.ClaimDO;
+import org.wso2.carbon.identity.core.model.DialectDO;
+import org.wso2.carbon.identity.core.model.RelyingPartyDO;
+import org.wso2.carbon.identity.core.persistence.IdentityPersistenceManager;
+import org.wso2.carbon.utils.ServerConfiguration;
+import org.wso2.carbon.utils.ServerException;
+
+/**
+ * WSO2 WSAS <code>ServerInitializer</code> implementation to carry out initial configuration setup
+ * of the Identity Solution : Identity Provider.
+ */
+public class Initializer {
+
+ /**
+ * {@inheritDoc} Here we carry out all initialization work of the identity solution : identity
+ * provider
+ */
+ public void init() throws AxisFault, ServerException {
+
+ try {
+
+ IdentityPersistenceManager dbAdmin = IdentityPersistenceManager.getPersistanceManager();
+
+ // Checking whether the initial startup - at least one dialect must
+ // be there
+ DialectDO[] dialectDOs = dbAdmin.getAllSupportedDialects();
+
+ boolean isInitial = false;
+ if (dialectDOs.length == 0) {
+ isInitial = true;
+ }
+
+ IdentityProviderUtil.setIntial(isInitial);
+
+ if (isInitial) {
+ addDialectsAndClaims();
+ addParameters();
+
+ // Add the globally trusted relying party
+ RelyingPartyDO rp = new RelyingPartyDO();
+
+ ServerConfiguration serverConfig = ServerConfiguration.getInstance();
+ rp.setHostName(serverConfig.getFirstProperty("HostName"));
+ rp.setAlias(serverConfig.getFirstProperty("Security.KeyStore.KeyAlias"));
+ dbAdmin.createRelyingParty(rp);
+ }
+ } catch (Exception e) {
+ throw new AxisFault(e.getMessage(), e);
+ }
+
+ }
+
+ private void addDialectsAndClaims() throws IdentityProviderException, AxisFault {
+
+ IdentityPersistenceManager dbAdmin = null;
+ try {
+ dbAdmin = IdentityPersistenceManager.getPersistanceManager();
+ } catch (IdentityException e) {
+ throw new IdentityProviderException(e.getMessage(), e);
+ }
+
+ InitialClaimsProcessor claimsProcessor = new InitialClaimsProcessor();
+ try {
+ claimsProcessor.process(IdentityConstants.INITIAL_CLAIMS_FILE_PATH);
+ } catch (IdentityException e) {
+ throw new IdentityProviderException(e.getMessage(), e);
+ }
+ ArrayList dialects = claimsProcessor.getDialectList();
+ for (Iterator iter = dialects.iterator(); iter.hasNext();) {
+ DialectDO dialect = (DialectDO) iter.next();
+ dbAdmin.createDialect(dialect);
+ }
+
+ ArrayList claims = claimsProcessor.getClaimList();
+ for (Iterator iter = claims.iterator(); iter.hasNext();) {
+ ClaimDO claim = (ClaimDO) iter.next();
+ if (claim.getUri().equals(IdentityConstants.CLAIM_PPID)) {
+ claim.setUserEditable(false);
+ }
+ dbAdmin.createClaim(claim);
+ }
+
+ // Setup claims for the sample
+ ClaimsAdmin claimsAdmin;
+ try {
+ claimsAdmin = new ClaimsAdmin();
+ } catch (IdentityException e) {
+ throw new IdentityProviderException(e.getMessage(), e);
+ }
+ ClaimDO[] claimDOs = claimsAdmin.getAllClaims();
+ // Set supported
+ for (int i = 0; i < claimDOs.length; i++) {
+
+ ClaimDO claim = claimDOs[i];
+
+ // Following claims or a subset of it is required by the OpenID
+ // Simple Attribute Registration - So, we accept all these as
+ // required parameters, at a time user registers with us - still
+ // this configurable through the Admin UI.
+
+ if (claim.getUri().equals(IdentityConstants.CLAIM_EMAIL_ADDRESS)) {
+ claim.setAttrId(IdentityConstants.CLAIM_EMAIL_ADDRESS);
+ claim.setRequired(true);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_NICKNAME)) {
+ claim.setAttrId(IdentityConstants.CLAIM_NICKNAME);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_DOB)) {
+ claim.setAttrId(IdentityConstants.CLAIM_DOB);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_GENDER)) {
+ claim.setAttrId(IdentityConstants.CLAIM_GENDER);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_POSTAL_CODE)) {
+ claim.setAttrId(IdentityConstants.CLAIM_POSTAL_CODE);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_COUNTRY)) {
+ claim.setAttrId(IdentityConstants.CLAIM_COUNTRY);
+ claim.setRequired(true);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_LANGUAGE)) {
+ claim.setAttrId(IdentityConstants.CLAIM_LANGUAGE);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_TIME_ZONE)) {
+ claim.setAttrId(IdentityConstants.CLAIM_TIME_ZONE);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_FULLNAME)) {
+ claim.setAttrId(IdentityConstants.CLAIM_FULLNAME);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_GIVEN_NAME)) {
+ claim.setAttrId(IdentityConstants.CLAIM_GIVEN_NAME);
+ claim.setRequired(true);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_SURNAME)) {
+ claim.setAttrId(IdentityConstants.CLAIM_SURNAME);
+ claim.setRequired(true);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_PPID)) {
+ claim.setRequired(true);
+ } else if (claim.getUri().equals(IdentityConstants.CLAIM_OPENID)) {
+ claim.setAttrId(IdentityConstants.CLAIM_OPENID);
+ claim.setUserEditable(true);
+ claimsAdmin.updateClaim(claim);
+ }
+
+ if (claim.getUri().equals(IdentityConstants.CLAIM_EMAIL_ADDRESS)
+ || claim.getUri().equals(IdentityConstants.CLAIM_NICKNAME)
+ || claim.getUri().equals(IdentityConstants.CLAIM_DOB)
+ || claim.getUri().equals(IdentityConstants.CLAIM_GENDER)
+ || claim.getUri().equals(IdentityConstants.CLAIM_POSTAL_CODE)
+ || claim.getUri().equals(IdentityConstants.CLAIM_COUNTRY)
+ || claim.getUri().equals(IdentityConstants.CLAIM_LANGUAGE)
+ || claim.getUri().equals(IdentityConstants.CLAIM_TIME_ZONE)
+ || claim.getUri().equals(IdentityConstants.CLAIM_FULLNAME)
+ || claim.getUri().equals(IdentityConstants.CLAIM_GIVEN_NAME)
+ || claim.getUri().equals(IdentityConstants.CLAIM_SURNAME)
+ || claim.getUri().equals(IdentityConstants.CLAIM_OPENID)
+ || claim.getUri().equals(IdentityConstants.CLAIM_PPID)) {
+ claim.setSupported(true);
+ claimsAdmin.updateClaim(claim);
+ }
+ }
+ }
+
+ /**
+ * Called only when the Identity Solution is coming up for the first time
+ */
+ private void addParameters() throws Exception {
+ ParameterAdmin admin = new ParameterAdmin();
+
+ admin.createOrUpdateParameter(IdentityConstants.PARAM_SUPPORTED_TOKEN_TYPES,
+ IdentityConstants.SAML10_URL + "," + IdentityConstants.SAML11_URL + ","
+ + IdentityConstants.SAML20_URL + "," + IdentityConstants.OpenId.OPENID_URL);
+
+ admin.createOrUpdateParameter(IdentityConstants.PARAM_CARD_NAME,
+ IdentityConstants.PARAM_VALUE_CARD_NAME);
+ admin.createOrUpdateParameter(IdentityConstants.PARAM_VALID_PERIOD,
+ IdentityConstants.PARAM_VALUE_VALID_PERIOD);
+ }
+
+}
\ No newline at end of file
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/internal/Activator.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/internal/Activator.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/internal/Activator.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,30 @@
+package org.wso2.carbon.identity.provider.internal;
+
+import org.osgi.framework.BundleActivator;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.wso2.carbon.identity.provider.IdentityProviderUtil;
+import org.wso2.carbon.registry.core.service.RegistryService;
+import org.wso2.carbon.identity.provider.Initializer;
+
+public class Activator implements BundleActivator {
+
+ public void start(BundleContext bundleContext) throws Exception {
+ ServiceReference reference = bundleContext.getServiceReference(RegistryService.class
+ .getName());
+ RegistryService registryService = null;
+
+
+ registryService = (RegistryService) bundleContext.getService(reference);
+ IdentityProviderUtil.setRegistry(registryService.getSystemRegistry());
+
+ new Initializer().init();
+
+ }
+
+ public void stop(BundleContext arg0) throws Exception {
+ // TODO Auto-generated method stub
+
+ }
+
+}
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardHeader.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardHeader.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardHeader.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,142 @@
+/*
+ * Copyright 2005-2008 WSO2, Inc. (http://wso2.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.wso2.carbon.identity.provider.openid.infocard;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.openid4java.association.Association;
+import org.openid4java.association.AssociationException;
+import org.openid4java.message.AuthSuccess;
+import org.openid4java.message.MessageException;
+import org.openid4java.message.Parameter;
+import org.openid4java.message.ParameterList;
+import org.openid4java.server.ServerManager;
+import org.wso2.carbon.identity.core.IdentityConstants;
+import org.wso2.carbon.identity.provider.IdentityProviderException;
+
+public class OpenIDInfoCardHeader {
+
+ private final static int EXPIRES_IN = 1000;
+ private static Log log = LogFactory.getLog(OpenIDInfoCardHeader.class);
+
+ private ServerManager manager;
+ private String nonce;
+ private Association assoc;
+ private String openID;
+ private String returnTo;
+ private String opAdress;
+
+ /**
+ * @param manager
+ */
+ public OpenIDInfoCardHeader(ServerManager manager) {
+ this.manager = manager;
+ }
+
+ /**
+ * Build the OpenIDToken header with the provided parameters.
+ *
+ * @param openID OpenID Url
+ * @param opAddress OpenID Provider server Url
+ * @param appliesTo true/false
+ * @return OpenIDToken header
+ * @throws IdentityProviderException
+ */
+ public ParameterList buildHeader(String openID, String opAddress, String appliesTo)
+ throws IdentityProviderException {
+
+ ParameterList params = null;
+
+ params = new ParameterList();
+ this.nonce = getNonce();
+ this.returnTo = appliesTo;
+ this.openID = openID;
+ this.opAdress = opAddress;
+
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_NS,
+ IdentityConstants.OpenId.OPENID_URL));
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_OP_ENDPOINT, opAddress));
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_CLAIM_ID, openID));
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_RESPONSE_NONCE, nonce));
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_MODE, "id_res"));
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_IDENTITY, openID));
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_RETURN_TO, appliesTo));
+
+ try {
+ this.assoc = getAssocHandle();
+ params
+ .set(new Parameter(IdentityConstants.OpenId.ATTR_ASSOC_HANDLE, assoc
+ .getHandle()));
+ } catch (AssociationException e) {
+ log.error("Failed to retreive assoc handle while building OpenID InfoCard header", e);
+ throw new IdentityProviderException(e.getMessage());
+ }
+
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_SIGNED,
+ "op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle"));
+
+ try {
+ params.set(new Parameter(IdentityConstants.OpenId.ATTR_SIG, getSignature(false)));
+ } catch (AssociationException e) {
+ throw new IdentityProviderException(e.getMessage());
+ } catch (MessageException msgEx) {
+ throw new IdentityProviderException(msgEx.getMessage());
+ }
+
+ return params;
+ }
+
+ /**
+ * Creates an association between the OpenID Provider and the Relying Party.
+ *
+ * @return Association.
+ * @throws AssociationException
+ */
+ private Association getAssocHandle() throws AssociationException {
+
+ return manager.getPrivateAssociations().generate(
+ org.openid4java.association.Association.TYPE_HMAC_SHA1, EXPIRES_IN);
+ }
+
+ /**
+ * Generates nonce token to uniquely identify authentication responses.
+ *
+ * @return Nonce token.
+ */
+ private String getNonce() {
+ return manager.getNonceGenerator().next();
+ }
+
+ /**
+ * Creates the signature out of the specified parameters
+ *
+ * @param compatibilty Indicates the compatibility.
+ * @return Signature.
+ * @throws MessageException
+ * @throws AssociationException
+ */
+ private String getSignature(boolean compatibilty) throws MessageException, AssociationException {
+ AuthSuccess openidResp = null;
+
+ openidResp = AuthSuccess.createAuthSuccess(opAdress, openID, openID, compatibilty,
+ returnTo, nonce, null, assoc, true);
+
+ // sign the message
+ return openidResp.getSignature();
+ }
+
+}
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardProviderData.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardProviderData.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardProviderData.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,158 @@
+/*
+ * Copyright 2005-2008 WSO2, Inc. (http://wso2.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.wso2.carbon.identity.provider.openid.infocard;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.rahas.RahasData;
+import org.wso2.carbon.identity.provider.IdentityProviderException;
+import org.wso2.carbon.identity.core.IdentityConstants;
+import org.wso2.carbon.identity.core.IdentityException;
+import org.wso2.carbon.identity.core.UserStore;
+import org.wso2.carbon.identity.core.model.ClaimDO;
+import org.wso2.carbon.identity.provider.IdentityProviderData;
+
+public class OpenIDInfoCardProviderData extends IdentityProviderData {
+
+ private static Map<String, String> axMapping = new HashMap<String, String>();
+
+ static {
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.EMAIL_NS,
+ IdentityConstants.CLAIM_EMAIL_ADDRESS);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.POSTAL_CODE_NS,
+ IdentityConstants.CLAIM_POSTAL_CODE);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.NICK_NAME_NS,
+ IdentityConstants.CLAIM_NICKNAME);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.COUNTRY_NS,
+ IdentityConstants.CLAIM_COUNTRY);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.FULL_NAME_NS,
+ IdentityConstants.OpenId.SimpleRegAttributes.FULL_NAME);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.DOB_NS,
+ IdentityConstants.OpenId.SimpleRegAttributes.DOB_NS);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.TIMEZONE_NS,
+ IdentityConstants.OpenId.SimpleRegAttributes.TIMEZONE_NS);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.GENDER_NS,
+ IdentityConstants.OpenId.SimpleRegAttributes.GENDER_NS);
+ axMapping.put(IdentityConstants.OpenId.ExchangeAttributes.LANGUAGE_NS,
+ IdentityConstants.OpenId.SimpleRegAttributes.LANGUAGE_NS);
+
+ }
+
+ /**
+ * This provides a mapping between http://schema.openid.net/ and http://axschema.org
+ *
+ * @param val schema name-space URL
+ * @return mapped value
+ */
+ protected String getMappedAxSchema(String val) {
+ if (axMapping.containsKey(val)) {
+ return axMapping.get(val);
+ }
+
+ return val;
+ }
+
+ /**
+ * Populate CardSpace specific meta-data.
+ *
+ * @param data WS-Trust information in the issue request.
+ * @throws IdentityProviderException
+ * @throws ClassNotFoundException
+ */
+ public OpenIDInfoCardProviderData(RahasData data) throws IdentityProviderException,
+ ClassNotFoundException {
+ super(data);
+ }
+
+ /**
+ * This overrides the base class functionality to suit the OpenID related functionality.
+ */
+ protected void populateClaimValues(RahasData rahasData) throws IdentityProviderException {
+
+ UserStore connector = null;
+ Iterator iterator = null;
+ List<String> list = null;
+ OpenIDRequestedClaimData requestedClaimData = null;
+ String userId = null;
+ Map<String, String> mapValues = null;
+ ClaimDO claimDO = null;
+ String attrId = null;
+ String claimVal = null;
+ ClaimDO claim = null;
+
+ try {
+ connector = UserStore.getInstance();
+ } catch (IdentityException e) {
+ throw new IdentityProviderException(e.getMessage(), e);
+ }
+
+ // Get the column names for the URIs
+ iterator = requestedClaims.values().iterator();
+ list = new ArrayList<String>();
+
+ // First we need to figure-out which attributed we need to retrieve from
+ // the user store.
+ while (iterator.hasNext()) {
+ requestedClaimData = (OpenIDRequestedClaimData) iterator.next();
+ claim = (ClaimDO) claimObjs.get(getMappedAxSchema(requestedClaimData.uri));
+ if (claim != null && !claim.getUri().equals(IdentityConstants.CLAIM_PPID)) {
+ list.add(claim.getAttrId());
+ }
+ }
+
+ // Get the user id.
+ userId = getUserIdentifier();
+
+ // Get the claims values corresponding to the user from the user store.
+ try {
+ mapValues = connector.getClaimValues(userId, list);
+ } catch (IdentityException e) {
+ throw new IdentityProviderException(e.getMessage(), e);
+ }
+ iterator = requestedClaims.values().iterator();
+
+ // Iterate through the claim values retrieved and requestedClaims will
+ // be populated with the corresponding values.
+ while (iterator.hasNext()) {
+ requestedClaimData = (OpenIDRequestedClaimData) iterator.next();
+ claimDO = ((ClaimDO) this.claimObjs.get(getMappedAxSchema(requestedClaimData.uri)));
+ attrId = claimDO.getAttrId();
+ claimVal = (String) mapValues.get(attrId);
+ requestedClaimData.value = claimVal;
+ requestedClaimData.openIDTag = claimDO.getOpenIDTag();
+ }
+ }
+
+ /**
+ * This overrides the base class functionality to suit the OpenID related functionality.
+ */
+ protected RequestedClaimData getRequestedClaim() {
+ return new OpenIDRequestedClaimData();
+ }
+
+ /**
+ * This class is related to the OpenID functionality. All the claims which support OpenID should
+ * have OpenIDTag defined for it.
+ */
+ public class OpenIDRequestedClaimData extends RequestedClaimData {
+ public String openIDTag;
+ }
+}
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardToken.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardToken.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.provider/src/main/java/org/wso2/carbon/identity/provider/openid/infocard/OpenIDInfoCardToken.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2005-2008 WSO2, Inc. (http://wso2.com)
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.wso2.carbon.identity.provider.openid.infocard;
+
+import org.openid4java.infocard.OpenIDToken;
+import org.openid4java.message.Message;
+
+public class OpenIDInfoCardToken extends OpenIDToken {
+
+ /**
+ * Constructs an OpenID token encapsulating the provided OpenID Message. Should be used on the
+ * OP/STS side to generate a RSTR.
+ *
+ * @param openidMessage The OpenID message obtained from ServerManager.authResponse().
+ */
+ public OpenIDInfoCardToken(Message openidMessage) {
+ super(openidMessage);
+
+ }
+
+ /**
+ * Returns a well-formatted string token corresponding to the parameter list.
+ */
+ public String getToken() {
+ return getOpenIDMessage().keyValueFormEncoding();
+ }
+
+}
Modified: trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/admin/STSConfigAdmin.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/admin/STSConfigAdmin.java?rev=32355&r1=32354&r2=32355&view=diff
==============================================================================
--- trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/admin/STSConfigAdmin.java (original)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/admin/STSConfigAdmin.java Sun Mar 22 02:32:59 2009
@@ -28,6 +28,7 @@
import org.wso2.carbon.identity.provider.IdentityProviderConstants;
import org.wso2.carbon.identity.provider.IdentityProviderException;
import org.wso2.carbon.identity.sts.IPPasswordCallback;
+import org.wso2.carbon.identity.sts.util.STSUtil;
import org.wso2.carbon.registry.core.exceptions.RegistryException;
import org.wso2.carbon.security.SecurityConfigException;
@@ -54,7 +55,7 @@
try {
if (initial) {
- KeyStoreAdmin keyAdmin = new KeyStoreAdmin(null);
+ KeyStoreAdmin keyAdmin = new KeyStoreAdmin(STSUtil.getRegistry());
KeyStoreData[] keyStores = keyAdmin.getKeyStores();
// Assuming there's only one keystore - Keystore path comparison to find the default
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/intenal/Activator.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/intenal/Activator.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/intenal/Activator.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,29 @@
+package org.wso2.carbon.identity.sts.intenal;
+
+import org.osgi.framework.BundleActivator;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.ServiceReference;
+import org.wso2.carbon.identity.provider.IdentityProviderUtil;
+import org.wso2.carbon.identity.sts.admin.STSConfigAdmin;
+import org.wso2.carbon.identity.sts.util.STSUtil;
+import org.wso2.carbon.registry.core.service.RegistryService;
+
+public class Activator implements BundleActivator {
+
+ public void start(BundleContext bundleContext) throws Exception {
+ ServiceReference reference = bundleContext.getServiceReference(RegistryService.class
+ .getName());
+ RegistryService registryService = null;
+
+ registryService = (RegistryService) bundleContext.getService(reference);
+ STSUtil.setRegistry(registryService.getSystemRegistry());
+
+ STSConfigAdmin.configuraServices(IdentityProviderUtil.isIntial());
+ }
+
+ public void stop(BundleContext arg0) throws Exception {
+ // TODO Auto-generated method stub
+
+ }
+
+}
Added: trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/util/STSUtil.java
URL: http://wso2.org/svn/browse/wso2/trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/util/STSUtil.java?pathrev=32355
==============================================================================
--- (empty file)
+++ trunk/carbon-components/identity/org.wso2.carbon.identity.sts/src/main/java/org/wso2/carbon/identity/sts/util/STSUtil.java Sun Mar 22 02:32:59 2009
@@ -0,0 +1,16 @@
+package org.wso2.carbon.identity.sts.util;
+
+import org.wso2.carbon.registry.core.Registry;
+
+public class STSUtil {
+
+ private static Registry registry;
+
+ public static Registry getRegistry() {
+ return registry;
+ }
+
+ public static void setRegistry(Registry registry) {
+ STSUtil.registry = registry;
+ }
+}
More information about the Carbon-dev
mailing list