org.openid4java.message.ParameterList Java Examples

/**
 * Gets the association response. Determines the mode first.
 * If mode is set to associate, will set the response. Then
 * builds the response parameters next and returns.
 *
 * @param request the request
 * @return the association response
 */
public Map<String, String> getAssociationResponse(final HttpServletRequest request) {
    final ParameterList parameters = new ParameterList(request.getParameterMap());

    final String mode = parameters.hasParameter(OpenIdConstants.OPENID_MODE)
            ? parameters.getParameterValue(OpenIdConstants.OPENID_MODE)
            : null;

    Message response = null;

    if (StringUtils.equals(mode, OpenIdConstants.ASSOCIATE)) {
        response = serverManager.associationResponse(parameters);
    }
    final Map<String, String> responseParams = new HashMap<>();
    if (response != null) {
        responseParams.putAll(response.getParameterMap());
    }

    return responseParams;

}
 

public MockOpenIDServer(int port) {
	super(port);
	this.port = port;
	setHandler(new AbstractHandler() {				
		public void handle(String target, HttpServletRequest request,
				HttpServletResponse response, int dispatch)
				throws IOException, ServletException {
			MockOpenIDServer.this.requestParams.add(request.getParameterMap());
			
			ParameterList params = new ParameterList();
			params.set(new Parameter("ns",AssociationResponse.OPENID2_NS));
			params.set(new Parameter("assoc_handle",String.valueOf(System.nanoTime())));
			params.set(new Parameter("assoc_type",request.getParameter("openid.assoc_type")));
			params.set(new Parameter("session_type",request.getParameter("openid.session_type")));			
			params.set(new Parameter("expires_in","1799"));
			params.set(new Parameter("dh_server_public","eRm/Qn9lXQJc30ZQLtNFkrjQHuQCLyQ2fRNwLZTGVP50Lhx16EjksA6N0RvXzoJgY8/FdKioOYXKeWVvstHTUReXfF5EC9cnTVOFtTrMegJXHZIHdk+IITwsfGfTlVxMOc7DdCFOOMRWMOA9sYB5n5OoxnzYCob3vo39+Xytlcs="));
			params.set(new Parameter("enc_mac_key","CY08gTx1u4XravtWT3V5Er4sG+o="));
			response.getWriter().write(params.toString());
            ((Request) request).setHandled(true);	            
		}
	});
}
 

public void handleTokenRequest(String info, HttpServletResponse response, final ParameterList requestParameter) throws IOException, OpenIdAttackerServerException {
    LOG.info("--> BEGIN handleTokenRequest");
    
    // check whether the association handle should be excluded from
    // Authentication Request => force direct authentication
    /*if (OpenIdServerConfiguration.getAttackerInstance().isRemoveAssocHandleFromAuthRequest()) {
        requestParameter.removeParameters("openid.assoc_handle");
    } */       
    
    // check settings for GET or POST redirect
    if (idpType.equals(IdpType.ANALYZER)) {
        if (OpenIdServerConfiguration.getAnalyzerInstance().isMethodGet()){
            handleTokenRequestwithGetRedirect(response, requestParameter);
        } else {
            handleTokenRequestWithPostRedirect(info, response, requestParameter);
        }
    } else {
        if (OpenIdServerConfiguration.getAttackerInstance().isMethodGet()){
            handleTokenRequestwithGetRedirect(response, requestParameter);
        } else {
            handleTokenRequestWithPostRedirect(info, response, requestParameter);
        }
    }
    
    LOG.info("--> END handleTokenRequest");
}
 

public static OpenIDParameterDTO[] getOpenIDAuthRequest(ParameterList request) {
    OpenIDParameterDTO[] params = null;
    List list = null;

    list = request.getParameters();
    params = new OpenIDParameterDTO[list.size()];
    int i = 0;
    for (Object object : list) {
        Parameter param = (Parameter) object;
        OpenIDParameterDTO openIDParameterDTO = new OpenIDParameterDTO();
        openIDParameterDTO.setName(param.getKey());
        openIDParameterDTO.setValue(param.getValue());
        params[i++] = openIDParameterDTO;
    }
    return params;
}
 

private void handleCheckAuthentication(String info, HttpServletResponse response, final ParameterList requestParameter) throws IOException {

        LOG.info("--> BEGIN handleCheckAuthentication");
        String assocHandle = requestParameter.getParameterValue("openid.assoc_handle");
        String shortLog = String.format("Returning check_authentication = true for %s", assocHandle);
        LOG.info(String.format("    --> assoc_handle = %s", assocHandle));
        
        Message responseMessage;
        if (idpType.equals(IdpType.ATTACKER)) {
            responseMessage = getOpenIdProcessor().generatePositiveCheckAuthenticationResponse();
        } else {
            responseMessage = getOpenIdProcessor().generateCorrectCheckAuthenticationResponse(requestParameter);
        }
        String responseText = responseMessage.keyValueFormEncoding();
        response.getWriter().println(responseText);
        response.setStatus(HttpServletResponse.SC_OK);
        String requestText = String.format("%s\n\n%s", info, requestParameter.toString());
        RequestLogger.getInstance().add(RequestType.CHECK_AUTHENTICATION, shortLog, requestText, responseText, idpType);
        LOG.info("--> END handleCheckAuthentication");
    }
 

/**
 * Returns the mode field of the OpenID message.
 *
 * @param paramList
 * @param response
 * @param request
 * @return
 * @throws IOException
 */
private String getOpenIDMessageMode(ParameterList paramList, HttpServletResponse response,
                                    HttpServletRequest request) throws IOException {
    String mode = null;
    if (paramList == null) {
        if (log.isDebugEnabled()) {
            log.debug("Invalid OpenID message :" + request.getQueryString());
        }
        directResponse(response, getErrorResponseText("Invalid OpenID message"));
        return null;
    }
    mode = paramList.hasParameter(OpenId.ATTR_MODE) ? paramList.getParameterValue(OpenId.ATTR_MODE) : null;
    if (log.isDebugEnabled()) {
        log.debug("OpenID authentication mode :" + mode);
    }
    return mode;
}
 

/**
 * Instantiates the apropriate Simple Registration object
 * (request / response) for the supplied parameter list.
 *
 * Similar to SRegMessage.getExtension(), but sets the SREG 1.1 type URI.
 *
 * @param parameterList         The Simple Registration specific parameters
 *                              (without the openid.<ext_alias> prefix)
 *                              extracted from the openid message.
 * @param isRequest             Indicates whether the parameters were
 *                              extracted from an OpenID request (true),
 *                              or from an OpenID response.
 * @return                      MessageExtension implementation for
 *                              the supplied extension parameters.
 * @throws MessageException     If a Simple Registration object could not be
 *                              instantiated from the supplied parameter list.
 */
public MessageExtension getExtension(
        ParameterList parameterList, boolean isRequest)
        throws MessageException
{
    SRegMessage sreg;

    if ( parameterList.hasParameter("required") ||
         parameterList.hasParameter("optional"))

        sreg = SRegRequest.createSRegRequest(parameterList);

    else
        sreg = SRegResponse.createSRegResponse(parameterList);

    sreg.setTypeUri(SRegMessage.OPENID_NS_SREG11);

    return sreg;
}
 

/**
 * @param openid
 * @return
 * @throws IdentityProviderException
 */
public OpenIDUserProfileDTO[] getUserProfiles(String openid, ParameterList requredClaims)
        throws IdentityProviderException {
    OpenIDParameterDTO[] params = null;
    List list = null;
    list = requredClaims.getParameters();
    params = new OpenIDParameterDTO[list.size()];
    int i = 0;
    for (Object object : list) {
        Parameter param = (Parameter) object;
        OpenIDParameterDTO openIDParameterDTO = new OpenIDParameterDTO();
        openIDParameterDTO.setName(param.getKey());
        openIDParameterDTO.setValue(param.getValue());
        params[i++] = openIDParameterDTO;
    }
    return openIDProviderService.getUserProfiles(openid, params);
}
 

/**
 * Creates the service from the request.
 *
 * @param request the request
 * @param openIdPrefixUrl the prefix url for OpenID
 * @return the OpenID service
 */
public static OpenIdService createServiceFrom(
        final HttpServletRequest request, final String openIdPrefixUrl) {
    final String service = request.getParameter(OpenIdConstants.OPENID_RETURNTO);
    final String openIdIdentity = request.getParameter(OpenIdConstants.OPENID_IDENTITY);
    final String signature = request.getParameter(OpenIdConstants.OPENID_SIG);

    if (openIdIdentity == null || !StringUtils.hasText(service)) {
        return null;
    }

    final String id = cleanupUrl(service);
    final String artifactId = request.getParameter(OpenIdConstants.OPENID_ASSOCHANDLE);
    final ParameterList paramList = new ParameterList(request.getParameterMap());

    return new OpenIdService(id, service, artifactId, openIdIdentity,
            signature, paramList, openIdPrefixUrl);
}
 

public static OpenIdService createServiceFrom(
        final HttpServletRequest request) {
    final String service = request.getParameter(CONST_PARAM_SERVICE);
    final String openIdIdentity = request.getParameter("openid.identity");
    final String signature = request.getParameter("openid.sig");

    if (openIdIdentity == null || !StringUtils.hasText(service)) {
        return null;
    }

    final String id = cleanupUrl(service);
    final String artifactId = request.getParameter("openid.assoc_handle");
    ParameterList paramList = new ParameterList(request.getParameterMap());

    return new OpenIdService(id, service, artifactId, openIdIdentity,
            signature, paramList);
}
 

public Map<String, String> getAssociationResponse(final HttpServletRequest request) {
    ParameterList parameters = new ParameterList(request.getParameterMap());

    final String mode = parameters.hasParameter("openid.mode")
            ? parameters.getParameterValue("openid.mode")
            : null;

    Message response = null;
    if (mode != null && mode.equals("associate")) {
        response = serverManager.associationResponse(parameters);
    }
    final Map<String, String> responseParams = new HashMap<String, String>();
    if (response != null) {
        responseParams.putAll(response.getParameterMap());
    }

    return responseParams;

}
 

/**
 * The verify method used by the OpenID Provider when using the OpenID Dumb
 * Mode
 *
 * @param params
 * @return
 * @throws Exception
 */
public String verify(OpenIDParameterDTO[] params) throws IdentityProviderException {
    String disableDumbMode = IdentityUtil.getProperty(IdentityConstants.ServerConfig.OPENID_DISABLE_DUMB_MODE);

    if ("true".equalsIgnoreCase(disableDumbMode)) {
        throw new IdentityProviderException("OpenID relying parties with dumb mode not supported");
    }

    ParameterList paramList = getParameterList(params);
    Message message = OpenIDProvider.getInstance().getManager().verify(paramList);
    return message.keyValueFormEncoding();
}
 

public Map<String, OpenIDClaimDTO> getClaimValues(String openId, String profileId, ParameterList requiredClaims)
        throws IdentityProviderException {

    List list = requiredClaims.getParameters();
    OpenIDParameterDTO[] params = new OpenIDParameterDTO[list.size()];
    int i = 0;
    for (Object object : list) {
        Parameter param = (Parameter) object;
        OpenIDParameterDTO openIDParameterDTO = new OpenIDParameterDTO();
        openIDParameterDTO.setName(param.getKey());
        openIDParameterDTO.setValue(param.getValue());
        params[i++] = openIDParameterDTO;
    }

    OpenIDClaimDTO[] claims = openIDProviderService.getClaimValues(openId.trim(), profileId, params);

    Map<String, OpenIDClaimDTO> map = new HashMap<String, OpenIDClaimDTO>();
    if (claims != null) {
        for (int j = 0; j < claims.length; j++) {
            if (claims[j] != null) {
                map.put(claims[j].getClaimUri(), claims[j]);
            }
        }
    }

    return map;
}
 

public static FetchResponse createFetchResponse(ParameterList params)
        throws MessageException
{
    FetchResponse resp = new FetchResponse(params);

    if (! resp.isValid())
        throw new MessageException("Invalid parameters for a fetch response");

    if (DEBUG)
        _log.debug("Created fetch response from parameter list:\n" + params);

    return resp;
}
 

/**
 * Constructs a StoreRequest from a parameter list.
 * <p>
 * The parameter list can be extracted from a received message with the
 * getExtensionParams method of the Message class, and MUST NOT contain
 * the "openid.<extension_alias>." prefix.
 */
public static StoreRequest createStoreRequest(ParameterList params)
        throws MessageException
{
    StoreRequest req = new StoreRequest(params);

    if (! req.isValid())
        throw new MessageException("Invalid parameters for a store request");

    if (DEBUG)
        _log.debug("Created store request from parameter list:\n" + params);

    return req;
}
 

public void handleAssociationRequest(String info, HttpServletResponse response, final ParameterList requestParameter) throws IOException {
    LOG.info("--> BEGIN handleAssociationRequest");
    Message openidResponse = getOpenIdProcessor().processAssociationRequest(requestParameter);
    String assocHandle = openidResponse.getParameterValue("assoc_handle");
    String shortLog = String.format("Association established: %s", assocHandle);
    String requestText = info + "\n\n" + requestParameter.toString();
    LOG.info(String.format("    --> assoc_handle = %s", assocHandle));
    response.setStatus(HttpServletResponse.SC_OK);
    String responseText = openidResponse.keyValueFormEncoding();
    response.getWriter().println(responseText);
    RequestLogger.getInstance().add(RequestType.ASSOCIATION, shortLog, requestText, responseText, idpType);
    LOG.info("--> END handleAssociationRequest");
}
 

@Test
public void testOpenidAssociate() throws Exception {
    final String ASSOC_QUERY = "openid.dh_consumer_public=MTEK&openid.mode=associate&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.session_type=DH-SHA1&openid.assoc_type=HMAC-SHA1";
    final String PARAM_ASSOC = "assoc_handle";
    String EXPECTED_ASSOC_VALUE = randomAscii(20);
    ParameterList assoc_parameter = ParameterList.createFromQueryString(ASSOC_QUERY);

    Message response = manager.associationResponse(assoc_parameter);
    String assoc_value = response.getParameterValue(PARAM_ASSOC);
    assertThat(assoc_value, not(equalTo(EXPECTED_ASSOC_VALUE)));

    CustomInMemoryServerAssociationStore store = new CustomInMemoryServerAssociationStore();
    store.setAssociationPrefix(EXPECTED_ASSOC_VALUE);
    manager.setSharedAssociations(store);

    response = processor.processAssociationRequest(assoc_parameter);
    assoc_value = response.getParameterValue(PARAM_ASSOC);
    assertThat(assoc_value, equalTo(EXPECTED_ASSOC_VALUE));

    // what happens if we ask multiple times with same assoc prefix?
    for (int i = 1; i < 5; ++i) {
        response = processor.processAssociationRequest(assoc_parameter);
        assoc_value = response.getParameterValue(PARAM_ASSOC);
        assertThat(assoc_value, equalTo(EXPECTED_ASSOC_VALUE + "-" + i));
    }

    // Now reset the assoc prefix
    EXPECTED_ASSOC_VALUE = randomNumeric(20);
    store.setAssociationPrefix(EXPECTED_ASSOC_VALUE);
    response = processor.processAssociationRequest(assoc_parameter);
    assoc_value = response.getParameterValue(PARAM_ASSOC);
    assertThat(assoc_value, equalTo(EXPECTED_ASSOC_VALUE));
}
 

public void handleTokenRequestWithPostRedirect(String info, HttpServletResponse response, final ParameterList requestParameter) throws OpenIdAttackerServerException, IOException {
    String assoc_handle = requestParameter.getParameterValue("openid.assoc_handle");
    LOG.info(String.format("--> BEGIN handleTokenRequestwithGetRedirect for assoc_handle='%s'",
      assoc_handle != null ? assoc_handle : "<NONE>"));
    AttackParameterKeeper keeper = getOpenIdProcessor().processTokenRequest(requestParameter);
    response.setStatus(HttpServletResponse.SC_OK);
    String destinationUrl = getDestinationUrl(keeper);
    
    boolean performAttack;
    boolean interceptIdpResponse;
    if (idpType == IdpType.ATTACKER) {
        performAttack = OpenIdServerConfiguration.getAttackerInstance().isPerformAttack();
        interceptIdpResponse = OpenIdServerConfiguration.getAttackerInstance().isInterceptIdPResponse();
    } else {
        performAttack = OpenIdServerConfiguration.getAnalyzerInstance().isPerformAttack();
        interceptIdpResponse = OpenIdServerConfiguration.getAnalyzerInstance().isInterceptIdPResponse();
    }
    
    Map<String, String> getParameters = AttackParameterHandler.createMapByMethod(keeper, HttpMethod.GET, performAttack);
    Map<String, String> postParamters = AttackParameterHandler.createMapByMethod(keeper, HttpMethod.POST, performAttack);
    String postRedirectHtml = HttpPostRedirect.createPostRedirect(destinationUrl, getParameters, postParamters, interceptIdpResponse);
    response.getWriter().println(postRedirectHtml);

    RequestType type;
    if (performAttack) {
        type = RequestType.TOKEN_ATTACK;
    } else {
        type = RequestType.TOKEN_VALID;
    }
    String responseText = String.format("GET:\n\n%s\nPOST:\n\n%s", PrintHelper.mapToString(getParameters), PrintHelper.mapToString(postParamters));
    RequestLogger.getInstance().add(type, "Token generated", info + "\n\n" + requestParameter.toString(), responseText, idpType);
    LOG.info("--> END handleTokenRequestwithGetRedirect");
}
 

public void handleTokenRequestwithGetRedirect(HttpServletResponse response, final ParameterList requestParameter)
  throws OpenIdAttackerServerException {
    String assoc_handle = requestParameter.getParameterValue("openid.assoc_handle");
    LOG.info(String.format("--> BEGIN handleTokenRequestwithGetRedirect for assoc_handle='%s'",
      assoc_handle != null ? assoc_handle : "<NONE>"));
    AttackParameterKeeper keeper = openIdProcessor.processTokenRequest(requestParameter);
    response.setStatus(HttpServletResponse.SC_SEE_OTHER);
    
    boolean performAttack = false;
    if (idpType == IdpType.ATTACKER) {
        performAttack = OpenIdServerConfiguration.getAttackerInstance().isPerformAttack();
    } else {
        performAttack = OpenIdServerConfiguration.getAnalyzerInstance().isPerformAttack();
    }
    
    RequestType type;
    if (performAttack) {
        type = RequestType.TOKEN_ATTACK;
    } else {
        type = RequestType.TOKEN_VALID;
    }
    
    Map<String, String> getParameters = AttackParameterHandler.createMapByMethod(keeper, HttpMethod.GET, performAttack);
    String location = HttpPostRedirect.createGetRequest(getDestinationUrl(keeper), getParameters);
    
    response.setHeader("Location", location);
    String responseText = String.format("GET:\n\n%s", PrintHelper.mapToString(getParameters));
    RequestLogger.getInstance().add(type, "Token generated", requestParameter.toString(), responseText, idpType);
    
    LOG.info("--> END handleTokenRequestwithGetRedirect");
}
 

public void handleError(HttpServletResponse response, HttpServletRequest request, final String errorMessage, final int ERROR_CODE) throws IOException {
    LOG.info("--> BEGIN handleError");
    Message openidResponse = DirectError.createDirectError(errorMessage);
    response.setStatus(ERROR_CODE);
    response.setContentType("text/html;charset=utf-8");
    String responseText = openidResponse.keyValueFormEncoding();
    response.getWriter().println(responseText);
    String requestContent = String.format("%s %s\n\nParameters:\n\n%s",
      request.getMethod(),
      request.getRequestURL(),
      new ParameterList(request.getParameterMap()));
    RequestLogger.getInstance().add(RequestType.ERROR, errorMessage, requestContent, errorMessage, idpType);
    LOG.info("--> END handleError");
}
 

private void handleRequest(ParameterList requestParameter, String target, HttpServletResponse response, Request baseRequest) throws IOException, OpenIdAttackerServerException, TransformerException {
       // get the openIdProcessor.mode
       final String method = baseRequest.getMethod();
       final HttpURI uri = baseRequest.getUri();
       final String protocol = baseRequest.getProtocol();
       final String info = String.format("%s %s %s", method, uri, protocol);
       final String mode = requestParameter.hasParameter("openid.mode")
         ? requestParameter.getParameterValue("openid.mode") : null;

if (uri.getCompletePath().equals("/favicon.ico")) {
           handleFaviconRequest(info, response);
       } else if (target.contains("xxe")) {
           // Case: XXE
           handleXxeRequest(info, response, requestParameter);
       } /*else if (target.contains("dtd")) {
           // Case: DTD
           handleDtdRequest(info, response, requestParameter);
       }*/ else if (mode == null) {
           if (target.contains("xrds") || requestParameter.toString().contains("xrds")) {
               // Case: Request XRDS Document
               handleXrdsRequest(info, response);                
           } else {
               // Case: Request HTML Document
               handleHtmlDiscovery(info, response);
           }
       } else if ("associate".equals(mode)) {
           // Case: Process Association
           handleAssociationRequest(info, response, requestParameter);
       } else if ("checkid_setup".equals(mode) || "checkid_immediate".equals(mode)) {
           // Case: Generate Token
           handleTokenRequest(info, response, requestParameter);
       } else if ("check_authentication".equals(mode)) {
           handleCheckAuthentication(info, response, requestParameter);
       } else {
           throw new IllegalStateException("Unknown Request");
       }
       baseRequest.setHandled(true);
   }
 

private void handleXxeRequest(String info, HttpServletResponse response, final ParameterList requestParameter) throws IOException {
    LOG.info("--> BEGIN handleXxeRequest");
    String requestText = String.format("%s\n\n%s", info, requestParameter.toString());
    response.setStatus(HttpServletResponse.SC_OK);
    String responseText = "http://rub.de";
    response.getWriter().print(responseText);
    RequestLogger.getInstance().add(RequestType.XXE, "XXE", requestText, responseText, idpType);
    LOG.info("--> END handleXxeRequest");
}
 

public static AuthRequest createAuthRequest(ParameterList params,
  RealmVerifier realmVerifier)
  throws MessageException {
    AuthRequest req = new UnvalidatedAuthRequest(params);

    req.setRealmVerifier(realmVerifier);

    // The request must not be validated
    // req.validate();
    if (DEBUG) {
        LOG.debug("Created auth request:\n" + req.keyValueFormEncoding());
    }

    return req;
}
 

/**
 * This method returns the OpenID ParameterList object.
 * If the first request, then list is taken from the http request else will
 * be taken from the http session.
 *
 * @param request
 * @return {@link ParameterList}
 */
private ParameterList getParameterList(HttpServletRequest request) {

    if (OpenId.AUTHENTICATED.equals(request.getSession().getAttribute(OpenId.ACTION)) ||
        OpenId.CANCEL.equals(request.getSession().getAttribute(OpenId.ACTION))) {
        // not the first visit, get from the session
        return (ParameterList) request.getSession().getAttribute(OpenId.PARAM_LIST);

    } else {
        // its the fist visit, get from the request
        return new ParameterList(request.getParameterMap());
    }
}
 

@Test
    public void testOpenidGenerateResponse() throws Exception {
        final String EXPECTED_ASSOC_VALUE = "MY_CUSTOM_ASSOC_VALUE";

        ParameterList assoc_parameter = new ParameterList();
        assoc_parameter.set(new Parameter("openid.dh_consumer_public", "MTEK"));
        assoc_parameter.set(new Parameter("openid.mode", "associate"));
        assoc_parameter.set(new Parameter("openid.ns", "http://specs.openid.net/auth/2.0"));
        assoc_parameter.set(new Parameter("openid.session_type", "DH-SHA1"));
        assoc_parameter.set(new Parameter("openid.assoc_type", "HMAC-SHA1"));

//        System.out.println("### REQUEST:\n" + assoc_parameter.toString());
        store.setAssociationPrefix(EXPECTED_ASSOC_VALUE);

        Message responseAuthenticaton = processor.processAssociationRequest(assoc_parameter);
        String assoc_value = responseAuthenticaton.getParameterValue("assoc_handle");
        assertThat(assoc_value, equalTo(EXPECTED_ASSOC_VALUE));

        ParameterList generate_parameter = new ParameterList();
        generate_parameter.set(new Parameter("openid.ns", "http://specs.openid.net/auth/2.0"));
//        generate_parameter.set(new Parameter("openid.realm", "http://realm"));
        generate_parameter.set(new Parameter("openid.mode", "checkid_setup"));
        generate_parameter.set(new Parameter("openid.return_to", "http://return"));
        generate_parameter.set(new Parameter("openid.claimed_id", "http://claimed"));
        generate_parameter.set(new Parameter("openid.identity", "http://identity"));
        generate_parameter.set(new Parameter("openid.assoc_handle", assoc_value));

//        System.out.println("### GENERATE:\n" + generate_parameter);
        AttackParameterKeeper responseToken = processor.processTokenRequest(generate_parameter);
//        responseToken.validate();
//        System.out.println("### TOKEN:\n" + responseToken.toString());

        // is there a signature?
        assertThat(responseToken.getParameter("openid.sig") != null, is(true));

    }
 

public Message generatePositiveCheckAuthenticationResponse() {        
    HashMap<String, String> result = new LinkedHashMap<>();
    result.put("ns", "http://specs.openid.net/auth/2.0");
    result.put("is_valid", "true");
    ParameterList responseParameters = new ParameterList(result);
    try {
        Message m = VerifyResponse.createVerifyResponse(responseParameters);
        return m;
    } catch (MessageException ex) {
        throw new IllegalStateException("This should never happen", ex);
    }
}
 

private void generateSignatureForAttackValues() throws AssociationException, MessageException, ServerException {
    AttackParameter signature = getKeeper().getParameter("openid.sig");
    // only compute sig if no custom value is specified
    if (signature != null && !signature.isAttackValueUsedForSignatureComputation()) {
        Map<String, String> currentAttackMap = AttackParameterHandler.createToSignMap(getKeeper());
        ParameterList pl = new ParameterList(currentAttackMap);
        AuthSuccess success = UnvalidatedAuthSuccess.createAuthSuccess(pl);
        serverManager.sign(success);
        AttackParameterHandler.updateAttackParameters(getKeeper(), success.getParameterMap());
    }
}
 

private void addNamespaceIfNotContained(ParameterList token_parameter) {
    if (!token_parameter.hasParameter("ns")) {
        final String nsValue = xrdsConfiguration.getOpenIdVersion().getNS();
        final Parameter nsParameter = new Parameter("openid.ns", nsValue);
        token_parameter.set(nsParameter);
    }
}
 

private AuthRequest createAuthenticationRequest(final ParameterList token_parameter) throws OpenIdAttackerServerException {
        AuthRequest authRequest;
        try {
//            authRequest = AuthRequest.createAuthRequest(token_parameter, serverManager.getRealmVerifier());
            authRequest = UnvalidatedAuthRequest.createAuthRequest(token_parameter, serverManager.getRealmVerifier());
        } catch (MessageException ex) {
            throw new OpenIdAttackerServerException(ex);
        }
        return authRequest;
    }
 

public static AuthSuccess createAuthSuccess(ParameterList params)
  throws MessageException {
    AuthSuccess resp = new UnvalidatedAuthSuccess(params);

    // The response token must not be validated
    // This allows e.g. to create signed tokens WITHOUT claimed_id etc.
    // resp.validate();
    if (DEBUG) {
        LOG.debug("Created positive auth response:\n"
          + resp.keyValueFormEncoding());
    }

    return resp;
}