org.openid4java.message.DirectError Java Examples

The following examples show how to use org.openid4java.message.DirectError. You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example #1
Source File: CustomOpenIdProviderHandler.java    From OpenID-Attacker with GNU General Public License v2.0 5 votes vote down vote up
public void handleError(HttpServletResponse response, HttpServletRequest request, final String errorMessage, final int ERROR_CODE) throws IOException {
    LOG.info("--> BEGIN handleError");
    Message openidResponse = DirectError.createDirectError(errorMessage);
    response.setStatus(ERROR_CODE);
    response.setContentType("text/html;charset=utf-8");
    String responseText = openidResponse.keyValueFormEncoding();
    response.getWriter().println(responseText);
    String requestContent = String.format("%s %s\n\nParameters:\n\n%s",
      request.getMethod(),
      request.getRequestURL(),
      new ParameterList(request.getParameterMap()));
    RequestLogger.getInstance().add(RequestType.ERROR, errorMessage, requestContent, errorMessage, idpType);
    LOG.info("--> END handleError");
}
 
Example #2
Source File: OpenIDServerManager.java    From carbon-identity with Apache License 2.0 4 votes vote down vote up
public Message verify(ParameterList requestParams) {

        if(log.isDebugEnabled()) {
            log.debug("Processing verification request...");
        }

        boolean isVersion2 = true;

        try {
            // build request message from response params (+ ntegrity check)
            VerifyRequest vrfyReq = VerifyRequest.createVerifyRequest(requestParams);
            isVersion2 = vrfyReq.isVersion2();
            String handle = vrfyReq.getHandle();

            boolean verified = false;

            Association assoc = getPrivateAssociations().load(handle);
            String sigMod = null;
            if (assoc != null) { // verify the signature
                if (log.isDebugEnabled()) {
                    log.debug("Loaded private association; handle: " + handle);
                }
                sigMod = vrfyReq.getSignature().replaceAll("\\s", "+");
                verified = assoc.verifySignature(vrfyReq.getSignedText(), sigMod);

                // remove the association so that the request
                // cannot be verified more than once
                getPrivateAssociations().remove(handle);
            } else {
                log.error("No association loaded from the database; handle: " + handle);
            }

            VerifyResponse vrfyResp =
                    VerifyResponse.createVerifyResponse(!vrfyReq.isVersion2());

            vrfyResp.setSignatureVerified(verified);

            if (verified) {
                String invalidateHandle = vrfyReq.getInvalidateHandle();
                if (invalidateHandle != null &&
                        getSharedAssociations().load(invalidateHandle) == null) {
                    if (log.isDebugEnabled()) {
                        log.debug("Shared association invalidated; handle: " + invalidateHandle);
                    }

                    vrfyResp.setInvalidateHandle(invalidateHandle);
                }
            } else {
                log.error("Signature verification failed. handle : " + handle +
                        " , signed text : " + vrfyReq.getSignedText() +
                        " , signature : " + sigMod);
            }

            if (log.isDebugEnabled()) {
                log.debug("Responding with " + (verified ? "positive" : "negative") + " verification response");
            }

            return vrfyResp;
        } catch (OpenIDException e) {
            log.error("Error processing verification request; responding with verification error", e);
            return DirectError.createDirectError(e, !isVersion2);
        }
    }
 
Example #3
Source File: OpenIDHandler.java    From carbon-identity with Apache License 2.0 2 votes vote down vote up
/**
 * Return the error response message based on the given message
 *
 * @param message Error message
 * @return Direct error
 */
private String getErrorResponseText(String message) {
    log.error(message);
    return DirectError.createDirectError(message).keyValueFormEncoding();
}