以GoogleOpenID 为例,试验了OAuth单点登录的用法:

 <dependency>

     <groupId>org.openid4java</groupId>

     <artifactId>openid4java</artifactId>

     <version>0.9.8</version>

 </dependency>
 import java.util.List;

 import javax.servlet.http.HttpServletRequest;

 import javax.servlet.http.HttpServletResponse;

 import org.openid4java.OpenIDException;

 import org.openid4java.consumer.ConsumerManager;

 import org.openid4java.consumer.VerificationResult;

 import org.openid4java.discovery.DiscoveryInformation;

 import org.openid4java.discovery.Identifier;

 import org.openid4java.message.AuthRequest;

 import org.openid4java.message.AuthSuccess;

 import org.openid4java.message.ParameterList;

 import org.openid4java.message.ax.AxMessage;

 import org.openid4java.message.ax.FetchRequest;

 import org.openid4java.message.ax.FetchResponse;

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.stereotype.Controller;

 import org.springframework.web.bind.annotation.RequestMapping;

 import org.springframework.web.util.UriComponentsBuilder;

 import com.google.common.base.Throwables;

 @Controller

 @RequestMapping("/openid")

 @SuppressWarnings("rawtypes")

 public class SecurityOpenIDController {

     public static final String GOOGLE_ENDPOINT = "https://www.google.com/accounts/o8/id";

     private static final Logger LOGGER = LoggerFactory.getLogger(SecurityOpenIDController.class);

     public final ConsumerManager manager = new ConsumerManager();

     @RequestMapping("/login")

     public void login(

             UriComponentsBuilder builder,

             HttpServletRequest request,

             HttpServletResponse response

         ) throws Exception

     {

         // configure the return_to URL where your application will receive

         // the authentication responses from the OpenID provider

         String returnUrl = builder.path("/openid/return").build().toUriString();

         // --- Forward proxy setup (only if needed) ---

         // ProxyProperties proxyProps = new ProxyProperties();

         // proxyProps.setProxyName("proxy.example.com");

         // proxyProps.setProxyPort(8080);

         // HttpClientFactory.setProxyProperties(proxyProps);

         // perform discovery on the user-supplied identifier

         List discoveries = manager.discover(GOOGLE_ENDPOINT);

         // attempt to associate with the OpenID provider

         // and retrieve one service endpoint for authentication

         DiscoveryInformation discovered = manager.associate(discoveries);

         // store the discovery information in the user's session

         request.getSession().setAttribute("openid-disc", discovered);

         // obtain a AuthRequest message to be sent to the OpenID provider

         AuthRequest authReq = manager.authenticate(discovered, returnUrl);

         // attribute Exchange

         FetchRequest fetch = FetchRequest.createFetchRequest();

         fetch.addAttribute("email", "http://axschema.org/contact/email", true);

         fetch.addAttribute("firstName", "http://axschema.org/namePerson/first", true);

         fetch.addAttribute("lastName", "http://axschema.org/namePerson/last", true);

         // attach the extension to the authentication request

         authReq.addExtension(fetch);

         if (!discovered.isVersion2()) {

             // Option 1: GET HTTP-redirect to the OpenID Provider endpoint

             // The only method supported in OpenID 1.x

             // redirect-URL usually limited ~2048 bytes

             response.sendRedirect(authReq.getDestinationUrl(true));

         } else {

             // Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

             response.sendRedirect(authReq.getDestinationUrl(true));

         }

     }

     @RequestMapping("/return")

     public void verifyResponse(HttpServletRequest request) {

         String email = null;

         String lastName = null;

         String firstName = null;

         try {

             // extract the parameters from the authentication response

             // (which comes in as a HTTP request from the OpenID provider)

             ParameterList response = new ParameterList(request.getParameterMap());

             // retrieve the previously stored discovery information

             DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute("openid-disc");

             // extract the receiving URL from the HTTP request

             StringBuffer receivingURL = request.getRequestURL();

             String queryString = request.getQueryString();

             if (queryString != null && queryString.length() > 0) {

                 receivingURL.append("?").append(request.getQueryString());

             }

             // verify the response; ConsumerManager needs to be the same

             // (static) instance used to place the authentication request

             VerificationResult verification = manager.verify(receivingURL.toString(), response, discovered);

             // examine the verification result and extract the verified

             // identifier

             Identifier verified = verification.getVerifiedId();

             if (verified != null) {

                 AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

                 if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {

                     FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);

                     List emails = fetchResp.getAttributeValues("email");

                     email = (String) emails.get(0);

                     List lastNames = fetchResp.getAttributeValues("lastName");

                     lastName = (String) lastNames.get(0);

                     List firstNames = fetchResp.getAttributeValues("firstName");

                     firstName = (String) firstNames.get(0);

                     LOGGER.debug("email: {}", email);

                     LOGGER.debug("lastName: {}", lastName);

                     LOGGER.debug("firstName: {}", firstName);

                 }

                 // success

                 // 在这里与安全框架集成 apache-shiro/spring-security

                 // 这里要根据相关的信息自己定义Principal

             }

         } catch (OpenIDException e) {

             LOGGER.error(e.getMessage(), e);

             Throwables.propagate(e);

         }

     }

 }

spring-mvc 与 openid4java的更多相关文章

  1. 如何用Java类配置Spring MVC(不通过web.xml和XML方式)

    DispatcherServlet是Spring MVC的核心,按照传统方式, 需要把它配置到web.xml中. 我个人比较不喜欢XML配置方式, XML看起来太累, 冗长繁琐. 还好借助于Servl ...

  2. Spring MVC重定向和转发以及异常处理

    SpringMVC核心技术---转发和重定向 当处理器对请求处理完毕后,向其他资源进行跳转时,有两种跳转方式:请求转发与重定向.而根据要跳转的资源类型,又可分为两类:跳转到页面与跳转到其他处理器.对于 ...

  3. Spring MVC入门

    1.什么是SpringMvc Spring MVC属于SpringFrameWork的后续产品,已经融合在Spring Web Flow里面.Spring 框架提供了构建 Web 应用程序的全功能 M ...

  4. Spring7:基于注解的Spring MVC(下篇)

    Model 上一篇文章<Spring6:基于注解的Spring MVC(上篇)>,讲了Spring MVC环境搭建.@RequestMapping以及参数绑定,这是Spring MVC中最 ...

  5. Spring6:基于注解的Spring MVC(上篇)

    什么是Spring MVC Spring MVC框架是一个MVC框架,通过实现Model-View-Controller模式来很好地将数据.业务与展现进行分离.从这样一个角度来说,Spring MVC ...

  6. 高性能的关键:Spring MVC的异步模式

    我承认有些标题党了,不过话说这样其实也没错,关于“异步”处理的文章已经不少,代码例子也能找到很多,但我还是打算发表这篇我写了好长一段时间,却一直没发表的文章,以一个更简单的视角,把异步模式讲清楚. 什 ...

  7. Java Spring mvc 操作 Redis 及 Redis 集群

    本文原创,转载请注明:http://www.cnblogs.com/fengzheng/p/5941953.html 关于 Redis 集群搭建可以参考我的另一篇文章 Redis集群搭建与简单使用 R ...

  8. 深入分析Spring 与 Spring MVC容器

    1 Spring MVC WEB配置 Spring Framework本身没有Web功能,Spring MVC使用WebApplicationContext类扩展ApplicationContext, ...

  9. spring mvc DispatcherServlet详解之前传---FrameworkServlet

    做项目时碰到Controller不能使用aop进行拦截,从网上搜索得知:使用spring mvc 启动了两个context:applicationContext 和WebapplicationCont ...

  10. 我是如何进行Spring MVC文档翻译项目的环境搭建、项目管理及自动化构建工作的

    感兴趣的同学可以关注这个翻译项目 . 我的博客原文 和 我的Github 前段时间翻译的Spring MVC官方文档完成了第一稿,相关的文章和仓库可以点击以下链接.这篇文章,主要是总结一下这个翻译项目 ...

随机推荐

  1. C#字符串题目

    老师给小学生门布置了一些作业,让它们按照一个模版写一些字符串交上来,同学们把作业交上来了,问题来了,这么多的作业老师批改不过来,现在请你帮老师写一个程序,帮助老师确定各个字符串是否合格.首先老师有一个 ...

  2. spoj LCMSUM sigma(lcm(i,n));

    Problem code: LCMSUM Given n, calculate the sum LCM(1,n) + LCM(2,n) + .. + LCM(n,n), where LCM(i,n) ...

  3. bootstrap ace MVC

    <<html lang="en"><head> <meta charset="utf-8" /> <title& ...

  4. SqlSever基础 len函数 计算前后都有空格的字符串的长度时

    镇场诗:---大梦谁觉,水月中建博客.百千磨难,才知世事无常.---今持佛语,技术无量愿学.愿尽所学,铸一良心博客.------------------------------------------ ...

  5. PowerDesigner导出Excel

    1.打开PowerDesigner,创建物理模型(Physical Data Model) 2.在PowerDesigner菜单栏中,依次点击“Tools ->Excute Commands-& ...

  6. 【leetcode❤python】342. Power of Four

    #-*- coding: UTF-8 -*- class Solution(object):    def isPowerOfFour(self, num):        ""& ...

  7. AVL学习笔记

    AVL,平衡二叉查找树.删除,插入,查找的复杂度都是O(logn).它是一棵二叉树.对于每个节点来说,它的左孩子的键值都小于它,右孩子的键值都大于它.对于任意一个节点,它的左右孩子的高度差不大于1.树 ...

  8. HashCheck

    https://github.com/gurnec/HashCheck

  9. ABAP DESCRIBE语句

    声明:原创作品,转载时请注明文章来自SAP师太技术博客( 博/客/园www.cnblogs.com):www.cnblogs.com/jiangzhengjun,并以超链接形式标明文章原始出处,否则将 ...

  10. ABAP Util代码

    声明:原创作品,转载时请注明文章来自SAP师太技术博客( 博/客/园www.cnblogs.com):www.cnblogs.com/jiangzhengjun,并以超链接形式标明文章原始出处,否则将 ...