以GoogleOpenID 为例,试验了OAuth单点登录的用法:

 <dependency>

     <groupId>org.openid4java</groupId>

     <artifactId>openid4java</artifactId>

     <version>0.9.8</version>

 </dependency>
 import java.util.List;

 import javax.servlet.http.HttpServletRequest;

 import javax.servlet.http.HttpServletResponse;

 import org.openid4java.OpenIDException;

 import org.openid4java.consumer.ConsumerManager;

 import org.openid4java.consumer.VerificationResult;

 import org.openid4java.discovery.DiscoveryInformation;

 import org.openid4java.discovery.Identifier;

 import org.openid4java.message.AuthRequest;

 import org.openid4java.message.AuthSuccess;

 import org.openid4java.message.ParameterList;

 import org.openid4java.message.ax.AxMessage;

 import org.openid4java.message.ax.FetchRequest;

 import org.openid4java.message.ax.FetchResponse;

 import org.slf4j.Logger;

 import org.slf4j.LoggerFactory;

 import org.springframework.stereotype.Controller;

 import org.springframework.web.bind.annotation.RequestMapping;

 import org.springframework.web.util.UriComponentsBuilder;

 import com.google.common.base.Throwables;

 @Controller

 @RequestMapping("/openid")

 @SuppressWarnings("rawtypes")

 public class SecurityOpenIDController {

     public static final String GOOGLE_ENDPOINT = "https://www.google.com/accounts/o8/id";

     private static final Logger LOGGER = LoggerFactory.getLogger(SecurityOpenIDController.class);

     public final ConsumerManager manager = new ConsumerManager();

     @RequestMapping("/login")

     public void login(

             UriComponentsBuilder builder,

             HttpServletRequest request,

             HttpServletResponse response

         ) throws Exception

     {

         // configure the return_to URL where your application will receive

         // the authentication responses from the OpenID provider

         String returnUrl = builder.path("/openid/return").build().toUriString();

         // --- Forward proxy setup (only if needed) ---

         // ProxyProperties proxyProps = new ProxyProperties();

         // proxyProps.setProxyName("proxy.example.com");

         // proxyProps.setProxyPort(8080);

         // HttpClientFactory.setProxyProperties(proxyProps);

         // perform discovery on the user-supplied identifier

         List discoveries = manager.discover(GOOGLE_ENDPOINT);

         // attempt to associate with the OpenID provider

         // and retrieve one service endpoint for authentication

         DiscoveryInformation discovered = manager.associate(discoveries);

         // store the discovery information in the user's session

         request.getSession().setAttribute("openid-disc", discovered);

         // obtain a AuthRequest message to be sent to the OpenID provider

         AuthRequest authReq = manager.authenticate(discovered, returnUrl);

         // attribute Exchange

         FetchRequest fetch = FetchRequest.createFetchRequest();

         fetch.addAttribute("email", "http://axschema.org/contact/email", true);

         fetch.addAttribute("firstName", "http://axschema.org/namePerson/first", true);

         fetch.addAttribute("lastName", "http://axschema.org/namePerson/last", true);

         // attach the extension to the authentication request

         authReq.addExtension(fetch);

         if (!discovered.isVersion2()) {

             // Option 1: GET HTTP-redirect to the OpenID Provider endpoint

             // The only method supported in OpenID 1.x

             // redirect-URL usually limited ~2048 bytes

             response.sendRedirect(authReq.getDestinationUrl(true));

         } else {

             // Option 2: HTML FORM Redirection (Allows payloads >2048 bytes)

             response.sendRedirect(authReq.getDestinationUrl(true));

         }

     }

     @RequestMapping("/return")

     public void verifyResponse(HttpServletRequest request) {

         String email = null;

         String lastName = null;

         String firstName = null;

         try {

             // extract the parameters from the authentication response

             // (which comes in as a HTTP request from the OpenID provider)

             ParameterList response = new ParameterList(request.getParameterMap());

             // retrieve the previously stored discovery information

             DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute("openid-disc");

             // extract the receiving URL from the HTTP request

             StringBuffer receivingURL = request.getRequestURL();

             String queryString = request.getQueryString();

             if (queryString != null && queryString.length() > 0) {

                 receivingURL.append("?").append(request.getQueryString());

             }

             // verify the response; ConsumerManager needs to be the same

             // (static) instance used to place the authentication request

             VerificationResult verification = manager.verify(receivingURL.toString(), response, discovered);

             // examine the verification result and extract the verified

             // identifier

             Identifier verified = verification.getVerifiedId();

             if (verified != null) {

                 AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();

                 if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {

                     FetchResponse fetchResp = (FetchResponse) authSuccess.getExtension(AxMessage.OPENID_NS_AX);

                     List emails = fetchResp.getAttributeValues("email");

                     email = (String) emails.get(0);

                     List lastNames = fetchResp.getAttributeValues("lastName");

                     lastName = (String) lastNames.get(0);

                     List firstNames = fetchResp.getAttributeValues("firstName");

                     firstName = (String) firstNames.get(0);

                     LOGGER.debug("email: {}", email);

                     LOGGER.debug("lastName: {}", lastName);

                     LOGGER.debug("firstName: {}", firstName);

                 }

                 // success

                 // 在这里与安全框架集成 apache-shiro/spring-security

                 // 这里要根据相关的信息自己定义Principal

             }

         } catch (OpenIDException e) {

             LOGGER.error(e.getMessage(), e);

             Throwables.propagate(e);

         }

     }

 }

spring-mvc 与 openid4java的更多相关文章

  1. 如何用Java类配置Spring MVC(不通过web.xml和XML方式)

    DispatcherServlet是Spring MVC的核心,按照传统方式, 需要把它配置到web.xml中. 我个人比较不喜欢XML配置方式, XML看起来太累, 冗长繁琐. 还好借助于Servl ...

  2. Spring MVC重定向和转发以及异常处理

    SpringMVC核心技术---转发和重定向 当处理器对请求处理完毕后,向其他资源进行跳转时,有两种跳转方式:请求转发与重定向.而根据要跳转的资源类型,又可分为两类:跳转到页面与跳转到其他处理器.对于 ...

  3. Spring MVC入门

    1.什么是SpringMvc Spring MVC属于SpringFrameWork的后续产品,已经融合在Spring Web Flow里面.Spring 框架提供了构建 Web 应用程序的全功能 M ...

  4. Spring7:基于注解的Spring MVC(下篇)

    Model 上一篇文章<Spring6:基于注解的Spring MVC(上篇)>,讲了Spring MVC环境搭建.@RequestMapping以及参数绑定,这是Spring MVC中最 ...

  5. Spring6:基于注解的Spring MVC(上篇)

    什么是Spring MVC Spring MVC框架是一个MVC框架,通过实现Model-View-Controller模式来很好地将数据.业务与展现进行分离.从这样一个角度来说,Spring MVC ...

  6. 高性能的关键:Spring MVC的异步模式

    我承认有些标题党了,不过话说这样其实也没错,关于“异步”处理的文章已经不少,代码例子也能找到很多,但我还是打算发表这篇我写了好长一段时间,却一直没发表的文章,以一个更简单的视角,把异步模式讲清楚. 什 ...

  7. Java Spring mvc 操作 Redis 及 Redis 集群

    本文原创,转载请注明:http://www.cnblogs.com/fengzheng/p/5941953.html 关于 Redis 集群搭建可以参考我的另一篇文章 Redis集群搭建与简单使用 R ...

  8. 深入分析Spring 与 Spring MVC容器

    1 Spring MVC WEB配置 Spring Framework本身没有Web功能,Spring MVC使用WebApplicationContext类扩展ApplicationContext, ...

  9. spring mvc DispatcherServlet详解之前传---FrameworkServlet

    做项目时碰到Controller不能使用aop进行拦截,从网上搜索得知:使用spring mvc 启动了两个context:applicationContext 和WebapplicationCont ...

  10. 我是如何进行Spring MVC文档翻译项目的环境搭建、项目管理及自动化构建工作的

    感兴趣的同学可以关注这个翻译项目 . 我的博客原文 和 我的Github 前段时间翻译的Spring MVC官方文档完成了第一稿,相关的文章和仓库可以点击以下链接.这篇文章,主要是总结一下这个翻译项目 ...

随机推荐

  1. Android HandlerThread 完全解析

    HandlerThread本质上是一个线程类,它继承了Thread: HandlerThread有自己的内部Looper对象,可以进行looper循环: 通过获取HandlerThread的loope ...

  2. C#数组的排序(正序逆序)

    C#数组的排序(正序逆序) 这种排序 超级简单的 ! using System; using System.Collections.Generic; using System.Linq; using ...

  3. HDU 5671 Matrix

    Matrix Time Limit: 3000/1500 MS (Java/Others)    Memory Limit: 131072/131072 K (Java/Others)Total Su ...

  4. 定时自动启动任务crontab命令用法

    crontab简介 crontab命令常见于Unix和类Unix的操作系统之中,用于设置周期性被执行的指令.该命令从标准输入设备读取指令,并将其存放于“crontab”文件中,以供之后读取和执行.该词 ...

  5. Python3基础 用三个双引号 print输出多行文本

    镇场诗:---大梦谁觉,水月中建博客.百千磨难,才知世事无常.---今持佛语,技术无量愿学.愿尽所学,铸一良心博客.------------------------------------------ ...

  6. 两个乒乓球队进行比赛,各出三人。甲队为a,b,c三人,乙队为x,y,z三人。已抽签决定比赛名单。有人向队员打听比赛的名单。a说他不和x比,c说他不和x,z比,请编程序找出三队赛手的名单。

    package C; public class Bisai { public static void main(String[] args) { String a="xyz",b= ...

  7. Difference between Char.IsDigit() and Char.IsNumber() in C#

    http://stackoverflow.com/questions/228532/difference-between-char-isdigit-and-char-isnumber-in-c-sha ...

  8. Java开发中经典的小实例-(if(参数){}else{})

    import java.util.Scanner; public class Calculate {    public static void main(String[] args) {       ...

  9. 用Spring MVC开发简单的Web应用

    这个例子是来自于Gary Mak等人写的Spring攻略(第二版)第八章Spring @MVC中的一个例子,在此以学习为目的进行记录. 问题:想用Spring MVC开发一个简单的Web应用, 学习这 ...

  10. XML详解:第二部分 XML Schema

    声明:原创作品,转载时请注明文章来自SAP师太技术博客( 博/客/园www.cnblogs.com):www.cnblogs.com/jiangzhengjun,并以超链接形式标明文章原始出处,否则将 ...