hybrid (openid + oauth) in popup mode (without leaving the page)
58 views
Skip to first unread message
alucarD
Jun 18, 2010, 4:24:25 PM6/18/10
to dyuproject
Hi
For testing hybrid I write simple application (one servlet in eclipse
with google appengine).
I discovered that when I add params ( params.put("openid.ns.ui",
"http://specs.openid.net/extensions/ui/1.0");
params.put("openid.ui.mode", "popup"); )
to request then after sign in to account in granting access to google
services there is no services from scope, only grant access to
information like email addres, language and country. When I start
application without this parameters then hybrid work's great. Firebug
shows me that parameters send in GET is:
openid.assoc_handle AOQobUc77V9OFiaqhovD481EiEn02beR-
hdp2Bvp0HTCEuHnfYGA320r
openid.ax.mode fetch_request
openid.ax.required email,language,country
openid.ax.type.country http://axschema.org/contact/country/home
openid.ax.type.email http://axschema.org/contact/email
openid.ax.type.language http://axschema.org/pref/language
openid.claimed_id http://specs.openid.net/auth/2.0/identifier_select
openid.identity http://specs.openid.net/auth/2.0/identifier_select
openid.mode checkid_setup
openid.ns http://specs.openid.net/auth/2.0
openid.ns.ax http://openid.net/srv/ax/1.0
openid.ns.oauth http://specs.openid.net/extensions/oauth/1.0
openid.ns.ui http://specs.openid.net/extensions/ui/1.0
openid.oauth.consumer testgap3.appspot.com
openid.oauth.scope http://www.google.com/m8/feeds/ https://picasaweb.google.com/data/
openid.realm http://www.testap3.appspot.com/user/home
openid.return_to http://www.testap3.appspot.com/user/home
openid.trust_root http://www.testgap3.appspot.com
openid.ui.mode popup
Parameters from hybrid without popup is almost the same (without
appropriate popup parameters).
Please look at servlet in appendix. This is my web.xml:
<filter>
<filter-name>openid-filter</filter-name>
<filter-class>com.dyuproject.openid.OpenIdServletFilter</filter-
class>
<load-on-startup>1</load-on-startup>
<init-param>
<param-name>forwardUri</param-name>
<param-value>/WEB-INF/views/jsp/login.jsp</param-value> <!--
login page when user is not authenticated-->
</init-param>
</filter>
<filter-mapping>
<filter-name>openid-filter</filter-name>
<url-pattern>/user/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>home-servlet</servlet-name>
<servlet-class>pl.barteku.HomeServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>home-servlet</servlet-name>
<url-pattern>/user/home/</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
and servlet:
@SuppressWarnings("serial")
public class HomeServlet extends HttpServlet {
static final Endpoint __google = Consumer.getInstance().getEndpoint(
"www.google.com");
static final String GOOGLE_IDENTIFIER = "https://www.google.com/
accounts/o8/id";
static final String GOOGLE_OPENID_SERVER = "https://www.google.com/
accounts/o8/ud";
final RelyingParty _relyingParty = RelyingParty.getInstance();
static {
RelyingParty.getInstance().addListener(
new AxSchemaExtension().addExchange("email").addExchange(
"country").addExchange("language")).addListener(
new RelyingParty.Listener() {
@Override
public void onPreAuthenticate(OpenIdUser arg0,
HttpServletRequest arg1,
UrlEncodedParameterMap params) {
// TODO Auto-generated method stub
System.out.println("onPreAuthenticate");
Log.info("onPreAuthenticate");
//oauth extension
params.add("openid.ns.oauth","http://specs.openid.net/extensions/
oauth/1.0");
params.put("openid.oauth.consumer", __google.getConsumerKey());
params.put("openid.oauth.scope","http://www.google.com/m8/feeds/
https://picasaweb.google.com/data/");
//openid popup mode
String returnTo = "http://www.testap3.appspot.com/user/home";
params.put(Constants.OPENID_RETURN_TO, returnTo);
params.put(Constants.OPENID_REALM, returnTo);
params.put("openid.ns.ui", "http://specs.openid.net/extensions/
ui/1.0");
params.put("openid.ui.mode", "popup");
}
@Override
public void onDiscovery(OpenIdUser arg0,
HttpServletRequest arg1) {
// TODO Auto-generated method stub
System.out.println("onDiscovery");
Log.info("onDiscovery");
}
@Override
public void onAuthenticate(OpenIdUser user,
HttpServletRequest request) {
// TODO Auto-generated method stub
System.out.println("onAuthenticate");
Log.info("onAuthenticate");
Map<String, String> axschema = AxSchemaExtension
.remove(user);
if (axschema != null && !axschema.isEmpty()) {
Log.info("AXSCHEMA");
System.err.println("axschema: " + axschema);
user.setAttribute("info", axschema);
}
String requestToken = request
.getParameter("openid.ext2.request_token");
System.out.println(requestToken);
Log.info("REQUEST TOKEN " + requestToken);
Token token = new Token(__google.getConsumerKey(),
requestToken, null, Token.AUTHORIZED);
UrlEncodedParameterMap accessTokenParams = new
UrlEncodedParameterMap();
try {
Response accessTokenResponse = fetchToken(
TokenExchange.ACCESS_TOKEN,
accessTokenParams, __google, token);
if (accessTokenResponse.getStatus() == 200
&& token.getState() == Token.ACCESS_TOKEN) {
user.setAttribute("token_k", token.getKey());
user.setAttribute("token_s", token.getSecret());
Log.info("token secret :" + token.getSecret());
}
} catch (IOException e) {
e.printStackTrace();
}
}
@Override
public void onAccess(OpenIdUser arg0,
HttpServletRequest arg1) {
// TODO Auto-generated method stub
System.out.println("onAccess");
Log.info("onAccess");
}
});
}
public static Response fetchToken(TokenExchange exchange,
UrlEncodedParameterMap params, Endpoint endpoint, Token token)
throws IOException {
Log.info("fetchToken");
// via GET, POST or Authorization
Transport transport = endpoint.getTransport();
// via HMAC-SHA1 or PLAINTEXT
Signature sig = endpoint.getSignature();
// nonce and timestamp generator
NonceAndTimestamp nts = SimpleNonceAndTimestamp.getDefault();
// http connector
HttpConnector connector = SimpleHttpConnector.getDefault();
// returns the http response
return transport.send(params, endpoint, token, exchange, nts, sig,
connector);
}
public void doGet(HttpServletRequest request, HttpServletResponse
response)
throws IOException, ServletException {
Log.info("Get");
OpenIdUser user = (OpenIdUser) request
.getAttribute(OpenIdUser.ATTR_NAME);
response.setContentType("text/plain");
response.getWriter().println("HI!");
response.getWriter().println(user.getClaimedId());
response.getWriter().println(user.getAttribute("info"));
}
}
Please help me, I want hybrid in popup mode;] I know that after
granting acces I must return to appropriate page and do all the stuff
from this site http://code.google.com/p/dyuproject/wiki/OpenidLoginWithoutLeavingPage
but for simplification to show only influence popup parameters this
application is enough.
By the way on this site: http://code.google.com/p/sixfixmix/wiki/OpenId
there is another tutorial how implement openid in popup mode with Your
project;]
For testing hybrid I write simple application (one servlet in eclipse
with google appengine).
I discovered that when I add params ( params.put("openid.ns.ui",
"http://specs.openid.net/extensions/ui/1.0");
params.put("openid.ui.mode", "popup"); )
to request then after sign in to account in granting access to google
services there is no services from scope, only grant access to
information like email addres, language and country. When I start
application without this parameters then hybrid work's great. Firebug
shows me that parameters send in GET is:
openid.assoc_handle AOQobUc77V9OFiaqhovD481EiEn02beR-
hdp2Bvp0HTCEuHnfYGA320r
openid.ax.mode fetch_request
openid.ax.required email,language,country
openid.ax.type.country http://axschema.org/contact/country/home
openid.ax.type.email http://axschema.org/contact/email
openid.ax.type.language http://axschema.org/pref/language
openid.claimed_id http://specs.openid.net/auth/2.0/identifier_select
openid.identity http://specs.openid.net/auth/2.0/identifier_select
openid.mode checkid_setup
openid.ns http://specs.openid.net/auth/2.0
openid.ns.ax http://openid.net/srv/ax/1.0
openid.ns.oauth http://specs.openid.net/extensions/oauth/1.0
openid.ns.ui http://specs.openid.net/extensions/ui/1.0
openid.oauth.consumer testgap3.appspot.com
openid.oauth.scope http://www.google.com/m8/feeds/ https://picasaweb.google.com/data/
openid.realm http://www.testap3.appspot.com/user/home
openid.return_to http://www.testap3.appspot.com/user/home
openid.trust_root http://www.testgap3.appspot.com
openid.ui.mode popup
Parameters from hybrid without popup is almost the same (without
appropriate popup parameters).
Please look at servlet in appendix. This is my web.xml:
<filter>
<filter-name>openid-filter</filter-name>
<filter-class>com.dyuproject.openid.OpenIdServletFilter</filter-
class>
<load-on-startup>1</load-on-startup>
<init-param>
<param-name>forwardUri</param-name>
<param-value>/WEB-INF/views/jsp/login.jsp</param-value> <!--
login page when user is not authenticated-->
</init-param>
</filter>
<filter-mapping>
<filter-name>openid-filter</filter-name>
<url-pattern>/user/*</url-pattern>
</filter-mapping>
<servlet>
<servlet-name>home-servlet</servlet-name>
<servlet-class>pl.barteku.HomeServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>home-servlet</servlet-name>
<url-pattern>/user/home/</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
and servlet:
@SuppressWarnings("serial")
public class HomeServlet extends HttpServlet {
static final Endpoint __google = Consumer.getInstance().getEndpoint(
"www.google.com");
static final String GOOGLE_IDENTIFIER = "https://www.google.com/
accounts/o8/id";
static final String GOOGLE_OPENID_SERVER = "https://www.google.com/
accounts/o8/ud";
final RelyingParty _relyingParty = RelyingParty.getInstance();
static {
RelyingParty.getInstance().addListener(
new AxSchemaExtension().addExchange("email").addExchange(
"country").addExchange("language")).addListener(
new RelyingParty.Listener() {
@Override
public void onPreAuthenticate(OpenIdUser arg0,
HttpServletRequest arg1,
UrlEncodedParameterMap params) {
// TODO Auto-generated method stub
System.out.println("onPreAuthenticate");
Log.info("onPreAuthenticate");
//oauth extension
params.add("openid.ns.oauth","http://specs.openid.net/extensions/
oauth/1.0");
params.put("openid.oauth.consumer", __google.getConsumerKey());
params.put("openid.oauth.scope","http://www.google.com/m8/feeds/
https://picasaweb.google.com/data/");
//openid popup mode
String returnTo = "http://www.testap3.appspot.com/user/home";
params.put(Constants.OPENID_RETURN_TO, returnTo);
params.put(Constants.OPENID_REALM, returnTo);
params.put("openid.ns.ui", "http://specs.openid.net/extensions/
ui/1.0");
params.put("openid.ui.mode", "popup");
}
@Override
public void onDiscovery(OpenIdUser arg0,
HttpServletRequest arg1) {
// TODO Auto-generated method stub
System.out.println("onDiscovery");
Log.info("onDiscovery");
}
@Override
public void onAuthenticate(OpenIdUser user,
HttpServletRequest request) {
// TODO Auto-generated method stub
System.out.println("onAuthenticate");
Log.info("onAuthenticate");
Map<String, String> axschema = AxSchemaExtension
.remove(user);
if (axschema != null && !axschema.isEmpty()) {
Log.info("AXSCHEMA");
System.err.println("axschema: " + axschema);
user.setAttribute("info", axschema);
}
String requestToken = request
.getParameter("openid.ext2.request_token");
System.out.println(requestToken);
Log.info("REQUEST TOKEN " + requestToken);
Token token = new Token(__google.getConsumerKey(),
requestToken, null, Token.AUTHORIZED);
UrlEncodedParameterMap accessTokenParams = new
UrlEncodedParameterMap();
try {
Response accessTokenResponse = fetchToken(
TokenExchange.ACCESS_TOKEN,
accessTokenParams, __google, token);
if (accessTokenResponse.getStatus() == 200
&& token.getState() == Token.ACCESS_TOKEN) {
user.setAttribute("token_k", token.getKey());
user.setAttribute("token_s", token.getSecret());
Log.info("token secret :" + token.getSecret());
}
} catch (IOException e) {
e.printStackTrace();
}
}
@Override
public void onAccess(OpenIdUser arg0,
HttpServletRequest arg1) {
// TODO Auto-generated method stub
System.out.println("onAccess");
Log.info("onAccess");
}
});
}
public static Response fetchToken(TokenExchange exchange,
UrlEncodedParameterMap params, Endpoint endpoint, Token token)
throws IOException {
Log.info("fetchToken");
// via GET, POST or Authorization
Transport transport = endpoint.getTransport();
// via HMAC-SHA1 or PLAINTEXT
Signature sig = endpoint.getSignature();
// nonce and timestamp generator
NonceAndTimestamp nts = SimpleNonceAndTimestamp.getDefault();
// http connector
HttpConnector connector = SimpleHttpConnector.getDefault();
// returns the http response
return transport.send(params, endpoint, token, exchange, nts, sig,
connector);
}
public void doGet(HttpServletRequest request, HttpServletResponse
response)
throws IOException, ServletException {
Log.info("Get");
OpenIdUser user = (OpenIdUser) request
.getAttribute(OpenIdUser.ATTR_NAME);
response.setContentType("text/plain");
response.getWriter().println("HI!");
response.getWriter().println(user.getClaimedId());
response.getWriter().println(user.getAttribute("info"));
}
}
Please help me, I want hybrid in popup mode;] I know that after
granting acces I must return to appropriate page and do all the stuff
from this site http://code.google.com/p/dyuproject/wiki/OpenidLoginWithoutLeavingPage
but for simplification to show only influence popup parameters this
application is enough.
By the way on this site: http://code.google.com/p/sixfixmix/wiki/OpenId
there is another tutorial how implement openid in popup mode with Your
project;]
David Yu
Jun 19, 2010, 3:10:22 PM6/19/10
to dyupr...@googlegroups.com
On Sat, Jun 19, 2010 at 4:24 AM, alucarD <kudlaty.net@gmail.com> wrote:
Hi
For testing hybrid I write simple application (one servlet in eclipse
with google appengine).
I discovered that when I add params ( params.put("openid.ns.ui",
"http://specs.openid.net/extensions/ui/1.0");
params.put("openid.ui.mode", "popup"); )
to request then after sign in to account in granting access to google
services there is no services from scope, only grant access to
information like email addres, language and country. When I start
application without this parameters then hybrid work's great.
That's weird. I'll test it out and let you know how it goes.
--
You received this message because you are subscribed to the Google Groups "dyuproject" group.
To post to this group, send email to dyupr...@googlegroups.com.
To unsubscribe from this group, send email to dyuproject+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dyuproject?hl=en.
--
When the cat is away, the mouse is alone.
- David Yu
David Yu
Jun 21, 2010, 6:22:34 AM6/21/10
to dyupr...@googlegroups.com
There might be a bug somewhere in your code.
I basically used the same demo and just added popup_login_hybrid.html (see attached).
I've updated the demo in appengine to include a hybrid popup.
It works fine.
Cheers
I basically used the same demo and just added popup_login_hybrid.html (see attached).
I've updated the demo in appengine to include a hybrid popup.
It works fine.
Cheers
alucarD
Jun 21, 2010, 12:54:46 PM6/21/10
to dyuproject
Can You update source of appengine demo? I want look at the changes. I
don't know yet what I am doing wrong, but complete demo of hybrid in
popup mode will be very helpful ;]
don't know yet what I am doing wrong, but complete demo of hybrid in
popup mode will be very helpful ;]
Cheers
On 21 Cze, 12:22, David Yu <david.yu....@gmail.com> wrote:
> There might be a bug somewhere in your code.
> I basically used the same demo and just added popup_login_hybrid.html (see
> attached).
> I've updated the demo in appengine to include a hybrid popup.
> It works fine.
>
> Cheers
>
> On Sun, Jun 20, 2010 at 3:10 AM, David Yu <david.yu....@gmail.com> wrote:
> >> accounts/o8/id <https://www.google.com/%0Aaccounts/o8/id>";
> >> static final String GOOGLE_OPENID_SERVER = "
> >>https://www.google.com/
> >> accounts/o8/ud <https://www.google.com/%0Aaccounts/o8/ud>";
> >> final RelyingParty _relyingParty = RelyingParty.getInstance();
>
> >> static {
> >> RelyingParty.getInstance().addListener(
> >> new
> >> AxSchemaExtension().addExchange("email").addExchange(
>
> >> "country").addExchange("language")).addListener(
> >> new RelyingParty.Listener() {
> >> @Override
> >> public void
> >> onPreAuthenticate(OpenIdUser arg0,
> >> HttpServletRequest
> >> arg1,
>
> >> UrlEncodedParameterMap params) {
> >> // TODO Auto-generated
> >> method stub
>
> >> System.out.println("onPreAuthenticate");
>
> >> Log.info("onPreAuthenticate");
> >> //oauth extension
>
> >> params.add("openid.ns.oauth","http://specs.openid.net/extensions/
> >> oauth/1.0 <http://specs.openid.net/extensions/%0Aoauth/1.0>");
>
> >> params.put("openid.oauth.consumer", __google.getConsumerKey());
>
> >> params.put("openid.oauth.scope","http://www.google.com/m8/feeds/
> >>https://picasaweb.google.com/data/");
> >> //openid popup mode
> >> String returnTo = "
> >>http://www.testap3.appspot.com/user/home";
>
> >> params.put(Constants.OPENID_RETURN_TO, returnTo);
>
> >> params.put(Constants.OPENID_REALM, returnTo);
> >> params.put("openid.ns.ui",
> >> "http://specs.openid.net/extensions/
> >> ui/1.0 <http://specs.openid.net/extensions/%0Aui/1.0>");
> ...
>
> więcej »
>
> popup_login_hybrid.html
> 7KZobaczPobierz
David Yu
Jun 21, 2010, 11:04:44 PM6/21/10
to dyupr...@googlegroups.com
I've found the bug in your code.
When on popup mode, your returnTo should be updated to point to "popup_verify.html"
Currently, your returnTo is still "http://www.testap3.appspot.com/user/home"
On the demo, in OpenIdService.java you will see:
if("true".equals(request.getParameter("popup")))
{
String returnTo = params.get(Constants.OPENID_TRUST_ROOT) + request.getContextPath() + "/popup_verify.html";
params.put(Constants.OPENID_RETURN_TO, returnTo);
params.put(Constants.OPENID_REALM, returnTo);
params.put("openid.ns.ui", "http://specs.openid.net/extensions/ui/1.0");
params.put("openid.ui.mode", "popup");
}
Hope that helps
When on popup mode, your returnTo should be updated to point to "popup_verify.html"
Currently, your returnTo is still "http://www.testap3.appspot.com/user/home"
On the demo, in OpenIdService.java you will see:
if("true".equals(request.getParameter("popup")))
{
String returnTo = params.get(Constants.OPENID_TRUST_ROOT) + request.getContextPath() + "/popup_verify.html";
params.put(Constants.OPENID_RETURN_TO, returnTo);
params.put(Constants.OPENID_REALM, returnTo);
params.put("openid.ns.ui", "http://specs.openid.net/extensions/ui/1.0");
params.put("openid.ui.mode", "popup");
}
2010/6/22 alucarD <kudlaty.net@gmail.com>
--
You received this message because you are subscribed to the Google Groups "dyuproject" group.
To post to this group, send email to dyupr...@googlegroups.com.
To unsubscribe from this group, send email to dyuproject+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dyuproject?hl=en.
alucarD
Jun 22, 2010, 3:54:17 AM6/22/10
to dyuproject
How the return page ("popup_verify.html") can affect on service's that
don't show on google granting access page. "popup_verify.html" is only
for handle/verify parameters from openid and oauth. Please, if You
can send me new source of demo or put on the project's page. On the
dyuproject page in download it is from 2009 year.
Cheers
On 22 Cze, 05:04, David Yu <david.yu....@gmail.com> wrote:
> I've found the bug in your code.
> When on popup mode, your returnTo should be updated to point to
> "popup_verify.html"
> Currently, your returnTo is still "http://www.testap3.appspot.com/user/home"
>
> On the demo, in OpenIdService.java you will see:
>
> if("true".equals(request.getParameter("popup")))
> {
> String returnTo =
> params.get(Constants.OPENID_TRUST_ROOT) + request.getContextPath() +
> "/popup_verify.html";
> params.put(Constants.OPENID_RETURN_TO, returnTo);
> params.put(Constants.OPENID_REALM,
> returnTo);
> params.put("openid.ns.ui", "http://specs.openid.net/extensions/ui/1.0");
> params.put("openid.ui.mode", "popup");
> }
>
> Hope that helps
>
> 2010/6/22 alucarD <kudlaty....@gmail.com>
> ...
>
> więcej >>
don't show on google granting access page. "popup_verify.html" is only
for handle/verify parameters from openid and oauth. Please, if You
can send me new source of demo or put on the project's page. On the
dyuproject page in download it is from 2009 year.
Cheers
On 22 Cze, 05:04, David Yu <david.yu....@gmail.com> wrote:
> I've found the bug in your code.
> When on popup mode, your returnTo should be updated to point to
> "popup_verify.html"
> Currently, your returnTo is still "http://www.testap3.appspot.com/user/home"
>
> On the demo, in OpenIdService.java you will see:
>
> if("true".equals(request.getParameter("popup")))
> {
> String returnTo =
> params.get(Constants.OPENID_TRUST_ROOT) + request.getContextPath() +
> "/popup_verify.html";
> params.put(Constants.OPENID_RETURN_TO, returnTo);
> params.put(Constants.OPENID_REALM,
> returnTo);
> params.put("openid.ns.ui", "http://specs.openid.net/extensions/ui/1.0");
> params.put("openid.ui.mode", "popup");
> }
>
> Hope that helps
>
>
> więcej >>
alucarD
Jun 22, 2010, 3:55:15 AM6/22/10
to dyuproject
Thanks for helping!! ;D
> ...
>
> więcej >>
>
> więcej >>
David Yu
Jun 22, 2010, 5:21:11 AM6/22/10
to dyupr...@googlegroups.com
I've just uploaded the zip in the downloads section.
Cheers
Cheers
> ...
>
> więcej >>
--
You received this message because you are subscribed to the Google Groups "dyuproject" group.
To post to this group, send email to dyupr...@googlegroups.com.
To unsubscribe from this group, send email to dyuproject+...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/dyuproject?hl=en.
Reply all
Reply to author
Forward
0 new messages