You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@oodt.apache.org by ma...@apache.org on 2011/10/05 19:19:23 UTC
svn commit: r1179332 - in /oodt/trunk: ./
sso/src/main/java/org/apache/oodt/security/sso/
sso/src/main/java/org/apache/oodt/security/sso/opensso/
Author: mattmann
Date: Wed Oct 5 17:19:23 2011
New Revision: 1179332
URL: http://svn.apache.org/viewvc?rev=1179332&view=rev
Log:
- address OODT-327 Open SSO plug-in client for CAS-SSO
Added:
oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/OpenSSOImpl.java (with props)
oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/
oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/IdentityDetails.java (with props)
oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOMetKeys.java (with props)
oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOProxy.java (with props)
oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/UserDetails.java (with props)
Modified:
oodt/trunk/CHANGES.txt
Modified: oodt/trunk/CHANGES.txt
URL: http://svn.apache.org/viewvc/oodt/trunk/CHANGES.txt?rev=1179332&r1=1179331&r2=1179332&view=diff
==============================================================================
--- oodt/trunk/CHANGES.txt (original)
+++ oodt/trunk/CHANGES.txt Wed Oct 5 17:19:23 2011
@@ -4,6 +4,8 @@ Apache OODT Change Log
Release 0.4: Current Development
--------------------------------------------
+* OODT-327 Open SSO plug-in client for CAS-SSO (mattmann, pramirez)
+
* OODT-326 A tool to dump the File Manager catalog metadata
into Solr (mattmann, pramirez)
Added: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/OpenSSOImpl.java
URL: http://svn.apache.org/viewvc/oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/OpenSSOImpl.java?rev=1179332&view=auto
==============================================================================
--- oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/OpenSSOImpl.java (added)
+++ oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/OpenSSOImpl.java Wed Oct 5 17:19:23 2011
@@ -0,0 +1,189 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.oodt.security.sso;
+
+//JDK imports
+import java.util.Collections;
+import java.util.List;
+import java.util.Vector;
+import java.util.logging.Logger;
+import javax.servlet.http.Cookie;
+
+//APACHE imports
+import org.apache.commons.codec.binary.Base64;
+
+//LMMP imports
+import org.apache.oodt.security.sso.opensso.SSOMetKeys;
+import org.apache.oodt.security.sso.opensso.SSOProxy;
+import org.apache.oodt.security.sso.opensso.UserDetails;
+
+/**
+ *
+ * Connects to OpenSSO's authorization endpoint and authenticates a user,
+ * implementing the CAS {@link AbstractWebBasedSingleSignOn} interface. This
+ * class can be used in e.g., CAS curator to link into Open SSO.
+ */
+public class OpenSSOImpl extends AbstractWebBasedSingleSignOn implements
+ SSOMetKeys {
+
+ private static final Logger LOG = Logger.getLogger(OpenSSOImpl.class
+ .getName());
+
+ private SSOProxy ssoProxy;
+
+ /**
+ * Default constructor.
+ */
+ public OpenSSOImpl() {
+ this.ssoProxy = new SSOProxy();
+ }
+
+ public String getCurrentUsername() {
+ String cookieVal = this.getCookieVal(USER_COOKIE_KEY);
+ if (cookieVal == null) {
+ // let's try and get the SSO token
+ // and pull the username from there
+ String ssoToken = this.getSSOToken();
+ if (ssoToken != null) {
+ UserDetails details = null;
+ try {
+ details = this.ssoProxy.getUserAttributes(ssoToken);
+ } catch (Exception e) {
+ e.printStackTrace();
+ return UNKNOWN_USER;
+ }
+ return details.getAttributes().getMetadata(UID_ATTRIBUTE_NAME) != null ? details
+ .getAttributes().getMetadata(UID_ATTRIBUTE_NAME) : UNKNOWN_USER;
+ } else
+ return UNKNOWN_USER;
+ } else {
+ return new String(Base64.decodeBase64(cookieVal.getBytes()));
+ }
+ }
+
+ public boolean getLastConnectionStatus() {
+ return this.isLoggedIn();
+ }
+
+ public boolean isLoggedIn() {
+ // TODO: make sure the token is valid?
+ return (this.getSSOToken() == null) ? false : true;
+ }
+
+ public boolean login(String username, String password) {
+
+ String ssoToken = null;
+ try {
+ ssoToken = this.ssoProxy.authenticate(username, password);
+ } catch (Exception e) {
+ e.printStackTrace();
+ return false;
+ }
+
+ this.addCookie(SSO_COOKIE_KEY, "\"" + new String(ssoToken) + "\"");
+
+ this.addCookie(USER_COOKIE_KEY,
+ "\"" + new String(Base64.encodeBase64(username.getBytes())) + "\"");
+
+ return true;
+ }
+
+ public void logout() {
+ this.ssoProxy.logout(this.getSSOToken());
+ this.clearCookie(SSO_COOKIE_KEY);
+ this.clearCookie(USER_COOKIE_KEY);
+ }
+
+ /**
+ * Gets the SSO groups for the LMMP user, identified by her
+ * <code>ssoAuth</code>, where her User ID is provided by
+ * {@link OpenSSOImpl#getCurrentUsername()} and her Token is provided by
+ * {@link OpenSSOImpl#getSSOToken()}.
+ *
+ * @return A {@link List} of String LMMP groups for the User.
+ * @throws Exception
+ * If any error (e.g., HTTP REST error) occurs.
+ */
+ public List<String> getGroupsForUser() throws Exception {
+ String token = this.getSSOToken();
+ if (token == null) {
+ return Collections.EMPTY_LIST;
+ } else {
+ UserDetails details = this.ssoProxy.getUserAttributes(token);
+ // groups are formatted in this response to include whole
+ // principals, like lmmp-infra,...principal
+ // so split on "," and take the first token to get the group name
+ List<String> groups = new Vector<String>();
+ for (String rawGroup : details.getRoles()) {
+ groups.add(rawGroup.split(",")[0]);
+ }
+
+ return groups;
+ }
+ }
+
+ /*
+ * (non-Javadoc)
+ *
+ * @see
+ * org.apache.oodt.security.sso.SingleSignOn#retrieveGroupsForUser(java.lang
+ * .String)
+ */
+ @Override
+ public List<String> retrieveGroupsForUser(String username) {
+ // FIXME: not implemented yet
+ return Collections.EMPTY_LIST;
+ }
+
+ protected String getSSOToken() {
+ String cookieVal = this.getCookieVal(SSO_COOKIE_KEY);
+ if (cookieVal != null) {
+ return new String(cookieVal);
+ } else
+ return null;
+ }
+
+ private String getCookieVal(String name) {
+ Cookie[] cookies = this.req.getCookies();
+ for (Cookie cookie : cookies) {
+ if (cookie.getName().equals(name)) {
+ String cookieVal = cookie.getValue().startsWith("\"")
+ && cookie.getValue().endsWith("\"") ? cookie.getValue().substring(
+ 1, cookie.getValue().length() - 1) : cookie.getValue();
+ return cookieVal;
+ }
+ }
+
+ return null;
+ }
+
+ private void addCookie(String name, String val) {
+ Cookie userCookie = new Cookie(name, val);
+ userCookie.setPath("/");
+ userCookie.setMaxAge((int) (System.currentTimeMillis() + (60 * 15)));
+ this.res.addCookie(userCookie);
+ }
+
+ private void clearCookie(String name) {
+ Cookie userCookie = new Cookie(name, "blank");
+ userCookie.setPath("/");
+ userCookie.setMaxAge(0);
+ this.res.addCookie(userCookie);
+ }
+
+}
Propchange: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/OpenSSOImpl.java
------------------------------------------------------------------------------
svn:executable = *
Added: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/IdentityDetails.java
URL: http://svn.apache.org/viewvc/oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/IdentityDetails.java?rev=1179332&view=auto
==============================================================================
--- oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/IdentityDetails.java (added)
+++ oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/IdentityDetails.java Wed Oct 5 17:19:23 2011
@@ -0,0 +1,146 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.oodt.security.sso.opensso;
+
+//JDK imports
+import java.util.List;
+import java.util.Vector;
+
+//OODT imports
+import org.apache.oodt.cas.metadata.Metadata;
+
+/**
+ *
+ * The response from a call to {@link SSOMetKeys#IDENTITY_READ_ENDPOINT}.
+ *
+ * @author mattmann
+ * @version $Revision$
+ *
+ */
+public class IdentityDetails {
+
+ private String name;
+
+ private String type;
+
+ private String realm;
+
+ private List<String> groups;
+
+ private Metadata attributes;
+
+ public IdentityDetails() {
+ this.name = null;
+ this.type = null;
+ this.realm = null;
+ this.groups = new Vector<String>();
+ this.attributes = new Metadata();
+ }
+
+ /**
+ * @return the name
+ */
+ public String getName() {
+ return name;
+ }
+
+ /**
+ * @param name
+ * the name to set
+ */
+ public void setName(String name) {
+ this.name = name;
+ }
+
+ /**
+ * @return the type
+ */
+ public String getType() {
+ return type;
+ }
+
+ /**
+ * @param type
+ * the type to set
+ */
+ public void setType(String type) {
+ this.type = type;
+ }
+
+ /**
+ * @return the realm
+ */
+ public String getRealm() {
+ return realm;
+ }
+
+ /**
+ * @param realm
+ * the realm to set
+ */
+ public void setRealm(String realm) {
+ this.realm = realm;
+ }
+
+ /**
+ * @return the groups
+ */
+ public List<String> getGroups() {
+ return groups;
+ }
+
+ /**
+ * @param groups
+ * the groups to set
+ */
+ public void setGroups(List<String> groups) {
+ this.groups = groups;
+ }
+
+ /**
+ * @return the attributes
+ */
+ public Metadata getAttributes() {
+ return attributes;
+ }
+
+ /**
+ * @param attributes
+ * the attributes to set
+ */
+ public void setAttributes(Metadata attributes) {
+ this.attributes = attributes;
+ }
+
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ sb.append("[name=");
+ sb.append(this.name);
+ sb.append(",type=");
+ sb.append(this.type);
+ sb.append(",realm=");
+ sb.append(this.realm);
+ sb.append(",roles=");
+ sb.append(this.groups);
+ sb.append(",attributes=");
+ sb.append(this.attributes.getHashtable());
+ sb.append("]");
+ return sb.toString();
+ }
+
+}
Propchange: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/IdentityDetails.java
------------------------------------------------------------------------------
svn:executable = *
Added: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOMetKeys.java
URL: http://svn.apache.org/viewvc/oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOMetKeys.java?rev=1179332&view=auto
==============================================================================
--- oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOMetKeys.java (added)
+++ oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOMetKeys.java Wed Oct 5 17:19:23 2011
@@ -0,0 +1,81 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.oodt.security.sso.opensso;
+
+/**
+ *
+ * Met keys for dealing with {@link SSOProxy}.
+ *
+ */
+public interface SSOMetKeys {
+
+ /* service endpoints */
+ public static final String AUTHENTICATE_ENDPOINT = "https://host/opensso/identity/authenticate";
+
+ public static final String IDENTITY_READ_ENDPOINT = "https://host/opensso/identity/read";
+
+ public static final String IDENTITY_ATTRIBUTES_ENDPOINT = "https://host/opensso/identity/attributes";
+
+ public static final String LOGOUT_ENDPOINT = "https://host/opensso/identity/logout";
+
+ /* cookie names */
+
+ public static final String SSO_COOKIE_KEY = "iPlanetDirectoryPro";
+
+ public static final String USER_COOKIE_KEY = "curationWebapp";
+
+ /* Identity Details response object */
+
+ public static final String IDENTITY_DETAILS_NAME = "identitydetails.name";
+
+ public static final String IDENTITY_DETAILS_TYPE = "identitydetails.type";
+
+ public static final String IDENTITY_DETAILS_REALM = "identitydetails.realm";
+
+ public static final String IDENTITY_DETAILS_GROUP = "identitydetails.group";
+
+ public static final String IDENTITY_DETAILS_ATTR_NAME = "identitydetails.attribute.name";
+
+ public static final String IDENTITY_DETAILS_ATTR_VALUE = "identitydetails.attribute.value";
+
+ public static final String IDENTITY_DETAILS_ATTR_SKIP_LINE = "identitydetails.attribute=";
+
+ /* User Details response object */
+ public static final String USER_DETAILS_TOKEN = "userdetails.token.id";
+
+ public static final String USER_DETAILS_ROLE = "userdetails.role=id";
+
+ public static final String USER_DETAILS_ATTR_NAME = "userdetails.attribute.name";
+
+ public static final String USER_DETAILS_ATTR_VALUE = "userdetails.attribute.value";
+
+ public static final String UID_ATTRIBUTE_NAME = "uid";
+
+ /* commands available from SSOProxy command line */
+ public static final String AUTH_COMMAND = "authenticate";
+
+ public static final String IDENTITY_COMMAND = "identity";
+
+ public static final String ATTRIBUTES_COMMAND = "attributes";
+
+ public static final String LOGOUT_COMMAND = "logout";
+
+ /* general stuff */
+ public static final String UNKNOWN_USER = "Unknown";
+
+}
Propchange: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOMetKeys.java
------------------------------------------------------------------------------
svn:executable = *
Added: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOProxy.java
URL: http://svn.apache.org/viewvc/oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOProxy.java?rev=1179332&view=auto
==============================================================================
--- oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOProxy.java (added)
+++ oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOProxy.java Wed Oct 5 17:19:23 2011
@@ -0,0 +1,322 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.oodt.security.sso.opensso;
+
+//JDK imports
+import java.io.BufferedReader;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+//APACHE imports
+import org.apache.commons.httpclient.HttpClient;
+import org.apache.commons.httpclient.HttpException;
+import org.apache.commons.httpclient.HttpStatus;
+import org.apache.commons.httpclient.NameValuePair;
+import org.apache.commons.httpclient.methods.PostMethod;
+
+/**
+ *
+ * A client class to the services provided by the <a
+ * href="https://opensso.dev.java.net/">OpenSSO</a> project. The descriptions of
+ * these services are <a
+ * href="http://developers.sun.com/identity/reference/techart/id-svcs.html"
+ * >here</a>.
+ *
+ * @author mattmann
+ * @version $Revision$
+ *
+ */
+public class SSOProxy implements SSOMetKeys {
+
+ private static final Logger LOG = Logger.getLogger(SSOProxy.class.getName());
+ private static final String AUTH_ENDPOINT;
+ private static final String AUTH_ENDPOINT_KEY = "AUTH_ENDPOINT";
+ private static final String IDENT_READ_ENDPOINT;
+ private static final String IDENT_READ_ENDPOINT_KEY = "IDENT_READ_ENDPOINT";
+ private static final String IDENT_ATTR_ENDPOINT;
+ private static final String IDENT_ATTR_ENDPOINT_KEY = "IDENT_ATTR_ENDPOINT";
+ private static final String LOG_ENDPOINT;
+ private static final String LOG_ENDPOINT_KEY = "LOG_ENDPOINT";
+
+ static {
+ if (System.getProperty(AUTH_ENDPOINT_KEY) != null) {
+ AUTH_ENDPOINT = System.getProperty(AUTH_ENDPOINT_KEY);
+ } else {
+ AUTH_ENDPOINT = AUTHENTICATE_ENDPOINT;
+ }
+ if (System.getProperty(IDENT_READ_ENDPOINT_KEY) != null) {
+ IDENT_READ_ENDPOINT = System.getProperty(IDENT_READ_ENDPOINT_KEY);
+ } else {
+ IDENT_READ_ENDPOINT = IDENTITY_READ_ENDPOINT;
+ }
+ if (System.getProperty(IDENT_ATTR_ENDPOINT_KEY) != null) {
+ IDENT_ATTR_ENDPOINT = System.getProperty(IDENT_ATTR_ENDPOINT_KEY);
+ } else {
+ IDENT_ATTR_ENDPOINT = IDENTITY_ATTRIBUTES_ENDPOINT;
+ }
+ if (System.getProperty(LOG_ENDPOINT_KEY) != null) {
+ LOG_ENDPOINT = System.getProperty(LOG_ENDPOINT_KEY);
+ } else {
+ LOG_ENDPOINT = LOGOUT_ENDPOINT;
+ }
+
+ LOG.log(Level.INFO, AUTH_ENDPOINT_KEY + " set to " + AUTH_ENDPOINT);
+ LOG.log(Level.INFO, IDENT_READ_ENDPOINT_KEY + " set to " + IDENT_READ_ENDPOINT);
+ LOG.log(Level.INFO, IDENT_ATTR_ENDPOINT_KEY + " set to " + IDENT_ATTR_ENDPOINT);
+ LOG.log(Level.INFO, LOG_ENDPOINT_KEY + " set to " + LOG_ENDPOINT);
+ }
+
+ public String authenticate(String username, String password) {
+ HttpClient httpClient = new HttpClient();
+ PostMethod post = new PostMethod(AUTH_ENDPOINT);
+ String response = null;
+ String ssoToken = null;
+
+ NameValuePair[] data = { new NameValuePair("username", username),
+ new NameValuePair("password", password),
+ new NameValuePair("uri", "realm/lmmp") };
+
+ post.setRequestBody(data);
+
+ try {
+ httpClient.executeMethod(post);
+ if (post.getStatusCode() != HttpStatus.SC_OK) {
+ throw new HttpException(post.getStatusLine().toString());
+ }
+ response = post.getResponseBodyAsString().trim();
+ ssoToken = response.substring(9);
+ } catch (Exception e) {
+ e.printStackTrace();
+ } finally {
+ post.releaseConnection();
+ }
+
+ return ssoToken;
+ }
+
+ public IdentityDetails readIdentity(String username, String token)
+ throws Exception {
+ HttpClient httpClient = new HttpClient();
+ PostMethod post = new PostMethod(IDENT_READ_ENDPOINT);
+ LOG.log(Level.INFO, "Obtaining identity: username: [" + username
+ + "]: token: [" + token + "]: REST url: [" + IDENT_READ_ENDPOINT
+ + "]");
+ NameValuePair[] data = { new NameValuePair("name", username),
+ new NameValuePair("admin", token) };
+
+ post.setRequestBody(data);
+
+ httpClient.executeMethod(post);
+ if (post.getStatusCode() != HttpStatus.SC_OK) {
+ throw new Exception(post.getStatusLine().toString());
+ }
+
+ return parseIdentityDetails(post.getResponseBodyAsString().trim());
+
+ }
+
+ public UserDetails getUserAttributes(String token) throws Exception {
+ HttpClient httpClient = new HttpClient();
+ PostMethod post = new PostMethod(IDENT_ATTR_ENDPOINT);
+ LOG.log(Level.INFO, "Obtaining user attributes: token: [" + token
+ + "]: REST url: [" + IDENT_ATTR_ENDPOINT + "]");
+ NameValuePair[] data = { new NameValuePair("subjectid", token) };
+
+ post.setRequestBody(data);
+
+ httpClient.executeMethod(post);
+ if (post.getStatusCode() != HttpStatus.SC_OK) {
+ throw new Exception(post.getStatusLine().toString());
+ }
+
+ return parseUserDetails(post.getResponseBodyAsString().trim());
+
+ }
+
+ public void logout(String token) {
+ HttpClient httpClient = new HttpClient();
+ PostMethod post = new PostMethod(LOG_ENDPOINT);
+ LOG.log(Level.INFO, "Logging out: token: [" + token + "]: REST url: ["
+ + LOG_ENDPOINT + "]");
+ NameValuePair[] data = { new NameValuePair("subjectid", token) };
+ post.setRequestBody(data);
+
+ try {
+ httpClient.executeMethod(post);
+ if (post.getStatusCode() != HttpStatus.SC_OK) {
+ throw new HttpException(post.getStatusLine().toString());
+ }
+ } catch (HttpException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } finally {
+ post.releaseConnection();
+ }
+ }
+
+ private IdentityDetails parseIdentityDetails(String serviceResponse) {
+ ByteArrayInputStream is = new ByteArrayInputStream(serviceResponse
+ .getBytes());
+ BufferedReader br = new BufferedReader(new InputStreamReader(is));
+ IdentityDetails details = new IdentityDetails();
+ String line = null, lastAttrKeyRead = null;
+
+ try {
+ while ((line = br.readLine()) != null) {
+ if (line.equals(IDENTITY_DETAILS_ATTR_SKIP_LINE))
+ continue;
+ String key = null, val = null;
+ if (line.startsWith(IDENTITY_DETAILS_REALM)) {
+ // can't parse it the same way
+ key = line.substring(0, IDENTITY_DETAILS_REALM.length());
+ val = line.substring(IDENTITY_DETAILS_REALM.length() + 1);
+ } else {
+ String[] lineToks = line.split("=");
+ key = lineToks[0];
+ val = lineToks[1];
+ }
+
+ if (key.equals(IDENTITY_DETAILS_NAME)) {
+ details.setName(val);
+ } else if (key.equals(IDENTITY_DETAILS_TYPE)) {
+ details.setType(val);
+ } else if (key.equals(IDENTITY_DETAILS_REALM)) {
+ details.setRealm(val);
+ } else if (key.equals(IDENTITY_DETAILS_GROUP)) {
+ details.getGroups().add(val);
+ } else if (key.equals(IDENTITY_DETAILS_ATTR_NAME)) {
+ lastAttrKeyRead = val;
+ } else if (key.equals(IDENTITY_DETAILS_ATTR_VALUE)) {
+ details.getAttributes().addMetadata(lastAttrKeyRead, val);
+ }
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ LOG.log(Level.WARNING, "Error reading service response line: [" + line
+ + "]: Message: " + e.getMessage());
+ } finally {
+ if (is != null) {
+ try {
+ is.close();
+ } catch (Exception ignore) {
+ }
+
+ is = null;
+ }
+
+ if (br != null) {
+ try {
+ br.close();
+ } catch (Exception ignore) {
+ }
+
+ br = null;
+ }
+ }
+
+ return details;
+ }
+
+ private UserDetails parseUserDetails(String serviceResponse) {
+ ByteArrayInputStream is = new ByteArrayInputStream(serviceResponse
+ .getBytes());
+ BufferedReader br = new BufferedReader(new InputStreamReader(is));
+ UserDetails details = new UserDetails();
+ String line = null, lastAttrKeyRead = null;
+
+ try {
+ while ((line = br.readLine()) != null) {
+ String key = null, val = null;
+ if (line.startsWith(USER_DETAILS_ROLE)) {
+ // can't parse by splitting, parse by using substring
+ key = line.substring(0, USER_DETAILS_ROLE.length());
+ val = line.substring(USER_DETAILS_ROLE.length() + 1);
+ } else {
+ String[] lineToks = line.split("=");
+ key = lineToks[0];
+ val = lineToks[1];
+ }
+
+ if (key.equals(USER_DETAILS_TOKEN)) {
+ details.setToken(val);
+ } else if (key.equals(USER_DETAILS_ROLE)) {
+ details.getRoles().add(val);
+ } else if (key.equals(USER_DETAILS_ATTR_NAME)) {
+ lastAttrKeyRead = val;
+ } else if (key.equals(USER_DETAILS_ATTR_VALUE)) {
+ details.getAttributes().addMetadata(lastAttrKeyRead, val);
+ }
+ }
+ } catch (IOException e) {
+ e.printStackTrace();
+ LOG.log(Level.WARNING, "Error reading service response line: [" + line
+ + "]: Message: " + e.getMessage());
+ } finally {
+ if (is != null) {
+ try {
+ is.close();
+ } catch (Exception ignore) {
+ }
+
+ is = null;
+ }
+
+ if (br != null) {
+ try {
+ br.close();
+ } catch (Exception ignore) {
+ }
+
+ br = null;
+ }
+ }
+
+ return details;
+ }
+
+ public static void main(String[] args) throws Exception {
+ String usage = "SSOProxy <cmd> [args]\n\n" + "Where cmd is one of:\n"
+ + "authenticate <user> <pass>\n" + "identity <user> <token>\n"
+ + "attributes <token>\nlogout <token>\n";
+
+ if (args.length < 2 || args.length > 3) {
+ System.err.println(usage);
+ System.exit(1);
+ }
+
+ String cmd = args[0];
+ SSOProxy sso = new SSOProxy();
+ if (cmd.equals(AUTH_COMMAND)) {
+ System.out.println(sso.authenticate(args[1], args[2]));
+ } else if (cmd.equals(IDENTITY_COMMAND)) {
+ System.out.println(sso.readIdentity(args[1], args[2]));
+ } else if (cmd.equals(ATTRIBUTES_COMMAND)) {
+ System.out.println(sso.getUserAttributes(args[1]));
+ } else if (cmd.equals(LOGOUT_COMMAND)) {
+ sso.logout(args[1]);
+ }
+
+ }
+
+}
Propchange: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/SSOProxy.java
------------------------------------------------------------------------------
svn:executable = *
Added: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/UserDetails.java
URL: http://svn.apache.org/viewvc/oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/UserDetails.java?rev=1179332&view=auto
==============================================================================
--- oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/UserDetails.java (added)
+++ oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/UserDetails.java Wed Oct 5 17:19:23 2011
@@ -0,0 +1,105 @@
+/**
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.apache.oodt.security.sso.opensso;
+
+//OODT imports
+import org.apache.oodt.cas.metadata.Metadata;
+
+//JDK imports
+import java.util.List;
+import java.util.Vector;
+
+/**
+ *
+ * The response from a query to {@link SSOMetKeys#IDENTITY_ATTRIBUTES_ENDPOINT}.
+ *
+ * @author mattmann
+ * @version $Revision$
+ *
+ */
+public class UserDetails {
+
+ private String token;
+
+ private List<String> roles;
+
+ private Metadata attributes;
+
+ public UserDetails() {
+ this.token = null;
+ this.roles = new Vector<String>();
+ this.attributes = new Metadata();
+ }
+
+ /**
+ * @return the token
+ */
+ public String getToken() {
+ return token;
+ }
+
+ /**
+ * @param token
+ * the token to set
+ */
+ public void setToken(String token) {
+ this.token = token;
+ }
+
+ /**
+ * @return the roles
+ */
+ public List<String> getRoles() {
+ return roles;
+ }
+
+ /**
+ * @param roles
+ * the roles to set
+ */
+ public void setRoles(List<String> roles) {
+ this.roles = roles;
+ }
+
+ /**
+ * @return the attributes
+ */
+ public Metadata getAttributes() {
+ return attributes;
+ }
+
+ /**
+ * @param attributes
+ * the attributes to set
+ */
+ public void setAttributes(Metadata attributes) {
+ this.attributes = attributes;
+ }
+
+ public String toString() {
+ StringBuffer sb = new StringBuffer();
+ sb.append("[token=");
+ sb.append(this.token);
+ sb.append(",roles=");
+ sb.append(this.roles);
+ sb.append(",attributes=");
+ sb.append(this.attributes.getHashtable());
+ sb.append("]");
+ return sb.toString();
+ }
+}
Propchange: oodt/trunk/sso/src/main/java/org/apache/oodt/security/sso/opensso/UserDetails.java
------------------------------------------------------------------------------
svn:executable = *