My favorites | Sign in
Project Home Downloads Wiki Issues Source
Search
for
ConfigExt  
JOpenID Version 1.05 Highlights
Updated Jan 18, 2010 by askxuefeng@gmail.com

1. Configurable Extension Namespace Alias

Even during JOpenID's intial release, support for OpenID Attribute Exchange is already available. The extension namespace alias used is hard-coded with a value of ext1. It was Ok to do this back then because Yahoo still doesn't support OpenID Attribute Exchange during those times. But now that Yahoo already does (see this article), we did some test and found out Yahoo has it's own extension namespace alias requirement. As an RP connecting to Yahoo for OpenID authentication you must use this specific alias or else you won't be able to query any info aside from the Identity. That's why in this version of JOpenID we decided to add support for configurable extension namespace aliases to solve this issue.

How to use this new feature

Using the MainServlet from Developer's Guide as our basis, we modify it's doGet method to now look this way: 

@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    String op = request.getParameter("op");
    if (op==null) {
        // check nonce:
        checkNonce(request.getParameter("openid.response_nonce"));
        // get authentication:
        HttpSession session = request.getSession();
        byte[] mac_key = (byte[]) session.getAttribute(ATTR_MAC);
        String alias = (String) session.getAttribute(ATTR_ALIAS);
        Authentication authentication = manager.getAuthentication(request, mac_key, alias);
        String identity = authentication.getIdentity();
        String email = authentication.getEmail();
        // TODO: create user if not exist in database:
        showAuthentication(response.getWriter(), identity, email);
    }
    else if ("Google".equals(op) || "Yahoo".equals(op)) {
        // redirect to Google/Yahoo sign on page:
        Endpoint endpoint = manager.lookupEndpoint(op);
        Association association = manager.lookupAssociation(endpoint);
        HttpSession session = request.getSession();
        session.setAttribute(ATTR_MAC, association.getRawMacKey());
        session.setAttribute(ATTR_ALIAS, endpoint.getAlias());
        String url = manager.getAuthenticationUrl(endpoint, association);
        response.sendRedirect(url);
    }
    else {
        throw new ServletException("Bad parameter op=" + op);
    }
}

Notice that we are now storing two attributes in session. One is the ATTR_MAC and the other one is ATTR_ALIAS. The getAuthentication method also has an added new parameter, the alias we stored in the session from the previous call.

2. Additional Attributes

On this version of JOpenID we also added new properties to the Authentication class. Aside from email you can now also get the fullname, firstname, lastname, language, and gender as long as they are supported by the chosen OP at runtime.

How to use this new feature

Using again the MainServlet from Developer's Guide as our basis, we modify it's showAuthentication method to now look this way: 

void showAuthentication(PrintWriter pw, Authentication user) {
    pw.print("<html><body>");
    pw.print(" <h2>Hi "+user.getFullname()+"!</h2><p>Congratulations, you have successfully logged-in!</p>");
    pw.print("<p><b>Indentity:</b> "+user.getIdentity()+"<br>");
    pw.print("<b>Email:</b> "+user.getEmail()+"<br>");
    pw.print("<b>Gender:</b> "+user.getGender()+"<br>");
    pw.print("<b>Firstname:</b> "+user.getFirstname()+"<br>");
    pw.print("<b>Lastname:</b> "+user.getLastname()+"<br>");
    pw.print("<b>Language:</b> "+user.getLanguage()+"</p>");
    pw.print("</body></html>");
    pw.flush();
}

Do not forget to also modify the MainServlet's doGet method where a call to showAuthentication is used: 

    .
    .
    Authentication authentication = manager.getAuthentication(request, mac_key, alias);
    // TODO: create user if not exist in database:
    showAuthentication(response.getWriter(), authentication);
    .
    .

3. Sample Web Application

Here's a demo application running on Google App Engine. jopenid-demo

Comment by oschina....@gmail.com, Apr 10, 2010

开源中国社区使用了此项目 http://www.oschina.net/p/jopenid

Comment by msr...@gmail.com, Nov 18, 2010

Hi, I just implemented openid in my and tested it is working fine. After deploying in my actual production server which is running on CentOS. I am getting the following exception, this exception is only on Google Chrome. But it is working fine with other browsers. This problem persists only in Goggle Chrome. Could you please help in resolving:

java.lang.IllegalArgumentException?: Missing argument

javax.crypto.spec.SecretKeySpec?.<init>(DashoA13?..) org.expressme.openid.OpenIdManager?.getHmacSha1(OpenIdManager?.java:170) org.expressme.openid.OpenIdManager?.getAuthentication(OpenIdManager?.java:112) com.tradedoji.auth.OpenIdServlet?.doGet(Unknown Source) javax.servlet.http.HttpServlet?.service(HttpServlet?.java:617) javax.servlet.http.HttpServlet?.service(HttpServlet?.java:717) org.tuckey.web.filters.urlrewrite.RuleChain?.handleRewrite(RuleChain?.java:176) org.tuckey.web.filters.urlrewrite.RuleChain?.doRules(RuleChain?.java:145) org.tuckey.web.filters.urlrewrite.UrlRewriter?.processRequest(UrlRewriter?.java:92) org.tuckey.web.filters.urlrewrite.UrlRewriteFilter?.doFilter(UrlRewriteFilter?.java:381) com.tradedoji.auth.EncodingFilter?.doFilter(Unknown Source)

Comment by hit...@gmail.com, Mar 13, 2012

i also get the exception,my project name is helloworld ,and the code is manager.setRealm("http://192.168.3.39:8080/helloworld") and manager.setReturnTo("http://192.168.3.39:8080/helloworld/openid"); if i change the last "openid" to a html file ,it will ok ? Could you please help in resolving ? thanks very much!


Sign in to add a comment
Powered by Google Project Hosting