Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagejava
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE­2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.application.authenticator.social.facebook2;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.oltu.oauth2.client.request.OAuthClientRequest;
import org.apache.oltu.oauth2.client.response.OAuthAuthzResponse;
import org.apache.oltu.oauth2.common.exception.OAuthProblemException;
import org.apache.oltu.oauth2.common.exception.OAuthSystemException;
import org.apache.oltu.oauth2.common.utils.JSONUtils;
import org.wso2.carbon.identity.application.authentication.framework.AbstractApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.FederatedApplicationAuthenticator;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authentication.framework.exception.ApplicationAuthenticatorException;
import org.wso2.carbon.identity.application.authentication.framework.exception.AuthenticationFailedException;
import org.wso2.carbon.identity.application.authentication.framework.model.AuthenticatedUser;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkConstants;
import org.wso2.carbon.identity.application.authentication.framework.util.FrameworkUtils;
import org.wso2.carbon.identity.application.common.model.ClaimMapping;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
import org.wso2.carbon.identity.base.IdentityConstants;
import org.wso2.carbon.identity.core.util.IdentityUtil;
import org.wso2.carbon.identity.core.util.IdentityIOStreamUtils;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLConnection;
import java.nio.charset.Charset;
import java.util.*;
public class FacebookCustomAuthenticator extends AbstractApplicationAuthenticator implements
FederatedApplicationAuthenticator {
private static final Log log = LogFactory.getLog(FacebookCustomAuthenticator.class);
private static final long serialVersionUID = ­1465329490183756028L;
private String tokenEndpoint;
private String oAuthEndpoint;
private String userInfoEndpoint;
/**
* initiate tokenEndpoint
*/
private void initTokenEndpoint() {
this.tokenEndpoint =
getAuthenticatorConfig().getParameterMap().get(FacebookCustomAuthenticatorConstants
.FB_TOKEN_URL);
if (StringUtils.isBlank(this.tokenEndpoint)) {
this.tokenEndpoint = IdentityApplicationConstants.FB_TOKEN_URL;
}
}
/**
* initiate authorization server endpoint
*/
private void initOAuthEndpoint() {
this.oAuthEndpoint =
getAuthenticatorConfig().getParameterMap().get(FacebookCustomAuthenticatorConstants
.FB_AUTHZ_URL);
if (StringUtils.isBlank(this.oAuthEndpoint)) {
this.oAuthEndpoint = IdentityApplicationConstants.FB_AUTHZ_URL;
}
}
/**
* initiate userInfoEndpoint
*/
private void initUserInfoEndPoint() {
this.userInfoEndpoint =
getAuthenticatorConfig().getParameterMap().get(FacebookCustomAuthenticatorConstants
.FB_USER_INFO_URL);
if (StringUtils.isBlank(this.userInfoEndpoint)) {
this.userInfoEndpoint = IdentityApplicationConstants.FB_USER_INFO_URL;
}
}
/**
* get the tokenEndpoint.
* @return tokenEndpoint
*/
private String getTokenEndpoint() {
if (StringUtils.isBlank(this.tokenEndpoint)) {
initTokenEndpoint();
}
return this.tokenEndpoint;
}
/**
* get the oAuthEndpoint.
* @return oAuthEndpoint
*/
private String getAuthorizationServerEndpoint() {
if (StringUtils.isBlank(this.oAuthEndpoint)) {
initOAuthEndpoint();
}
return this.oAuthEndpoint;
}
/**
* get the userInfoEndpoint.
* @return userInfoEndpoint
*/
private String getUserInfoEndpoint() {
if (StringUtils.isBlank(this.userInfoEndpoint)) {
initUserInfoEndPoint();
}
return this.userInfoEndpoint;
}
@Override
public boolean canHandle(HttpServletRequest request) {
log.trace("Inside FacebookAuthenticator.canHandle()");
if (request.getParameter(FacebookCustomAuthenticatorConstants.OAUTH2_GRANT_TYPE_CODE) != null &&
request.getParameter(FacebookCustomAuthenticatorConstants.OAUTH2_PARAM_STATE) != null &&
FacebookCustomAuthenticatorConstants.FACEBOOK_LOGIN_TYPE.equals(getLoginType(request))) {
return true;
}
return false;
}
@Override
protected void initiateAuthenticationRequest(HttpServletRequest request,
HttpServletResponse response, AuthenticationContext context)
throws AuthenticationFailedException {
try {
Map authenticatorProperties = context.getAuthenticatorProperties();
String clientId = authenticatorProperties.get(FacebookCustomAuthenticatorConstants.CLIENT_ID);
String authorizationEP = getAuthorizationServerEndpoint();
String scope = authenticatorProperties.get(FacebookCustomAuthenticatorConstants.SCOPE);
if (StringUtils.isEmpty(scope)) {
scope = FacebookCustomAuthenticatorConstants.EMAIL;
}
String callbackUrl = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
String state = context.getContextIdentifier() + "," +
FacebookCustomAuthenticatorConstants.FACEBOOK_LOGIN_TYPE;
OAuthClientRequest authzRequest =
OAuthClientRequest.authorizationLocation(authorizationEP)
.setClientId(clientId)
.setRedirectURI(callbackUrl)
.setResponseType(FacebookCustomAuthenticatorConstants.OAUTH2_GRANT_TYPE_CODE)
.setScope(scope).setState(state)
.buildQueryMessage();
response.sendRedirect(authzRequest.getLocationUri());
} catch (IOException e) {
log.error("Exception while sending to the login page.", e);
throw new AuthenticationFailedException(e.getMessage(), e);
} catch (OAuthSystemException e) {
log.error("Exception while building authorization code request.", e);
throw new AuthenticationFailedException(e.getMessage(), e);
}
return;
}
@Override
protected void processAuthenticationResponse(HttpServletRequest request,
HttpServletResponse response,
AuthenticationContext context)
throws AuthenticationFailedException {
log.trace("Inside FacebookAuthenticator.authenticate()");
try {
Map authenticatorProperties = context.getAuthenticatorProperties();
String clientId = authenticatorProperties.get(FacebookCustomAuthenticatorConstants.CLIENT_ID);
String clientSecret =
authenticatorProperties.get(FacebookCustomAuthenticatorConstants.CLIENT_SECRET);
String userInfoFields =
authenticatorProperties.get(FacebookCustomAuthenticatorConstants.USER_INFO_FIELDS);
String tokenEndPoint = getTokenEndpoint();
String fbauthUserInfoUrl = getUserInfoEndpoint();
String callbackUrl = IdentityUtil.getServerURL(FrameworkConstants.COMMONAUTH, true, true);
String code = getAuthorizationCode(request);
String token = getToken(tokenEndPoint, clientId, clientSecret, callbackUrl, code);
if (!StringUtils.isBlank(userInfoFields)) {
if (context.getExternalIdP().getIdentityProvider().getClaimConfig() != null && !StringUtils.isBlank
(context.getExternalIdP().getIdentityProvider().getClaimConfig().getUserClaimURI())) {
String userClaimUri = context.getExternalIdP().getIdentityProvider().getClaimConfig()
.getUserClaimURI();
if (!Arrays.asList(userInfoFields.split(",")).contains(userClaimUri)) {
userInfoFields += ("," + userClaimUri);
}
} else {
if (!Arrays.asList(userInfoFields.split(",")).contains(FacebookCustomAuthenticatorConstants
.DEFAULT_USER_IDENTIFIER)) {
userInfoFields += ("," + FacebookCustomAuthenticatorConstants.DEFAULT_USER_IDENTIFIER);
}
}
}
Map userInfoJson = getUserInfoJson(fbauthUserInfoUrl, userInfoFields, token);
buildClaims(context, userInfoJson);
} catch (ApplicationAuthenticatorException e) {
log.error("Failed to process Facebook Connect response.", e);
throw new AuthenticationFailedException(e.getMessage(), e);
}
}
private String getAuthorizationCode(HttpServletRequest request) throws ApplicationAuthenticatorException {
OAuthAuthzResponse authzResponse;
try {
authzResponse = OAuthAuthzResponse.oauthCodeAuthzResponse(request);
return authzResponse.getCode();
} catch (OAuthProblemException e) {
throw new ApplicationAuthenticatorException("Exception while reading authorization code.", e);
}
}
private String getToken(String tokenEndPoint, String clientId, String clientSecret,
String callbackurl, String code) throws ApplicationAuthenticatorException {
OAuthClientRequest tokenRequest = null;
String token = null;
try {
tokenRequest =
buidTokenRequest(tokenEndPoint, clientId, clientSecret, callbackurl,
code);
token = sendRequest(tokenRequest.getLocationUri());
if (token.startsWith("{")) {
throw new ApplicationAuthenticatorException("Received access token is invalid.");
}
} catch (MalformedURLException e) {
if (log.isDebugEnabled()) {
log.debug("URL : " + tokenRequest.getLocationUri());
}
throw new ApplicationAuthenticatorException(
"MalformedURLException while sending access token request.",
e);
} catch (IOException e) {
throw new ApplicationAuthenticatorException("IOException while sending access token request.", e);
}
return token;
}
private OAuthClientRequest buidTokenRequest(
String tokenEndPoint, String clientId, String clientSecret, String callbackurl, String code)
throws ApplicationAuthenticatorException {
OAuthClientRequest tokenRequest = null;
try {
tokenRequest =
OAuthClientRequest.tokenLocation(tokenEndPoint).setClientId(clientId)
.setClientSecret(clientSecret)
.setRedirectURI(callbackurl).setCode(code)
.buildQueryMessage();
} catch (OAuthSystemException e) {
throw new ApplicationAuthenticatorException("Exception while building access token request.", e);
}
return tokenRequest;
}
private String getUserInfoString(String fbAuthUserInfoUrl, String userInfoFields, String token)
throws ApplicationAuthenticatorException {
String userInfoString;
try {
if (StringUtils.isBlank(userInfoFields)) {
userInfoString = sendRequest(String.format("%s?%s", fbAuthUserInfoUrl, token));
} else {
userInfoString = sendRequest(String.format("%s?fields=%s&%s", fbAuthUserInfoUrl, userInfoFields,
token));
}
} catch (MalformedURLException e) {
if (log.isDebugEnabled()) {
log.debug("URL : " + fbAuthUserInfoUrl, e);
}
throw new ApplicationAuthenticatorException(
"MalformedURLException while sending user information request.",
e);
} catch (IOException e) {
throw new ApplicationAuthenticatorException(
"IOException while sending sending user information request.",
e);
}
return userInfoString;
}
private void setSubject(AuthenticationContext context, Map jsonObject)
throws ApplicationAuthenticatorException {
String authenticatedUserId = (String)
jsonObject.get(FacebookCustomAuthenticatorConstants.DEFAULT_USER_IDENTIFIER);
if (StringUtils.isEmpty(authenticatedUserId)) {
throw new ApplicationAuthenticatorException("Authenticated user identifier is empty");
}
AuthenticatedUser authenticatedUser =
AuthenticatedUser.createFederateAuthenticatedUserFromSubjectIdentifier(authenticatedUserId);
context.setSubject(authenticatedUser);
}
private Map getUserInfoJson(String fbAuthUserInfoUrl, String userInfoFields, String token)
throws ApplicationAuthenticatorException {
String userInfoString = getUserInfoString(fbAuthUserInfoUrl, userInfoFields, token);
if (log.isDebugEnabled() && IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_ID_TOKEN))
{
log.debug("UserInfoString : " + userInfoString);
}
Map jsonObject = JSONUtils.parseJSON(userInfoString);
return jsonObject;
}
public void buildClaims(AuthenticationContext context, Map jsonObject)
throws ApplicationAuthenticatorException {
if (jsonObject != null) {
Map claims = new HashMap();
for (Map.Entry entry : jsonObject.entrySet()) {
claims.put(ClaimMapping.build(entry.getKey(), entry.getKey(), null,
false), entry.getValue().toString());
if (log.isDebugEnabled() &&
IdentityUtil.isTokenLoggable(IdentityConstants.IdentityTokens.USER_CLAIMS)) {
log.debug("Adding claim mapping : " + entry.getKey() + " <> " + entry.getKey() + " : "
+ entry.getValue());
}
}
if (StringUtils.isBlank(context.getExternalIdP().getIdentityProvider().getClaimConfig().getUserClaimURI())) {
context.getExternalIdP().getIdentityProvider().getClaimConfig().setUserClaimURI
(FacebookCustomAuthenticatorConstants.EMAIL);
}
String subjectFromClaims = FrameworkUtils.getFederatedSubjectFromClaims(
context.getExternalIdP().getIdentityProvider(), claims);
if (subjectFromClaims != null && !subjectFromClaims.isEmpty()) {
AuthenticatedUser authenticatedUser =
AuthenticatedUser.createFederateAuthenticatedUserFromSubjectIdentifier(subjectFromClaims);
context.setSubject(authenticatedUser);
} else {
setSubject(context, jsonObject);
}
context.getSubject().setUserAttributes(claims);
} else {
if (log.isDebugEnabled()) {
log.debug("Decoded json object is null");
}
throw new ApplicationAuthenticatorException("Decoded json object is null");
}
}
@Override
public String getContextIdentifier(HttpServletRequest request) {
log.trace("Inside FacebookAuthenticator.getContextIdentifier()");
String state = request.getParameter(FacebookCustomAuthenticatorConstants.OAUTH2_PARAM_STATE);
if (state != null) {
return state.split(",")[0];
} else {
return null;
}
}
private String sendRequest(String url) throws IOException {
BufferedReader in = null;
StringBuilder b = new StringBuilder();
try{
URLConnection urlConnection = new URL(url).openConnection();
in = new BufferedReader(new InputStreamReader(urlConnection.getInputStream(),
Charset.forName("utf­8")));
String inputLine = in.readLine();
while (inputLine != null) {
b.append(inputLine).append("\n");
inputLine = in.readLine();
}
} finally {
IdentityIOStreamUtils.closeReader(in);
}
return b.toString();
}
private String getLoginType(HttpServletRequest request) {
String state = request.getParameter(FacebookCustomAuthenticatorConstants.OAUTH2_PARAM_STATE);
if (state != null) {
return state.split(",")[1];
} else {
return null;
}
}
@Override
public String getFriendlyName() {
return "Custom­Facebook";
}
@Override
public String getName() {
return FacebookCustomAuthenticatorConstants.AUTHENTICATOR_NAME;
}
@Override
public List getConfigurationProperties() {
List configProperties = new ArrayList();
Property clientId = new Property();
clientId.setName(FacebookCustomAuthenticatorConstants.CLIENT_ID);
clientId.setDisplayName("Client Id");
clientId.setRequired(true);
clientId.setDescription("Enter Facebook client identifier value");
configProperties.add(clientId);
Property clientSecret = new Property();
clientSecret.setName(FacebookCustomAuthenticatorConstants.CLIENT_SECRET);
clientSecret.setDisplayName("Client Secret");
clientSecret.setRequired(true);
clientSecret.setConfidential(true);
clientSecret.setDescription("Enter Facebook client secret value");
configProperties.add(clientSecret);
Property scope = new Property();
scope.setName(FacebookCustomAuthenticatorConstants.SCOPE);
scope.setDisplayName("Scope");
scope.setDescription("Enter Facebook scopes");
scope.setDefaultValue("id");
scope.setRequired(false);
configProperties.add(scope);
Property userIdentifier = new Property();
userIdentifier.setName(FacebookCustomAuthenticatorConstants.USER_INFO_FIELDS);
userIdentifier.setDisplayName("User Identifier Field");
userIdentifier.setDescription("Enter Facebook user identifier field");
userIdentifier.setDefaultValue("id");
userIdentifier.setRequired(false);
configProperties.add(userIdentifier);
return configProperties;
}
}
/*
* Copyright (c) 2014, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE­2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.application.authenticator.social.facebook2;
public class FacebookCustomAuthenticatorConstants {
public static final String AUTHENTICATOR_NAME = "FacebookAuthenticator­Custom";
public static final String FACEBOOK_LOGIN_TYPE = "facebook";
public static final String OAUTH2_GRANT_TYPE_CODE = "code";
public static final String OAUTH2_PARAM_STATE = "state";
public static final String EMAIL = "email";
public static final String SCOPE = "Scope";
public static final String USER_INFO_FIELDS = "UserInfoFields";
public static final String DEFAULT_USER_IDENTIFIER = "id";
public static final String CLIENT_ID = "ClientId";
public static final String CLIENT_SECRET = "ClientSecret";
public static final String FB_AUTHZ_URL = "AuthnEndpoint";
public static final String FB_TOKEN_URL = "AuthTokenEndpoint";
public static final String FB_USER_INFO_URL = "UserInfoEndpoint";
private FacebookCustomAuthenticatorConstants() {
}
}
/*
* Copyright (c) WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE­2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.application.authenticator.social.internal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authenticator.social.facebook2.FacebookCustomAuthenticator;
import java.util.Hashtable;
/**
* @scr.component name="identity.application.authenticator.facebook.component"
* immediate="true"
*/
public class FacebookCustomAuthenticatorServiceComponent {
private static final Log LOGGER = LogFactory.getLog(FacebookCustomAuthenticatorServiceComponent.class);
protected void activate(ComponentContext ctxt) {
try {
FacebookCustomAuthenticator facebookAuthenticator = new FacebookCustomAuthenticator();
Hashtable props = new Hashtable();
ctxt.getBundleContext().registerService(ApplicationAuthenticator.class.getName(),
facebookAuthenticator, props);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Facebook Custome Authenticator bundle is activated");
}
} catch (Throwable e) {
LOGGER.fatal(" Error while activating Facebook authenticator ", e);
}
}
protected void deactivate(ComponentContext ctxt) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Facebook Custom Authenticator bundle is deactivated");
}
}
}

Custom authenticator for Google

This section includes the code used to write the custom authenticator for Google.

  1. Download the source code from here using the following command on your terminal. 

    Code Block
    $ svn checkout https://svn.wso2.org/repos/wso2/people/thanuja/org.wso2.carbon.identity.application.authenticator.social/
  2. Navigate to the folder you just downloaded, which contains the pom.xml file and build the source code by running the following command on your terminal. 

    Code Block
    $ mvn clean install
  3. Copy the org.wso2.carbon.identity.application.authenticator.custom.google­5.0.0.jar file found inside the target folder and paste it in the <IS_HOME>/repository/components/dropins folder. 

 

Code Block
languagejava
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE­2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.application.authenticator.custom.google;
import org.apache.commons.lang.StringUtils;
import org.apache.oltu.oauth2.client.response.OAuthClientResponse;
import org.wso2.carbon.identity.application.authentication.framework.context.AuthenticationContext;
import org.wso2.carbon.identity.application.authenticator.oidc.OIDCAuthenticatorConstants;
import org.wso2.carbon.identity.application.authenticator.oidc.OpenIDConnectAuthenticator;
import org.wso2.carbon.identity.application.common.model.Property;
import org.wso2.carbon.identity.application.common.util.IdentityApplicationConstants;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
public class GoogleCustomOAuth2Authenticator extends OpenIDConnectAuthenticator {
private static final long serialVersionUID = ­4154255583070524011L;
private String tokenEndpoint;
private String oAuthEndpoint;
private String userInfoURL;
/**
* initiate tokenEndpoint
*/
private void initTokenEndpoint() {
this.tokenEndpoint =
getAuthenticatorConfig().getParameterMap().get(GoogleCustomOAuth2AuthenticationConstant
.GOOGLE_TOKEN_ENDPOINT);
if (StringUtils.isBlank(this.tokenEndpoint)) {
this.tokenEndpoint = IdentityApplicationConstants.GOOGLE_TOKEN_URL;
}
}
/**
* initiate authorization server endpoint
*/
private void initOAuthEndpoint() {
this.oAuthEndpoint =
getAuthenticatorConfig().getParameterMap().get(GoogleCustomOAuth2AuthenticationConstant
.GOOGLE_AUTHZ_ENDPOINT);
if (StringUtils.isBlank(this.oAuthEndpoint)) {
this.oAuthEndpoint = IdentityApplicationConstants.GOOGLE_OAUTH_URL;
}
}
/**
* Initialize the Yahoo user info url.
*/
private void initUserInfoURL() {
userInfoURL = getAuthenticatorConfig()
.getParameterMap()
.get(GoogleCustomOAuth2AuthenticationConstant.GOOGLE_USERINFO_ENDPOINT);
if (userInfoURL == null) {
userInfoURL = IdentityApplicationConstants.GOOGLE_USERINFO_URL;
}
}
/**
* Get the user info endpoint url.
* @return User info endpoint url.
*/
private String getUserInfoURL() {
if(userInfoURL == null) {
initUserInfoURL();
}
return userInfoURL;
}
/**
* Get Authorization Server Endpoint
*
* @param authenticatorProperties this is not used currently in the method
* @return oAuthEndpoint
*/
@Override
protected String getAuthorizationServerEndpoint(Map<String, String> authenticatorProperties) {
if (StringUtils.isBlank(this.oAuthEndpoint)) {
initOAuthEndpoint();
}
return this.oAuthEndpoint;
}
/**
* Get Token Endpoint
*
* @param authenticatorProperties this is not used currently in the method
* @return tokenEndpoint
*/
@Override
protected String getTokenEndpoint(Map<String, String> authenticatorProperties) {
if (StringUtils.isBlank(this.tokenEndpoint)) {
initTokenEndpoint();
}
return this.tokenEndpoint;
}
/**
* Get Scope
*
* @param scope
* @param authenticatorProperties
* @return
*/
@Override
protected String getScope(String scope,
Map<String, String> authenticatorProperties) {
return GoogleCustomOAuth2AuthenticationConstant.GOOGLE_SCOPE;
}
@Override
protected String getAuthenticateUser(AuthenticationContext context, Map<String, Object> jsonObject,
OAuthClientResponse token) {
if (jsonObject.get(OIDCAuthenticatorConstants.Claim.EMAIL) == null) {
return (String) jsonObject.get("sub");
} else {
return (String) jsonObject.get(OIDCAuthenticatorConstants.Claim.EMAIL);
}
}
/**
* Get google user info endpoint.
* @param token OAuth client response.
* @return User info endpoint.
*/
@Override
protected String getUserInfoEndpoint(OAuthClientResponse token, Map<String, String> authenticatorProperties) {
return getUserInfoURL();
}
@Override
protected String getQueryString(Map<String, String> authenticatorProperties) {
return
authenticatorProperties.get(GoogleCustomOAuth2AuthenticationConstant.ADDITIONAL_QUERY_PARAMS);
}
/**
* Get Configuration Properties
*
* @return
*/
@Override
public List<Property> getConfigurationProperties() {
List<Property> configProperties = new ArrayList<Property>();
Property clientId = new Property();
clientId.setName(OIDCAuthenticatorConstants.CLIENT_ID);
clientId.setDisplayName("Client Id");
clientId.setRequired(true);
clientId.setDescription("Enter Google IDP client identifier value");
clientId.setDisplayOrder(1);
configProperties.add(clientId);
Property clientSecret = new Property();
clientSecret.setName(OIDCAuthenticatorConstants.CLIENT_SECRET);
clientSecret.setDisplayName("Client Secret");
clientSecret.setRequired(true);
clientSecret.setConfidential(true);
clientSecret.setDescription("Enter Google IDP client secret value");
clientSecret.setDisplayOrder(2);
configProperties.add(clientSecret);
Property callbackUrl = new Property();
callbackUrl.setDisplayName("Callback Url");
callbackUrl.setName(IdentityApplicationConstants.OAuth2.CALLBACK_URL);
callbackUrl.setDescription("Enter value corresponding to callback url.");
callbackUrl.setDisplayOrder(3);
configProperties.add(callbackUrl);
Property scope = new Property();
scope.setDisplayName("Additional Query Parameters");
scope.setName("AdditionalQueryParameters");
scope.setValue("scope=openid email profile");
scope.setDescription("Additional query parameters. e.g: paramName1=value1");
scope.setDisplayOrder(4);
configProperties.add(scope);
return configProperties;
}
/**
* Get Friendly Name
*
* @return
*/
@Override
public String getFriendlyName() {
return GoogleCustomOAuth2AuthenticationConstant.GOOGLE_CONNECTOR_FRIENDLY_NAME;
}
/**
* GetName
*
* @return
*/
@Override
public String getName() {
return GoogleCustomOAuth2AuthenticationConstant.GOOGLE_CONNECTOR_NAME;
}
}
/*
* Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE­2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.application.authenticator.custom.google;
public class GoogleCustomOAuth2AuthenticationConstant {
private GoogleCustomOAuth2AuthenticationConstant() {
}
public static final String GOOGLE_AUTHZ_ENDPOINT = "GoogleAuthzEndpoint";
public static final String GOOGLE_TOKEN_ENDPOINT = "GoogleTokenEndpoint";
public static final String GOOGLE_USERINFO_ENDPOINT = "GoogleUserInfoEndpoint";
public static final String GOOGLE_CONNECTOR_FRIENDLY_NAME = "Custom Google Authenticator";
public static final String GOOGLE_CONNECTOR_NAME = "CustomGoogleOAUth2OpenIDAuthenticator";
public static final String GOOGLE_SCOPE = "openid email profile";
public static final String CALLBACK_URL = "Google­callback­url";
public static final String ADDITIONAL_QUERY_PARAMS = "AdditionalQueryParameters";
}
/*
* Copyright (c) WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE­2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.application.authenticator.custom.internal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.identity.application.authentication.framework.ApplicationAuthenticator;
import org.wso2.carbon.identity.application.authenticator.custom.google.GoogleCustomOAuth2Authenticator;
import java.util.Hashtable;
/**
* @scr.component name="identity.application.authenticator.custom.google.component" immediate="true"
*/
public class GoogleCustomAuthenticatorServiceComponent {
private static final Log LOGGER = LogFactory.getLog(GoogleCustomAuthenticatorServiceComponent.class);
protected void activate(ComponentContext context) {
try {
GoogleCustomOAuth2Authenticator googleAuthenticator = new GoogleCustomOAuth2Authenticator();
Hashtable<String, String> props = new Hashtable<String, String>();
context.getBundleContext().registerService(ApplicationAuthenticator.class.getName(),
googleAuthenticator, props);
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Google custom authenticator bundle is activated");
}
} catch (Exception e) {
LOGGER.fatal(" Error while activating Google authenticator ", e);
}
}
protected void deactivate(ComponentContext context) {
if (LOGGER.isDebugEnabled()) {
LOGGER.debug("Google custom authenticator bundle is deactivated");
}
}
}
<?xml version="1.0" encoding="utf­8"?>
<!­­
~ Copyright (c) 2015, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
~
~ Licensed under the Apache License, Version 2.0 (the "License");
~ you may not use this file except in compliance with the License.
~ You may obtain a copy of the License at
~
~ http://www.apache.org/licenses/LICENSE­2.0
~
~ Unless required by applicable law or agreed to in writing, software
~ distributed under the License is distributed on an "AS IS" BASIS,
~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
~ See the License for the specific language governing permissions and
~ limitations under the License.
­­>
<project xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema­instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven­v4_0_0.xsd">
<parent>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>application­authenticators</artifactId>
<version>5.0.7</version>
</parent>
<modelVersion>4.0.0</modelVersion>
<artifactId>org.wso2.carbon.identity.application.authenticator.custom.google</artifactId>
<packaging>bundle</packaging>
<version>5.0.0</version>
<repositories>
<!­­ Before adding ANYTHING in here, please start a discussion on the dev list.
Ideally the Axis2 build should only use Maven central (which is available
by default) and nothing else. We had troubles with other repositories in
the past. Therefore configuring additional repositories here should be
considered very carefully. ­­>
<repository>
<id>wso2­nexus</id>
<name>WSO2 internal Repository</name>
<url>http://maven.wso2.org/nexus/content/groups/wso2­public/</url>
<releases>
<enabled>true</enabled>
<updatePolicy>daily</updatePolicy>
<checksumPolicy>ignore</checksumPolicy>
</releases>
</repository>
<repository>
<id>wso2.releases</id>
<name>WSO2 internal Repository</name>
<url>http://maven.wso2.org/nexus/content/repositories/releases/</url>
<releases>
<enabled>true</enabled>
<updatePolicy>daily</updatePolicy>
<checksumPolicy>ignore</checksumPolicy>
</releases>
</repository>
<repository>
<id>wso2.snapshots</id>
<name>WSO2 Snapshot Repository</name>
<url>http://maven.wso2.org/nexus/content/repositories/snapshots/</url>
<snapshots>
<enabled>true</enabled>
<updatePolicy>daily</updatePolicy>
</snapshots>
<releases>
<enabled>false</enabled>
</releases>
</repository>
</repositories>
<dependencies>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.logging</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>org.wso2.carbon.identity.application.authentication.framework</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon</groupId>
<artifactId>org.wso2.carbon.ui</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.orbit.org.apache.oltu.oauth2</groupId>
<artifactId>oltu</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>org.wso2.carbon.identity.application.common</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>org.wso2.carbon.identity.application.authenticator.openid</artifactId>
</dependency>
<dependency>
<groupId>org.wso2.carbon.identity</groupId>
<artifactId>org.wso2.carbon.identity.application.authenticator.oidc</artifactId>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven­scr­plugin</artifactId>
</plugin>
<plugin>
<groupId>org.apache.felix</groupId>
<artifactId>maven­bundle­plugin</artifactId>
<extensions>true</extensions>
<configuration>
<instructions>
<Bundle­SymbolicName>${project.artifactId}</Bundle­SymbolicName>
<Bundle­Name>${project.artifactId}</Bundle­Name>
<Private­Package>
org.wso2.carbon.identity.application.authenticator.custom.internal
</Private­Package>
<Import­Package>
javax.servlet.http; version="${imp.pkg.version.javax.servlet}",
org.apache.oltu.oauth2.*; version="${oltu.package.import.version.range}",
org.apache.commons.lang; version="${commons­lang.wso2.osgi.version.range}",
org.apache.commons.logging; version="${commons­logging.osgi.version.range}",
org.apache.commons.codec.binary; version="${commons­codec.wso2.osgi.version.range}",
org.osgi.framework; version="${osgi.framework.imp.pkg.version.range}",
org.osgi.service.component; version="${osgi.service.component.imp.pkg.version.range}",
org.wso2.carbon.identity.application.authentication.framework.*;
version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.application.common.model;
version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.identity.core.util;
version="${carbon.identity.package.import.version.range}",
org.wso2.carbon.ui; version="${carbon.kernel.package.import.version.range}",
org.wso2.carbon.identity.application.authenticator.oidc; version="[5.0.7, 5.1.0)"
</Import­Package>
<Export­Package>
!org.wso2.carbon.identity.application.authenticator.custom.internal,
org.wso2.carbon.identity.application.authenticator.custom.google.*;
version="5.0.0"
</Export­Package>
</instructions>
</configuration>
</plugin>
</plugins>
</build>
</project