- 网上找了半天,参考资料很少,好不容易写了一个,记录下来,
package com.jiuqi.crcc.controller;
import java.net.URLEncoder;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.openid4java.consumer.ConsumerManager;
import org.openid4java.consumer.InMemoryConsumerAssociationStore;
import org.openid4java.consumer.InMemoryNonceVerifier;
import org.openid4java.consumer.VerificationResult;
import org.openid4java.discovery.DiscoveryInformation;
import org.openid4java.discovery.Identifier;
import org.openid4java.message.AuthRequest;
import org.openid4java.message.AuthSuccess;
import org.openid4java.message.MessageExtension;
import org.openid4java.message.ParameterList;
import org.openid4java.message.ax.AxMessage;
import org.openid4java.message.ax.FetchRequest;
import org.openid4java.message.ax.FetchResponse;
import org.openid4java.message.sreg.SRegMessage;
import org.openid4java.message.sreg.SRegResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/openid")
public class OpenIdSecurity {
private String ENDPOINT = "认证地址";
private String loginUrl="填写需要登录的网址";
private static final Logger LOGGER = LoggerFactory.getLogger(OpenIdSecurity.class);
public final ConsumerManager manager = new ConsumerManager();
@RequestMapping("/login")
public void login(HttpServletRequest request, HttpServletResponse response) throws Exception {
if (request.getAttribute("consumermanager") == null) {
ConsumerManager newmgr = new ConsumerManager();
newmgr.setAssociations(new InMemoryConsumerAssociationStore());
newmgr.setNonceVerifier(new InMemoryNonceVerifier(5000));
request.setAttribute("consumermanager", newmgr);
}
String returnToUrl = "http://localhost:7007/openid/return";
List discoveries = manager.discover(ENDPOINT);
DiscoveryInformation discovered = manager.associate(discoveries);
request.getSession().setAttribute("openid-disc", discovered);
AuthRequest authReq = manager.authenticate(discovered, returnToUrl);
FetchRequest fetch = FetchRequest.createFetchRequest();
fetch.addAttribute("fullname", "http://openid.net/schema/namePerson/friendly", true);
fetch.addAttribute("email", "http://openid.net/schema/contact/internet/email", true);
authReq.addExtension(fetch);
response.sendRedirect(authReq.getDestinationUrl(true));
}
@RequestMapping("/return")
public void returnVerify(HttpServletRequest request, HttpServletResponse response) {
String fullname = null;
String email = null;
try {
ConsumerManager manager = (ConsumerManager) request.getAttribute("consumermanager");
ParameterList params = new ParameterList(request.getParameterMap());
DiscoveryInformation discovered = (DiscoveryInformation) request.getSession().getAttribute("openid-disc");
StringBuffer url = request.getRequestURL();
String query = request.getQueryString();
if (query != null && query.length() > 0) {
url.append("?").append(query);
}
VerificationResult verification = manager.verify(url.toString(), params, discovered);
Identifier verified = verification.getVerifiedId();
if (verified != null) {
AuthSuccess authSuccess = (AuthSuccess) verification.getAuthResponse();
if (authSuccess.hasExtension(SRegMessage.OPENID_NS_SREG)) {
MessageExtension ext = authSuccess.getExtension(SRegMessage.OPENID_NS_SREG);
if (ext instanceof SRegResponse) {
SRegResponse regResp = (SRegResponse) ext;
email = regResp.getAttributeValue("email");
fullname = regResp.getAttributeValue("fullname");
}
} else if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
MessageExtension ext = authSuccess.getExtension(AxMessage.OPENID_NS_AX);
if (ext instanceof FetchResponse) {
FetchResponse fetchResp = (FetchResponse) ext;
email = (String) fetchResp.getAttributeValues("email").get(0);
fullname = (String) fetchResp.getAttributeValues("fullname").get(0);
}
}
System.out.println(email + ">>>>>>>>" + fullname);
if(email==null|email.length()==0) {
}else if(fullname==null|fullname.length()==0){
}else {
email=URLEncoder.encode(email, "UTF-8");
response.sendRedirect(loginUrl + "?email=" + email);
}
}
} catch (Exception e) {
LOGGER.error(e.getMessage(), e);
}
}
}