org.openxri.proxy.impl
Class OpenIDHackProxy

java.lang.Object
  extended by org.openxri.proxy.impl.OpenIDHackProxy
All Implemented Interfaces:
Proxy

public class OpenIDHackProxy
extends java.lang.Object
implements Proxy

Provides a servlet implementation for the XRI resolution protocol

Author:
=wil, srinivasa.adapa@neustar.com In the follow-up of the May 2007 OASIS F2F Meeting in San Diego, it was discussed whether an OpenID relying party could be tricked into accepting any HXRI as an OpenID. The idea was to have the proxy check if the client sends a User-Agent header. If that header was missing, the proxy would assume the request comes from an OpenID relying party instead of a webbrowser, and it would output a Yadis-compliant HTML document that every OpenID RP understands. The idea was later dropped because this method was found to be too unreliable., =peacekeeper

Nested Class Summary
protected  class OpenIDHackProxy.QueryParams
           
 
Field Summary
static java.lang.String _XRD_M
           
static java.lang.String _XRD_R
           
static java.lang.String _XRD_T
           
protected  ProxyConfig config
           
static java.lang.String HTTP_ERROR_CONTENT_TYPE
           
static java.lang.String HTTP_XML_CONTENT_TYPE
           
protected static org.apache.commons.logging.Log log
          Static Logging object that can be used by derived classes
protected  Resolver resolver
          The XRI resolver object for the server.
protected  boolean supportRedirect
           
protected  boolean supportURIList
           
protected  boolean supportXRD
           
protected  boolean supportXRDS
           
 
Constructor Summary
OpenIDHackProxy(ProxyConfig config)
           
 
Method Summary
protected  java.lang.String buildAbsoluteURL(javax.servlet.http.HttpServletRequest request, java.lang.String relPath)
           
 void init()
           
protected  OpenIDHackProxy.QueryParams parseQuery(javax.servlet.http.HttpServletRequest req)
           
 void process(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response)
          Service an incoming request.
protected  void sendFatalError(javax.servlet.http.HttpServletResponse resp, java.lang.String errorMessage)
          This method is called when an unknown error is encountered.
protected  void sendPartialResponse(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, boolean isDumbBrowser, MimeType resMediaType, XRDS partialXRDS, TrustType trustType)
           
protected  void sendResponse(javax.servlet.http.HttpServletResponse response, boolean isDumbBrowser, java.lang.String contentType, java.lang.String result, TrustType trustType)
          Send a HTTP response to the client.
protected  void sendResponse(javax.servlet.http.HttpServletResponse response, int statusCode, java.lang.String contentType, java.lang.String result, TrustType trustType)
          Send a HTTP response with the specified status code to the client.
protected  void sendResponse(javax.servlet.http.HttpServletResponse response, java.lang.String contentType, java.lang.String result, TrustType trustType)
          Send a HTTP response to the client.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

config

protected ProxyConfig config

log

protected static org.apache.commons.logging.Log log
Static Logging object that can be used by derived classes


_XRD_R

public static final java.lang.String _XRD_R
See Also:
Constant Field Values

_XRD_T

public static final java.lang.String _XRD_T
See Also:
Constant Field Values

_XRD_M

public static final java.lang.String _XRD_M
See Also:
Constant Field Values

HTTP_ERROR_CONTENT_TYPE

public static final java.lang.String HTTP_ERROR_CONTENT_TYPE
See Also:
Constant Field Values

HTTP_XML_CONTENT_TYPE

public static final java.lang.String HTTP_XML_CONTENT_TYPE
See Also:
Constant Field Values

supportXRDS

protected boolean supportXRDS

supportXRD

protected boolean supportXRD

supportURIList

protected boolean supportURIList

supportRedirect

protected boolean supportRedirect

resolver

protected Resolver resolver
The XRI resolver object for the server. Used for proxied resolution.

Constructor Detail

OpenIDHackProxy

public OpenIDHackProxy(ProxyConfig config)
Method Detail

init

public void init()
          throws ProxyException
Specified by:
init in interface Proxy
Throws:
ProxyException

process

public void process(javax.servlet.http.HttpServletRequest request,
                    javax.servlet.http.HttpServletResponse response)
Service an incoming request.

Specified by:
process in interface Proxy

buildAbsoluteURL

protected java.lang.String buildAbsoluteURL(javax.servlet.http.HttpServletRequest request,
                                            java.lang.String relPath)

sendFatalError

protected void sendFatalError(javax.servlet.http.HttpServletResponse resp,
                              java.lang.String errorMessage)
This method is called when an unknown error is encountered. This simply outputs the error message in text/plain.

Parameters:
resp -
errorMessage -

sendPartialResponse

protected void sendPartialResponse(javax.servlet.http.HttpServletRequest request,
                                   javax.servlet.http.HttpServletResponse response,
                                   boolean isDumbBrowser,
                                   MimeType resMediaType,
                                   XRDS partialXRDS,
                                   TrustType trustType)
                            throws java.io.IOException
Throws:
java.io.IOException

sendResponse

protected void sendResponse(javax.servlet.http.HttpServletResponse response,
                            boolean isDumbBrowser,
                            java.lang.String contentType,
                            java.lang.String result,
                            TrustType trustType)
                     throws java.io.IOException
Send a HTTP response to the client. This method is designed to be overridden by subclasses for user-friendly display of errors.

Parameters:
isDumbBrowser - flag to indicate if the client was detected to be a browser
Throws:
java.io.IOException

sendResponse

protected void sendResponse(javax.servlet.http.HttpServletResponse response,
                            java.lang.String contentType,
                            java.lang.String result,
                            TrustType trustType)
                     throws java.io.IOException
Send a HTTP response to the client.

Throws:
java.io.IOException

sendResponse

protected void sendResponse(javax.servlet.http.HttpServletResponse response,
                            int statusCode,
                            java.lang.String contentType,
                            java.lang.String result,
                            TrustType trustType)
                     throws java.io.IOException
Send a HTTP response with the specified status code to the client.

Parameters:
response -
statusCode -
contentType -
result -
trustType -
Throws:
java.io.IOException

parseQuery

protected OpenIDHackProxy.QueryParams parseQuery(javax.servlet.http.HttpServletRequest req)


Copyright © 2005-2012. All Rights Reserved.