partial refactor of authentication api for openid

api/src/main/java/org/jboss/seam/security/AuthenticationException.java

@@ -0,0 +1,22 @@
+package org.jboss.seam.security;
+
+/**
+ * Thrown if there is an error during the authentication process
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public class AuthenticationException extends SecurityException
+{
+   private static final long serialVersionUID = -7486433031372506270L;
+
+   public AuthenticationException(String message)
+   {
+      super(message);
+   }
+
+   public AuthenticationException(String message, Throwable cause)
+   {
+      super(message, cause);
+   }
+}

api/src/main/java/org/jboss/seam/security/Authenticator.java

@@ -7,5 +7,7 @@
  */
 public interface Authenticator
 {
-   boolean authenticate();
+   public enum AuthStatus { SUCCESS, FAILURE, DEFERRED }
+
+   AuthStatus authenticate();
 }

examples/openid-rp/src/main/webapp/Login.xhtml

@@ -8,26 +8,15 @@
 
 		<h:form>
 			Either choose a pre-configured OpenID provider:
-			<ul>
-				<li><h:commandLink
-					action="#{identity.startLogin('https://www.google.com/accounts/o8/id')}"
-					value="Google" /></li>
-				<li><h:commandLink
-					action="#{identity.startLogin('https://me.yahoo.com')}"
-					value="Yahoo" /> <br />
-				</li>
-				<li><h:commandLink
-					action="#{identity.startLogin('https://myopenid.com')}"
-					value="myOpenID" /> <br />
-				</li>
-				<li><h:commandLink
-					action="#{identity.startLogin('http://www.openid-op.com:8080/openid-op/openid/OP/XrdsService')}"
-					value="Seam Sample OpenID Provider" /></li>
-			</ul>
+
+			<h:selectOneRadio value="#{openIdAuthenticator.providerCode}">
+			  <f:selectItems value="#{openIdAuthenticator.providers}" var="p" itemValue="p.code" itemLabel="p.name"/>
+			</h:selectOneRadio>
+
 			or use your own OpenID:
-			<p><h:inputText value="#{login.openId}" /> <h:commandLink
-				action="#{login.login}" value="login" /></p>
+			<p><h:inputText value="#{openIdAuthenticator.openIdProviderUrl}" /> <h:commandLink
+				action="#{identity.login}" value="login" /></p>
 		</h:form>
 
 	</ui:composition>
-</f:view>
+</f:view>

external/pom.xml

@@ -60,6 +60,11 @@
 
    <dependencies>
 
+      <dependency>
+         <groupId>org.jboss.seam.security</groupId>
+         <artifactId>seam-security-api</artifactId>
+      </dependency>
+
       <dependency>
          <groupId>org.jboss.seam.servlet</groupId>
          <artifactId>seam-servlet</artifactId>

external/src/main/java/org/jboss/seam/security/external/openid/OpenIdAuthenticator.java

@@ -0,0 +1,83 @@
+package org.jboss.seam.security.external.openid;
+
+import java.util.LinkedList;
+import java.util.List;
+
+import javax.enterprise.inject.Model;
+import javax.faces.context.FacesContext;
+import javax.inject.Inject;
+import javax.servlet.http.HttpServletResponse;
+
+import org.jboss.seam.security.Authenticator;
+import org.jboss.seam.security.external.openid.api.OpenIdRelyingPartyApi;
+import org.jboss.seam.security.external.openid.api.OpenIdRequestedAttribute;
+import org.jboss.seam.security.external.openid.providers.OpenIdProvider;
+
+/**
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public @Model class OpenIdAuthenticator implements Authenticator
+{
+   private String openIdProviderUrl;
+
+   //private OpenIdProvider provider;
+
+   @Inject private OpenIdRelyingPartyApi openIdApi;
+
+   @Inject List<OpenIdProvider> providers;
+
+   private String providerCode;
+
+   public String getProviderCode()
+   {
+      return providerCode;
+   }
+
+   public void setProviderCode(String providerCode)
+   {
+      this.providerCode = providerCode;
+   }
+
+   public String getOpenIdProviderUrl()
+   {
+      return openIdProviderUrl;
+   }
+
+   public void setOpenIdProviderUrl(String openIdProviderUrl)
+   {
+      this.openIdProviderUrl = openIdProviderUrl;
+   }
+
+   protected OpenIdProvider getSelectedProvider()
+   {
+      if (providerCode != null)
+      {
+         for (OpenIdProvider provider : providers)
+         {
+            if (providerCode.equals(provider.getCode())) return provider;
+         }
+      }
+      return null;
+   }
+
+   public AuthStatus authenticate()
+   {
+      List<OpenIdRequestedAttribute> attributes = new LinkedList<OpenIdRequestedAttribute>();
+      attributes.add(openIdApi.createOpenIdRequestedAttribute("email", "http://schema.openid.net/contact/email", false, null));
+
+      OpenIdProvider selectedProvider = getSelectedProvider();
+
+      openIdApi.login(selectedProvider != null ? selectedProvider.getUrl() : getOpenIdProviderUrl(), 
+            attributes, (HttpServletResponse) FacesContext.getCurrentInstance().getExternalContext().getResponse());      
+
+      return AuthStatus.DEFERRED;
+   }
+
+   public List<OpenIdProvider> getProviders()
+   {
+      return providers;
+   }
+
+}

external/src/main/java/org/jboss/seam/security/external/openid/providers/GoogleOpenIdProvider.java

@@ -0,0 +1,28 @@
+package org.jboss.seam.security.external.openid.providers;
+
+/**
+ * Open ID provider for Google accounts
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public class GoogleOpenIdProvider implements OpenIdProvider
+{
+   public static final String CODE = "google";
+
+   public String getCode()
+   {
+      return CODE;
+   }
+
+   public String getName()
+   {
+      return "Google";
+   }
+
+   public String getUrl()
+   {
+      return "https://www.google.com/accounts/o8/id";
+   }
+
+}

external/src/main/java/org/jboss/seam/security/external/openid/providers/MyOpenIdProvider.java

@@ -0,0 +1,28 @@
+package org.jboss.seam.security.external.openid.providers;
+
+/**
+ * Open ID provider for myopenid.com
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public class MyOpenIdProvider implements OpenIdProvider
+{
+   public static final String CODE = "myopenid";
+
+   public String getCode()
+   {
+      return CODE;
+   }
+
+   public String getName()
+   {
+      return "MyOpenID";
+   }
+
+   public String getUrl()
+   {
+      return "https://myopenid.com";
+   }
+
+}

external/src/main/java/org/jboss/seam/security/external/openid/providers/OpenIdProvider.java

@@ -0,0 +1,14 @@
+package org.jboss.seam.security.external.openid.providers;
+
+/**
+ * Base interface for defining a set of built in Open ID providers
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public interface OpenIdProvider
+{
+   String getCode();
+   String getName();
+   String getUrl();
+}

external/src/main/java/org/jboss/seam/security/external/openid/providers/OpenIdProviderListProducer.java

@@ -0,0 +1,39 @@
+package org.jboss.seam.security.external.openid.providers;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.enterprise.context.ApplicationScoped;
+import javax.enterprise.inject.Instance;
+import javax.enterprise.inject.Produces;
+import javax.inject.Inject;
+import javax.inject.Named;
+
+/**
+ * A producer that returns a list of open id providers, useful for building 
+ * web interfaces
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public @ApplicationScoped class OpenIdProviderListProducer
+{
+   @Inject Instance<OpenIdProvider> providerInstances;
+
+   private List<OpenIdProvider> providers;
+
+   @Inject public void init()
+   {
+      providers = new ArrayList<OpenIdProvider>();
+
+      for (OpenIdProvider provider : providerInstances)
+      {
+         providers.add(provider);
+      }
+   }
+
+   @Produces public List<OpenIdProvider> listProviders()
+   {
+      return providers;
+   }
+}

external/src/main/java/org/jboss/seam/security/external/openid/providers/YahooOpenIdProvider.java

@@ -0,0 +1,28 @@
+package org.jboss.seam.security.external.openid.providers;
+
+/**
+ * Open ID provider for Yahoo accounts
+ * 
+ * @author Shane Bryzak
+ *
+ */
+public class YahooOpenIdProvider implements OpenIdProvider
+{
+   public static final String CODE = "yahoo";
+
+   public String getCode()
+   {
+      return CODE;
+   }
+
+   public String getName()
+   {
+      return "Yahoo";
+   }
+
+   public String getUrl()
+   {
+      return "https://me.yahoo.com";
+   }
+
+}

impl/src/main/java/org/jboss/seam/security/CredentialsImpl.java

@@ -3,12 +3,14 @@
 import java.io.Serializable;
 
 import javax.enterprise.context.SessionScoped;
+import javax.enterprise.event.Observes;
 import javax.enterprise.inject.spi.BeanManager;
 import javax.inject.Inject;
 import javax.inject.Named;
 
 import org.jboss.seam.security.events.CredentialsInitializedEvent;
 import org.jboss.seam.security.events.CredentialsUpdatedEvent;
+import org.jboss.seam.security.events.LoginFailedEvent;
 import org.picketlink.idm.api.Credential;
 import org.picketlink.idm.impl.api.PasswordCredential;
 
@@ -121,6 +123,11 @@ public void clear()
       initialized = false;
    }
 
+   public void loginFailed(@Observes LoginFailedEvent event)
+   {
+      invalidate();
+   }
+
    @Override
    public String toString()
    {