Saturday, December 13, 2008

OpenID: Simple Registration Extension with Joid

Having trouble implementing simple registration extension on joid?. This simple tutorial explains how to hack your way into getting simple registration extension working without using the API.


Simple registration works by passing parameters specifying the required and optional attributes required by the relying party in the authentication url passed to the provider. Joid does a great job creating the authentication url using the OpenIdFilter.joid().getAuthUrl() funtion. You would need append parameters to the generated authentication url inorder to specify that you would be using simple registration extension. The parameter openid.ns.sreg with the value http://openid.net/extensions/sreg/1.1 specifies that you will be using simple registration extension version 1.1. The two additional parameters that specify the attributes that are required and optional are openid.sreg.required and openid.sreg.optional respectively.

The final url would look something like the below
Joid Generated Authentication URL + "&openid.ns.sreg=http://openid.net/extensions/sreg/1.1&openid.sreg.
required=fullname,email&openid.sreg.optional=gender,nickname"


Once the provider authenticates the request, it will pass the extension parameters back to the relying party as request parameters. Now comes the tricky part. This request will be intercepted by the OpenID filter that you have configured in you web descriptor. This filter does not acquire the extension parameters and does a lot joid specific mumbo jumbo. After this, the user will be redirected resulting in the loss of the extension parameters.


A way around this is to create your own filter class that stores the extension parameters in the session and passes the control to the OpenId filter. Edit your web descriptor so that this filter will be called instead of the OpenId filter. I've created a class called Interceptor (code below) which does just that. Use the parameters in the session to satisfy your business requirements.

public class Interceptor implements Filter {

public void init(FilterConfig filterConfig) throws ServletException
{
call OpenId Filter's init function here ... passing filterconfig
}

public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse,FilterChain filterChain) throws IOException, ServletException
{
store extension parameters here
call OpenId Filter's do Filter function with all the required parameters
}

}


Thanks to restafarian blog for the url trick :-)

Monday, December 1, 2008

Smiley in the Sky

Guess what I found in the sky when I came back home from a hard day's work...







http://www.foxnews.com/story/0,2933,459428,00.html
http://www.news.com.au/heraldsun/gallery/0,22010,5036117-5006020,00.html