From 9b21c7748512116f3efc1b132a9dff8dbd3349d0 Mon Sep 17 00:00:00 2001
From: Paulo Gustavo Veiga <pveiga@wisemapping.com>
Date: Sun, 17 Mar 2013 23:17:55 -0300
Subject: [PATCH] Finish OpenId implementation.

---
 config/database/mysql/3.0beta1-to-v3.0GA.sql  |  0
 ...ionSchema.java => AuthenticationType.java} | 16 ++++++----
 .../main/java/com/wisemapping/model/User.java | 31 +++++++++++++------
 .../com/wisemapping/rest/AdminController.java |  4 +--
 .../security/UserDetailsService.java          |  9 ++++--
 .../ldap/LdapUserDetailsContextMapper.java    |  4 +--
 .../wisemapping/service/UserServiceImpl.java  |  5 ++-
 .../wisemapping/webmvc/LoginController.java   |  4 +--
 .../wisemapping/webmvc/UsersController.java   |  4 +--
 .../wisemapping/model/Collaborator.hbm.xml    |  3 +-
 .../src/main/resources/messages_en.properties |  3 +-
 .../main/webapp/WEB-INF/defs/definitions.xml  |  2 +-
 .../webapp/WEB-INF/wisemapping-security.xml   |  7 ++++-
 wise-webapp/src/main/webapp/jsp/login.jsp     |  4 +++
 .../src/main/webapp/jsp/loginOpenId.jsp       | 19 ++++++++++--
 wise-webapp/src/main/webapp/jsp/template.jsp  | 12 -------
 16 files changed, 80 insertions(+), 47 deletions(-)
 delete mode 100644 config/database/mysql/3.0beta1-to-v3.0GA.sql
 rename wise-webapp/src/main/java/com/wisemapping/model/{AuthenticationSchema.java => AuthenticationType.java} (59%)

diff --git a/config/database/mysql/3.0beta1-to-v3.0GA.sql b/config/database/mysql/3.0beta1-to-v3.0GA.sql
deleted file mode 100644
index e69de29b..00000000
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/AuthenticationSchema.java b/wise-webapp/src/main/java/com/wisemapping/model/AuthenticationType.java
similarity index 59%
rename from wise-webapp/src/main/java/com/wisemapping/model/AuthenticationSchema.java
rename to wise-webapp/src/main/java/com/wisemapping/model/AuthenticationType.java
index 71272be0..f0bf0ace 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/AuthenticationSchema.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/AuthenticationType.java
@@ -1,12 +1,15 @@
 package com.wisemapping.model;
 
-public enum AuthenticationSchema {
+
+import org.jetbrains.annotations.NotNull;
+
+public enum AuthenticationType {
     DATABASE('D'),
     LDAP('L'),
     OPENID('O');
     private final char schemaCode;
 
-    AuthenticationSchema(char schemaCode) {
+    AuthenticationType(char schemaCode) {
         this.schemaCode = schemaCode;
     }
 
@@ -14,10 +17,11 @@ public enum AuthenticationSchema {
         return schemaCode;
     }
 
-    public static AuthenticationSchema valueOf(char code) {
-        AuthenticationSchema result = null;
-        AuthenticationSchema[] values = AuthenticationSchema.values();
-        for (AuthenticationSchema value : values) {
+    @NotNull
+    public static AuthenticationType valueOf(char code) {
+        AuthenticationType result = null;
+        AuthenticationType[] values = AuthenticationType.values();
+        for (AuthenticationType value : values) {
             if (value.getCode() == code) {
                 result = value;
                 break;
diff --git a/wise-webapp/src/main/java/com/wisemapping/model/User.java b/wise-webapp/src/main/java/com/wisemapping/model/User.java
index dbc29c2e..4e34dd71 100644
--- a/wise-webapp/src/main/java/com/wisemapping/model/User.java
+++ b/wise-webapp/src/main/java/com/wisemapping/model/User.java
@@ -38,7 +38,10 @@ public class User
     private Set<String> tags = new HashSet<String>();
     private boolean allowSendEmail = false;
     private String locale;
-    private AuthenticationSchema authenticationSchema;
+    private AuthenticationType authenticationType;
+
+
+    private String authenticatorUri;
 
     public User() {
     }
@@ -116,24 +119,32 @@ public class User
         this.locale = locale;
     }
 
-    public char getAutheticationCode() {
-        return this.authenticationSchema != null ? this.authenticationSchema.getCode() : null;
+    public char getAutheticationTypeCode() {
+        return this.authenticationType != null ? this.authenticationType.getCode() : null;
     }
 
-    public void setAutheticationCode(char code) {
-        this.authenticationSchema = AuthenticationSchema.valueOf(code);
+    public void setAutheticationTypeCode(char code) {
+        this.authenticationType = AuthenticationType.valueOf(code);
     }
 
-    public AuthenticationSchema getAuthenticationSchema() {
-        return authenticationSchema;
+    public AuthenticationType getAuthenticationType() {
+        return authenticationType;
     }
 
-    public void setAuthenticationSchema(@NotNull AuthenticationSchema authenticationSchema) {
-        this.authenticationSchema = authenticationSchema;
+    public void setAuthenticationType(@NotNull AuthenticationType authenticationType) {
+        this.authenticationType = authenticationType;
     }
 
     public boolean isDatabaseSchema(){
-        return this.authenticationSchema==AuthenticationSchema.DATABASE;
+        return this.authenticationType == AuthenticationType.DATABASE;
+    }
+
+    public String getAuthenticatorUri() {
+        return authenticatorUri;
+    }
+
+    public void setAuthenticatorUri(String authenticatorUri) {
+        this.authenticatorUri = authenticatorUri;
     }
 
 
diff --git a/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java b/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
index 581e0eee..f17ec5ff 100644
--- a/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/rest/AdminController.java
@@ -19,7 +19,7 @@
 package com.wisemapping.rest;
 
 import com.wisemapping.exceptions.WiseMappingException;
-import com.wisemapping.model.AuthenticationSchema;
+import com.wisemapping.model.AuthenticationType;
 import com.wisemapping.model.User;
 import com.wisemapping.rest.model.RestUser;
 import com.wisemapping.service.UserService;
@@ -85,7 +85,7 @@ public class AdminController extends BaseController {
         }
 
         // Finally create the user ...
-        delegated.setAuthenticationSchema(AuthenticationSchema.DATABASE);
+        delegated.setAuthenticationType(AuthenticationType.DATABASE);
         userService.createUser(delegated, false, true);
         response.setHeader("Location", "/service/admin/users/" + user.getId());
     }
diff --git a/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java b/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
index 56bcf226..0b76d215 100644
--- a/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
+++ b/wise-webapp/src/main/java/com/wisemapping/security/UserDetailsService.java
@@ -20,7 +20,7 @@ package com.wisemapping.security;
 
 
 import com.wisemapping.exceptions.WiseMappingException;
-import com.wisemapping.model.AuthenticationSchema;
+import com.wisemapping.model.AuthenticationType;
 import com.wisemapping.model.User;
 import com.wisemapping.service.UserService;
 import org.jetbrains.annotations.NotNull;
@@ -60,10 +60,15 @@ public class UserDetailsService
 
         final User result;
         if (dbUser != null) {
+            if (!token.getIdentityUrl().equals(dbUser.getAuthenticatorUri())) {
+                throw new IllegalStateException("Identity url for this user can not change:" + token.getIdentityUrl());
+            }
             result = dbUser;
         } else {
             try {
-                tUser.setAuthenticationSchema(AuthenticationSchema.OPENID);
+                tUser.setAuthenticationType(AuthenticationType.OPENID);
+                tUser.setAuthenticatorUri(token.getIdentityUrl());
+
                 result = userService.createUser(tUser, false, false);
             } catch (WiseMappingException e) {
                 throw new IllegalStateException(e);
diff --git a/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java b/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java
index 15c6eb30..3bea2f97 100644
--- a/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java
+++ b/wise-webapp/src/main/java/com/wisemapping/security/ldap/LdapUserDetailsContextMapper.java
@@ -2,7 +2,7 @@ package com.wisemapping.security.ldap;
 
 
 import com.wisemapping.exceptions.WiseMappingException;
-import com.wisemapping.model.AuthenticationSchema;
+import com.wisemapping.model.AuthenticationType;
 import com.wisemapping.model.User;
 import com.wisemapping.security.UserDetails;
 import com.wisemapping.service.UserService;
@@ -65,7 +65,7 @@ public class LdapUserDetailsContextMapper implements UserDetailsContextMapper {
             user.setActivationDate(now);
 
             try {
-                user.setAuthenticationSchema(AuthenticationSchema.LDAP);
+                user.setAuthenticationType(AuthenticationType.LDAP);
                 user = userService.createUser(user, false, false);
             } catch (WiseMappingException e) {
                 throw new IllegalStateException(e);
diff --git a/wise-webapp/src/main/java/com/wisemapping/service/UserServiceImpl.java b/wise-webapp/src/main/java/com/wisemapping/service/UserServiceImpl.java
index 67a9c620..19b09651 100755
--- a/wise-webapp/src/main/java/com/wisemapping/service/UserServiceImpl.java
+++ b/wise-webapp/src/main/java/com/wisemapping/service/UserServiceImpl.java
@@ -19,7 +19,6 @@
 package com.wisemapping.service;
 
 import com.wisemapping.dao.UserManager;
-import com.wisemapping.exceptions.ClientException;
 import com.wisemapping.exceptions.WiseMappingException;
 import com.wisemapping.mail.NotificationService;
 import com.wisemapping.model.*;
@@ -61,8 +60,8 @@ public class UserServiceImpl
         final User user = userManager.getUserBy(email);
         if (user != null) {
 
-            if (user.getAuthenticationSchema() != AuthenticationSchema.DATABASE) {
-                throw new InvalidAuthSchemaException("Could not change password for " + user.getAuthenticationSchema().getCode());
+            if (user.getAuthenticationType() != AuthenticationType.DATABASE) {
+                throw new InvalidAuthSchemaException("Could not change password for " + user.getAuthenticationType().getCode());
             }
 
             // Generate a random password ...
diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java
index 42dd77ee..81ef2f9b 100644
--- a/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/LoginController.java
@@ -45,14 +45,14 @@ public class LoginController {
         return result;
     }
 
-    @RequestMapping(value = "loginOpenId", method = RequestMethod.GET)
+    @RequestMapping(value = "loginopenid", method = RequestMethod.GET)
     protected ModelAndView showLoginOpenIdPage() {
         final User user = Utils.getUser(false);
         ModelAndView result;
         if (user != null) {
             result = new ModelAndView("forward:/c/maps/");
         } else {
-            result = new ModelAndView("loginOpenId");
+            result = new ModelAndView("loginopenid");
         }
         return result;
     }
diff --git a/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java b/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java
index c394a978..7673a3a3 100644
--- a/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java
+++ b/wise-webapp/src/main/java/com/wisemapping/webmvc/UsersController.java
@@ -19,7 +19,7 @@
 package com.wisemapping.webmvc;
 
 
-import com.wisemapping.model.AuthenticationSchema;
+import com.wisemapping.model.AuthenticationType;
 import com.wisemapping.service.InvalidAuthSchemaException;
 import com.wisemapping.validator.Messages;
 import com.wisemapping.exceptions.WiseMappingException;
@@ -111,7 +111,7 @@ public class UsersController {
             user.setPassword(userBean.getPassword());
 
             boolean confirmRegistrationByEmail = false;
-            user.setAuthenticationSchema(AuthenticationSchema.DATABASE);
+            user.setAuthenticationType(AuthenticationType.DATABASE);
             userService.createUser(user, confirmRegistrationByEmail,true);
 
             // Forward to the success view ...
diff --git a/wise-webapp/src/main/resources/com/wisemapping/model/Collaborator.hbm.xml b/wise-webapp/src/main/resources/com/wisemapping/model/Collaborator.hbm.xml
index 581fc36a..21ecb517 100755
--- a/wise-webapp/src/main/resources/com/wisemapping/model/Collaborator.hbm.xml
+++ b/wise-webapp/src/main/resources/com/wisemapping/model/Collaborator.hbm.xml
@@ -27,7 +27,8 @@
             <property name="activationDate" column="activation_date"/>
             <property name="activationCode" column="activation_code"/>
             <property name="allowSendEmail" column="allow_send_email"/>
-            <property name="autheticationCode" column="auth_schema"/>
+            <property name="autheticationTypeCode" column="authentication_type"/>
+            <property name="authenticatorUri" column="authenticator_uri"/>
 
             <property name="locale"/>
             <set name="tags" table="TAG">
diff --git a/wise-webapp/src/main/resources/messages_en.properties b/wise-webapp/src/main/resources/messages_en.properties
index da269271..9dbaedbf 100644
--- a/wise-webapp/src/main/resources/messages_en.properties
+++ b/wise-webapp/src/main/resources/messages_en.properties
@@ -246,7 +246,8 @@ LICENSE=License
 WELCOME_TO_WISEMAPPING=Welcome to WiseMapping
 WELCOME_DETAILS=WiseMapping will enable you to create and read your mind maps everywhere. With WiseMapping you can: <ul><li>Embed mind map it in web pages and blogs</li><li>Link mind map and documents</li><li>Share your maps with friend and colleagues</li><li>Export your maps SVG,PNG,JPG and FreeMind</li></ul>.
 OPEN_ID_LOGIN=Open Id Login
-LOGING_OPENID_DETAILS=Why OpenID? It's a single username and password that allows you to log in to any OpenID-enabled site. It works on thousands of websites.ItŐs an open standard. Do you already have an account on one of these sites? Click the logo to <b>log in</b> with it here:
+LOGING_OPENID_DETAILS=Do you already have an account on one of these sites?. Click the logo to log in with it here:
+WHY_OPENID=<b>Why OpenID ?</b></br> It's a single username and password that allows you to log in to any OpenID-enabled site. It works on thousands of websites.</br>It's an open standard. </br><a href="http://openid.net/what/">learn more</a>
 DIRECT_LINK_EXPLANATION=Copy and paste the link below to share your map with colleagues
 TEMPORAL_PASSWORD_SENT=Your temporal password has been sent
 TEMPORAL_PASSWORD_SENT_DETAILS=We've sent you an email that will allow you to reset your password. Please check your email now.
diff --git a/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml b/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml
index 0d373a47..a12cb311 100644
--- a/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml
+++ b/wise-webapp/src/main/webapp/WEB-INF/defs/definitions.xml
@@ -75,7 +75,7 @@
         <put-attribute name="removeSignin" value="true"/>
     </definition>
 
-    <definition name="loginOpenId" extends="pageTemplate">
+    <definition name="loginopenid" extends="pageTemplate">
         <put-attribute name="title" value="LOGIN"/>
         <put-attribute name="body" value="/jsp/loginOpenId.jsp"/>
         <put-attribute name="removeSignin" value="true"/>
diff --git a/wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml b/wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml
index 1c6bf9eb..9ffe53e5 100644
--- a/wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml
+++ b/wise-webapp/src/main/webapp/WEB-INF/wisemapping-security.xml
@@ -15,7 +15,7 @@
     <sec:http pattern="/favicon.ico" security="none"/>
 
     <sec:http pattern="/c/login" security="none"/>
-    <sec:http pattern="/c/loginOpenId" security="none"/>
+    <sec:http pattern="/c/loginopenid" security="none"/>
     <sec:http pattern="/c/user/registration" security="none"/>
     <sec:http pattern="/c/user/resetpassword" security="none"/>
     <sec:http pattern="/c/home" security="none"/>
@@ -66,6 +66,11 @@
                 <sec:openid-attribute name="fullname" type="http://axschema.org/namePerson" required="true"/>
             </sec:attribute-exchange>
 
+            <sec:attribute-exchange identifier-match=".*yahoo.com.*">
+                <sec:openid-attribute name="email" type="http://axschema.org/contact/email" required="true"/>
+                <sec:openid-attribute name="fullname" type="http://axschema.org/namePerson" required="true"/>
+            </sec:attribute-exchange>
+
             <sec:attribute-exchange identifier-match=".*myopenid.com.*">
                 <sec:openid-attribute name="email" type="http://schema.openid.net/contact/email" required="true"/>
                 <sec:openid-attribute name="fullname" type="http://schema.openid.net/namePerson" required="true"/>
diff --git a/wise-webapp/src/main/webapp/jsp/login.jsp b/wise-webapp/src/main/webapp/jsp/login.jsp
index a6e6d0a5..cf9bc22f 100644
--- a/wise-webapp/src/main/webapp/jsp/login.jsp
+++ b/wise-webapp/src/main/webapp/jsp/login.jsp
@@ -75,6 +75,10 @@
                 <spring:message code="JOIN_NOW"/>
             </a>
         </c:if>
+        <p>
+        Do you already have an account on <b>GMail, Yahoo, AOL or other OpenId site</b> ?. Sign in in with it <a href="/c/loginopenid"><b>here</b></a>.
+
+        </p>
     </div>
 </div>
 
diff --git a/wise-webapp/src/main/webapp/jsp/loginOpenId.jsp b/wise-webapp/src/main/webapp/jsp/loginOpenId.jsp
index 9101c335..47fdb7b9 100644
--- a/wise-webapp/src/main/webapp/jsp/loginOpenId.jsp
+++ b/wise-webapp/src/main/webapp/jsp/loginOpenId.jsp
@@ -2,6 +2,17 @@
 <%@ include file="/jsp/init.jsp" %>
 
 <%--@elvariable id="isHsql" type="boolean"--%>
+<!-- Simple OpenID Selector -->
+<link type="text/css" rel="stylesheet" href="css/openid.css"/>
+<script type="text/javascript" language="javascript" src="js/jquery-1.7.2.min.js"></script>
+<script type="text/javascript" language="javascript" src="js/openid-jquery.js"></script>
+<script type="text/javascript" language="javascript" src="js/openid-en.js"></script>
+<!-- /Simple OpenID Selector -->
+<script type="text/javascript">
+    $(document).ready(function() {
+        openid.init('openid_identifier');
+    });
+</script>
 
 <script type="text/javascript" src="js/jquery-1.7.2.min.js"></script>
 <script type="text/javascript" language="javascript">
@@ -11,7 +22,7 @@
         });
     });
 </script>
-<div class="row-fluid">
+<div class="row-fluid" style="padding: 10px 0px">
     <h1><spring:message code="OPEN_ID_LOGIN"/></h1>
     <spring:message code="LOGING_OPENID_DETAILS"/>
 </div>
@@ -38,4 +49,8 @@
         </form>
         <!-- /Simple OpenID Selector -->
     </div>
-</div>
\ No newline at end of file
+    <div class="span4" style="background-color: #FFEFC6;padding: 10px">
+        <spring:message code="WHY_OPENID"/>
+     </div>
+</div>
+
diff --git a/wise-webapp/src/main/webapp/jsp/template.jsp b/wise-webapp/src/main/webapp/jsp/template.jsp
index a6d6e565..f16fe268 100644
--- a/wise-webapp/src/main/webapp/jsp/template.jsp
+++ b/wise-webapp/src/main/webapp/jsp/template.jsp
@@ -42,18 +42,6 @@
 
     <script type="text/javascript" language="javascript" src="bootstrap/js/bootstrap.js"></script>
     <script src="js/less.js" type="text/javascript"></script>
-
-    <!-- Simple OpenID Selector -->
-    <link type="text/css" rel="stylesheet" href="css/openid.css"/>
-    <script type="text/javascript" language="javascript" src="js/jquery-1.7.2.min.js"></script>
-    <script type="text/javascript" language="javascript" src="js/openid-jquery.js"></script>
-    <script type="text/javascript" language="javascript" src="js/openid-en.js"></script>
-    <!-- /Simple OpenID Selector -->
-    <script type="text/javascript">
-        $(document).ready(function() {
-            openid.init('openid_identifier');
-        });
-    </script>
 </head>
 <body>