Skip to content

user454322/browserid-verifier

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

132 Commits
doc
doc
 
 
lib
lib
 
 
sample
sample
 
 
.gitignore
.gitignore
 
 
Eclipse_built-in-codestyle.xml
Eclipse_built-in-codestyle.xml
 
 
README.md
README.md
 
 

Repository files navigation

Important:

Thank you for your interest. Mozilla has shut down Persona.org and this project is not longer mainteined. Look into OAuth 2.0 or other alternatives.

BrowserID Verifier

Build Status Maven Central

Java library for the BrowserID protocol.

This is a verification library for Mozilla Persona written in Java. It allows to easily authenticate web application's users by veryfing BrowserID assertions.

The only external dependencies are SLF4J and json.org1.

To use it just write something like:

BrowserIDResponse loginRepsonse = verifier.verify(assertion, AUDIENCE);

Find a simple, yet complete live sample here with its source code.

How to use it

1. Add it as a dependency

Its Maven coordinate is info.modprobe:browserid-verifier:<version>; in a pom file it would look like:

   <dependency>
      <groupId>info.modprobe</groupId>
      <artifactId>browserid-verifier</artifactId>
      <version>0.8.9</version>
    </dependency>

Example

2. Use it

On the server side:

final Verifier verifier = new Verifier();
final BrowserIDResponse personaResponse = verifier.verify(assertion, audience);
final Status status = personaResponse.getStatus();

if (status == Status.OK) {
	/* Authentication with Persona was successful */
	final String email = personaResponse.getEmail();
	log.info("Signing in '{}'", email);
	HttpSession session;
	if ((session = req.getSession(false)) != null) {
		// Prevent session hijacking
		session.invalidate();
	}
	session = req.getSession(true);	
	session.setAttribute("email", email);

} else {
	/* Authentication with Persona failed */
	log.info("Sign in failed: {}", personaResponse.getReason());
}

Complete example

On the client side:

<button type="button" onclick="navigator.id.request();">Sign in - Sign up</button>
<button type="button" onclick="navigator.id.logout();">Sign out</button>
....
	<script src="https://login.persona.org/include.js"></script>

	<script type="text/javascript">
		var currentUser = '${sessionScope.email}';
		if(!currentUser) {
			// If falsy set it to the literal null
			currentUser = null;
		}

		navigator.id.watch({
			loggedInUser : currentUser,
			onlogin : function(assertion) {				
				loginRequest = $.ajax({
					type : 'POST',
					url : 'in',
					data : {
						assertion : assertion
					}
				});
				loginRequest.done(function(res, status, xhr) {
					window.location.reload();
				});
				loginRequest.fail(function(xhr, status, error) {
					navigator.id.logout();
					alert("Login error: " + error);
				});
			},

			onlogout : function() {
				logoutRequest = $.ajax({
					type : 'POST',
					url : 'out'
				});
				logoutRequest.done(function(res, status, xhr) {
					window.location.reload();
				});
				logoutRequest.fail(function(xhr, status, error) {
					alert("Logout error: " + error);
				});
			}

		});
	</script>

Complete example


  1. This implies that the use of the software is restricted for Good.

This project is based in code from https://github.com/mozilla/browserid-cookbook

About

Simple Java BrowserID Verifier

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 2

browserid-verifier-0.8.9 Latest
Oct 20, 2015
+ 1 release

Packages

No packages published

Languages