iimprovements for post authentication

gui/admin-gui/src/main/java/com/evolveum/midpoint/gui/api/util/WebModelServiceUtils.java

@@ -770,4 +770,27 @@ public static String translateMessage(OperationResult result, ModelServiceLocato
 
 		return service.translate(result.getUserFriendlyMessage(), locale);
 	}
+
+	public static boolean isPostAuthenticationEnabled(TaskManager taskManager, ModelInteractionService modelInteractionService) {
+		MidPointPrincipal midpointPrincipal = SecurityUtils.getPrincipalUser();
+    	if (midpointPrincipal != null) {
+    		UserType user = midpointPrincipal.getUser();
+    		String OPERATION_LOAD_FLOW_POLICY = WebModelServiceUtils.class.getName() + ".loadFlowPolicy";
+    		Task task = taskManager.createTaskInstance(OPERATION_LOAD_FLOW_POLICY);
+    		OperationResult parentResult = new OperationResult(OPERATION_LOAD_FLOW_POLICY);
+    		RegistrationsPolicyType registrationPolicyType = null;
+			try {
+				registrationPolicyType = modelInteractionService.getFlowPolicy(user.asPrismObject(), task, parentResult);
+				SelfRegistrationPolicyType postAuthenticationPolicy = registrationPolicyType.getPostAuthentication();
+	    		String requiredLifecycleState = postAuthenticationPolicy.getRequiredLifecycleState();
+	    		if (StringUtils.isNotBlank(requiredLifecycleState) && requiredLifecycleState.equals(user.getLifecycleState())) {
+	    			return true; 
+
+	    		}
+			} catch (ObjectNotFoundException | SchemaException e) {
+				LoggingUtils.logException(LOGGER, "Cannot determine post authentication policies", e);
+			}
+    	}
+    	return false;
+	}
 }

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageAbstractFlow.java

@@ -66,6 +66,8 @@ public abstract class PageAbstractFlow extends PageRegistrationBase {
 
 	private static final String PARAM_USER_OID = "user";
 
+	protected PageParameters pageParameters;
+
 	public abstract void initalizeModel();
 	public abstract IModel<UserType> getUserModel();
 	public abstract boolean isCustomFormDefined();
@@ -75,11 +77,16 @@ public abstract class PageAbstractFlow extends PageRegistrationBase {
 	protected abstract boolean isBackButtonVisible();
 	protected abstract ObjectReferenceType getCustomFormRef();
 
-	public PageAbstractFlow() {
+	public PageAbstractFlow(PageParameters pageParameters) {
+		this.pageParameters = pageParameters;
 		initalizeModel();
 		initLayout();
 	}
-
+//	
+//	public PageAbstractFlow() {
+//		this(null);
+//	}
+//	
 	private void initLayout() {
 
 

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageSelfRegistration.html

@@ -89,7 +89,6 @@ <h3 wicket:id="welcome"/>
 			    </wicket:fragment>
 			    <wicket:fragment wicket:id="dynamicContent">
 			          <div wicket:id="dynamicForm">
-                        <div wicket:id="registrationForm"></div>
                     </div>
 					<div class="col-md-offset-6">
                         <div wicket:id="captcha"/>

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/login/PageSelfRegistration.java

@@ -95,22 +95,17 @@ public class PageSelfRegistration extends PageAbstractFlow {
 	private static final String ID_TOOLTIP = "tooltip";
 	private static final String ID_FEEDBACK = "feedback";
 	private static final String ID_REGISTRATION_SUBMITED = "registrationInfo";
-	private static final String ID_CAPTCHA = "captcha";
 
 	private static final String ID_STATIC_FORM = "staticForm";
-	private static final String ID_DYNAMIC_FORM = "dynamicForm";
-	private static final String ID_DYNAMIC_FORM_PANEL = "registrationForm";
+
 
 	private static final String PARAM_USER_OID = "user";
 
 
 	private IModel<UserType> userModel;
 
-	private PageParameters pageParameters;
-
 	public PageSelfRegistration(PageParameters pageParameters) {
-		this.pageParameters = pageParameters;
-		initalizeModel();
+		super(pageParameters);
 	}
 
 	private String getOidFromParams(PageParameters pageParameters) {
@@ -304,30 +299,13 @@ public boolean isVisible() {
 
 	@Override
 	protected WebMarkupContainer initDynamicLayout() {
-//		final Form<?> mainForm = new Form<>(ID_MAIN_FORM);
-		WebMarkupContainer dynamicRegistrationForm = createMarkupContainer(ID_DYNAMIC_FORM, getMainForm());
-//				new VisibleEnableBehaviour() {
-//
-//					private static final long serialVersionUID = 1L;
-//
-//					@Override
-//					public boolean isVisible() {
-//						return isCustomFormDefined();
-//					}
-//				}, mainForm);
-//
-
 		DynamicFormPanel<UserType> dynamicForm = runPrivileged(
 				() -> {
 					Task task = createAnonymousTask(OPERATION_LOAD_DYNAMIC_FORM);
 					return createDynamicPanel(getMainForm(), task);
 				});
 
-		if (dynamicForm != null) {
-			dynamicRegistrationForm.add(dynamicForm);
-		}
-
-		return dynamicRegistrationForm;
+		return dynamicForm;
 	}
 
 	private WebMarkupContainer createMarkupContainer(String id, Form<?> mainForm) {
@@ -432,7 +410,7 @@ private ObjectDelta<UserType> prepareUserDelta(Task task, OperationResult result
 		} else {
 			LOGGER.trace("Preparing user MODIFY delta (preregistered user registration)");
 			ObjectDelta<UserType> delta = null;
-			if (getSelfRegistrationConfiguration().getFormRef() == null) {
+			if (!isCustomFormDefined()) {
 				delta = ObjectDelta.createEmptyModifyDelta(UserType.class,
 						getOidFromParams(getPageParameters()), getPrismContext());
 				if (getSelfRegistrationConfiguration().getInitialLifecycleState() != null) {
@@ -460,8 +438,8 @@ private UserType prepareUserToSave(Task task, OperationResult result) throws Exp
 		UserType userType = getUserModel().getObject();
 		UserType userToSave = userType.clone();
 
-		if (selfRegistrationConfiguration.getFormRef() == null) {
-			userType.clone();
+		if (!isCustomFormDefined()) {
+			applyPassword(userToSave);
 			if (selfRegistrationConfiguration.getRequiredLifecycleState() != null) {
 				String userLifecycle = userToSave.getLifecycleState();
 				if (!selfRegistrationConfiguration.getRequiredLifecycleState().equals(userLifecycle)) {
@@ -477,7 +455,7 @@ private UserType prepareUserToSave(Task task, OperationResult result) throws Exp
 									.getString());
 					throw new RestartResponseException(this);
 				}
-
+				
 			}
 		} else {
 
@@ -490,7 +468,7 @@ private UserType prepareUserToSave(Task task, OperationResult result) throws Exp
 		}
 
 		// CredentialsType credentials =
-		createCredentials(userToSave, selfRegistrationConfiguration.getNoncePolicy(), task, result);
+		applyNonce(userToSave, selfRegistrationConfiguration.getNoncePolicy(), task, result);
 		// userToSave.setCredentials(credentials);
 		if (selfRegistrationConfiguration.getInitialLifecycleState() != null) {
 			LOGGER.trace("Setting initial lifecycle state of registered user to {}",
@@ -508,33 +486,53 @@ private UserType prepareUserToSave(Task task, OperationResult result) throws Exp
 
 	}
 
-	private void createCredentials(UserType user, NonceCredentialsPolicyType noncePolicy, Task task,
-			OperationResult result) throws ExpressionEvaluationException, SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
-		NonceType nonceType = createNonce(noncePolicy, task, result);
-
-		// PasswordType password = createPassword();
-
-		CredentialsType credentials = user.getCredentials();
-		if (user.getCredentials() == null) {
-			credentials = new CredentialsType();
-			user.setCredentials(credentials);
-		}
-
-		credentials.setNonce(nonceType);
-		// credentials.setPassword(password);
-		// return credentials;
-
-	}
+//	private void createCredentials(UserType user, NonceCredentialsPolicyType noncePolicy, Task task,
+//			OperationResult result) throws ExpressionEvaluationException, SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
+//		NonceType nonceType = createNonce(noncePolicy, task, result);
+//
+////		 PasswordType password = createPassword();
+//
+//		CredentialsType credentials = user.getCredentials();
+//		if (user.getCredentials() == null) {
+//			credentials = new CredentialsType();
+//			user.setCredentials(credentials);
+//		}
+//
+//		credentials.setNonce(nonceType);
+////		 credentials.setPassword(password);
+//		// return credentials;
+//
+//	}
 
 	private NonceType createNonce(NonceCredentialsPolicyType noncePolicy, Task task, OperationResult result) throws ExpressionEvaluationException, SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
 		ProtectedStringType nonceCredentials = new ProtectedStringType();
 		nonceCredentials.setClearValue(generateNonce(noncePolicy, null, task, result));
 
 		NonceType nonceType = new NonceType();
 		nonceType.setValue(nonceCredentials);
+
+
 		return nonceType;
 	}
 
+	private void applyPassword(UserType user) {
+		getCredentials(user).setPassword(createPassword());
+	}
+
+	private void applyNonce(UserType user, NonceCredentialsPolicyType noncePolicy, Task task, OperationResult result) throws ExpressionEvaluationException, SchemaException, ObjectNotFoundException, CommunicationException, ConfigurationException, SecurityViolationException {
+		getCredentials(user).setNonce(createNonce(noncePolicy, task, result));
+	}
+
+	private CredentialsType getCredentials(UserType user) {
+		CredentialsType credentials = user.getCredentials();
+		if (user.getCredentials() == null) {
+			credentials = new CredentialsType();
+			user.setCredentials(credentials);
+		}
+
+		return credentials;
+	}
+
 	private PasswordType createPassword() {
 		PasswordType password = new PasswordType();
 		ProtectedStringType protectedString = new ProtectedStringType();

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/page/self/PagePostAuthentication.java

@@ -23,6 +23,7 @@
 import org.apache.wicket.markup.html.WebMarkupContainer;
 import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.Model;
+import org.apache.wicket.request.mapper.parameter.PageParameters;
 import org.apache.wicket.request.resource.PackageResourceReference;
 
 import com.evolveum.midpoint.gui.api.model.LoadableModel;
@@ -76,6 +77,11 @@ public class PagePostAuthentication extends PageAbstractFlow {
 	private IModel<UserType> userModel;
 	private ObjectWrapper<UserType> objectWrapper;
 
+	public PagePostAuthentication(PageParameters pageParameters) {
+		super(pageParameters);
+		// TODO Auto-generated constructor stub
+	}
+
 	@Override
 	public void initalizeModel() {
 		userModel = new LoadableModel<UserType>() {

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointApplication.java

@@ -207,6 +207,10 @@ public class MidPointApplication extends AuthenticatedWebApplication {
 
     @Override
     public Class<? extends PageBase> getHomePage() {
+    	if (WebModelServiceUtils.isPostAuthenticationEnabled(getTaskManager(), getModelInteractionService())) {
+    		return PagePostAuthentication.class;
+    	}
+
     	if (WebComponentUtil.isAuthorized(AuthorizationConstants.AUTZ_UI_DASHBOARD_URL,
                 AuthorizationConstants.AUTZ_UI_HOME_ALL_URL)) {
             return PageDashboard.class;

gui/admin-gui/src/main/java/com/evolveum/midpoint/web/security/MidPointAuthenticationSuccessHandler.java

@@ -28,6 +28,7 @@
 import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
 import org.springframework.security.web.util.UrlUtils;
 
+import com.evolveum.midpoint.gui.api.util.WebModelServiceUtils;
 import com.evolveum.midpoint.model.api.ModelInteractionService;
 import com.evolveum.midpoint.schema.result.OperationResult;
 import com.evolveum.midpoint.security.api.MidPointPrincipal;
@@ -45,7 +46,6 @@
 public class MidPointAuthenticationSuccessHandler extends SavedRequestAwareAuthenticationSuccessHandler {
 
     private String defaultTargetUrl;
-    private static final String OPERATION_LOAD_FLOW_POLICY = MidPointApplication.class.getName() + ".loadFlowPolicy";
 
     @Autowired private ModelInteractionService modelInteractionService;
     @Autowired private TaskManager taskManager;
@@ -54,31 +54,14 @@ public class MidPointAuthenticationSuccessHandler extends SavedRequestAwareAuthe
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)
     		throws ServletException, IOException {
 
-
-    	MidPointPrincipal midpointPrincipal = SecurityUtils.getPrincipalUser();
-    	if (midpointPrincipal != null) {
-    		UserType user = midpointPrincipal.getUser();
-    		Task task = taskManager.createTaskInstance(OPERATION_LOAD_FLOW_POLICY);
-    		OperationResult parentResult = new OperationResult(OPERATION_LOAD_FLOW_POLICY);
-    		RegistrationsPolicyType registrationPolicyType = null;
-			try {
-				registrationPolicyType = modelInteractionService.getFlowPolicy(user.asPrismObject(), task, parentResult);
-				SelfRegistrationPolicyType postAuthenticationPolicy = registrationPolicyType.getPostAuthentication();
-	    		String requiredLifecycleState = postAuthenticationPolicy.getRequiredLifecycleState();
-	    		if (StringUtils.isNotBlank(requiredLifecycleState) && requiredLifecycleState.equals(user.getLifecycleState())) {
-	    			 String requestUrl = request.getRequestURL().toString();
-	    			 if (requestUrl.contains("spring_security_login")) {
-	    				 String target = requestUrl.replace("spring_security_login", "self/postAuthentication");
-	    				 getRedirectStrategy().sendRedirect(request, response, target);
-	    				 return;
-	    			 }
-
-	    		}
-			} catch (ObjectNotFoundException | SchemaException e) {
-//				LoggingUtils.logException(LOGGER, "Cannot determine post authentication policies", e);
-			}
+    	if (WebModelServiceUtils.isPostAuthenticationEnabled(taskManager, modelInteractionService)) {
+    		String requestUrl = request.getRequestURL().toString();
+			 if (requestUrl.contains("spring_security_login")) {
+				 String target = requestUrl.replace("spring_security_login", "self/postAuthentication");
+				 getRedirectStrategy().sendRedirect(request, response, target);
+				 return;
+			 }
     	}
-
     	super.onAuthenticationSuccess(request, response, authentication);
     }