Merge branch 'release/0.6.2'

build.gradle

@@ -109,7 +109,7 @@ apply plugin: 'org.springframework.boot'
 apply plugin: 'propdeps'
 
 group = 'faforever'
-version = '0.6.1'
+version = '0.6.2'
 
 sourceCompatibility = 1.8
 targetCompatibility = 1.8

src/main/java/com/faforever/api/config/elide/ElideConfig.java

@@ -18,6 +18,9 @@
 import com.yahoo.elide.datastores.hibernate5.HibernateStore.Builder;
 import com.yahoo.elide.jsonapi.JsonApiMapper;
 import com.yahoo.elide.security.checks.Check;
+import com.yahoo.elide.utils.coerce.CoerceUtil;
+import org.apache.commons.beanutils.ConvertUtils;
+import org.apache.commons.beanutils.Converter;
 import org.hibernate.SessionFactory;
 import org.springframework.cache.CacheManager;
 import org.springframework.cache.interceptor.AbstractCacheResolver;
@@ -29,6 +32,8 @@
 
 import javax.persistence.EntityManagerFactory;
 import javax.servlet.http.HttpServletRequest;
+import java.time.Instant;
+import java.time.OffsetDateTime;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.concurrent.ConcurrentHashMap;
@@ -42,13 +47,36 @@ public Elide elide(EntityManagerFactory entityManagerFactory, ObjectMapper objec
 
     HibernateStore hibernateStore = new Builder(entityManagerFactory.unwrap(SessionFactory.class)).build();
 
+    registerAdditionalConverters();
+
     return new Elide(new ElideSettingsBuilder(hibernateStore)
-        .withJsonApiMapper(new JsonApiMapper(entityDictionary, objectMapper))
-        .withAuditLogger(new Slf4jLogger())
-        .withEntityDictionary(entityDictionary)
-        .withJoinFilterDialect(rsqlFilterDialect)
-        .withSubqueryFilterDialect(rsqlFilterDialect)
-        .build());
+      .withJsonApiMapper(new JsonApiMapper(entityDictionary, objectMapper))
+      .withAuditLogger(new Slf4jLogger())
+      .withEntityDictionary(entityDictionary)
+      .withJoinFilterDialect(rsqlFilterDialect)
+      .withSubqueryFilterDialect(rsqlFilterDialect)
+      .build());
+  }
+
+  /**
+   * See https://github.com/yahoo/elide/issues/428.
+   */
+  private void registerAdditionalConverters() {
+    CoerceUtil.coerce("", String.class);
+    ConvertUtils.register(new Converter() {
+      @Override
+      @SuppressWarnings("unchecked")
+      public <T> T convert(Class<T> type, Object value) {
+        return (T) OffsetDateTime.parse(String.valueOf(value));
+      }
+    }, OffsetDateTime.class);
+    ConvertUtils.register(new Converter() {
+      @Override
+      @SuppressWarnings("unchecked")
+      public <T> T convert(Class<T> type, Object value) {
+        return (T) Instant.parse(String.valueOf(value));
+      }
+    }, Instant.class);
   }
 
   @Bean
@@ -88,6 +116,6 @@ protected Collection<String> getCacheNames(CacheOperationInvocationContext<?> co
 
   private String getDataApiPath(HttpServletRequest request) {
     return ((String) request.getAttribute(HandlerMapping.PATH_WITHIN_HANDLER_MAPPING_ATTRIBUTE))
-        .replace(DataController.PATH_PREFIX, "");
+      .replace(DataController.PATH_PREFIX, "");
   }
 }

src/main/java/com/faforever/api/config/security/WebSecurityConfig.java

@@ -1,18 +1,24 @@
 package com.faforever.api.config.security;
 
 import com.faforever.api.config.ApplicationProfile;
+import com.google.common.collect.ImmutableMap;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Profile;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.authentication.AuthenticationManager;
+import org.springframework.security.authentication.BadCredentialsException;
+import org.springframework.security.authentication.InternalAuthenticationServiceException;
+import org.springframework.security.authentication.LockedException;
 import org.springframework.security.authentication.encoding.ShaPasswordEncoder;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.security.web.authentication.ExceptionMappingAuthenticationFailureHandler;
 import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.security.web.util.matcher.OrRequestMatcher;
 import org.springframework.security.web.util.matcher.RequestMatcher;
@@ -68,7 +74,9 @@ public boolean matches(HttpServletRequest request) {
       })
       .and().headers()
       .cacheControl().disable()
-      .and().formLogin().loginPage("/login").permitAll()
+      .and().formLogin()
+        .loginPage("/login").permitAll()
+        .failureHandler(authenticationFailureHandler())
       .and().authorizeRequests()
         .antMatchers(HttpMethod.OPTIONS).permitAll()
         .antMatchers("/oauth/**").permitAll()
@@ -90,4 +98,18 @@ public void addCorsMappings(CorsRegistry registry) {
       }
     };
   }
+
+  @Bean
+  public AuthenticationFailureHandler authenticationFailureHandler() {
+    ImmutableMap<Object, String> exceptionMappings = ImmutableMap.<Object, String>builder()
+      .put(InternalAuthenticationServiceException.class.getCanonicalName(), "/login?error=serverError")
+      .put(BadCredentialsException.class.getCanonicalName(), "/login?error=badCredentials")
+      .put(LockedException.class.getCanonicalName(), "/login?error=locked")
+      .build();
+
+    final ExceptionMappingAuthenticationFailureHandler result = new ExceptionMappingAuthenticationFailureHandler();
+    result.setExceptionMappings(exceptionMappings);
+    result.setDefaultFailureUrl("/login?error=unknown");
+    return result;
+  }
 }

src/main/java/com/faforever/api/data/domain/BanInfo.java

@@ -90,7 +90,7 @@ public BanStatus getBanStatus() {
     if (getDuration() == BanDurationType.PERMANENT) {
       return BanStatus.BANNED;
     }
-    return expiresAt.isBefore(OffsetDateTime.now())
+    return expiresAt.isAfter(OffsetDateTime.now())
       ? BanStatus.BANNED
       : BanStatus.EXPIRED;
   }

src/main/resources/templates/login.html

@@ -112,11 +112,15 @@ <h1>Log-in</h1>
 
   <form name="f" th:action="@{/login}" method="post">
     <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}" th:if="${_csrf != null }"/>
-    <div th:if="${param.error}" class="alert alert-error">
-      Invalid username and password.
+    <div th:switch="${param.error[0]}" th:unless="${param.error == null}" class="alert alert-error">
+      <p th:case="'serverError'">A server error occurred. Please contact an administrator.</p>
+      <p th:case="'badCredentials'">Invalid username or password.</p>
+      <p th:case="'locked'">Your account is currently locked. If you are unsure why or for how long, please contact a
+        moderator.</p>
+      <p th:case="'unknown'">Login failed for unknown reason, please contact an administrator.</p>
     </div>
     <div th:if="${param.logout}" class="alert alert-success">
-      You have been logged out.
+      <p>You have been logged out.</p>
     </div>
     <input type="text" id="username" name="username" placeholder="Username"/>
     <input type="password" id="password" name="password" placeholder="Password"/>