-
Notifications
You must be signed in to change notification settings - Fork 0
/
AbstractLogon.java
114 lines (98 loc) · 4.64 KB
/
AbstractLogon.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
/*
* Copyright 2011-2019 the original author or authors.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.appng.application.authentication;
import org.apache.commons.lang3.StringUtils;
import org.appng.api.ActionProvider;
import org.appng.api.Environment;
import org.appng.api.FieldProcessor;
import org.appng.api.Options;
import org.appng.api.Scope;
import org.appng.api.model.Application;
import org.appng.api.model.Site;
import org.appng.api.support.environment.EnvironmentKeys;
import org.appng.application.authentication.webform.LoginData;
import org.appng.core.service.CoreService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.http.HttpStatus;
public abstract class AbstractLogon implements ActionProvider<LoginData> {
protected static final Logger LOGGER = LoggerFactory.getLogger(AbstractLogon.class);
public static final String PRE_LOGIN_PATH = "preLoginPath";
protected static final String PARAM_ACTION = "action";
protected static final String PARAM_FORM_ACTION = "form_action";
protected static final String PARAM_PASSWORD = "password";
protected static final String PARAM_HASH = "hash";
protected static final String PARAM_USERNAME = "username";
protected static final String ACTION_FORGOT_PASSWORD = "forgotPassword";
protected static final String ACTION_RESET_PASSWORD = "resetPassword";
protected static final String ACTION_LOGIN = "login";
public CoreService getCoreService(Application application) {
return application.getBean(CoreService.class);
}
protected void processLogonResult(Site site, Application application, Environment env, Options options,
FieldProcessor fp, boolean success, String successPage) {
HttpStatus status = HttpStatus
.valueOf(application.getProperties().getInteger(AuthenticationSettings.LOGIN_FORWARD_STATUS));
processLogonResult(site, application, env, options, fp, success, successPage, status, true);
}
protected void processLogonResult(Site site, Application application, Environment env, Options options,
FieldProcessor fp, boolean success, String successPage, HttpStatus status, boolean doRedirect) {
String executePath = env.getAttributeAsString(Scope.REQUEST, EnvironmentKeys.EXECUTE_PATH);
String defaultPath = env.getAttributeAsString(Scope.REQUEST, EnvironmentKeys.DEFAULT_PATH);
if (StringUtils.isBlank(executePath)) {
executePath = defaultPath;
}
if (success) {
String message = application.getMessage(env.getLocale(), MessageConstants.USER_AUTHENTICATED);
fp.addOkMessage(message);
if (doRedirect) {
String baseUrl = env.getAttributeAsString(Scope.REQUEST, EnvironmentKeys.BASE_URL);
String originalServletPath = env.getAttributeAsString(Scope.REQUEST, EnvironmentKeys.SERVLETPATH);
boolean enableDeeplinks = application.getProperties()
.getBoolean(AuthenticationSettings.ENABLE_DEEPLINKS, Boolean.TRUE);
String targetPage = null;
if (enableDeeplinks && (!executePath.startsWith(originalServletPath))
&& (!originalServletPath.startsWith(executePath))) {
targetPage = env.removeAttribute(Scope.SESSION, PRE_LOGIN_PATH);
log().debug("{} is enabled, using session attribute {} as target: {}",
AuthenticationSettings.ENABLE_DEEPLINKS, PRE_LOGIN_PATH, targetPage);
}
if (null == targetPage) {
targetPage = baseUrl + successPage;
log().debug("target is empty, using {}", targetPage);
}
log().debug("redirecting to {} with status {}", targetPage, status);
site.sendRedirect(env, targetPage, status.value());
} else {
log().debug("no redirect required");
}
} else {
String message = application.getMessage(env.getLocale(), MessageConstants.AUTHENTICATION_ERROR);
fp.addErrorMessage(message);
}
}
protected void processLogonResult(Site site, Application application, Environment env, Options options,
FieldProcessor fp, boolean success) {
String successPage = application.getProperties().getString(AuthenticationSettings.SUCCESS_PAGE);
processLogonResult(site, application, env, options, fp, success, successPage);
}
public boolean isSubjectLoggedIn(Environment env) {
return env.isSubjectAuthenticated();
}
protected Logger log() {
return LOGGER;
}
}