Skip to content

Commit

Permalink
Correct handle both JSON and FORM parameters for an autologin request.
Browse files Browse the repository at this point in the history 
A recent spring update, caused our system to switch from form to json, and then back when fixed.
To simplify, we will support both requests
  • Loading branch information
@fhanik @staylor14
fhanik authored and staylor14 committed Oct 4, 2016
1 parent 2c2e441 commit daeea24
Show file tree
Hide file tree
Showing 2 changed files with 50 additions and 18 deletions.
50 changes: 40 additions & 10 deletions .../java/org/cloudfoundry/identity/uaa/authentication/manager/AutologinRequestConverter.java
View file
@@ -1,5 +1,5 @@
/*******************************************************************************
* Cloud Foundry
* Cloud Foundry
* Copyright (c) [2009-2016] Pivotal Software, Inc. All Rights Reserved.
*
* This product is licensed to you under the Apache License, Version 2.0 (the "License").
Expand All @@ -12,39 +12,69 @@
*******************************************************************************/
package org.cloudfoundry.identity.uaa.authentication.manager;

import java.io.IOException;
import java.util.Arrays;

import com.fasterxml.jackson.core.type.TypeReference;
import org.cloudfoundry.identity.uaa.login.AutologinRequest;
import org.cloudfoundry.identity.uaa.util.JsonUtils;
import org.cloudfoundry.identity.uaa.util.LinkedMaskingMultiValueMap;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpInputMessage;
import org.springframework.http.HttpOutputMessage;
import org.springframework.http.MediaType;
import org.springframework.http.converter.AbstractHttpMessageConverter;
import org.springframework.http.converter.FormHttpMessageConverter;
import org.springframework.http.converter.HttpMessageNotReadableException;
import org.springframework.http.converter.HttpMessageNotWritableException;
import org.springframework.http.converter.StringHttpMessageConverter;
import org.springframework.util.MultiValueMap;

import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;

public class AutologinRequestConverter extends AbstractHttpMessageConverter<AutologinRequest> {

private FormHttpMessageConverter converter = new FormHttpMessageConverter();
private FormHttpMessageConverter formConverter = new FormHttpMessageConverter();
private StringHttpMessageConverter stringConverter = new StringHttpMessageConverter();

public AutologinRequestConverter() {
setSupportedMediaTypes(Arrays.asList(MediaType.APPLICATION_FORM_URLENCODED));
setSupportedMediaTypes(Arrays.asList(
MediaType.APPLICATION_FORM_URLENCODED,
MediaType.APPLICATION_JSON)
);
}

@Override
protected boolean supports(Class<?> clazz) {
return AutologinRequest.class.isAssignableFrom(clazz);
}

public boolean isJsonContent(List<String> contentType) {
if (contentType != null) {
for (String s : contentType) {
if (s!=null && s.contains(MediaType.APPLICATION_JSON_VALUE)) {
return true;
}
}
}
return false;
}

@Override
protected AutologinRequest readInternal(Class<? extends AutologinRequest> clazz, HttpInputMessage inputMessage)
throws IOException, HttpMessageNotReadableException {
MultiValueMap<String, String> map = converter.read(null, inputMessage);
String username = map.getFirst("username");
String password = map.getFirst("password");

String username, password;
if (isJsonContent(inputMessage.getHeaders().get(HttpHeaders.CONTENT_TYPE))) {
Map<String, String> map = JsonUtils.readValue(stringConverter.read(String.class, inputMessage),
new TypeReference<Map<String, String>>() {});
username = map.get("username");
password = map.get("password");
} else {
MultiValueMap<String, String> map = formConverter.read(null, inputMessage);
username = map.getFirst("username");
password = map.getFirst("password");
}
AutologinRequest result = new AutologinRequest();
result.setUsername(username);
result.setPassword(password);
Expand All @@ -61,6 +91,6 @@ protected void writeInternal(AutologinRequest t, HttpOutputMessage outputMessage
if (t.getPassword() != null) {
map.set("password", t.getPassword());
}
converter.write(map, MediaType.APPLICATION_FORM_URLENCODED, outputMessage);
formConverter.write(map, MediaType.APPLICATION_FORM_URLENCODED, outputMessage);
}
}
18 changes: 10 additions & 8 deletions uaa/src/test/java/org/cloudfoundry/identity/uaa/integration/feature/AutologinIT.java
View file
Expand Up @@ -73,9 +73,14 @@ public class AutologinIT {

private UaaTestAccounts testAccounts = UaaTestAccounts.standard(null);

LinkedMultiValueMap<String, String> map = new LinkedMultiValueMap<>();


@Before
@After
public void logout_and_clear_cookies() {
map.add("username", testAccounts.getUserName());
map.add("password", testAccounts.getPassword());
try {
webDriver.get(baseUrl + "/logout.do");
}catch (org.openqa.selenium.TimeoutException x) {
Expand All @@ -88,24 +93,21 @@ public void logout_and_clear_cookies() {

@Test
public void testAutologinFlow_FORM() throws Exception {
testAutologinFlow(MediaType.APPLICATION_FORM_URLENCODED_VALUE);
testAutologinFlow(MediaType.APPLICATION_FORM_URLENCODED_VALUE, map);
}
public void testAutologinFlow_JSON() throws Exception {
testAutologinFlow(MediaType.APPLICATION_JSON_VALUE);
testAutologinFlow(MediaType.APPLICATION_JSON_VALUE, map.toSingleValueMap());
}
public void testAutologinFlow(String contentType) throws Exception {
public void testAutologinFlow(String contentType, Map body) throws Exception {
webDriver.get(baseUrl + "/logout.do");

HttpHeaders headers = getAppBasicAuthHttpHeaders();
headers.add(HttpHeaders.CONTENT_TYPE, contentType);

MultiValueMap<String,String> requestBody = new LinkedMultiValueMap<>();
requestBody.add("username", testAccounts.getUserName());
requestBody.add("password", testAccounts.getPassword());


ResponseEntity<Map> autologinResponseEntity = restOperations.exchange(baseUrl + "/autologin",
HttpMethod.POST,
new HttpEntity<>(requestBody, headers),
new HttpEntity<>(body, headers),
Map.class);
String autologinCode = (String) autologinResponseEntity.getBody().get("code");

Expand Down

0 comments on commit daeea24

Please sign in to comment.