diff options
| author |   st782s <statta@research.att.com> | 2018-01-30 17:29:36 -0500 |
|---|---|---|
| committer | st782s <statta@research.att.com> | 2018-02-01 15:10:02 -0500 |
| commit | 21a8761f684745bb300e075c7e98ad897ace9eed (patch) | |
| tree | 6d585c3fe39fbb42a314941dbc8646e6ccf188cf /ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java | |
| parent | 3af8af1310d5a27cb58be29505573f0bbdc1717c (diff) | |
Security/ Package Name changes
Issue-ID: PORTAL-174, PORTAL-157, PORTAL-156, PORTAL-148, PORTAL-145,
PORTAL-140, PORTAL-133, PORTAL-121, PORTAL-111, PORTAL-88
Includes security fixes, Role Centralization, replace certain ECOMP
occurrences etc
Change-Id: I3c8b706709c6b92e646e3cbe50c2d660e8a46ef4
Signed-off-by: st782s <statta@research.att.com>
Diffstat (limited to 'ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java')
| -rw-r--r-- | ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java | 123 |
1 files changed, 0 insertions, 123 deletions
diff --git a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java b/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java deleted file mode 100644 index 02cd340a..00000000 --- a/ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java +++ /dev/null @@ -1,123 +0,0 @@ -/*- - * ============LICENSE_START========================================== - * ONAP Portal - * =================================================================== - * Copyright © 2017 AT&T Intellectual Property. All rights reserved. - * =================================================================== - * - * Unless otherwise specified, all software contained herein is licensed - * under the Apache License, Version 2.0 (the “License”); - * you may not use this software except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * Unless otherwise specified, all documentation contained herein is licensed - * under the Creative Commons License, Attribution 4.0 Intl. (the “License”); - * you may not use this documentation except in compliance with the License. - * You may obtain a copy of the License at - * - * https://creativecommons.org/licenses/by/4.0/ - * - * Unless required by applicable law or agreed to in writing, documentation - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * ============LICENSE_END============================================ - * - * ECOMP is a trademark and service mark of AT&T Intellectual Property. - */ -package org.openecomp.portalapp.authentication; - -import java.util.HashSet; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.mitre.openid.connect.model.UserInfo; -import org.openecomp.portalapp.command.EPLoginBean; -import org.openecomp.portalapp.portal.domain.EPUser; -import org.openecomp.portalapp.portal.utils.EPSystemProperties; -import org.openecomp.portalapp.util.EPUserUtils; -import org.openecomp.portalapp.util.SessionCookieUtil; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException; -import org.openecomp.portalsdk.core.util.SystemProperties; -import org.springframework.util.StringUtils; -import org.springframework.web.servlet.ModelAndView; - -public class OpenIdConnectLoginStrategy extends org.openecomp.portalsdk.core.auth.LoginStrategy implements org.openecomp.portalapp.authentication.LoginStrategy { - - private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(OpenIdConnectLoginStrategy.class); - - private static final String GLOBAL_LOCATION_KEY = "Location"; - - @SuppressWarnings("rawtypes") - public boolean login(HttpServletRequest request, HttpServletResponse response){ - - logger.info("Attempting Login"); - - //check both authentication cookie and authentication header - UserInfo userInfo = (UserInfo) request.getAttribute("userInfo"); - - if (userInfo != null && !StringUtils.isEmpty(userInfo.getPreferredUsername())) { - //package the userid in the login form for processing - EPLoginBean commandBean = new EPLoginBean(); - commandBean.setOrgUserId(userInfo.getPreferredUsername()); - - EPUser user = new EPUser(); - - user.setOrgUserId(userInfo.getPreferredUsername()); - user.setEmail(userInfo.getEmail()); - user.setFirstName(userInfo.getName()); - user.setLastName(userInfo.getFamilyName()); - - //store the currently logged in user's information in the session - EPUserUtils.setUserSession(request, user, new HashSet(), new HashSet(), SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM),null); - - logger.info(EELFLoggerDelegate.errorLogger, request.getContextPath()); - SessionCookieUtil.preSetUp(request, response); - return true; - } else { - // in case authentication cookie is missing, send 401 UNAUTHORIZED to client and it will redirect to Logon - try { - String authentication = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM); - String loginUrl = SystemProperties.getProperty(EPSystemProperties.LOGIN_URL_NO_RET_VAL); - logger.info(EELFLoggerDelegate.errorLogger, "Authentication Mechanism: '" + authentication + "'."); - - if (authentication == null || authentication.equals("") || authentication.trim().equals("OIDC")) { - response.sendRedirect("oid-login"); - } else { - logger.info(EELFLoggerDelegate.errorLogger, "No cookies are found, redirecting the request to '" + loginUrl + "'."); - response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY); - response.setHeader(GLOBAL_LOCATION_KEY, loginUrl); - } - } catch(Exception e) { - logger.error(EELFLoggerDelegate.errorLogger, "login failed", e); - } - } - return false; - } - - @Override - public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception { - String message = "Method not implmented; Cannot be called"; - logger.error(EELFLoggerDelegate.errorLogger, message); - throw new Exception(message); - } - - @Override - public String getUserId(HttpServletRequest request) throws PortalAPIException { - String message = "Method not implmented; Cannot be called"; - logger.error(EELFLoggerDelegate.errorLogger, message); - throw new PortalAPIException(message); - } -} |