diff options
author | Christopher Lott (cl778h) <clott@research.att.com> | 2017-08-31 15:16:38 -0400 |
---|---|---|
committer | Christopher Lott (cl778h) <clott@research.att.com> | 2017-08-31 15:42:50 -0400 |
commit | 7f535078ef80a7b7efa3e3325bfccb994fbd00e8 (patch) | |
tree | 66d908df2eb7cf0b048f754eac6b44619255eb8a /ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java | |
parent | 224487bc124df7988442a60d72d4aa106697306b (diff) |
Rename packages to org.onap in 1.4.0-SNAPSHOT
19 - remove openecomp
72 - remediate Sonar scan issues
79 - removed unwanted left menu under Report
90 - apply approved license text
Issue: PORTAL-19, PORTAL-72, PORTAL-79, PORTAL-90
Change-Id: I41a0ef5fba623d2242574bd15f2d9fb8029a496c
Signed-off-by: Christopher Lott (cl778h) <clott@research.att.com>
Diffstat (limited to 'ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java')
-rw-r--r-- | ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java | 230 |
1 files changed, 0 insertions, 230 deletions
diff --git a/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java b/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java deleted file mode 100644 index 766d9eb9..00000000 --- a/ecomp-sdk/epsdk-app-common/src/main/java/org/openecomp/portalapp/controller/core/SingleSignOnController.java +++ /dev/null @@ -1,230 +0,0 @@ -/*- - * ================================================================================ - * ECOMP Portal SDK - * ================================================================================ - * Copyright (C) 2017 AT&T Intellectual Property - * ================================================================================ - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * ================================================================================ - */ -package org.openecomp.portalapp.controller.core; - -import java.net.URLDecoder; -import java.net.URLEncoder; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.Cookie; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpSession; - -import org.openecomp.portalsdk.core.auth.LoginStrategy; -import org.openecomp.portalsdk.core.command.LoginBean; -import org.openecomp.portalsdk.core.controller.UnRestrictedBaseController; -import org.openecomp.portalsdk.core.domain.RoleFunction; -import org.openecomp.portalsdk.core.domain.User; -import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate; -import org.openecomp.portalsdk.core.menu.MenuProperties; -import org.openecomp.portalsdk.core.onboarding.listener.PortalTimeoutHandler; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiConstants; -import org.openecomp.portalsdk.core.onboarding.util.PortalApiProperties; -import org.openecomp.portalsdk.core.service.LoginService; -import org.openecomp.portalsdk.core.service.RoleService; -import org.openecomp.portalsdk.core.util.SystemProperties; -import org.openecomp.portalsdk.core.web.support.AppUtils; -import org.openecomp.portalsdk.core.web.support.UserUtils; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestMethod; -import org.springframework.web.servlet.ModelAndView; -import org.springframework.web.util.WebUtils; - -@Controller -@RequestMapping("/") -public class SingleSignOnController extends UnRestrictedBaseController { - - private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SingleSignOnController.class); - - @Autowired - private LoginService loginService; - - @Autowired - private LoginStrategy loginStrategy; - - private String viewName; - private String welcomeView; - - public String getWelcomeView() { - return welcomeView; - } - - public void setWelcomeView(String welcomeView) { - this.welcomeView = welcomeView; - } - - @Autowired - RoleService roleService; - - /** - * Handles requests directed to the single sign-on page by the session - * timeout interceptor. - * - * @param request - * @return Redirect to an appropriate address - * @throws Exception - */ - @RequestMapping(value = { "/single_signon.htm" }, method = RequestMethod.GET) - public ModelAndView singleSignOnLogin(HttpServletRequest request) throws Exception { - - Map<String, String> model = new HashMap<String, String>(); - HashMap<String, String> additionalParamsMap = new HashMap<String, String>(); - LoginBean commandBean = new LoginBean(); - - // SessionTimeoutInterceptor sets these parameters - String forwardURL = URLDecoder.decode(request.getParameter("forwardURL"), "UTF-8"); - String redirectToPortal = request.getParameter("redirectToPortal"); - - if (isLoginCookieExist(request) && redirectToPortal == null) { - HttpSession session = null; - session = AppUtils.getSession(request); - User user = UserUtils.getUserSession(request); - if (session == null || user == null) { - - final String authMech = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM); - String userId = loginStrategy.getUserId(request); - commandBean.setUserid(userId); - commandBean = getLoginService().findUser(commandBean, - (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), - additionalParamsMap); - List<RoleFunction> roleFunctionList= roleService.getRoleFunctions(userId); - if (commandBean.getUser() == null) { - String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) - ? commandBean.getLoginErrorMessage() - : SystemProperties.MESSAGE_KEY_LOGIN_ERROR_USER_NOT_FOUND; - model.put(LoginStrategy.ERROR_MESSAGE_KEY, SystemProperties.getProperty(loginErrorMessage)); - final String redirectUrl = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REDIRECT_URL) - + "?noUserError=Yes"; - logger.debug(EELFLoggerDelegate.debugLogger, "singleSignOnLogin: user is null, redirect URL is {}", - redirectUrl); - return new ModelAndView("redirect:" + redirectUrl); - } else { - // store the user's information in the session - String loginMethod; - if (null == authMech || "".equals(authMech) || "BOTH".equals(authMech)) { - loginMethod = SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_CSP); - } else if ("CSP".equals(authMech)) { - loginMethod = SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_CSP); - } else { - loginMethod = SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_WEB_JUNCTION); - } - UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), - commandBean.getBusinessDirectMenu(), loginMethod, roleFunctionList); - initateSessionMgtHandler(request); - logger.debug(EELFLoggerDelegate.debugLogger, - "singleSignOnLogin: create new user session for expired user {}; user {} exists in the system", - userId, commandBean.getUser().getOrgUserId()); - return new ModelAndView("redirect:" + forwardURL); - } - } // user is null or session is null - else { - // both user and session are non-null. - logger.info(EELFLoggerDelegate.debugLogger, "singleSignOnLogin: redirecting to the forwardURL {}", - forwardURL); - return new ModelAndView("redirect:" + forwardURL); - } - - } else { - /* - * Login cookie not found, or redirect-to-portal parameter was - * found. - * - * Redirect the user to the portal with a suitable return URL. The - * forwardURL parameter that arrives as a parameter is a partial - * (not absolute) request path for a page in the application. The - * challenge here is to compute the correct absolute path for the - * original request so the portal can redirect the user back to the - * right place. If the application sits behind WebJunction, or if - * separate FE-BE hosts are used, then the URL yielded by the - * request has a host name that is not reachable by the user. - */ - String returnToAppUrl = null; - if (SystemProperties.containsProperty(SystemProperties.APP_BASE_URL)) { - // New feature as of 1610, release 3.3.3: - // application can publish a base URL in system.properties - String appUrl = SystemProperties.getProperty(SystemProperties.APP_BASE_URL); - returnToAppUrl = appUrl + (appUrl.endsWith("/") ? "" : "/") + forwardURL; - logger.debug(EELFLoggerDelegate.debugLogger, - "singleSignOnLogin: using app base URL {} and redirectURL {}", appUrl, returnToAppUrl); - } else { - // Be backward compatible with applications that don't need this - // feature. - // This is the controller for the single_signon.htm page, so the - // replace - // should always find the specified token. - returnToAppUrl = ((HttpServletRequest) request).getRequestURL().toString().replace("single_signon.htm", - forwardURL); - logger.debug(EELFLoggerDelegate.debugLogger, "singleSignOnLogin: computed redirectURL {}", - returnToAppUrl); - } - final String encodedReturnToAppUrl = URLEncoder.encode(returnToAppUrl, "UTF-8"); - // Also send the application's UEB key so Portal can block URL - // reflection attacks. - final String uebAppKey = PortalApiProperties.getProperty(PortalApiConstants.UEB_APP_KEY); - final String url = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REDIRECT_URL); - final String portalUrl = url.substring(0, url.lastIndexOf('/')) + "/process_csp"; - final String redirectUrl = portalUrl + "?uebAppKey=" + uebAppKey + "&redirectUrl=" + encodedReturnToAppUrl; - logger.debug(EELFLoggerDelegate.debugLogger, "singleSignOnLogin: portal-bound redirect URL is {}", - redirectUrl); - return new ModelAndView("redirect:" + redirectUrl); - } - } - - protected void initateSessionMgtHandler(HttpServletRequest request) { - String portalJSessionId = getPortalJSessionId(request); - String jSessionId = getJessionId(request); - PortalTimeoutHandler.sessionCreated(portalJSessionId, jSessionId, AppUtils.getSession(request)); - } - - public boolean isLoginCookieExist(HttpServletRequest request) { - Cookie ep = WebUtils.getCookie(request, LoginStrategy.EP_SERVICE); - return (ep != null); - } - - public String getPortalJSessionId(HttpServletRequest request) { - Cookie ep = WebUtils.getCookie(request, LoginStrategy.EP_SERVICE); - return ep.getValue(); - } - - public String getJessionId(HttpServletRequest request) { - return request.getSession().getId(); - } - - public String getViewName() { - return viewName; - } - - public void setViewName(String viewName) { - this.viewName = viewName; - } - - public LoginService getLoginService() { - return loginService; - } - - public void setLoginService(LoginService loginService) { - this.loginService = loginService; - } - -} |