From 7f535078ef80a7b7efa3e3325bfccb994fbd00e8 Mon Sep 17 00:00:00 2001 From: "Christopher Lott (cl778h)" Date: Thu, 31 Aug 2017 15:16:38 -0400 Subject: Rename packages to org.onap in 1.4.0-SNAPSHOT 19 - remove openecomp 72 - remediate Sonar scan issues 79 - removed unwanted left menu under Report 90 - apply approved license text Issue: PORTAL-19, PORTAL-72, PORTAL-79, PORTAL-90 Change-Id: I41a0ef5fba623d2242574bd15f2d9fb8029a496c Signed-off-by: Christopher Lott (cl778h) --- .../onap/portalsdk/core/auth/LoginStrategy.java | 158 +++++++++++++++++++++ 1 file changed, 158 insertions(+) create mode 100644 ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/auth/LoginStrategy.java (limited to 'ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/auth') diff --git a/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/auth/LoginStrategy.java b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/auth/LoginStrategy.java new file mode 100644 index 00000000..7fe4f632 --- /dev/null +++ b/ecomp-sdk/epsdk-core/src/main/java/org/onap/portalsdk/core/auth/LoginStrategy.java @@ -0,0 +1,158 @@ +/* + * ============LICENSE_START========================================== + * ONAP Portal SDK + * =================================================================== + * Copyright © 2017 AT&T Intellectual Property. All rights reserved. + * =================================================================== + * + * Unless otherwise specified, all software contained herein is licensed + * under the Apache License, Version 2.0 (the “License”); + * you may not use this software except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * Unless otherwise specified, all documentation contained herein is licensed + * under the Creative Commons License, Attribution 4.0 Intl. (the “License”); + * you may not use this documentation except in compliance with the License. + * You may obtain a copy of the License at + * + * https://creativecommons.org/licenses/by/4.0/ + * + * Unless required by applicable law or agreed to in writing, documentation + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * ============LICENSE_END============================================ + * + * ECOMP is a trademark and service mark of AT&T Intellectual Property. + */ +package org.onap.portalsdk.core.auth; + +import java.util.HashMap; +import java.util.List; +import java.util.Map; + +import javax.servlet.http.Cookie; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.onap.portalsdk.core.command.LoginBean; +import org.onap.portalsdk.core.domain.RoleFunction; +import org.onap.portalsdk.core.menu.MenuProperties; +import org.onap.portalsdk.core.onboarding.exception.PortalAPIException; +import org.onap.portalsdk.core.onboarding.listener.PortalTimeoutHandler; +import org.onap.portalsdk.core.service.LoginService; +import org.onap.portalsdk.core.service.RoleService; +import org.onap.portalsdk.core.util.SystemProperties; +import org.onap.portalsdk.core.web.support.AppUtils; +import org.onap.portalsdk.core.web.support.UserUtils; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.web.servlet.ModelAndView; +import org.springframework.web.util.WebUtils; + +public abstract class LoginStrategy { + + public static final String DEFAULT_SUCCESS_VIEW = "welcome"; + public static final String DEFAULT_FAILURE_VIEW = "login"; + private static final String JSESSIONID = "JSESSIONID"; + + public static final String EP_SERVICE = "EPService"; + public static final String USER_ID = "UserId"; + public static final String ERROR_MESSAGE_KEY = "error"; + + @Autowired + private LoginService loginService; + + @Autowired + RoleService roleService; + + public abstract ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception; + + public abstract String getUserId(HttpServletRequest request) throws PortalAPIException; + + public ModelAndView doExternalLogin(HttpServletRequest request, HttpServletResponse response) throws Exception { + + invalidateExistingSession(request); + + Map model = new HashMap(); + LoginBean commandBean = new LoginBean(); + String loginId = request.getParameter("loginId"); + String password = request.getParameter("password"); + commandBean.setLoginId(loginId); + commandBean.setLoginPwd(password); + HashMap additionalParamsMap = new HashMap(); + + // Get the client device type and pass it into LoginService for audit + // logging. + /** + * ClientDeviceType clientDevice = (ClientDeviceType)request.getAttribut + * (SystemProperties.getProperty(SystemProperties.CLIENT_DEVICE_ATTRIBUTE_NAME)); + * additionalParamsMap.put(Parameters.PARAM_CLIENT_DEVICE, + * clientDevice); + **/ + commandBean = loginService.findUser(commandBean, + (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), additionalParamsMap); + List roleFunctionList= roleService.getRoleFunctions(loginId); + + + + if (commandBean.getUser() == null) { + String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage() + : "login.error.external.invalid"; + model.put("error", loginErrorMessage); + + String[] errorCodes = new String[1]; + errorCodes[0] = loginErrorMessage; + + return new ModelAndView("login_external", "model", model); + + } else { + // store the currently logged in user's information in the session + UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), + commandBean.getBusinessDirectMenu(), + SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); + initateSessionMgtHandler(request); + + // user has been authenticated, now take them to the welcome page + // return new ModelAndView("redirect:/profile_search"); + return new ModelAndView("redirect:welcome.htm"); + + } + } + + protected void invalidateExistingSession(HttpServletRequest request){ + request.getSession().invalidate(); + } + + protected String getJessionId(HttpServletRequest request) { + Cookie ep = WebUtils.getCookie(request, JSESSIONID); + if (ep == null) { + return request.getSession().getId(); + } + return ep.getValue(); + + } + + protected void initateSessionMgtHandler(HttpServletRequest request) { + String jSessionId = getJessionId(request); + PortalTimeoutHandler.sessionCreated(jSessionId, jSessionId, AppUtils.getSession(request)); + } + + public LoginService getLoginService() { + return loginService; + } + + public void setLoginService(LoginService loginService) { + this.loginService = loginService; + } + +} -- cgit 1.2.3-korg