seb-server/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java

113 lines
4.7 KiB
Java
Raw Normal View History

2019-02-14 16:54:48 +01:00
/*
* Copyright (c) 2019 ETH Zürich, Educational Development and Technology (LET)
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
package ch.ethz.seb.sebserver.gui;
import java.io.IOException;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Lazy;
import org.springframework.http.HttpEntity;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import ch.ethz.seb.sebserver.gbl.api.API;
import ch.ethz.seb.sebserver.gui.service.remote.webservice.auth.WebserviceURIService;
@Lazy
@Component
final class InstitutionalAuthenticationEntryPoint implements AuthenticationEntryPoint {
private static final Logger log = LoggerFactory.getLogger(InstitutionalAuthenticationEntryPoint.class);
private final String guiEntryPoint;
private final String guiRedirect;
private final WebserviceURIService webserviceURIService;
private final ClientHttpRequestFactory clientHttpRequestFactory;
protected InstitutionalAuthenticationEntryPoint(
@Value("${sebserver.gui.entrypoint}") final String guiEntryPoint,
@Value("${sebserver.webservice.api.redirect.unauthorized}") final String guiRedirect,
final WebserviceURIService webserviceURIService,
final ClientHttpRequestFactory clientHttpRequestFactory) {
this.guiEntryPoint = guiEntryPoint;
this.guiRedirect = guiRedirect;
this.webserviceURIService = webserviceURIService;
this.clientHttpRequestFactory = clientHttpRequestFactory;
}
@Override
public void commence(
final HttpServletRequest request,
final HttpServletResponse response,
final AuthenticationException authException) throws IOException, ServletException {
final String requestURI = request.getRequestURI();
log.info("No default gui entrypoint requested: {}", requestURI);
final String logoImageBase64 = requestLogoImage(requestURI);
2019-06-05 13:58:35 +02:00
if (StringUtils.isNotBlank(logoImageBase64)) {
2019-02-14 16:54:48 +01:00
// forward
request.getSession().setAttribute(API.PARAM_LOGO_IMAGE, logoImageBase64);
final RequestDispatcher dispatcher = request.getServletContext()
.getRequestDispatcher(this.guiEntryPoint);
dispatcher.forward(request, response);
// redirect
} else {
request.getSession().removeAttribute(API.PARAM_LOGO_IMAGE);
response.setStatus(HttpStatus.UNAUTHORIZED.value());
response.sendRedirect(this.guiRedirect);
}
}
private String requestLogoImage(final String requestURI) {
log.debug("Trying to verify insitution from requested entrypoint url: {}", requestURI);
try {
final RestTemplate restTemplate = new RestTemplate();
restTemplate.setRequestFactory(this.clientHttpRequestFactory);
final ResponseEntity<String> exchange = restTemplate
.exchange(
this.webserviceURIService.getURIBuilder()
.path(API.INFO_ENDPOINT + API.INSTITUTIONAL_LOGO_PATH)
.toUriString(),
HttpMethod.GET,
HttpEntity.EMPTY,
String.class,
requestURI.replaceAll("/", ""));
if (exchange.getStatusCodeValue() == HttpStatus.OK.value()) {
return exchange.getBody();
} else {
log.error("Failed to verify insitution from requested entrypoint url: {}, response: {}", requestURI,
exchange);
}
} catch (final Exception e) {
log.error("Failed to verify insitution from requested entrypoint url: {}", requestURI, e);
}
return null;
}
}