zervo/seb-server
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixed institutional entrypoint

Browse source
This commit is contained in:
anhefti 2020-02-24 14:46:37 +01:00
parent 26f36d264d
commit 7f41446558
2 changed files with 57 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

64
src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
View file

@ -11,6 +11,7 @@ package ch.ethz.seb.sebserver.gui;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.Reader;
import java.util.List;
import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
@ -25,6 +26,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Lazy;
import org.springframework.core.ParameterizedTypeReference;
import org.springframework.core.io.Resource;
import org.springframework.core.io.ResourceLoader;
import org.springframework.http.HttpEntity;
@ -41,6 +43,7 @@ import org.springframework.web.client.RestTemplate;
import ch.ethz.seb.sebserver.ClientHttpRequestFactoryService;
import ch.ethz.seb.sebserver.gbl.Constants;
import ch.ethz.seb.sebserver.gbl.api.API;
import ch.ethz.seb.sebserver.gbl.model.EntityName;
import ch.ethz.seb.sebserver.gbl.profile.GuiProfile;
import ch.ethz.seb.sebserver.gui.service.remote.webservice.auth.WebserviceURIService;
import ch.ethz.seb.sebserver.gui.widget.ImageUploadSelection;
@ -50,7 +53,7 @@ import ch.ethz.seb.sebserver.gui.widget.ImageUploadSelection;
@GuiProfile
public final class InstitutionalAuthenticationEntryPoint implements AuthenticationEntryPoint {
private static final String INST_SUFFIX_ATTRIBUTE = "instSuffix";
private static final String INST_SUFFIX_ATTRIBUTE = "endpointInstId";
private static final Logger log = LoggerFactory.getLogger(InstitutionalAuthenticationEntryPoint.class);
@ -108,26 +111,57 @@ public final class InstitutionalAuthenticationEntryPoint implements Authenticati
final AuthenticationException authException) throws IOException, ServletException {
final String institutionalEndpoint = extractInstitutionalEndpoint(request);
request.getSession().setAttribute(
INST_SUFFIX_ATTRIBUTE,
StringUtils.isNotBlank(institutionalEndpoint)
? institutionalEndpoint
: null);
if (log.isDebugEnabled()) {
if (StringUtils.isNoneBlank(institutionalEndpoint) && log.isDebugEnabled()) {
log.debug("No default gui entrypoint requested: {}", institutionalEndpoint);
}
final String logoImageBase64 = requestLogoImage(institutionalEndpoint);
if (StringUtils.isNotBlank(logoImageBase64)) {
request.getSession().setAttribute(API.PARAM_LOGO_IMAGE, logoImageBase64);
try {
final RestTemplate restTemplate = new RestTemplate();
final List<EntityName> institutions = restTemplate
.exchange(
this.webserviceURIService.getURIBuilder()
.path(API.INFO_ENDPOINT + API.INFO_INST_ENDPOINT)
.toUriString(),
HttpMethod.GET,
HttpEntity.EMPTY,
new ParameterizedTypeReference<List<EntityName>>() {
},
institutionalEndpoint,
API.INFO_PARAM_INST_SUFFIX,
institutionalEndpoint)
.getBody();
if (!institutions.isEmpty()) {
request.getSession().setAttribute(
INST_SUFFIX_ATTRIBUTE,
StringUtils.isNotBlank(institutionalEndpoint)
? institutionalEndpoint
: null);
if (log.isDebugEnabled()) {
log.debug("Known and active gui entrypoint requested:", institutions);
}
final String logoImageBase64 = requestLogoImage(institutionalEndpoint);
if (StringUtils.isNotBlank(logoImageBase64)) {
request.getSession().setAttribute(API.PARAM_LOGO_IMAGE, logoImageBase64);
}
forwardToEntryPoint(request, response, this.guiEntryPoint);
return;
}
} catch (final Exception e) {
log.error("Failed to extract and set institutional endpoint request: ", e);
forwardToEntryPoint(request, response, this.guiEntryPoint);
} else {
request.getSession().removeAttribute(API.PARAM_LOGO_IMAGE);
response.setStatus(HttpStatus.UNAUTHORIZED.value());
forwardToEntryPoint(request, response, this.guiEntryPoint);
}
request.getSession().setAttribute(INST_SUFFIX_ATTRIBUTE, null);
request.getSession().removeAttribute(API.PARAM_LOGO_IMAGE);
response.setStatus(HttpStatus.UNAUTHORIZED.value());
forwardToEntryPoint(request, response, this.guiEntryPoint);
}
private void forwardToEntryPoint(

16
src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/client/ClientCredentialServiceImpl.java
View file

@ -8,9 +8,9 @@
package ch.ethz.seb.sebserver.webservice.servicelayer.client;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.gbl.util.Cryptor;
import ch.ethz.seb.sebserver.gbl.util.Result;
import java.nio.CharBuffer;
import java.security.SecureRandom;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
@ -19,9 +19,9 @@ import org.springframework.context.annotation.Lazy;
import org.springframework.core.env.Environment;
import org.springframework.stereotype.Service;
import java.io.UnsupportedEncodingException;
import java.nio.CharBuffer;
import java.security.SecureRandom;
import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
import ch.ethz.seb.sebserver.gbl.util.Cryptor;
import ch.ethz.seb.sebserver.gbl.util.Result;
@Lazy
@Service
@ -101,12 +101,12 @@ public class ClientCredentialServiceImpl implements ClientCredentialService {
@Override
public CharSequence encrypt(final CharSequence text) {
return cryptor.encrypt(text);
return this.cryptor.encrypt(text);
}
@Override
public CharSequence decrypt(final CharSequence text) {
return cryptor.decrypt(text);
return this.cryptor.decrypt(text);
}
private final static char[] possibleCharacters =