From 7f414465582519d9678ce05c909c0abf7567104e Mon Sep 17 00:00:00 2001
From: anhefti <andreas.hefti@let.ethz.ch>
Date: Mon, 24 Feb 2020 14:46:37 +0100
Subject: [PATCH] fixed institutional entrypoint

---
 ...InstitutionalAuthenticationEntryPoint.java | 64 ++++++++++++++-----
 .../client/ClientCredentialServiceImpl.java   | 16 ++---
 2 files changed, 57 insertions(+), 23 deletions(-)

diff --git a/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java b/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
index 91e00694..9d02c350 100644
--- a/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
+++ b/src/main/java/ch/ethz/seb/sebserver/gui/InstitutionalAuthenticationEntryPoint.java
@@ -11,6 +11,7 @@ package ch.ethz.seb.sebserver.gui;
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.io.Reader;
+import java.util.List;
 
 import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletException;
@@ -25,6 +26,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Lazy;
+import org.springframework.core.ParameterizedTypeReference;
 import org.springframework.core.io.Resource;
 import org.springframework.core.io.ResourceLoader;
 import org.springframework.http.HttpEntity;
@@ -41,6 +43,7 @@ import org.springframework.web.client.RestTemplate;
 import ch.ethz.seb.sebserver.ClientHttpRequestFactoryService;
 import ch.ethz.seb.sebserver.gbl.Constants;
 import ch.ethz.seb.sebserver.gbl.api.API;
+import ch.ethz.seb.sebserver.gbl.model.EntityName;
 import ch.ethz.seb.sebserver.gbl.profile.GuiProfile;
 import ch.ethz.seb.sebserver.gui.service.remote.webservice.auth.WebserviceURIService;
 import ch.ethz.seb.sebserver.gui.widget.ImageUploadSelection;
@@ -50,7 +53,7 @@ import ch.ethz.seb.sebserver.gui.widget.ImageUploadSelection;
 @GuiProfile
 public final class InstitutionalAuthenticationEntryPoint implements AuthenticationEntryPoint {
 
-    private static final String INST_SUFFIX_ATTRIBUTE = "instSuffix";
+    private static final String INST_SUFFIX_ATTRIBUTE = "endpointInstId";
 
     private static final Logger log = LoggerFactory.getLogger(InstitutionalAuthenticationEntryPoint.class);
 
@@ -108,26 +111,57 @@ public final class InstitutionalAuthenticationEntryPoint implements Authenticati
             final AuthenticationException authException) throws IOException, ServletException {
 
         final String institutionalEndpoint = extractInstitutionalEndpoint(request);
-        request.getSession().setAttribute(
-                INST_SUFFIX_ATTRIBUTE,
-                StringUtils.isNotBlank(institutionalEndpoint)
-                        ? institutionalEndpoint
-                        : null);
 
-        if (log.isDebugEnabled()) {
+        if (StringUtils.isNoneBlank(institutionalEndpoint) && log.isDebugEnabled()) {
             log.debug("No default gui entrypoint requested: {}", institutionalEndpoint);
         }
 
-        final String logoImageBase64 = requestLogoImage(institutionalEndpoint);
-        if (StringUtils.isNotBlank(logoImageBase64)) {
-            request.getSession().setAttribute(API.PARAM_LOGO_IMAGE, logoImageBase64);
+        try {
+
+            final RestTemplate restTemplate = new RestTemplate();
+            final List<EntityName> institutions = restTemplate
+                    .exchange(
+                            this.webserviceURIService.getURIBuilder()
+                                    .path(API.INFO_ENDPOINT + API.INFO_INST_ENDPOINT)
+                                    .toUriString(),
+                            HttpMethod.GET,
+                            HttpEntity.EMPTY,
+                            new ParameterizedTypeReference<List<EntityName>>() {
+                            },
+                            institutionalEndpoint,
+                            API.INFO_PARAM_INST_SUFFIX,
+                            institutionalEndpoint)
+                    .getBody();
+
+            if (!institutions.isEmpty()) {
+                request.getSession().setAttribute(
+                        INST_SUFFIX_ATTRIBUTE,
+                        StringUtils.isNotBlank(institutionalEndpoint)
+                                ? institutionalEndpoint
+                                : null);
+
+                if (log.isDebugEnabled()) {
+                    log.debug("Known and active gui entrypoint requested:", institutions);
+                }
+
+                final String logoImageBase64 = requestLogoImage(institutionalEndpoint);
+                if (StringUtils.isNotBlank(logoImageBase64)) {
+                    request.getSession().setAttribute(API.PARAM_LOGO_IMAGE, logoImageBase64);
+
+                }
+                forwardToEntryPoint(request, response, this.guiEntryPoint);
+                return;
+            }
+        } catch (final Exception e) {
+            log.error("Failed to extract and set institutional endpoint request: ", e);
 
-            forwardToEntryPoint(request, response, this.guiEntryPoint);
-        } else {
-            request.getSession().removeAttribute(API.PARAM_LOGO_IMAGE);
-            response.setStatus(HttpStatus.UNAUTHORIZED.value());
-            forwardToEntryPoint(request, response, this.guiEntryPoint);
         }
+
+        request.getSession().setAttribute(INST_SUFFIX_ATTRIBUTE, null);
+        request.getSession().removeAttribute(API.PARAM_LOGO_IMAGE);
+        response.setStatus(HttpStatus.UNAUTHORIZED.value());
+        forwardToEntryPoint(request, response, this.guiEntryPoint);
+
     }
 
     private void forwardToEntryPoint(
diff --git a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/client/ClientCredentialServiceImpl.java b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/client/ClientCredentialServiceImpl.java
index dd4b9860..525ab263 100644
--- a/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/client/ClientCredentialServiceImpl.java
+++ b/src/main/java/ch/ethz/seb/sebserver/webservice/servicelayer/client/ClientCredentialServiceImpl.java
@@ -8,9 +8,9 @@
 
 package ch.ethz.seb.sebserver.webservice.servicelayer.client;
 
-import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
-import ch.ethz.seb.sebserver.gbl.util.Cryptor;
-import ch.ethz.seb.sebserver.gbl.util.Result;
+import java.nio.CharBuffer;
+import java.security.SecureRandom;
+
 import org.apache.commons.lang3.RandomStringUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
@@ -19,9 +19,9 @@ import org.springframework.context.annotation.Lazy;
 import org.springframework.core.env.Environment;
 import org.springframework.stereotype.Service;
 
-import java.io.UnsupportedEncodingException;
-import java.nio.CharBuffer;
-import java.security.SecureRandom;
+import ch.ethz.seb.sebserver.gbl.profile.WebServiceProfile;
+import ch.ethz.seb.sebserver.gbl.util.Cryptor;
+import ch.ethz.seb.sebserver.gbl.util.Result;
 
 @Lazy
 @Service
@@ -101,12 +101,12 @@ public class ClientCredentialServiceImpl implements ClientCredentialService {
 
     @Override
     public CharSequence encrypt(final CharSequence text) {
-        return cryptor.encrypt(text);
+        return this.cryptor.encrypt(text);
     }
 
     @Override
     public CharSequence decrypt(final CharSequence text) {
-        return cryptor.decrypt(text);
+        return this.cryptor.decrypt(text);
     }
 
     private final static char[] possibleCharacters =