Fix login handler

add_scope_mdm
tcdlpds 11 months ago
parent 66eac3c744
commit 8c841dfc2e

@ -19,6 +19,7 @@
package io.entgra.device.mgt.core.ui.request.interceptor;
import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.node.ArrayNode;
import com.google.gson.*;
import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData;
import io.entgra.device.mgt.core.ui.request.interceptor.beans.ProxyResponse;
@ -30,12 +31,12 @@ import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerConstants;
import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerUtil;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.apache.http.HttpHeaders;
import org.apache.http.HttpStatus;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.entity.ContentType;
import org.apache.http.entity.StringEntity;
import org.apache.http.protocol.HTTP;
import org.apache.hc.client5.http.entity.UrlEncodedFormEntity;
import org.apache.hc.core5.http.ClassicHttpRequest;
import org.apache.hc.core5.http.HttpStatus;
import org.apache.hc.core5.http.NameValuePair;
import org.apache.hc.core5.http.io.support.ClassicRequestBuilder;
import org.apache.hc.core5.http.message.BasicNameValuePair;
import javax.servlet.annotation.MultipartConfig;
import javax.servlet.annotation.WebServlet;
@ -44,7 +45,7 @@ import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.Base64;
import java.util.*;
@MultipartConfig
@WebServlet("/login")
@ -71,8 +72,8 @@ public class LoginHandler extends HttpServlet {
JsonNode uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession,
resp);
JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray();
JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray();
ArrayNode tags = (ArrayNode) uiConfigJsonObject.get("appRegistration").get("tags");
ArrayNode scopes = (ArrayNode) uiConfigJsonObject.get("scopes");
int sessionTimeOut = Integer.parseInt(String.valueOf(uiConfigJsonObject.get("sessionTimeOut")));
//setting session to expire in 1h
@ -84,12 +85,14 @@ public class LoginHandler extends HttpServlet {
OAuthApp oAuthApp = loginCache.getOAuthAppCache(oAuthAppCacheKey);
if (oAuthApp == null) {
HttpPost apiRegEndpoint = new HttpPost(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT);
apiRegEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder()
.encodeToString((username + HandlerConstants.COLON + password).getBytes()));
apiRegEndpoint.setHeader(HTTP.CONTENT_TYPE, ContentType.APPLICATION_JSON.toString());
apiRegEndpoint.setEntity(HandlerUtil.constructAppRegPayload(tags, HandlerConstants.PUBLISHER_APPLICATION_NAME,
username, password, null, null));
ClassicHttpRequest apiRegEndpoint = ClassicRequestBuilder.post(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT)
.setEntity(HandlerUtil.constructAppRegPayload(tags, HandlerConstants.PUBLISHER_APPLICATION_NAME,
username, password, null, null))
.setHeader(org.apache.hc.core5.http.HttpHeaders.CONTENT_TYPE,
org.apache.hc.core5.http.ContentType.APPLICATION_JSON.toString())
.setHeader(org.apache.hc.core5.http.HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder().encodeToString((username + HandlerConstants.COLON + password).getBytes()))
.build();
ProxyResponse clientAppResponse = HandlerUtil.execute(apiRegEndpoint);
@ -99,15 +102,13 @@ public class LoginHandler extends HttpServlet {
}
if (clientAppResponse.getCode() == HttpStatus.SC_CREATED) {
JsonParser jsonParser = new JsonParser();
JsonElement jClientAppResult = jsonParser.parse(clientAppResponse.getData());
JsonNode jsonNode = clientAppResponse.getData();
String clientId = null;
String clientSecret = null;
String encodedClientApp = null;
if (jClientAppResult.isJsonObject()) {
JsonObject jClientAppResultAsJsonObject = jClientAppResult.getAsJsonObject();
clientId = jClientAppResultAsJsonObject.get("client_id").getAsString();
clientSecret = jClientAppResultAsJsonObject.get("client_secret").getAsString();
if (jsonNode != null) {
clientId = jsonNode.get("client_id").textValue();
clientSecret = jsonNode.get("client_secret").textValue();
encodedClientApp = Base64.getEncoder()
.encodeToString((clientId + HandlerConstants.COLON + clientSecret).getBytes());
oAuthApp = new OAuthApp(
@ -155,8 +156,7 @@ public class LoginHandler extends HttpServlet {
*/
private boolean getTokenAndPersistInSession(HttpServletRequest req, HttpServletResponse resp,
String clientId, String clientSecret, String encodedClientApp,
JsonArray scopes) throws LoginException {
JsonParser jsonParser = new JsonParser();
ArrayNode scopes) throws LoginException {
try {
ProxyResponse tokenResultResponse = getTokenResult(encodedClientApp, scopes);
@ -166,16 +166,13 @@ public class LoginHandler extends HttpServlet {
HandlerUtil.handleError(resp, tokenResultResponse);
return false;
}
String tokenResult = tokenResultResponse.getData();
JsonNode tokenResult = tokenResultResponse.getData();
if (tokenResult == null) {
log.error("Invalid token response is received.");
HandlerUtil.handleError(resp, tokenResultResponse);
return false;
}
JsonElement jTokenResult = jsonParser.parse(tokenResult);
if (jTokenResult.isJsonObject()) {
JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject();
HttpSession session = req.getSession(false);
if (session == null) {
return false;
@ -184,13 +181,11 @@ public class LoginHandler extends HttpServlet {
authData.setClientId(clientId);
authData.setClientSecret(clientSecret);
authData.setEncodedClientApp(encodedClientApp);
authData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString());
authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString());
authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString());
authData.setAccessToken(tokenResult.get("access_token").textValue());
authData.setRefreshToken(tokenResult.get("refresh_token").textValue());
authData.setScope(tokenResult.get("scope").textValue());
session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData);
return true;
}
return false;
} catch (IOException e) {
throw new LoginException("Error occurred while sending the response into the socket", e);
}
@ -228,22 +223,26 @@ public class LoginHandler extends HttpServlet {
* @throws IOException IO exception throws if an error occurred when invoking token endpoint
*/
private ProxyResponse getTokenResult(String encodedClientApp, JsonNode scopes) throws IOException {
HttpPost tokenEndpoint = new HttpPost(gatewayUrl + HandlerConstants.INTERNAL_TOKEN_ENDPOINT);
tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp);
tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString());
String scopeString = HandlerUtil.getScopeString(scopes);
if (scopeString != null) {
scopeString = scopeString.trim();
} else {
scopeString = "default";
}
StringEntity tokenEPPayload = new StringEntity(
"grant_type=" + HandlerConstants.PASSWORD_GRANT_TYPE + "&username=" + username + "&password=" +
password + "&scope=" + scopeString,
ContentType.APPLICATION_FORM_URLENCODED);
tokenEndpoint.setEntity(tokenEPPayload);
List<NameValuePair> nameValuePairs = new ArrayList<>();
nameValuePairs.add(new BasicNameValuePair("grant_type", HandlerConstants.PASSWORD_GRANT_TYPE));
nameValuePairs.add(new BasicNameValuePair("username", username));
nameValuePairs.add(new BasicNameValuePair("password", password));
nameValuePairs.add(new BasicNameValuePair("scope", scopeString));
ClassicHttpRequest tokenEndpoint = ClassicRequestBuilder.post(gatewayUrl + HandlerConstants.INTERNAL_TOKEN_ENDPOINT)
.setEntity(new UrlEncodedFormEntity(nameValuePairs))
.setHeader(org.apache.hc.core5.http.HttpHeaders.CONTENT_TYPE,
org.apache.hc.core5.http.ContentType.APPLICATION_FORM_URLENCODED.toString())
.setHeader(org.apache.hc.core5.http.HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp)
.build();
return HandlerUtil.execute(tokenEndpoint);
}
}

Loading…
Cancel
Save