From c2369cde71ec6c8ef96539d636d2804fd815eb2e Mon Sep 17 00:00:00 2001 From: vigneshan Date: Thu, 6 May 2021 22:42:37 +0530 Subject: [PATCH] Fix session expire issue during sso authorization --- .../interceptor/SsoLoginCallbackHandler.java | 19 +++++++++++++------ .../request/interceptor/SsoLoginHandler.java | 2 +- 2 files changed, 14 insertions(+), 7 deletions(-) diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java index 92bd0e6b70..c437398d20 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginCallbackHandler.java @@ -27,7 +27,6 @@ import io.entgra.ui.request.interceptor.util.HandlerUtil; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.apache.http.HttpHeaders; -import org.apache.http.HttpStatus; import org.apache.http.client.methods.HttpPost; import org.apache.http.entity.ContentType; import org.apache.http.entity.StringEntity; @@ -50,9 +49,7 @@ public class SsoLoginCallbackHandler extends HttpServlet { protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { String code = req.getParameter("code"); HttpSession session = req.getSession(false); - String scope = session.getAttribute("scope").toString(); String iotsCorePort = System.getProperty(HandlerConstants.IOT_CORE_HTTPS_PORT_ENV_VAR); - if (HandlerConstants.HTTP_PROTOCOL.equals(req.getScheme())) { iotsCorePort = System.getProperty(HandlerConstants.IOT_CORE_HTTP_PORT_ENV_VAR); } @@ -62,6 +59,19 @@ public class SsoLoginCallbackHandler extends HttpServlet { String iotsCoreUrl = req.getScheme() + HandlerConstants.SCHEME_SEPARATOR + System.getProperty(HandlerConstants.IOT_CORE_HOST_ENV_VAR) + HandlerConstants.COLON + iotsCorePort; + if (session == null) { + String baseContextPath = req.getContextPath(); + String applicationName = baseContextPath.substring(1, baseContextPath.indexOf("-ui-request-handler")); + if (applicationName.equals("entgra")) { + resp.sendRedirect(iotsCoreUrl + "/endpoint-mgt"); + } else { + resp.sendRedirect(iotsCoreUrl + "/" + applicationName); + } + return; + } + + String scope = session.getAttribute("scope").toString(); + HttpPost tokenEndpoint = new HttpPost(gatewayUrl + HandlerConstants.TOKEN_ENDPOINT); tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + session.getAttribute("encodedClientApp")); tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); @@ -76,11 +86,9 @@ public class SsoLoginCallbackHandler extends HttpServlet { ProxyResponse tokenResultResponse = HandlerUtil.execute(tokenEndpoint); JsonParser jsonParser = new JsonParser(); - JsonElement jTokenResult = jsonParser.parse(tokenResultResponse.getData()); if (jTokenResult.isJsonObject()) { JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject(); - AuthData authData = new AuthData(); authData.setClientId(session.getAttribute("clientId").toString()); authData.setClientSecret(session.getAttribute("clientSecret").toString()); @@ -89,7 +97,6 @@ public class SsoLoginCallbackHandler extends HttpServlet { authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString()); authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString()); session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData); - resp.sendRedirect(session.getAttribute("redirectUrl").toString()); } } diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginHandler.java index 1a5a550571..e23019d2c8 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/SsoLoginHandler.java @@ -88,12 +88,12 @@ public class SsoLoginHandler extends HttpServlet { protected void doGet(HttpServletRequest req, HttpServletResponse resp) { try { httpSession = req.getSession(false); - if (httpSession != null) { httpSession.invalidate(); } httpSession = req.getSession(true); + httpSession.setMaxInactiveInterval(Math.toIntExact(HandlerConstants.TIMEOUT)); initializeAdminCredentials(); baseContextPath = req.getContextPath(); applicationName = baseContextPath.substring(1, baseContextPath.indexOf("-ui-request-handler"));