From c6a96d6682f008bf74af361117ff7e338f28a70a Mon Sep 17 00:00:00 2001 From: Madawa Soysa Date: Tue, 25 Jun 2019 16:04:46 +1000 Subject: [PATCH 1/3] Fix possible NPE when media type is not specified Content type is automatically generated from the Http client hence removing --- .../java/io/entgra/ui/request/interceptor/InvokerHandler.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java index 8acf32b2f6d..0a845ab1a97 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java @@ -205,8 +205,7 @@ public class InvokerHandler extends HttpServlet { entityBuilder.addPart(item.getFieldName(), new InputStreamBody(item.getInputStream(), ContentType.create(item.getContentType()), item.getName())); } else { - entityBuilder.addTextBody(item.getFieldName(), item.getString(), - ContentType.create(item.getContentType())); + entityBuilder.addTextBody(item.getFieldName(), item.getString()); } } proxyRequest.setEntity(entityBuilder.build()); From 5482c12ac5008febc2e39abacf8d625839fff057 Mon Sep 17 00:00:00 2001 From: Madawa Soysa Date: Tue, 25 Jun 2019 16:06:16 +1000 Subject: [PATCH 2/3] Implement logout handler Fixes entgra/product-iots#113 --- .../ui/request/interceptor/LogoutHandler.java | 60 +++++++++++++++++++ .../interceptor/util/HandlerConstants.java | 5 +- 2 files changed, 64 insertions(+), 1 deletion(-) create mode 100644 components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java new file mode 100644 index 00000000000..c76edeabfef --- /dev/null +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LogoutHandler.java @@ -0,0 +1,60 @@ +/* + * Copyright (c) 2019, Entgra (Pvt) Ltd. (http://www.entgra.io) All Rights Reserved. + * + * Entgra (Pvt) Ltd. licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package io.entgra.ui.request.interceptor; + +import io.entgra.ui.request.interceptor.util.HandlerConstants; +import io.entgra.ui.request.interceptor.util.HandlerUtil; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; +import org.apache.http.HttpStatus; +import org.wso2.carbon.device.application.mgt.common.ProxyResponse; + +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import java.io.IOException; + +@WebServlet("/logout") +public class LogoutHandler extends HttpServlet { + private static final Log log = LogFactory.getLog(LogoutHandler.class); + + @Override + protected void doPost(HttpServletRequest req, HttpServletResponse resp) { + String serverUrl = req.getScheme() + HandlerConstants.SCHEME_SEPARATOR + req.getServerName() + + HandlerConstants.COLON + req.getServerPort(); + String platform = req.getParameter(HandlerConstants.PLATFORM); + HttpSession httpSession = req.getSession(false); + if (httpSession != null) { + httpSession.invalidate(); + } else { + log.warn("No active session is available. User may not be logged in. Redirecting to the login page"); + } + + ProxyResponse proxyResponse = new ProxyResponse(); + proxyResponse.setCode(HttpStatus.SC_OK); + proxyResponse.setUrl(serverUrl + HandlerConstants.PATH_SEPARATOR + platform + HandlerConstants.LOGIN_PAGE); + try { + HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); + } catch (IOException e) { + log.error("Error occurred when processing logout request.", e); + } + } +} diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java index f82fbe7677b..d62660824ea 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java @@ -23,9 +23,9 @@ public class HandlerConstants { public static final String APP_REG_ENDPOINT = "/api-application-registration/register"; public static final String UI_CONFIG_ENDPOINT = "/api/application-mgt/v1.0/config/ui-config"; public static final String TOKEN_ENDPOINT = "/oauth2/token"; + public static final String LOGIN_PAGE = "/login"; public static final String BASIC = "Basic "; public static final String BEARER = "Bearer "; - public static final String COLON = ":"; public static final String TAGS_KEY = "tags"; public static final String APP_NAME_KEY = "applicationName"; public static final String SESSION_AUTH_DATA_KEY = "application-mgt"; @@ -38,6 +38,9 @@ public class HandlerConstants { public static final String TOKEN_IS_EXPIRED = "ACCESS_TOKEN_IS_EXPIRED"; public static final String X_PLATFORM_HEADER = "X-Platform"; + public static final String SCHEME_SEPARATOR = "://"; + public static final String COLON = ":"; + public static final String PATH_SEPARATOR = "/"; public static final int INTERNAL_ERROR_CODE = 500; public static final long TIMEOUT = 1200; From 9cf570c46360b8ceed3c02d7039abc31ff7677be Mon Sep 17 00:00:00 2001 From: Madawa Soysa Date: Tue, 25 Jun 2019 16:06:42 +1000 Subject: [PATCH 3/3] Refactor Login Handler --- .../entgra/ui/request/interceptor/LoginHandler.java | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java index f7ed47811ef..8426ef5f500 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/LoginHandler.java @@ -131,7 +131,7 @@ public class LoginHandler extends HttpServlet { clientAppResponse.getData(), scopes)) { ProxyResponse proxyResponse = new ProxyResponse(); proxyResponse.setCode(HttpStatus.SC_OK); - proxyResponse.setUrl(serverUrl + "/" + platform); + proxyResponse.setUrl(serverUrl + HandlerConstants.PATH_SEPARATOR + platform); HandlerUtil.handleSuccess(req, resp, serverUrl, platform, proxyResponse); return; } @@ -163,7 +163,7 @@ public class LoginHandler extends HttpServlet { String clientId = jClientAppResultAsJsonObject.get("client_id").getAsString(); String clientSecret = jClientAppResultAsJsonObject.get("client_secret").getAsString(); String encodedClientApp = Base64.getEncoder() - .encodeToString((clientId + ":" + clientSecret).getBytes()); + .encodeToString((clientId + HandlerConstants.COLON + clientSecret).getBytes()); ProxyResponse tokenResultResponse = getTokenResult(encodedClientApp, scopes); @@ -230,8 +230,9 @@ public class LoginHandler extends HttpServlet { private static void validateLoginRequest(HttpServletRequest req, HttpServletResponse resp) throws LoginException { username = req.getParameter("username"); password = req.getParameter("password"); - platform = req.getParameter("platform"); - serverUrl = req.getScheme() + "://" + req.getServerName() + ":" + req.getServerPort(); + platform = req.getParameter(HandlerConstants.PLATFORM); + serverUrl = req.getScheme() + HandlerConstants.SCHEME_SEPARATOR + req.getServerName() + HandlerConstants.COLON + + req.getServerPort(); uiConfigUrl = serverUrl + HandlerConstants.UI_CONFIG_ENDPOINT; try { @@ -240,7 +241,8 @@ public class LoginHandler extends HttpServlet { throw new LoginException("Invalid login request. Platform parameter is Null."); } if (username == null || password == null) { - resp.sendRedirect(serverUrl + "/" + platform + HandlerConstants.DEFAULT_ERROR_CALLBACK); + resp.sendRedirect(serverUrl + HandlerConstants.PATH_SEPARATOR + platform + + HandlerConstants.DEFAULT_ERROR_CALLBACK); throw new LoginException( " Invalid login request. Username or Password is not received for login request."); }