From 0e4234db97ee3ce48c48a498aeee42ecd98e7233 Mon Sep 17 00:00:00 2001 From: Madawa Soysa Date: Mon, 17 Jun 2019 16:32:55 +1000 Subject: [PATCH] Retrieve session auth data from the header value X-Platform Fixes entgra/product-iots#110 Related to entgra/product-iots#103 --- .../request/interceptor/InvokerHandler.java | 66 +++++++++---------- .../interceptor/util/HandlerConstants.java | 4 +- 2 files changed, 32 insertions(+), 38 deletions(-) diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java index 1dd968ecd5..124f1e5c4c 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/InvokerHandler.java @@ -63,22 +63,11 @@ import static io.entgra.ui.request.interceptor.util.HandlerUtil.execute; public class InvokerHandler extends HttpServlet { private static final Log log = LogFactory.getLog(LoginHandler.class); private static final long serialVersionUID = -6508020875358160165L; -// private static final HeaderGroup nonForwardingHeaders = new HeaderGroup(); private static AuthData authData; private static String apiEndpoint; private static String serverUrl; private static String platform; -// static { -// // Initializing hop-by-hop headers to omit them from forwarding to the backend -// String[] headers = {HttpHeaders.CONNECTION, HttpHeaders.TRANSFER_ENCODING, HttpHeaders.PROXY_AUTHENTICATE, -// HttpHeaders.PROXY_AUTHORIZATION, HttpHeaders.UPGRADE, HttpHeaders.TE, HttpHeaders.TRAILER, -// HandlerConstants.KEEP_ALIVE, HandlerConstants.PUBLIC}; -// for (String header : headers) { -// nonForwardingHeaders.addHeader(new BasicHeader(header, null)); -// } -// } - @Override protected void doPost(HttpServletRequest req, HttpServletResponse resp) { try { @@ -221,6 +210,7 @@ public class InvokerHandler extends HttpServlet { } } } + /*** * * @param req {@link HttpServletRequest} @@ -232,35 +222,32 @@ public class InvokerHandler extends HttpServlet { throws IOException { serverUrl = req.getScheme() + "://" + req.getServerName() + ":" + req.getServerPort(); apiEndpoint = req.getPathInfo(); + String sessionAuthDataKey = req.getHeader(HandlerConstants.X_PLATFORM_HEADER); HttpSession session = req.getSession(false); if (session == null) { log.error("Unauthorized, You are not logged in. Please log in to the portal"); - ProxyResponse proxyResponse = new ProxyResponse(); - proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED); - proxyResponse.setExecutorResponse( - HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED)); - HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + handleError(req, resp, HttpStatus.SC_UNAUTHORIZED); + return false; + } + + if (StringUtils.isEmpty(sessionAuthDataKey)) { + log.error("\"X-Platform\" header is empty in the request. Header is required to obtain the auth data from" + + " session."); + handleError(req, resp, HttpStatus.SC_BAD_REQUEST); return false; } - authData = (AuthData) session.getAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY); + + authData = (AuthData) session.getAttribute(sessionAuthDataKey); platform = (String) session.getAttribute(HandlerConstants.PLATFORM); if (authData == null) { log.error("Unauthorized, Access token not found in the current session"); - ProxyResponse proxyResponse = new ProxyResponse(); - proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED); - proxyResponse.setExecutorResponse( - HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED)); - HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + handleError(req, resp, HttpStatus.SC_UNAUTHORIZED); return false; } if (apiEndpoint == null || req.getMethod() == null) { log.error("Bad Request, Either destination api-endpoint or method is empty"); - ProxyResponse proxyResponse = new ProxyResponse(); - proxyResponse.setCode(HttpStatus.SC_BAD_REQUEST); - proxyResponse.setExecutorResponse( - HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_BAD_REQUEST)); - HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + handleError(req, resp, HttpStatus.SC_BAD_REQUEST); return false; } return true; @@ -307,11 +294,7 @@ public class InvokerHandler extends HttpServlet { HttpSession session = req.getSession(false); if (session == null) { log.error("Couldn't find a session, hence it is required to login and proceed."); - ProxyResponse proxyResponse = new ProxyResponse(); - proxyResponse.setCode(HttpStatus.SC_UNAUTHORIZED); - proxyResponse.setExecutorResponse( - HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_UNAUTHORIZED)); - HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); + handleError(req, resp, HttpStatus.SC_UNAUTHORIZED); return false; } @@ -352,11 +335,24 @@ public class InvokerHandler extends HttpServlet { } log.error("Error Occurred in token renewal process."); + handleError(req, resp, HttpStatus.SC_INTERNAL_SERVER_ERROR); + return false; + } + + /** + * Handle error requests + * + * @param req {@link HttpServletRequest} + * @param resp {@link HttpServletResponse} + * @param errorCode HTTP error status code + * @throws IOException If error occurred when trying to send the error response. + */ + private static void handleError(HttpServletRequest req, HttpServletResponse resp, int errorCode) + throws IOException { ProxyResponse proxyResponse = new ProxyResponse(); - proxyResponse.setCode(HttpStatus.SC_INTERNAL_SERVER_ERROR); + proxyResponse.setCode(errorCode); proxyResponse.setExecutorResponse( - HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(HttpStatus.SC_INTERNAL_SERVER_ERROR)); + HandlerConstants.EXECUTOR_EXCEPTION_PREFIX + HandlerUtil.getStatusKey(errorCode)); HandlerUtil.handleError(req, resp, serverUrl, platform, proxyResponse); - return false; } } diff --git a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java index aa80d7fd66..4a790f18e9 100644 --- a/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java +++ b/components/ui-request-interceptor/io.entgra.ui.request.interceptor/src/main/java/io/entgra/ui/request/interceptor/util/HandlerConstants.java @@ -23,8 +23,7 @@ public class HandlerConstants { public static final String APP_REG_ENDPOINT = "/api-application-registration/register"; public static final String UI_CONFIG_ENDPOINT = "/api/application-mgt/v1.0/config/ui-config"; public static final String TOKEN_ENDPOINT = "/oauth2/token"; - public static final String PUBLIC = "Public"; - public static final String KEEP_ALIVE = "Keep-Alive"; + public static final String X_PLATFORM_HEADER = "X-Platform"; public static final String BASIC = "Basic "; public static final String BEARER = "Bearer "; public static final String COLON = ":"; @@ -33,7 +32,6 @@ public class HandlerConstants { public static final String SESSION_AUTH_DATA_KEY = "application-mgt"; public static final String UI_CONFIG_KEY = "ui-config"; public static final String PLATFORM = "platform"; - public static final String SERVER_HOST = "server-host"; public static final String DEFAULT_ERROR_CALLBACK = "/pages/error/default"; public static final String LOGIN_RESPONSE_KEY = "loginResponse"; public static final String FAILURE_CALLBACK_KEY = "failureCallback";