Improving the way webapp requests are authenticated

10 years ago · c8affcf836
parent 1bbaac168b
commit c8affcf836
3 changed files with 17 additions and 10 deletions
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java
@ -28,7 +28,7 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthent

 public class WebappAuthenticatorFactory {

-    public static WebappAuthenticator getAuthenticator(Request request) {
+    public static WebappAuthenticator getAuthenticator(String authScheme) {
        return new OAuthAuthenticator();
    }

--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java
@ -29,11 +29,14 @@ import javax.servlet.http.HttpServletResponse;

 public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve {

+    private static final String AUTHENTICATION_SCHEME = "AuthenticationScheme";
    private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class);

    @Override
    public void invoke(Request request, Response response, CompositeValve compositeValve) {
-        WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request);
+        String authScheme =
+                request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME);
+        WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme);
        WebappAuthenticator.Status status = authenticator.authenticate(request, response);
        this.processResponse(request, response, compositeValve, status);
    }
--- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
+++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java
@ -49,8 +49,12 @@ public class OAuthAuthenticator implements WebappAuthenticator {

    @Override
    public Status authenticate(Request request, Response response) {
-        StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/");
+        String requestUri = request.getRequestURI();
+        if (requestUri == null || "".equals(requestUri)) {
+            return Status.CONTINUE;
+        }

+        StringTokenizer tokenizer = new StringTokenizer(requestUri, "/");
        String context = request.getContextPath();
        if (context == null || "".equals(context)) {
            context = tokenizer.nextToken();
@ -59,13 +63,13 @@ public class OAuthAuthenticator implements WebappAuthenticator {
            }
        }

-        boolean isContextCached = false;
-        if (APIUtil.getAPIContextCache().get(context) != null) {
-            isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString());
-        }
-        if (!isContextCached) {
-            return Status.CONTINUE;
-        }
+//        boolean isContextCached = false;
+//        if (APIUtil.getAPIContextCache().get(context) != null) {
+//            isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString());
+//        }
+//        if (!isContextCached) {
+//            return Status.CONTINUE;
+//        }

        try {
            String apiVersion = tokenizer.nextToken();