From 8c841dfc2e19aee1d363642d122f12a2aa6b052e Mon Sep 17 00:00:00 2001 From: tcdlpds Date: Mon, 1 Jan 2024 00:27:07 +0530 Subject: [PATCH] Fix login handler --- .../ui/request/interceptor/LoginHandler.java | 99 +++++++++---------- 1 file changed, 49 insertions(+), 50 deletions(-) diff --git a/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java b/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java index 2286d14c0a..6f38a18014 100644 --- a/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java +++ b/components/ui-request-interceptor/io.entgra.device.mgt.core.ui.request.interceptor/src/main/java/io/entgra/device/mgt/core/ui/request/interceptor/LoginHandler.java @@ -19,6 +19,7 @@ package io.entgra.device.mgt.core.ui.request.interceptor; import com.fasterxml.jackson.databind.JsonNode; +import com.fasterxml.jackson.databind.node.ArrayNode; import com.google.gson.*; import io.entgra.device.mgt.core.ui.request.interceptor.beans.AuthData; import io.entgra.device.mgt.core.ui.request.interceptor.beans.ProxyResponse; @@ -30,12 +31,12 @@ import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerConstants; import io.entgra.device.mgt.core.ui.request.interceptor.util.HandlerUtil; import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; -import org.apache.http.HttpHeaders; -import org.apache.http.HttpStatus; -import org.apache.http.client.methods.HttpPost; -import org.apache.http.entity.ContentType; -import org.apache.http.entity.StringEntity; -import org.apache.http.protocol.HTTP; +import org.apache.hc.client5.http.entity.UrlEncodedFormEntity; +import org.apache.hc.core5.http.ClassicHttpRequest; +import org.apache.hc.core5.http.HttpStatus; +import org.apache.hc.core5.http.NameValuePair; +import org.apache.hc.core5.http.io.support.ClassicRequestBuilder; +import org.apache.hc.core5.http.message.BasicNameValuePair; import javax.servlet.annotation.MultipartConfig; import javax.servlet.annotation.WebServlet; @@ -44,7 +45,7 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpSession; import java.io.IOException; -import java.util.Base64; +import java.util.*; @MultipartConfig @WebServlet("/login") @@ -71,8 +72,8 @@ public class LoginHandler extends HttpServlet { JsonNode uiConfigJsonObject = HandlerUtil.getUIConfigAndPersistInSession(uiConfigUrl, gatewayUrl, httpSession, resp); - JsonArray tags = uiConfigJsonObject.get("appRegistration").getAsJsonObject().get("tags").getAsJsonArray(); - JsonArray scopes = uiConfigJsonObject.get("scopes").getAsJsonArray(); + ArrayNode tags = (ArrayNode) uiConfigJsonObject.get("appRegistration").get("tags"); + ArrayNode scopes = (ArrayNode) uiConfigJsonObject.get("scopes"); int sessionTimeOut = Integer.parseInt(String.valueOf(uiConfigJsonObject.get("sessionTimeOut"))); //setting session to expire in 1h @@ -84,12 +85,14 @@ public class LoginHandler extends HttpServlet { OAuthApp oAuthApp = loginCache.getOAuthAppCache(oAuthAppCacheKey); if (oAuthApp == null) { - HttpPost apiRegEndpoint = new HttpPost(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT); - apiRegEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder() - .encodeToString((username + HandlerConstants.COLON + password).getBytes())); - apiRegEndpoint.setHeader(HTTP.CONTENT_TYPE, ContentType.APPLICATION_JSON.toString()); - apiRegEndpoint.setEntity(HandlerUtil.constructAppRegPayload(tags, HandlerConstants.PUBLISHER_APPLICATION_NAME, - username, password, null, null)); + + ClassicHttpRequest apiRegEndpoint = ClassicRequestBuilder.post(gatewayUrl + HandlerConstants.APP_REG_ENDPOINT) + .setEntity(HandlerUtil.constructAppRegPayload(tags, HandlerConstants.PUBLISHER_APPLICATION_NAME, + username, password, null, null)) + .setHeader(org.apache.hc.core5.http.HttpHeaders.CONTENT_TYPE, + org.apache.hc.core5.http.ContentType.APPLICATION_JSON.toString()) + .setHeader(org.apache.hc.core5.http.HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + Base64.getEncoder().encodeToString((username + HandlerConstants.COLON + password).getBytes())) + .build(); ProxyResponse clientAppResponse = HandlerUtil.execute(apiRegEndpoint); @@ -99,15 +102,13 @@ public class LoginHandler extends HttpServlet { } if (clientAppResponse.getCode() == HttpStatus.SC_CREATED) { - JsonParser jsonParser = new JsonParser(); - JsonElement jClientAppResult = jsonParser.parse(clientAppResponse.getData()); + JsonNode jsonNode = clientAppResponse.getData(); String clientId = null; String clientSecret = null; String encodedClientApp = null; - if (jClientAppResult.isJsonObject()) { - JsonObject jClientAppResultAsJsonObject = jClientAppResult.getAsJsonObject(); - clientId = jClientAppResultAsJsonObject.get("client_id").getAsString(); - clientSecret = jClientAppResultAsJsonObject.get("client_secret").getAsString(); + if (jsonNode != null) { + clientId = jsonNode.get("client_id").textValue(); + clientSecret = jsonNode.get("client_secret").textValue(); encodedClientApp = Base64.getEncoder() .encodeToString((clientId + HandlerConstants.COLON + clientSecret).getBytes()); oAuthApp = new OAuthApp( @@ -155,8 +156,7 @@ public class LoginHandler extends HttpServlet { */ private boolean getTokenAndPersistInSession(HttpServletRequest req, HttpServletResponse resp, String clientId, String clientSecret, String encodedClientApp, - JsonArray scopes) throws LoginException { - JsonParser jsonParser = new JsonParser(); + ArrayNode scopes) throws LoginException { try { ProxyResponse tokenResultResponse = getTokenResult(encodedClientApp, scopes); @@ -166,31 +166,26 @@ public class LoginHandler extends HttpServlet { HandlerUtil.handleError(resp, tokenResultResponse); return false; } - String tokenResult = tokenResultResponse.getData(); + JsonNode tokenResult = tokenResultResponse.getData(); if (tokenResult == null) { log.error("Invalid token response is received."); HandlerUtil.handleError(resp, tokenResultResponse); return false; } - JsonElement jTokenResult = jsonParser.parse(tokenResult); - if (jTokenResult.isJsonObject()) { - JsonObject jTokenResultAsJsonObject = jTokenResult.getAsJsonObject(); - HttpSession session = req.getSession(false); - if (session == null) { - return false; - } - AuthData authData = new AuthData(); - authData.setClientId(clientId); - authData.setClientSecret(clientSecret); - authData.setEncodedClientApp(encodedClientApp); - authData.setAccessToken(jTokenResultAsJsonObject.get("access_token").getAsString()); - authData.setRefreshToken(jTokenResultAsJsonObject.get("refresh_token").getAsString()); - authData.setScope(jTokenResultAsJsonObject.get("scope").getAsString()); - session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData); - return true; + HttpSession session = req.getSession(false); + if (session == null) { + return false; } - return false; + AuthData authData = new AuthData(); + authData.setClientId(clientId); + authData.setClientSecret(clientSecret); + authData.setEncodedClientApp(encodedClientApp); + authData.setAccessToken(tokenResult.get("access_token").textValue()); + authData.setRefreshToken(tokenResult.get("refresh_token").textValue()); + authData.setScope(tokenResult.get("scope").textValue()); + session.setAttribute(HandlerConstants.SESSION_AUTH_DATA_KEY, authData); + return true; } catch (IOException e) { throw new LoginException("Error occurred while sending the response into the socket", e); } @@ -228,22 +223,26 @@ public class LoginHandler extends HttpServlet { * @throws IOException IO exception throws if an error occurred when invoking token endpoint */ private ProxyResponse getTokenResult(String encodedClientApp, JsonNode scopes) throws IOException { - HttpPost tokenEndpoint = new HttpPost(gatewayUrl + HandlerConstants.INTERNAL_TOKEN_ENDPOINT); - tokenEndpoint.setHeader(HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp); - tokenEndpoint.setHeader(HttpHeaders.CONTENT_TYPE, ContentType.APPLICATION_FORM_URLENCODED.toString()); String scopeString = HandlerUtil.getScopeString(scopes); - if (scopeString != null) { scopeString = scopeString.trim(); } else { scopeString = "default"; } - StringEntity tokenEPPayload = new StringEntity( - "grant_type=" + HandlerConstants.PASSWORD_GRANT_TYPE + "&username=" + username + "&password=" + - password + "&scope=" + scopeString, - ContentType.APPLICATION_FORM_URLENCODED); - tokenEndpoint.setEntity(tokenEPPayload); + List nameValuePairs = new ArrayList<>(); + nameValuePairs.add(new BasicNameValuePair("grant_type", HandlerConstants.PASSWORD_GRANT_TYPE)); + nameValuePairs.add(new BasicNameValuePair("username", username)); + nameValuePairs.add(new BasicNameValuePair("password", password)); + nameValuePairs.add(new BasicNameValuePair("scope", scopeString)); + + + ClassicHttpRequest tokenEndpoint = ClassicRequestBuilder.post(gatewayUrl + HandlerConstants.INTERNAL_TOKEN_ENDPOINT) + .setEntity(new UrlEncodedFormEntity(nameValuePairs)) + .setHeader(org.apache.hc.core5.http.HttpHeaders.CONTENT_TYPE, + org.apache.hc.core5.http.ContentType.APPLICATION_FORM_URLENCODED.toString()) + .setHeader(org.apache.hc.core5.http.HttpHeaders.AUTHORIZATION, HandlerConstants.BASIC + encodedClientApp) + .build(); return HandlerUtil.execute(tokenEndpoint); } }