From c8affcf8362a92297a30765e069be5f59e200841 Mon Sep 17 00:00:00 2001 From: prabathabey Date: Thu, 21 May 2015 15:19:33 +0530 Subject: [PATCH] Improving the way webapp requests are authenticated --- .../framework/WebappAuthenticatorFactory.java | 2 +- .../WebappAuthenticatorFrameworkValve.java | 5 ++++- .../authenticator/OAuthAuthenticator.java | 20 +++++++++++-------- 3 files changed, 17 insertions(+), 10 deletions(-) diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java index 02dcf44813..aade936742 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFactory.java @@ -28,7 +28,7 @@ import org.wso2.carbon.webapp.authenticator.framework.authenticator.OAuthAuthent public class WebappAuthenticatorFactory { - public static WebappAuthenticator getAuthenticator(Request request) { + public static WebappAuthenticator getAuthenticator(String authScheme) { return new OAuthAuthenticator(); } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java index 66982112bd..44af9195a9 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/WebappAuthenticatorFrameworkValve.java @@ -29,11 +29,14 @@ import javax.servlet.http.HttpServletResponse; public class WebappAuthenticatorFrameworkValve extends CarbonTomcatValve { + private static final String AUTHENTICATION_SCHEME = "AuthenticationScheme"; private static final Log log = LogFactory.getLog(WebappAuthenticatorFrameworkValve.class); @Override public void invoke(Request request, Response response, CompositeValve compositeValve) { - WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(request); + String authScheme = + request.getContext().findParameter(WebappAuthenticatorFrameworkValve.AUTHENTICATION_SCHEME); + WebappAuthenticator authenticator = WebappAuthenticatorFactory.getAuthenticator(authScheme); WebappAuthenticator.Status status = authenticator.authenticate(request, response); this.processResponse(request, response, compositeValve, status); } diff --git a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java index 6fc8177478..e3fe120c3b 100644 --- a/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java +++ b/components/webapp-authenticator-framework/org.wso2.carbon.webapp.authenticator.framework/src/main/java/org/wso2/carbon/webapp/authenticator/framework/authenticator/OAuthAuthenticator.java @@ -49,8 +49,12 @@ public class OAuthAuthenticator implements WebappAuthenticator { @Override public Status authenticate(Request request, Response response) { - StringTokenizer tokenizer = new StringTokenizer(request.getRequestURI(), "/"); + String requestUri = request.getRequestURI(); + if (requestUri == null || "".equals(requestUri)) { + return Status.CONTINUE; + } + StringTokenizer tokenizer = new StringTokenizer(requestUri, "/"); String context = request.getContextPath(); if (context == null || "".equals(context)) { context = tokenizer.nextToken(); @@ -59,13 +63,13 @@ public class OAuthAuthenticator implements WebappAuthenticator { } } - boolean isContextCached = false; - if (APIUtil.getAPIContextCache().get(context) != null) { - isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString()); - } - if (!isContextCached) { - return Status.CONTINUE; - } +// boolean isContextCached = false; +// if (APIUtil.getAPIContextCache().get(context) != null) { +// isContextCached = Boolean.parseBoolean(APIUtil.getAPIContextCache().get(context).toString()); +// } +// if (!isContextCached) { +// return Status.CONTINUE; +// } try { String apiVersion = tokenizer.nextToken();