2 * ================================================================================
4 * ================================================================================
5 * Copyright (C) 2017 AT&T Intellectual Property
6 * ================================================================================
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
18 * ================================================================================
20 package org.openecomp.portalapp.authentication;
22 import java.util.HashSet;
24 import javax.servlet.http.HttpServletRequest;
25 import javax.servlet.http.HttpServletResponse;
27 import org.mitre.openid.connect.model.UserInfo;
28 import org.openecomp.portalapp.command.EPLoginBean;
29 import org.openecomp.portalapp.portal.domain.EPUser;
30 import org.openecomp.portalapp.portal.utils.EPSystemProperties;
31 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
32 import org.openecomp.portalapp.util.EPUserUtils;
33 import org.openecomp.portalapp.util.SessionCookieUtil;
34 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
35 import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException;
36 import org.openecomp.portalsdk.core.util.SystemProperties;
37 import org.springframework.util.StringUtils;
38 import org.springframework.web.servlet.ModelAndView;
40 public class OpenIdConnectLoginStrategy extends org.openecomp.portalsdk.core.auth.LoginStrategy implements org.openecomp.portalapp.authentication.LoginStrategy {
42 EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(OpenIdConnectLoginStrategy.class);
44 private static final String GLOBAL_LOCATION_KEY = "Location";
46 @SuppressWarnings("rawtypes")
47 public boolean login(HttpServletRequest request, HttpServletResponse response){
49 logger.info("Attempting Login");
51 //check both authentication cookie and authentication header
52 UserInfo userInfo = (UserInfo) request.getAttribute("userInfo");
54 if (userInfo != null && !StringUtils.isEmpty(userInfo.getPreferredUsername())) {
55 //package the userid in the login form for processing
56 EPLoginBean commandBean = new EPLoginBean();
57 commandBean.setOrgUserId(userInfo.getPreferredUsername());
59 EPUser user = new EPUser();
61 user.setOrgUserId(userInfo.getPreferredUsername());
62 user.setEmail(userInfo.getEmail());
63 user.setFirstName(userInfo.getName());
64 user.setLastName(userInfo.getFamilyName());
66 //store the currently logged in user's information in the session
67 EPUserUtils.setUserSession(request, user, new HashSet(), new HashSet(), SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), null);
69 logger.info(EELFLoggerDelegate.errorLogger, request.getContextPath());
70 SessionCookieUtil.preSetUp(request, response);
73 // in case authentication cookie is missing, send 401 UNAUTHORIZED to client and it will redirect to Logon
76 String authentication = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM);
77 String loginUrl = SystemProperties.getProperty(EPSystemProperties.LOGIN_URL_NO_RET_VAL);
78 logger.info(EELFLoggerDelegate.errorLogger, "Authentication Mechanism: '" + authentication + "'.");
80 if (authentication == null || authentication.equals("") || authentication.trim().equals("OIDC")) {
81 response.sendRedirect("oid-login");
83 logger.info(EELFLoggerDelegate.errorLogger, "No cookies are found, redirecting the request to '" + loginUrl + "'.");
84 response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
85 response.setHeader(GLOBAL_LOCATION_KEY, loginUrl);
87 } catch(Exception e) {
88 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred in preHandle() while redirecting, Details: " + EcompPortalUtils.getStackTrace(e));
95 public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
96 String message = "Method not implmented; Cannot be called";
97 logger.error(EELFLoggerDelegate.errorLogger, message);
98 throw new Exception(message);
102 public String getUserId(HttpServletRequest request) throws PortalAPIException {
103 String message = "Method not implmented; Cannot be called";
104 logger.error(EELFLoggerDelegate.errorLogger, message);
105 throw new PortalAPIException(message);