ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/OpenIdConnectLoginStrategy.java

   1 /*-
   2  * ================================================================================
   3  * ECOMP Portal
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ================================================================================
  19  */
  20 package org.openecomp.portalapp.authentication;
  21
  22 import java.util.HashSet;
  23
  24 import javax.servlet.http.HttpServletRequest;
  25 import javax.servlet.http.HttpServletResponse;
  26
  27 import org.mitre.openid.connect.model.UserInfo;
  28 import org.openecomp.portalapp.command.EPLoginBean;
  29 import org.openecomp.portalapp.portal.domain.EPUser;
  30 import org.openecomp.portalapp.portal.utils.EPSystemProperties;
  31 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
  32 import org.openecomp.portalapp.util.EPUserUtils;
  33 import org.openecomp.portalapp.util.SessionCookieUtil;
  34 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
  35 import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException;
  36 import org.openecomp.portalsdk.core.util.SystemProperties;
  37 import org.springframework.util.StringUtils;
  38 import org.springframework.web.servlet.ModelAndView;
  39
  40 public class OpenIdConnectLoginStrategy extends org.openecomp.portalsdk.core.auth.LoginStrategy implements org.openecomp.portalapp.authentication.LoginStrategy {
  41
  42         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(OpenIdConnectLoginStrategy.class);
  43
  44         private static final String GLOBAL_LOCATION_KEY = "Location";
  45
  46         @SuppressWarnings("rawtypes")
  47         public boolean login(HttpServletRequest request, HttpServletResponse response){
  48
  49                 logger.info("Attempting Login");
  50
  51                 //check both authentication cookie and authentication header
  52                 UserInfo  userInfo = (UserInfo) request.getAttribute("userInfo");
  53
  54                 if (userInfo != null && !StringUtils.isEmpty(userInfo.getPreferredUsername())) {
  55                         //package the userid in the login form for processing
  56                         EPLoginBean commandBean = new EPLoginBean();
  57                         commandBean.setOrgUserId(userInfo.getPreferredUsername());
  58
  59                         EPUser user = new EPUser();
  60
  61                         user.setOrgUserId(userInfo.getPreferredUsername());
  62                         user.setEmail(userInfo.getEmail());
  63                         user.setFirstName(userInfo.getName());
  64                         user.setLastName(userInfo.getFamilyName());
  65
  66                         //store the currently logged in user's information in the session
  67                         EPUserUtils.setUserSession(request, user,  new HashSet(), new HashSet(), SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), null);
  68
  69                         logger.info(EELFLoggerDelegate.errorLogger, request.getContextPath());
  70                         SessionCookieUtil.preSetUp(request, response);
  71                         return true;
  72                 } else {
  73                         // in case authentication cookie is missing, send 401 UNAUTHORIZED to client and it will redirect to Logon
  74
  75                         try {
  76                                 String authentication = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM);
  77                                 String loginUrl = SystemProperties.getProperty(EPSystemProperties.LOGIN_URL_NO_RET_VAL);
  78                                 logger.info(EELFLoggerDelegate.errorLogger, "Authentication Mechanism: '" + authentication + "'.");
  79
  80                                 if (authentication == null || authentication.equals("") || authentication.trim().equals("OIDC")) {
  81                                     response.sendRedirect("oid-login");
  82                                 } else {
  83                                         logger.info(EELFLoggerDelegate.errorLogger, "No cookies are found, redirecting the request to '" + loginUrl + "'.");
  84                                         response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
  85                                 response.setHeader(GLOBAL_LOCATION_KEY, loginUrl);
  86                             }
  87                         } catch(Exception e) {
  88                                 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred in preHandle() while redirecting, Details: " + EcompPortalUtils.getStackTrace(e));
  89                         }
  90                 }
  91                 return false;
  92         }
  93
  94         @Override
  95         public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
  96                 String message = "Method not implmented; Cannot be called";
  97                 logger.error(EELFLoggerDelegate.errorLogger, message);
  98                 throw new Exception(message);
  99         }
 100
 101         @Override
 102         public String getUserId(HttpServletRequest request) throws PortalAPIException {
 103                 String message = "Method not implmented; Cannot be called";
 104                 logger.error(EELFLoggerDelegate.errorLogger, message);
 105                 throw new PortalAPIException(message);
 106         }
 107 }