ecomp-portal-BE-os/src/main/java/org/openecomp/portalapp/authentication/SimpleLoginStrategy.java

   1 /*-
   2  * ================================================================================
   3  * ECOMP Portal
   4  * ================================================================================
   5  * Copyright (C) 2017 AT&T Intellectual Property
   6  * ================================================================================
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *      http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  * ================================================================================
  19  */
  20 package org.openecomp.portalapp.authentication;
  21
  22 import javax.servlet.http.HttpServletRequest;
  23 import javax.servlet.http.HttpServletResponse;
  24
  25 import org.openecomp.portalapp.command.EPLoginBean;
  26 import org.openecomp.portalapp.portal.service.EPLoginService;
  27 import org.openecomp.portalapp.portal.service.EPRoleFunctionService;
  28 import org.openecomp.portalapp.portal.service.EPRoleService;
  29 import org.openecomp.portalapp.portal.utils.EPSystemProperties;
  30 import org.openecomp.portalapp.portal.utils.EcompPortalUtils;
  31 import org.openecomp.portalapp.util.EPUserUtils;
  32 import org.openecomp.portalapp.util.SessionCookieUtil;
  33 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
  34 import org.openecomp.portalsdk.core.menu.MenuProperties;
  35 import org.openecomp.portalsdk.core.onboarding.exception.PortalAPIException;
  36 import org.openecomp.portalsdk.core.onboarding.util.*;
  37 import org.openecomp.portalsdk.core.util.SystemProperties;
  38 import org.springframework.beans.factory.annotation.Autowired;
  39 import org.springframework.util.StringUtils;
  40 import org.springframework.web.servlet.ModelAndView;
  41
  42 public class SimpleLoginStrategy extends org.openecomp.portalsdk.core.auth.LoginStrategy implements LoginStrategy{
  43
  44         @Autowired
  45         private EPLoginService loginService;
  46         @Autowired
  47         private EPRoleService roleService;
  48
  49         @Autowired
  50         private EPRoleFunctionService ePRoleFunctionService;
  51
  52         private static final String GLOBAL_LOCATION_KEY = "Location";
  53
  54         EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(SimpleLoginStrategy.class);
  55
  56         public boolean login(HttpServletRequest request, HttpServletResponse response) throws Exception{
  57                 logger.info("Attempting 'Simple' Login");
  58
  59                 //check both authentication cookie and authentication header
  60                 String  orgUserId = SessionCookieUtil.getUserIdFromCookie(request, response);
  61
  62                 if (!StringUtils.isEmpty(orgUserId)) {
  63                         // package the userid in the login form for processing
  64                         EPLoginBean commandBean = new EPLoginBean();
  65                         commandBean.setOrgUserId(orgUserId);
  66                         commandBean = loginService.findUser(commandBean, (String)request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), null);
  67
  68                          // in case authentication has passed but user is not in the ECOMP data base, return a Guest User to the home page.
  69                         if (commandBean.getUser() == null) {
  70                         }
  71                         else {
  72                                 // store the currently logged in user's information in the session
  73                                 EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), commandBean.getBusinessDirectMenu(), "", ePRoleFunctionService);
  74                                 logger.info(EELFLoggerDelegate.debugLogger, commandBean.getUser().getOrgUserId() + " exists in the the system.");
  75                         }
  76
  77                         logger.info(EELFLoggerDelegate.errorLogger, request.getContextPath());
  78                         SessionCookieUtil.preSetUp(request, response);
  79                         return true;
  80                 } else {
  81                         // in case authentication cookie is missing, send 401 UNAUTHORIZED to client and it will redirect to Logon
  82                         try {
  83                                 String authentication = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM);
  84                                 String loginUrl = SystemProperties.getProperty(EPSystemProperties.LOGIN_URL_NO_RET_VAL);
  85                                 logger.info(EELFLoggerDelegate.errorLogger, "Authentication Mechanism: '" + authentication + "'.");
  86                                 if (authentication == null || authentication.equals("") || authentication.trim().equals("BOTH")) {
  87
  88                                         logger.info(EELFLoggerDelegate.errorLogger, "No cookies are found, redirecting the request to '" + loginUrl + "'.");
  89                                     response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
  90                             response.setHeader(GLOBAL_LOCATION_KEY, loginUrl); //returnUrl + "/index.htm");
  91                         }else {
  92                                         logger.info(EELFLoggerDelegate.errorLogger, "No cookies are found, redirecting the request to '" + loginUrl + "'.");
  93                                         response.setStatus(HttpServletResponse.SC_MOVED_TEMPORARILY);
  94                                 response.setHeader(GLOBAL_LOCATION_KEY, loginUrl); //returnUrl + "/index.htm");
  95                             }
  96                         } catch(Exception e) {
  97                                 logger.error(EELFLoggerDelegate.errorLogger, "Exception occurred in preHandle() while redirecting, Details: " + EcompPortalUtils.getStackTrace(e));
  98                         }
  99                 }
 100
 101                 return false;
 102
 103         }
 104
 105         @Override
 106         public ModelAndView doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
 107                 String message = "Method not implmented; Cannot be called";
 108                 logger.error(EELFLoggerDelegate.errorLogger, message);
 109                 throw new Exception(message);
 110         }
 111
 112         @Override
 113         public String getUserId(HttpServletRequest request) throws PortalAPIException {
 114                 String message = "Method not implmented; Cannot be called";
 115                 logger.error(EELFLoggerDelegate.errorLogger, message);
 116                 throw new PortalAPIException(message);
 117         }
 118 }