2 * ============LICENSE_START==========================================
4 * ===================================================================
5 * Copyright © 2017 AT&T Intellectual Property. All rights reserved.
6 * ===================================================================
8 * Unless otherwise specified, all software contained herein is licensed
9 * under the Apache License, Version 2.0 (the “License”);
10 * you may not use this software except in compliance with the License.
11 * You may obtain a copy of the License at
13 * http://www.apache.org/licenses/LICENSE-2.0
15 * Unless required by applicable law or agreed to in writing, software
16 * distributed under the License is distributed on an "AS IS" BASIS,
17 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18 * See the License for the specific language governing permissions and
19 * limitations under the License.
21 * Unless otherwise specified, all documentation contained herein is licensed
22 * under the Creative Commons License, Attribution 4.0 Intl. (the “License”);
23 * you may not use this documentation except in compliance with the License.
24 * You may obtain a copy of the License at
26 * https://creativecommons.org/licenses/by/4.0/
28 * Unless required by applicable law or agreed to in writing, documentation
29 * distributed under the License is distributed on an "AS IS" BASIS,
30 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
31 * See the License for the specific language governing permissions and
32 * limitations under the License.
34 * ============LICENSE_END============================================
36 * ECOMP is a trademark and service mark of AT&T Intellectual Property.
38 package org.openecomp.portalapp.controller;
40 import static com.att.eelf.configuration.Configuration.MDC_KEY_REQUEST_ID;
42 import java.net.URLDecoder;
43 import java.util.Enumeration;
44 import java.util.HashMap;
45 import java.util.List;
47 import java.util.UUID;
49 import javax.servlet.http.Cookie;
50 import javax.servlet.http.HttpServletRequest;
51 import javax.servlet.http.HttpServletResponse;
53 import org.json.JSONObject;
54 import org.openecomp.portalapp.command.EPLoginBean;
55 import org.openecomp.portalapp.portal.domain.SharedContext;
56 import org.openecomp.portalapp.portal.service.EPLoginService;
57 import org.openecomp.portalapp.portal.service.EPRoleFunctionService;
58 import org.openecomp.portalapp.portal.service.SharedContextService;
59 import org.openecomp.portalapp.portal.utils.EPSystemProperties;
60 import org.openecomp.portalapp.util.EPUserUtils;
61 import org.openecomp.portalapp.util.SessionCookieUtil;
62 import org.openecomp.portalsdk.core.logging.logic.EELFLoggerDelegate;
63 import org.openecomp.portalsdk.core.menu.MenuProperties;
64 import org.openecomp.portalsdk.core.onboarding.util.CipherUtil;
65 import org.openecomp.portalsdk.core.util.SystemProperties;
67 import org.springframework.beans.factory.annotation.Autowired;
68 import org.springframework.stereotype.Controller;
69 import org.springframework.util.StopWatch;
70 import org.springframework.web.bind.annotation.RequestMapping;
71 import org.springframework.web.bind.annotation.RequestMethod;
72 import org.springframework.web.bind.annotation.ResponseBody;
73 import org.springframework.web.servlet.ModelAndView;
74 import org.springframework.web.util.WebUtils;
76 import com.fasterxml.jackson.databind.DeserializationFeature;
77 import com.fasterxml.jackson.databind.JsonNode;
78 import com.fasterxml.jackson.databind.ObjectMapper;
82 public class LoginController extends EPUnRestrictedBaseController implements LoginService {
84 private EELFLoggerDelegate logger = EELFLoggerDelegate.getLogger(LoginController.class);
86 public static final String DEFAULT_SUCCESS_VIEW = "applicationsHome";
87 public static final String DEFAULT_FAILURE_VIEW = "login";
88 public static final String ERROR_MESSAGE_KEY = "error";
89 public static final String REDIRECT_URL = "redirectUrl";
90 public static final String REDIRECT_COLON = "redirect:";
93 private EPLoginService loginService;
95 private SharedContextService sharedContextService;
97 private EPRoleFunctionService ePRoleFunctionService;
99 private String viewName = "login";
101 private String welcomeView;
103 @RequestMapping(value = { "/login.htm" }, method = RequestMethod.GET)
104 public ModelAndView login(HttpServletRequest request) {
105 Map<String, Object> model = new HashMap<String, Object>();
106 String authentication = SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM);
108 if (authentication == null || "".equals(authentication) || "OICD".equals(authentication.trim()))
109 loginPage = "openIdLogin";
111 loginPage = getViewName();
112 return new ModelAndView(loginPage, "model", model);
115 @SuppressWarnings("rawtypes")
116 @RequestMapping(value = { "/open_source/login" }, method = RequestMethod.POST)
118 public String loginValidate(HttpServletRequest request, HttpServletResponse response) throws Exception {
120 ObjectMapper mapper = new ObjectMapper();
121 mapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
122 JsonNode root = mapper.readTree(request.getReader());
124 EPLoginBean commandBean = new EPLoginBean();
125 String loginId = root.get("loginId").textValue();
126 String password = root.get("password").textValue();
127 commandBean.setLoginId(loginId);
128 commandBean.setLoginPwd(CipherUtil.encrypt(password));
129 HashMap additionalParamsMap = new HashMap();
130 StringBuilder sbAdditionalInfo = new StringBuilder();
132 commandBean = getLoginService().findUser(commandBean,
133 (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), additionalParamsMap);
134 String fullURL = getFullURL(request);
135 if (commandBean.getUser() == null) {
136 String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage()
137 : "login.error.external.invalid";
138 logger.info(EELFLoggerDelegate.debugLogger, "loginId {} does not exist in the the DB.", loginId);
139 sbAdditionalInfo.append(String.format("But the Login-Id: %s doesn't exist in the Database. Request-URL: %s",
141 return loginErrorMessage;
143 // store the currently logged in user's information in the session
144 EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
145 commandBean.getBusinessDirectMenu(),
146 SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), ePRoleFunctionService);
149 logger.info(EELFLoggerDelegate.debugLogger, "loginValidate: store user info into share context begins");
150 String sessionId = request.getSession().getId();
151 List<SharedContext> existingSC = getSharedContextService().getSharedContexts(sessionId);
152 if (existingSC == null || existingSC.isEmpty()) {
153 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_FIRST_NAME,
154 commandBean.getUser().getFirstName());
155 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_LAST_NAME,
156 commandBean.getUser().getLastName());
157 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_EMAIL,
158 commandBean.getUser().getEmail());
159 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_ORG_USERID,
160 commandBean.getLoginId());
163 } catch (Exception e) {
164 logger.info(EELFLoggerDelegate.errorLogger, "loginValidate: failed the shared context adding process ",
167 logger.info(EELFLoggerDelegate.debugLogger,
168 "loginValidate: PresetUp the EP service cookie and intial sessionManagement");
170 SessionCookieUtil.preSetUp(request, response);
171 SessionCookieUtil.setUpUserIdCookie(request, response, loginId);
173 JSONObject j = new JSONObject("{success: success}");
180 * Work around a bug in ecompsdkos version 1.1.0 which hard-codes this endpoint.
182 @RequestMapping(value = { "/process_csp" }, method = RequestMethod.GET)
183 public ModelAndView processCsp(HttpServletRequest request, HttpServletResponse response) throws Exception {
184 return processSingleSignOn(request, response);
187 * Remove this method after epsdk-app-common/.../SingleSignOnController.java is
191 @RequestMapping(value = { "/processSingleSignOn" }, method = RequestMethod.GET)
192 public ModelAndView processSingleSignOn(HttpServletRequest request, HttpServletResponse response) throws Exception {
194 Map<Object, Object> model = new HashMap<Object, Object>();
195 HashMap<Object, Object> additionalParamsMap = new HashMap<Object, Object>();
196 EPLoginBean commandBean = new EPLoginBean();
197 MDC.put(MDC_KEY_REQUEST_ID, getRequestId(request));
198 // get userId from cookie
199 String orgUserId = SessionCookieUtil.getUserIdFromCookie(request, response);
200 logger.info(EELFLoggerDelegate.debugLogger, "processSingleSignOn: begins with orgUserId {}", orgUserId);
202 StringBuilder sbAdditionalInfo = new StringBuilder();
203 if (orgUserId == null || orgUserId.length() == 0) {
204 model.put(ERROR_MESSAGE_KEY, SystemProperties.MESSAGE_KEY_LOGIN_ERROR_COOKIE_EMPTY);
205 if (request.getParameter(REDIRECT_URL) != null && request.getParameter(REDIRECT_URL).length() != 0) {
206 return new ModelAndView(REDIRECT_COLON + DEFAULT_FAILURE_VIEW + ".htm" + "?redirectUrl="
207 + request.getParameter(REDIRECT_URL));
209 return new ModelAndView(REDIRECT_COLON + DEFAULT_FAILURE_VIEW + ".htm");
213 StopWatch stopWatch = new StopWatch("LoginController.Login");
217 logger.info(EELFLoggerDelegate.debugLogger,
218 "Operation findUser is started to locate user {} in the database.", orgUserId);
219 commandBean.setLoginId(orgUserId);
220 commandBean.setOrgUserId(orgUserId);
221 commandBean = getLoginService().findUser(commandBean,
222 (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY),
223 additionalParamsMap);
226 MDC.put(EPSystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
227 logger.info(EELFLoggerDelegate.debugLogger, "Operation findUser is completed.");
228 } catch (Exception e) {
230 MDC.put(EPSystemProperties.MDC_TIMER, stopWatch.getTotalTimeMillis() + "ms");
231 logger.info(EELFLoggerDelegate.errorLogger, "processSingleSignOn failed on user " + orgUserId, e);
233 MDC.remove(EPSystemProperties.MDC_TIMER);
236 sbAdditionalInfo.append("Login attempt is succeeded. ");
237 String fullURL = getFullURL(request);
238 if (commandBean.getUser() == null) {
239 logger.info(EELFLoggerDelegate.debugLogger,
240 "processSingleSignOn: loginId {} does not exist in the the DB.", orgUserId);
242 sbAdditionalInfo.append(String.format(
243 "But the Login-Id: %s doesn't exist in the Database. Created a Guest Session. Request-URL: %s",
244 orgUserId, fullURL));
245 if (request.getParameter(REDIRECT_URL) != null && request.getParameter(REDIRECT_URL).length() != 0) {
246 return new ModelAndView(REDIRECT_COLON + DEFAULT_FAILURE_VIEW + ".htm" + "?redirectUrl="
247 + request.getParameter(REDIRECT_URL));
249 return new ModelAndView(REDIRECT_COLON + DEFAULT_FAILURE_VIEW + ".htm");
253 sbAdditionalInfo.append(
254 String.format("Login-Id: %s, Login-Method: %s, Request-URL: %s", orgUserId, "", fullURL));
255 logger.info(EELFLoggerDelegate.debugLogger, "processSingleSignOn: now set up user session for {}",
258 EPUserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(),
259 commandBean.getBusinessDirectMenu(),
260 SystemProperties.getProperty(SystemProperties.AUTHENTICATION_MECHANISM), ePRoleFunctionService);
261 logger.info(EELFLoggerDelegate.debugLogger,
262 "processSingleSignOn: now set up user session for {} finished", orgUserId);
264 // Store user's information into share context
266 logger.info(EELFLoggerDelegate.debugLogger,
267 "processSingleSignOn: store user info into share context begins");
268 String sessionId = request.getSession().getId();
269 List<SharedContext> existingSC = getSharedContextService().getSharedContexts(sessionId);
270 if (existingSC == null || existingSC.isEmpty()) {
271 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_FIRST_NAME,
272 commandBean.getUser().getFirstName());
273 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_LAST_NAME,
274 commandBean.getUser().getLastName());
275 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_EMAIL,
276 commandBean.getUser().getEmail());
277 getSharedContextService().addSharedContext(sessionId, EPSystemProperties.USER_ORG_USERID,
278 commandBean.getLoginId());
280 } catch (Exception e) {
281 logger.info(EELFLoggerDelegate.errorLogger,
282 "processSingleSignOn: failed the shared context adding process", e);
285 logger.info(EELFLoggerDelegate.debugLogger,
286 "processSingleSignOn: PresetUp the EP service cookie and intial sessionManagement");
287 SessionCookieUtil.preSetUp(request, response);
288 SessionCookieUtil.setUpUserIdCookie(request, response, orgUserId);
289 logger.info(EELFLoggerDelegate.debugLogger,
290 "processSingleSignOn: PresetUp the EP service cookie and intial sessionManagement completed");
291 logger.info(EELFLoggerDelegate.debugLogger,
292 commandBean.getUser().getOrgUserId() + " exists in the the system.");
294 // get redirectUrl from URL parameter
295 if (request.getParameter(REDIRECT_URL) != null && request.getParameter(REDIRECT_URL).length() != 0) {
296 String forwardUrl = URLDecoder.decode(request.getParameter(REDIRECT_URL), "UTF-8");
298 Cookie cookie2 = new Cookie(REDIRECT_URL, "");
299 // ONAP does not use https
300 cookie2.setSecure(false);
301 cookie2.setMaxAge(0);
302 cookie2.setDomain(EPSystemProperties.getProperty(EPSystemProperties.COOKIE_DOMAIN));
303 cookie2.setPath("/");
304 response.addCookie(cookie2);
305 return new ModelAndView(REDIRECT_COLON + forwardUrl);
308 // first check if redirectUrl exists or not
309 if (WebUtils.getCookie(request, REDIRECT_URL) != null) {
310 String forwardUrl = WebUtils.getCookie(request, REDIRECT_URL).getValue();
312 Cookie cookie2 = new Cookie(REDIRECT_URL, "");
313 // ONAP does not use https
314 cookie2.setSecure(false);
315 cookie2.setMaxAge(0);
316 cookie2.setDomain(EPSystemProperties.getProperty(EPSystemProperties.COOKIE_DOMAIN));
317 cookie2.setPath("/");
318 response.addCookie(cookie2);
320 return new ModelAndView(REDIRECT_COLON + forwardUrl);
325 // if user has been authenticated, now take them to the welcome page.
326 logger.info(EELFLoggerDelegate.debugLogger, "processSingleSignOn: Now return to application home page");
327 return new ModelAndView(REDIRECT_COLON + SystemProperties.getProperty(EPSystemProperties.FE_URL));
330 private String getFullURL(HttpServletRequest request) {
331 if (request != null) {
332 String requestURL = request.getRequestURL().toString();
333 String queryString = request.getQueryString();
334 if (queryString == null) {
337 return requestURL + "?" + queryString;
343 private String getRequestId(HttpServletRequest request) {
344 Enumeration<String> headerNames = request.getHeaderNames();
345 String requestId = "";
346 while (headerNames.hasMoreElements()) {
347 String headerName = headerNames.nextElement();
348 logger.debug(EELFLoggerDelegate.debugLogger, "getRequestId: header {} has value {}", headerName,
349 request.getHeader(headerName));
350 if (headerName.equalsIgnoreCase(SystemProperties.ECOMP_REQUEST_ID)) {
351 requestId = request.getHeader(headerName);
355 return requestId.isEmpty() ? UUID.randomUUID().toString() : requestId;
358 public String getWelcomeView() {
362 public void setWelcomeView(String welcomeView) {
363 this.welcomeView = welcomeView;
367 public String getViewName() {
372 public void setViewName(String viewName) {
373 this.viewName = viewName;
376 public EPLoginService getLoginService() {
380 public void setLoginService(EPLoginService loginService) {
381 this.loginService = loginService;
384 public SharedContextService getSharedContextService() {
385 return sharedContextService;
388 public void setSharedContextService(SharedContextService sharedContextService) {
389 this.sharedContextService = sharedContextService;