1
|
package eu.dnetlib.openaire.usermanagement.security;
|
2
|
|
3
|
import org.apache.log4j.Logger;
|
4
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
5
|
import org.springframework.security.core.Authentication;
|
6
|
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
7
|
|
8
|
import javax.servlet.http.Cookie;
|
9
|
import javax.servlet.http.HttpServletRequest;
|
10
|
import javax.servlet.http.HttpServletResponse;
|
11
|
import java.io.IOException;
|
12
|
|
13
|
/**
|
14
|
* Created by stefanos on 9/5/2017.
|
15
|
*/
|
16
|
public class FrontEndLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
|
17
|
|
18
|
private static final Logger logger = Logger.getLogger(FrontEndLinkURIAuthenticationSuccessHandler.class);
|
19
|
|
20
|
private String frontEndURI;
|
21
|
private String frontPath;
|
22
|
private String frontDomain;
|
23
|
|
24
|
@Override
|
25
|
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IllegalArgumentException, IOException {
|
26
|
|
27
|
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
|
28
|
|
29
|
try {
|
30
|
|
31
|
Cookie jwt = new Cookie("XCsrfToken", JWTGenerator.generateToken(authOIDC, "my-very-secret"));
|
32
|
Cookie accessToken = new Cookie("AccessToken", authOIDC.getAccessTokenValue());
|
33
|
|
34
|
// Expire the cookies in four hours (4 * 3600)
|
35
|
jwt.setMaxAge(14400);
|
36
|
accessToken.setMaxAge(14400);
|
37
|
|
38
|
//TODO DELETE LOG
|
39
|
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n");
|
40
|
logger.info("access token: " + authOIDC.getAccessTokenValue());
|
41
|
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n");
|
42
|
|
43
|
jwt.setPath(frontPath);
|
44
|
if (frontDomain!=null) jwt.setDomain(frontDomain);
|
45
|
accessToken.setPath(frontPath);
|
46
|
if (frontDomain!=null) accessToken.setDomain(frontDomain);
|
47
|
|
48
|
response.addCookie(jwt);
|
49
|
response.addCookie(accessToken);
|
50
|
response.sendRedirect(frontEndURI);
|
51
|
|
52
|
} catch (IOException e) {
|
53
|
logger.error("IOException in redirection ", e);
|
54
|
throw new IOException(e);
|
55
|
}catch (IllegalArgumentException e) {
|
56
|
logger.error("IllegalArgumentException in redirection ", e);
|
57
|
throw new IllegalArgumentException(e);
|
58
|
}
|
59
|
|
60
|
}
|
61
|
|
62
|
public String getFrontEndURI() {
|
63
|
return frontEndURI;
|
64
|
}
|
65
|
|
66
|
public void setFrontEndURI(String frontEndURI) {
|
67
|
this.frontEndURI = frontEndURI;
|
68
|
}
|
69
|
|
70
|
public String getFrontPath() {
|
71
|
return frontPath;
|
72
|
}
|
73
|
|
74
|
public void setFrontPath(String frontPath) {
|
75
|
this.frontPath = frontPath;
|
76
|
}
|
77
|
|
78
|
public String getFrontDomain() {
|
79
|
return frontDomain;
|
80
|
}
|
81
|
|
82
|
public void setFrontDomain(String frontDomain) {
|
83
|
this.frontDomain = frontDomain;
|
84
|
}
|
85
|
}
|
86
|
|
87
|
|