|
1
|
package eu.dnetlib.repo.manager.service.config;
|
|
2
|
|
|
3
|
import com.google.gson.JsonObject;
|
|
4
|
import org.apache.log4j.Logger;
|
|
5
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
|
6
|
import org.springframework.beans.factory.annotation.Value;
|
|
7
|
import org.springframework.security.core.Authentication;
|
|
8
|
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
|
9
|
|
|
10
|
import javax.servlet.ServletException;
|
|
11
|
import javax.servlet.http.Cookie;
|
|
12
|
import javax.servlet.http.HttpServletRequest;
|
|
13
|
import javax.servlet.http.HttpServletResponse;
|
|
14
|
import java.io.IOException;
|
|
15
|
import java.net.URLEncoder;
|
|
16
|
import com.google.gson.*;
|
|
17
|
|
|
18
|
public class FrontEndLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
|
|
19
|
|
|
20
|
private String frontEndURI;
|
|
21
|
|
|
22
|
private static final Logger LOGGER = Logger
|
|
23
|
.getLogger(FrontEndLinkURIAuthenticationSuccessHandler.class);
|
|
24
|
|
|
25
|
public void init(){
|
|
26
|
LOGGER.debug("Front end uri : " + frontEndURI);
|
|
27
|
}
|
|
28
|
|
|
29
|
|
|
30
|
@Value("${aai.mode}")
|
|
31
|
private String aai_mode;
|
|
32
|
|
|
33
|
@Override
|
|
34
|
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
|
|
35
|
|
|
36
|
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication;
|
|
37
|
JsonObject userInfo = new JsonObject();
|
|
38
|
|
|
39
|
if (authOIDC.getUserInfo().getSub() == null)
|
|
40
|
userInfo.addProperty("sub", "");
|
|
41
|
else
|
|
42
|
userInfo.addProperty("sub", URLEncoder.encode(authOIDC.getUserInfo().getSub(), "UTF-8"));
|
|
43
|
|
|
44
|
userInfo.addProperty("fullname", URLEncoder.encode(authOIDC.getUserInfo().getName(), "UTF-8"));
|
|
45
|
|
|
46
|
if (authOIDC.getUserInfo().getGivenName() == null)
|
|
47
|
userInfo.addProperty("firstname", "");
|
|
48
|
else
|
|
49
|
userInfo.addProperty("firstname", URLEncoder.encode(authOIDC.getUserInfo().getGivenName(), "UTF-8") + "");
|
|
50
|
|
|
51
|
if (authOIDC.getUserInfo().getFamilyName() == null)
|
|
52
|
userInfo.addProperty("lastname", "");
|
|
53
|
else
|
|
54
|
userInfo.addProperty("lastname", URLEncoder.encode(authOIDC.getUserInfo().getFamilyName(), "UTF-8") + "");
|
|
55
|
|
|
56
|
userInfo.addProperty("email", authOIDC.getUserInfo().getEmail() + "");
|
|
57
|
if (authOIDC.getUserInfo().getSource().getAsJsonArray("edu_person_entitlements") == null)
|
|
58
|
userInfo.addProperty("role", "");
|
|
59
|
else
|
|
60
|
userInfo.addProperty("role", URLEncoder.encode(authOIDC.getUserInfo()
|
|
61
|
.getSource().getAsJsonArray("edu_person_entitlements").toString(), "UTF-8") + "");
|
|
62
|
|
|
63
|
|
|
64
|
Cookie openAIREUser = new Cookie("openAIREUser", new Gson().toJson(userInfo) );
|
|
65
|
openAIREUser.setMaxAge(14400);
|
|
66
|
openAIREUser.setPath("/");
|
|
67
|
if(aai_mode.equalsIgnoreCase("production") || aai_mode.equalsIgnoreCase("beta"))
|
|
68
|
openAIREUser .setDomain(".openaire.eu");
|
|
69
|
// openAIREUser.setDomain(".athenarc.gr");
|
|
70
|
response.addCookie(openAIREUser);
|
|
71
|
|
|
72
|
|
|
73
|
Cookie accessToken = new Cookie("AccessToken", authOIDC.getAccessTokenValue());
|
|
74
|
accessToken.setMaxAge(14400);
|
|
75
|
if(aai_mode.equalsIgnoreCase("production") || aai_mode.equalsIgnoreCase("beta"))
|
|
76
|
accessToken.setDomain(".openaire.eu");
|
|
77
|
accessToken.setPath("/");
|
|
78
|
|
|
79
|
// accessToken.setDomain(".athenarc.gr");
|
|
80
|
response.addCookie(accessToken);
|
|
81
|
response.sendRedirect(frontEndURI);
|
|
82
|
}
|
|
83
|
|
|
84
|
public String getFrontEndURI() {
|
|
85
|
return frontEndURI;
|
|
86
|
}
|
|
87
|
|
|
88
|
public void setFrontEndURI(String frontEndURI) {
|
|
89
|
this.frontEndURI = frontEndURI;
|
|
90
|
}
|
|
91
|
}
|
|
92
|
|