Examples with HttpSessionRequestCache org.springframework.security.web.savedrequest.HttpSessionRequestCache used on opensource projects

Example 6 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.

the class OrcidUrlManagerTest method setUpSavedRequest.

private Pair<HttpServletRequest, HttpServletResponse> setUpSavedRequest(String savedUrl) throws URISyntaxException {
    URI uri = new URI(savedUrl);
    MockHttpServletRequest savedRequest = new MockHttpServletRequest("GET", uri.getPath());
    savedRequest.setScheme(uri.getScheme());
    savedRequest.setServerName(uri.getHost());
    savedRequest.setQueryString(uri.getQuery());
    MockHttpServletResponse savedResponse = new MockHttpServletResponse();
    HttpSessionRequestCache sessionCache = new HttpSessionRequestCache();
    sessionCache.saveRequest(savedRequest, savedResponse);
    MockHttpServletRequest currentRequest = new MockHttpServletRequest();
    currentRequest.setSession(savedRequest.getSession());
    MockHttpServletResponse currentResponse = new MockHttpServletResponse();
    return new ImmutablePair<>(currentRequest, currentResponse);
}

Example 7 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.

the class OrcidUrlManager method determineFullTargetUrlFromSavedRequest.

public String determineFullTargetUrlFromSavedRequest(HttpServletRequest request, HttpServletResponse response) {
    SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
    String url = null;
    if (savedRequest != null) {
        url = savedRequest.getRedirectUrl();
        if (url != null) {
            String contextPath = request.getContextPath();
            // run behind nginx.
            if (getBasePath().equals("/") && !contextPath.equals("/"))
                url = url.replaceFirst(contextPath.replace("/", "\\/"), "");
            // example.
            if (!SAVED_REQUEST_PATTERN.matcher(url).find()) {
                url = null;
            }
        }
    }
    return url;
}

Example 8 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project spring-security by spring-projects.

the class ExceptionTranslationFilterTests method getSavedRequestUrl.

private static String getSavedRequestUrl(HttpServletRequest request) {
    HttpSession session = request.getSession(false);
    if (session == null) {
        return null;
    }
    HttpSessionRequestCache rc = new HttpSessionRequestCache();
    SavedRequest sr = rc.getRequest(request, new MockHttpServletResponse());
    return sr.getRedirectUrl();
}

Example 9 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project spring-security by spring-projects.

the class ExceptionTranslationFilterTests method redirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException.

@Test
public void redirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException() throws Exception {
    // Setup our HTTP request
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setServletPath("/secure/page.html");
    request.setServerPort(8080);
    request.setScheme("http");
    request.setServerName("www.example.com");
    request.setContextPath("/mycontext");
    request.setRequestURI("/mycontext/secure/page.html");
    // Setup the FilterChain to thrown an authentication failure exception
    FilterChain fc = mock(FilterChain.class);
    doThrow(new BadCredentialsException("")).when(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
    // Test
    HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
    ExceptionTranslationFilter filter = new ExceptionTranslationFilter(mockEntryPoint, requestCache);
    requestCache.setPortResolver(new MockPortResolver(8080, 8443));
    filter.afterPropertiesSet();
    MockHttpServletResponse response = new MockHttpServletResponse();
    filter.doFilter(request, response, fc);
    assertThat(response.getRedirectedUrl()).isEqualTo("/mycontext/login.jsp");
    assertThat(getSavedRequestUrl(request)).isEqualTo("http://www.example.com:8080/mycontext/secure/page.html");
}

Example 10 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.

the class OauthRegistrationController method checkRegisterForm.

@RequestMapping(value = "/oauth/custom/register.json", method = RequestMethod.POST)
@ResponseBody
public OauthRegistrationForm checkRegisterForm(HttpServletRequest request, HttpServletResponse response, @RequestBody OauthRegistrationForm form) {
    form.setErrors(new ArrayList<String>());
    RequestInfoForm requestInfoForm = (RequestInfoForm) request.getSession().getAttribute(REQUEST_INFO_FORM);
    if (form.getApproved()) {
        registrationController.validateRegistrationFields(request, form);
        registrationController.validateGrcaptcha(request, form);
    } else {
        SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
        String stateParam = null;
        if (savedRequest != null && savedRequest.getParameterMap() != null && savedRequest.getParameterValues("state") != null) {
            if (savedRequest.getParameterValues("state").length > 0)
                stateParam = savedRequest.getParameterValues("state")[0];
        }
        form.setRedirectUrl(buildDenyRedirectUri(requestInfoForm.getRedirectUrl(), stateParam));
    }
    return form;
}