Search in sources :

Example 56 with ExternalContext

use of javax.faces.context.ExternalContext in project oxAuth by GluuFederation.

the class GlobalExceptionHandler method handle.

public void handle() throws FacesException {
    final Iterator<ExceptionQueuedEvent> i = getUnhandledExceptionQueuedEvents().iterator();
    while (i.hasNext()) {
        ExceptionQueuedEvent event = i.next();
        ExceptionQueuedEventContext context = (ExceptionQueuedEventContext) event.getSource();
        Throwable t = context.getException();
        final FacesContext fc = FacesContext.getCurrentInstance();
        final ExternalContext externalContext = fc.getExternalContext();
        try {
            if (isInvalidSessionStateException(t)) {
                log.error(t.getMessage(), t);
                performRedirect(externalContext, "/error_session.htm");
            } else {
                log.error(t.getMessage(), t);
                performRedirect(externalContext, "/error_service.htm");
            }
            fc.renderResponse();
        } finally {
            i.remove();
        }
    }
    getWrapped().handle();
}
Also used : ExceptionQueuedEvent(javax.faces.event.ExceptionQueuedEvent) FacesContext(javax.faces.context.FacesContext) ExceptionQueuedEventContext(javax.faces.event.ExceptionQueuedEventContext) ExternalContext(javax.faces.context.ExternalContext)

Example 57 with ExternalContext

use of javax.faces.context.ExternalContext in project muikku by otavanopisto.

the class LoginBackingBean method init.

@RequestAction
@Deferred
public String init() {
    try {
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext externalContext = facesContext.getExternalContext();
        Map<String, String[]> requestParameters = externalContext.getRequestParameterValuesMap();
        if (authSourceId == null) {
            authSourceId = loginSessionBean.getAuthSourceId();
        } else {
            loginSessionBean.setAuthSourceId(authSourceId);
        }
        if (StringUtils.isNotBlank(redirectUrl)) {
            loginSessionBean.setPostLoginRedirectUrl(redirectUrl);
        }
        if (authSourceId == null) {
            // authentication source id is not defined, which means that we need to ask the user which he or she is
            // going to use, unless only one source is defined and it's credentialess one, in which case we use that one.
            List<AuthSource> credentialAuthSources = authSourceController.listCredentialAuthSources();
            List<AuthSource> credentialessAuthSources = authSourceController.listCredentialessAuthSources();
            if (credentialAuthSources.isEmpty() && credentialessAuthSources.size() == 1) {
                authSourceId = credentialessAuthSources.get(0).getId();
            }
        }
        if (authSourceId != null) {
            AuthSource authSource = authSourceController.findAuthSourceById(authSourceId);
            if (authSource != null) {
                AuthenticationProvider authenticationProvider = authSourceController.findAuthenticationProvider(authSource);
                if (authenticationProvider != null) {
                    AuthenticationResult result = authenticationProvider.processLogin(authSource, requestParameters);
                    if (StringUtils.isNotBlank(result.getRedirectUrl())) {
                        externalContext.redirect(result.getRedirectUrl());
                    } else {
                        loginSessionBean.setAuthSourceId(null);
                        String postLoginRedirectUrl = loginSessionBean.getPostLoginRedirectUrl();
                        switch(result.getStatus()) {
                            case GRANT:
                                // User granted additional scopes in existing authentication source
                                break;
                            case LOGIN:
                                // User logged in
                                break;
                            case NEW_ACCOUNT:
                                // User created new account
                                break;
                            case CONFLICT:
                                switch(result.getConflictReason()) {
                                    case EMAIL_BELONGS_TO_ANOTHER_USER:
                                        // Could not login, one or more of the email addresses belong to another user
                                        break;
                                    case LOGGED_IN_AS_DIFFERENT_USER:
                                        // Could not login, user is already logged in as a another user
                                        break;
                                    case SEVERAL_USERS_BY_EMAILS:
                                        // Could not login, several users found by email addresses
                                        break;
                                }
                                logger.log(Level.SEVERE, String.format("Authentication failed on with following message: %s", result.getConflictReason().toString()));
                                return NavigationRules.INTERNAL_ERROR;
                            case INVALID_CREDENTIALS:
                                logger.log(Level.SEVERE, "Erroneous authentication provider status: INVALID_CREDENTIALS in external login page");
                                return NavigationRules.INTERNAL_ERROR;
                            case NO_EMAIL:
                                return NavigationRules.AUTH_NOEMAIL;
                            case PROCESSING:
                                logger.log(Level.SEVERE, "Erroneous authentication provider status: PROCESSING without redirectUrl");
                                return NavigationRules.INTERNAL_ERROR;
                            case ERROR:
                                return NavigationRules.INTERNAL_ERROR;
                        }
                        if (StringUtils.isBlank(postLoginRedirectUrl)) {
                            postLoginRedirectUrl = externalContext.getRequestContextPath() + "/";
                        }
                        externalContext.redirect(postLoginRedirectUrl);
                    }
                } else {
                    logger.log(Level.SEVERE, "Invalid authenticationProvider");
                    return NavigationRules.INTERNAL_ERROR;
                }
            } else {
                logger.log(Level.SEVERE, "Invalid authSourceId");
                return NavigationRules.INTERNAL_ERROR;
            }
        }
    } catch (IOException e) {
        logger.log(Level.SEVERE, "Login failed because of an internal error", e);
        return NavigationRules.INTERNAL_ERROR;
    }
    return null;
}
Also used : FacesContext(javax.faces.context.FacesContext) AuthSource(fi.otavanopisto.muikku.model.security.AuthSource) ExternalContext(javax.faces.context.ExternalContext) AuthenticationProvider(fi.otavanopisto.muikku.auth.AuthenticationProvider) IOException(java.io.IOException) AuthenticationResult(fi.otavanopisto.muikku.auth.AuthenticationResult) RequestAction(org.ocpsoft.rewrite.annotation.RequestAction) Deferred(org.ocpsoft.rewrite.faces.annotation.Deferred)

Example 58 with ExternalContext

use of javax.faces.context.ExternalContext in project muikku by otavanopisto.

the class ExceptionHandler method handle.

@Override
public void handle() throws FacesException {
    for (final Iterator<ExceptionQueuedEvent> queuedEventIterator = getUnhandledExceptionQueuedEvents().iterator(); queuedEventIterator.hasNext(); ) {
        ExceptionQueuedEvent queuedEvent = queuedEventIterator.next();
        ExceptionQueuedEventContext queuedEventContext = queuedEvent.getContext();
        Throwable exception = queuedEventContext.getException();
        while ((exception instanceof FacesException || exception instanceof EJBException || exception instanceof ELException || exception instanceof RewriteException || exception instanceof CreationException || exception instanceof IllegalStateException) && exception.getCause() != null) {
            exception = exception.getCause();
        }
        FacesContext facesContext = FacesContext.getCurrentInstance();
        ExternalContext externalContext = facesContext.getExternalContext();
        try {
            if (exception instanceof AuthorizationException) {
                externalContext.setResponseStatus(HttpServletResponse.SC_FORBIDDEN);
                renderView("/error/access-denied.jsf");
            } else if (exception instanceof FileNotFoundException) {
                externalContext.setResponseStatus(HttpServletResponse.SC_NOT_FOUND);
                renderView("/error/not-found.jsf");
            } else {
                throw new FacesException(exception);
            }
        } finally {
            queuedEventIterator.remove();
        }
    }
    getWrapped().handle();
}
Also used : ExceptionQueuedEvent(javax.faces.event.ExceptionQueuedEvent) FacesContext(javax.faces.context.FacesContext) AuthorizationException(fi.otavanopisto.security.AuthorizationException) FileNotFoundException(java.io.FileNotFoundException) CreationException(javax.enterprise.inject.CreationException) FacesException(javax.faces.FacesException) ExceptionQueuedEventContext(javax.faces.event.ExceptionQueuedEventContext) RewriteException(org.ocpsoft.rewrite.exception.RewriteException) ExternalContext(javax.faces.context.ExternalContext) ELException(javax.el.ELException) EJBException(javax.ejb.EJBException)

Aggregations

ExternalContext (javax.faces.context.ExternalContext)58 FacesContext (javax.faces.context.FacesContext)28 Test (org.junit.Test)17 HttpServletRequest (javax.servlet.http.HttpServletRequest)13 HashMap (java.util.HashMap)11 PrepareForTest (org.powermock.core.classloader.annotations.PrepareForTest)9 Map (java.util.Map)7 IOException (java.io.IOException)6 HttpServletResponse (javax.servlet.http.HttpServletResponse)5 File (java.io.File)4 Method (java.lang.reflect.Method)4 Locale (java.util.Locale)4 FacesException (javax.faces.FacesException)4 Flash (javax.faces.context.Flash)4 InvocationContext (javax.interceptor.InvocationContext)4 ExceptionQueuedEvent (javax.faces.event.ExceptionQueuedEvent)3 ExceptionQueuedEventContext (javax.faces.event.ExceptionQueuedEventContext)3 FileInputStream (java.io.FileInputStream)2 InputStream (java.io.InputStream)2 Date (java.util.Date)2