use of org.olat.core.gui.UserRequest in project OpenOLAT by OpenOLAT.
the class OAuthDispatcher method execute.
@Override
public void execute(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
String uri = request.getRequestURI();
try {
uri = URLDecoder.decode(uri, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new AssertException("UTF-8 encoding not supported!!!!");
}
String uriPrefix = DispatcherModule.getLegacyUriPrefix(request);
uri = uri.substring(uriPrefix.length());
UserRequest ureq = null;
try {
// upon creation URL is checked for
ureq = new UserRequestImpl(uriPrefix, request, response);
} catch (NumberFormatException nfe) {
if (log.isDebug()) {
log.debug("Bad Request " + request.getPathInfo());
}
DispatcherModule.sendBadRequest(request.getPathInfo(), response);
return;
}
String error = request.getParameter("error");
if (null != error) {
error(ureq, translateOauthError(ureq, error));
return;
}
String problem = request.getParameter("oauth_problem");
if (problem != null && "token_rejected".equals(problem.trim())) {
error(ureq, translateOauthError(ureq, error));
return;
}
try {
HttpSession sess = request.getSession();
// OAuth 2.0 hasn't any request token
Token requestToken = (Token) sess.getAttribute(OAuthConstants.REQUEST_TOKEN);
OAuthService service = (OAuthService) sess.getAttribute(OAuthConstants.OAUTH_SERVICE);
OAuthSPI provider = (OAuthSPI) sess.getAttribute(OAuthConstants.OAUTH_SPI);
Token accessToken;
if (provider == null) {
log.audit("OAuth Login failed, no provider in request");
DispatcherModule.redirectToDefaultDispatcher(response);
return;
} else if (provider.isImplicitWorkflow()) {
String idToken = ureq.getParameter("id_token");
if (idToken == null) {
redirectImplicitWorkflow(ureq);
return;
} else {
Verifier verifier = OpenIDVerifier.create(ureq, sess);
accessToken = service.getAccessToken(requestToken, verifier);
}
} else {
String requestVerifier = request.getParameter("oauth_verifier");
if (requestVerifier == null) {
// OAuth 2.0 as a code
requestVerifier = request.getParameter("code");
}
accessToken = service.getAccessToken(requestToken, new Verifier(requestVerifier));
}
OAuthUser infos = provider.getUser(service, accessToken);
if (infos == null || !StringHelper.containsNonWhitespace(infos.getId())) {
error(ureq, translate(ureq, "error.no.id"));
log.error("OAuth Login failed, no infos extracted from access token: " + accessToken);
return;
}
OAuthRegistration registration = new OAuthRegistration(provider.getProviderName(), infos);
login(infos, registration);
if (provider instanceof OAuthUserCreator) {
Identity newIdentity;
OAuthUserCreator userCreator = (OAuthUserCreator) provider;
if (registration.getIdentity() == null) {
newIdentity = userCreator.createUser(infos);
} else {
newIdentity = userCreator.updateUser(infos, registration.getIdentity());
}
if (newIdentity != null) {
registration.setIdentity(newIdentity);
}
}
if (registration.getIdentity() == null) {
if (CoreSpringFactory.getImpl(OAuthLoginModule.class).isAllowUserCreation()) {
register(request, response, registration);
} else {
error(ureq, translate(ureq, "error.account.creation"));
log.error("OAuth Login ok but the user has not an account on OpenOLAT: " + infos);
}
} else {
if (ureq.getUserSession() != null) {
// re-init the activity logger
ThreadLocalUserActivityLoggerInstaller.initUserActivityLogger(request);
}
Identity identity = registration.getIdentity();
int loginStatus = AuthHelper.doLogin(identity, provider.getProviderName(), ureq);
if (loginStatus != AuthHelper.LOGIN_OK) {
if (loginStatus == AuthHelper.LOGIN_NOTAVAILABLE) {
DispatcherModule.redirectToServiceNotAvailable(response);
} else {
// error, redirect to login screen
DispatcherModule.redirectToDefaultDispatcher(response);
}
} else {
// update last login date and register active user
UserDeletionManager.getInstance().setIdentityAsActiv(identity);
MediaResource mr = ureq.getDispatchResult().getResultingMediaResource();
if (mr instanceof RedirectMediaResource) {
RedirectMediaResource rmr = (RedirectMediaResource) mr;
rmr.prepare(response);
} else {
// error, redirect to login screen
DispatcherModule.redirectToDefaultDispatcher(response);
}
}
}
} catch (Exception e) {
log.error("Unexpected error", e);
error(ureq, translate(ureq, "error.generic"));
}
}
use of org.olat.core.gui.UserRequest in project OpenOLAT by OpenOLAT.
the class LDAPAdminController method event.
/**
* @see org.olat.core.gui.control.DefaultController#event(org.olat.core.gui.UserRequest,
* org.olat.core.gui.components.Component,
* org.olat.core.gui.control.Event)
*/
@Override
protected void event(UserRequest ureq, Component source, Event event) {
if (source == syncStartLink) {
// Start sync job
// Disable start link during sync
syncStartLink.setEnabled(false);
LDAPEvent ldapEvent = new LDAPEvent(LDAPEvent.DO_SYNCHING);
CoordinatorManager.getInstance().getCoordinator().getEventBus().fireEventToListenersOf(ldapEvent, LDAPLoginManager.ldapSyncLockOres);
showInfo("admin.synchronize.started");
} else if (source == syncOneUserLink) {
userSearchCtrl = new UserSearchController(ureq, getWindowControl(), false);
listenTo(userSearchCtrl);
calloutCtr = new CloseableCalloutWindowController(ureq, getWindowControl(), userSearchCtrl.getInitialComponent(), syncOneUserLink, null, true, null);
calloutCtr.addDisposableChildController(userSearchCtrl);
calloutCtr.activate();
listenTo(calloutCtr);
} else if (source == deletStartLink) {
// cancel if some one else is making sync or delete job
if (!ldapLoginManager.acquireSyncLock()) {
showError("delete.error.lock");
} else {
deletStartLink.setEnabled(false);
// check and get LDAP connection
LdapContext ctx = ldapLoginManager.bindSystem();
if (ctx == null) {
showError("delete.error.connection");
return;
}
// get deleted users
identitiesToDelete = ldapLoginManager.getIdentitysDeletedInLdap(ctx);
try {
ctx.close();
} catch (NamingException e) {
showError("delete.error.connection.close");
logError("Could not close LDAP connection on manual delete sync", e);
}
if (identitiesToDelete != null && identitiesToDelete.size() != 0) {
hasIdentitiesToDelete = true;
/*
* start step which spawns the whole wizard
*/
Step start = new DeletStep00(ureq, hasIdentitiesToDelete, identitiesToDelete);
/*
* wizard finish callback called after "finish" is called
*/
StepRunnerCallback finishCallback = new StepRunnerCallback() {
public Step execute(UserRequest uureq, WindowControl control, StepsRunContext runContext) {
hasIdentitiesToDeleteAfterRun = ((Boolean) runContext.get("hasIdentitiesToDelete")).booleanValue();
if (hasIdentitiesToDeleteAfterRun) {
@SuppressWarnings("unchecked") List<Identity> idToDelete = (List<Identity>) runContext.get("identitiesToDelete");
amountUsersToDelete = idToDelete.size();
// Delete all identities now and tell everybody that
// we are finished
ldapLoginManager.deletIdentities(idToDelete);
return StepsMainRunController.DONE_MODIFIED;
} else {
return StepsMainRunController.DONE_UNCHANGED;
}
// otherwise return without deleting anything
}
};
deleteStepController = new StepsMainRunController(ureq, getWindowControl(), start, finishCallback, null, translate("admin.deleteUser.title"), "o_sel_ldap_delete_user_wizard");
listenTo(deleteStepController);
getWindowControl().pushAsModalDialog(deleteStepController.getInitialComponent());
} else {
hasIdentitiesToDelete = false;
showInfo("delete.step.noUsers");
deletStartLink.setEnabled(true);
ldapLoginManager.freeSyncLock();
}
}
} else if (source == removeFallBackAuthsLink) {
removeFallBackAuthsLink.setEnabled(false);
ldapLoginManager.removeFallBackAuthentications();
showInfo("opsuccess");
}
}
use of org.olat.core.gui.UserRequest in project OpenOLAT by OpenOLAT.
the class BlogHandler method createLaunchController.
/**
* @see org.olat.repository.handlers.RepositoryHandler#getLaunchController(org.olat.core.id.OLATResourceable,
* java.lang.String, org.olat.core.gui.UserRequest,
* org.olat.core.gui.control.WindowControl)
*/
@Override
public MainLayoutController createLaunchController(final RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
boolean isAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isOwner = RepositoryManager.getInstance().isOwnerOfRepositoryEntry(ureq.getIdentity(), re);
final FeedSecurityCallback callback = new FeedResourceSecurityCallback(isAdmin, isOwner);
SubscriptionContext subsContext = new SubscriptionContext(re.getOlatResource(), re.getSoftkey());
callback.setSubscriptionContext(subsContext);
return new FeedRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
return new FeedMainController(entry.getOlatResource(), uureq, wwControl, null, null, BlogUIFactory.getInstance(uureq.getLocale()), callback, null);
}
});
}
use of org.olat.core.gui.UserRequest in project OpenOLAT by OpenOLAT.
the class WikiHandler method createLaunchController.
@Override
public MainLayoutController createLaunchController(RepositoryEntry re, RepositoryEntrySecurity reSecurity, UserRequest ureq, WindowControl wControl) {
// first handle special case: disabled wiki for security (XSS Attacks) reasons
BaseSecurityModule securityModule = CoreSpringFactory.getImpl(BaseSecurityModule.class);
if (!securityModule.isWikiEnabled()) {
return RepositoyUIFactory.createRepoEntryDisabledDueToSecurityMessageController(ureq, wControl);
}
// check role
boolean isOLatAdmin = ureq.getUserSession().getRoles().isOLATAdmin();
boolean isGuestOnly = ureq.getUserSession().getRoles().isGuestOnly();
boolean isResourceOwner = false;
if (isOLatAdmin) {
isResourceOwner = true;
} else {
isResourceOwner = reSecurity.isOwner();
}
OLATResource res = re.getOlatResource();
BusinessControl bc = wControl.getBusinessControl();
final ContextEntry ce = bc.popLauncherContextEntry();
SubscriptionContext subsContext = new SubscriptionContext(res, WikiManager.WIKI_RESOURCE_FOLDER_NAME);
final WikiSecurityCallback callback = new WikiSecurityCallbackImpl(null, isOLatAdmin, isGuestOnly, false, isResourceOwner, subsContext);
RepositoryEntryRuntimeController runtime = new RepositoryEntryRuntimeController(ureq, wControl, re, reSecurity, new RuntimeControllerCreator() {
@Override
public Controller create(UserRequest uureq, WindowControl wwControl, TooledStackedPanel toolbarPanel, RepositoryEntry entry, RepositoryEntrySecurity security, AssessmentMode assessmentMode) {
CoreSpringFactory.getImpl(UserCourseInformationsManager.class).updateUserCourseInformations(entry.getOlatResource(), uureq.getIdentity());
Controller controller;
if (ce != null) {
// jump to a certain context
OLATResourceable ores = ce.getOLATResourceable();
String typeName = ores.getResourceableTypeName();
String page = typeName.substring("page=".length());
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, page);
} else {
controller = new WikiMainController(uureq, wwControl, entry.getOlatResource(), callback, null);
}
return new OLATResourceableListeningWrapperController(uureq, wwControl, entry.getOlatResource(), controller, null, uureq.getIdentity());
}
});
return runtime;
}
use of org.olat.core.gui.UserRequest in project OpenOLAT by OpenOLAT.
the class CourseHandler method createWizardController.
@Override
public StepsMainRunController createWizardController(OLATResourceable res, UserRequest ureq, WindowControl wControl) {
// load the course structure
final RepositoryEntry repoEntry = (RepositoryEntry) res;
ICourse course = CourseFactory.loadCourse(repoEntry);
Translator cceTranslator = Util.createPackageTranslator(CourseCreationHelper.class, ureq.getLocale());
final CourseCreationConfiguration courseConfig = new CourseCreationConfiguration(course.getCourseTitle(), Settings.getServerContextPathURI() + "/url/RepositoryEntry/" + repoEntry.getKey());
// wizard finish callback called after "finish" is called
final CourseCreationHelper ccHelper = new CourseCreationHelper(ureq.getLocale(), repoEntry, courseConfig, course);
StepRunnerCallback finishCallback = new StepRunnerCallback() {
public Step execute(UserRequest uureq, WindowControl control, StepsRunContext runContext) {
// retrieve access and properties
CourseAccessAndProperties accessAndProps = (CourseAccessAndProperties) runContext.get("accessAndProperties");
courseConfig.setAccessAndProperties(accessAndProps);
// here goes the code which reads out the wizards data from the runContext and then does some wizardry
ccHelper.finalizeWorkflow(uureq);
control.setInfo(CourseCreationMailHelper.getSuccessMessageString(uureq));
// send notification mail
final MailerResult mr = CourseCreationMailHelper.sentNotificationMail(uureq, ccHelper.getConfiguration());
MailHelper.printErrorsAndWarnings(mr, control, uureq.getUserSession().getRoles().isOLATAdmin(), uureq.getLocale());
return StepsMainRunController.DONE_MODIFIED;
}
};
Step start = new CcStep00(ureq, courseConfig, repoEntry);
StepsMainRunController ccSMRC = new StepsMainRunController(ureq, wControl, start, finishCallback, null, cceTranslator.translate("coursecreation.title"), "o_sel_course_create_wizard");
return ccSMRC;
}
Aggregations