Search in sources :

Example 6 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.

the class OrcidUrlManagerTest method setUpSavedRequest.

private Pair<HttpServletRequest, HttpServletResponse> setUpSavedRequest(String savedUrl) throws URISyntaxException {
    URI uri = new URI(savedUrl);
    MockHttpServletRequest savedRequest = new MockHttpServletRequest("GET", uri.getPath());
    savedRequest.setScheme(uri.getScheme());
    savedRequest.setServerName(uri.getHost());
    savedRequest.setQueryString(uri.getQuery());
    MockHttpServletResponse savedResponse = new MockHttpServletResponse();
    HttpSessionRequestCache sessionCache = new HttpSessionRequestCache();
    sessionCache.saveRequest(savedRequest, savedResponse);
    MockHttpServletRequest currentRequest = new MockHttpServletRequest();
    currentRequest.setSession(savedRequest.getSession());
    MockHttpServletResponse currentResponse = new MockHttpServletResponse();
    return new ImmutablePair<>(currentRequest, currentResponse);
}
Also used : ImmutablePair(org.apache.commons.lang3.tuple.ImmutablePair) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) URI(java.net.URI) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)

Example 7 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.

the class OrcidUrlManager method determineFullTargetUrlFromSavedRequest.

public String determineFullTargetUrlFromSavedRequest(HttpServletRequest request, HttpServletResponse response) {
    SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
    String url = null;
    if (savedRequest != null) {
        url = savedRequest.getRedirectUrl();
        if (url != null) {
            String contextPath = request.getContextPath();
            // run behind nginx.
            if (getBasePath().equals("/") && !contextPath.equals("/"))
                url = url.replaceFirst(contextPath.replace("/", "\\/"), "");
            // example.
            if (!SAVED_REQUEST_PATTERN.matcher(url).find()) {
                url = null;
            }
        }
    }
    return url;
}
Also used : HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)

Example 8 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project spring-security by spring-projects.

the class ExceptionTranslationFilterTests method getSavedRequestUrl.

private static String getSavedRequestUrl(HttpServletRequest request) {
    HttpSession session = request.getSession(false);
    if (session == null) {
        return null;
    }
    HttpSessionRequestCache rc = new HttpSessionRequestCache();
    SavedRequest sr = rc.getRequest(request, new MockHttpServletResponse());
    return sr.getRedirectUrl();
}
Also used : HttpSession(javax.servlet.http.HttpSession) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) SavedRequest(org.springframework.security.web.savedrequest.SavedRequest)

Example 9 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project spring-security by spring-projects.

the class ExceptionTranslationFilterTests method redirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException.

@Test
public void redirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException() throws Exception {
    // Setup our HTTP request
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setServletPath("/secure/page.html");
    request.setServerPort(8080);
    request.setScheme("http");
    request.setServerName("www.example.com");
    request.setContextPath("/mycontext");
    request.setRequestURI("/mycontext/secure/page.html");
    // Setup the FilterChain to thrown an authentication failure exception
    FilterChain fc = mock(FilterChain.class);
    doThrow(new BadCredentialsException("")).when(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
    // Test
    HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
    ExceptionTranslationFilter filter = new ExceptionTranslationFilter(mockEntryPoint, requestCache);
    requestCache.setPortResolver(new MockPortResolver(8080, 8443));
    filter.afterPropertiesSet();
    MockHttpServletResponse response = new MockHttpServletResponse();
    filter.doFilter(request, response, fc);
    assertThat(response.getRedirectedUrl()).isEqualTo("/mycontext/login.jsp");
    assertThat(getSavedRequestUrl(request)).isEqualTo("http://www.example.com:8080/mycontext/secure/page.html");
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) MockPortResolver(org.springframework.security.MockPortResolver) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) FilterChain(javax.servlet.FilterChain) HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) HttpServletResponse(javax.servlet.http.HttpServletResponse) BadCredentialsException(org.springframework.security.authentication.BadCredentialsException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) Test(org.junit.Test)

Example 10 with HttpSessionRequestCache

use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.

the class OauthRegistrationController method checkRegisterForm.

@RequestMapping(value = "/oauth/custom/register.json", method = RequestMethod.POST)
@ResponseBody
public OauthRegistrationForm checkRegisterForm(HttpServletRequest request, HttpServletResponse response, @RequestBody OauthRegistrationForm form) {
    form.setErrors(new ArrayList<String>());
    RequestInfoForm requestInfoForm = (RequestInfoForm) request.getSession().getAttribute(REQUEST_INFO_FORM);
    if (form.getApproved()) {
        registrationController.validateRegistrationFields(request, form);
        registrationController.validateGrcaptcha(request, form);
    } else {
        SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
        String stateParam = null;
        if (savedRequest != null && savedRequest.getParameterMap() != null && savedRequest.getParameterValues("state") != null) {
            if (savedRequest.getParameterValues("state").length > 0)
                stateParam = savedRequest.getParameterValues("state")[0];
        }
        form.setRedirectUrl(buildDenyRedirectUri(requestInfoForm.getRedirectUrl(), stateParam));
    }
    return form;
}
Also used : HttpSessionRequestCache(org.springframework.security.web.savedrequest.HttpSessionRequestCache) RequestInfoForm(org.orcid.pojo.ajaxForm.RequestInfoForm) SavedRequest(org.springframework.security.web.savedrequest.SavedRequest) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Aggregations

HttpSessionRequestCache (org.springframework.security.web.savedrequest.HttpSessionRequestCache)12 SavedRequest (org.springframework.security.web.savedrequest.SavedRequest)6 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)5 RequestInfoForm (org.orcid.pojo.ajaxForm.RequestInfoForm)4 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)4 HashMap (java.util.HashMap)3 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3 Authentication (org.springframework.security.core.Authentication)3 SimpleSessionStatus (org.springframework.web.bind.support.SimpleSessionStatus)3 RedirectView (org.springframework.web.servlet.view.RedirectView)3 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2 HttpSession (javax.servlet.http.HttpSession)2 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)2 RedirectMismatchException (org.springframework.security.oauth2.common.exceptions.RedirectMismatchException)2 URI (java.net.URI)1 Locale (java.util.Locale)1 Matcher (java.util.regex.Matcher)1 FilterChain (javax.servlet.FilterChain)1 ServletException (javax.servlet.ServletException)1