use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.
the class OrcidUrlManagerTest method setUpSavedRequest.
private Pair<HttpServletRequest, HttpServletResponse> setUpSavedRequest(String savedUrl) throws URISyntaxException {
URI uri = new URI(savedUrl);
MockHttpServletRequest savedRequest = new MockHttpServletRequest("GET", uri.getPath());
savedRequest.setScheme(uri.getScheme());
savedRequest.setServerName(uri.getHost());
savedRequest.setQueryString(uri.getQuery());
MockHttpServletResponse savedResponse = new MockHttpServletResponse();
HttpSessionRequestCache sessionCache = new HttpSessionRequestCache();
sessionCache.saveRequest(savedRequest, savedResponse);
MockHttpServletRequest currentRequest = new MockHttpServletRequest();
currentRequest.setSession(savedRequest.getSession());
MockHttpServletResponse currentResponse = new MockHttpServletResponse();
return new ImmutablePair<>(currentRequest, currentResponse);
}
use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.
the class OrcidUrlManager method determineFullTargetUrlFromSavedRequest.
public String determineFullTargetUrlFromSavedRequest(HttpServletRequest request, HttpServletResponse response) {
SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
String url = null;
if (savedRequest != null) {
url = savedRequest.getRedirectUrl();
if (url != null) {
String contextPath = request.getContextPath();
// run behind nginx.
if (getBasePath().equals("/") && !contextPath.equals("/"))
url = url.replaceFirst(contextPath.replace("/", "\\/"), "");
// example.
if (!SAVED_REQUEST_PATTERN.matcher(url).find()) {
url = null;
}
}
}
return url;
}
use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project spring-security by spring-projects.
the class ExceptionTranslationFilterTests method getSavedRequestUrl.
private static String getSavedRequestUrl(HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session == null) {
return null;
}
HttpSessionRequestCache rc = new HttpSessionRequestCache();
SavedRequest sr = rc.getRequest(request, new MockHttpServletResponse());
return sr.getRedirectUrl();
}
use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project spring-security by spring-projects.
the class ExceptionTranslationFilterTests method redirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException.
@Test
public void redirectedToLoginFormAndSessionShowsOriginalTargetWithExoticPortWhenAuthenticationException() throws Exception {
// Setup our HTTP request
MockHttpServletRequest request = new MockHttpServletRequest();
request.setServletPath("/secure/page.html");
request.setServerPort(8080);
request.setScheme("http");
request.setServerName("www.example.com");
request.setContextPath("/mycontext");
request.setRequestURI("/mycontext/secure/page.html");
// Setup the FilterChain to thrown an authentication failure exception
FilterChain fc = mock(FilterChain.class);
doThrow(new BadCredentialsException("")).when(fc).doFilter(any(HttpServletRequest.class), any(HttpServletResponse.class));
// Test
HttpSessionRequestCache requestCache = new HttpSessionRequestCache();
ExceptionTranslationFilter filter = new ExceptionTranslationFilter(mockEntryPoint, requestCache);
requestCache.setPortResolver(new MockPortResolver(8080, 8443));
filter.afterPropertiesSet();
MockHttpServletResponse response = new MockHttpServletResponse();
filter.doFilter(request, response, fc);
assertThat(response.getRedirectedUrl()).isEqualTo("/mycontext/login.jsp");
assertThat(getSavedRequestUrl(request)).isEqualTo("http://www.example.com:8080/mycontext/secure/page.html");
}
use of org.springframework.security.web.savedrequest.HttpSessionRequestCache in project ORCID-Source by ORCID.
the class OauthRegistrationController method checkRegisterForm.
@RequestMapping(value = "/oauth/custom/register.json", method = RequestMethod.POST)
@ResponseBody
public OauthRegistrationForm checkRegisterForm(HttpServletRequest request, HttpServletResponse response, @RequestBody OauthRegistrationForm form) {
form.setErrors(new ArrayList<String>());
RequestInfoForm requestInfoForm = (RequestInfoForm) request.getSession().getAttribute(REQUEST_INFO_FORM);
if (form.getApproved()) {
registrationController.validateRegistrationFields(request, form);
registrationController.validateGrcaptcha(request, form);
} else {
SavedRequest savedRequest = new HttpSessionRequestCache().getRequest(request, response);
String stateParam = null;
if (savedRequest != null && savedRequest.getParameterMap() != null && savedRequest.getParameterValues("state") != null) {
if (savedRequest.getParameterValues("state").length > 0)
stateParam = savedRequest.getParameterValues("state")[0];
}
form.setRedirectUrl(buildDenyRedirectUri(requestInfoForm.getRedirectUrl(), stateParam));
}
return form;
}
Aggregations