Package org.cedj.geekseek.service.security.oauth

Source Code of org.cedj.geekseek.service.security.oauth.AuthServlet

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
package org.cedj.geekseek.service.security.oauth;

import java.io.IOException;

import javax.inject.Inject;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.cedj.geekseek.service.security.picketlink.HttpObjectHolder;
import org.picketlink.Identity;
import org.picketlink.Identity.AuthenticationResult;
import org.picketlink.authentication.AuthenticationException;

@WebServlet(urlPatterns={"/auth"})
public class AuthServlet extends HttpServlet {

    private static final long serialVersionUID = 1L;

    private static final String SESSION_REDIRECT = "auth_redirect";
    private static final String REFERER = "Referer";
    private static final String LOCATION = "Location";

    @Inject // need to produce a Response so it can be used by the Authenticator
    private HttpObjectHolder holder;

    @Inject
    private Identity identity;

    @Override
    public void service(ServletRequest req, ServletResponse resp) throws IOException,
        ServletException {

        HttpServletRequest request = (HttpServletRequest)req;
        HttpServletResponse response = (HttpServletResponse)resp;
        HttpSession session = request.getSession();
        holder.setup(request, response);

        if(!identity.isLoggedIn()) {
            if(session.getAttribute(SESSION_REDIRECT) == null) {
                session.setAttribute(SESSION_REDIRECT, request.getHeader(REFERER));
            }

            try {
                AuthenticationResult status = identity.login();
                if(status == AuthenticationResult.FAILED) {
                    if(response.getStatus() == 302) { // Authenticator is requesting a redirect
                        return;
                    }
                    response.setStatus(400);
                    response.getWriter().append("FAILED");
                } else {
                    String url = String.valueOf(request.getSession().getAttribute(SESSION_REDIRECT));
                    response.setStatus(302);
                    response.setHeader(LOCATION, url);
                    request.getSession().removeAttribute(SESSION_REDIRECT);
                }
            } catch(AuthenticationException e) {
                response.setStatus(400);
                response.getWriter().append(e.getMessage());
                e.printStackTrace();
            }
        }
        else {
            response.setStatus(302);
            response.setHeader("Location", request.getHeader("Referer"));
            response.getWriter().append("ALREADY_LOGGED_IN");
        }
    }
}
TOP

Related Classes of org.cedj.geekseek.service.security.oauth.AuthServlet

  • org.picketlink.Identity.AuthenticationResult
  • javax.servlet.http.HttpServletResponse
  • javax.servlet.http.HttpServletRequest
  • javax.servlet.http.HttpSession
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.