NIHVIVO-1207 Change SelfEditingIdentifierFactory to enable self-editing whether internal or external. Move the logic for associating users with Individuals to SelfEditingConfiguration bean.
This commit is contained in:
jeb228
parent
1365f0a665
commit
1f91fc7f0a
7 changed files with 173 additions and 73 deletions
|
|
@ -9,7 +9,7 @@ import javax.servlet.http.HttpSession;
|
|||
import edu.cornell.mannlib.vitro.webapp.auth.identifier.SelfEditingIdentifierFactory.NetId;
|
||||
import edu.cornell.mannlib.vitro.webapp.auth.policy.RoleBasedPolicy;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
/**
|
||||
|
|
@ -35,8 +35,8 @@ public class FakeSelfEditingIdentifierFactory implements IdentifierBundleFactory
|
|||
NetId netIdToken = new NetId(netid);
|
||||
ib.add(netIdToken);
|
||||
|
||||
ExternalAuthHelper helper = ExternalAuthHelper.getHelper(request);
|
||||
String uri = helper.getIndividualUriFromNetId(wdf.getIndividualDao(), netid);
|
||||
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(request);
|
||||
String uri = sec.getIndividualUriFromUsername(wdf.getIndividualDao(), netid);
|
||||
if( uri != null ){
|
||||
Individual ind = wdf.getIndividualDao().getIndividualByURI(uri);
|
||||
if( ind != null ){
|
||||
|
|
|
|||
|
|
@ -27,27 +27,19 @@ import com.hp.hpl.jena.rdf.model.Model;
|
|||
import com.hp.hpl.jena.rdf.model.RDFNode;
|
||||
import com.hp.hpl.jena.rdf.model.Resource;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties;
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.WebappDaoFactory;
|
||||
|
||||
/**
|
||||
* Attempts to pull a NetId and a SelfEditing identifier from the externally
|
||||
* authorized username.
|
||||
*
|
||||
* @author bdc34, trashed by jeb228
|
||||
*/
|
||||
public class SelfEditingIdentifierFactory implements IdentifierBundleFactory {
|
||||
private static final Log log = LogFactory.getLog(SelfEditingIdentifierFactory.class);
|
||||
|
||||
/**
|
||||
* The configuration property that names the HTTP header that will hold the
|
||||
* username from the external authorization system.
|
||||
*/
|
||||
private static final String PROPERTY_EXTERNAL_AUTH_HEADER_NAME = "externalAuth.headerName";
|
||||
|
||||
private static final int MAXIMUM_USERNAME_LENGTH = 100;
|
||||
|
||||
public IdentifierBundle getIdentifierBundle(ServletRequest request,
|
||||
|
|
@ -60,48 +52,64 @@ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory {
|
|||
log.debug("request is for " + req.getRequestURI());
|
||||
|
||||
NetId netId = figureNetId(req);
|
||||
SelfEditing selfId = figureSelfEditingId(req, netId);
|
||||
SelfEditing selfId = figureSelfEditingId(req);
|
||||
|
||||
return buildIdentifierBundle(netId, selfId);
|
||||
}
|
||||
|
||||
/**
|
||||
* Get the name of the externally authorized user and put it into a NetId.
|
||||
* If the user is externally authorized, create a NetId identifier.
|
||||
*/
|
||||
private NetId figureNetId(HttpServletRequest req) {
|
||||
String externalAuthHeaderName = ConfigurationProperties.getProperty(PROPERTY_EXTERNAL_AUTH_HEADER_NAME);
|
||||
if (isEmpty(externalAuthHeaderName)) {
|
||||
log.debug(PROPERTY_EXTERNAL_AUTH_HEADER_NAME + " property is not configured.");
|
||||
LoginStatusBean bean = LoginStatusBean.getBean(req);
|
||||
String username = bean.getUsername();
|
||||
|
||||
if (!bean.isLoggedIn()) {
|
||||
log.debug("No NetId: not logged in.");
|
||||
return null;
|
||||
}
|
||||
|
||||
String externalUsername = req.getHeader(externalAuthHeaderName);
|
||||
if (isEmpty(externalUsername)) {
|
||||
log.debug("The external username is empty.");
|
||||
if (isEmpty(username)) {
|
||||
log.debug("No NetId: username is empty.");
|
||||
return null;
|
||||
}
|
||||
if (externalUsername.length() > MAXIMUM_USERNAME_LENGTH) {
|
||||
|
||||
if (!bean.hasExternalAuthentication()) {
|
||||
log.debug("No NetId: user '" + bean.getUsername() +
|
||||
"' did not use external authentication.");
|
||||
return null;
|
||||
}
|
||||
|
||||
if (username.length() > MAXIMUM_USERNAME_LENGTH) {
|
||||
log.info("The external username is longer than " + MAXIMUM_USERNAME_LENGTH
|
||||
+ " chars; this may be a malicious request");
|
||||
return null;
|
||||
}
|
||||
|
||||
return new NetId(externalUsername);
|
||||
return new NetId(username);
|
||||
}
|
||||
|
||||
/**
|
||||
* If the externally authorized username is associated with an Individual in
|
||||
* the model, create a SelfEditing identifier.
|
||||
* If the authorized username is associated with an Individual in the model,
|
||||
* create a SelfEditing identifier.
|
||||
*/
|
||||
private SelfEditing figureSelfEditingId(HttpServletRequest request,
|
||||
NetId netId) {
|
||||
if (netId == null) {
|
||||
private SelfEditing figureSelfEditingId(HttpServletRequest req) {
|
||||
LoginStatusBean bean = LoginStatusBean.getBean(req);
|
||||
String username = bean.getUsername();
|
||||
|
||||
if (!bean.isLoggedIn()) {
|
||||
log.debug("No SelfEditing: not logged in.");
|
||||
return null;
|
||||
}
|
||||
String username = netId.getValue();
|
||||
|
||||
HttpSession session = request.getSession(false);
|
||||
if (isEmpty(username)) {
|
||||
log.debug("No SelfEditing: username is empty.");
|
||||
return null;
|
||||
}
|
||||
|
||||
HttpSession session = req.getSession(false);
|
||||
if (session == null) {
|
||||
log.debug("No SelfEditing: session is null.");
|
||||
return null;
|
||||
}
|
||||
|
||||
|
|
@ -115,16 +123,16 @@ public class SelfEditingIdentifierFactory implements IdentifierBundleFactory {
|
|||
|
||||
IndividualDao indDao = wdf.getIndividualDao();
|
||||
|
||||
ExternalAuthHelper helper = ExternalAuthHelper.getHelper(request);
|
||||
String uri = helper.getIndividualUriFromNetId(indDao, username);
|
||||
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(req);
|
||||
String uri = sec.getIndividualUriFromUsername(indDao, username);
|
||||
if (uri == null) {
|
||||
log.debug("could not find an Individual with a netId of "
|
||||
log.debug("Could not find an Individual with a netId of "
|
||||
+ username);
|
||||
}
|
||||
|
||||
Individual ind = indDao.getIndividualByURI(uri);
|
||||
if (ind == null) {
|
||||
log.warn("found a URI for the netId " + username
|
||||
log.warn("Found a URI for the netId " + username
|
||||
+ " but could not build Individual");
|
||||
return null;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -0,0 +1,114 @@
|
|||
/* $This file is distributed under the terms of the license in /doc/license.txt$ */
|
||||
|
||||
package edu.cornell.mannlib.vitro.webapp.beans;
|
||||
|
||||
import javax.servlet.ServletRequest;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.commons.logging.Log;
|
||||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vitro.webapp.ConfigurationProperties;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
|
||||
/**
|
||||
* Holds the configuration properties used in Self-Editing, and some commonly
|
||||
* used methods on those properties.
|
||||
*/
|
||||
public class SelfEditingConfiguration {
|
||||
private static final Log log = LogFactory
|
||||
.getLog(SelfEditingConfiguration.class);
|
||||
|
||||
private static final String BEAN_ATTRIBUTE = SelfEditingConfiguration.class
|
||||
.getName();
|
||||
|
||||
/**
|
||||
* This configuration property tells us which data property on the
|
||||
* Individual is used to associate it with a net ID.
|
||||
*/
|
||||
private static final String PROPERTY_SELF_EDITING_ID_MATCHING_PROPERTY = "selfEditing.idMatchingProperty";
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// static methods
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
/**
|
||||
* If there is no session, create a bean on the fly. If there is a session,
|
||||
* get the existing bean, or create one and store it for re-use.
|
||||
*
|
||||
* Never returns null.
|
||||
*/
|
||||
public static SelfEditingConfiguration getBean(ServletRequest request) {
|
||||
if (!(request instanceof HttpServletRequest)) {
|
||||
log.trace("Not an HttpServletRequest: " + request);
|
||||
return buildBean();
|
||||
}
|
||||
|
||||
HttpSession session = ((HttpServletRequest) request).getSession(false);
|
||||
if (session == null) {
|
||||
log.trace("No session; no need to create one.");
|
||||
return buildBean();
|
||||
}
|
||||
|
||||
Object attr = session.getAttribute(BEAN_ATTRIBUTE);
|
||||
if (attr instanceof SelfEditingConfiguration) {
|
||||
log.trace("Found a bean: " + attr);
|
||||
return (SelfEditingConfiguration) attr;
|
||||
}
|
||||
|
||||
SelfEditingConfiguration bean = buildBean();
|
||||
log.debug("Created a bean: " + bean);
|
||||
session.setAttribute(BEAN_ATTRIBUTE, bean);
|
||||
return bean;
|
||||
}
|
||||
|
||||
private static SelfEditingConfiguration buildBean() {
|
||||
String selfEditingIdMatchingProperty = ConfigurationProperties
|
||||
.getProperty(PROPERTY_SELF_EDITING_ID_MATCHING_PROPERTY);
|
||||
return new SelfEditingConfiguration(selfEditingIdMatchingProperty);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// the bean
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private final String selfEditingIdMatchingProperty;
|
||||
|
||||
public SelfEditingConfiguration(String selfEditingIdMatchingProperty) {
|
||||
this.selfEditingIdMatchingProperty = trimThis(selfEditingIdMatchingProperty);
|
||||
}
|
||||
|
||||
private String trimThis(String string) {
|
||||
if (string == null) {
|
||||
return null;
|
||||
} else {
|
||||
return string.trim();
|
||||
}
|
||||
}
|
||||
|
||||
public String getIndividualUriFromUsername(IndividualDao indDao,
|
||||
String username) {
|
||||
if (indDao == null) {
|
||||
return null;
|
||||
}
|
||||
if (username == null) {
|
||||
return null;
|
||||
}
|
||||
if (selfEditingIdMatchingProperty == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
String uri = indDao.getIndividualURIFromNetId(username,
|
||||
selfEditingIdMatchingProperty);
|
||||
log.debug("Username=" + username + ", individual URI=" + uri);
|
||||
return uri;
|
||||
}
|
||||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "SelfEditingConfiguration[selfEditingIdMatchingProperty="
|
||||
+ selfEditingIdMatchingProperty + "]";
|
||||
}
|
||||
|
||||
}
|
||||
|
|
@ -38,8 +38,8 @@ import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
|||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.filestorage.model.FileInfo;
|
||||
|
|
@ -389,7 +389,8 @@ public class EntityController extends VitroHttpServlet {
|
|||
if (netIdStr==null || netIdStr.equals(""))
|
||||
netIdStr = vreq.getParameter("netid");
|
||||
if ( netIdStr != null ){
|
||||
uri = ExternalAuthHelper.getHelper(vreq).getIndividualUriFromNetId(iwDao, netIdStr);
|
||||
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(vreq);
|
||||
uri = sec.getIndividualUriFromUsername(iwDao, netIdStr);
|
||||
return iwDao.getIndividualByURI(uri);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ public class ExternalAuthHelper {
|
|||
private static final Log log = LogFactory.getLog(ExternalAuthHelper.class);
|
||||
|
||||
private static final ExternalAuthHelper DUMMY_HELPER = new ExternalAuthHelper(
|
||||
null, null, null);
|
||||
null, null);
|
||||
|
||||
private static final String BEAN_ATTRIBUTE = ExternalAuthHelper.class
|
||||
.getName();
|
||||
|
|
@ -34,9 +34,6 @@ public class ExternalAuthHelper {
|
|||
/** This configuration property points to the external authorization server. */
|
||||
private static final String PROPERTY_EXTERNAL_AUTH_SERVER_URL = "externalAuth.serverUrl";
|
||||
|
||||
/** This configuration property says what ties an Individual to a NetID */
|
||||
private static final String PROPERTY_NETID_MATCHING_RELATION = "externalAuth.netidMatchingProperty";
|
||||
|
||||
/** This configuration property says which HTTP header holds the username. */
|
||||
public static final String PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER = "externalAuth.headerName";
|
||||
|
||||
|
|
@ -75,28 +72,24 @@ public class ExternalAuthHelper {
|
|||
}
|
||||
|
||||
private static ExternalAuthHelper buildBean() {
|
||||
String netidMatchingPropertyUri = ConfigurationProperties
|
||||
.getProperty(PROPERTY_NETID_MATCHING_RELATION);
|
||||
String externalAuthServerUrl = ConfigurationProperties
|
||||
.getProperty(PROPERTY_EXTERNAL_AUTH_SERVER_URL);
|
||||
String externalAuthHeaderName = ConfigurationProperties
|
||||
.getProperty(PROPERTY_EXTERNAL_AUTH_USERNAME_HEADER);
|
||||
|
||||
return new ExternalAuthHelper(netidMatchingPropertyUri,
|
||||
externalAuthServerUrl, externalAuthHeaderName);
|
||||
return new ExternalAuthHelper(externalAuthServerUrl,
|
||||
externalAuthHeaderName);
|
||||
}
|
||||
|
||||
// ----------------------------------------------------------------------
|
||||
// the bean
|
||||
// ----------------------------------------------------------------------
|
||||
|
||||
private final String netidMatchingPropertyUri;
|
||||
private final String externalAuthServerUrl;
|
||||
private final String externalAuthHeaderName;
|
||||
|
||||
private ExternalAuthHelper(String netidMatchingPropertyUri,
|
||||
String externalAuthServerUrl, String externalAuthHeaderName) {
|
||||
this.netidMatchingPropertyUri = trimThis(netidMatchingPropertyUri);
|
||||
private ExternalAuthHelper(String externalAuthServerUrl,
|
||||
String externalAuthHeaderName) {
|
||||
this.externalAuthServerUrl = trimThis(externalAuthServerUrl);
|
||||
this.externalAuthHeaderName = trimThis(externalAuthHeaderName);
|
||||
}
|
||||
|
|
@ -109,23 +102,6 @@ public class ExternalAuthHelper {
|
|||
}
|
||||
}
|
||||
|
||||
public String getIndividualUriFromNetId(IndividualDao indDao, String netId) {
|
||||
if (indDao == null) {
|
||||
return null;
|
||||
}
|
||||
if (netId == null) {
|
||||
return null;
|
||||
}
|
||||
if (netidMatchingPropertyUri == null) {
|
||||
return null;
|
||||
}
|
||||
|
||||
String uri = indDao.getIndividualURIFromNetId(netId,
|
||||
netidMatchingPropertyUri);
|
||||
log.debug("Netid=" + netId + ", individual URI=" + uri);
|
||||
return uri;
|
||||
}
|
||||
|
||||
public String buildExternalAuthRedirectUrl(String returnUrl) {
|
||||
if (returnUrl == null) {
|
||||
log.error("returnUrl is null.");
|
||||
|
|
@ -170,8 +146,7 @@ public class ExternalAuthHelper {
|
|||
|
||||
@Override
|
||||
public String toString() {
|
||||
return "ExternalAuthHelper[netidMatchingPropertyUri="
|
||||
+ netidMatchingPropertyUri + ", externalAuthServerUrl="
|
||||
return "ExternalAuthHelper[externalAuthServerUrl="
|
||||
+ externalAuthServerUrl + ", externalAuthHeaderName="
|
||||
+ externalAuthHeaderName + "]";
|
||||
}
|
||||
|
|
|
|||
|
|
@ -14,6 +14,7 @@ import org.apache.commons.logging.Log;
|
|||
import org.apache.commons.logging.LogFactory;
|
||||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
|
|
@ -78,8 +79,8 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
|
|||
}
|
||||
IndividualDao indDao = new VitroRequest(req).getWebappDaoFactory()
|
||||
.getIndividualDao();
|
||||
return ExternalAuthHelper.getHelper(req).getIndividualUriFromNetId(
|
||||
indDao, username);
|
||||
return SelfEditingConfiguration.getBean(req)
|
||||
.getIndividualUriFromUsername(indDao, username);
|
||||
}
|
||||
|
||||
private void removeLoginProcessArtifacts(HttpServletRequest req) {
|
||||
|
|
|
|||
|
|
@ -37,9 +37,9 @@ import edu.cornell.mannlib.vitro.webapp.beans.Individual;
|
|||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectProperty;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.ObjectPropertyStatement;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.Portal;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.SelfEditingConfiguration;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.VClass;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.authenticate.ExternalAuthHelper;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.IndividualDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.dao.ObjectPropertyDao;
|
||||
import edu.cornell.mannlib.vitro.webapp.edit.n3editing.EditConfiguration;
|
||||
|
|
@ -366,7 +366,8 @@ public class IndividualController extends FreemarkerHttpServlet {
|
|||
if (netIdStr==null || netIdStr.equals(""))
|
||||
netIdStr = vreq.getParameter("netid");
|
||||
if ( netIdStr != null ){
|
||||
uri = ExternalAuthHelper.getHelper(vreq).getIndividualUriFromNetId(iwDao, netIdStr);
|
||||
SelfEditingConfiguration sec = SelfEditingConfiguration.getBean(vreq);
|
||||
uri = sec.getIndividualUriFromUsername(iwDao, netIdStr);
|
||||
return iwDao.getIndividualByURI(uri);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue