NIHVIVO-2696 de-couple the LoginRedirector from the LoginProcessBean.
This commit is contained in:
j2blake
parent
26ed55027d
commit
22507b11c0
4 changed files with 45 additions and 16 deletions
|
|
@ -133,7 +133,7 @@ public class UserAccountsUserController extends FreemarkerHttpServlet {
|
|||
}
|
||||
|
||||
private ResponseValues showLoginRedirection(VitroRequest vreq) {
|
||||
LoginRedirector lr = new LoginRedirector(vreq);
|
||||
LoginRedirector lr = new LoginRedirector(vreq, null);
|
||||
DisplayMessage.setMessage(vreq, lr.assembleWelcomeMessage());
|
||||
String uri = lr.getRedirectionUriForLoggedInUser();
|
||||
return new RedirectResponseValues(uri);
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@ import org.apache.commons.logging.LogFactory;
|
|||
|
||||
import edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSource;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
|
||||
|
||||
/**
|
||||
* Handle the return from the external authorization login server. If we are
|
||||
|
|
@ -36,6 +37,13 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
|
|||
* - User corresponds to a User acocunt. Record the login.
|
||||
* - User corresponds to an Individual (self-editor).
|
||||
* - User is not recognized.
|
||||
*
|
||||
* On entry, we expect to find:
|
||||
* - A LoginProcessBean, which will give us the afterLoginUrl if the login
|
||||
* succeeds.
|
||||
* - A referrer URL, to which we will redirect if the login fails.
|
||||
* TODO: is this equal to LoginProcessBean.getLoginPageUrl()?
|
||||
* These are removed on exit.
|
||||
* </pre>
|
||||
*/
|
||||
@Override
|
||||
|
|
@ -49,6 +57,9 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
|
|||
MESSAGE_LOGIN_FAILED);
|
||||
return;
|
||||
}
|
||||
|
||||
String afterLoginUrl = LoginProcessBean.getBean(req).getAfterLoginUrl();
|
||||
removeLoginProcessArtifacts(req);
|
||||
|
||||
UserAccount userAccount = getAuthenticator(req)
|
||||
.getAccountForExternalAuth(externalAuthId);
|
||||
|
|
@ -56,8 +67,7 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
|
|||
log.debug("Logging in as " + userAccount.getUri());
|
||||
getAuthenticator(req).recordLoginAgainstUserAccount(userAccount,
|
||||
AuthenticationSource.EXTERNAL);
|
||||
removeLoginProcessArtifacts(req);
|
||||
new LoginRedirector(req).redirectLoggedInUser(resp);
|
||||
new LoginRedirector(req, afterLoginUrl).redirectLoggedInUser(resp);
|
||||
return;
|
||||
}
|
||||
|
||||
|
|
@ -70,19 +80,19 @@ public class LoginExternalAuthReturn extends BaseLoginServlet {
|
|||
String uri = associatedUris.get(0);
|
||||
|
||||
getAuthenticator(req).recordLoginWithoutUserAccount(uri);
|
||||
removeLoginProcessArtifacts(req);
|
||||
new LoginRedirector(req).redirectLoggedInUser(resp);
|
||||
new LoginRedirector(req, afterLoginUrl).redirectLoggedInUser(resp);
|
||||
return;
|
||||
}
|
||||
|
||||
log.debug("User is not recognized: " + externalAuthId);
|
||||
removeLoginProcessArtifacts(req);
|
||||
new LoginRedirector(req).redirectUnrecognizedExternalUser(resp,
|
||||
new LoginRedirector(req, afterLoginUrl).redirectUnrecognizedExternalUser(resp,
|
||||
externalAuthId);
|
||||
}
|
||||
|
||||
private void removeLoginProcessArtifacts(HttpServletRequest req) {
|
||||
req.getSession().removeAttribute(ATTRIBUTE_REFERRER);
|
||||
LoginProcessBean.removeBean(req);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ import edu.cornell.mannlib.vitro.webapp.beans.BaseResourceBean.RoleLevel;
|
|||
import edu.cornell.mannlib.vitro.webapp.beans.DisplayMessage;
|
||||
import edu.cornell.mannlib.vitro.webapp.beans.UserAccount;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.Controllers;
|
||||
import edu.cornell.mannlib.vitro.webapp.controller.login.LoginProcessBean;
|
||||
|
||||
/**
|
||||
* A user has just completed the login process. What page do we direct them to?
|
||||
|
|
@ -34,15 +33,12 @@ public class LoginRedirector {
|
|||
private final String uriOfAssociatedIndividual;
|
||||
private final String afterLoginPage;
|
||||
|
||||
public LoginRedirector(HttpServletRequest request) {
|
||||
public LoginRedirector(HttpServletRequest request, String afterLoginPage) {
|
||||
this.request = request;
|
||||
this.session = request.getSession();
|
||||
this.afterLoginPage = afterLoginPage;
|
||||
|
||||
uriOfAssociatedIndividual = getAssociatedIndividualUri();
|
||||
|
||||
LoginProcessBean processBean = LoginProcessBean.getBean(request);
|
||||
log.debug("process bean is: " + processBean);
|
||||
afterLoginPage = processBean.getAfterLoginUrl();
|
||||
}
|
||||
|
||||
/** Is there an Individual associated with this user? */
|
||||
|
|
@ -106,7 +102,6 @@ public class LoginRedirector {
|
|||
try {
|
||||
DisplayMessage.setMessage(request, assembleWelcomeMessage());
|
||||
response.sendRedirect(getRedirectionUriForLoggedInUser());
|
||||
LoginProcessBean.removeBean(request);
|
||||
} catch (IOException e) {
|
||||
log.debug("Problem with re-direction", e);
|
||||
response.sendRedirect(getApplicationHomePageUrl());
|
||||
|
|
@ -142,7 +137,6 @@ public class LoginRedirector {
|
|||
throws IOException {
|
||||
try {
|
||||
response.sendRedirect(getRedirectionUriForCancellingUser());
|
||||
LoginProcessBean.removeBean(request);
|
||||
} catch (IOException e) {
|
||||
log.debug("Problem with re-direction", e);
|
||||
response.sendRedirect(getApplicationHomePageUrl());
|
||||
|
|
|
|||
|
|
@ -124,7 +124,7 @@ public class Authenticate extends VitroHttpServlet {
|
|||
// Send them on their way.
|
||||
switch (exitState) {
|
||||
case NOWHERE:
|
||||
new LoginRedirector(vreq).redirectCancellingUser(response);
|
||||
showLoginCanceled(response, vreq);
|
||||
break;
|
||||
case LOGGING_IN:
|
||||
showLoginScreen(vreq, response);
|
||||
|
|
@ -133,7 +133,7 @@ public class Authenticate extends VitroHttpServlet {
|
|||
showLoginScreen(vreq, response);
|
||||
break;
|
||||
default: // LOGGED_IN:
|
||||
new LoginRedirector(vreq).redirectLoggedInUser(response);
|
||||
showLoginComplete(response, vreq);
|
||||
break;
|
||||
}
|
||||
} catch (Exception e) {
|
||||
|
|
@ -477,6 +477,31 @@ public class Authenticate extends VitroHttpServlet {
|
|||
response.sendRedirect(loginProcessPage);
|
||||
return;
|
||||
}
|
||||
|
||||
/**
|
||||
* Exit: user has completed the login. Redirect appropriately and clear the bean.
|
||||
*/
|
||||
private void showLoginComplete(HttpServletResponse response,
|
||||
VitroRequest vreq) throws IOException {
|
||||
getLoginRedirector(vreq).redirectLoggedInUser(response);
|
||||
LoginProcessBean.removeBean(vreq);
|
||||
}
|
||||
|
||||
/**
|
||||
* Exit: user has canceled. Redirect and clear the bean.
|
||||
*/
|
||||
private void showLoginCanceled(HttpServletResponse response,
|
||||
VitroRequest vreq) throws IOException {
|
||||
getLoginRedirector(vreq).redirectCancellingUser(response);
|
||||
LoginProcessBean.removeBean(vreq);
|
||||
}
|
||||
|
||||
private LoginRedirector getLoginRedirector(VitroRequest vreq) {
|
||||
String afterLoginUrl = LoginProcessBean.getBean(vreq).getAfterLoginUrl();
|
||||
return new LoginRedirector(vreq, afterLoginUrl);
|
||||
}
|
||||
|
||||
|
||||
|
||||
/** Get a reference to the Authenticator. */
|
||||
private Authenticator getAuthenticator(HttpServletRequest request) {
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue