NIHVIVO-1399 create a servlet and template to use in faking external authentication. Add the info to web.xml, but commented out.

2010-11-28 22:35:07 +00:00 · 2010-11-28 22:35:07 +00:00 · bdfe0d018d
commit bdfe0d018d
parent 7ac8b0c811
3 changed files with 161 additions and 0 deletions
--- a/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/FakeExternalAuthController.java
+++ b/webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/FakeExternalAuthController.java
@ -0,0 +1,130 @@
+/* $This file is distributed under the terms of the license in /doc/license.txt$ */
+
+package edu.cornell.mannlib.vitro.webapp.controller.authenticate;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+
+import edu.cornell.mannlib.vedit.beans.LoginStatusBean;
+import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
+import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
+import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
+
+/**
+ * This allows a DBA to pretend that he's logged in with an external username.
+ */
+public class FakeExternalAuthController extends FreemarkerHttpServlet {
+	private static final Log log = LogFactory
+			.getLog(FakeExternalAuthController.class);
+
+	private static final String URL_FAKE_CONTROLLER = "/admin/fakeExternalAuth";
+	private static final String URL_EXTERNAL_AUTH_RETURN = "/loginExternalAuthReturn";
+
+	private static final String TEMPLATE_DEFAULT = "fakeExternalAuth.ftl";
+
+	private static final String PARAMETER_USERNAME = "username";
+	private static final String PARAMETER_CANCEL = "cancel";
+
+	@Override
+	public void init() throws ServletException {
+		log.debug("storing the bean.");
+		ExternalAuthHelper.setBean(getServletContext(),
+				new FakeExternalAuthHelper(null));
+	}
+	
+	@Override
+	protected String getTitle(String siteName) {
+		return "Fake external login " + siteName;
+	}
+
+	@Override
+	protected ResponseValues processRequest(VitroRequest vreq) {
+		if (isCancelRequested(vreq)) {
+			log.debug("cancelling.");
+			setFakeExternalAuthHelper(vreq, null);
+			return makeRedirectResponse();
+		} else if (isUsernameSupplied(vreq)) {
+			log.debug("faking as '" + getUsername(vreq) + "'");
+			setFakeExternalAuthHelper(vreq, getUsername(vreq));
+			return makeRedirectResponse();
+		} else {
+			log.debug("show the form.");
+			return makeShowFormResponse();
+		}
+	}
+
+	private boolean isCancelRequested(VitroRequest vreq) {
+		String cancelString = vreq.getParameter(PARAMETER_CANCEL);
+		return (cancelString != null) && (!cancelString.isEmpty());
+	}
+
+	private void setFakeExternalAuthHelper(HttpServletRequest req,
+			String username) {
+		ExternalAuthHelper.setBean(req.getSession().getServletContext(),
+				new FakeExternalAuthHelper(username));
+	}
+
+	private boolean isUsernameSupplied(VitroRequest vreq) {
+		String username = getUsername(vreq);
+		return ((username != null) && (!username.isEmpty()));
+	}
+
+	private String getUsername(VitroRequest vreq) {
+		return vreq.getParameter(PARAMETER_USERNAME);
+	}
+
+	private TemplateResponseValues makeShowFormResponse() {
+		Map<String, Object> body = new HashMap<String, Object>();
+		body.put("controllerUrl", UrlBuilder.getUrl(URL_FAKE_CONTROLLER));
+		return new TemplateResponseValues(TEMPLATE_DEFAULT, body);
+	}
+
+	private RedirectResponseValues makeRedirectResponse() {
+		return new RedirectResponseValues(
+				UrlBuilder.getUrl(URL_EXTERNAL_AUTH_RETURN));
+	}
+
+	/**
+	 * This implementation of ExternalAuthHelper ignores any configuration
+	 * properties. This controller is used as the exernal authorization server,
+	 * and the username that is set by this controller is used as the external
+	 * username.
+	 */
+	public static class FakeExternalAuthHelper extends ExternalAuthHelper {
+		private final String username;
+
+		private FakeExternalAuthHelper(String username) {
+			super(null, null);
+			this.username = username;
+		}
+
+		@Override
+		public String buildExternalAuthRedirectUrl(String returnUrl) {
+			int lastSlash = returnUrl.lastIndexOf("/");
+			String homeUrl = returnUrl.substring(0, lastSlash);
+			String url = homeUrl + URL_FAKE_CONTROLLER;
+			log.debug("externalAuth URL is '" + url + "'");
+			return url;
+		}
+
+		@Override
+		public String getExternalUsername(HttpServletRequest request) {
+			log.debug("external username is '" + username + "'");
+			return username;
+		}
+
+		@Override
+		public String toString() {
+			return "FakeExternalAuthHelper[username='" + username + "']";
+		}
+
+	}
+}