Test Failed
Push — master ( be4809...438eb5 )
by Misagh
10:37
created

InitialFlowSetupAction(List,ServicesManager,AuthenticationServiceSelectionPlan,CookieRetrievingCookieGenerator,CookieRetrievingCookieGenerator,CasConfigu   A

Complexity

Conditions 1

Size

Total Lines 12

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
cc 1
dl 0
loc 12
rs 9.4285
c 0
b 0
f 0
1
package org.apereo.cas.web.flow;
2
3
import org.apache.commons.lang3.StringUtils;
4
import org.apereo.cas.authentication.AuthenticationServiceSelectionPlan;
5
import org.apereo.cas.authentication.principal.Service;
6
import org.apereo.cas.configuration.CasConfigurationProperties;
7
import org.apereo.cas.services.RegisteredService;
8
import org.apereo.cas.services.RegisteredServiceAccessStrategy;
9
import org.apereo.cas.services.ServicesManager;
10
import org.apereo.cas.services.UnauthorizedServiceException;
11
import org.apereo.cas.web.support.ArgumentExtractor;
12
import org.apereo.cas.web.support.CookieRetrievingCookieGenerator;
13
import org.apereo.cas.web.support.WebUtils;
14
import org.slf4j.Logger;
15
import org.slf4j.LoggerFactory;
16
import org.springframework.webflow.action.AbstractAction;
17
import org.springframework.webflow.execution.Event;
18
import org.springframework.webflow.execution.RequestContext;
19
import org.springframework.webflow.execution.repository.NoSuchFlowExecutionException;
20
21
import javax.servlet.http.HttpServletRequest;
22
import java.util.List;
23
24
/**
25
 * Class to automatically set the paths for the CookieGenerators.
26
 * <p>
27
 * Note: This is technically not threadsafe, but because its overriding with a
28
 * constant value it doesn't matter.
29
 * <p>
30
 * Note: As of CAS 3.1, this is a required class that retrieves and exposes the
31
 * values in the two cookies for subclasses to use.
32
 *
33
 * @author Scott Battaglia
34
 * @since 3.1
35
 */
36
public class InitialFlowSetupAction extends AbstractAction {
37
38
    private static final Logger LOGGER = LoggerFactory.getLogger(InitialFlowSetupAction.class);
39
40
    private final CasConfigurationProperties casProperties;
41
    private final ServicesManager servicesManager;
42
    private final AuthenticationServiceSelectionPlan authenticationRequestServiceSelectionStrategies;
43
    private final CookieRetrievingCookieGenerator warnCookieGenerator;
44
    private final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator;
45
    private final List<ArgumentExtractor> argumentExtractors;
46
47
    public InitialFlowSetupAction(final List<ArgumentExtractor> argumentExtractors,
48
                                  final ServicesManager servicesManager,
49
                                  final AuthenticationServiceSelectionPlan authenticationRequestServiceSelectionPlan,
50
                                  final CookieRetrievingCookieGenerator ticketGrantingTicketCookieGenerator,
51
                                  final CookieRetrievingCookieGenerator warnCookieGenerator,
52
                                  final CasConfigurationProperties casProperties) {
53
        this.argumentExtractors = argumentExtractors;
54
        this.servicesManager = servicesManager;
55
        this.authenticationRequestServiceSelectionStrategies = authenticationRequestServiceSelectionPlan;
56
        this.ticketGrantingTicketCookieGenerator = ticketGrantingTicketCookieGenerator;
57
        this.warnCookieGenerator = warnCookieGenerator;
58
        this.casProperties = casProperties;
59
    }
60
61
    @Override
62
    protected Event doExecute(final RequestContext context) {
63
        configureCookieGenerators(context);
64
        configureWebflowContext(context);
65
        configureWebflowContextForService(context);
66
        return success();
67
    }
68
69
    private void configureWebflowContextForService(final RequestContext context) {
70
        final Service service = WebUtils.getService(this.argumentExtractors, context);
71
        if (service != null) {
72
            LOGGER.debug("Placing service in context scope: [{}]", service.getId());
73
74
            final Service selectedService = authenticationRequestServiceSelectionStrategies.resolveService(service);
75
            final RegisteredService registeredService = this.servicesManager.findServiceBy(selectedService);
76
            if (registeredService != null && registeredService.getAccessStrategy().isServiceAccessAllowed()) {
77
                LOGGER.debug("Placing registered service [{}] with id [{}] in context scope",
78
                        registeredService.getServiceId(),
79
                        registeredService.getId());
80
                WebUtils.putRegisteredService(context, registeredService);
81
82
                final RegisteredServiceAccessStrategy accessStrategy = registeredService.getAccessStrategy();
83
                if (accessStrategy.getUnauthorizedRedirectUrl() != null) {
84
                    LOGGER.debug("Placing registered service's unauthorized redirect url [{}] with id [{}] in context scope",
85
                            accessStrategy.getUnauthorizedRedirectUrl(),
86
                            registeredService.getServiceId());
87
                    WebUtils.putUnauthorizedRedirectUrl(context, accessStrategy.getUnauthorizedRedirectUrl());
88
                }
89
            }
90
        } else if (!casProperties.getSso().isMissingService()) {
91
            LOGGER.warn("No service authentication request is available at [{}]. CAS is configured to disable the flow.",
92
                    WebUtils.getHttpServletRequestFromExternalWebflowContext(context).getRequestURL());
93
            throw new NoSuchFlowExecutionException(context.getFlowExecutionContext().getKey(),
94
                    new UnauthorizedServiceException("screen.service.required.message", "Service is required"));
95
        }
96
        WebUtils.putService(context, service);
97
    }
98
99
    private void configureWebflowContext(final RequestContext context) {
100
        final HttpServletRequest request = WebUtils.getHttpServletRequestFromExternalWebflowContext(context);
101
        WebUtils.putTicketGrantingTicketInScopes(context, this.ticketGrantingTicketCookieGenerator.retrieveCookieValue(request));
102
        WebUtils.putGoogleAnalyticsTrackingIdIntoFlowScope(context, casProperties.getGoogleAnalytics().getGoogleAnalyticsTrackingId());
103
        WebUtils.putWarningCookie(context, Boolean.valueOf(this.warnCookieGenerator.retrieveCookieValue(request)));
104
        WebUtils.putGeoLocationTrackingIntoFlowScope(context, casProperties.getEvents().isTrackGeolocation());
105
        WebUtils.putRecaptchaSiteKeyIntoFlowScope(context, casProperties.getGoogleRecaptcha().getSiteKey());
106
        WebUtils.putStaticAuthenticationIntoFlowScope(context,
107
                StringUtils.isNotBlank(casProperties.getAuthn().getAccept().getUsers())
108
                        || StringUtils.isNotBlank(casProperties.getAuthn().getReject().getUsers()));
109
        WebUtils.putPasswordManagementEnabled(context, casProperties.getAuthn().getPm().isEnabled());
110
        WebUtils.putRememberMeAuthenticationEnabled(context, casProperties.getTicket().getTgt().getRememberMe().isEnabled());
111
    }
112
113
    private void configureCookieGenerators(final RequestContext context) {
114
        final String contextPath = context.getExternalContext().getContextPath();
115
        final String cookiePath = StringUtils.isNotBlank(contextPath) ? contextPath + '/' : "/";
116
117
        if (StringUtils.isBlank(this.warnCookieGenerator.getCookiePath())) {
118
            LOGGER.info("Setting path for cookies for warn cookie generator to: [{}] ", cookiePath);
119
            this.warnCookieGenerator.setCookiePath(cookiePath);
120
        } else {
121
            LOGGER.debug("Warning cookie path is set to [{}] and path [{}]", this.warnCookieGenerator.getCookieDomain(),
122
                    this.warnCookieGenerator.getCookiePath());
123
        }
124
        if (StringUtils.isBlank(this.ticketGrantingTicketCookieGenerator.getCookiePath())) {
125
            LOGGER.debug("Setting path for cookies for TGC cookie generator to: [{}] ", cookiePath);
126
            this.ticketGrantingTicketCookieGenerator.setCookiePath(cookiePath);
127
        } else {
128
            LOGGER.debug("TGC cookie path is set to [{}] and path [{}]", this.ticketGrantingTicketCookieGenerator.getCookieDomain(),
129
                    this.ticketGrantingTicketCookieGenerator.getCookiePath());
130
        }
131
    }
132
133
    public ServicesManager getServicesManager() {
134
        return servicesManager;
135
    }
136
}
137