001/*
002 * (C) Copyright 2012 Nuxeo SA (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Thierry Martins
016 */
017package org.nuxeo.ecm.platform.web.common.external;
018
019import static org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants.REQUESTED_URL;
020
021import java.io.IOException;
022import java.io.UnsupportedEncodingException;
023import java.net.URLDecoder;
024
025import javax.servlet.Filter;
026import javax.servlet.FilterChain;
027import javax.servlet.FilterConfig;
028import javax.servlet.ServletException;
029import javax.servlet.ServletRequest;
030import javax.servlet.ServletResponse;
031import javax.servlet.http.HttpServletRequest;
032import javax.servlet.http.HttpServletResponse;
033import javax.servlet.http.HttpSession;
034
035import org.apache.commons.logging.Log;
036import org.apache.commons.logging.LogFactory;
037import org.nuxeo.ecm.platform.ui.web.auth.NXAuthConstants;
038import org.nuxeo.ecm.platform.ui.web.auth.service.PluggableAuthenticationService;
039import org.nuxeo.runtime.api.Framework;
040
041/**
042 * Filter that checks if the current request was called from an external tool (MS Office for instance)
043 * <p/>
044 * Then if a session was already opened in user browser, it automatically redirects to the requested URL
045 *
046 * @author Thierry Martins
047 * @since 5.6
048 */
049public class ExternalRequestFilter implements Filter {
050
051    private static final Log log = LogFactory.getLog(ExternalRequestFilter.class);
052
053    @Override
054    public void init(FilterConfig filterConfig) throws ServletException {
055    }
056
057    @Override
058    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
059            ServletException {
060
061        HttpServletRequest httpRequest = (HttpServletRequest) request;
062
063        /*
064         * Check if login page was accessed after a redirection and if a Nuxeo session has been started
065         */
066        if (request != null && httpRequest.getParameter(NXAuthConstants.REQUESTED_URL) != null) {
067            HttpSession httpSession = httpRequest.getSession(false);
068            if (httpSession != null && httpSession.getAttribute(NXAuthConstants.USERIDENT_KEY) != null) {
069
070                log.debug("Detect redirection while an active session is running");
071
072                String requestedUrl = httpRequest.getParameter(REQUESTED_URL);
073                if (requestedUrl != null && !"".equals(requestedUrl)) {
074                    try {
075                        requestedUrl = URLDecoder.decode(requestedUrl, "UTF-8");
076                    } catch (UnsupportedEncodingException e) {
077                        log.error("Unable to get the requestedUrl parameter" + e);
078                    }
079                }
080
081                if (requestedUrl != null) {
082                    PluggableAuthenticationService service = (PluggableAuthenticationService) Framework.getRuntime().getComponent(
083                            PluggableAuthenticationService.NAME);
084                    String baseURL = service.getBaseURL(request);
085                    HttpServletResponse httpResponse = (HttpServletResponse) response;
086                    httpResponse.sendRedirect(baseURL + requestedUrl);
087                    return;
088                }
089            }
090        }
091
092        chain.doFilter(request, response);
093
094    }
095
096    @Override
097    public void destroy() {
098    }
099
100}