Source code

001/*
002 * (C) Copyright 2012 Nuxeo SA (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     bjalon
016 */
017package org.nuxeo.ecm.mobile.filter;
018
019import java.io.IOException;
020import java.util.HashMap;
021import java.util.Map;
022
023import javax.servlet.Filter;
024import javax.servlet.FilterChain;
025import javax.servlet.FilterConfig;
026import javax.servlet.ServletException;
027import javax.servlet.ServletRequest;
028import javax.servlet.ServletResponse;
029import javax.servlet.http.HttpServletRequest;
030import javax.servlet.http.HttpServletResponse;
031
032import org.apache.commons.lang.StringUtils;
033import org.apache.commons.logging.Log;
034import org.apache.commons.logging.LogFactory;
035import org.nuxeo.common.utils.URIUtils;
036import org.nuxeo.ecm.mobile.ApplicationDefinitionService;
037import org.nuxeo.ecm.platform.ui.web.auth.CachableUserIdentificationInfo;
038import org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter;
039import org.nuxeo.runtime.api.Framework;
040
041/**
042 * Filter that redirects to the chosen application URL or application dedicated for the context request.
043 * To understand the application selection engine look {@code ApplicationDefinitionService#getTargetApplication(HttpServletRequest).
044 * If no application match, no redirection will be executed.
045 *
046 * @author <a href="mailto:bjalon@nuxeo.com">Benjamin JALON</a>
047 * @since 5.5
048 *
049 */
050public class ApplicationRedirectionFilter implements Filter {
051
052    protected static final Log log = LogFactory.getLog(ApplicationRedirectionFilter.class);
053
054    public static final String INITIAL_TARGET_URL_PARAM_NAME = "targetURL";
055
056    private ApplicationDefinitionService service;
057
058    protected ApplicationDefinitionService getService() {
059        if (service == null) {
060            service = Framework.getLocalService(ApplicationDefinitionService.class);
061        }
062        return service;
063    }
064
065    @Override
066    public void init(FilterConfig filterConfig) throws ServletException {
067        // Nothing to do
068    }
069
070    @Override
071    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
072            ServletException {
073        if (!(request instanceof HttpServletRequest)) {
074            log.debug("Not an Http request, no redirection");
075            doNoRedirect(request, response, chain);
076            return;
077        }
078
079        HttpServletRequest req = (HttpServletRequest) request;
080        log.debug("do filter - URL :" + req.getRequestURL() + "?" + req.getQueryString());
081
082        if (!isAuthenticated(req)) {
083            log.debug("User not authenticated so no application redirection");
084            doNoRedirect(request, response, chain);
085            return;
086        }
087
088        String targetApplicationBaseURL = getService().getApplicationBaseURI(req);
089
090        if (targetApplicationBaseURL == null) {
091            log.debug("No application match this request context " + "=> no redirect: final URL: "
092                    + req.getRequestURI());
093            doNoRedirect(request, response, chain);
094            return;
095        }
096
097        if (isRequestIntoApplication(req, targetApplicationBaseURL)) {
098            log.debug("Request URI is a child of target application so no redirect:" + " final URL: "
099                    + req.getRequestURI());
100            doNoRedirect(request, response, chain);
101            return;
102        }
103
104        if (getService().isResourceURL(req)) {
105            log.debug("Request URI is a resource of the target application so no redirect:" + " final URL: "
106                    + req.getRequestURI());
107            doNoRedirect(request, response, chain);
108            return;
109        }
110
111        RequestAdapter requestAdapter = new RequestAdapter(req);
112        if (requestAdapter.isOpenURL()) {
113            log.debug("Request URI is opened so no redirect:" + " final URL: " + req.getRequestURI());
114            doNoRedirect(request, response, chain);
115            return;
116        }
117
118        doApplicationRedirection((HttpServletRequest) request, (HttpServletResponse) response, chain);
119    }
120
121    /**
122     * Return principal stored into session
123     */
124    private boolean isAuthenticated(HttpServletRequest req) {
125        if (req.getSession(false) == null) {
126            return false;
127        }
128
129        CachableUserIdentificationInfo idInfo = (CachableUserIdentificationInfo) req.getSession().getAttribute(
130                "org.nuxeo.ecm.login.identity");
131
132        if (idInfo == null || idInfo.getPrincipal() == null) {
133            return false;
134        }
135
136        return true;
137    }
138
139    /**
140     * Redirect the browser to the target application with the initial URL as parameter into the
141     * {@value WebMobileConstants#TARGET_URL_PARAMETER} url parameter.
142     */
143    private void doApplicationRedirection(HttpServletRequest request, HttpServletResponse response, FilterChain chain)
144            throws IOException, ServletException {
145        Map<String, String> parameters = new HashMap<String, String>();
146
147        String requestedPage = NuxeoAuthenticationFilter.getRequestedPage(request);
148        if (!StringUtils.isBlank(requestedPage)) {
149            parameters.put(INITIAL_TARGET_URL_PARAM_NAME, requestedPage);
150        }
151
152        String redirectURI = URIUtils.addParametersToURIQuery(getService().getApplicationBaseURL(request), parameters);
153        log.debug("Handler match/Non target application URI " + "=> Application redirected: target URL: " + redirectURI);
154
155        response.sendRedirect(redirectURI);
156    }
157
158    /**
159     * Do no redirection and let filters application to be done.
160     */
161    private void doNoRedirect(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException,
162            ServletException {
163        chain.doFilter(request, response);
164    }
165
166    private boolean isRequestIntoApplication(HttpServletRequest req, String targetApplicationBaseURL) {
167        String uri = req.getRequestURI();
168
169        log.debug("Request url: " + uri + " and targetApplicationURI: ");
170        if (!uri.startsWith(targetApplicationBaseURL)) {
171            log.debug("Request uri is not a child of application base url");
172            return false;
173        }
174        if (uri.equals(targetApplicationBaseURL)) {
175            log.debug("Request uri is the root of the application");
176            return true;
177        }
178        char character = uri.charAt(targetApplicationBaseURL.length());
179        if (character != '/' && character != '?' && character != '#' && character != '@') {
180            log.debug("Request uri is not a child of application base url");
181            return false;
182        }
183        log.debug("Request uri is a child of application base url");
184        return true;
185    }
186
187    @Override
188    public void destroy() {
189        log.debug("Filter detroyed");
190    }
191
192}