001/* 002 * (C) Copyright 2012 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * bjalon 016 */ 017package org.nuxeo.ecm.mobile.filter; 018 019import java.io.IOException; 020import java.util.HashMap; 021import java.util.Map; 022 023import javax.servlet.Filter; 024import javax.servlet.FilterChain; 025import javax.servlet.FilterConfig; 026import javax.servlet.ServletException; 027import javax.servlet.ServletRequest; 028import javax.servlet.ServletResponse; 029import javax.servlet.http.HttpServletRequest; 030import javax.servlet.http.HttpServletResponse; 031 032import org.apache.commons.lang.StringUtils; 033import org.apache.commons.logging.Log; 034import org.apache.commons.logging.LogFactory; 035import org.nuxeo.common.utils.URIUtils; 036import org.nuxeo.ecm.mobile.ApplicationDefinitionService; 037import org.nuxeo.ecm.platform.ui.web.auth.CachableUserIdentificationInfo; 038import org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter; 039import org.nuxeo.runtime.api.Framework; 040 041/** 042 * Filter that redirects to the chosen application URL or application dedicated for the context request. 043 * To understand the application selection engine look {@code ApplicationDefinitionService#getTargetApplication(HttpServletRequest). 044 * If no application match, no redirection will be executed. 045 * 046 * @author <a href="mailto:bjalon@nuxeo.com">Benjamin JALON</a> 047 * @since 5.5 048 * 049 */ 050public class ApplicationRedirectionFilter implements Filter { 051 052 protected static final Log log = LogFactory.getLog(ApplicationRedirectionFilter.class); 053 054 public static final String INITIAL_TARGET_URL_PARAM_NAME = "targetURL"; 055 056 private ApplicationDefinitionService service; 057 058 protected ApplicationDefinitionService getService() { 059 if (service == null) { 060 service = Framework.getLocalService(ApplicationDefinitionService.class); 061 } 062 return service; 063 } 064 065 @Override 066 public void init(FilterConfig filterConfig) throws ServletException { 067 // Nothing to do 068 } 069 070 @Override 071 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, 072 ServletException { 073 if (!(request instanceof HttpServletRequest)) { 074 log.debug("Not an Http request, no redirection"); 075 doNoRedirect(request, response, chain); 076 return; 077 } 078 079 HttpServletRequest req = (HttpServletRequest) request; 080 log.debug("do filter - URL :" + req.getRequestURL() + "?" + req.getQueryString()); 081 082 if (!isAuthenticated(req)) { 083 log.debug("User not authenticated so no application redirection"); 084 doNoRedirect(request, response, chain); 085 return; 086 } 087 088 String targetApplicationBaseURL = getService().getApplicationBaseURI(req); 089 090 if (targetApplicationBaseURL == null) { 091 log.debug("No application match this request context " + "=> no redirect: final URL: " 092 + req.getRequestURI()); 093 doNoRedirect(request, response, chain); 094 return; 095 } 096 097 if (isRequestIntoApplication(req, targetApplicationBaseURL)) { 098 log.debug("Request URI is a child of target application so no redirect:" + " final URL: " 099 + req.getRequestURI()); 100 doNoRedirect(request, response, chain); 101 return; 102 } 103 104 if (getService().isResourceURL(req)) { 105 log.debug("Request URI is a resource of the target application so no redirect:" + " final URL: " 106 + req.getRequestURI()); 107 doNoRedirect(request, response, chain); 108 return; 109 } 110 111 RequestAdapter requestAdapter = new RequestAdapter(req); 112 if (requestAdapter.isOpenURL()) { 113 log.debug("Request URI is opened so no redirect:" + " final URL: " + req.getRequestURI()); 114 doNoRedirect(request, response, chain); 115 return; 116 } 117 118 doApplicationRedirection((HttpServletRequest) request, (HttpServletResponse) response, chain); 119 } 120 121 /** 122 * Return principal stored into session 123 */ 124 private boolean isAuthenticated(HttpServletRequest req) { 125 if (req.getSession(false) == null) { 126 return false; 127 } 128 129 CachableUserIdentificationInfo idInfo = (CachableUserIdentificationInfo) req.getSession().getAttribute( 130 "org.nuxeo.ecm.login.identity"); 131 132 if (idInfo == null || idInfo.getPrincipal() == null) { 133 return false; 134 } 135 136 return true; 137 } 138 139 /** 140 * Redirect the browser to the target application with the initial URL as parameter into the 141 * {@value WebMobileConstants#TARGET_URL_PARAMETER} url parameter. 142 */ 143 private void doApplicationRedirection(HttpServletRequest request, HttpServletResponse response, FilterChain chain) 144 throws IOException, ServletException { 145 Map<String, String> parameters = new HashMap<String, String>(); 146 147 String requestedPage = NuxeoAuthenticationFilter.getRequestedPage(request); 148 if (!StringUtils.isBlank(requestedPage)) { 149 parameters.put(INITIAL_TARGET_URL_PARAM_NAME, requestedPage); 150 } 151 152 String redirectURI = URIUtils.addParametersToURIQuery(getService().getApplicationBaseURL(request), parameters); 153 log.debug("Handler match/Non target application URI " + "=> Application redirected: target URL: " + redirectURI); 154 155 response.sendRedirect(redirectURI); 156 } 157 158 /** 159 * Do no redirection and let filters application to be done. 160 */ 161 private void doNoRedirect(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, 162 ServletException { 163 chain.doFilter(request, response); 164 } 165 166 private boolean isRequestIntoApplication(HttpServletRequest req, String targetApplicationBaseURL) { 167 String uri = req.getRequestURI(); 168 169 log.debug("Request url: " + uri + " and targetApplicationURI: "); 170 if (!uri.startsWith(targetApplicationBaseURL)) { 171 log.debug("Request uri is not a child of application base url"); 172 return false; 173 } 174 if (uri.equals(targetApplicationBaseURL)) { 175 log.debug("Request uri is the root of the application"); 176 return true; 177 } 178 char character = uri.charAt(targetApplicationBaseURL.length()); 179 if (character != '/' && character != '?' && character != '#' && character != '@') { 180 log.debug("Request uri is not a child of application base url"); 181 return false; 182 } 183 log.debug("Request uri is a child of application base url"); 184 return true; 185 } 186 187 @Override 188 public void destroy() { 189 log.debug("Filter detroyed"); 190 } 191 192}