001/*
002 * (C) Copyright 2006-2007 Nuxeo SAS (http://nuxeo.com/) and contributors.
003 *
004 * All rights reserved. This program and the accompanying materials
005 * are made available under the terms of the GNU Lesser General Public License
006 * (LGPL) version 2.1 which accompanies this distribution, and is available at
007 * http://www.gnu.org/licenses/lgpl.html
008 *
009 * This library is distributed in the hope that it will be useful,
010 * but WITHOUT ANY WARRANTY; without even the implied warranty of
011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
012 * Lesser General Public License for more details.
013 *
014 * Contributors:
015 *     Nuxeo - initial API and implementation
016 *
017 * $Id: JOOoConvertPluginImpl.java 18651 2007-05-13 20:28:53Z sfermigier $
018 */
019
020package org.nuxeo.ecm.webengine.login;
021
022import java.io.IOException;
023import java.util.Collections;
024import java.util.List;
025import java.util.Map;
026
027import javax.servlet.http.HttpServletRequest;
028import javax.servlet.http.HttpServletResponse;
029
030import org.apache.commons.logging.Log;
031import org.apache.commons.logging.LogFactory;
032import org.nuxeo.ecm.platform.api.login.UserIdentificationInfo;
033import org.nuxeo.ecm.platform.ui.web.auth.interfaces.LoginResponseHandler;
034import org.nuxeo.ecm.platform.ui.web.auth.interfaces.NuxeoAuthenticationPlugin;
035
036public class WebEngineFormAuthenticator implements NuxeoAuthenticationPlugin, LoginResponseHandler {
037
038    private static final Log log = LogFactory.getLog(WebEngineFormAuthenticator.class);
039
040    protected static String usernameKey = "username";
041
042    protected static String passwordKey = "password";
043
044    public static final String LOGIN_KEY = "/@@login";
045
046    public Boolean handleLoginPrompt(HttpServletRequest request, HttpServletResponse response, String baseURL) {
047        return false; // TODO doesn't have a login page ?
048    }
049
050    /**
051     * Gets the path info to be used to redirect after login.
052     */
053    protected String getLoginPathInfo(HttpServletRequest request) {
054        String path = request.getRequestURI();
055        if (path != null) {
056            if (path.endsWith(LOGIN_KEY)) {
057                return path.substring(0, path.length() - LOGIN_KEY.length());
058            }
059        }
060        return null;
061    }
062
063    public static boolean isLoginRequest(HttpServletRequest request) {
064        String path = request.getPathInfo();
065        if (path != null) {
066            if (path.endsWith(LOGIN_KEY)) {
067                return true;
068            }
069        }
070        return false;
071    }
072
073    public UserIdentificationInfo handleRetrieveIdentity(HttpServletRequest httpRequest,
074            HttpServletResponse httpResponse) {
075        if (!isLoginRequest(httpRequest)) {
076            return null;
077        }
078        String userName = httpRequest.getParameter(usernameKey);
079        String password = httpRequest.getParameter(passwordKey);
080        return new UserIdentificationInfo(userName, password);
081    }
082
083    public Boolean needLoginPrompt(HttpServletRequest httpRequest) {
084        return true;
085    }
086
087    public void initPlugin(Map<String, String> parameters) {
088        if (parameters.get("UsernameKey") != null) {
089            usernameKey = parameters.get("UsernameKey");
090        }
091        if (parameters.get("PasswordKey") != null) {
092            passwordKey = parameters.get("PasswordKey");
093        }
094    }
095
096    public List<String> getUnAuthenticatedURLPrefix() {
097        return Collections.emptyList();
098    }
099
100    public boolean onError(HttpServletRequest request, HttpServletResponse response) {
101        try {
102            String path = getLoginPathInfo(request);
103            if (path == null) { // this should never happens
104                return false;
105            }
106            // ajax request
107            if (request.getParameter("caller") != null) {
108                response.sendError(HttpServletResponse.SC_UNAUTHORIZED, "Authentication Failed");
109            } else { // normal request
110                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
111                response.sendRedirect(path + "?failed=true");
112            }
113        } catch (IOException e) {
114            log.error(e);
115            return false;
116        }
117        return true;
118    }
119
120    public boolean onSuccess(HttpServletRequest request, HttpServletResponse response) {
121        try {
122            String path = getLoginPathInfo(request);
123            if (path == null) { // this should never happens
124                return false;
125            }
126            // ajax request
127            if (request.getParameter("caller") != null) {
128                response.sendError(HttpServletResponse.SC_OK);
129            } else { // normal request
130                response.sendRedirect(path);
131            }
132        } catch (IOException e) {
133            log.error(e);
134            return false;
135        }
136        return true;
137    }
138
139}