public String addSorPerson(
final ReconciliationCriteria reconciliationCriteria, final RequestContext context) {
reconciliationCriteria.getSorPerson().setSourceSor(AbstractPersonServiceAction.STATIC_SOR_NAME);
try {
final ServiceExecutionResult<Person> result =
getPersonService().addPerson(reconciliationCriteria);
getSpringErrorValidationErrorConverter()
.convertValidationErrors(result.getValidationErrors(), context.getMessageContext());
if (context.getMessageContext().hasErrorMessages()) {
return "validationError";
}
context.getFlowScope().put("serviceExecutionResult", result);
return "success";
} catch (final ReconciliationException e) {
context.getFlowScope().put("reconciliationResult", e);
return "reconciliation";
}
// TODO Need to add logic here to handle case where SoR already provided an SorPerson.
// For example if OR is the SoR and reconciliation determines that OR
// get the sorPerson that already exists from SorPersonAlreadyExistsException, update it with
// the values from reconciliation.SorPerson
// call updateSorPerson
catch (final SorPersonAlreadyExistsException e) {
return "error";
}
}
@Override
public void paused(RequestContext context) {
if (isPersistenceContext(context.getActiveFlow())) {
final EntityManager em =
getEntityManager(context.getFlowExecutionContext().getActiveSession());
/*
* we were not be able to determine if entityManager has opened
* connections, then the commit statement is always executed when
* flow is paused
*/
transactionTemplate.execute(
new TransactionCallbackWithoutResult() {
protected void doInTransactionWithoutResult(TransactionStatus status) {
/*
* Commit using the same connection retrieved by hibernate
* lazy load,if exists, otherwise another connection will be
* requested from pool
*/
em.joinTransaction();
}
});
}
super.paused(context);
}
/** {@inheritDoc} */
@Override
@Nullable
public String apply(@Nullable final ProfileRequestContext input) {
if (input == null) {
return null;
}
final SpringRequestContext springRequestContext =
input.getSubcontext(SpringRequestContext.class, false);
if (springRequestContext == null) {
return null;
}
final RequestContext requestContext = springRequestContext.getRequestContext();
if (requestContext == null) {
return null;
}
final FlowExecutionContext flowExecutionContext = requestContext.getFlowExecutionContext();
if (flowExecutionContext == null) {
return null;
}
if (!flowExecutionContext.isActive()) {
return null;
}
final FlowDefinition flowDefinition = requestContext.getActiveFlow();
final String flowId = flowDefinition.getId();
log.debug("Current flow id is '{}'", flowId);
return flowId;
}
protected Event doExecute(final RequestContext context) {
final String ticketGrantingTicketId = WebUtils.getTicketGrantingTicketId(context);
final String ticketGrantingTicketValueFromCookie =
(String) context.getFlowScope().get("ticketGrantingTicketId");
if (ticketGrantingTicketId == null) {
return success();
}
this.ticketGrantingTicketCookieGenerator.addCookie(
WebUtils.getHttpServletRequest(context),
WebUtils.getHttpServletResponse(context),
ticketGrantingTicketId);
// add by yikeke 2015-08-13
String logineduserid = (String) context.getRequestScope().get("logineduserid");
this.loginedUserCookieGenerator.addCookie(
WebUtils.getHttpServletRequest(context),
WebUtils.getHttpServletResponse(context),
logineduserid);
logger.debug("now addCookie for loginedUserCookieGenerator value=" + logineduserid);
// end add
if (ticketGrantingTicketValueFromCookie != null
&& !ticketGrantingTicketId.equals(ticketGrantingTicketValueFromCookie)) {
this.centralAuthenticationService.destroyTicketGrantingTicket(
ticketGrantingTicketValueFromCookie);
}
return success();
}
public Event checkHomeLocation(RequestContext context) {
// check location values
UserAccount userAccount = (UserAccount) context.getFlowScope().get("userAccount");
Location loc = userAccount.getLocation();
// do we have lat/lon already?
// StringUtils.hasLength(loc.getLatitude());
if (loc.getLatitude() != null && loc.getLongitude() != null) return success();
try {
Assert.hasLength(loc.getCity(), "City is empty");
Assert.hasLength(loc.getStateInitial(), "State is empty");
// Assert.hasLength(loc.getZip(), "Zip is empty");
} catch (IllegalArgumentException e) {
context
.getMessageContext()
.addMessage(new MessageBuilder().error().defaultText(e.getMessage()).build());
return result("needHomeLocation");
}
String homeLoc = loc.getAddress() + " " + loc.getCity() + " " + loc.getStateInitial();
// get lat/lon from yahoo
List<YahooPlaceResult> places = yahooPlaceFinderService.searchPlaceResult(homeLoc);
Location location = userAccount.getLocation();
if (places.size() > 0) {
YahooPlaceResult place = places.get(0);
location.setLatitude(place.getLatitude().floatValue());
location.setLongitude(place.getLongitude().floatValue());
location.setStateInitial(place.getStateCode());
Zip zip = null;
try {
zip = Zip.findZipsByZipCode(place.getUzip().toString()).getSingleResult();
} catch (Exception e) {
zip = new Zip();
zip.setZipCode(place.getUzip().toString());
zip.setLatitude(place.getLatitude().floatValue());
zip.setLongitude(place.getLongitude().floatValue());
zip.persist();
}
location.setZip(zip);
userAccount.setWktLocation(place.getLongitude(), place.getLatitude());
// save
userAccount = userAccountService.updateUserAccount(userAccount);
// set to flow
context.getFlowScope().asMap().put("userAccount", userAccount);
} else {
context
.getMessageContext()
.addMessage(
new MessageBuilder()
.error()
.defaultText("Could not find Lat/Lon. Returned " + places.size() + " places.")
.build());
return result("needHomeLocation");
}
return result("needBabysitterAvailableTimes");
}
/**
* Gets the http servlet response from the context.
*
* @param context the context
* @return the http servlet response
*/
public static HttpServletResponse getHttpServletResponse(final RequestContext context) {
Assert.isInstanceOf(
ServletExternalContext.class,
context.getExternalContext(),
"Cannot obtain HttpServletResponse from event of type: "
+ context.getExternalContext().getClass().getName());
return (HttpServletResponse) context.getExternalContext().getNativeResponse();
}
public final String wrapGoogleCredentialsAndPlaceInFlowScopeSecond(
RequestContext context, String accessToken, String userID, String userName) {
context.getFlowScope().put("credentials", new GoogleCredentials(accessToken, userID));
context.getFlowScope().put("credentialName", userID);
context.getFlowScope().put("credentialType", "GOOGLE_ID");
context.getFlowScope().put("userName", userName);
context.getFlowScope().put("loginNumber", "two");
return "success";
}
@Override
public Object getState(FacesContext facesContext, String viewId) {
if (!JsfUtils.isFlowRequest()) {
return super.getState(facesContext, viewId);
}
RequestContext requestContext = RequestContextHolder.getRequestContext();
Object state = requestContext.getViewScope().get(FACES_VIEW_STATE);
if (state == null) {
logger.debug("No matching view in view scope");
}
return state;
}
public Event findExistingPlayer(RequestContext context) {
PlayerSearchCriteria criteria =
(PlayerSearchCriteria) context.getFlowScope().get("playerSearchCriteria");
if (criteria != null) {
Player player = playerService.findExistingPlayer(criteria);
context.getFlowScope().put("player", player);
return success();
} else {
return error();
}
}
/**
* Validate event for transition.
*
* @param eventId the event id
* @param context the context
* @param attributes the attributes
* @return the event
*/
protected Event validateEventIdForMatchingTransitionInContext(
final String eventId, final RequestContext context, final Map<String, Object> attributes) {
try {
final AttributeMap<Object> attributesMap = new LocalAttributeMap<>(attributes);
final Event event = new Event(this, eventId, attributesMap);
logger.debug(
"Resulting event id is [{}]. Locating transitions in the context for that event id...",
event.getId());
final TransitionDefinition def = context.getMatchingTransition(event.getId());
if (def == null) {
logger.warn("Transition definition cannot be found for event [{}]", event.getId());
throw new AuthenticationException();
}
logger.debug(
"Found matching transition [{}] with target [{}] for event [{}] with attributes {}.",
def.getId(),
def.getTargetStateId(),
event.getId(),
event.getAttributes());
return event;
} catch (final Exception e) {
throw Throwables.propagate(e);
}
}
@Nonnull
@Override
protected Event doExecute(
final @Nonnull RequestContext springRequestContext,
final @Nonnull ProfileRequestContext profileRequestContext) {
final ParameterMap params = springRequestContext.getRequestParameters();
final String service = params.get(ProtocolParam.Service.id());
if (service == null) {
return ProtocolError.ServiceNotSpecified.event(this);
}
final String ticket = params.get(ProtocolParam.Ticket.id());
if (ticket == null) {
return ProtocolError.TicketNotSpecified.event(this);
}
final TicketValidationRequest ticketValidationRequest =
new TicketValidationRequest(service, ticket);
final String renew = params.get(ProtocolParam.Renew.id());
if (renew != null) {
ticketValidationRequest.setRenew(true);
}
ticketValidationRequest.setPgtUrl(params.get(ProtocolParam.PgtUrl.id()));
final MessageContext messageContext = new MessageContext();
messageContext.setMessage(ticketValidationRequest);
profileRequestContext.setInboundMessageContext(messageContext);
FlowStateSupport.setTicketValidationRequest(springRequestContext, ticketValidationRequest);
return ActionSupport.buildProceedEvent(this);
}
@Override
protected Event doExecute(final RequestContext context) throws Exception {
final Service service = WebUtils.getService(context);
// No service == plain /login request. Return success indicating transition to the login form
if (service == null) {
return success();
}
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
if (registeredService == null) {
logger.warn(
"Unauthorized Service Access for Service: [ {} ] - service is not defined in the service registry.",
service.getId());
throw new UnauthorizedServiceException();
} else if (!registeredService.isEnabled()) {
logger.warn(
"Unauthorized Service Access for Service: [ {} ] - service is not enabled in the service registry.",
service.getId());
if (registeredService instanceof RegisteredServiceWithAttributes) {
String disabledServiceUrl =
(String)
RegisteredServiceWithAttributes.class
.cast(registeredService)
.getExtraAttributes()
.get(DISABLED_SERVICE_URL_ATTRIBUTE);
if (disabledServiceUrl != null) {
context.getRequestScope().put(DISABLED_SERVICE_URL_ATTRIBUTE, disabledServiceUrl);
return no();
}
}
throw new UnauthorizedServiceException();
}
return success();
}
public Event startFlow(RequestContext context) {
// get from flow
UserAccount userAccount = (UserAccount) context.getFlowScope().get("userAccount");
// do we have type?
// if (isUserTypeNotSet(userAccount)) return
// do we have locaiton?
return null;
}
public boolean test(RequestContext context) {
Event currentEvent = context.getCurrentEvent();
if (currentEvent == null) {
return false;
}
if (caseSensitive) {
return eventId.equals(currentEvent.getId());
} else {
return eventId.equalsIgnoreCase(currentEvent.getId());
}
}
/**
* Grant ticket granting ticket.
*
* @param context the context
* @param authenticationResultBuilder the authentication result builder
* @param service the service
* @return the event
* @throws Exception the exception
*/
protected Event grantTicketGrantingTicketToAuthenticationResult(
final RequestContext context,
final AuthenticationResultBuilder authenticationResultBuilder,
final Service service)
throws Exception {
logger.debug("Finalizing authentication transactions and issuing ticket-granting ticket");
final AuthenticationResult authenticationResult =
this.authenticationSystemSupport.finalizeAllAuthenticationTransactions(
authenticationResultBuilder, service);
boolean issueTicketGrantingTicket = true;
final Authentication authentication = authenticationResult.getAuthentication();
final String ticketGrantingTicket = WebUtils.getTicketGrantingTicketId(context);
if (StringUtils.isNotBlank(ticketGrantingTicket)) {
logger.debug(
"Located ticket-granting ticket in the context. Retrieving associated authentication");
final Authentication authenticationFromTgt =
this.ticketRegistrySupport.getAuthenticationFrom(ticketGrantingTicket);
if (authenticationFromTgt == null) {
logger.debug(
"Authentication session associated with {} is no longer valid", ticketGrantingTicket);
this.centralAuthenticationService.destroyTicketGrantingTicket(ticketGrantingTicket);
} else if (authentication.getPrincipal().equals(authenticationFromTgt.getPrincipal())) {
logger.debug("Resulting authentication matches the authentication from context");
issueTicketGrantingTicket = false;
} else {
logger.debug("Resulting authentication is different from the context");
}
}
final TicketGrantingTicket tgt;
if (issueTicketGrantingTicket) {
tgt = this.centralAuthenticationService.createTicketGrantingTicket(authenticationResult);
} else {
tgt =
this.centralAuthenticationService.getTicket(
ticketGrantingTicket, TicketGrantingTicket.class);
tgt.getAuthentication().update(authentication);
this.centralAuthenticationService.updateTicket(tgt);
}
WebUtils.putTicketGrantingTicketInScopes(context, tgt);
WebUtils.putAuthenticationResult(authenticationResult, context);
WebUtils.putAuthentication(tgt.getAuthentication(), context);
if (addWarningMessagesToMessageContextIfNeeded(tgt, context.getMessageContext())) {
return newEvent(SUCCESS_WITH_WARNINGS);
}
return newEvent(CasWebflowConstants.TRANSITION_ID_SUCCESS);
}
/** {@inheritDoc} */
@Override
protected boolean doPreExecute(@Nonnull final ProfileRequestContext profileRequestContext) {
if (!super.doPreExecute(profileRequestContext)) {
return false;
}
final RequestContext requestContext = getRequestContext(profileRequestContext);
if (requestContext == null) {
log.error("{} Spring RequestContext is not set", getLogPrefix());
ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_DECODE);
return false;
}
final String sessionRef = requestContext.getRequestParameters().get(SESSION_PARAM_BYREF);
final String sessionVal = requestContext.getRequestParameters().get(SESSION_PARAM_BYVAL);
try {
if (sessionRef != null) {
sessionKey = sessionRef;
session = getSessionByReference(requestContext, sessionKey);
} else if (sessionVal != null) {
session = getSessionByValue(sessionVal);
} else {
log.warn("{} No session parameter provided, nothing to do", getLogPrefix());
ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_DECODE);
return false;
}
log.debug("{} Got session to propagate logout: {}", getLogPrefix(), session);
} catch (MessageDecodingException e) {
log.warn("{} Message decoding exception: {}", e.getMessage());
ActionSupport.buildEvent(profileRequestContext, EventIds.UNABLE_TO_DECODE);
return false;
} catch (MessageException e) {
log.warn("{} Required state not found: {}", e.getMessage());
ActionSupport.buildEvent(profileRequestContext, EventIds.INVALID_PROFILE_CTX);
return false;
}
return true;
}
@Override
protected Event doExecute(RequestContext context) throws Exception {
final String userId = context.getFlowScope().getString(S.NICK);
LOGGER.info("user id is:" + userId);
try {
WebUtils.putTicketGrantingTicketInRequestScope(
context,
centralAuthenticationService.createTicketGrantingTicket(creatCredentials(userId)));
} catch (TicketException e) {
LOGGER.error(e);
return error();
}
return success();
}
protected void doRender(Map<String, ?> model) throws Exception {
RequestContext context = getRequestContext();
ExternalContext externalContext = context.getExternalContext();
View view = getView();
PortletContext portletContext = (PortletContext) externalContext.getNativeContext();
PortletRequest request = (PortletRequest) externalContext.getNativeRequest();
MimeResponse response = (MimeResponse) externalContext.getNativeResponse();
if (response.getContentType() == null) {
// No Portlet content type specified yet -> use the view-determined type.
// (The Portlet spec requires the content type to be set on the RenderResponse)
String contentType = view.getContentType();
if (contentType != null) {
response.setContentType(contentType);
}
}
request.setAttribute(ViewRendererServlet.VIEW_ATTRIBUTE, view);
request.setAttribute(ViewRendererServlet.MODEL_ATTRIBUTE, model);
request.setAttribute(
org.springframework.web.servlet.support.RequestContext.WEB_APPLICATION_CONTEXT_ATTRIBUTE,
context.getActiveFlow().getApplicationContext());
portletContext
.getRequestDispatcher(DispatcherPortlet.DEFAULT_VIEW_RENDERER_URL)
.include(request, response);
}
@Override
protected Event doExecute(final RequestContext context) {
final HttpServletRequest request = WebUtils.getHttpServletRequest(context);
final HttpServletResponse response = WebUtils.getHttpServletResponse(context);
final String authorizationHeader = request.getHeader(SpnegoConstants.HEADER_AUTHORIZATION);
final String userAgent = WebUtils.getHttpServletRequestUserAgent(request);
LOGGER.debug(
"Authorization header [{}], User Agent header [{}]", authorizationHeader, userAgent);
if (!StringUtils.hasText(userAgent) || this.supportedBrowser.isEmpty()) {
LOGGER.debug("User Agent header [{}] is empty, or no browsers are supported", userAgent);
return success();
}
if (!isSupportedBrowser(userAgent)) {
LOGGER.debug(
"User Agent header [{}] is not supported in the list of supported browsers [{}]",
userAgent,
this.supportedBrowser);
return success();
}
if (!StringUtils.hasText(authorizationHeader)
|| !authorizationHeader.startsWith(this.messageBeginPrefix)
|| authorizationHeader.length() <= this.messageBeginPrefix.length()) {
final String wwwHeader = this.ntlm ? SpnegoConstants.NTLM : SpnegoConstants.NEGOTIATE;
LOGGER.debug(
"Authorization header not found or does not match the message prefix [{}]. Sending [{}] header [{}]",
this.messageBeginPrefix,
SpnegoConstants.HEADER_AUTHENTICATE,
wwwHeader);
response.setHeader(SpnegoConstants.HEADER_AUTHENTICATE, wwwHeader);
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
// The responseComplete flag tells the pausing view-state not to render the response
// because another object has taken care of it. If mixed mode authentication is allowed
// then responseComplete should not be called so that webflow will display the login page.
if (!this.mixedModeAuthentication) {
LOGGER.debug("Mixed-mode authentication is disabled. Executing completion of response");
context.getExternalContext().recordResponseComplete();
}
}
return success();
}
@Override
protected Event doExecute(final RequestContext context) throws Exception {
final Service service = WebUtils.getService(context);
if (service == null) {
logger.debug("No service found in the request context, so resuming normally.");
return success();
}
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
if (registeredService == null) {
logger.warn(
"Unauthorized Service Access for Service: [{}] - service is not defined in the service registry.",
service.getId());
throw new UnauthorizedServiceException();
}
if (!registeredService.isEnabled()) {
logger.warn(
"Unauthorized Service Access for Service: [{}] - service is not enabled in the service registry.",
service.getId());
throw new UnauthorizedServiceException();
}
if (registeredService instanceof RegisteredServiceWithAttributes) {
final RegisteredServiceWithAttributes regSvcWithAttr =
RegisteredServiceWithAttributes.class.cast(registeredService);
final String redirectToUrl =
(String) regSvcWithAttr.getExtraAttributes().get(REDIRECT_TO_URL_ATTRIBUTE);
if (redirectToUrl != null
&& this.redirectionAdvisor.shouldRedirectServiceRequest(
context, regSvcWithAttr, redirectToUrl)) {
logger.info("Redirecting to url [{}] for service [{}]", redirectToUrl, service.getId());
context.getRequestScope().put(REDIRECT_TO_URL_ATTRIBUTE, redirectToUrl);
return yes();
}
}
logger.debug(
"No redirect url is configured, or redirection for service [{}] is not needed",
service.getId());
return success();
}
/**
* Get an {@link SPSession} by reference.
*
* @param requestContext Spring request context
* @param sessionKey key identifying the SP session
* @return the SP session
* @throws MessageException if an error occurs
*/
@Nonnull
private SPSession getSessionByReference(
@Nonnull final RequestContext requestContext, @Nonnull final String sessionKey)
throws MessageException {
final LogoutContext logoutCtx =
requestContext
.getExternalContext()
.getSessionMap()
.get(SaveLogoutContext.LOGOUT_CONTEXT_KEY, LogoutContext.class);
if (logoutCtx == null) {
throw new MessageException("LogoutContext not found in HTTP session.");
}
final SPSession s = logoutCtx.getKeyedSessionMap().get(sessionKey);
if (s == null) {
throw new MessageException("Session not found for key: " + sessionKey);
}
return s;
}
public final String wrapGoogleCredentialsAndPlaceInFlowScope(
RequestContext context,
String accessToken,
String userID,
String userName,
String genericName,
String genericEmail) {
context.getFlowScope().put("credentials", new GoogleCredentials(accessToken, userID));
context.getFlowScope().put("credentialName", userID);
context.getFlowScope().put("credentialType", "GOOGLE_ID");
context.getFlowScope().put("userName", userName);
context.getFlowScope().put("credentialName2", userID);
context.getFlowScope().put("credentialType2", "GOOGLE_ID");
context.getFlowScope().put("userName2", userName);
context.getFlowScope().put("loginNumber", "one");
context.getFlowScope().put("loginNumber", "one");
context.getFlowScope().put("genericName", genericName);
context.getFlowScope().put("genericEmail", genericEmail);
return "success";
}
private void saveState(Object state) {
RequestContext requestContext = RequestContextHolder.getRequestContext();
requestContext.getViewScope().put(FACES_VIEW_STATE, state);
}
private String getFlowExecutionKey() {
RequestContext requestContext = RequestContextHolder.getRequestContext();
return requestContext.getFlowExecutionContext().getKey().toString();
}
public final String placeGoogleApiInFlowScope(RequestContext context) {
context.getFlowScope().put("googleappid", googleApiId);
return "success";
}
/**
* Gets resolved events as attribute.
*
* @param context the context
* @return the resolved events as attribute
*/
protected Set<Event> getResolvedEventsAsAttribute(final RequestContext context) {
return context.getAttributes().get(RESOLVED_AUTHENTICATION_EVENTS, Set.class);
}
/**
* Put resolved events as attribute.
*
* @param context the context
* @param resolvedEvents the resolved events
*/
protected void putResolvedEventsAsAttribute(
final RequestContext context, final Set<Event> resolvedEvents) {
context.getAttributes().put(RESOLVED_AUTHENTICATION_EVENTS, resolvedEvents);
}
@Override
protected Event doExecute(RequestContext context) throws Exception {
HttpServletRequest request = WebUtils.getHttpServletRequest(context);
HttpSession session = request.getSession();
// get provider type
String providerType = request.getParameter(OAUTH_PROVIDER);
logger.debug("providerType : {}", providerType);
// System.out.println("OAuthAction "+providerType+" "+StringUtils.isNotBlank(providerType));
// it's an authentication
if (StringUtils.isNotBlank(providerType)) {
// get provider
OAuthProvider provider = null;
for (OAuthProvider aProvider : providers) {
if (StringUtils.equals(providerType, aProvider.getType())) {
provider = aProvider;
break;
}
}
logger.info("provider : {}", provider);
// get credential
System.out.println("Params " + request.getParameterMap());
@SuppressWarnings("unchecked")
OAuthCredential credential = provider.getCredential(request.getParameterMap());
logger.info("credential : {}", credential);
// retrieve service from session and put it into webflow
Service service = (Service) session.getAttribute("service");
context.getFlowScope().put("service", service);
// create credentials
Credentials credentials = new OAuthCredentials(credential);
try {
WebUtils.putTicketGrantingTicketInRequestScope(
context, this.centralAuthenticationService.createTicketGrantingTicket(credentials));
return success();
} catch (final TicketException e) {
e.printStackTrace();
return error();
}
} else {
// no authentication : go to login page
// put service in session from flow scope
Service service = (Service) context.getFlowScope().get("service");
session.setAttribute("service", service);
// for all providers, generate authorization urls
for (OAuthProvider provider : providers) {
String key = provider.getType() + "Url";
String authorizatonUrl = provider.getAuthorizationUrl(new HttpUserSession(session));
logger.debug("{} -> {}", key, authorizatonUrl);
request.setAttribute(key, authorizatonUrl);
}
}
return error();
}
