@POST
@Produces(MediaType.TEXT_HTML)
public void create_(
@QueryParam("url") String url,
@QueryParam("userName") String user,
@QueryParam("password") String password,
@QueryParam("connectAs") String connectAs,
@Context HttpServletResponse response)
throws Exception {
final String targetUrl = Tools.createXssSafeString(url);
final String errorMessage;
if (user != null) {
try {
final LoginTokens token = create(new LoginCredentials(user, password, connectAs));
final String accessToken = token.getAccessToken();
final Cookie cookie = new Cookie("raplaLoginToken", token.toString());
response.addCookie(cookie);
response.sendRedirect(targetUrl != null ? targetUrl : "rapla.html");
final PrintWriter writer = response.getWriter();
writer.println(accessToken);
writer.close();
return;
} catch (Exception e) {
errorMessage = e.getMessage();
}
} else {
errorMessage = null;
}
createPage(url, user, errorMessage, response);
}
@POST
@Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
public LoginTokens create(@QueryParam("credentials") LoginCredentials credentials)
throws Exception {
User user = null;
try {
user =
authentificationService.authenticate(
credentials.getUsername(),
credentials.getPassword(),
credentials.getConnectAs(),
logger);
} catch (Exception e) {
logger.error(e.getMessage());
final String loginErrorMessage = i18n.getString("error.login");
throw new RaplaSecurityException(loginErrorMessage);
}
final LoginTokens loginTokens = tokenHandler.generateAccessToken(user);
if (loginTokens.isValid()) {
return loginTokens;
}
final String loginErrorMessage = i18n.getString("error.login");
throw new RaplaSecurityException(loginErrorMessage);
}
