private void authenticateAndRedirect(HttpServletRequest req, HttpServletResponse rsp)
throws IOException {
AuthRequest areq = new AuthRequest(user.getExternalId());
AuthResult arsp;
try {
String claimedIdentifier = user.getClaimedIdentity();
if (!Strings.isNullOrEmpty(claimedIdentifier)) {
if (!authenticateWithIdentityClaimedDuringHandshake(areq, rsp, claimedIdentifier)) {
return;
}
} else if (linkMode) {
if (!authenticateWithLinkedIdentity(areq, rsp)) {
return;
}
}
areq.setUserName(user.getUserName());
areq.setEmailAddress(user.getEmailAddress());
areq.setDisplayName(user.getDisplayName());
arsp = accountManager.authenticate(areq);
} catch (AccountException e) {
log.error("Unable to authenticate user \"" + user + "\"", e);
rsp.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
webSession.get().login(arsp, true);
String suffix = redirectToken.substring(OAuthWebFilter.GERRIT_LOGIN.length() + 1);
StringBuilder rdr = new StringBuilder(urlProvider.get(req));
rdr.append(Url.decode(suffix));
rsp.sendRedirect(rdr.toString());
}
public boolean doFilter(
final DynamicItem<WebSession> webSession,
ServletRequest request,
ServletResponse response,
FilterChain chain)
throws IOException, ServletException {
HttpServletRequest httpRequest = (HttpServletRequest) request;
String hdr = httpRequest.getHeader("Authorization");
if (hdr != null) {
return filterBasicAuth((HttpServletRequest) request, (HttpServletResponse) response, hdr);
} else if (webSession.get().isSignedIn()) {
return filterSessionAuth(webSession, (HttpServletRequest) request);
} else {
return true;
}
}
@Override
protected void configure() {
DynamicItem.itemOf(binder(), EventDispatcher.class);
DynamicItem.bind(binder(), EventDispatcher.class).to(EventBroker.class);
}
public boolean filterSessionAuth(
final DynamicItem<WebSession> webSession, HttpServletRequest request) {
request.setAttribute("gerrit-username", webSession.get().getUser().getUserName());
request.setAttribute("gerrit-token", webSession.get().getSessionId());
return true;
}
