@Override
public Object authenticate(final Context context, final Object payload) throws AuthException {
final Request request = context.request();
final String uri = request.uri();
if (Logger.isDebugEnabled()) {
Logger.debug("Returned with URL: '" + uri + "'");
}
final Configuration c = getConfiguration();
final ConsumerKey key =
new ConsumerKey(
c.getString(SettingKeys.CONSUMER_KEY), c.getString(SettingKeys.CONSUMER_SECRET));
final String requestTokenURL = c.getString(SettingKeys.REQUEST_TOKEN_URL);
final String accessTokenURL = c.getString(SettingKeys.ACCESS_TOKEN_URL);
final String authorizationURL = c.getString(SettingKeys.AUTHORIZATION_URL);
final ServiceInfo info =
new ServiceInfo(requestTokenURL, accessTokenURL, authorizationURL, key);
final OAuth service = new OAuth(info, true);
checkError(request);
if (uri.contains(Constants.OAUTH_VERIFIER)) {
final RequestToken rtoken =
(RequestToken) PlayAuthenticate.removeFromCache(context.session(), CACHE_TOKEN);
final String verifier = Authenticate.getQueryString(request, Constants.OAUTH_VERIFIER);
final Either<OAuthException, RequestToken> retrieveAccessToken =
service.retrieveAccessToken(rtoken, verifier);
if (retrieveAccessToken.isLeft()) {
throw new AuthException(retrieveAccessToken.left().get().getLocalizedMessage());
} else {
final I i = buildInfo(retrieveAccessToken.right().get());
return transform(i);
}
} else {
final String callbackURL = getRedirectUrl(request);
final Either<OAuthException, RequestToken> reponse =
service.retrieveRequestToken(callbackURL);
if (reponse.isLeft()) {
// Exception happened
throw new AuthException(reponse.left().get().getLocalizedMessage());
} else {
// All good, we have the request token
final RequestToken rtoken = reponse.right().get();
final String token = rtoken.token();
final String redirectUrl = service.redirectUrl(token);
PlayAuthenticate.storeInCache(context.session(), CACHE_TOKEN, rtoken);
return redirectUrl;
}
}
}
/**
* Build the action context from the Play {@link Context} and the {@link RequiresAuthentication}
* annotation.
*
* @param ctx the Play context.
* @param configuration the configuration.
* @return
*/
public static ActionContext build(Context ctx, Object configuration) {
JavaWebContext context = new JavaWebContext(ctx.request(), ctx.response(), ctx.session());
String clientName = null;
String targetUrl = "";
Boolean isAjax = false;
Boolean stateless = false;
String requireAnyRole = "";
String requireAllRoles = "";
if (configuration != null) {
try {
final InvocationHandler invocationHandler = Proxy.getInvocationHandler(configuration);
clientName = (String) invocationHandler.invoke(configuration, clientNameMethod, null);
targetUrl = (String) invocationHandler.invoke(configuration, targetUrlMethod, null);
logger.debug("targetUrl : {}", targetUrl);
isAjax = (Boolean) invocationHandler.invoke(configuration, isAjaxMethod, null);
logger.debug("isAjax : {}", isAjax);
stateless = (Boolean) invocationHandler.invoke(configuration, statelessMethod, null);
logger.debug("stateless : {}", stateless);
requireAnyRole =
(String) invocationHandler.invoke(configuration, requireAnyRoleMethod, null);
logger.debug("requireAnyRole : {}", requireAnyRole);
requireAllRoles =
(String) invocationHandler.invoke(configuration, requireAllRolesMethod, null);
logger.debug("requireAllRoles : {}", requireAllRoles);
} catch (Throwable e) {
logger.error("Error during configuration retrieval", e);
throw new TechnicalException(e);
}
}
clientName =
(clientName != null)
? clientName
: context.getRequestParameter(Config.getClients().getClientNameParameter());
logger.debug("clientName : {}", clientName);
String sessionId = (stateless) ? null : StorageHelper.getOrCreationSessionId(ctx.session());
return new ActionContext(
ctx,
ctx.request(),
sessionId,
context,
clientName,
targetUrl,
isAjax,
stateless,
requireAnyRole,
requireAllRoles);
}
@Test
public void testSession() {
Application app = new GuiceApplicationBuilder().build();
Play.start(app);
Context ctx =
new Context(new RequestBuilder().session("a", "1").session("b", "1").session("b", "2"));
assertEquals("1", ctx.session().get("a"));
assertEquals("2", ctx.session().get("b"));
Play.stop(app);
}
public PlayWebContext(final Context context, final SessionStore sessionStore) {
this.context = context;
this.request = context.request();
this.response = context.response();
this.session = context.session();
if (sessionStore == null) {
this.sessionStore = new PlayCacheStore();
} else {
this.sessionStore = sessionStore;
}
}
@Override
public String getUsername(Context ctx) {
String cookieValue = ctx.session().get(Application.PASSWORD);
return validate(cookieValue) ? "okay" : null;
}
@Override
public String getUsername(Context ctx) {
return ctx.session().get("email");
}
/**
* Retrieves the username from the HTTP context; the default is to read from the session cookie.
*
* @return null if the user is not authenticated.
*/
public String getUsername(Context ctx) {
return ctx.session().get("username");
}
@Override
public String getUsername(Context context) {
AppLogUtil.debug("@@@@@StudentSecured#getUsername");
return context.session().get("entry_user_id");
}
