예제 #1
0
  /**
   * Handle request internal model and view.
   *
   * @param request the request
   * @param response the response
   * @return the model and view
   * @throws Exception the exception
   */
  @RequestMapping(path = OAuthConstants.BASE_OAUTH20_URL + '/' + OAuthConstants.AUTHORIZE_URL)
  public ModelAndView handleRequestInternal(
      final HttpServletRequest request, final HttpServletResponse response) throws Exception {

    final J2EContext context = new J2EContext(request, response);
    final ProfileManager manager = new ProfileManager(context);

    if (!verifyAuthorizeRequest(request) || !isRequestAuthenticated(manager, context)) {
      logger.error("Authorize request verification fails");
      return new ModelAndView(OAuthConstants.ERROR_VIEW);
    }

    final String clientId = context.getRequestParameter(OAuthConstants.CLIENT_ID);
    final OAuthRegisteredService registeredService =
        OAuthUtils.getRegisteredOAuthService(this.servicesManager, clientId);
    try {
      RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(
          clientId, registeredService);
    } catch (final Exception e) {
      logger.error(e.getMessage(), e);
      return new ModelAndView(OAuthConstants.ERROR_VIEW);
    }

    final ModelAndView mv = this.consentApprovalViewResolver.resolve(context, registeredService);
    if (!mv.isEmpty() && mv.hasView()) {
      return mv;
    }

    return redirectToCallbackRedirectUrl(manager, registeredService, context, clientId);
  }
예제 #2
0
  private ModelAndView redirectToCallbackRedirectUrl(
      final ProfileManager manager,
      final OAuthRegisteredService registeredService,
      final J2EContext context,
      final String clientId)
      throws Exception {
    final Optional<UserProfile> profile = manager.get(true);
    if (profile == null || !profile.isPresent()) {
      logger.error("Unexpected null profile from profile manager");
      return new ModelAndView(OAuthConstants.ERROR_VIEW);
    }

    final Service service = createService(registeredService);
    final Authentication authentication =
        createAuthentication(profile.get(), registeredService, context);

    try {
      RegisteredServiceAccessStrategyUtils.ensurePrincipalAccessIsAllowedForService(
          service, registeredService, authentication);
    } catch (final UnauthorizedServiceException | PrincipalException e) {
      logger.error(e.getMessage(), e);
      return new ModelAndView(OAuthConstants.ERROR_VIEW);
    }

    final String redirectUri = context.getRequestParameter(OAuthConstants.REDIRECT_URI);
    logger.debug(
        "Authorize request verification successful for client {} with redirect uri {}",
        clientId,
        redirectUri);

    final String responseType = context.getRequestParameter(OAuthConstants.RESPONSE_TYPE);
    final String callbackUrl;
    if (isResponseType(responseType, OAuthResponseType.CODE)) {
      callbackUrl =
          buildCallbackUrlForAuthorizationCodeResponseType(authentication, service, redirectUri);
    } else {
      callbackUrl =
          buildCallbackUrlForImplicitResponseType(context, authentication, service, redirectUri);
    }
    logger.debug("callbackUrl: {}", callbackUrl);
    return OAuthUtils.redirectTo(callbackUrl);
  }