@Override
protected Event doExecute(final RequestContext context) throws Exception {
final Service service = WebUtils.getService(context);
// No service == plain /login request. Return success indicating transition to the login form
if (service == null) {
return success();
}
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
if (registeredService == null) {
logger.warn(
"Unauthorized Service Access for Service: [ {} ] - service is not defined in the service registry.",
service.getId());
throw new UnauthorizedServiceException();
} else if (!registeredService.isEnabled()) {
logger.warn(
"Unauthorized Service Access for Service: [ {} ] - service is not enabled in the service registry.",
service.getId());
if (registeredService instanceof RegisteredServiceWithAttributes) {
String disabledServiceUrl =
(String)
RegisteredServiceWithAttributes.class
.cast(registeredService)
.getExtraAttributes()
.get(DISABLED_SERVICE_URL_ATTRIBUTE);
if (disabledServiceUrl != null) {
context.getRequestScope().put(DISABLED_SERVICE_URL_ATTRIBUTE, disabledServiceUrl);
return no();
}
}
throw new UnauthorizedServiceException();
}
return success();
}
@Override
protected Event doExecute(final RequestContext context) throws Exception {
final Service service = WebUtils.getService(context);
if (service == null) {
logger.debug("No service found in the request context, so resuming normally.");
return success();
}
final RegisteredService registeredService = this.servicesManager.findServiceBy(service);
if (registeredService == null) {
logger.warn(
"Unauthorized Service Access for Service: [{}] - service is not defined in the service registry.",
service.getId());
throw new UnauthorizedServiceException();
}
if (!registeredService.isEnabled()) {
logger.warn(
"Unauthorized Service Access for Service: [{}] - service is not enabled in the service registry.",
service.getId());
throw new UnauthorizedServiceException();
}
if (registeredService instanceof RegisteredServiceWithAttributes) {
final RegisteredServiceWithAttributes regSvcWithAttr =
RegisteredServiceWithAttributes.class.cast(registeredService);
final String redirectToUrl =
(String) regSvcWithAttr.getExtraAttributes().get(REDIRECT_TO_URL_ATTRIBUTE);
if (redirectToUrl != null
&& this.redirectionAdvisor.shouldRedirectServiceRequest(
context, regSvcWithAttr, redirectToUrl)) {
logger.info("Redirecting to url [{}] for service [{}]", redirectToUrl, service.getId());
context.getRequestScope().put(REDIRECT_TO_URL_ATTRIBUTE, redirectToUrl);
return yes();
}
}
logger.debug(
"No redirect url is configured, or redirection for service [{}] is not needed",
service.getId());
return success();
}
/**
* Ensure that the service is found and enabled in the service registry.
*
* @param registeredService the located entry in the registry
* @param service authenticating service
* @throws UnauthorizedServiceException
*/
private void verifyRegisteredServiceProperties(
final RegisteredService registeredService, final Service service) {
if (registeredService == null) {
final String msg =
String.format(
"ServiceManagement: Unauthorized Service Access. "
+ "Service [%s] is not found in service registry.",
service.getId());
logger.warn(msg);
throw new UnauthorizedServiceException(
UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg);
}
if (!registeredService.isEnabled()) {
final String msg =
String.format(
"ServiceManagement: Unauthorized Service Access. "
+ "Service %s] is not enabled in service registry.",
service.getId());
logger.warn(msg);
throw new UnauthorizedServiceException(
UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE, msg);
}
}
