BrightSide Workbench Full Report + Source Code
AuthActions.java
Go to the documentation of this file.
1 /*
2  * TurrĂ³ i Cutiller Foundation. License notice.
3  * Copyright (C) 2015 Lluis TurrĂ³ Cutiller <http://www.turro.org/>
4  *
5  * This program is free software: you can redistribute it and/or modify
6  * it under the terms of the GNU Affero General Public License as published by
7  * the Free Software Foundation, either version 3 of the License, or
8  * (at your option) any later version.
9  *
10  * This program is distributed in the hope that it will be useful,
11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13  * GNU Affero General Public License for more details.
14  *
15  * You should have received a copy of the GNU Affero General Public License
16  * along with this program. If not, see <http://www.gnu.org/licenses/>.
17  */
18 
19 package org.turro.auth;
20 
21 import java.io.IOException;
22 import java.util.logging.Level;
23 import java.util.logging.Logger;
24 import javax.servlet.ServletContext;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.http.HttpServletResponse;
27 import org.turro.string.Strings;
28 import org.turro.action.Actions;
29 import org.turro.elephant.context.ElephantContext;
30 import org.turro.elephant.context.ElephantProperties;
31 import org.turro.elephant.direct.DirectContent;
32 import org.turro.elephant.direct.DirectContents;
33 import org.turro.elephant.direct.IDirectContent;
34 import org.turro.http.ElephantPost;
35 import org.turro.http.ElephantResponse;
36 import org.turro.http.ElephantResponseType;
37 import org.turro.plugin.contacts.IContact;
38 
43 @DirectContent(identifier="authentication")
44 public class AuthActions implements IDirectContent {
45 
46  private static String
47  LOGOUT_URL = "/logout",
48  AUTH_URL = "/authurl";
49 
50  public static String getAccessURL(String domain, String email, String redir) {
51  try {
52  ElephantPost ep = new ElephantPost(DirectContents.createURL(domain, getIdentifier()) + AUTH_URL);
53  if(!email.contains("@")) {
54  email = mapName(email);
55  }
56  ep.addParameter("email", email);
57  ep.addParameter("redir", redir);
58  ElephantResponse er = ep.doPost();
59  if(ElephantResponse.isCorrect(er)) {
60  return domain + "?" + er.message;
61  }
62  } catch (IOException ex) {
63  Logger.getLogger(AuthActions.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
64  }
65  return null;
66  }
67 
68  public static String createLogoutURL(String redir) {
69  IContact contact = Authentication.getLoggedIContact();
70  if(contact != null && contact.isValid()) {
71  return DirectContents.createRelativeURL(getIdentifier()) + LOGOUT_URL +
72  (redir != null ? "?redir=" + redir : "");
73  } else {
74  return null;
75  }
76  }
77 
78  public static boolean isTrustedSource(HttpServletRequest request) {
79  String remoteIP = request.getRemoteAddr();
80  if("127.0.0.1".equals(remoteIP)) return true;
81  if(ElephantProperties.containsContextProperty("trusted", "trusted")) {
82  Logger.getLogger(AuthActions.class.getName()).log(Level.INFO, remoteIP + " trust checked");
83  return ElephantProperties.getContextProperty("trusted", "trusted", "").contains(remoteIP);
84  }
85  return false;
86  }
87 
88  public static String mapName(String name) {
89  if(ElephantProperties.containsContextProperty("user-map", name)) {
90  Logger.getLogger(AuthActions.class.getName()).log(Level.INFO, name + " mapped");
91  return ElephantProperties.getContextProperty("user-map", name);
92  } else {
93  Logger.getLogger(AuthActions.class.getName()).log(Level.INFO, name + " not found");
94  }
95  return null;
96  }
97 
98  public static String getIdentifier() {
99  return AuthActions.class.getAnnotation(DirectContent.class).identifier();
100  }
101 
102  @Override
103  public boolean itsMe(String id) {
104  return getIdentifier().equals(id);
105  }
106 
107  @Override
108  public boolean myTurn(HttpServletRequest request) {
109  return DirectContents.isYourTurn(request, getIdentifier());
110  }
111 
112  @Override
113  public void execute(ServletContext context, HttpServletRequest request, HttpServletResponse response) {
114  if(DirectContents.isYourTurn(request, getIdentifier() + LOGOUT_URL)) {
115  String redir = request.getParameter("redir");
116  try {
117  Authentication.doLogout(redir);
118  } catch (IOException ex) {
119  Logger.getLogger(AuthActions.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
120  }
121  } else if(DirectContents.isYourTurn(request, getIdentifier() + AUTH_URL)) {
122  if(isTrustedSource(request)) {
123  try {
124  String url = createAccessURL(request);
125  if(!Strings.isBlank(url)) {
126  ElephantResponse.writeToResponse(response, ElephantResponseType.RESPONSE_CORRECT,
127  url, null);
128  }
129  } catch (IOException ex) {
130  Logger.getLogger(AuthActions.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
131  }
132  }
133  }
134  }
135 
136  private static String createAccessURL(HttpServletRequest request) {
137  try {
138  String email = request.getParameter("email"),
139  redir = request.getParameter("redir");
140  return Actions.createAction(email, redir);
141  } catch (Exception ex) {
142  Logger.getLogger(AuthActions.class.getName()).log(Level.SEVERE, ElephantContext.logMsg(null), ex);
143  }
144  return null;
145  }
146 
147 }
org.turro.action.Actions.createAction
static String createAction(String email, String redir)
Definition: Actions.java:90
org.turro.auth.AuthActions.itsMe
boolean itsMe(String id)
Definition: AuthActions.java:103
org.turro.auth.AuthActions.getAccessURL
static String getAccessURL(String domain, String email, String redir)
Definition: AuthActions.java:50
org.turro.auth.AuthActions.mapName
static String mapName(String name)
Definition: AuthActions.java:88
org.turro.auth.AuthActions.myTurn
boolean myTurn(HttpServletRequest request)
Definition: AuthActions.java:108
org.turro.auth.AuthActions.createLogoutURL
static String createLogoutURL(String redir)
Definition: AuthActions.java:68
org.turro.auth.AuthActions.execute
void execute(ServletContext context, HttpServletRequest request, HttpServletResponse response)
Definition: AuthActions.java:113
org.turro.auth.AuthActions.isTrustedSource
static boolean isTrustedSource(HttpServletRequest request)
Definition: AuthActions.java:78
org.turro.auth.AuthActions.getIdentifier
static String getIdentifier()
Definition: AuthActions.java:98
org.turro.auth.Authentication.doLogout
static void doLogout(String redir)
Definition: Authentication.java:119
org.turro.auth.Authentication.getLoggedIContact
static IContact getLoggedIContact()
Definition: Authentication.java:234
org.turro.elephant.context.ElephantProperties.containsContextProperty
static boolean containsContextProperty(String context, String property)
Definition: ElephantProperties.java:45
org.turro.elephant.context.ElephantProperties.getContextProperty
static String getContextProperty(String context, String property)
Definition: ElephantProperties.java:50
org.turro.elephant.direct.DirectContents.isYourTurn
static boolean isYourTurn(HttpServletRequest request, String path)
Definition: DirectContents.java:68
org.turro.elephant.direct.DirectContents.createURL
static String createURL(String server, String id)
Definition: DirectContents.java:48
org.turro.elephant.direct.DirectContents.createRelativeURL
static String createRelativeURL(String id)
Definition: DirectContents.java:56
org.turro.http.ElephantPost.doPost
ElephantResponse doPost()
Definition: ElephantPost.java:55
org.turro.http.ElephantPost.addParameter
void addParameter(String name, String value)
Definition: ElephantPost.java:51
org.turro.http.ElephantResponse.isCorrect
static boolean isCorrect(ElephantResponse er)
Definition: ElephantResponse.java:46
org.turro.http.ElephantResponse.writeToResponse
static void writeToResponse(HttpServletResponse response, ElephantResponseType type, String message, String code)
Definition: ElephantResponse.java:80