added method to follow redirect in case of service on https

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portlets/user/my-vres@142152 82a268e6-3cf1-43bd-a215-b396298e98cf
This commit is contained in:
Massimiliano Assante 2017-02-03 11:34:47 +00:00
parent 6e81905da1
commit 9478de656f
2 changed files with 53 additions and 16 deletions

View File

@ -68,14 +68,12 @@
<dependency>
<groupId>com.googlecode.json-simple</groupId>
<artifactId>json-simple</artifactId>
<version>1.1.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.httpcomponents</groupId>
<artifactId>httpclient</artifactId>
<version>4.3</version>
<scope>compile</scope>
<version>4.5.3</version>
</dependency>
<!-- FWS DEPS -->
<dependency>

View File

@ -1,5 +1,10 @@
package org.gcube.portlet.user.my_vres.server;
import java.io.BufferedReader;
import java.io.DataOutputStream;
import java.io.InputStreamReader;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.ArrayList;
import java.util.Collections;
import java.util.LinkedHashMap;
@ -327,7 +332,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
String userToken = pContext.getCurrentUserToken(context, username);
String appName = authorisedApp.profile().name();
String qToken = AuthUtil.generateAuthorizationQualifierToken(appName, userToken);
_log.info("Received qualifier token for useer " + username + "=" + qToken);
_log.debug("Received qualifier token for useer " + username + "=" + qToken);
if (qToken == null) {
_log.error("Something wrong in retrieving the user qualifier token in this context: " + context + " username="+username);
return new AuthorizationBean(null, null, false, "Something wrong in retrieving the user qualifier token in this context: " + context + " username="+username);
@ -337,7 +342,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
_log.error("Something wrong in authorizing this application in this context: " + context );
return new AuthorizationBean(null, null, false, "Something wrong in authorizing this application in this context: " + context + " an error occurred in the oAuth Service");
}
_log.debug("Authorisation OAUTH 2 OK returning temporary code in this context: " + context + " username="+username);
return new AuthorizationBean(tempCode, state, true, null);
}
@ -351,7 +356,7 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
*/
@SuppressWarnings("unchecked")
private boolean authorizeApplication(String infrastructureName, String qToken, String tempCode, String clientId, String redirectURL) {
String fullPath2oAuthService = null;
try {
fullPath2oAuthService = AuthUtil.getOAuthServiceEndPoint(infrastructureName) +
@ -360,33 +365,67 @@ public class MyVREsServiceImpl extends RemoteServiceServlet implements MyVREsSer
_log.error("failed to discover oauth service endpoint ");
return false;
}
fullPath2oAuthService = fullPath2oAuthService.replaceAll("http", "https");
fullPath2oAuthService = fullPath2oAuthService.replaceAll("80", "443");
JSONObject object = new JSONObject();
object.put("code", tempCode);
object.put("redirect_uri", redirectURL);
object.put("client_id", clientId);
try (CloseableHttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new LaxRedirectStrategy()).build()) {
try {
String USER_AGENT = "Mozilla/5.0";
URL obj = new URL(fullPath2oAuthService);
HttpURLConnection con = (HttpURLConnection) obj.openConnection();
// Setting basic post request
con.setRequestMethod("POST");
con.setRequestProperty("User-Agent", USER_AGENT);
con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
con.setRequestProperty("Content-Type","application/json");
String postJsonData = object.toJSONString();
con.setDoOutput(true);
DataOutputStream wr = new DataOutputStream(con.getOutputStream());
wr.writeBytes(postJsonData);
wr.flush();
wr.close();
int responseCode = con.getResponseCode();
boolean redirect = false;
// normally, 3xx is redirect
int status = con.getResponseCode();
if (status != HttpURLConnection.HTTP_OK) {
if (status == HttpURLConnection.HTTP_MOVED_TEMP
|| status == HttpURLConnection.HTTP_MOVED_PERM
|| status == HttpURLConnection.HTTP_SEE_OTHER)
redirect = true;
}
if (redirect)
// get redirect url from "location" header field
fullPath2oAuthService = con.getHeaderField("Location");
CloseableHttpClient httpClient = HttpClientBuilder.create().setRedirectStrategy(new LaxRedirectStrategy()).build();
HttpPost httpPostRequest = new HttpPost(fullPath2oAuthService);
httpPostRequest.addHeader("Content-type", "application/json");
StringEntity params = new StringEntity(object.toJSONString(), ContentType.APPLICATION_JSON);
httpPostRequest.setEntity(params);
HttpResponse response = httpClient.execute(httpPostRequest);
if (response.getStatusLine().getStatusCode() < 200 || response.getStatusLine().getStatusCode() >= 300) {
responseCode = response.getStatusLine().getStatusCode();
if (responseCode < 200 || responseCode >= 300) {
_log.error("failed to patch the product. response status line from "
+ fullPath2oAuthService + " was: " + response.getStatusLine());
+ fullPath2oAuthService + " was: " + responseCode);
return false;
}
//
}catch(Exception e){
_log.error("Failed to perform request", e);
return false;
}
return true;
}
}