oidc-enrollment-hook/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java

package com.nubisware.oidc.lr62;

import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
import com.liferay.portal.kernel.servlet.BaseFilter;
import com.liferay.portal.model.User;
import com.liferay.portal.util.PortalUtil;
import com.nubisware.oidc.rest.JWTToken;
import com.nubisware.oidc.rest.OpenIdConnectConfiguration;
import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;

public class OpenIdConnectLoginFilter extends BaseFilter {

    protected static final Log log = LogFactoryUtil.getLog(OpenIdConnectLoginFilter.class);

    public OpenIdConnectLoginFilter() {
        super();
        if (log.isDebugEnabled()) {
            log.debug("Filter created");
        }
    }

    @Override
    protected void processFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
            throws Exception {

        User user;
        try {
            if (log.isDebugEnabled()) {
                log.debug("Getting user via portal utils");
            }
            user = PortalUtil.getUser(request);
        } catch (PortalException | SystemException e) {
            throw new ServletException("Getting user using utils", e);
        }
        HttpSession session = request.getSession(false);
        JWTToken token = null;
        if (user == null) {
            String uri = request.getRequestURI();
            if (log.isDebugEnabled()) {
                log.debug("No user logged in " + uri);
            }
            String sessionId = session.getId();
            OpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
            if (request.getParameter("state") != null && request.getParameter("state").equals(sessionId)) {
                try {
                    token = OpenIdConnectRESTHelper.queryToken(configuration.getClientId(),
                            configuration.getTokenUrl(), request.getParameter("code"), configuration.getScope(),
                            request.getRequestURL().toString());
                } catch (Exception e) {
                    throw new ServletException("Querying token from OIDC server", e);
                }
                JWTTokenUtil.putOIDCInRequest(token, request);
                // The auto login class will perform the portal auto login using the token
            } else {
                String oidcRedirectURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
                        configuration.getClientId(), sessionId, request.getRequestURL().toString());

                if (log.isDebugEnabled()) {
                    log.debug("Redirecting to OIDC server login URL: " + oidcRedirectURL);
                }
                response.sendRedirect(oidcRedirectURL);
                return;
            }
        }
        processFilter(getClass(), request, response, filterChain);
    }

    @Override
    protected Log getLog() {
        return log;
    }

}