diff options
Diffstat (limited to 'src/com/p4square/grow/frontend')
8 files changed, 72 insertions, 23 deletions
diff --git a/src/com/p4square/grow/frontend/AuthenticatedResource.java b/src/com/p4square/grow/frontend/AuthenticatedResource.java new file mode 100644 index 0000000..800eb83 --- /dev/null +++ b/src/com/p4square/grow/frontend/AuthenticatedResource.java @@ -0,0 +1,18 @@ +/* + * Copyright 2013 Jesse Morgan + */ + +package com.p4square.grow.frontend; + +import org.restlet.resource.ServerResource; +import org.restlet.representation.Representation; + +/** + * + * @author Jesse Morgan <jesse@jesterpm.net> + */ +public class AuthenticatedResource extends ServerResource { + protected Representation post() { + return null; + } +} diff --git a/src/com/p4square/grow/frontend/GrowFrontend.java b/src/com/p4square/grow/frontend/GrowFrontend.java index b625d4f..02c2137 100644 --- a/src/com/p4square/grow/frontend/GrowFrontend.java +++ b/src/com/p4square/grow/frontend/GrowFrontend.java @@ -42,7 +42,7 @@ import com.p4square.grow.frontend.session.SessionCreatingAuthenticator; * @author Jesse Morgan <jesse@jesterpm.net> */ public class GrowFrontend extends FMFacade { - private static Logger cLog = Logger.getLogger(GrowFrontend.class); + private static Logger LOG = Logger.getLogger(GrowFrontend.class); private Config mConfig; @@ -57,9 +57,7 @@ public class GrowFrontend extends FMFacade { } @Override - public void start() throws Exception { - super.start(); - + public synchronized void start() throws Exception { final String configDomain = getContext().getParameters().getFirstValue("configDomain"); if (configDomain != null) { @@ -72,11 +70,14 @@ public class GrowFrontend extends FMFacade { getContext().getParameters().getFirstValue("configFile"); if (configFilename != null) { + LOG.info("Loading configuration from " + configFilename); mConfig.updateConfig(configFilename); } + + super.start(); } - F1OAuthHelper getHelper() { + synchronized F1OAuthHelper getHelper() { if (mHelper == null) { mHelper = new F1OAuthHelper(getContext(), mConfig.getString("f1ConsumerKey", ""), mConfig.getString("f1ConsumerSecret", ""), @@ -98,6 +99,8 @@ public class GrowFrontend extends FMFacade { router.attach("/login.html", LoginPageResource.class); final Router accountRouter = new Router(getContext()); + accountRouter.attach("/authenticate", AuthenticatedResource.class); + accountRouter.attach("/assessment/question/{questionId}", SurveyPageResource.class); accountRouter.attach("/assessment", SurveyPageResource.class); accountRouter.attach("/training/{chapter}/videos/{videoId}.json", VideosResource.class); @@ -113,6 +116,7 @@ public class GrowFrontend extends FMFacade { private Authenticator createAuthenticatorChain(Restlet last) { final Context context = getContext(); final String loginPage = getConfig().getString("dynamicRoot", "") + "/login.html"; + final String loginPost = getConfig().getString("dynamicRoot", "") + "/account/authenticate"; // This is used to check for an existing session SessionCheckingAuthenticator sessionChk = new SessionCheckingAuthenticator(context, true); @@ -121,7 +125,7 @@ public class GrowFrontend extends FMFacade { SecondPartyVerifier f1Verifier = new SecondPartyVerifier(getHelper()); LoginFormAuthenticator loginAuth = new LoginFormAuthenticator(context, false, f1Verifier); loginAuth.setLoginFormUrl(loginPage); - loginAuth.setLoginPostUrl("/account/authenticate"); + loginAuth.setLoginPostUrl(loginPost); // This is used to create a new session for a newly authenticated user. SessionCreatingAuthenticator sessionCreate = new SessionCreatingAuthenticator(context); @@ -142,8 +146,9 @@ public class GrowFrontend extends FMFacade { final Component component = new Component(); component.getServers().add(Protocol.HTTP, 8085); component.getClients().add(Protocol.HTTP); + component.getClients().add(Protocol.HTTPS); component.getClients().add(Protocol.FILE); - component.getClients().add(new Client(null, Arrays.asList(Protocol.HTTPS), "org.restlet.ext.httpclient.HttpClientHelper")); + //component.getClients().add(new Client(null, Arrays.asList(Protocol.HTTPS), "org.restlet.ext.httpclient.HttpClientHelper")); // Static content try { @@ -152,7 +157,7 @@ public class GrowFrontend extends FMFacade { component.getDefaultHost().attach("/style.css", new FileServingApp("./build/style.css")); component.getDefaultHost().attach("/favicon.ico", new FileServingApp("./build/favicon.ico")); } catch (IOException e) { - cLog.error("Could not create directory for static resources: " + LOG.error("Could not create directory for static resources: " + e.getMessage(), e); } @@ -173,17 +178,17 @@ public class GrowFrontend extends FMFacade { try { component.stop(); } catch (Exception e) { - cLog.error("Exception during cleanup", e); + LOG.error("Exception during cleanup", e); } } }); - cLog.info("Starting server..."); + LOG.info("Starting server..."); try { component.start(); } catch (Exception e) { - cLog.fatal("Could not start: " + e.getMessage(), e); + LOG.fatal("Could not start: " + e.getMessage(), e); } } diff --git a/src/com/p4square/grow/frontend/LoginFormAuthenticator.java b/src/com/p4square/grow/frontend/LoginFormAuthenticator.java index d5a3c22..ef0abba 100644 --- a/src/com/p4square/grow/frontend/LoginFormAuthenticator.java +++ b/src/com/p4square/grow/frontend/LoginFormAuthenticator.java @@ -12,12 +12,13 @@ import org.restlet.Response; import org.restlet.data.ChallengeResponse; import org.restlet.data.ChallengeScheme; import org.restlet.data.Form; +import org.restlet.data.Method; import org.restlet.data.Reference; import org.restlet.security.Authenticator; import org.restlet.security.Verifier; /** - * LoginFormAuthenticator changes + * LoginFormAuthenticator changes * * * @author Jesse Morgan <jesse@jesterpm.net> @@ -47,7 +48,7 @@ public class LoginFormAuthenticator extends Authenticator { @Override protected int beforeHandle(Request request, Response response) { - if (request.getClientInfo().isAuthenticated()) { + if (!isLoginAttempt(request) && request.getClientInfo().isAuthenticated()) { // TODO: Logout LOG.debug("Already authenticated. Skipping"); return CONTINUE; @@ -60,12 +61,11 @@ public class LoginFormAuthenticator extends Authenticator { @Override protected boolean authenticate(Request request, Response response) { - String requestPath = request.getResourceRef().getPath(); - boolean isLoginAttempt = mLoginPostUrl.equals(requestPath); + boolean isLoginAttempt = isLoginAttempt(request); Form query = request.getOriginalRef().getQueryAsForm(); String redirect = query.getFirstValue("redirect"); - if (redirect == null) { + if (redirect == null || redirect.length() == 0) { if (isLoginAttempt) { redirect = mDefaultRedirect; } else { @@ -96,8 +96,6 @@ public class LoginFormAuthenticator extends Authenticator { // We expect the verifier to setup the User object. int result = mVerifier.verify(request, response); if (result == Verifier.RESULT_VALID) { - // TODO: Ensure redirect is a relative url. - response.redirectSeeOther(redirect); return true; } } @@ -113,10 +111,32 @@ public class LoginFormAuthenticator extends Authenticator { ref.addQueryParameter("retry", "t"); } - LOG.debug("Redirecting to " + ref.toString()); + LOG.debug("Redirecting to " + ref); response.redirectSeeOther(ref.toString()); } LOG.debug("Failing authentication."); return false; } + + @Override + protected int authenticated(Request request, Response response) { + super.authenticated(request, response); + + Form query = request.getOriginalRef().getQueryAsForm(); + String redirect = query.getFirstValue("redirect"); + if (redirect == null || redirect.length() == 0) { + redirect = mDefaultRedirect; + } + + // TODO: Ensure redirect is a relative url. + LOG.debug("Redirecting to " + redirect); + response.redirectSeeOther(redirect); + + return CONTINUE; + } + + private boolean isLoginAttempt(Request request) { + String requestPath = request.getResourceRef().getPath(); + return request.getMethod() == Method.POST && mLoginPostUrl.equals(requestPath); + } } diff --git a/src/com/p4square/grow/frontend/LoginPageResource.java b/src/com/p4square/grow/frontend/LoginPageResource.java index 3eaff65..13fe212 100644 --- a/src/com/p4square/grow/frontend/LoginPageResource.java +++ b/src/com/p4square/grow/frontend/LoginPageResource.java @@ -59,7 +59,7 @@ public class LoginPageResource extends FreeMarkerPageResource { Form query = getRequest().getOriginalRef().getQueryAsForm(); String retry = query.getFirstValue("retry"); - if ("t".equals("retry")) { + if ("t".equals(retry)) { root.put("errorMessage", "Invalid email or password."); } diff --git a/src/com/p4square/grow/frontend/session/Session.java b/src/com/p4square/grow/frontend/session/Session.java index 3a241ef..3377962 100644 --- a/src/com/p4square/grow/frontend/session/Session.java +++ b/src/com/p4square/grow/frontend/session/Session.java @@ -15,7 +15,7 @@ import org.restlet.security.User; * @author Jesse Morgan <jesse@jesterpm.net> */ public class Session { - private static final long LIFETIME = 86400; + private static final long LIFETIME = 86400000; private final String mSessionId; private final User mUser; diff --git a/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java index 8382aff..745484d 100644 --- a/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java +++ b/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java @@ -27,6 +27,7 @@ public class SessionCheckingAuthenticator extends Authenticator { Session s = Sessions.getInstance().get(request); if (s != null) { + LOG.debug("Found session for user " + s.getUser()); request.getClientInfo().setUser(s.getUser()); return true; diff --git a/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java index ce6024c..c569bb9 100644 --- a/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java +++ b/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java @@ -36,6 +36,7 @@ public class SessionCreatingAuthenticator extends Authenticator { if (request.getClientInfo().isAuthenticated() && user != null) { Sessions.getInstance().create(request, response); + LOG.debug(response); return true; } diff --git a/src/com/p4square/grow/frontend/session/Sessions.java b/src/com/p4square/grow/frontend/session/Sessions.java index 094d2f0..58bb5f6 100644 --- a/src/com/p4square/grow/frontend/session/Sessions.java +++ b/src/com/p4square/grow/frontend/session/Sessions.java @@ -9,6 +9,7 @@ import java.util.Map; import org.restlet.Response; import org.restlet.Request; +import org.restlet.data.CookieSetting; import org.restlet.security.User; /** @@ -72,8 +73,11 @@ public class Sessions { public Session create(Request request, Response response) { Session s = create(request.getClientInfo().getUser()); - request.getCookies().add(COOKIE_NAME, s.getId()); - response.getCookieSettings().add(COOKIE_NAME, s.getId()); + CookieSetting cookie = new CookieSetting(COOKIE_NAME, s.getId()); + cookie.setPath("/"); + + request.getCookies().add(cookie); + response.getCookieSettings().add(cookie); return s; } |