diff options
Diffstat (limited to 'src')
10 files changed, 94 insertions, 43 deletions
diff --git a/src/com/p4square/grow/backend/GrowBackend.java b/src/com/p4square/grow/backend/GrowBackend.java index 515cd1b..d072dfb 100644 --- a/src/com/p4square/grow/backend/GrowBackend.java +++ b/src/com/p4square/grow/backend/GrowBackend.java @@ -26,7 +26,7 @@ import com.p4square.grow.backend.resources.TrainingRecordResource; * @author Jesse Morgan <jesse@jesterpm.net> */ public class GrowBackend extends Application { - private final static Logger cLog = Logger.getLogger(GrowBackend.class); + private final static Logger LOG = Logger.getLogger(GrowBackend.class); private final Config mConfig; private final CassandraDatabase mDatabase; @@ -42,7 +42,7 @@ public class GrowBackend extends Application { // Survey API router.attach("/assessment/question/{questionId}", SurveyResource.class); - + router.attach("/accounts/{userId}/assessment", SurveyResultsResource.class); router.attach("/accounts/{userId}/assessment/answers/{questionId}", SurveyResultsResource.class); @@ -50,7 +50,7 @@ public class GrowBackend extends Application { // Training API router.attach("/training/{level}", TrainingResource.class); router.attach("/training/{level}/videos/{videoId}", TrainingResource.class); - + router.attach("/accounts/{userId}/training", TrainingRecordResource.class); router.attach("/accounts/{userId}/training/videos/{videoId}", TrainingRecordResource.class); @@ -58,14 +58,14 @@ public class GrowBackend extends Application { return router; } - + /** * Open the database. */ @Override public void start() throws Exception { super.start(); - + // Load config final String configDomain = getContext().getParameters().getFirstValue("configDomain"); @@ -79,6 +79,7 @@ public class GrowBackend extends Application { getContext().getParameters().getFirstValue("configFile"); if (configFilename != null) { + LOG.info("Loading configuration from " + configFilename); mConfig.updateConfig(configFilename); } @@ -87,13 +88,13 @@ public class GrowBackend extends Application { mDatabase.setKeyspaceName(mConfig.getString("keyspace", "GROW")); mDatabase.init(); } - + /** * Close the database. */ @Override public void stop() throws Exception { - cLog.info("Shutting down..."); + LOG.info("Shutting down..."); mDatabase.close(); super.stop(); @@ -115,24 +116,24 @@ public class GrowBackend extends Application { component.getServers().add(Protocol.HTTP, 9095); component.getClients().add(Protocol.HTTP); component.getDefaultHost().attach(new GrowBackend()); - + // Setup shutdown hook Runtime.getRuntime().addShutdownHook(new Thread() { public void run() { try { component.stop(); } catch (Exception e) { - cLog.error("Exception during cleanup", e); + LOG.error("Exception during cleanup", e); } } }); - cLog.info("Starting server..."); + LOG.info("Starting server..."); try { component.start(); } catch (Exception e) { - cLog.fatal("Could not start: " + e.getMessage(), e); + LOG.fatal("Could not start: " + e.getMessage(), e); } } } diff --git a/src/com/p4square/grow/config/Config.java b/src/com/p4square/grow/config/Config.java index 20d6ff5..fea75e0 100644 --- a/src/com/p4square/grow/config/Config.java +++ b/src/com/p4square/grow/config/Config.java @@ -29,7 +29,7 @@ import org.apache.log4j.Logger; * @author Jesse Morgan <jesse@jesterpm.net> */ public class Config { - private static Logger cLog = Logger.getLogger(Config.class); + private static final Logger LOG = Logger.getLogger(Config.class); private String mDomain; private Properties mProperties; @@ -49,7 +49,7 @@ public class Config { * @param domain The new domain. */ public void setDomain(String domain) { - cLog.info("Setting Config domain to " + domain); + LOG.info("Setting Config domain to " + domain); mDomain = domain; } @@ -60,14 +60,14 @@ public class Config { public void updateConfig(String propertyFilename) { final File propFile = new File(propertyFilename); - cLog.info("Loading properties from " + propFile); + LOG.info("Loading properties from " + propFile); try { InputStream in = new FileInputStream(propFile); updateConfig(in); } catch (IOException e) { - cLog.error("Could not load properties file: " + e.getMessage(), e); + LOG.error("Could not load properties file: " + e.getMessage(), e); } } @@ -78,6 +78,7 @@ public class Config { * @param in The InputStream */ public void updateConfig(InputStream in) throws IOException { + LOG.info("Loading properties from InputStream"); mProperties.load(in); in.close(); } @@ -96,24 +97,24 @@ public class Config { * * @return The config value or defaultValue if it can not be found. */ - public String getString(String key, String defaultValue) { + public String getString(final String key, final String defaultValue) { String result; final String domainKey = mDomain + "." + key; result = mProperties.getProperty(domainKey); if (result != null) { - cLog.debug("Reading config for key = { " + key + " }. Got result = { " + result + " }"); + LOG.debug("Reading config for key = { " + key + " }. Got result = { " + result + " }"); return result; } final String globalKey = "*." + key; result = mProperties.getProperty(globalKey); if (result != null) { - cLog.debug("Reading config for key = { " + key + " }. Got result = { " + result + " }"); + LOG.debug("Reading config for key = { " + key + " }. Got result = { " + result + " }"); return result; } - cLog.debug("Reading config for key = { " + key + " }. Got default value = { " + defaultValue + " }"); + LOG.debug("Reading config for key = { " + key + " }. Got default value = { " + defaultValue + " }"); return defaultValue; } @@ -142,7 +143,7 @@ public class Config { return result; } catch (NumberFormatException e) { - cLog.warn("Expected property to be an integer: " + LOG.warn("Expected property to be an integer: " + key + " = { " + propertyValue + " }"); } } diff --git a/src/com/p4square/grow/frontend/AuthenticatedResource.java b/src/com/p4square/grow/frontend/AuthenticatedResource.java new file mode 100644 index 0000000..800eb83 --- /dev/null +++ b/src/com/p4square/grow/frontend/AuthenticatedResource.java @@ -0,0 +1,18 @@ +/* + * Copyright 2013 Jesse Morgan + */ + +package com.p4square.grow.frontend; + +import org.restlet.resource.ServerResource; +import org.restlet.representation.Representation; + +/** + * + * @author Jesse Morgan <jesse@jesterpm.net> + */ +public class AuthenticatedResource extends ServerResource { + protected Representation post() { + return null; + } +} diff --git a/src/com/p4square/grow/frontend/GrowFrontend.java b/src/com/p4square/grow/frontend/GrowFrontend.java index 36e7544..ac3db98 100644 --- a/src/com/p4square/grow/frontend/GrowFrontend.java +++ b/src/com/p4square/grow/frontend/GrowFrontend.java @@ -42,7 +42,7 @@ import com.p4square.grow.frontend.session.SessionCreatingAuthenticator; * @author Jesse Morgan <jesse@jesterpm.net> */ public class GrowFrontend extends FMFacade { - private static Logger cLog = Logger.getLogger(GrowFrontend.class); + private static Logger LOG = Logger.getLogger(GrowFrontend.class); private Config mConfig; @@ -57,9 +57,7 @@ public class GrowFrontend extends FMFacade { } @Override - public void start() throws Exception { - super.start(); - + public synchronized void start() throws Exception { final String configDomain = getContext().getParameters().getFirstValue("configDomain"); if (configDomain != null) { @@ -72,11 +70,14 @@ public class GrowFrontend extends FMFacade { getContext().getParameters().getFirstValue("configFile"); if (configFilename != null) { + LOG.info("Loading configuration from " + configFilename); mConfig.updateConfig(configFilename); } + + super.start(); } - F1OAuthHelper getHelper() { + synchronized F1OAuthHelper getHelper() { if (mHelper == null) { mHelper = new F1OAuthHelper(getContext(), mConfig.getString("f1ConsumerKey", ""), mConfig.getString("f1ConsumerSecret", ""), @@ -98,6 +99,8 @@ public class GrowFrontend extends FMFacade { router.attach("/login.html", LoginPageResource.class); final Router accountRouter = new Router(getContext()); + accountRouter.attach("/authenticate", AuthenticatedResource.class); + accountRouter.attach("/assessment/question/{questionId}", SurveyPageResource.class); accountRouter.attach("/assessment", SurveyPageResource.class); accountRouter.attach("/training/{chapter}/videos/{videoId}.json", VideosResource.class); @@ -113,6 +116,7 @@ public class GrowFrontend extends FMFacade { private Authenticator createAuthenticatorChain(Restlet last) { final Context context = getContext(); final String loginPage = getConfig().getString("dynamicRoot", "") + "/login.html"; + final String loginPost = getConfig().getString("dynamicRoot", "") + "/account/authenticate"; // This is used to check for an existing session SessionCheckingAuthenticator sessionChk = new SessionCheckingAuthenticator(context, true); @@ -121,7 +125,7 @@ public class GrowFrontend extends FMFacade { SecondPartyVerifier f1Verifier = new SecondPartyVerifier(getHelper()); LoginFormAuthenticator loginAuth = new LoginFormAuthenticator(context, false, f1Verifier); loginAuth.setLoginFormUrl(loginPage); - loginAuth.setLoginPostUrl("/account/authenticate"); + loginAuth.setLoginPostUrl(loginPost); // This is used to create a new session for a newly authenticated user. SessionCreatingAuthenticator sessionCreate = new SessionCreatingAuthenticator(context); @@ -142,8 +146,9 @@ public class GrowFrontend extends FMFacade { final Component component = new Component(); component.getServers().add(Protocol.HTTP, 8085); component.getClients().add(Protocol.HTTP); + component.getClients().add(Protocol.HTTPS); component.getClients().add(Protocol.FILE); - component.getClients().add(new Client(null, Arrays.asList(Protocol.HTTPS), "org.restlet.ext.httpclient.HttpClientHelper")); + //component.getClients().add(new Client(null, Arrays.asList(Protocol.HTTPS), "org.restlet.ext.httpclient.HttpClientHelper")); // Static content try { @@ -152,7 +157,7 @@ public class GrowFrontend extends FMFacade { component.getDefaultHost().attach("/style.css", new FileServingApp("./build/style.css")); component.getDefaultHost().attach("/favicon.ico", new FileServingApp("./build/favicon.ico")); } catch (IOException e) { - cLog.error("Could not create directory for static resources: " + LOG.error("Could not create directory for static resources: " + e.getMessage(), e); } @@ -173,17 +178,17 @@ public class GrowFrontend extends FMFacade { try { component.stop(); } catch (Exception e) { - cLog.error("Exception during cleanup", e); + LOG.error("Exception during cleanup", e); } } }); - cLog.info("Starting server..."); + LOG.info("Starting server..."); try { component.start(); } catch (Exception e) { - cLog.fatal("Could not start: " + e.getMessage(), e); + LOG.fatal("Could not start: " + e.getMessage(), e); } } diff --git a/src/com/p4square/grow/frontend/LoginFormAuthenticator.java b/src/com/p4square/grow/frontend/LoginFormAuthenticator.java index d5a3c22..ef0abba 100644 --- a/src/com/p4square/grow/frontend/LoginFormAuthenticator.java +++ b/src/com/p4square/grow/frontend/LoginFormAuthenticator.java @@ -12,12 +12,13 @@ import org.restlet.Response; import org.restlet.data.ChallengeResponse; import org.restlet.data.ChallengeScheme; import org.restlet.data.Form; +import org.restlet.data.Method; import org.restlet.data.Reference; import org.restlet.security.Authenticator; import org.restlet.security.Verifier; /** - * LoginFormAuthenticator changes + * LoginFormAuthenticator changes * * * @author Jesse Morgan <jesse@jesterpm.net> @@ -47,7 +48,7 @@ public class LoginFormAuthenticator extends Authenticator { @Override protected int beforeHandle(Request request, Response response) { - if (request.getClientInfo().isAuthenticated()) { + if (!isLoginAttempt(request) && request.getClientInfo().isAuthenticated()) { // TODO: Logout LOG.debug("Already authenticated. Skipping"); return CONTINUE; @@ -60,12 +61,11 @@ public class LoginFormAuthenticator extends Authenticator { @Override protected boolean authenticate(Request request, Response response) { - String requestPath = request.getResourceRef().getPath(); - boolean isLoginAttempt = mLoginPostUrl.equals(requestPath); + boolean isLoginAttempt = isLoginAttempt(request); Form query = request.getOriginalRef().getQueryAsForm(); String redirect = query.getFirstValue("redirect"); - if (redirect == null) { + if (redirect == null || redirect.length() == 0) { if (isLoginAttempt) { redirect = mDefaultRedirect; } else { @@ -96,8 +96,6 @@ public class LoginFormAuthenticator extends Authenticator { // We expect the verifier to setup the User object. int result = mVerifier.verify(request, response); if (result == Verifier.RESULT_VALID) { - // TODO: Ensure redirect is a relative url. - response.redirectSeeOther(redirect); return true; } } @@ -113,10 +111,32 @@ public class LoginFormAuthenticator extends Authenticator { ref.addQueryParameter("retry", "t"); } - LOG.debug("Redirecting to " + ref.toString()); + LOG.debug("Redirecting to " + ref); response.redirectSeeOther(ref.toString()); } LOG.debug("Failing authentication."); return false; } + + @Override + protected int authenticated(Request request, Response response) { + super.authenticated(request, response); + + Form query = request.getOriginalRef().getQueryAsForm(); + String redirect = query.getFirstValue("redirect"); + if (redirect == null || redirect.length() == 0) { + redirect = mDefaultRedirect; + } + + // TODO: Ensure redirect is a relative url. + LOG.debug("Redirecting to " + redirect); + response.redirectSeeOther(redirect); + + return CONTINUE; + } + + private boolean isLoginAttempt(Request request) { + String requestPath = request.getResourceRef().getPath(); + return request.getMethod() == Method.POST && mLoginPostUrl.equals(requestPath); + } } diff --git a/src/com/p4square/grow/frontend/LoginPageResource.java b/src/com/p4square/grow/frontend/LoginPageResource.java index e645c1b..8e1e97a 100644 --- a/src/com/p4square/grow/frontend/LoginPageResource.java +++ b/src/com/p4square/grow/frontend/LoginPageResource.java @@ -59,7 +59,7 @@ public class LoginPageResource extends FreeMarkerPageResource { Form query = getRequest().getOriginalRef().getQueryAsForm(); String retry = query.getFirstValue("retry"); - if ("t".equals("retry")) { + if ("t".equals(retry)) { root.put("errorMessage", "Invalid email or password."); } diff --git a/src/com/p4square/grow/frontend/session/Session.java b/src/com/p4square/grow/frontend/session/Session.java index 3a241ef..3377962 100644 --- a/src/com/p4square/grow/frontend/session/Session.java +++ b/src/com/p4square/grow/frontend/session/Session.java @@ -15,7 +15,7 @@ import org.restlet.security.User; * @author Jesse Morgan <jesse@jesterpm.net> */ public class Session { - private static final long LIFETIME = 86400; + private static final long LIFETIME = 86400000; private final String mSessionId; private final User mUser; diff --git a/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java index 8382aff..745484d 100644 --- a/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java +++ b/src/com/p4square/grow/frontend/session/SessionCheckingAuthenticator.java @@ -27,6 +27,7 @@ public class SessionCheckingAuthenticator extends Authenticator { Session s = Sessions.getInstance().get(request); if (s != null) { + LOG.debug("Found session for user " + s.getUser()); request.getClientInfo().setUser(s.getUser()); return true; diff --git a/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java b/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java index ce6024c..c569bb9 100644 --- a/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java +++ b/src/com/p4square/grow/frontend/session/SessionCreatingAuthenticator.java @@ -36,6 +36,7 @@ public class SessionCreatingAuthenticator extends Authenticator { if (request.getClientInfo().isAuthenticated() && user != null) { Sessions.getInstance().create(request, response); + LOG.debug(response); return true; } diff --git a/src/com/p4square/grow/frontend/session/Sessions.java b/src/com/p4square/grow/frontend/session/Sessions.java index 094d2f0..58bb5f6 100644 --- a/src/com/p4square/grow/frontend/session/Sessions.java +++ b/src/com/p4square/grow/frontend/session/Sessions.java @@ -9,6 +9,7 @@ import java.util.Map; import org.restlet.Response; import org.restlet.Request; +import org.restlet.data.CookieSetting; import org.restlet.security.User; /** @@ -72,8 +73,11 @@ public class Sessions { public Session create(Request request, Response response) { Session s = create(request.getClientInfo().getUser()); - request.getCookies().add(COOKIE_NAME, s.getId()); - response.getCookieSettings().add(COOKIE_NAME, s.getId()); + CookieSetting cookie = new CookieSetting(COOKIE_NAME, s.getId()); + cookie.setPath("/"); + + request.getCookies().add(cookie); + response.getCookieSettings().add(cookie); return s; } |