Projekt

Obecné

Profil

« Předchozí | Další » 

Revize 7c8f251f

Přidáno uživatelem Jakub Danek před více než 5 roky(ů)

re #29 hackity login endpoint, check todo, needs reimplementation

Zobrazit rozdíly:

server/src/main/java/org/danekja/ymanager/ws/rest/LoginController.java
1 
package org.danekja.ymanager.ws.rest;
2 

  		




  
  3
  
    
import org.danekja.ymanager.business.AuthorizationService;


  		




  
  4
  
    
import org.springframework.beans.factory.annotation.Autowired;


  		




  
  5
  
    
import org.springframework.security.web.savedrequest.HttpSessionRequestCache;


  		




  
  6
  
    
import org.springframework.security.web.savedrequest.RequestCache;


  		




  
  7
  
    
import org.springframework.stereotype.Controller;


  		




  
  8
  
    
import org.springframework.web.bind.annotation.GetMapping;


  		




  
  9
  
    
import org.springframework.web.bind.annotation.PathVariable;


  		




  
  10
  
    
import org.springframework.web.bind.annotation.RequestParam;


  		




  
  11
  
    

  		




  
  12
  
    
import javax.servlet.http.HttpServletRequest;


  		




  
  13
  
    
import javax.servlet.http.HttpServletResponse;


  		




  
  14
  
    

  		




  
  15
  
    
@Controller


  		




  
  16
  
    
public class LoginController {


  		




  
  17
  
    

  		




  
  18
  
    
    @Autowired


  		




  
  19
  
    
    private AuthorizationService authorizationService;


  		




  
  20
  
    

  		




  
  21
  
    
    private RequestCache requestCache = new HttpSessionRequestCache();


  		




  
  22
  
    

  		




  
  23
  
    
    /**


  		




  
  24
  
    
     * Hackity way of providing connecting apps with means to say where to redirect after login.


  		




  
  25
  
    
     * Example call: GET /api/login/google?target=http:/myfrontapp.com/


  		




  
  26
  
    
     * <p>


  		




  
  27
  
    
     * TODO most likely should be dropped after OAuth2 authentication is triggered and handled by front-end,


  		




  
  28
  
    
     * TODO while backend only accepts the necessary token.


  		




  
  29
  
    
     *


  		




  
  30
  
    
     * @param target


  		




  
  31
  
    
     * @param provider


  		




  
  32
  
    
     * @param request


  		




  
  33
  
    
     * @param response


  		




  
  34
  
    
     * @throws Exception


  		




  
  35
  
    
     */


  		




  
  36
  
    
    @GetMapping("login/{provider}")


  		




  
  37
  
    
    public void login(@RequestParam("target") String target,


  		




  
  38
  
    
                      @PathVariable("provider") String provider,


  		




  
  39
  
    
                      HttpServletRequest request, HttpServletResponse response) throws Exception {


  		




  
  40
  
    
        if (authorizationService.isSignedIn()) {


  		




  
  41
  
    
            response.sendRedirect(target);


  		




  
  42
  
    
        } else {


  		




  
  43
  
    
            switch (provider) {


  		




  
  44
  
    
                case "google":


  		




  
  45
  
    
                    this.requestCache.saveRequest(request, response);


  		




  
  46
  
    
                    response.sendRedirect("/api/oauth2/authorization/google");


  		




  
  47
  
    
                    break;


  		




  
  48
  
    
                default:


  		




  
  49
  
    
                    response.sendError(HttpServletResponse.SC_BAD_REQUEST);


  		




  
  50
  
    
            }


  		




  
  51
  
    

  		




  
  52
  
    
        }


  		




  
  53
  
    
    }


  		




  
  54
  
    
}


  		












Také k dispozici:  Unified diff