X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=ui%2Fsrc%2Fmain%2Fjava%2Forg%2Fakraino%2Fvalidation%2Fui%2Flogin%2FLoginStrategyImpl.java;h=bebc35a61a37c49701367712d6977f73d7ee58c4;hb=19e7a87af0e8b17a418497b41c8b8c98708cd01f;hp=b6a78fca3d42e9c19eabb7fdcacd65cd6afb2999;hpb=ff30598b6737f473e36eab3635b64e6eba2e760d;p=validation.git diff --git a/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java b/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java index b6a78fc..bebc35a 100644 --- a/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java +++ b/ui/src/main/java/org/akraino/validation/ui/login/LoginStrategyImpl.java @@ -17,25 +17,14 @@ package org.akraino.validation.ui.login; import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.security.InvalidKeyException; -import java.security.NoSuchAlgorithmException; -import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; -import javax.crypto.BadPaddingException; -import javax.crypto.Cipher; -import javax.crypto.IllegalBlockSizeException; -import javax.crypto.NoSuchPaddingException; -import javax.crypto.SecretKey; -import javax.crypto.spec.SecretKeySpec; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import org.apache.commons.codec.binary.Hex; import org.onap.portalsdk.core.auth.LoginStrategy; import org.onap.portalsdk.core.command.LoginBean; import org.onap.portalsdk.core.domain.RoleFunction; @@ -76,29 +65,38 @@ public class LoginStrategyImpl extends LoginStrategy { LoginBean commandBean = new LoginBean(); String loginId = request.getParameter("loginId"); String password = request.getParameter("password"); - String key = System.getenv("ENCRYPTION_KEY"); - password = aesEncrypt(password, key); + String redirectUrl = request.getParameter("redirectUrl"); commandBean.setLoginId(loginId); commandBean.setLoginPwd(password); - // commandBean.setUserid(loginId); + commandBean.setUserid(loginId); commandBean = loginService.findUser(commandBean, (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), new HashMap()); List roleFunctionList = roleService.getRoleFunctions(loginId); - - if (commandBean.getUser() == null) { + if (commandBean.getUser() == null || !CipherUtil + .decryptPKC(commandBean.getUser().getLoginPwd(), System.getenv("ENCRYPTION_KEY")).equals(password)) { String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage() : "login.error.external.invalid"; Map model = new HashMap<>(); model.put("error", loginErrorMessage); - return new ModelAndView("login_external", "model", model); + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("login_external", "model", model); + } else { + return new ModelAndView( + "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl")); + } } else { // store the currently logged in user's information in the session UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), commandBean.getBusinessDirectMenu(), SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); initateSessionMgtHandler(request); - // user has been authenticated, now take them to the welcome page - return new ModelAndView("redirect:welcome.htm"); + // user has been authenticated, now take them to the welcome or redirection page + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("redirect:welcome.htm"); + } else { + return new ModelAndView("redirect:" + + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length())); + } } } @@ -110,29 +108,57 @@ public class LoginStrategyImpl extends LoginStrategy { LoginBean commandBean = new LoginBean(); String loginId = request.getParameter("loginId"); String password = request.getParameter("password"); - String key = System.getenv("ENCRYPTION_KEY"); - password = aesEncrypt(password, key); + String redirectUrl = request.getParameter("redirectUrl"); commandBean.setLoginId(loginId); commandBean.setLoginPwd(password); - // commandBean.setUserid(loginId); + commandBean.setUserid(loginId); commandBean = loginService.findUser(commandBean, (String) request.getAttribute(MenuProperties.MENU_PROPERTIES_FILENAME_KEY), new HashMap()); List roleFunctionList = roleService.getRoleFunctions(loginId); - if (commandBean.getUser() == null) { - String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) ? commandBean.getLoginErrorMessage() - : "login.error.external.invalid"; - Map model = new HashMap<>(); - model.put("error", loginErrorMessage); - return new ModelAndView("login_external", "model", model); - } else { + try { + if (commandBean.getUser() == null + || !CipherUtil.decryptPKC(commandBean.getUser().getLoginPwd(), System.getenv("ENCRYPTION_KEY")) + .equals(password)) { + String loginErrorMessage = (commandBean.getLoginErrorMessage() != null) + ? commandBean.getLoginErrorMessage() + : "login.error.external.invalid"; + Map model = new HashMap<>(); + model.put("error", loginErrorMessage); + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("login_external", "model", model); + } else { + return new ModelAndView( + "redirect:login_external.htm?redirectUrl=" + request.getParameter("redirectUrl")); + } + } else { + // store the currently logged in user's information in the session + UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), + commandBean.getBusinessDirectMenu(), + SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); + initateSessionMgtHandler(request); + // user has been authenticated, now take them to the welcome or redirection page + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("redirect:welcome.htm"); + } else { + return new ModelAndView("redirect:" + + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length())); + } + } + } catch (CipherUtilException e) { + LOGGER.error(EELFLoggerDelegate.errorLogger, "Error in Cipher." + UserUtils.getStackTrace(e)); // store the currently logged in user's information in the session UserUtils.setUserSession(request, commandBean.getUser(), commandBean.getMenu(), commandBean.getBusinessDirectMenu(), SystemProperties.getProperty(SystemProperties.LOGIN_METHOD_BACKDOOR), roleFunctionList); initateSessionMgtHandler(request); - // user has been authenticated, now take them to the welcome page - return new ModelAndView("redirect:welcome"); + // user has been authenticated, now take them to the welcome or redirection page + if (redirectUrl == null || redirectUrl.equals("")) { + return new ModelAndView("redirect:welcome.htm"); + } else { + return new ModelAndView("redirect:" + + redirectUrl.substring(redirectUrl.lastIndexOf("/bluvalui/") + 10, redirectUrl.length())); + } } } @@ -192,21 +218,4 @@ public class LoginStrategyImpl extends LoginStrategy { return null; } - private String aesEncrypt(String password, String strKey) { - try { - byte[] keyBytes = Arrays.copyOf(strKey.getBytes("ASCII"), 16); - SecretKey key = new SecretKeySpec(keyBytes, "AES"); - Cipher cipher = Cipher.getInstance("AES"); - cipher.init(Cipher.ENCRYPT_MODE, key); - byte[] cleartext = password.getBytes("UTF-8"); - byte[] ciphertextBytes = cipher.doFinal(cleartext); - return new String(Hex.encodeHex(ciphertextBytes)); - } catch (NoSuchAlgorithmException | NoSuchPaddingException | InvalidKeyException | UnsupportedEncodingException - | IllegalBlockSizeException | BadPaddingException e) { - LOGGER.error(EELFLoggerDelegate.errorLogger, - "Error when encrypting password key" + UserUtils.getStackTrace(e)); - return null; - } - } - }