Xinwen Deng / aem-src

LoginServlet.java 4.59 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 
/*
 * Decompiled with CFR 0_118.
 * 
 * Could not load the following classes:
 *  javax.servlet.Servlet
 *  javax.servlet.http.HttpServletRequest
 *  javax.servlet.http.HttpServletResponse
 *  org.apache.felix.scr.annotations.Component
 *  org.apache.felix.scr.annotations.Properties
 *  org.apache.felix.scr.annotations.Property
 *  org.apache.felix.scr.annotations.Reference
 *  org.apache.felix.scr.annotations.ReferenceCardinality
 *  org.apache.felix.scr.annotations.ReferencePolicy
 *  org.apache.felix.scr.annotations.Service
 *  org.apache.sling.api.SlingHttpServletRequest
 *  org.apache.sling.api.SlingHttpServletResponse
 *  org.apache.sling.api.servlets.SlingSafeMethodsServlet
 *  org.apache.sling.auth.core.spi.AbstractAuthenticationHandler
 *  org.apache.sling.commons.auth.Authenticator
 *  org.apache.sling.commons.auth.NoAuthenticationHandlerException
 *  org.slf4j.Logger
 *  org.slf4j.LoggerFactory
 */
package com.day.cq.auth.impl;

import java.io.IOException;
import javax.servlet.Servlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.ReferenceCardinality;
import org.apache.felix.scr.annotations.ReferencePolicy;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingSafeMethodsServlet;
import org.apache.sling.auth.core.spi.AbstractAuthenticationHandler;
import org.apache.sling.commons.auth.Authenticator;
import org.apache.sling.commons.auth.NoAuthenticationHandlerException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Component
@Service(value={Servlet.class})
@Properties(value={@Property(name="service.description", value={"Day Communique LoginServlet"}), @Property(name="sling.auth.requirements", value={"-/bin/login", "-/login"})})
public class LoginServlet
extends SlingSafeMethodsServlet {
    private final Logger log;
    @Property(name="sling.servlet.paths")
    private static final String[] LOGIN_SERVLET_PATH = new String[]{"/bin/login", "/login"};
    @Reference(cardinality=ReferenceCardinality.OPTIONAL_UNARY, policy=ReferencePolicy.DYNAMIC)
    private volatile Authenticator authenticator;

    public LoginServlet() {
        this.log = LoggerFactory.getLogger(this.getClass());
    }

    protected void doGet(SlingHttpServletRequest request, SlingHttpServletResponse response) throws IOException {
        String resourcePath;
        if (request.getAuthType() != null && this.isSelf(resourcePath = request.getParameter("resource"))) {
            String redirectTarget = request.getContextPath() + "/";
            this.log.warn("doGet: Redirecting to {} to prevent login loop for resource {}", (Object)redirectTarget, (Object)resourcePath);
            response.sendRedirect(redirectTarget);
            return;
        }
        Authenticator authenticator = this.authenticator;
        if (authenticator != null) {
            try {
                request.setAttribute("cq.authhandler.dologin", (Object)true);
                AbstractAuthenticationHandler.setLoginResourceAttribute((HttpServletRequest)request, (String)request.getContextPath());
                authenticator.login((HttpServletRequest)request, (HttpServletResponse)response);
                return;
            }
            catch (IllegalStateException ise) {
                this.log.error("doGet: Response already committed, cannot login");
                return;
            }
            catch (NoAuthenticationHandlerException nahe) {
                this.log.error("doGet: No AuthenticationHandler to login registered");
            }
        } else {
            this.log.error("doGet: Authenticator service missing, cannot request authentication");
        }
        response.sendError(403, "Cannot login");
    }

    private boolean isSelf(String resourcePath) {
        if (resourcePath == null) {
            return true;
        }
        for (String servletPath : LOGIN_SERVLET_PATH) {
            if (!resourcePath.startsWith(servletPath)) continue;
            return true;
        }
        return false;
    }

    protected void bindAuthenticator(Authenticator authenticator) {
        this.authenticator = authenticator;
    }

    protected void unbindAuthenticator(Authenticator authenticator) {
        if (this.authenticator == authenticator) {
            this.authenticator = null;
        }
    }
}