Xinwen Deng / aem-src

ScreensAuthenticationHandler.java 4.66 KB
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 
/*
 * Decompiled with CFR 0_118.
 * 
 * Could not load the following classes:
 *  javax.servlet.http.Cookie
 *  javax.servlet.http.HttpServletRequest
 *  javax.servlet.http.HttpServletResponse
 *  org.apache.felix.scr.annotations.Activate
 *  org.apache.felix.scr.annotations.Component
 *  org.apache.felix.scr.annotations.Deactivate
 *  org.apache.felix.scr.annotations.Properties
 *  org.apache.felix.scr.annotations.Property
 *  org.apache.felix.scr.annotations.Reference
 *  org.apache.felix.scr.annotations.Service
 *  org.apache.sling.auth.core.spi.AuthenticationHandler
 *  org.apache.sling.auth.core.spi.AuthenticationInfo
 *  org.osgi.framework.BundleContext
 *  org.osgi.service.component.ComponentContext
 */
package com.adobe.cq.screens.sessions.impl.auth;

import com.adobe.cq.screens.sessions.impl.auth.JaasHelper;
import com.adobe.cq.screens.sessions.impl.auth.ScreensCredentials;
import com.adobe.cq.screens.sessions.impl.auth.ScreensTokenProvider;
import java.util.Dictionary;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.felix.scr.annotations.Activate;
import org.apache.felix.scr.annotations.Component;
import org.apache.felix.scr.annotations.Deactivate;
import org.apache.felix.scr.annotations.Properties;
import org.apache.felix.scr.annotations.Property;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.Service;
import org.apache.sling.auth.core.spi.AuthenticationHandler;
import org.apache.sling.auth.core.spi.AuthenticationInfo;
import org.osgi.framework.BundleContext;
import org.osgi.service.component.ComponentContext;

@Component
@Service(value={AuthenticationHandler.class})
@Properties(value={@Property(name="service.description", value={"Adobe AEM Screens Authentication Handler"}), @Property(name="path", value={"/"}), @Property(name="service.ranking", intValue={0}, propertyPrivate=0), @Property(name="jaas.controlFlag", value={"sufficient"}), @Property(name="jaas.realmName", value={"jackrabbit.oak"}), @Property(name="jaas.ranking", intValue={2000})})
public class ScreensAuthenticationHandler
implements AuthenticationHandler {
    public static final String COOKIE_NAME = "screens-sso-token";
    private static final String PATH_REGISTRATION = "/bin/screens/registration";
    @Property(name="authtype", propertyPrivate=1)
    private static final String TYPE = "AEM-SCREENS";
    @Reference
    private ScreensTokenProvider screensTokenProvider;
    private final JaasHelper jaasHelper = new JaasHelper();

    @Activate
    private void activate(ComponentContext ctx) {
        Dictionary properties = ctx.getProperties();
        this.jaasHelper.open(ctx.getBundleContext(), properties);
    }

    @Deactivate
    private void deactivate() {
        this.jaasHelper.close();
    }

    public AuthenticationInfo extractCredentials(HttpServletRequest request, HttpServletResponse response) {
        ScreensTokenProvider.Token token;
        String tokenId = this.getTokenIdFromCookie(request);
        if (tokenId != null && (token = this.screensTokenProvider.getInfo(tokenId)) != null) {
            AuthenticationInfo authInfo = new AuthenticationInfo("AEM-SCREENS", token.getUserId());
            authInfo.put("user.jcr.credentials", (Object)new ScreensCredentials(token.getUserId()));
            return authInfo;
        }
        if ((request.getContextPath() + "/bin/screens/registration").equals(request.getRequestURI()) && request.getParameter("id") != null) {
            AuthenticationInfo authInfo = new AuthenticationInfo("AEM-SCREENS", "anonymous");
            authInfo.put("user.jcr.credentials", (Object)new ScreensCredentials("anonymous"));
            return authInfo;
        }
        return null;
    }

    public boolean requestCredentials(HttpServletRequest req, HttpServletResponse res) {
        return false;
    }

    public void dropCredentials(HttpServletRequest req, HttpServletResponse res) {
    }

    private String getTokenIdFromCookie(HttpServletRequest request) {
        Cookie[] cookies = request.getCookies();
        if (cookies != null) {
            for (Cookie cookie : cookies) {
                if (!"screens-sso-token".equalsIgnoreCase(cookie.getName())) continue;
                return cookie.getValue();
            }
        }
        return null;
    }

    protected void bindScreensTokenProvider(ScreensTokenProvider screensTokenProvider) {
        this.screensTokenProvider = screensTokenProvider;
    }

    protected void unbindScreensTokenProvider(ScreensTokenProvider screensTokenProvider) {
        if (this.screensTokenProvider == screensTokenProvider) {
            this.screensTokenProvider = null;
        }
    }
}