X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;ds=sidebyside;f=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fintegration%2FCmsLoginServlet.java;fp=org.argeo.cms%2Fsrc%2Forg%2Fargeo%2Fcms%2Fintegration%2FCmsLoginServlet.java;h=0a4e9b4eab1a1ceb85b47759358c0ef610ee621c;hb=5310ed9adea7fcf2cbcefc136e91674a412a1fa9;hp=0000000000000000000000000000000000000000;hpb=ce22d3eaabb4b9aa92f62f0302c235f951c26f3f;p=lgpl%2Fargeo-commons.git

diff --git a/org.argeo.cms/src/org/argeo/cms/integration/CmsLoginServlet.java b/org.argeo.cms/src/org/argeo/cms/integration/CmsLoginServlet.java
new file mode 100644
index 000000000..0a4e9b4ea
--- /dev/null
+++ b/org.argeo.cms/src/org/argeo/cms/integration/CmsLoginServlet.java
@@ -0,0 +1,111 @@
+package org.argeo.cms.integration;
+
+import java.io.IOException;
+
+import javax.security.auth.callback.Callback;
+import javax.security.auth.callback.NameCallback;
+import javax.security.auth.callback.PasswordCallback;
+import javax.security.auth.callback.UnsupportedCallbackException;
+import javax.security.auth.login.LoginContext;
+import javax.security.auth.login.LoginException;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.argeo.cms.auth.CmsSessionId;
+import org.argeo.cms.auth.HttpRequestCallback;
+import org.argeo.cms.auth.HttpRequestCallbackHandler;
+import org.argeo.node.NodeConstants;
+import org.osgi.service.useradmin.Authorization;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.stream.JsonWriter;
+
+/** Externally authenticate an http session. */
+public class CmsLoginServlet extends HttpServlet {
+	private static final long serialVersionUID = 2478080654328751539L;
+	private Gson gson = new GsonBuilder().setPrettyPrinting().create();
+
+	@Override
+	protected void doGet(HttpServletRequest request, HttpServletResponse response)
+			throws ServletException, IOException {
+		doPost(request, response);
+	}
+
+	@Override
+	protected void doPost(HttpServletRequest request, HttpServletResponse response)
+			throws ServletException, IOException {
+		LoginContext lc = null;
+		String username = request.getParameter("username");
+		String password = request.getParameter("password");
+		if (username != null && password != null) {
+			try {
+				lc = new LoginContext(NodeConstants.LOGIN_CONTEXT_USER,
+						new HttpRequestCallbackHandler(request, response) {
+							public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
+								for (Callback callback : callbacks) {
+									if (callback instanceof NameCallback && username != null)
+										((NameCallback) callback).setName(username);
+									else if (callback instanceof PasswordCallback && password != null)
+										((PasswordCallback) callback).setPassword(password.toCharArray());
+									else if (callback instanceof HttpRequestCallback) {
+										((HttpRequestCallback) callback).setRequest(request);
+										((HttpRequestCallback) callback).setResponse(response);
+									}
+								}
+							}
+						});
+				lc.login();
+
+				CmsSessionId cmsSessionId = (CmsSessionId) lc.getSubject().getPrivateCredentials(CmsSessionId.class)
+						.toArray()[0];
+				Authorization authorization = (Authorization) lc.getSubject().getPrivateCredentials(Authorization.class)
+						.toArray()[0];
+
+				JsonWriter jsonWriter = gson.newJsonWriter(response.getWriter());
+				jsonWriter.beginObject();
+				// Authorization
+				jsonWriter.name("username").value(authorization.getName());
+				jsonWriter.name("displayName").value(authorization.toString());
+				// Roles
+				jsonWriter.name("roles").beginArray();
+				for (String role : authorization.getRoles())
+					if (!role.equals(authorization.getName()))
+						jsonWriter.value(role);
+				jsonWriter.endArray();
+				// CMS session
+				jsonWriter.name("cmsSession").beginObject();
+				jsonWriter.name("uuid").value(cmsSessionId.getUuid().toString());
+				jsonWriter.endObject();
+
+				jsonWriter.endObject();
+
+				String redirectTo = redirectTo(request);
+				if (redirectTo != null)
+					response.sendRedirect(redirectTo);
+			} catch (LoginException e) {
+				response.setStatus(403);
+				return;
+			}
+		} else {
+			response.setStatus(403);
+			return;
+		}
+	}
+
+	/** Does nothing by default. */
+	protected void loginSucceeded(LoginContext lc, HttpServletRequest request, HttpServletResponse response) {
+
+	}
+
+	/** Send HTTP code 403 by default. */
+	protected void loginFailed(LoginContext lc, HttpServletRequest request, HttpServletResponse response) {
+
+	}
+
+	protected String redirectTo(HttpServletRequest request) {
+		return null;
+	}
+}