Commit 6b4fabc1 authored by Brian Major's avatar Brian Major
Browse files

t72959 - added scope parameter to login servlet

parent efc84b5d
......@@ -69,10 +69,14 @@
package ca.nrc.cadc.ac.server.web;
import java.io.IOException;
import java.net.URI;
import java.net.URISyntaxException;
import java.security.AccessControlException;
import java.security.Principal;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.Calendar;
import java.util.GregorianCalendar;
import javax.security.auth.Subject;
import javax.servlet.ServletConfig;
......@@ -92,8 +96,10 @@ import ca.nrc.cadc.ac.server.PluginFactory;
import ca.nrc.cadc.ac.server.UserPersistence;
import ca.nrc.cadc.ac.server.ldap.LdapGroupPersistence;
import ca.nrc.cadc.auth.AuthenticatorImpl;
import ca.nrc.cadc.auth.DelegationToken;
import ca.nrc.cadc.auth.HttpPrincipal;
import ca.nrc.cadc.auth.SSOCookieManager;
import ca.nrc.cadc.date.DateUtil;
import ca.nrc.cadc.log.ServletLogInfo;
import ca.nrc.cadc.net.TransientException;
import ca.nrc.cadc.util.StringUtil;
......@@ -152,6 +158,7 @@ public class LoginServlet<T extends Principal> extends HttpServlet
log.info(logInfo.start());
String userID = request.getParameter("username");
String password = request.getParameter("password");
String scope = request.getParameter("scope");
if (userID == null || userID.length() == 0)
throw new IllegalArgumentException("Missing username");
......@@ -174,9 +181,31 @@ public class LoginServlet<T extends Principal> extends HttpServlet
(!StringUtil.hasText(proxyUser) &&
userPersistence.doLogin(userID, password)))
{
String token =
new SSOCookieManager().generate(
new HttpPrincipal(userID, proxyUser));
String token = null;
HttpPrincipal p = new HttpPrincipal(userID, proxyUser);
if (scope != null)
{
// This cookie will be scope to a certain URI,
// such as a VOSpace node
URI uri = null;
try
{
uri = new URI(scope);
}
catch (URISyntaxException e)
{
throw new IllegalArgumentException("Invalid scope: " + scope);
}
final Calendar expiryDate = new GregorianCalendar(DateUtil.UTC);
expiryDate.add(Calendar.HOUR, SSOCookieManager.SSO_COOKIE_LIFETIME_HOURS);
DelegationToken dt = new DelegationToken(p, uri, expiryDate.getTime());
token = DelegationToken.format(dt);
}
else
{
token = new SSOCookieManager().generate(p);
}
response.setContentType(CONTENT_TYPE);
response.setContentLength(token.length());
response.getWriter().write(token);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment