| /* |
| * Licensed to the Apache Software Foundation (ASF) under one |
| * or more contributor license agreements. See the NOTICE file |
| * distributed with this work for additional information |
| * regarding copyright ownership. The ASF licenses this file |
| * to you under the Apache License, Version 2.0 (the |
| * "License"); you may not use this file except in compliance |
| * with the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, |
| * software distributed under the License is distributed on an |
| * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY |
| * KIND, either express or implied. See the License for the |
| * specific language governing permissions and limitations |
| * under the License. |
| */ |
| package org.apache.sling.auth.core.spi; |
| |
| import java.io.IOException; |
| import java.util.Map; |
| import javax.servlet.http.HttpServletRequest; |
| import javax.servlet.http.HttpServletResponse; |
| |
| import org.apache.sling.auth.core.AuthUtil; |
| |
| /** |
| * The <code>AbstractAuthenticationHandler</code> implements the |
| * <code>AuthenticationHandler</code> interface and extends the |
| * {@link DefaultAuthenticationFeedbackHandler} providing some helper methods |
| * which may be used by authentication handlers. |
| * |
| * @deprecated since Bundle 1.0.8; {@link AuthenticationHandler} implementations |
| * should extend {@link DefaultAuthenticationFeedbackHandler} |
| * directly and use the utility methods in the {@link AuthUtil} |
| * class. |
| */ |
| @Deprecated |
| public abstract class AbstractAuthenticationHandler extends DefaultAuthenticationFeedbackHandler implements |
| AuthenticationHandler { |
| |
| /** |
| * Returns the value of the named request attribute or parameter as a string |
| * as follows: |
| * <ol> |
| * <li>If there is a request attribute of that name, which is a non-empty |
| * string, it is returned.</li> |
| * <li>If there is a non-empty request parameter of |
| * that name, this parameter is returned. |
| * </li> |
| * <li>Otherwise the <code>defaultValue</code> is returned.</li> |
| * </ol> |
| * |
| * @param request The request from which to return the attribute or request |
| * parameter |
| * @param name The name of the attribute/parameter |
| * @param defaultValue The default value to use if neither a non-empty |
| * string attribute or a non-empty parameter exists in the |
| * request. |
| * @return The attribute, parameter or <code>defaultValue</code> as defined |
| * above. |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#getAttributeOrParameter(HttpServletRequest, String, String)} |
| */ |
| @Deprecated |
| public static String getAttributeOrParameter(final HttpServletRequest request, final String name, |
| final String defaultValue) { |
| return AuthUtil.getAttributeOrParameter(request, name, defaultValue); |
| } |
| |
| /** |
| * Returns any resource target to redirect to after successful |
| * authentication. This method either returns a non-empty string or the |
| * <code>defaultLoginResource</code> parameter. First the |
| * <code>resource</code> request attribute is checked. If it is a non-empty |
| * string, it is returned. Second the <code>resource</code> request |
| * parameter is checked and returned if it is a non-empty string. |
| * |
| * @param request The request providing the attribute or parameter |
| * @param defaultLoginResource The default login resource value |
| * @return The non-empty redirection target or |
| * <code>defaultLoginResource</code>. |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#getLoginResource(HttpServletRequest, String)} |
| */ |
| @Deprecated |
| public static String getLoginResource(final HttpServletRequest request, String defaultLoginResource) { |
| return AuthUtil.getLoginResource(request, defaultLoginResource); |
| } |
| |
| /** |
| * Ensures and returns the {@link org.apache.sling.api.auth.Authenticator#LOGIN_RESOURCE} request |
| * attribute is set to a non-null, non-empty string. If the attribute is not |
| * currently set, this method sets it as follows: |
| * <ol> |
| * <li>If the {@link org.apache.sling.api.auth.Authenticator#LOGIN_RESOURCE} request parameter is set |
| * to a non-empty string, that parameter is set</li> |
| * <li>Otherwise if the <code>defaultValue</code> is a non-empty string the |
| * default value is used</li> |
| * <li>Otherwise the attribute is set to "/"</li> |
| * </ol> |
| * |
| * @param request The request to check for the resource attribute |
| * @param defaultValue The default value to use if the attribute is not set |
| * and the request parameter is not set. This parameter is |
| * ignored if it is <code>null</code> or an empty string. |
| * @return returns the value of resource request attribute |
| * @since 1.0.2 (Bundle version 1.0.4) |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#setLoginResourceAttribute(HttpServletRequest, String)} |
| */ |
| @Deprecated |
| public static String setLoginResourceAttribute(final HttpServletRequest request, final String defaultValue) { |
| return AuthUtil.setLoginResourceAttribute(request, defaultValue); |
| } |
| |
| /** |
| * Redirects to the given target path appending any parameters provided in |
| * the parameter map. |
| * <p> |
| * This method implements the following functionality: |
| * <ul> |
| * <li>The target path is prefixed with the request's context path to ensure |
| * proper redirection into the same web application. Therefore the |
| * <code>target</code> path parameter must not be prefixed with the context |
| * path.</li> |
| * <li>If the <code>params</code> map does not contain a (non- |
| * <code>null</code>) value for the {@link org.apache.sling.api.auth.Authenticator#LOGIN_RESOURCE |
| * resource} entry, such an entry is generated from the request URI and the |
| * (optional) query string of the given <code>request</code>.</li> |
| * <li>The parameters from the <code>params</code> map or at least a single |
| * {@link org.apache.sling.api.auth.Authenticator#LOGIN_RESOURCE resource} parameter are added to the |
| * target path for the redirect. Each parameter value is encoded using the |
| * <code>java.net.URLEncoder</code> with UTF-8 encoding to make it safe for |
| * requests</li> |
| * </ul> |
| * |
| * @param request The request object used to get the current request URI and |
| * request query string if the <code>params</code> map does not |
| * have the {@link org.apache.sling.api.auth.Authenticator#LOGIN_RESOURCE resource} |
| * parameter set. |
| * @param response The response used to send the redirect to the client. |
| * @param target The target path to redirect the client to. This parameter |
| * must not be prefixed with the request's context path because |
| * this will be added by this method. If this parameter is not a |
| * valid target request as per the |
| * {@link #isRedirectValid(HttpServletRequest, String)} method |
| * the target is modified to be the root of the request's |
| * context. |
| * @param params The map of parameters to be added to the target path. This |
| * may be <code>null</code>. |
| * @throws IOException If an error occurs sending the redirect request |
| * @throws IllegalStateException If the response was committed or if a |
| * partial URL is given and cannot be converted into a valid URL |
| * @throws InternalError If the UTF-8 character encoding is not supported by |
| * the platform. This should not be caught, because it is a real |
| * problem if the encoding required by the specification is |
| * missing. |
| * @since 1.0.2 (Bundle version 1.0.4) |
| * @since 1.0.4 (bundle version 1.0.8) the target is validated with the |
| * {@link AuthUtil#isRedirectValid(HttpServletRequest, String)} |
| * method. |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#sendRedirect(HttpServletRequest, HttpServletResponse, String, Map)} |
| */ |
| @Deprecated |
| public static void sendRedirect(final HttpServletRequest request, final HttpServletResponse response, |
| final String target, Map<String, String> params) throws IOException { |
| AuthUtil.sendRedirect(request, response, request.getContextPath() + target, params); |
| } |
| |
| /** |
| * This method calls |
| * {@link AuthUtil#isRedirectValid(HttpServletRequest, String)}. |
| * |
| * @deprecated This method has been introduced after Bundle release 1.0.6 |
| * but has been replaced with |
| * {@link AuthUtil#isRedirectValid(HttpServletRequest, String)}. |
| * Use the latter method. |
| */ |
| @Deprecated |
| public static boolean isRedirectValid(final HttpServletRequest request, final String target) { |
| return AuthUtil.isRedirectValid(request, target); |
| } |
| |
| /** |
| * Returns <code>true</code> if the the client just asks for validation of |
| * submitted username/password credentials. |
| * <p> |
| * This implementation returns <code>true</code> if the request parameter |
| * {@link org.apache.sling.auth.core.AuthConstants#PAR_J_VALIDATE} is set to <code>true</code> (case-insensitve). If |
| * the request parameter is not set or to any value other than |
| * <code>true</code> this method returns <code>false</code>. |
| * |
| * @param request The request to provide the parameter to check |
| * @return <code>true</code> if the {@link org.apache.sling.auth.core.AuthConstants#PAR_J_VALIDATE} parameter is set |
| * to <code>true</code>. |
| * @since 1.0.2 (Bundle version 1.0.4) |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#isValidateRequest(HttpServletRequest)} |
| */ |
| @Deprecated |
| public static boolean isValidateRequest(final HttpServletRequest request) { |
| return AuthUtil.isValidateRequest(request); |
| } |
| |
| /** |
| * Sends a 200/OK response to a credential validation request. |
| * |
| * @param response The response object |
| * @since 1.0.2 (Bundle version 1.0.4) |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#sendValid(HttpServletResponse)} |
| */ |
| @Deprecated |
| public static void sendValid(final HttpServletResponse response) { |
| AuthUtil.sendValid(response); |
| } |
| |
| /** |
| * Sends a 403/FORBIDDEN response optionally stating the reason for this |
| * response code in the {@link org.apache.sling.auth.core.AuthConstants#X_REASON} header. The value for the |
| * {@link org.apache.sling.auth.core.AuthConstants#X_REASON} header is taken from |
| * {@link AuthenticationHandler#FAILURE_REASON} request attribute if set. |
| * |
| * @param request The request object |
| * @param response The response object |
| * @since 1.0.2 (Bundle version 1.0.4) |
| * @deprecated since Bundle 1.0.8, use |
| * {@link AuthUtil#sendInvalid(HttpServletRequest, HttpServletResponse)} |
| */ |
| @Deprecated |
| public static void sendInvalid(final HttpServletRequest request, final HttpServletResponse response) { |
| AuthUtil.sendInvalid(request, response); |
| } |
| } |