SLING-7938 Add an option to prefer sending the reason_code as a request
parameter over the reason text when redirecting to the login page
diff --git a/pom.xml b/pom.xml
index bbf53a3..d139a51 100644
--- a/pom.xml
+++ b/pom.xml
@@ -97,7 +97,7 @@
<dependency>
<groupId>org.apache.sling</groupId>
<artifactId>org.apache.sling.auth.core</artifactId>
- <version>1.1.0</version>
+ <version>1.4.2</version>
<scope>provided</scope>
</dependency>
<dependency>
diff --git a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
index ff639fd..e09e2d0 100644
--- a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
+++ b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java
@@ -156,6 +156,12 @@
private boolean includeLoginForm;
/**
+ * If true, the handler will attempt to include the reason code as a request parameter
+ * instead of the reason text.
+ */
+ private boolean preferReasonCode;
+
+ /**
* The resource resolver factory used to resolve the login form as a resource
*/
@Reference(policy = ReferencePolicy.DYNAMIC, cardinality = ReferenceCardinality.OPTIONAL)
@@ -262,11 +268,20 @@
params.put(Authenticator.LOGIN_RESOURCE, resource);
// append indication of previous login failure
- if (request.getAttribute(FAILURE_REASON) != null) {
- final Object jReason = request.getAttribute(FAILURE_REASON);
- @SuppressWarnings("rawtypes")
- final String reason = (jReason instanceof Enum) ? ((Enum) jReason).name() : jReason.toString();
- params.put(FAILURE_REASON, reason);
+ if (preferReasonCode) {
+ if (request.getAttribute(FAILURE_REASON_CODE) != null) {
+ final Object jReasonCode = request.getAttribute(FAILURE_REASON_CODE);
+ @SuppressWarnings("rawtypes")
+ final String reasonCode = (jReasonCode instanceof Enum) ? ((Enum) jReasonCode).name() : jReasonCode.toString();
+ params.put(FAILURE_REASON_CODE, reasonCode);
+ }
+ } else {
+ if (request.getAttribute(FAILURE_REASON) != null) {
+ final Object jReason = request.getAttribute(FAILURE_REASON);
+ @SuppressWarnings("rawtypes")
+ final String reason = (jReason instanceof Enum) ? ((Enum) jReason).name() : jReason.toString();
+ params.put(FAILURE_REASON, reason);
+ }
}
try {
@@ -598,6 +613,8 @@
this.includeLoginForm = config.useInclude();
this.loginAfterExpire = config.form_onexpire_login();
+
+ this.preferReasonCode = config.preferReasonCode();
}
@Deactivate
@@ -880,4 +897,4 @@
}
}
-}
\ No newline at end of file
+}
diff --git a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandlerConfig.java b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandlerConfig.java
index 719d0dd..0bfd83c 100644
--- a/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandlerConfig.java
+++ b/src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandlerConfig.java
@@ -88,4 +88,6 @@
@AttributeDefinition(type = AttributeType.BOOLEAN, name = "%useInclude.name", description = "%useInclude.description")
boolean useInclude() default false;
+ @AttributeDefinition(type = AttributeType.BOOLEAN, name = "%preferReasonCode.name", description = "%preferReasonCode.description")
+ boolean preferReasonCode() default false;
}
diff --git a/src/main/resources/OSGI-INF/l10n/org.apache.sling.auth.form.impl.FormAuthenticationHandlerConfig.properties b/src/main/resources/OSGI-INF/l10n/org.apache.sling.auth.form.impl.FormAuthenticationHandlerConfig.properties
index 7143726..6c2c8fe 100644
--- a/src/main/resources/OSGI-INF/l10n/org.apache.sling.auth.form.impl.FormAuthenticationHandlerConfig.properties
+++ b/src/main/resources/OSGI-INF/l10n/org.apache.sling.auth.form.impl.FormAuthenticationHandlerConfig.properties
@@ -107,3 +107,9 @@
jaasRanking.description = Property name specifying the ranking (i.e. sort order) of the configured login module \
entries. The entries are sorted in a descending order (i.e. higher value ranked configurations come first). \
Jackrabbit Oak only.
+
+preferReasonCode.name = Prefer Reason Code over Reason Message
+preferReasonCode.description = If true, a redirect to the login page will include a reason code parameter \
+ for the login failure reason instead of the reason message parameter.
+
+
\ No newline at end of file
