Line data    Source code

       1             : // Copyright (C) 2016 The Android Open Source Project
       2             : //
       3             : // Licensed under the Apache License, Version 2.0 (the "License");
       4             : // you may not use this file except in compliance with the License.
       5             : // You may obtain a copy of the License at
       6             : //
       7             : // http://www.apache.org/licenses/LICENSE-2.0
       8             : //
       9             : // Unless required by applicable law or agreed to in writing, software
      10             : // distributed under the License is distributed on an "AS IS" BASIS,
      11             : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      12             : // See the License for the specific language governing permissions and
      13             : // limitations under the License.
      14             : 
      15             : package com.google.gerrit.httpd;
      16             : 
      17             : import com.google.gerrit.extensions.registration.DynamicSet;
      18             : import com.google.gerrit.server.CurrentUser;
      19             : import com.google.gerrit.server.IdentifiedUser;
      20             : import com.google.gerrit.server.plugincontext.PluginItemContext;
      21             : import com.google.gerrit.server.plugincontext.PluginSetContext;
      22             : import com.google.inject.Inject;
      23             : import com.google.inject.Provider;
      24             : import com.google.inject.Singleton;
      25             : import com.google.inject.servlet.ServletModule;
      26             : import java.io.IOException;
      27             : import java.util.Optional;
      28             : import javax.servlet.Filter;
      29             : import javax.servlet.FilterChain;
      30             : import javax.servlet.FilterConfig;
      31             : import javax.servlet.ServletException;
      32             : import javax.servlet.ServletRequest;
      33             : import javax.servlet.ServletResponse;
      34             : import javax.servlet.http.HttpServletRequest;
      35             : import javax.servlet.http.HttpServletResponse;
      36             : 
      37             : public class UniversalWebLoginFilter implements Filter {
      38             :   private final PluginItemContext<WebSession> session;
      39             :   private final PluginSetContext<WebLoginListener> webLoginListeners;
      40             :   private final Provider<CurrentUser> userProvider;
      41             : 
      42             :   public static ServletModule module() {
      43          99 :     return new ServletModule() {
      44             :       @Override
      45             :       protected void configureServlets() {
      46          99 :         filter("/login*", "/logout*").through(UniversalWebLoginFilter.class);
      47          99 :         bind(UniversalWebLoginFilter.class).in(Singleton.class);
      48             : 
      49          99 :         DynamicSet.setOf(binder(), WebLoginListener.class);
      50          99 :       }
      51             :     };
      52             :   }
      53             : 
      54             :   @Inject
      55             :   public UniversalWebLoginFilter(
      56             :       PluginItemContext<WebSession> session,
      57             :       PluginSetContext<WebLoginListener> webLoginListeners,
      58          99 :       Provider<CurrentUser> userProvider) {
      59          99 :     this.session = session;
      60          99 :     this.webLoginListeners = webLoginListeners;
      61          99 :     this.userProvider = userProvider;
      62          99 :   }
      63             : 
      64             :   @Override
      65          99 :   public void init(FilterConfig filterConfig) throws ServletException {}
      66             : 
      67             :   @Override
      68             :   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      69             :       throws IOException, ServletException {
      70           2 :     HttpServletRequest httpRequest = (HttpServletRequest) request;
      71           2 :     HttpServletResponseRecorder wrappedResponse =
      72             :         new HttpServletResponseRecorder((HttpServletResponse) response);
      73             : 
      74           2 :     Optional<IdentifiedUser> loggedInUserBefore = loggedInUser();
      75           2 :     chain.doFilter(request, wrappedResponse);
      76           2 :     Optional<IdentifiedUser> loggedInUserAfter = loggedInUser();
      77             : 
      78           2 :     if (!loggedInUserBefore.isPresent() && loggedInUserAfter.isPresent()) {
      79           1 :       webLoginListeners.runEach(
      80           0 :           l -> l.onLogin(loggedInUserAfter.get(), httpRequest, wrappedResponse));
      81           2 :     } else if (loggedInUserBefore.isPresent() && !loggedInUserAfter.isPresent()) {
      82           0 :       webLoginListeners.runEach(
      83           0 :           l -> l.onLogout(loggedInUserBefore.get(), httpRequest, wrappedResponse));
      84             :     }
      85             : 
      86           2 :     wrappedResponse.play();
      87           2 :   }
      88             : 
      89             :   private Optional<IdentifiedUser> loggedInUser() {
      90           2 :     return session.call(WebSession::isSignedIn)
      91           1 :         ? Optional.of(userProvider.get().asIdentifiedUser())
      92           2 :         : Optional.empty();
      93             :   }
      94             : 
      95             :   @Override
      96          99 :   public void destroy() {}
      97             : }