LCOV - code coverage report
Current view: top level - httpd/auth/openid - OAuthWebFilterOverOpenID.java (source / functions) Hit Total Coverage
Test: _coverage_report.dat Lines: 10 26 38.5 %
Date: 2022-11-19 15:00:39 Functions: 4 6 66.7 % 

          Line data    Source code
       1             : // Copyright (C) 2015 The Android Open Source Project
       2             : //
       3             : // Licensed under the Apache License, Version 2.0 (the "License");
       4             : // you may not use this file except in compliance with the License.
       5             : // You may obtain a copy of the License at
       6             : //
       7             : // http://www.apache.org/licenses/LICENSE-2.0
       8             : //
       9             : // Unless required by applicable law or agreed to in writing, software
      10             : // distributed under the License is distributed on an "AS IS" BASIS,
      11             : // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
      12             : // See the License for the specific language governing permissions and
      13             : // limitations under the License.
      14             : 
      15             : package com.google.gerrit.httpd.auth.openid;
      16             : 
      17             : import com.google.common.collect.Iterables;
      18             : import com.google.gerrit.extensions.auth.oauth.OAuthServiceProvider;
      19             : import com.google.gerrit.extensions.registration.DynamicMap;
      20             : import com.google.inject.Inject;
      21             : import com.google.inject.Provider;
      22             : import com.google.inject.Singleton;
      23             : import java.io.IOException;
      24             : import java.util.NavigableMap;
      25             : import java.util.NavigableSet;
      26             : import javax.servlet.Filter;
      27             : import javax.servlet.FilterChain;
      28             : import javax.servlet.FilterConfig;
      29             : import javax.servlet.ServletException;
      30             : import javax.servlet.ServletRequest;
      31             : import javax.servlet.ServletResponse;
      32             : import javax.servlet.http.HttpServletRequest;
      33             : import javax.servlet.http.HttpServletResponse;
      34             : 
      35             : /** OAuth web filter uses active OAuth session to perform OAuth requests */
      36             : @Singleton
      37             : class OAuthWebFilterOverOpenID implements Filter {
      38             :   static final String GERRIT_LOGIN = "/login";
      39             : 
      40             :   private final Provider<OAuthSessionOverOpenID> oauthSessionProvider;
      41             :   private final DynamicMap<OAuthServiceProvider> oauthServiceProviders;
      42             :   private OAuthServiceProvider ssoProvider;
      43             : 
      44             :   @Inject
      45             :   OAuthWebFilterOverOpenID(
      46             :       DynamicMap<OAuthServiceProvider> oauthServiceProviders,
      47          99 :       Provider<OAuthSessionOverOpenID> oauthSessionProvider) {
      48          99 :     this.oauthServiceProviders = oauthServiceProviders;
      49          99 :     this.oauthSessionProvider = oauthSessionProvider;
      50          99 :   }
      51             : 
      52             :   @Override
      53             :   public void init(FilterConfig filterConfig) throws ServletException {
      54          99 :     pickSSOServiceProvider();
      55          99 :   }
      56             : 
      57             :   @Override
      58          99 :   public void destroy() {}
      59             : 
      60             :   @Override
      61             :   public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
      62             :       throws IOException, ServletException {
      63           0 :     HttpServletRequest httpRequest = (HttpServletRequest) request;
      64           0 :     HttpServletResponse httpResponse = (HttpServletResponse) response;
      65             : 
      66           0 :     OAuthSessionOverOpenID oauthSession = oauthSessionProvider.get();
      67             :     OAuthServiceProvider service =
      68           0 :         ssoProvider == null ? oauthSession.getServiceProvider() : ssoProvider;
      69             : 
      70           0 :     if (isGerritLogin(httpRequest) || oauthSession.isOAuthFinal(httpRequest)) {
      71           0 :       if (service == null) {
      72           0 :         throw new IllegalStateException("service is unknown");
      73             :       }
      74           0 :       oauthSession.setServiceProvider(service);
      75           0 :       oauthSession.login(httpRequest, httpResponse, service);
      76             :     } else {
      77           0 :       chain.doFilter(httpRequest, response);
      78             :     }
      79           0 :   }
      80             : 
      81             :   private void pickSSOServiceProvider() {
      82          99 :     NavigableSet<String> plugins = oauthServiceProviders.plugins();
      83          99 :     if (plugins.size() == 1) {
      84           0 :       NavigableMap<String, Provider<OAuthServiceProvider>> services =
      85           0 :           oauthServiceProviders.byPlugin(Iterables.getOnlyElement(plugins));
      86           0 :       if (services.size() == 1) {
      87           0 :         ssoProvider = Iterables.getOnlyElement(services.values()).get();
      88             :       }
      89             :     }
      90          99 :   }
      91             : 
      92             :   private static boolean isGerritLogin(HttpServletRequest request) {
      93           0 :     return request.getRequestURI().contains(GERRIT_LOGIN);
      94             :   }
      95             : }

Generated by: LCOV version 1.16+git.20220603.dfeb750