AbstractBasicAuthenticationEntryPoint.java

  1. /*
  2.  * GovWay - A customizable API Gateway 
  3.  * https://govway.org
  4.  * 
  5.  * Copyright (c) 2005-2025 Link.it srl (https://link.it). 
  6.  * 
  7.  * This program is free software: you can redistribute it and/or modify
  8.  * it under the terms of the GNU General Public License version 3, as published by
  9.  * the Free Software Foundation.
  10.  *
  11.  * This program is distributed in the hope that it will be useful,
  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  14.  * GNU General Public License for more details.
  15.  *
  16.  * You should have received a copy of the GNU General Public License
  17.  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  18.  *
  19.  */

  21. package org.openspcoop2.utils.service.authentication.entrypoint.jaxrs;

  23. import java.io.ByteArrayInputStream;
  24. import java.io.IOException;
  25. import java.util.List;
  26. import java.util.Set;
  27. import java.util.TimeZone;

  29. import javax.servlet.ServletOutputStream;
  30. import javax.servlet.http.HttpServletRequest;
  31. import javax.servlet.http.HttpServletResponse;
  32. import javax.ws.rs.core.MultivaluedMap;
  33. import javax.ws.rs.core.Response;

  35. import org.apache.commons.io.IOUtils;
  36. import org.openspcoop2.utils.Costanti;
  37. import org.openspcoop2.utils.jaxrs.JacksonJsonProviderCustomized;
  38. import org.springframework.security.core.AuthenticationException;
  39. import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;

  41. import com.fasterxml.jackson.databind.ObjectMapper;

  43. /** 
  44.  * Problem
  45.  *
  46.  * @author Giuliano Pintori (pintori@link.it)
  47.  * @author $Author$
  48.  * @version $Rev$, $Date$
  49.  */
  50. public abstract class AbstractBasicAuthenticationEntryPoint extends BasicAuthenticationEntryPoint {
  51.     
  52.     private String realname = Costanti.OPENSPCOOP2;
  53.     
  54.     public String getRealname() {
  55.         return this.realname;
  56.     }
  57.     public void setRealname(String realname) {
  58.         this.realname = realname;
  59.     }
  60.     
  61.     private TimeZone timeZone = TimeZone.getDefault();
  62.     private String timeZoneId = null;
  63.     public String getTimeZoneId() {
  64.         return this.timeZoneId;
  65.     }
  66.     public void setTimeZoneId(String timeZoneId) {
  67.         this.timeZoneId = timeZoneId;
  68.         this.timeZone = TimeZone.getTimeZone(timeZoneId);
  69.     }
  70.     
  71.     public void fillResponse(AuthenticationException authException, HttpServletResponse httpResponse) {
  72.         AbstractBasicAuthenticationEntryPoint.fillResponse(httpResponse, getPayload(authException, httpResponse), this.timeZone);
  73.     }
  74.     
  75.     public static void fillResponse(HttpServletResponse httpResponse, Response response, TimeZone timeZone) {
  76.         ByteArrayInputStream bais = null;
  77.         ServletOutputStream outputStream = null;
  78.         try{
  79.             httpResponse.setStatus(response.getStatus());

  81.             MultivaluedMap<String, Object> headers = response.getHeaders();
  82.             if(!headers.isEmpty()) {
  83.                 Set<String> keySet = headers.keySet();

  85.                 for (String headerKey : keySet) {
  86.                     List<Object> list = headers.get(headerKey);
  87.                     if(!list.isEmpty()) {
  88.                         StringBuilder sb = new StringBuilder();
  89.                         for (Object object : list) {
  90.                             if(sb.length() > 0)
  91.                                 sb.append(", ");

  93.                             sb.append(object);
  94.                         }
  95.                         httpResponse.setHeader(headerKey, sb.toString());
  96.                     }
  97.                 }
  98.             }

  100.             ObjectMapper mapper = JacksonJsonProviderCustomized.getObjectMapper(false, timeZone);
  101.             String fault = mapper.writeValueAsString(response.getEntity());
  102.             bais = new ByteArrayInputStream(fault.getBytes());

  104.             outputStream = httpResponse.getOutputStream();

  106.             IOUtils.copy(bais, outputStream);

  108.             outputStream.flush();
  109.         }catch(Exception e) {

  111.         } finally {
  112.             if(bais!= null) {
  113.                 try {
  114.                     bais.close();
  115.                 } catch (IOException e) {
  116.                 }
  117.             }
  118.         }
  119.     }
  120.     
  121.     protected abstract Response getPayload(AuthenticationException authException, HttpServletResponse httpResponse);

  123.     protected abstract void addCustomHeaders(javax.servlet.http.HttpServletResponse httpResponse);
  124.     
  125.     @Override
  126.     public void commence(final HttpServletRequest request, final HttpServletResponse response, final AuthenticationException authException)  {
  127.         this.addCustomHeaders(response);
  128.         this.fillResponse(authException, response);
  129.     }

  131.     @Override
  132.     public void afterPropertiesSet() {
  133.         setRealmName(this.realname);
  134.         super.afterPropertiesSet();
  135.     }
  136. }
Created with JaCoCo 0.8.8.202204050719