diff --git a/src/main/java/org/edgegallery/website/config/AuthentionSuccessFilter.java b/src/main/java/org/edgegallery/website/config/AuthentionSuccessFilter.java deleted file mode 100644 index 2baac7ff70106a6f608bb0c950f07be99bbf3d69..0000000000000000000000000000000000000000 --- a/src/main/java/org/edgegallery/website/config/AuthentionSuccessFilter.java +++ /dev/null @@ -1,43 +0,0 @@ -package org.edgegallery.website.config; - -import java.io.IOException; -import java.util.Map; -import javax.servlet.Filter; -import javax.servlet.FilterChain; -import javax.servlet.ServletContext; -import javax.servlet.ServletException; -import javax.servlet.ServletRequest; -import javax.servlet.ServletResponse; -import javax.servlet.http.HttpServletRequest; -import org.edgegallery.website.controller.JwtServer; -import org.edgegallery.website.controller.OAuthClientController; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import org.springframework.security.core.Authentication; -import org.springframework.security.core.context.SecurityContextHolder; -import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; - -public class AuthentionSuccessFilter implements Filter { - private static final Logger LOGGER = LoggerFactory.getLogger(OAuthClientController.class); - - @Override - public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) - throws IOException, ServletException { - LOGGER.info("AuthentionSuccessFilter doFilter in."); - HttpServletRequest httpRequest = (HttpServletRequest) servletRequest; - ServletContext servletContext = httpRequest.getServletContext(); - - JwtServer jwtServer = ClientApplicationContext.getBean(JwtServer.class); - Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); - LOGGER.info("authentication is {} type", authentication.getClass().getName()); - if (authentication instanceof OAuth2AuthenticationDetails) { - LOGGER.info("save ssoSessionid."); - OAuth2AuthenticationDetails details = (OAuth2AuthenticationDetails) authentication.getDetails(); - Map additionalInformation = jwtServer.getToken(details.getTokenValue()) - .getAdditionalInformation(); - LOGGER.info("doFilter ssoSessionId: {}", additionalInformation.get("ssoSessionId").toString()); - servletContext.setAttribute(additionalInformation.get("ssoSessionId").toString(), httpRequest.getSession()); - } - } -} diff --git a/src/main/java/org/edgegallery/website/config/ClientApplicationContext.java b/src/main/java/org/edgegallery/website/config/ClientApplicationContext.java index 27c544276ba14e833e22c99ec09b33a4a895e73d..0f9dea3d377e614ad6768375de24f79023edc148 100644 --- a/src/main/java/org/edgegallery/website/config/ClientApplicationContext.java +++ b/src/main/java/org/edgegallery/website/config/ClientApplicationContext.java @@ -1,7 +1,22 @@ +/* + * Copyright 2022 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.edgegallery.website.config; import org.springframework.beans.BeansException; -import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContextAware; import org.springframework.stereotype.Component; diff --git a/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java b/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java index ae0810f0a0ac096c884e4fe1f0ef8d86d60433e0..3a74711f2bc55849005109a6dee963988d373ca0 100644 --- a/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java +++ b/src/main/java/org/edgegallery/website/config/ClientWebSecurityConfigurer.java @@ -37,8 +37,6 @@ import org.springframework.cloud.netflix.zuul.filters.support.FilterConstants; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; -import org.springframework.security.access.intercept.AbstractSecurityInterceptor; -import org.springframework.security.config.annotation.ObjectPostProcessor; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.builders.WebSecurity; @@ -50,14 +48,9 @@ import org.springframework.security.oauth2.client.filter.OAuth2ClientAuthenticat import org.springframework.security.oauth2.provider.authentication.OAuth2AuthenticationDetails; import org.springframework.security.oauth2.provider.token.DefaultTokenServices; import org.springframework.security.oauth2.provider.token.TokenStore; -import org.springframework.security.web.access.ExceptionTranslationFilter; -import org.springframework.security.web.access.intercept.FilterSecurityInterceptor; import org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler; -import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.authentication.logout.LogoutHandler; -import org.springframework.security.web.authentication.www.BasicAuthenticationFilter; import org.springframework.security.web.csrf.CookieCsrfTokenRepository; -import org.springframework.security.web.header.HeaderWriterFilter; import org.springframework.util.StringUtils; import org.springframework.web.socket.server.standard.ServerEndpointExporter; diff --git a/src/main/java/org/edgegallery/website/config/FilterPostProcessor.java b/src/main/java/org/edgegallery/website/config/FilterPostProcessor.java index b004b903dab560e03df309a60d7ef887759d5ea0..d8c5db68b37835dbaa0d58378d9084e84f7fe5d4 100644 --- a/src/main/java/org/edgegallery/website/config/FilterPostProcessor.java +++ b/src/main/java/org/edgegallery/website/config/FilterPostProcessor.java @@ -1,3 +1,19 @@ +/* + * Copyright 2022 Huawei Technologies Co., Ltd. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + package org.edgegallery.website.config; import java.io.IOException; @@ -48,9 +64,6 @@ public class FilterPostProcessor implements BeanPostProcessor { TokenStore jwtTokenStore = ClientApplicationContext.getBean(TokenStore.class); Map additionalInformation = jwtTokenStore.readAccessToken( details.getTokenValue()).getAdditionalInformation(); - //TODO - LOGGER.info("onAuthenticationSuccess. ssoSessionId :{}", - additionalInformation.get("ssoSessionId").toString()); servletContext.setAttribute(additionalInformation.get("ssoSessionId").toString(), session); super.onAuthenticationSuccess(request, response, authentication);