001/* 002 * Copyright 2016 Anyware Services 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 */ 016package org.ametys.site; 017 018import java.util.ArrayList; 019import java.util.Arrays; 020import java.util.List; 021import java.util.Map; 022 023import org.apache.avalon.framework.parameters.Parameters; 024import org.apache.cocoon.environment.ObjectModelHelper; 025import org.apache.cocoon.environment.Redirector; 026import org.apache.cocoon.environment.Request; 027import org.apache.cocoon.environment.SourceResolver; 028import org.apache.commons.lang3.StringUtils; 029 030import org.ametys.core.authentication.CredentialProvider; 031import org.ametys.core.user.population.UserPopulation; 032import org.ametys.runtime.authentication.AccessDeniedException; 033 034/** 035 * This action will authenticate upon a parametrized blocking credential provider 036 */ 037public class FrontBlockingCredentialProviderAction extends FrontAuthenticateAction 038{ 039 @Override 040 public Map act(Redirector redirector, SourceResolver resolver, Map objectModel, String source, Parameters parameters) throws Exception 041 { 042 Request request = ObjectModelHelper.getRequest(objectModel); 043 044 List<UserPopulation> chosenUserPopulations = new ArrayList<>(); 045 List<CredentialProvider> credentialProviders = new ArrayList<>(); 046 if (!_prepareUserPopulationsAndCredentialProviders(request, parameters, null, chosenUserPopulations, credentialProviders)) 047 { 048 // The population was not determined (session expired?), so let's finish... that will close the popup and reload to restart the authentication process 049 return EMPTY_MAP; 050 } 051 052 int credentialProviderIndex = Integer.parseInt(source); 053 request.getSession(true).setAttribute(SESSION_CONNECTING_CREDENTIALPROVIDER_INDEX_LASTBLOCKINGKNOWN, credentialProviderIndex); 054 CredentialProvider credentialProvider = credentialProviders.get(credentialProviderIndex); 055 056 if (_process(request, true, credentialProvider, credentialProviderIndex, redirector, chosenUserPopulations)) 057 { 058 // Whatever the user was correctly authenticated or he just required a redirect: let's stop here for the moment 059 return EMPTY_MAP; 060 } 061 062 throw new AccessDeniedException(); 063 } 064 065 @Override 066 protected List<String> _getContexts(Request request, Parameters parameters) 067 { 068 String contextAsString = request.getParameter("contexts"); 069 return Arrays.asList(StringUtils.split(contextAsString, ",")); 070 } 071}