diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/LoginToContinueInterceptor.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/LoginToContinueInterceptor.java index 6d47ef42106..8c9bc2f78f3 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/LoginToContinueInterceptor.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/LoginToContinueInterceptor.java @@ -16,7 +16,7 @@ */ package org.apache.tomee.security.cdi; -import org.apache.tomee.security.http.JsonFriendlyRequest; +import org.apache.tomee.security.http.SavedRequest; import org.apache.tomee.security.http.LoginToContinueMechanism; import org.apache.tomee.security.http.SavedAuthentication; @@ -154,7 +154,7 @@ private AuthenticationStatus processContainerInitiatedAuthentication( httpMessageContext.getCallerPrincipal(), httpMessageContext.getGroups()); - final JsonFriendlyRequest savedRequest = getRequest(httpMessageContext.getRequest()); + final SavedRequest savedRequest = getRequest(httpMessageContext.getRequest()); return httpMessageContext.redirect(savedRequest.getUrlWithQueryString()); } else if (authenticationStatus.equals(SEND_FAILURE)) { @@ -172,7 +172,7 @@ private AuthenticationStatus processContainerInitiatedAuthentication( } if (isOnOriginalURLAfterAuthenticate(httpMessageContext)) { - final JsonFriendlyRequest savedRequest = getRequest(httpMessageContext.getRequest()); + final SavedRequest savedRequest = getRequest(httpMessageContext.getRequest()); final SavedAuthentication savedAuthentication = getAuthentication(httpMessageContext.getRequest()); clearRequestAndAuthentication(httpMessageContext.getRequest()); diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java index 69b25cd68be..ff0252357ea 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/cdi/OpenIdAuthenticationMechanism.java @@ -42,7 +42,7 @@ import org.apache.openejb.util.Logger; import org.apache.tomee.security.cdi.openid.TomEEOpenIdContext; import org.apache.tomee.security.cdi.openid.storage.OpenIdStorageHandler; -import org.apache.tomee.security.http.JsonFriendlyRequest; +import org.apache.tomee.security.http.SavedRequest; import org.apache.tomee.security.http.openid.model.TokenResponse; import org.apache.tomee.security.http.openid.model.TomEEOpenIdCredential; @@ -195,7 +195,7 @@ protected AuthenticationStatus redirectToAuthorization(HttpServletRequest reques } storageHandler.set(request, response, OpenIdConstant.ORIGINAL_REQUEST, fullRequestUrl); - storageHandler.set(request, response, OpenIdStorageHandler.REQUEST_KEY, JsonFriendlyRequest.fromRequest(request).toJson()); + storageHandler.set(request, response, OpenIdStorageHandler.REQUEST_KEY, SavedRequest.fromRequest(request).toJson()); return messageContext.redirect(buildAuthorizationUri(request, response).toString()); } @@ -270,7 +270,7 @@ protected AuthenticationStatus handleTokenResponse(TokenResponse tokenResponse, OpenIdStorageHandler.REQUEST_KEY); httpMessageContext.withRequest( - JsonFriendlyRequest.fromJson(originalRequestJson).mask(httpMessageContext.getRequest())); + SavedRequest.fromJson(originalRequestJson).mask(httpMessageContext.getRequest())); } return httpMessageContext.notifyContainerAboutLogin(validationResult); diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/LoginToContinueMechanism.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/LoginToContinueMechanism.java index 98630e0ec35..df0086a3e22 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/LoginToContinueMechanism.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/LoginToContinueMechanism.java @@ -16,17 +16,11 @@ */ package org.apache.tomee.security.http; -import org.apache.tomcat.util.buf.ByteChunk; - import jakarta.security.enterprise.authentication.mechanism.http.LoginToContinue; -import jakarta.servlet.http.Cookie; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpSession; import java.io.IOException; -import java.io.InputStream; import java.security.Principal; -import java.util.Enumeration; -import java.util.Locale; import java.util.Set; public interface LoginToContinueMechanism { @@ -40,7 +34,7 @@ public interface LoginToContinueMechanism { static void saveRequest(final HttpServletRequest request) throws IOException { // Stash the SavedRequest in our session for later use - request.getSession().setAttribute(ORIGINAL_REQUEST, JsonFriendlyRequest.fromRequest(request)); + request.getSession().setAttribute(ORIGINAL_REQUEST, SavedRequest.fromRequest(request)); } static boolean matchRequest(final HttpServletRequest request) { @@ -51,7 +45,7 @@ static boolean matchRequest(final HttpServletRequest request) { } // Is there a saved request? - JsonFriendlyRequest originalRequest = (JsonFriendlyRequest) request.getSession().getAttribute(ORIGINAL_REQUEST); + SavedRequest originalRequest = (SavedRequest) request.getSession().getAttribute(ORIGINAL_REQUEST); if (originalRequest == null) { return false; } @@ -72,8 +66,8 @@ static boolean hasRequest(final HttpServletRequest request) { return request.getSession().getAttribute(ORIGINAL_REQUEST) != null; } - static JsonFriendlyRequest getRequest(final HttpServletRequest request) { - return (JsonFriendlyRequest) request.getSession().getAttribute(ORIGINAL_REQUEST); + static SavedRequest getRequest(final HttpServletRequest request) { + return (SavedRequest) request.getSession().getAttribute(ORIGINAL_REQUEST); } static void saveAuthentication(final HttpServletRequest request, diff --git a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/JsonFriendlyRequest.java b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java similarity index 94% rename from tomee/tomee-security/src/main/java/org/apache/tomee/security/http/JsonFriendlyRequest.java rename to tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java index a93e5ff6c41..f760d94f6d9 100644 --- a/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/JsonFriendlyRequest.java +++ b/tomee/tomee-security/src/main/java/org/apache/tomee/security/http/SavedRequest.java @@ -43,8 +43,8 @@ // JSON-B friendly class that stores the request data required for # // both @LoginToContinue and @OpenIdAuthenticationMechanismDefinition(redirectToOriginalResource=true) -public class JsonFriendlyRequest implements Serializable { - private static final Logger LOGGER = Logger.getInstance(LogCategory.TOMEE_SECURITY, JsonFriendlyRequest.class); +public class SavedRequest implements Serializable { + private static final Logger LOGGER = Logger.getInstance(LogCategory.TOMEE_SECURITY, SavedRequest.class); private static final CookieDeSerializer COOKIE_DE_SERIALIZER = new CookieDeSerializer(); private static final JsonbConfig jsonbConfig = new JsonbConfig() @@ -57,7 +57,7 @@ public class JsonFriendlyRequest implements Serializable { private String url; private String queryString; - public static JsonFriendlyRequest fromRequest(HttpServletRequest request) { + public static SavedRequest fromRequest(HttpServletRequest request) { Cookie[] cookies = request.getCookies(); Map> headers = new HashMap<>(); Enumeration headerNames = request.getHeaderNames(); @@ -69,7 +69,7 @@ public static JsonFriendlyRequest fromRequest(HttpServletRequest request) { String method = request.getMethod(); String queryString = request.getQueryString(); - JsonFriendlyRequest result = new JsonFriendlyRequest(); + SavedRequest result = new SavedRequest(); result.setCookies(cookies); result.setHeaders(headers); result.setMethod(method); @@ -79,9 +79,9 @@ public static JsonFriendlyRequest fromRequest(HttpServletRequest request) { return result; } - public static JsonFriendlyRequest fromJson(String json) { + public static SavedRequest fromJson(String json) { try (Jsonb jsonb = JsonbBuilder.create(jsonbConfig)) { - return jsonb.fromJson(json, JsonFriendlyRequest.class); + return jsonb.fromJson(json, SavedRequest.class); } catch (Exception e) { LOGGER.error("Could not restore request from JSON", e); return null; diff --git a/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/JsonFriendlyRequestTest.java b/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java similarity index 91% rename from tomee/tomee-security/src/test/java/org/apache/tomee/security/http/JsonFriendlyRequestTest.java rename to tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java index c8845a018ac..65dd50ac7b5 100644 --- a/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/JsonFriendlyRequestTest.java +++ b/tomee/tomee-security/src/test/java/org/apache/tomee/security/http/SavedRequestTest.java @@ -31,18 +31,18 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertTrue; -public class JsonFriendlyRequestTest { +public class SavedRequestTest { @Test public void testSerializable() { - JsonFriendlyRequest request = new JsonFriendlyRequest(); + SavedRequest request = new SavedRequest(); assertTrue("must implement Serializable, since it will be set as a session attribute", request instanceof Serializable); } @Test public void serialization() throws Exception { - JsonFriendlyRequest request = new JsonFriendlyRequest(); + SavedRequest request = new SavedRequest(); request.setCookies(new Cookie[] {new Cookie("first", "val1"), new Cookie("second", "val2")}); request.setHeaders(new LinkedHashMap<>()); request.getHeaders().put("header1", List.of("h1val1", "h1val2")); @@ -57,7 +57,7 @@ public void serialization() throws Exception { @Test public void deserialization() throws Exception { String json = "{\"cookies\":[{\"name\":\"first\",\"value\":\"val1\",\"attributes\":{}},{\"name\":\"second\",\"value\":\"val2\",\"attributes\":{}}],\"headers\":{\"header1\":[\"h1val1\",\"h1val2\"],\"header2\":[\"h2val1\"]},\"method\":\"PATCH\",\"queryString\":\"foo=bar\",\"url\":\"http://example.com/foo\"}"; - JsonFriendlyRequest request = JsonFriendlyRequest.fromJson(json); + SavedRequest request = SavedRequest.fromJson(json); assertNotNull(request); assertEquals(2, request.getCookies().length); @@ -76,7 +76,7 @@ public void deserialization() throws Exception { @Test public void cookieSerialization() throws Exception { JsonbConfig config = new JsonbConfig() - .withSerializers(new JsonFriendlyRequest.CookieDeSerializer()); + .withSerializers(new SavedRequest.CookieDeSerializer()); try (Jsonb jsonb = JsonbBuilder.create(config)){ Cookie cookie = new Cookie("name", "value"); @@ -91,7 +91,7 @@ public void cookieSerialization() throws Exception { @Test public void cookieDeserialization() throws Exception { JsonbConfig config = new JsonbConfig() - .withDeserializers(new JsonFriendlyRequest.CookieDeSerializer()); + .withDeserializers(new SavedRequest.CookieDeSerializer()); try (Jsonb jsonb = JsonbBuilder.create(config)){ String json = "{\"name\":\"name\",\"value\":\"value\",\"attributes\":{\"Domain\":\"example.com\",\"Max-Age\":\"123\",\"Path\":\"/aaa\"}}";