All Downloads are FREE. Search and download functionalities are using the official Maven repository.

org.springframework.security.web.server.ui.LoginPageGeneratingWebFilter Maven / Gradle / Ivy

Go to download

spring-security-web

There is a newer version: 6.2.3
Show newest version
/*
 * Copyright 2002-2017 the original author or authors.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.springframework.security.web.server.ui;

import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.Map;

import org.springframework.core.io.buffer.DataBuffer;
import org.springframework.core.io.buffer.DataBufferFactory;
import org.springframework.http.HttpMethod;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.server.reactive.ServerHttpResponse;
import org.springframework.security.web.server.csrf.CsrfToken;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatcher;
import org.springframework.security.web.server.util.matcher.ServerWebExchangeMatchers;
import org.springframework.util.Assert;
import org.springframework.util.MultiValueMap;
import org.springframework.web.server.ServerWebExchange;
import org.springframework.web.server.WebFilter;
import org.springframework.web.server.WebFilterChain;
import org.springframework.web.util.HtmlUtils;

import reactor.core.publisher.Mono;

/**
 * Generates a default log in page used for authenticating users.
 *
 * @author Rob Winch
 * @since 5.0
 */
public class LoginPageGeneratingWebFilter implements WebFilter {
	private ServerWebExchangeMatcher matcher = ServerWebExchangeMatchers
		.pathMatchers(HttpMethod.GET, "/login");

	private Map oauth2AuthenticationUrlToClientName = new HashMap<>();

	private boolean formLoginEnabled;

	public void setFormLoginEnabled(boolean enabled) {
		this.formLoginEnabled = enabled;
	}

	public void setOauth2AuthenticationUrlToClientName(
			Map oauth2AuthenticationUrlToClientName) {
		Assert.notNull(oauth2AuthenticationUrlToClientName, "oauth2AuthenticationUrlToClientName cannot be null");
		this.oauth2AuthenticationUrlToClientName = oauth2AuthenticationUrlToClientName;
	}

	@Override
	public Mono filter(ServerWebExchange exchange, WebFilterChain chain) {
		return this.matcher.matches(exchange)
			.filter(ServerWebExchangeMatcher.MatchResult::isMatch)
			.switchIfEmpty(chain.filter(exchange).then(Mono.empty()))
			.flatMap(matchResult -> render(exchange));
	}

	private Mono render(ServerWebExchange exchange) {
		ServerHttpResponse result = exchange.getResponse();
		result.setStatusCode(HttpStatus.OK);
		result.getHeaders().setContentType(MediaType.TEXT_HTML);
		return result.writeWith(createBuffer(exchange));
	}

	private Mono createBuffer(ServerWebExchange exchange) {

		Mono token = exchange.getAttributeOrDefault(CsrfToken.class.getName(), Mono.empty());
		return token
			.map(LoginPageGeneratingWebFilter::csrfToken)
			.defaultIfEmpty("")
			.map(csrfTokenHtmlInput -> {
				byte[] bytes = createPage(exchange, csrfTokenHtmlInput);
				DataBufferFactory bufferFactory = exchange.getResponse().bufferFactory();
				return bufferFactory.wrap(bytes);
			});
	}

	private byte[] createPage(ServerWebExchange exchange, String csrfTokenHtmlInput) {
		MultiValueMap queryParams = exchange.getRequest()
				.getQueryParams();
		String contextPath = exchange.getRequest().getPath().contextPath().value();
		String page = "\n" + "\n" + "  \n"
				+ "    \n"
				+ "    \n"
				+ "    \n"
				+ "    \n"
				+ "    Please sign in\n"
				+ "    \n"
				+ "    \n"
				+ "  \n"
				+ "  \n"
				+ "     
\n"
				+ formLogin(queryParams, csrfTokenHtmlInput)
				+ oauth2LoginLinks(contextPath, this.oauth2AuthenticationUrlToClientName)
				+ "    
\n"
				+ "  \n"
				+ "";

		return page.getBytes(Charset.defaultCharset());
	}

	private String formLogin(MultiValueMap queryParams, String csrfTokenHtmlInput) {
		if (!this.formLoginEnabled) {
			return "";
		}
		boolean isError = queryParams.containsKey("error");
		boolean isLogoutSuccess = queryParams.containsKey("logout");
		return "      
\n"
				+ "        \n"
				+ createError(isError)
				+ createLogoutSuccess(isLogoutSuccess)
				+ "        
\n"
				+ "          \n"
				+ "          \n"
				+ "        
\n" + "        
\n"
				+ "          \n"
				+ "          \n"
				+ "        
\n" + csrfTokenHtmlInput
				+ "        \n"
				+ "      
\n";
	}

	private static String oauth2LoginLinks(String contextPath, Map oauth2AuthenticationUrlToClientName) {
		if (oauth2AuthenticationUrlToClientName.isEmpty()) {
			return "";
		}
		StringBuilder sb = new StringBuilder();
		sb.append("
");
		sb.append("\n");
		for (Map.Entry clientAuthenticationUrlToClientName : oauth2AuthenticationUrlToClientName.entrySet()) {
			sb.append(" \n");
		}
		sb.append("
");
			String url = clientAuthenticationUrlToClientName.getKey();
			sb.append("");
			String clientName = HtmlUtils.htmlEscape(clientAuthenticationUrlToClientName.getValue());
			sb.append(clientName);
			sb.append("");
			sb.append("
\n");
		return sb.toString();
	}

	private static String csrfToken(CsrfToken token) {
		return "          \n";
	}

	private static String createError(boolean isError) {
		return isError ? "
Invalid credentials
" : "";
	}

	private static String createLogoutSuccess(boolean isLogoutSuccess) {
		return isLogoutSuccess ? "
You have been signed out
" : "";
	}
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy