aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2020-11-20 01:28:47 +0300
committerGravatar Vitaly Takmazov2020-11-20 01:28:47 +0300
commitc1a3274460680f8795469a43a5509cca08889db3 (patch)
treed1cf0e388e24856450b3b0c4519dce9f2bcfd5d2 /src
parent75136e133101027fef6f6a21f4755cd1abc2a543 (diff)
Process Referer header without javax.servlet reference
* starting to remove javax.servlet dependency
Diffstat (limited to 'src')
-rw-r--r--src/main/java/com/juick/util/WebUtils.java13
-rw-r--r--src/main/java/com/juick/www/controllers/SocialLogin.java27
-rw-r--r--src/test/java/com/juick/server/tests/ServerTests.java2
3 files changed, 14 insertions, 28 deletions
diff --git a/src/main/java/com/juick/util/WebUtils.java b/src/main/java/com/juick/util/WebUtils.java
index 3a8c7620..a8e690ed 100644
--- a/src/main/java/com/juick/util/WebUtils.java
+++ b/src/main/java/com/juick/util/WebUtils.java
@@ -17,8 +17,6 @@
package com.juick.util;
-import javax.servlet.http.HttpServletRequest;
-import java.util.Optional;
import java.util.regex.Pattern;
/**
@@ -65,15 +63,4 @@ public class WebUtils {
.replaceAll("\\'", "\\\\'")
.replaceAll("=", "\\\\\\\\=");
}
- /**
- * Returns the viewName to return for coming back to the sender url
- *
- * @param request Instance of {@link HttpServletRequest} or use an injected instance
- * @return Optional with the view name. Recomended to use an alternativa url with
- * {@link Optional#orElse(java.lang.Object)}
- */
- public static Optional<String> getPreviousPageByRequest(HttpServletRequest request)
- {
- return Optional.ofNullable(request.getHeader("Referer"));
- }
}
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index 1f99efc1..6fcf9a3a 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -30,7 +30,6 @@ import com.juick.service.TelegramService;
import com.juick.service.UserService;
import com.juick.service.security.annotation.Visitor;
import com.juick.util.HttpBadRequestException;
-import com.juick.util.WebUtils;
import org.apache.commons.codec.digest.DigestUtils;
import org.apache.commons.codec.digest.HmacAlgorithms;
import org.apache.commons.codec.digest.HmacUtils;
@@ -44,6 +43,7 @@ import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.CookieValue;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.util.UriComponentsBuilder;
@@ -55,6 +55,7 @@ import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.List;
import java.util.Map;
+import java.util.Optional;
import java.util.UUID;
import java.util.concurrent.ExecutionException;
import java.util.stream.Collectors;
@@ -133,11 +134,12 @@ public class SocialLogin {
protected String doFacebookLogin(HttpServletRequest request,
@RequestParam(required = false) String code,
@RequestParam(required = false) String state,
+ @RequestHeader(value = "referer", required = false) String referer,
HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
String fbstate = UUID.randomUUID().toString();
if (StringUtils.isBlank(state)) {
- state = WebUtils.getPreviousPageByRequest(request).orElse("https://juick.com/");
+ state = Optional.of(referer).orElse("https://juick.com/");
}
crosspostService.addFacebookState(fbstate, state);
return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate);
@@ -239,11 +241,11 @@ public class SocialLogin {
}
}
@GetMapping("/_vklogin")
- protected String doVKLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
- @RequestParam(required = false) String state,
- @CookieValue(required = false) String vkstate,
- HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+ protected String doVKLogin(@RequestParam(required = false) String code,
+ @RequestParam(required = false) String state,
+ @RequestHeader(value = "referer", required = false) String referer,
+ @CookieValue(required = false) String vkstate,
+ HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
if (StringUtils.isBlank(code)) {
vkstate = UUID.randomUUID().toString();
Cookie c = new Cookie("vkstate", vkstate);
@@ -279,7 +281,7 @@ public class SocialLogin {
Cookie c = new Cookie("hash", userService.getHashByUID(uid));
c.setMaxAge(50 * 24 * 60 * 60);
response.addCookie(c);
- return "redirect:/" + WebUtils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
+ return "redirect:/" + Optional.of(referer).orElse(StringUtils.EMPTY);
} else {
String loginhash = UUID.randomUUID().toString();
if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) {
@@ -291,8 +293,8 @@ public class SocialLogin {
}
@GetMapping("/_tglogin")
- public String doDurovLogin(HttpServletRequest request,
- @RequestParam Map<String, String> params,
+ public String doDurovLogin(@RequestParam Map<String, String> params,
+ @RequestHeader(value = "referer", required = false) String referer,
HttpServletResponse response) {
String dataCheckString = params.entrySet().stream()
.filter(p -> !p.getKey().equals("hash"))
@@ -309,7 +311,7 @@ public class SocialLogin {
Cookie c = new Cookie("hash", userService.getHashByUID(uid));
c.setMaxAge(50 * 24 * 60 * 60);
response.addCookie(c);
- return "redirect:/" + WebUtils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY);
+ return "redirect:/" + Optional.of(referer).orElse(StringUtils.EMPTY);
} else {
String username = StringUtils.defaultString(params.get("username"), params.get("first_name"));
List<Long> chats = telegramService.getAnonymous();
@@ -326,8 +328,7 @@ public class SocialLogin {
}
@GetMapping("/_apple")
- public String doAppleLogin(HttpServletRequest request,
- @RequestParam(required = false) String code,
+ public String doAppleLogin(@RequestParam(required = false) String code,
HttpServletResponse response) {
if (StringUtils.isBlank(code)) {
String state = UUID.randomUUID().toString();
diff --git a/src/test/java/com/juick/server/tests/ServerTests.java b/src/test/java/com/juick/server/tests/ServerTests.java
index 3e883756..1a9944ca 100644
--- a/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/src/test/java/com/juick/server/tests/ServerTests.java
@@ -91,7 +91,6 @@ import org.springframework.http.client.ClientHttpRequestFactory;
import org.springframework.jdbc.core.JdbcTemplate;
import org.springframework.test.context.TestPropertySource;
import org.springframework.test.context.junit.jupiter.SpringExtension;
-import org.springframework.test.context.junit4.SpringRunner;
import org.springframework.test.web.client.MockRestServiceServer;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.MvcResult;
@@ -146,7 +145,6 @@ import static org.hamcrest.Matchers.*;
import static org.junit.jupiter.api.Assertions.*;
import static org.springframework.security.test.web.servlet.request.SecurityMockMvcRequestPostProcessors.httpBasic;
import static org.springframework.test.util.AssertionErrors.assertNotEquals;
-import static org.springframework.test.util.AssertionErrors.assertTrue;
import static org.springframework.test.web.client.ExpectedCount.times;
import static org.springframework.test.web.client.match.MockRestRequestMatchers.requestTo;
import static org.springframework.test.web.client.response.MockRestResponseCreators.withStatus;