From 9ef168a03b75aeca0c2f7dda9ce87d4014c703a9 Mon Sep 17 00:00:00 2001
From: Vitaly Takmazov
Date: Fri, 16 Mar 2018 10:46:23 +0300
Subject: merge common projects

---
 .../security/HashParamAuthenticationFilter.java    | 103 +++++++++++++++++++++
 1 file changed, 103 insertions(+)
 create mode 100644 juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java

(limited to 'juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java')

diff --git a/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java b/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
new file mode 100644
index 00000000..b56b98c8
--- /dev/null
+++ b/juick-common/src/main/java/com/juick/service/security/HashParamAuthenticationFilter.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright (C) 2008-2017, Juick
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+package com.juick.service.security;
+
+import com.juick.User;
+import com.juick.service.security.entities.JuickUser;
+import com.juick.service.UserService;
+import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.authentication.RememberMeAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.authentication.RememberMeServices;
+import org.springframework.security.web.authentication.rememberme.AbstractRememberMeServices;
+import org.springframework.util.Assert;
+import org.springframework.web.filter.OncePerRequestFilter;
+import org.springframework.web.util.WebUtils;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by aalexeev on 4/5/17.
+ */
+public class HashParamAuthenticationFilter extends OncePerRequestFilter {
+    public static final String PARAM_NAME = "hash";
+
+    private final UserService userService;
+    private final RememberMeServices rememberMeServices;
+
+
+    public HashParamAuthenticationFilter(
+            final UserService userService,
+            final RememberMeServices rememberMeServices) {
+        Assert.notNull(userService, "userService should not be null");
+        Assert.notNull(rememberMeServices, "rememberMeServices should not be null");
+
+        this.userService = userService;
+        this.rememberMeServices = rememberMeServices;
+    }
+
+    @Override
+    protected void doFilterInternal(
+            HttpServletRequest request,
+            HttpServletResponse response,
+            FilterChain filterChain) throws ServletException, IOException {
+
+        String hash = getHashFromRequest(request);
+
+        if (hash != null && authenticationIsRequired()) {
+            User user = userService.getUserByHash(hash);
+
+            if (!user.isAnonymous()) {
+                User userWithPassword = userService.getFullyUserByName(user.getName());
+                userWithPassword.setAuthHash(userService.getHashByUID(userWithPassword.getUid()));
+                Authentication authentication = new RememberMeAuthenticationToken(
+                        ((AbstractRememberMeServices)rememberMeServices).getKey(), new JuickUser(userWithPassword), JuickUser.USER_AUTHORITY);
+
+                SecurityContextHolder.getContext().setAuthentication(authentication);
+
+                rememberMeServices.loginSuccess(request, response, authentication);
+            }
+        }
+
+        filterChain.doFilter(request, response);
+    }
+
+    private boolean authenticationIsRequired() {
+        Authentication existingAuth = SecurityContextHolder.getContext().getAuthentication();
+
+        return existingAuth == null ||
+                !existingAuth.isAuthenticated() ||
+                existingAuth instanceof AnonymousAuthenticationToken;
+    }
+
+    private String getHashFromRequest(HttpServletRequest request) {
+        String paramHash = request.getParameter(PARAM_NAME);
+        Cookie cookieHash = WebUtils.getCookie(request, PARAM_NAME);
+
+        if (paramHash == null && cookieHash != null) {
+            return cookieHash.getValue();
+        }
+        return paramHash;
+    }
+}
-- 
cgit v1.2.3