From c1a3274460680f8795469a43a5509cca08889db3 Mon Sep 17 00:00:00 2001 From: Vitaly Takmazov Date: Fri, 20 Nov 2020 01:28:47 +0300 Subject: Process Referer header without javax.servlet reference * starting to remove javax.servlet dependency --- .../com/juick/www/controllers/SocialLogin.java | 27 +++++++++++----------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'src/main/java/com/juick/www') diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java index 1f99efc1..6fcf9a3a 100644 --- a/src/main/java/com/juick/www/controllers/SocialLogin.java +++ b/src/main/java/com/juick/www/controllers/SocialLogin.java @@ -30,7 +30,6 @@ import com.juick.service.TelegramService; import com.juick.service.UserService; import com.juick.service.security.annotation.Visitor; import com.juick.util.HttpBadRequestException; -import com.juick.util.WebUtils; import org.apache.commons.codec.digest.DigestUtils; import org.apache.commons.codec.digest.HmacAlgorithms; import org.apache.commons.codec.digest.HmacUtils; @@ -44,6 +43,7 @@ import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.CookieValue; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.util.UriComponentsBuilder; @@ -55,6 +55,7 @@ import javax.servlet.http.HttpServletResponse; import java.io.IOException; import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.UUID; import java.util.concurrent.ExecutionException; import java.util.stream.Collectors; @@ -133,11 +134,12 @@ public class SocialLogin { protected String doFacebookLogin(HttpServletRequest request, @RequestParam(required = false) String code, @RequestParam(required = false) String state, + @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { String fbstate = UUID.randomUUID().toString(); if (StringUtils.isBlank(state)) { - state = WebUtils.getPreviousPageByRequest(request).orElse("https://juick.com/"); + state = Optional.of(referer).orElse("https://juick.com/"); } crosspostService.addFacebookState(fbstate, state); return "redirect:" + facebookAuthService.getAuthorizationUrl(fbstate); @@ -239,11 +241,11 @@ public class SocialLogin { } } @GetMapping("/_vklogin") - protected String doVKLogin(HttpServletRequest request, - @RequestParam(required = false) String code, - @RequestParam(required = false) String state, - @CookieValue(required = false) String vkstate, - HttpServletResponse response) throws IOException, ExecutionException, InterruptedException { + protected String doVKLogin(@RequestParam(required = false) String code, + @RequestParam(required = false) String state, + @RequestHeader(value = "referer", required = false) String referer, + @CookieValue(required = false) String vkstate, + HttpServletResponse response) throws IOException, ExecutionException, InterruptedException { if (StringUtils.isBlank(code)) { vkstate = UUID.randomUUID().toString(); Cookie c = new Cookie("vkstate", vkstate); @@ -279,7 +281,7 @@ public class SocialLogin { Cookie c = new Cookie("hash", userService.getHashByUID(uid)); c.setMaxAge(50 * 24 * 60 * 60); response.addCookie(c); - return "redirect:/" + WebUtils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY); + return "redirect:/" + Optional.of(referer).orElse(StringUtils.EMPTY); } else { String loginhash = UUID.randomUUID().toString(); if (!crosspostService.createVKUser(vkID, loginhash, token.getAccessToken(), vkName, vkLink)) { @@ -291,8 +293,8 @@ public class SocialLogin { } @GetMapping("/_tglogin") - public String doDurovLogin(HttpServletRequest request, - @RequestParam Map params, + public String doDurovLogin(@RequestParam Map params, + @RequestHeader(value = "referer", required = false) String referer, HttpServletResponse response) { String dataCheckString = params.entrySet().stream() .filter(p -> !p.getKey().equals("hash")) @@ -309,7 +311,7 @@ public class SocialLogin { Cookie c = new Cookie("hash", userService.getHashByUID(uid)); c.setMaxAge(50 * 24 * 60 * 60); response.addCookie(c); - return "redirect:/" + WebUtils.getPreviousPageByRequest(request).orElse(StringUtils.EMPTY); + return "redirect:/" + Optional.of(referer).orElse(StringUtils.EMPTY); } else { String username = StringUtils.defaultString(params.get("username"), params.get("first_name")); List chats = telegramService.getAnonymous(); @@ -326,8 +328,7 @@ public class SocialLogin { } @GetMapping("/_apple") - public String doAppleLogin(HttpServletRequest request, - @RequestParam(required = false) String code, + public String doAppleLogin(@RequestParam(required = false) String code, HttpServletResponse response) { if (StringUtils.isBlank(code)) { String state = UUID.randomUUID().toString(); -- cgit v1.2.3