Refactored authorization from HomeController to UserCookieInterceptor

author Kai Moritz <kai@juplo.de>

Mon, 25 Jan 2016 01:23:20 +0000 (02:23 +0100)

committer Kai Moritz <kai@juplo.de>

Mon, 1 Feb 2016 17:52:54 +0000 (18:52 +0100)
author Kai Moritz <kai@juplo.de>
Mon, 25 Jan 2016 01:23:20 +0000 (02:23 +0100)
committer Kai Moritz <kai@juplo.de>
Mon, 1 Feb 2016 17:52:54 +0000 (18:52 +0100)
diff --git a/src/main/java/de/juplo/yourshouter/HomeController.java b/src/main/java/de/juplo/yourshouter/HomeController.java

index c5ece60..c74316e 100644 (file)
--- a/src/main/java/de/juplo/yourshouter/HomeController.java
+++ b/src/main/java/de/juplo/yourshouter/HomeController.java
@@ -37,22 +37,6 @@ public class HomeController
    @RequestMapping(method = RequestMethod.GET)
    public String home(Model model)
    {
-    boolean authorized = true;
-    try
-    {
-      authorized = facebook.isAuthorized();
-    }
-    catch (NullPointerException e)
-    {
-      LOG.debug("NPE while acessing Facebook: {}", e);
-      authorized = false;
-    }
-    if (!authorized)
-    {
-      LOG.info("no authorized user, redirecting to /signin.html");
-      return "redirect:/signin.html";
-    }
-
      User user = facebook.userOperations().getUserProfile();
      LOG.info("authorized user {}, id: {}", user.getName(), user.getId());
      model.addAttribute("user", user);
diff --git a/src/main/java/de/juplo/yourshouter/SecurityContextUserIdSource.java b/src/main/java/de/juplo/yourshouter/SecurityContextUserIdSource.java

index 9fae323..662da57 100644 (file)
--- a/src/main/java/de/juplo/yourshouter/SecurityContextUserIdSource.java
+++ b/src/main/java/de/juplo/yourshouter/SecurityContextUserIdSource.java
@@ -1,8 +1,7 @@
  package de.juplo.yourshouter;
  
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
  import org.springframework.social.UserIdSource;
+import org.springframework.util.Assert;
  
  
  /**
@@ -13,30 +12,17 @@ import org.springframework.social.UserIdSource;
   */
  public class SecurityContextUserIdSource implements UserIdSource
  {
-  private final static Logger LOG =
-      LoggerFactory.getLogger(SecurityContextUserIdSource.class);
-
-
    /**
     * Retrieves the ID of the current user from the {@link SecurityContext}.
+   * If no ID is found, an exception is thrown.
     *
-   * @return
-   *     The ID of the current user, or the special ID <code>anonymous</code>,
-   *     if no current user is present.
+   * @return The ID of the current user
+   * @throws IllegalStateException, if no current user is found.
     */
    @Override
    public String getUserId()
    {
-    String user = SecurityContext.getCurrentUser();
-    if (user != null)
-    {
-      LOG.debug("found user \"{}\" in the security-context", user);
-    }
-    else
-    {
-      LOG.info("found no user in the security-context, using \"anonymous\"");
-      user = "anonymous";
-    }
-    return user;
+    Assert.state(SecurityContext.userSignedIn(), "No user signed in!");
+    return SecurityContext.getCurrentUser();
    }
  }
diff --git a/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java b/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java

index 6a6cba6..c72ef41 100644 (file)
--- a/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java
+++ b/src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java
@@ -1,6 +1,7 @@
  package de.juplo.yourshouter;
  
  
+import java.io.IOException;
  import java.util.Collections;
  import javax.servlet.http.HttpServletRequest;
  import javax.servlet.http.HttpServletResponse;
@@ -52,6 +53,9 @@ public final class UserCookieInterceptor extends HandlerInterceptorAdapter
     * @return
     *     Always <code>true</code>, to indicate, that the intercepted request
     *     should be handled normally.
+   * @throws java.io.IOException
+   *     if something wents wrong, while sending the redirect to the
+   *     sign-in-page.
     */
    @Override
    public boolean preHandle(
@@ -59,7 +63,12 @@ public final class UserCookieInterceptor extends HandlerInterceptorAdapter
        HttpServletResponse response,
        Object handler
        )
+      throws
+        IOException
    {
+    if (request.getServletPath().startsWith("/signin"))
+      return true;
+
      String user = UserCookieGenerator.INSTANCE.readCookieValue(request);
      if (user != null)
      {
@@ -78,7 +87,9 @@ public final class UserCookieInterceptor extends HandlerInterceptorAdapter
          UserCookieGenerator.INSTANCE.removeCookie(response);
        }
      }
-    return true;
+
+    response.sendRedirect("/signin.html");
+    return false;
    }
  
    /**
author	Kai Moritz <kai@juplo.de>
	Mon, 25 Jan 2016 01:23:20 +0000 (02:23 +0100)
committer	Kai Moritz <kai@juplo.de>
	Mon, 1 Feb 2016 17:52:54 +0000 (18:52 +0100)
src/main/java/de/juplo/yourshouter/HomeController.java		patch \| blob \| history
src/main/java/de/juplo/yourshouter/SecurityContextUserIdSource.java		patch \| blob \| history
src/main/java/de/juplo/yourshouter/UserCookieInterceptor.java		patch \| blob \| history