From f1e0b9b0179c176ad143862cbe56a24d319c87ba Mon Sep 17 00:00:00 2001
From: Kai Moritz <kai@juplo.de>
Date: Thu, 26 May 2016 16:06:37 +0200
Subject: [PATCH] Turning the app into a pure Facebook-App

We remove everything, that is not needed, if all users are signed in through
the Facebook-Canvas.
---
 .../SocialAuthenticationEntryPoint.java       | 82 -------------------
 .../de/juplo/yourshouter/SocialConfig.java    | 21 -----
 .../SpringSecuritySignInAdapter.java          | 18 +---
 .../juplo/yourshouter/WebSecurityConfig.java  | 10 +--
 .../thymeleaf/connect/facebookConnect.html    | 18 ----
 .../thymeleaf/connect/facebookConnected.html  | 14 ----
 src/main/webapp/thymeleaf/home.html           |  1 -
 src/main/webapp/thymeleaf/signin.html         | 12 ---
 8 files changed, 3 insertions(+), 173 deletions(-)
 delete mode 100644 src/main/java/de/juplo/yourshouter/SocialAuthenticationEntryPoint.java
 delete mode 100644 src/main/webapp/thymeleaf/connect/facebookConnect.html
 delete mode 100644 src/main/webapp/thymeleaf/connect/facebookConnected.html
 delete mode 100644 src/main/webapp/thymeleaf/signin.html

diff --git a/src/main/java/de/juplo/yourshouter/SocialAuthenticationEntryPoint.java b/src/main/java/de/juplo/yourshouter/SocialAuthenticationEntryPoint.java
deleted file mode 100644
index f119314..0000000
--- a/src/main/java/de/juplo/yourshouter/SocialAuthenticationEntryPoint.java
+++ /dev/null
@@ -1,82 +0,0 @@
-package de.juplo.yourshouter;
-
-import java.io.IOException;
-import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.web.AuthenticationEntryPoint;
-import org.springframework.stereotype.Service;
-
-
-/**
- * Specialized implementation of {@link AuthenticationEntryPoint}, that
- * redirects to the social sign-in-page, to let the user decide to sign in or
- * not.
- *
- * @author Kai Moritz
- */
-@Service
-public class SocialAuthenticationEntryPoint implements AuthenticationEntryPoint
-{
-  private static final Logger LOG =
-      LoggerFactory.getLogger(SocialAuthenticationEntryPoint.class);
-
-  public final static String REDIRECT_ATTRIBUTE =
-      SocialAuthenticationEntryPoint.class.getCanonicalName() + ".REDIRECT";
-
-
-  /**
-   * {@inheritDoc}
-   *
-   * To commence the sign-in through the Graph-API, we have to redirect
-   * to our already implemented sign-in-page.
-   * <p>
-   * We store the originally requested page in the {@link HttpSession}, to be
-   * redirect back to that page after a successful authentication in
-   * {@link SpringSecuritySignInAdapter}.
-   * <p>
-   * Only the first request of a ressource, that requires authentication, will
-   * trigger the redirect to the sing-in-page.
-   *
-   * @see SpringSecuritySignInAdapter
-   */
-  @Override
-  public void commence(
-      HttpServletRequest request,
-      HttpServletResponse response,
-      AuthenticationException exception
-      )
-      throws
-        IOException,
-        ServletException
-  {
-    HttpSession session = request.getSession();
-    if (session.getAttribute(REDIRECT_ATTRIBUTE) == null)
-    {
-      LOG.info(
-          "redirecting unauthenticated request to {}",
-          request.getRequestURI()
-          );
-      StringBuffer url = request.getRequestURL();
-      if (request.getQueryString() != null)
-      {
-        url.append('?');
-        url.append(request.getQueryString());
-      }
-      session.setAttribute(REDIRECT_ATTRIBUTE, url.toString());
-      response.sendRedirect("/signin.html");
-    }
-    else
-    {
-      LOG.info(
-          "redirect to sign-in already in progress, forbidding access to {}",
-          request.getRequestURI()
-          );
-      response.sendError(HttpServletResponse.SC_FORBIDDEN);
-    }
-  }
-}
diff --git a/src/main/java/de/juplo/yourshouter/SocialConfig.java b/src/main/java/de/juplo/yourshouter/SocialConfig.java
index 3718953..40a0aa5 100644
--- a/src/main/java/de/juplo/yourshouter/SocialConfig.java
+++ b/src/main/java/de/juplo/yourshouter/SocialConfig.java
@@ -24,7 +24,6 @@ import org.springframework.social.connect.ConnectionSignUp;
 import org.springframework.social.connect.UsersConnectionRepository;
 import org.springframework.social.connect.jdbc.JdbcUsersConnectionRepository;
 import org.springframework.social.connect.web.ConnectController;
-import org.springframework.social.connect.web.ProviderSignInController;
 import org.springframework.social.connect.web.SignInAdapter;
 import org.springframework.social.facebook.api.Facebook;
 import org.springframework.social.facebook.connect.FacebookConnectionFactory;
@@ -141,26 +140,6 @@ public class SocialConfig extends SocialConfigurerAdapter
     return controller;
   }
 
-  /**
-   * Configure the {@link ProviderSignInController} to use our implementation
-   * of {@link SignInAdapter} to sign in the user by storing the ID in the
-   * {@link SecurityContext} and the user-cookie.
-   *
-   * @param factoryLocator The {@link ConnectionFactoryLocator} will be injected by Spring.
-   * @param repository The {@link UserConnectionRepository} will be injected by Spring.
-   * @return The configured {@link ProviderSignInController}
-   */
-  @Bean
-  public ProviderSignInController signInController(
-      ConnectionFactoryLocator factoryLocator,
-      UsersConnectionRepository repository
-      )
-  {
-    ProviderSignInController controller =
-        new ProviderSignInController(factoryLocator, repository, signInAdapter);
-    return controller;
-  }
-
   /**
    * Configure the {@link CanvasSignInController} to enable sign-in through
    * the <code>signed_request</code>, that Facebook sends to the canvas-page.
diff --git a/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java b/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java
index 24cf904..b3ddff4 100644
--- a/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java
+++ b/src/main/java/de/juplo/yourshouter/SpringSecuritySignInAdapter.java
@@ -1,13 +1,13 @@
 package de.juplo.yourshouter;
 
 
-import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContext;
 import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.security.web.savedrequest.RequestCache;
 import org.springframework.social.connect.Connection;
 import org.springframework.social.connect.web.SignInAdapter;
 import org.springframework.stereotype.Service;
@@ -65,20 +65,6 @@ public class SpringSecuritySignInAdapter implements SignInAdapter
     SecurityContextHolder.getContext().setAuthentication(
         new UsernamePasswordAuthenticationToken(user, null, null));
 
-    HttpSession session =
-        request.getNativeRequest(HttpServletRequest.class).getSession();
-    String redirect =
-        (String)session
-            .getAttribute(SocialAuthenticationEntryPoint.REDIRECT_ATTRIBUTE);
-    if (redirect != null)
-    {
-      LOG.info("redirecting to originally requested resource {}", redirect);
-      session.removeAttribute(SocialAuthenticationEntryPoint.REDIRECT_ATTRIBUTE);
-    }
-    else
-    {
-      LOG.info("found no original request in session, redirecting to default");
-    }
-    return redirect;
+    return null;
   }
 }
diff --git a/src/main/java/de/juplo/yourshouter/WebSecurityConfig.java b/src/main/java/de/juplo/yourshouter/WebSecurityConfig.java
index 5b82a12..8f24d86 100644
--- a/src/main/java/de/juplo/yourshouter/WebSecurityConfig.java
+++ b/src/main/java/de/juplo/yourshouter/WebSecurityConfig.java
@@ -1,6 +1,5 @@
 package de.juplo.yourshouter;
 
-import javax.inject.Inject;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -13,10 +12,6 @@ import org.springframework.security.web.AuthenticationEntryPoint;
 @EnableWebSecurity
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter
 {
-  @Inject
-  AuthenticationEntryPoint authenticationEntryPoint;
-
-
   /**
    * @{@inheritDoc}
    *
@@ -57,9 +52,6 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter
              */
             .ignoringAntMatchers("/canvas/*", "/h2-console/*")
             .and()
-        .exceptionHandling()
-            .authenticationEntryPoint(authenticationEntryPoint)
-            .and()
         .headers()
             /**
              * All pages must be allowed, to be displayed inside a frame.
@@ -70,7 +62,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter
             .frameOptions().disable()
             .and()
         .authorizeRequests()
-            .antMatchers("/signin.html", "/signin/*", "/canvas/*").permitAll()
+            .antMatchers("/canvas/*").permitAll()
             .anyRequest().authenticated();
   }
 
diff --git a/src/main/webapp/thymeleaf/connect/facebookConnect.html b/src/main/webapp/thymeleaf/connect/facebookConnect.html
deleted file mode 100644
index 5e275d8..0000000
--- a/src/main/webapp/thymeleaf/connect/facebookConnect.html
+++ /dev/null
@@ -1,18 +0,0 @@
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
-  <head>
-    <title>Connect to Facebook</title>
-  </head>
-  <body>
-    <h1>Connect to Facebook</h1>
-    <form action="#" th:action="@{/connect/facebook}" method="POST">
-      <div class="formInfo">
-        <p>
-          You aren't connected to Facebook yet.
-          Click the button to connect with your Facebook account.
-        </p>
-      </div>
-      <p><button type="submit">Connect to Facebook</button></p>
-    </form>
-  </body>
-</html>
diff --git a/src/main/webapp/thymeleaf/connect/facebookConnected.html b/src/main/webapp/thymeleaf/connect/facebookConnected.html
deleted file mode 100644
index 6c28e0d..0000000
--- a/src/main/webapp/thymeleaf/connect/facebookConnected.html
+++ /dev/null
@@ -1,14 +0,0 @@
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
-  <head>
-    <title>Connect to Facebook</title>
-  </head>
-  <body>
-    <p>Back <a href="home.html" th:href="@{/}">HOME</a></p>
-    <hr />
-    <h1>Connected to Facebook</h1>
-    <p>
-      You are now connected to your Facebook account.
-    </p>		
-  </body>
-</html>
diff --git a/src/main/webapp/thymeleaf/home.html b/src/main/webapp/thymeleaf/home.html
index f7649e5..cd6148f 100644
--- a/src/main/webapp/thymeleaf/home.html
+++ b/src/main/webapp/thymeleaf/home.html
@@ -6,7 +6,6 @@
   <body>
     <h1>Hello, <span th:text="${user.name}">Some User</span>!</h1>
     <ul>
-      <li><a href="connect/facebookConnected.html" th:href="@{/connect/facebook.html}">Show connection-status</a></li>
       <li><a href="profile.html" th:href="@{/profile.html}">Show public profile-data</a></li>
       <li><a href="#" th:href="@{/h2-console}">Connect to the H2-console</a></li>
     </ul>
diff --git a/src/main/webapp/thymeleaf/signin.html b/src/main/webapp/thymeleaf/signin.html
deleted file mode 100644
index 687d7f4..0000000
--- a/src/main/webapp/thymeleaf/signin.html
+++ /dev/null
@@ -1,12 +0,0 @@
-<!DOCTYPE html>
-<html xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org">
-  <head>
-    <title>Sign In</title>
-  </head>
-  <body>
-    <form action="#" th:action="@{/signin/facebook}" method="POST">
-      <input type="hidden" name="scope" value="public_profile,manage_pages" />
-      <button type="submit">Sign in with Facebook</button>
-    </form>
-  </body>
-</html>
-- 
2.20.1