Example usage for com.liferay.portal.kernel.security.auth AccessControlContext getRequest

List of usage examples for com.liferay.portal.kernel.security.auth AccessControlContext getRequest

  1. HOME
  2. Java
  3. com.liferay.portal
  4. com.liferay.portal.kernel.security.auth.*
  5. AccessControlContext
  6. getRequest

Introduction

In this page you can find the example usage for com.liferay.portal.kernel.security.auth AccessControlContext getRequest.

Prototype

public HttpServletRequest getRequest()

Source Link

Usage

From source file:com.liferay.document.library.document.conversion.internal.security.auth.verifier.ImageRequestAuthVerifier.java

License:Open Source License

@Override
public AuthVerifierResult verify(AccessControlContext accessControlContext, Properties properties)
        throws AuthException {

    AuthVerifierResult authVerifierResult = new AuthVerifierResult();

    HttpServletRequest request = accessControlContext.getRequest();

    try {/*from w ww.  ja  va  2 s  .co m*/
        String token = ParamUtil.getString(request, "auth_token");

        if (Validator.isBlank(token)) {
            return authVerifierResult;
        }

        long userId = ImageRequestTokenUtil.getUserId(token);

        if (userId != 0) {
            authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
            authVerifierResult.setUserId(userId);
        } else {
            authVerifierResult.setState(AuthVerifierResult.State.INVALID_CREDENTIALS);
        }

        return authVerifierResult;
    } catch (Exception e) {
        throw new AuthException(e);
    }
}

From source file:com.liferay.sync.security.auth.verifier.SyncAuthVerifier.java

License:Open Source License

@Override
public AuthVerifierResult verify(AccessControlContext accessControlContext, Properties properties)
        throws AuthException {

    AuthVerifierResult authVerifierResult = new AuthVerifierResult();

    HttpServletRequest request = accessControlContext.getRequest();

    String uri = (String) request.getAttribute(WebKeys.INVOKER_FILTER_URI);

    if (uri.startsWith("/download/")) {
        String contextPath = request.getContextPath();

        if (!contextPath.equals("/o/sync")) {
            return authVerifierResult;
        }//from  ww w  .  j  av  a  2 s .  c  o  m
    }

    String token = request.getHeader(_TOKEN_HEADER);

    if (Validator.isNotNull(token)) {
        String userIdString = getUserId(token);

        if (userIdString != null) {
            authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
            authVerifierResult.setUserId(Long.valueOf(userIdString));

            return authVerifierResult;
        }
    }

    HttpAuthorizationHeader httpAuthorizationHeader = HttpAuthManagerUtil.parse(request);

    if (httpAuthorizationHeader == null) {

        // SYNC-1463

        Map<String, Object> settings = accessControlContext.getSettings();

        settings.remove("basic_auth");

        return authVerifierResult;
    }

    String scheme = httpAuthorizationHeader.getScheme();

    if (!StringUtil.equalsIgnoreCase(scheme, HttpAuthorizationHeader.SCHEME_BASIC)) {

        return authVerifierResult;
    }

    try {
        long userId = HttpAuthManagerUtil.getBasicUserId(request);

        if (userId > 0) {
            token = createToken(userId);

            if (token != null) {
                HttpServletResponse response = accessControlContext.getResponse();

                response.addHeader(_TOKEN_HEADER, token);
            }
        } else {
            userId = _userLocalService.getDefaultUserId(_portal.getCompanyId(request));
        }

        authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
        authVerifierResult.setUserId(userId);

        return authVerifierResult;
    } catch (Exception e) {
        throw new AuthException(e);
    }
}