1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34 package fr.paris.lutece.plugins.bandeaugra.web;
35
36 import java.util.Map;
37
38 import javax.servlet.http.HttpServletRequest;
39
40 import fr.paris.lutece.portal.service.security.LuteceUser;
41 import fr.paris.lutece.portal.service.security.SecurityService;
42 import fr.paris.lutece.portal.service.security.UserNotSignedException;
43 import fr.paris.lutece.portal.service.util.AppLogService;
44 import fr.paris.lutece.portal.service.util.AppPathService;
45 import fr.paris.lutece.portal.service.util.AppPropertiesService;
46 import fr.paris.lutece.portal.util.mvc.commons.annotations.View;
47 import fr.paris.lutece.portal.util.mvc.xpage.MVCApplication;
48 import fr.paris.lutece.portal.util.mvc.xpage.annotations.Controller;
49 import fr.paris.lutece.portal.web.constants.Markers;
50 import fr.paris.lutece.portal.web.xpages.XPage;
51 import java.net.MalformedURLException;
52 import java.net.URL;
53
54
55
56 @Controller( xpageName = "bandeaugra", pageTitleI18nKey = "bandeaugra.xpage.bandeaugra.pageTitle", pagePathI18nKey = "bandeaugra.xpage.bandeaugra.pagePathLabel" )
57 public class BandeaugraApp extends MVCApplication
58 {
59 private static final long serialVersionUID = 2371791722341987550L;
60 private static final String TEMPLATE_XPAGE = "/skin/plugins/bandeaugra/bandeaugra.html";
61 private static final String VIEW_AUTH = "auth";
62 private static final String PARAMETER_BACK_URL = "back_url";
63 private static final String MARK_BACK_URL = "back_url";
64 private static final String PROPERTY_AUTHORIZED_DOMAINS = "bandeaugra.authorizedDomains";
65 private static final String CONSTANT_COMMA = ",";
66
67
68
69
70
71
72
73
74 @View( value = VIEW_AUTH, defaultView = true )
75 public XPage viewAuth( HttpServletRequest request ) throws UserNotSignedException
76 {
77
78 LuteceUser luteceUser = SecurityService.getInstance( ).getRegisteredUser( request );
79
80 if ( luteceUser == null )
81 {
82 throw new UserNotSignedException( );
83 }
84
85 String strBackUrl = getBackUrl( request );
86
87 Map<String, Object> model = getModel( );
88 model.put( Markers.BASE_URL, AppPathService.getBaseUrl( request ) );
89
90 if ( strBackUrl != null )
91 {
92 model.put( MARK_BACK_URL, strBackUrl );
93 }
94
95 XPage xpage = getXPage( TEMPLATE_XPAGE, request.getLocale( ), model );
96 xpage.setStandalone( true );
97 return xpage;
98
99 }
100
101 private static String getBackUrl( HttpServletRequest request )
102 {
103 String strBackUrl = request.getParameter( PARAMETER_BACK_URL );
104 String[] listAuthorizedDomains = AppPropertiesService.getProperty( PROPERTY_AUTHORIZED_DOMAINS ).split( CONSTANT_COMMA );
105
106 try
107 {
108 URL url = new URL ( strBackUrl );
109 String strHost = url.getHost( );
110 for ( String strAuthorizedDomain : listAuthorizedDomains )
111 {
112 if ( strHost.endsWith( strAuthorizedDomain ) )
113 {
114 return strBackUrl;
115 }
116 }
117 } catch ( MalformedURLException ex)
118 {
119 AppLogService.error( "Given back_url isn't a valid url " + strBackUrl, ex );
120 }
121 return null;
122 }
123 }