View Javadoc
1   /*
2    * Copyright (c) 2002-2021, City of Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.mylutece.web;
35  
36  import java.io.UnsupportedEncodingException;
37  import java.net.URLEncoder;
38  import java.sql.Timestamp;
39  import java.util.Enumeration;
40  import java.util.HashMap;
41  import java.util.Locale;
42  import java.util.Map;
43  
44  import javax.security.auth.login.FailedLoginException;
45  import javax.security.auth.login.LoginException;
46  import javax.servlet.http.HttpServletRequest;
47  import javax.servlet.http.HttpSession;
48  
49  import org.apache.commons.lang3.StringUtils;
50  
51  import fr.paris.lutece.plugins.mylutece.authentication.MultiLuteceAuthentication;
52  import fr.paris.lutece.plugins.mylutece.authentication.logs.ConnectionLog;
53  import fr.paris.lutece.plugins.mylutece.authentication.logs.ConnectionLogHome;
54  import fr.paris.lutece.plugins.mylutece.service.MyLutecePlugin;
55  import fr.paris.lutece.portal.service.captcha.CaptchaSecurityService;
56  import fr.paris.lutece.portal.service.i18n.I18nService;
57  import fr.paris.lutece.portal.service.plugin.Plugin;
58  import fr.paris.lutece.portal.service.plugin.PluginService;
59  import fr.paris.lutece.portal.service.security.FailedLoginCaptchaException;
60  import fr.paris.lutece.portal.service.security.LoginRedirectException;
61  import fr.paris.lutece.portal.service.security.LuteceAuthentication;
62  import fr.paris.lutece.portal.service.security.LuteceUser;
63  import fr.paris.lutece.portal.service.security.SecurityService;
64  import fr.paris.lutece.portal.service.security.SecurityTokenService;
65  import fr.paris.lutece.portal.service.template.AppTemplateService;
66  import fr.paris.lutece.portal.service.util.AppPathService;
67  import fr.paris.lutece.portal.service.util.AppPropertiesService;
68  import fr.paris.lutece.portal.service.util.CryptoService;
69  import fr.paris.lutece.portal.web.PortalJspBean;
70  import fr.paris.lutece.portal.web.xpages.XPage;
71  import fr.paris.lutece.portal.web.xpages.XPageApplication;
72  import fr.paris.lutece.util.html.HtmlTemplate;
73  import fr.paris.lutece.util.http.SecurityUtil;
74  import fr.paris.lutece.util.json.AbstractJsonResponse;
75  import fr.paris.lutece.util.json.JsonResponse;
76  import fr.paris.lutece.util.json.JsonUtil;
77  import fr.paris.lutece.util.url.UrlItem;
78  
79  /**
80   * This class provides the XPageApp that manage personalization features for Lutece : login, account management, ...
81   */
82  public class MyLuteceApp implements XPageApplication
83  {
84      //////////////////////////////////////////////////////////////////////////////////
85      // Constants
86      private static final String ATTRIBUTE_CURRENT_URL = "luteceCurrentUrl";
87      private static final String TOKEN_ACTION_LOGIN = "dologin";
88      // Markers
89      private static final String MARK_ERROR_MESSAGE = "error_message";
90      private static final String MARK_ERROR_DETAIL = "error_detail";
91      private static final String MARK_URL_DOLOGIN = "url_dologin";
92      private static final String MARK_URL_NEWACCOUNT = "url_new_account";
93      private static final String MARK_LIST_AUTHENTICATIONS = "list_authentications";
94      private static final String MARK_AUTH_PROVIDER = "auth_provider";
95      private static final String MARK_IS_ACTIVE_CAPTCHA = "is_active_captcha";
96      private static final String MARK_CAPTCHA = "captcha";
97  
98      // Parameters
99      private static final String PARAMETER_ACTION = "action";
100     private static final String PARAMETER_USERNAME = "username";
101     private static final String PARAMETER_PASSWORD = "password";
102     private static final String PARAMETER_ERROR = "error";
103     private static final String PARAMETER_ERROR_VALUE_INVALID = "invalid";
104     private static final String PARAMETER_ERROR_MSG = "error_msg";
105     private static final String PARAMETER_AUTH_PROVIDER = "auth_provider";
106     private static final String PARAMETER_IS_ACTIVE_CAPTCHA = "mylutece_is_active_captcha";
107     private static final String PARAMETER_ERROR_CAPTCHA = "error_captcha";
108     private static final String PARAMETER_DATE_LOGIN = "date_login";
109     private static final String PARAMETER_INTERVAL = "interval";
110     private static final String PARAMETER_IP = "ip";
111     private static final String PARAMETER_KEY = "key";
112 
113     // Actions
114     private static final String ACTION_CREATE_ACCOUNT = "createAccount";
115     private static final String ACTION_VIEW_ACCOUNT = "viewAccount";
116     private static final String ACTION_LOST_PASSWORD = "lostPassword";
117     private static final String ACTION_LOST_LOGIN = "lostLogin";
118 
119     // Properties
120     private static final String PROPERTY_MYLUTECE_PAGETITLE_LOGIN = "mylutece.pageTitle.login";
121     private static final String PROPERTY_MYLUTECE_PATHLABEL_LOGIN = "mylutece.pagePathLabel.login";
122     private static final String PROPERTY_MYLUTECE_MESSAGE_INVALID_LOGIN = "mylutece.message.error.invalid.login";
123     private static final String PROPERTY_MYLUTECE_MESSAGE_INVALID_CAPTCHA = "mylutece.message.error.invalid.captcha";
124     private static final String PROPERTY_MYLUTECE_LOGIN_PAGE_URL = "mylutece.url.login.page";
125     private static final String PROPERTY_MYLUTECE_DOLOGIN_URL = "mylutece.url.doLogin";
126     private static final String PROPERTY_MYLUTECE_DOLOGOUT_URL = "mylutece.url.doLogout";
127     private static final String PROPERTY_MYLUTECE_CREATE_ACCOUNT_URL = "mylutece.url.createAccount.page";
128     private static final String PROPERTY_MYLUTECE_VIEW_ACCOUNT_URL = "mylutece.url.viewAccount.page";
129     private static final String PROPERTY_MYLUTECE_LOST_PASSWORD_URL = "mylutece.url.lostPassword.page";
130     private static final String PROPERTY_MYLUTECE_LOST_LOGIN_URL = "mylutece.url.lostLogin.page";
131     private static final String PROPERTY_MYLUTECE_RESET_PASSWORD_URL = "mylutece.url.resetPassword.page";
132     private static final String PROPERTY_MYLUTECE_DEFAULT_REDIRECT_URL = "mylutece.url.default.redirect";
133     private static final String PROPERTY_MYLUTECE_TEMPLATE_ACCESS_DENIED = "mylutece.template.accessDenied";
134     private static final String PROPERTY_MYLUTECE_TEMPLATE_ACCESS_CONTROLED = "mylutece.template.accessControled";
135     private static final String PROPERTY_DEFAULT_ENCRYPTION_ALGORITHM = "security.defaultValues.algorithm";
136 
137     // i18n Properties
138     private static final String PROPERTY_CREATE_ACCOUNT_LABEL = "mylutece.xpage.createAccountLabel";
139     private static final String PROPERTY_CREATE_ACCOUNT_TITLE = "mylutece.xpage.createAccountTitle";
140     private static final String PROPERTY_VIEW_ACCOUNT_LABEL = "mylutece.xpage.viewAccountLabel";
141     private static final String PROPERTY_VIEW_ACCOUNT_TITLE = "mylutece.xpage.viewAccountTitle";
142     private static final String PROPERTY_LOST_PASSWORD_LABEL = "mylutece.xpage.lostPasswordLabel";
143     private static final String PROPERTY_LOST_PASSWORD_TITLE = "mylutece.xpage.lostPasswordTitle";
144     private static final String PROPERTY_LOST_LOGIN_LABEL = "mylutece.xpage.lostLoginLabel";
145     private static final String PROPERTY_LOST_LOGIN_TITLE = "mylutece.xpage.lostLoginTitle";
146 
147     // Templates
148     private static final String TEMPLATE_LOGIN_PAGE = "skin/plugins/mylutece/login_form.html";
149     private static final String TEMPLATE_LOGIN_MULTI_PAGE = "skin/plugins/mylutece/login_form_multi.html";
150     private static final String TEMPLATE_LOST_PASSWORD_PAGE = "skin/plugins/mylutece/lost_password.html";
151     private static final String TEMPLATE_LOST_LOGIN_PAGE = "skin/plugins/mylutece/lost_login.html";
152     private static final String TEMPLATE_CREATE_ACCOUNT_PAGE = "skin/plugins/mylutece/create_account.html";
153     private static final String TEMPLATE_VIEW_ACCOUNT_PAGE = "skin/plugins/mylutece/view_account.html";
154     private static final String CONSTANT_DEFAULT_ENCRYPTION_ALGORITHM = "SHA-256";
155     private Locale _locale;
156 
157     /**
158      * Constructor
159      */
160     public MyLuteceApp( )
161     {
162     }
163 
164     /**
165      * This method builds a XPage object corresponding to the request
166      * 
167      * @param request
168      *            The HTTP request
169      * @param nMode
170      *            The mode
171      * @param plugin
172      *            The plugin object which belongs the App
173      * @return The XPage object containing the page content
174      */
175     public XPage getPage( HttpServletRequest request, int nMode, Plugin plugin )
176     {
177         XPage page = new XPage( );
178 
179         String strAction = request.getParameter( PARAMETER_ACTION );
180         _locale = request.getLocale( );
181 
182         if ( StringUtils.equals( strAction, ACTION_CREATE_ACCOUNT ) )
183         {
184             return getCreateAccountPage( page, request );
185         }
186         else
187             if ( StringUtils.equals( strAction, ACTION_VIEW_ACCOUNT ) )
188             {
189                 return getViewAccountPage( page );
190             }
191             else
192                 if ( StringUtils.equals( strAction, ACTION_LOST_PASSWORD ) )
193                 {
194                     return getLostPasswordPage( page );
195                 }
196                 else
197                     if ( StringUtils.equals( strAction, ACTION_LOST_LOGIN ) )
198                     {
199                         return getLostLoginPage( page );
200                     }
201 
202         return getLoginPage( page, request );
203     }
204 
205     /**
206      * Build the Login page
207      * 
208      * @param page
209      *            The XPage object to fill
210      * @param request
211      *            The HTTP request
212      * @return The XPage object containing the page content
213      */
214     private XPage getLoginPage( XPage page, HttpServletRequest request )
215     {
216         Map<String, Object> model = new HashMap<String, Object>( );
217 
218         String strError = request.getParameter( PARAMETER_ERROR );
219         String strErrorMessage = "";
220         String strErrorDetail = "";
221 
222         if ( strError != null )
223         {
224             if ( strError.equals( PARAMETER_ERROR_VALUE_INVALID ) )
225             {
226                 strErrorMessage = AppPropertiesService.getProperty( PROPERTY_MYLUTECE_MESSAGE_INVALID_LOGIN );
227 
228                 if ( request.getParameter( PARAMETER_ERROR_MSG ) != null )
229                 {
230                     strErrorDetail = request.getParameter( PARAMETER_ERROR_MSG );
231                 }
232             }
233             else
234                 if ( strError.equals( PARAMETER_ERROR_CAPTCHA ) )
235                 {
236                     strErrorMessage = I18nService.getLocalizedString( PROPERTY_MYLUTECE_MESSAGE_INVALID_CAPTCHA, request.getLocale( ) );
237                 }
238         }
239 
240         HttpSession session = request.getSession( false );
241         Boolean bEnableCaptcha = Boolean.FALSE;
242 
243         if ( session != null )
244         {
245             bEnableCaptcha = (Boolean) session.getAttribute( PARAMETER_IS_ACTIVE_CAPTCHA );
246 
247             if ( bEnableCaptcha == null )
248             {
249                 bEnableCaptcha = Boolean.FALSE;
250             }
251         }
252 
253         model.put( MARK_ERROR_MESSAGE, strErrorMessage );
254         model.put( MARK_ERROR_DETAIL, strErrorDetail );
255         model.put( MARK_URL_DOLOGIN, getDoLoginUrl( ) );
256         model.put( MARK_AUTH_PROVIDER, request.getParameter( PARAMETER_AUTH_PROVIDER ) );
257         model.put( MARK_IS_ACTIVE_CAPTCHA, bEnableCaptcha );
258 
259         if ( bEnableCaptcha )
260         {
261             CaptchaSecurityService captchaService = new CaptchaSecurityService( );
262             model.put( MARK_CAPTCHA, captchaService.getHtmlCode( ) );
263         }
264 
265         model.put( SecurityTokenService.MARK_TOKEN, SecurityTokenService.getInstance( ).getToken( request, TOKEN_ACTION_LOGIN ) );
266 
267         HtmlTemplate template;
268         model.put( MARK_URL_NEWACCOUNT, SecurityService.getInstance( ).getAuthenticationService( ).getNewAccountPageUrl( ) );
269 
270         if ( SecurityService.getInstance( ).isMultiAuthenticationSupported( ) )
271         {
272             LuteceAuthentication luteceAuthentication = SecurityService.getInstance( ).getAuthenticationService( );
273 
274             if ( luteceAuthentication instanceof MultiLuteceAuthentication )
275             {
276                 model.put( MARK_LIST_AUTHENTICATIONS, ( (MultiLuteceAuthentication) luteceAuthentication ).getListLuteceAuthentication( ) );
277             }
278 
279             template = AppTemplateService.getTemplate( TEMPLATE_LOGIN_MULTI_PAGE, _locale, model );
280         }
281         else
282         {
283             template = AppTemplateService.getTemplate( TEMPLATE_LOGIN_PAGE, _locale, model );
284         }
285 
286         page.setContent( template.getHtml( ) );
287         page.setPathLabel( AppPropertiesService.getProperty( PROPERTY_MYLUTECE_PATHLABEL_LOGIN ) );
288         page.setTitle( AppPropertiesService.getProperty( PROPERTY_MYLUTECE_PAGETITLE_LOGIN ) );
289 
290         return page;
291     }
292 
293     /**
294      * This method is call by the JSP named DoMyLuteceLogin.jsp
295      * 
296      * @param request
297      *            The HTTP request
298      * @return The URL to forward depending of the result of the login.
299      * @throws UnsupportedEncodingException
300      */
301     public String doLogin( HttpServletRequest request ) throws UnsupportedEncodingException
302     {
303         String strUsername = request.getParameter( PARAMETER_USERNAME );
304         String strPassword = request.getParameter( PARAMETER_PASSWORD );
305         String strAuthProvider = request.getParameter( PARAMETER_AUTH_PROVIDER );
306 
307         String strReturn = "../../../../" + getLoginPageUrl( );
308 
309         Boolean bIsCaptchaEnabled = (Boolean) request.getSession( true ).getAttribute( PARAMETER_IS_ACTIVE_CAPTCHA );
310 
311         if ( ( bIsCaptchaEnabled != null ) && bIsCaptchaEnabled )
312         {
313             CaptchaSecurityService captchaService = new CaptchaSecurityService( );
314 
315             if ( !captchaService.validate( request ) )
316             {
317                 strReturn += ( "&" + PARAMETER_ERROR + "=" + PARAMETER_ERROR_CAPTCHA );
318             }
319         }
320 
321         Plugin plugin = PluginService.getPlugin( MyLutecePlugin.PLUGIN_NAME );
322 
323         try
324         {
325             SecurityService.getInstance( ).loginUser( request, strUsername, strPassword );
326         }
327         catch( LoginRedirectException ex )
328         {
329             HttpSession session = request.getSession( false );
330 
331             if ( session != null )
332             {
333                 session.removeAttribute( PARAMETER_IS_ACTIVE_CAPTCHA );
334             }
335 
336             return ex.getRedirectUrl( );
337         }
338         catch( FailedLoginException ex )
339         {
340             // Creating a record of connections log
341             ConnectionLoghentication/logs/ConnectionLog.html#ConnectionLog">ConnectionLog connectionLog = new ConnectionLog( );
342             connectionLog.setIpAddress( SecurityUtil.getRealIp( request ) );
343             connectionLog.setDateLogin( new java.sql.Timestamp( new java.util.Date( ).getTime( ) ) );
344             connectionLog.setLoginStatus( ConnectionLog.LOGIN_DENIED ); // will be inserted only if access denied
345             ConnectionLogHome.addUserLog( connectionLog, plugin );
346 
347             strReturn += ( "&" + PARAMETER_ERROR + "=" + PARAMETER_ERROR_VALUE_INVALID );
348 
349             if ( StringUtils.isNotBlank( strAuthProvider ) )
350             {
351                 strReturn += ( "&" + PARAMETER_AUTH_PROVIDER + "=" + strAuthProvider );
352             }
353 
354             if ( ex.getMessage( ) != null )
355             {
356                 String strMessage = "&" + PARAMETER_ERROR_MSG + "=" + URLEncoder.encode( ex.getMessage( ), "UTF-8" );
357                 strReturn += strMessage;
358             }
359 
360             if ( ex instanceof FailedLoginCaptchaException )
361             {
362                 Boolean bEnableCaptcha = ( (FailedLoginCaptchaException) ex ).isCaptchaEnabled( );
363                 request.getSession( true ).setAttribute( PARAMETER_IS_ACTIVE_CAPTCHA, bEnableCaptcha );
364             }
365 
366             return strReturn;
367         }
368         catch( LoginException ex )
369         {
370             strReturn += ( "&" + PARAMETER_ERROR + "=" + PARAMETER_ERROR_VALUE_INVALID );
371 
372             if ( StringUtils.isNotBlank( strAuthProvider ) )
373             {
374                 strReturn += ( "&" + PARAMETER_AUTH_PROVIDER + "=" + strAuthProvider );
375             }
376 
377             if ( ex.getMessage( ) != null )
378             {
379                 String strMessage = "&" + PARAMETER_ERROR_MSG + "=" + ex.getMessage( );
380                 strReturn += strMessage;
381             }
382 
383             return strReturn;
384         }
385 
386         HttpSession session = request.getSession( false );
387 
388         if ( session != null )
389         {
390             session.removeAttribute( PARAMETER_IS_ACTIVE_CAPTCHA );
391         }
392 
393         String strNextUrl = PortalJspBean.getLoginNextUrl( request );
394         String strCurrentUrl = getCurrentUrl( request );
395 
396         if ( strNextUrl != null )
397         {
398             return strNextUrl;
399         }
400         else
401             if ( strCurrentUrl != null )
402             {
403                 return strCurrentUrl;
404             }
405 
406         return getDefaultRedirectUrl( );
407     }
408 
409     /**
410      * Check if the current user is authenticated
411      * 
412      * @param request
413      *            The request
414      * @return A JSON string containing true in the field result if the user is authenticated
415      */
416     public String isUserAuthenticated( HttpServletRequest request )
417     {
418         AbstractJsonResponse jsonResponse = null;
419 
420         LuteceUser user = null;
421 
422         user = SecurityService.getInstance( ).getRegisteredUser( request );
423 
424         if ( user != null )
425         {
426             jsonResponse = new JsonResponse( Boolean.TRUE );
427         }
428         else
429         {
430             jsonResponse = new JsonResponse( Boolean.FALSE );
431         }
432 
433         return JsonUtil.buildJsonResponse( jsonResponse );
434     }
435 
436     /**
437      * Returns the Login page URL of the Authentication Service
438      * 
439      * @return The URL
440      */
441     public static String getLoginPageUrl( )
442     {
443         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_LOGIN_PAGE_URL );
444     }
445 
446     /**
447      * Returns the DoLogin URL of the Authentication Service
448      * 
449      * @return The URL
450      */
451     public static String getDoLoginUrl( )
452     {
453         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_DOLOGIN_URL );
454     }
455 
456     /**
457      * Returns the DoLogout URL of the Authentication Service
458      * 
459      * @return The URL
460      */
461     public static String getDoLogoutUrl( )
462     {
463         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_DOLOGOUT_URL );
464     }
465 
466     /**
467      * Returns the NewAccount URL of the Authentication Service
468      * 
469      * @return The URL
470      */
471     public static String getNewAccountUrl( )
472     {
473         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_CREATE_ACCOUNT_URL );
474     }
475 
476     /**
477      * Returns the ViewAccount URL of the Authentication Service
478      * 
479      * @return The URL
480      */
481     public static String getViewAccountUrl( )
482     {
483         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_VIEW_ACCOUNT_URL );
484     }
485 
486     /**
487      * Returns the Lost Password URL of the Authentication Service
488      * 
489      * @return The URL
490      */
491     public static String getLostPasswordUrl( )
492     {
493         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_LOST_PASSWORD_URL );
494     }
495 
496     /**
497      * Returns the Lost login URL of the Authentication Service
498      * 
499      * @return The URL
500      */
501     public static String getLostLoginUrl( )
502     {
503         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_LOST_LOGIN_URL );
504     }
505 
506     /**
507      * Returns the Reset Password URL of the Authentication Service
508      * 
509      * @param request
510      *            The request
511      * @return The URL
512      */
513     public static String getResetPasswordUrl( HttpServletRequest request )
514     {
515         return AppPathService.getBaseUrl( request ) + AppPropertiesService.getProperty( PROPERTY_MYLUTECE_RESET_PASSWORD_URL );
516     }
517 
518     /**
519      * Returns the Default redirect URL of the Authentication Service
520      * 
521      * @return The URL
522      */
523     public static String getDefaultRedirectUrl( )
524     {
525         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_DEFAULT_REDIRECT_URL );
526     }
527 
528     /**
529      * This method is call by the JSP named DoMyLuteceLogout.jsp
530      * 
531      * @param request
532      *            The HTTP request
533      * @return The URL to forward depending of the result of the login.
534      */
535     public String doLogout( HttpServletRequest request )
536     {
537         SecurityService.getInstance( ).logoutUser( request );
538 
539         return getDefaultRedirectUrl( );
540     }
541 
542     /**
543      * Build the CreateAccount page
544      * 
545      * @param page
546      *            The XPage object to fill
547      * @param request
548      *            the request
549      * @return The XPage object containing the page content
550      */
551     private XPage getCreateAccountPage( XPage page, HttpServletRequest request )
552     {
553         Map<String, Object> model = new HashMap<String, Object>( );
554 
555         if ( SecurityService.getInstance( ).isMultiAuthenticationSupported( ) )
556         {
557             model.put( MARK_LIST_AUTHENTICATIONS,
558                     ( (MultiLuteceAuthentication) SecurityService.getInstance( ).getAuthenticationService( ) ).getListLuteceAuthentication( ) );
559         }
560 
561         HtmlTemplate t = AppTemplateService.getTemplate( TEMPLATE_CREATE_ACCOUNT_PAGE, _locale, model );
562         page.setContent( t.getHtml( ) );
563         // page.setPathLabel( "Create Account" );
564         // page.setTitle( "Create Account" );
565         page.setPathLabel( I18nService.getLocalizedString( PROPERTY_CREATE_ACCOUNT_LABEL, _locale ) );
566         page.setTitle( I18nService.getLocalizedString( PROPERTY_CREATE_ACCOUNT_TITLE, _locale ) );
567 
568         return page;
569     }
570 
571     /**
572      * Build the ViewAccount page
573      * 
574      * @param page
575      *            The XPage object to fill
576      * @return The XPage object containing the page content
577      */
578     private XPage getViewAccountPage( XPage page )
579     {
580         HtmlTemplate t = AppTemplateService.getTemplate( TEMPLATE_VIEW_ACCOUNT_PAGE, _locale );
581         page.setContent( t.getHtml( ) );
582         // page.setPathLabel( "View Account" );
583         // page.setTitle( "View Account" );
584         page.setPathLabel( I18nService.getLocalizedString( PROPERTY_VIEW_ACCOUNT_LABEL, _locale ) );
585         page.setTitle( I18nService.getLocalizedString( PROPERTY_VIEW_ACCOUNT_TITLE, _locale ) );
586 
587         return page;
588     }
589 
590     /**
591      * Build the default Lost password page
592      * 
593      * @param page
594      *            The XPage object to fill
595      * @return The XPage object containing the page content
596      */
597     private XPage getLostPasswordPage( XPage page )
598     {
599         HtmlTemplate t = AppTemplateService.getTemplate( TEMPLATE_LOST_PASSWORD_PAGE, _locale );
600         page.setContent( t.getHtml( ) );
601         // page.setPathLabel( "Lost password" );
602         // page.setTitle( "Lost password" );
603         page.setPathLabel( I18nService.getLocalizedString( PROPERTY_LOST_PASSWORD_LABEL, _locale ) );
604         page.setTitle( I18nService.getLocalizedString( PROPERTY_LOST_PASSWORD_TITLE, _locale ) );
605 
606         return page;
607     }
608 
609     /**
610      * Build the default Lost password page
611      * 
612      * @param page
613      *            The XPage object to fill
614      * @return The XPage object containing the page content
615      */
616     private XPage getLostLoginPage( XPage page )
617     {
618         HtmlTemplate t = AppTemplateService.getTemplate( TEMPLATE_LOST_LOGIN_PAGE, _locale );
619         page.setContent( t.getHtml( ) );
620         page.setPathLabel( I18nService.getLocalizedString( PROPERTY_LOST_LOGIN_LABEL, _locale ) );
621         page.setTitle( I18nService.getLocalizedString( PROPERTY_LOST_LOGIN_TITLE, _locale ) );
622 
623         return page;
624     }
625 
626     /**
627      * Returns the template for access denied
628      * 
629      * @return The template path
630      */
631     public static String getAccessDeniedTemplate( )
632     {
633         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_TEMPLATE_ACCESS_DENIED );
634     }
635 
636     /**
637      * Returns the template for access controled
638      * 
639      * @return The template path
640      */
641     public static String getAccessControledTemplate( )
642     {
643         return AppPropertiesService.getProperty( PROPERTY_MYLUTECE_TEMPLATE_ACCESS_CONTROLED );
644     }
645 
646     /**
647      * Reset the connection log of an IP.
648      * 
649      * @param request
650      *            The request
651      * @return The URL of the next page to display
652      */
653     public String doResetConnectionLog( HttpServletRequest request )
654     {
655         String strIp = request.getParameter( PARAMETER_IP );
656         String strDateLogin = request.getParameter( PARAMETER_DATE_LOGIN );
657         String strInterval = request.getParameter( PARAMETER_INTERVAL );
658         String strKey = request.getParameter( PARAMETER_KEY );
659 
660         if ( StringUtils.isNotBlank( strIp ) && StringUtils.isNotBlank( strDateLogin ) && StringUtils.isNotBlank( strKey )
661                 && StringUtils.isNotBlank( strInterval ) )
662         {
663             String strCryptoKey = CryptoService.getCryptoKey( );
664             String strComputedKey = CryptoService.encrypt( strIp + strDateLogin + strInterval + strCryptoKey,
665                     AppPropertiesService.getProperty( PROPERTY_DEFAULT_ENCRYPTION_ALGORITHM, CONSTANT_DEFAULT_ENCRYPTION_ALGORITHM ) );
666 
667             if ( StringUtils.equals( strKey, strComputedKey ) )
668             {
669                 Plugin plugin = PluginService.getPlugin( MyLutecePlugin.PLUGIN_NAME );
670                 ConnectionLogHome.resetConnectionLogs( strIp, new Timestamp( Long.parseLong( strDateLogin ) ), Integer.parseInt( strInterval ), plugin );
671             }
672         }
673 
674         return "../../../../" + getLoginPageUrl( );
675     }
676 
677     /**
678      * Returns the current url
679      * 
680      * @param request
681      *            The Http request
682      * @return The current url
683      * 
684      */
685     public static String getCurrentUrl( HttpServletRequest request )
686     {
687         HttpSession session = request.getSession( );
688         String strNextUrl = (String) session.getAttribute( ATTRIBUTE_CURRENT_URL );
689 
690         return strNextUrl;
691     }
692 
693     /**
694      * Set the current url
695      * 
696      * @param request
697      *            The Http request
698      * 
699      */
700     public static void setCurrentUrl( HttpServletRequest request )
701     {
702         String strCurrentUrl = request.getRequestURI( );
703         UrlItem url = new UrlItem( strCurrentUrl );
704         Enumeration enumParams = request.getParameterNames( );
705 
706         while ( enumParams.hasMoreElements( ) )
707         {
708             String strParamName = (String) enumParams.nextElement( );
709             url.addParameter( strParamName, request.getParameter( strParamName ) );
710         }
711 
712         HttpSession session = request.getSession( true );
713         session.setAttribute( ATTRIBUTE_CURRENT_URL, url.getUrl( ) );
714     }
715 }