Skip to content

Commit 082bd8a

Browse files
committed
Fix LoginResource
1 parent 6f4c168 commit 082bd8a

5 files changed

Lines changed: 66 additions & 19 deletions

File tree

knowage-core/src/main/java/it/eng/spagobi/commons/services/LoginConfigResource.java

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,8 +42,8 @@ public Response getLoginConfig(@Context HttpServletRequest req) {
4242
item.put("defaultLanguage", config.getConfigValue("SPAGOBI.LANGUAGE_SUPPORTED.LANGUAGE.default"));
4343
item.put("oauth2FlowType", oauth2FlowType);
4444

45-
item.put("JWT_LABEL", System.getProperty("JWT_LABEL", System.getenv("JWT_LABEL")));
46-
item.put("JWT_SESSION_STORAGE", System.getProperty("JWT_SESSION_STORAGE", System.getenv("JWT_SESSION_STORAGE")));
45+
item.put("jwtLabel", System.getProperty("JWT_LABEL", System.getenv("JWT_LABEL")));
46+
item.put("jwtSessionStorage", System.getProperty("JWT_SESSION_STORAGE", System.getenv("JWT_SESSION_STORAGE")));
4747

4848
if (oauth2FlowType != null && !oauth2FlowType.equalsIgnoreCase("NONE")) {
4949
OAuth2Config oauth2Config = OAuth2Config.getInstance();

knowage-core/src/main/java/it/eng/spagobi/commons/services/LoginResource.java

Lines changed: 16 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -63,6 +63,7 @@
6363
import it.eng.spagobi.commons.utilities.TOTPService;
6464
import it.eng.spagobi.commons.utilities.UserUtilities;
6565
import it.eng.spagobi.commons.utilities.messages.MessageBuilder;
66+
import it.eng.spagobi.utilities.rest.RestUtilities;
6667
import it.eng.spagobi.profiling.bean.SbiUser;
6768
import it.eng.spagobi.profiling.dao.ISbiUserDAO;
6869
import it.eng.spagobi.security.InternalSecurityServiceSupplierImpl;
@@ -331,12 +332,23 @@ public Response verifyMfaCode(@Context HttpServletRequest req, Map<String, Strin
331332
@POST
332333
@Path("/oauth2")
333334
@PublicService
334-
public Response loginOAuth2(@Context HttpServletRequest req) throws Exception {
335+
public Response loginOAuth2(@Context HttpServletRequest req, Map<String, String> payload) throws Exception {
335336

336337
IKnowageMonitor monitor = KnowageMonitorFactory.getInstance().start("knowage.login.oauth2.authentication");
337338

338339
try {
339-
return performOAuth2Login(req, monitor, true);
340+
341+
// Store payload as request attribute if present
342+
if (payload != null) {
343+
String jwtLabel = System.getProperty("JWT_LABEL", System.getenv("JWT_LABEL"));
344+
req.setAttribute(jwtLabel, payload.get(jwtLabel));
345+
}
346+
347+
// Check JWT_SESSION_STORAGE variable
348+
String jwtSessionStorage = System.getProperty("JWT_SESSION_STORAGE", System.getenv("JWT_SESSION_STORAGE"));
349+
boolean requiresRedirect = StringUtils.isBlank(jwtSessionStorage);
350+
351+
return performOAuth2Login(req, monitor, requiresRedirect);
340352
} catch (Exception e) {
341353
logger.error("Unexpected error during OAuth2 login", e);
342354
monitor.stop(e);
@@ -863,8 +875,8 @@ private Response completeLogin(HttpServletRequest req, IEngUserProfile profile,
863875
}
864876

865877
if (requiresRedirect) {
866-
URI redirectUri = URI
867-
.create(System.getProperty("JWT_KNOWAGE_VUE", System.getenv("JWT_KNOWAGE_VUE")) + "login?authToken=" + profile.getUserUniqueIdentifier());
878+
String origin = RestUtilities.getOrigin(req);
879+
URI redirectUri = URI.create(origin + "/knowage-vue/login?authToken=" + profile.getUserUniqueIdentifier());
868880
return Response.seeOther(redirectUri).build();
869881
} else {
870882
Object idToken = req.getAttribute(Oauth2SsoService.ID_TOKEN);

knowage/src/main/webapp/index.jsp

Lines changed: 10 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,17 @@
11
<%--
22
Knowage, Open Source Business Intelligence suite
33
Copyright (C) 2016 Engineering Ingegneria Informatica S.p.A.
4-
4+
55
Knowage is free software: you can redistribute it and/or modify
66
it under the terms of the GNU Affero General Public License as published by
77
the Free Software Foundation, either version 3 of the License, or
88
(at your option) any later version.
9-
9+
1010
Knowage is distributed in the hope that it will be useful,
1111
but WITHOUT ANY WARRANTY; without even the implied warranty of
1212
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
1313
GNU Affero General Public License for more details.
14-
14+
1515
You should have received a copy of the GNU Affero General Public License
1616
along with this program. If not, see <http://www.gnu.org/licenses/>.
1717
--%>
@@ -20,13 +20,12 @@ along with this program. If not, see <http://www.gnu.org/licenses/>.
2020
extends="it.eng.spago.dispatching.httpchannel.AbstractHttpJspPage"
2121
contentType="text/html; charset=UTF-8"
2222
pageEncoding="UTF-8"
23-
session="true" %>
24-
<%@page import="it.eng.spagobi.commons.utilities.ChannelUtilities"%>
25-
26-
<%
27-
//default url
28-
String contextName = ChannelUtilities.getSpagoBIContextName(request);
29-
String queryString = request.getQueryString(); // get query string with eventual parameters to propagate them
30-
String redirectURL = contextName + "/servlet/AdapterHTTP?PAGE=LoginPage&NEW_SESSION=TRUE" + (queryString != null ? "&" + queryString : "");
23+
session="true"
24+
import="it.eng.spagobi.utilities.rest.RestUtilities" %>
25+
26+
<%
27+
String origin = RestUtilities.getOrigin(request);
28+
String queryString = request.getQueryString();
29+
String redirectURL = origin + "/knowage-vue/login" + (queryString != null ? "?" + queryString : "");
3130
response.sendRedirect(redirectURL);
3231
%>

knowageutils/src/main/java/it/eng/spagobi/services/common/GenericJWTSsoService.java

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -164,9 +164,24 @@ private String getJWT(HttpServletRequest request) throws Exception {
164164
}
165165

166166
private String getJWTFromLabel(HttpServletRequest request, String jwtLabel) {
167-
return request.getHeader(jwtLabel) == null ? request.getParameter(jwtLabel) : request.getHeader(jwtLabel);
167+
// Check header first
168+
String token = request.getHeader(jwtLabel);
169+
if (token != null) {
170+
return token;
171+
}
172+
173+
// Check GET/POST form parameters
174+
token = request.getParameter(jwtLabel);
175+
if (token != null) {
176+
return token;
177+
}
178+
179+
// Check request attribute (set by loginOAuth2 for POST with payload)
180+
token = (String) request.getAttribute(jwtLabel);
181+
return token;
168182
}
169183

184+
170185
private String getJWTFromURL(HttpServletRequest request, String jwtURLMethod) {
171186

172187
try {

knowageutils/src/main/java/it/eng/spagobi/utilities/rest/RestUtilities.java

Lines changed: 22 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -546,4 +546,25 @@ public static void checkIfAddressIsInWhitelist(String address) {
546546
} catch (MalformedURLException e) {
547547
throw new SpagoBIRuntimeException("Invalid URL format: " + address, e);
548548
}
549-
}}
549+
}
550+
551+
/**
552+
* Calculates the origin (scheme + host + port) from the HttpServletRequest.
553+
* The port is included only if it's not the default port for the scheme (80 for HTTP, 443 for HTTPS).
554+
*
555+
* @param request the HttpServletRequest
556+
* @return the origin URL (e.g., http://localhost:8080 or https://example.com)
557+
*/
558+
public static String getOrigin(HttpServletRequest request) {
559+
String scheme = request.getScheme();
560+
String serverName = request.getServerName();
561+
int serverPort = request.getServerPort();
562+
563+
String origin = scheme + "://" + serverName;
564+
if ((scheme.equals("http") && serverPort != 80) || (scheme.equals("https") && serverPort != 443)) {
565+
origin += ":" + serverPort;
566+
}
567+
568+
return origin;
569+
}
570+
}

0 commit comments

Comments
 (0)