Skip to content

Commit 654d411

Browse files
committed
Enabled login with JWT with SSO parameter is false
1 parent c9d2253 commit 654d411

2 files changed

Lines changed: 11 additions & 4 deletions

File tree

knowage-core/src/main/java/it/eng/spagobi/commons/filters/ProfileFilter.java

Lines changed: 10 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,7 @@
4949
import it.eng.spagobi.commons.services.LoginModule;
5050
import it.eng.spagobi.commons.utilities.ChannelUtilities;
5151
import it.eng.spagobi.commons.utilities.GeneralUtilities;
52+
import it.eng.spagobi.services.common.GenericJWTSsoService;
5253
import it.eng.spagobi.services.common.SsoServiceFactory;
5354
import it.eng.spagobi.services.common.SsoServiceInterface;
5455
import it.eng.spagobi.services.security.bo.SpagoBIUserProfile;
@@ -120,11 +121,17 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha
120121
if (ChannelUtilities.isWebRunning() && !GeneralUtilities.isSSOEnabled()) {
121122
// case of installation as web application without SSO
122123
try {
123-
userId = getUserIdInWebModeWithoutSSO(httpRequest);
124+
String jwtLabel = System.getProperty("JWT_LABEL", System.getenv("JWT_LABEL"));
125+
if (jwtLabel != null && request.getParameter(jwtLabel) != null) {
126+
GenericJWTSsoService genericJWTSsoService = new GenericJWTSsoService();
127+
userId = genericJWTSsoService.readUserIdentifier(httpRequest);
128+
} else {
129+
userId = getUserIdInWebModeWithoutSSO(httpRequest);
130+
}
124131
} catch (Exception e) {
125132
LOGGER.error("Error authenticating user", e);
126-
httpRequest.getRequestDispatcher("/WEB-INF/jsp/commons/silentLoginFailed.jsp")
127-
.forward(request, response);
133+
// httpRequest.getRequestDispatcher("/WEB-INF/jsp/commons/silentLoginFailed.jsp").forward(request, response);
134+
httpResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED);
128135
return;
129136
}
130137
} else {

knowageutils/src/main/java/it/eng/spagobi/services/common/GenericJWTSsoService.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -84,7 +84,7 @@ private DecodedJWT verifyToken(String token) {
8484

8585
private DecodedJWT verifyTokenBySignature(String token, String signature) throws Exception {
8686
Algorithm algorithmInputTocken = Algorithm.HMAC256(signature);
87-
JWTVerifier verifier = JWT.require(algorithmInputTocken).build();
87+
JWTVerifier verifier = JWT.require(algorithmInputTocken).withIssuer(System.getProperty("JWT_ISSUER", System.getenv("JWT_ISSUER"))).build();
8888
return verifier.verify(token);
8989
}
9090

0 commit comments

Comments
 (0)