Skip to content

Commit

Permalink
Update LoginController to have support for post and get
Browse files Browse the repository at this point in the history
  • Loading branch information
haynescd committed Jan 17, 2024
1 parent 9df04db commit 0ceeb23
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 13 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -36,11 +36,6 @@
@ConditionalOnProperty(value = "authenticate", havingValue = "oauth2")
public class OAuth2SecurityConfig {

// TODO - add this to portal.properties.EXAMPLE
// TODO - discuss changing this to /logout (Spring Security default) with Aaron
@Value("${oauth2.logout.url:/logout}")
private String logoutUrl;

@Value("${spring.security.oauth2.client.jwt-roles-path:resource_access::cbioportal::roles}")
private String jwtRolesPath;

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,8 @@
@EnableWebSecurity
@ConditionalOnProperty(value = "authenticate", havingValue = "saml")
public class Saml2SecurityConfig {

private static final String LOGOUT_URL = "/logout";

@Autowired(required = false)
private RelyingPartyRegistrationRepository relyingPartyRegistrationRepository;
Expand Down Expand Up @@ -65,7 +67,7 @@ public SecurityFilterChain samlFilterChain(HttpSecurity http) throws Exception {
// described at https://docs.spring.io/spring-security/reference/6.1/servlet/saml2/logout.html
// Logout Service POST Binding URL: http://localhost:8080/logout/saml2/slo
.logout(logout -> logout
.logoutUrl("/logout")
.logoutUrl(LOGOUT_URL)
.logoutSuccessHandler(logoutSuccessHandler())
)
.build();
Expand Down
24 changes: 17 additions & 7 deletions src/main/java/org/cbioportal/web/LoginPageController.java
Original file line number Diff line number Diff line change
Expand Up @@ -15,8 +15,8 @@
import org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;

import java.util.Arrays;
import java.util.HashMap;
Expand All @@ -37,10 +37,21 @@ public class LoginPageController {
@Value("${authenticate}")
private String authenticate;

@RequestMapping(method = {RequestMethod.GET, RequestMethod.POST}, value = "/login", produces = MediaType.APPLICATION_JSON_VALUE)
public String showLoginPage(HttpServletRequest request, Authentication authentication, Model model) {
@PostMapping(value = "/login", produces = MediaType.APPLICATION_JSON_VALUE)
public String showLoginPagePost(HttpServletRequest request, Authentication authentication, Model model) {
populateModel(request, model);
return "login";
}

@GetMapping(value = "/login", produces = MediaType.APPLICATION_JSON_VALUE)
public String showLoginPage(HttpServletRequest request, Authentication authentication, Model model){
populateModel(request, model);
return "login";
}

private void populateModel(HttpServletRequest request, Model model) {
Map<String, String> oauth2AuthenticationUrls = getOauth2AuthenticationUrls();

model.addAttribute("oauth_urls", oauth2AuthenticationUrls);

model.addAttribute("skin_title", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.skin_title));
Expand All @@ -52,8 +63,7 @@ public String showLoginPage(HttpServletRequest request, Authentication authentic
model.addAttribute("login_error", request.getParameterMap().containsKey("logout_failure"));
model.addAttribute("show_saml", frontendPropertiesService.getFrontendProperty(FrontendPropertiesServiceImpl.FrontendProperty.authenticationMethod).equals("saml"));
model.addAttribute("show_google", Arrays.asList(authenticate).contains("social_auth") || Arrays.asList(authenticate).contains("social_auth_google") );
model.addAttribute("show_microsoft", Arrays.asList(authenticate).contains("social_auth_microsoft"));
return "login";
model.addAttribute("show_microsoft", Arrays.asList(authenticate).contains("social_auth_microsoft"));
}

private Map<String, String> getOauth2AuthenticationUrls() {
Expand Down

0 comments on commit 0ceeb23

Please sign in to comment.