From 3d092470296e456f1d5e5e05c4a56ae376639696 Mon Sep 17 00:00:00 2001
From: Scott Battaglia <scott.battaglia@gmail.com>
Date: Wed, 6 Aug 2008 14:45:22 +0000
Subject: [PATCH] CASC-58

allow to determine gateway features potentially via alternate methods
---
 .../authentication/AuthenticationFilter.java  | 40 ++++++++++++-------
 .../DefaultGatewayResolverImpl.java           | 33 +++++++++++++++
 .../authentication/GatewayResolver.java       | 38 ++++++++++++++++++
 .../AuthenticationFilterTests.java            |  4 +-
 4 files changed, 99 insertions(+), 16 deletions(-)
 create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/authentication/DefaultGatewayResolverImpl.java
 create mode 100644 cas-client-core/src/main/java/org/jasig/cas/client/authentication/GatewayResolver.java

diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java
index 4ff2087..06c2ede 100644
--- a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/AuthenticationFilter.java
@@ -38,8 +38,6 @@ import java.io.IOException;
  */
 public class AuthenticationFilter extends AbstractCasFilter {
 
-    public static final String CONST_CAS_GATEWAY = "_const_cas_gateway_";
-
     /**
      * The URL to the CAS Server login.
      */
@@ -54,6 +52,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
      * Whether to send the gateway request or not.
      */
     private boolean gateway = false;
+    
+    private GatewayResolver gatewayStorage = new DefaultGatewayResolverImpl();
 
     protected void initInternal(final FilterConfig filterConfig) throws ServletException {
         super.initInternal(filterConfig);
@@ -63,6 +63,17 @@ public class AuthenticationFilter extends AbstractCasFilter {
         log.trace("Loaded renew parameter: " + this.renew);
         setGateway(Boolean.parseBoolean(getPropertyFromInitParams(filterConfig, "gateway", "false")));
         log.trace("Loaded gateway parameter: " + this.gateway);
+        
+        final String gatewayStorageClass = getPropertyFromInitParams(filterConfig, "gatewayStorageClass", null);
+        
+        if (gatewayStorageClass != null) {
+        	try {
+        		this.gatewayStorage = (GatewayResolver) Class.forName(gatewayStorageClass).newInstance();
+        	} catch (final Exception e) {
+        		log.error(e,e);
+        		throw new ServletException(e);
+        	}
+        }
     }
 
     public void init() {
@@ -75,25 +86,27 @@ public class AuthenticationFilter extends AbstractCasFilter {
         final HttpServletResponse response = (HttpServletResponse) servletResponse;
         final HttpSession session = request.getSession(false);
         final String ticket = request.getParameter(getArtifactParameterName());
+        final String serviceUrl = constructServiceUrl(request, response);
         final Assertion assertion = session != null ? (Assertion) session
                 .getAttribute(CONST_CAS_ASSERTION) : null;
-        final boolean wasGatewayed = session != null
-                && session.getAttribute(CONST_CAS_GATEWAY) != null;
+        final boolean wasGatewayed = this.gatewayStorage.hasGatewayedAlready(request, serviceUrl);
 
         if (CommonUtils.isBlank(ticket) && assertion == null && !wasGatewayed) {
+        	final String modifiedServiceUrl;
+        	
             log.debug("no ticket and no assertion found");
             if (this.gateway) {
                 log.debug("setting gateway attribute in session");
-                request.getSession(true).setAttribute(CONST_CAS_GATEWAY, "yes");
+                modifiedServiceUrl = this.gatewayStorage.storeGatewayInformation(request, serviceUrl);
+            } else {
+            	modifiedServiceUrl = serviceUrl;
             }
-
-            final String serviceUrl = constructServiceUrl(request, response);
             
             if (log.isDebugEnabled()) {
-            	log.debug("Constructed service url: " + serviceUrl);
+            	log.debug("Constructed service url: " + modifiedServiceUrl);
             }
             
-            final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), serviceUrl, this.renew, this.gateway);
+            final String urlToRedirectTo = CommonUtils.constructRedirectUrl(this.casServerLoginUrl, getServiceParameterName(), modifiedServiceUrl, this.renew, this.gateway);
 
             if (log.isDebugEnabled()) {
                 log.debug("redirecting to \"" + urlToRedirectTo + "\"");
@@ -103,11 +116,6 @@ public class AuthenticationFilter extends AbstractCasFilter {
             return;
         }
 
-        if (session != null) {
-            log.debug("removing gateway attribute from session");
-            session.setAttribute(CONST_CAS_GATEWAY, null);
-        }
-
         filterChain.doFilter(request, response);
     }
 
@@ -122,4 +130,8 @@ public class AuthenticationFilter extends AbstractCasFilter {
     public final void setCasServerLoginUrl(final String casServerLoginUrl) {
         this.casServerLoginUrl = casServerLoginUrl;
     }
+    
+    public final void setGatewayStorage(final GatewayResolver gatewayStorage) {
+    	this.gatewayStorage = gatewayStorage;
+    }
 }
diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/DefaultGatewayResolverImpl.java b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/DefaultGatewayResolverImpl.java
new file mode 100644
index 0000000..73370fa
--- /dev/null
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/DefaultGatewayResolverImpl.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2007 The JA-SIG Collaborative. All rights reserved. See license
+ * distributed with this file and available online at
+ * http://www.ja-sig.org/products/cas/overview/license/index.html
+ */
+package org.jasig.cas.client.authentication;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
+
+public final class DefaultGatewayResolverImpl implements GatewayResolver {
+	
+    public static final String CONST_CAS_GATEWAY = "_const_cas_gateway_";
+
+	public boolean hasGatewayedAlready(final HttpServletRequest request,
+			final String serviceUrl) {
+		final HttpSession session = request.getSession(false);
+		
+		if (session == null) {
+			return false;
+		}
+		
+		final boolean result = session.getAttribute(CONST_CAS_GATEWAY) != null;
+		session.removeAttribute(CONST_CAS_GATEWAY);
+		return result;
+	}
+
+	public String storeGatewayInformation(final HttpServletRequest request,
+			final String serviceUrl) {
+		request.getSession(true).setAttribute(CONST_CAS_GATEWAY, "yes");
+		return serviceUrl;
+	}
+}
diff --git a/cas-client-core/src/main/java/org/jasig/cas/client/authentication/GatewayResolver.java b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/GatewayResolver.java
new file mode 100644
index 0000000..b0c0fa7
--- /dev/null
+++ b/cas-client-core/src/main/java/org/jasig/cas/client/authentication/GatewayResolver.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2007 The JA-SIG Collaborative. All rights reserved. See license
+ * distributed with this file and available online at
+ * http://www.ja-sig.org/products/cas/overview/license/index.html
+ */
+package org.jasig.cas.client.authentication;
+
+import javax.servlet.http.HttpServletRequest;
+
+/**
+ * Implementations of this should only have a default constructor if
+ * you plan on constructing them via the web.xml.
+ * 
+ * @author Scott Battaglia
+ * @version $Revision$
+ * @since 1.0
+ *
+ */
+public interface GatewayResolver {
+
+	/**
+	 * Determines if the request has  been gatewayed already.  Should also do gateway clean up.
+	 * 
+	 * @param request the Http Servlet Request
+	 * @param serviceUrl the service url
+	 * @return true if yes, false otherwise.
+	 */
+	boolean hasGatewayedAlready(HttpServletRequest request, String serviceUrl);
+	
+	/**
+	 * Storage the request for gatewaying and return the service url, which can be modified.
+	 * 
+	 * @param request the HttpServletRequest.
+	 * @param serviceUrl the service url
+	 * @return the potentially modified service url to redirect to
+	 */
+	String storeGatewayInformation(HttpServletRequest request, String serviceUrl);
+}
diff --git a/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java b/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java
index 2f80577..ad25aa1 100644
--- a/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java
+++ b/cas-client-core/src/test/java/org/jasig/cas/client/authentication/AuthenticationFilterTests.java
@@ -156,12 +156,12 @@ public final class AuthenticationFilterTests extends TestCase {
         this.filter.setRenew(true);
         this.filter.setGateway(true);
         this.filter.doFilter(request, response, filterChain);
-        assertNotNull(session.getAttribute(AuthenticationFilter.CONST_CAS_GATEWAY));
+        assertNotNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY));
         assertNotNull(response.getRedirectedUrl());
 
         final MockHttpServletResponse response2 = new MockHttpServletResponse();
         this.filter.doFilter(request, response2, filterChain);
-        assertNull(session.getAttribute(AuthenticationFilter.CONST_CAS_GATEWAY));
+        assertNull(session.getAttribute(DefaultGatewayResolverImpl.CONST_CAS_GATEWAY));
         assertNull(response2.getRedirectedUrl());
     }
 }