UY-1204: refactor oauth servlet redirect into broswer based redirect.

Author: rkrysinski

oauth/src/main/java/pl/edu/icm/unity/oauth/as/webauthz/OAuthAuthzUI.java

@@ -35,6 +35,7 @@
 import pl.edu.icm.unity.engine.api.idp.IdPEngine;
 import pl.edu.icm.unity.engine.api.policyAgreement.PolicyAgreementManagement;
 import pl.edu.icm.unity.engine.api.translation.out.TranslationResult;
+import pl.edu.icm.unity.engine.api.utils.FreemarkerAppHandler;
 import pl.edu.icm.unity.exceptions.EngineException;
 import pl.edu.icm.unity.oauth.as.OAuthASProperties;
 import pl.edu.icm.unity.oauth.as.OAuthAuthzContext;
@@ -84,6 +85,7 @@ public class OAuthAuthzUI extends UnityEndpointUIBase
 	private IdentityParam identity;
 	private ObjectFactory<PolicyAgreementScreen> policyAgreementScreenObjectFactory;
 	private final OAuthIdpStatisticReporterFactory idpStatisticReporterFactory;
+	private final FreemarkerAppHandler freemarkerHandler;
 
 	@Autowired
 	public OAuthAuthzUI(MessageSource msg,
@@ -98,7 +100,8 @@ public OAuthAuthzUI(MessageSource msg,
 			OAuthSessionService oauthSessionService,
 			PolicyAgreementManagement policyAgreementsMan,
 			ObjectFactory<PolicyAgreementScreen> policyAgreementScreenObjectFactory,
-			OAuthIdpStatisticReporterFactory idpStatisticReporterFactory
+			OAuthIdpStatisticReporterFactory idpStatisticReporterFactory,
+			FreemarkerAppHandler freemarkerHandler
 			)
 	{
 		super(msg, enquiryDialogLauncher);
@@ -114,6 +117,7 @@ public OAuthAuthzUI(MessageSource msg,
 		this.policyAgreementsMan = policyAgreementsMan;
 		this.policyAgreementScreenObjectFactory = policyAgreementScreenObjectFactory;
 		this.idpStatisticReporterFactory = idpStatisticReporterFactory;
+		this.freemarkerHandler = freemarkerHandler;
 	}
 
 	@Override
@@ -238,7 +242,8 @@ private void showActiveValueSelectionScreen(ActiveValueSelectionConfig config)
 
 	private TranslationResult getTranslationResult(OAuthAuthzContext ctx) throws EopException
 	{
-		oauthResponseHandler = new OAuthResponseHandler(oauthSessionService, idpStatisticReporterFactory.getForEndpoint(endpointDescription.getEndpoint()));
+		oauthResponseHandler = new OAuthResponseHandler(oauthSessionService, 
+				idpStatisticReporterFactory.getForEndpoint(endpointDescription.getEndpoint()), freemarkerHandler);
 		try
 		{
 			return idpEngine.getUserInfo(ctx);

oauth/src/main/java/pl/edu/icm/unity/oauth/as/webauthz/OAuthAuthzWebEndpoint.java

@@ -92,12 +92,18 @@ public class OAuthAuthzWebEndpoint extends VaadinEndpoint
 	private OAuthASProperties oauthProperties;
 
 	@Autowired
-	public OAuthAuthzWebEndpoint(NetworkServer server, ApplicationContext applicationContext,
-			FreemarkerAppHandler freemarkerHandler, @Qualifier("insecure") EntityManagement identitiesManagement,
-			@Qualifier("insecure") AttributesManagement attributesManagement, PKIManagement pkiManagement,
-			OAuthEndpointsCoordinator coordinator, ASConsentDeciderServletFactory dispatcherServletFactory,
-			AdvertisedAddressProvider advertisedAddrProvider, MessageSource msg,
-			RemoteRedirectedAuthnResponseProcessingFilter remoteAuthnResponseProcessingFilter, OAuthIdpStatisticReporterFactory idpReporterFactory)
+	public OAuthAuthzWebEndpoint(NetworkServer server,
+			ApplicationContext applicationContext,
+			FreemarkerAppHandler freemarkerHandler,
+			@Qualifier("insecure") EntityManagement identitiesManagement,
+			@Qualifier("insecure") AttributesManagement attributesManagement,
+			PKIManagement pkiManagement,
+			OAuthEndpointsCoordinator coordinator,
+			ASConsentDeciderServletFactory dispatcherServletFactory,
+			AdvertisedAddressProvider advertisedAddrProvider,
+			MessageSource msg,
+			RemoteRedirectedAuthnResponseProcessingFilter remoteAuthnResponseProcessingFilter,
+			OAuthIdpStatisticReporterFactory idpReporterFactory)
 	{
 		super(server, advertisedAddrProvider, msg, applicationContext, OAuthAuthzUI.class.getSimpleName(),
 				OAUTH_UI_SERVLET_PATH, remoteAuthnResponseProcessingFilter);
@@ -188,7 +194,8 @@ protected ServletContextHandler getServletContextHandlerOverridable()
 				getBootstrapHandler4Authn(OAUTH_ROUTING_SERVLET_PATH));
 
 		OAuthCancelHandler oAuthCancelHandler = new OAuthCancelHandler(
-				new OAuthResponseHandler(oauthSessionService, idpReporterFactory.getForEndpoint(description.getEndpoint())));
+				new OAuthResponseHandler(oauthSessionService, 
+						idpReporterFactory.getForEndpoint(description.getEndpoint()), freemarkerHandler));
 		authenticationServlet.setCancelHandler(oAuthCancelHandler);
 
 		ServletHolder authnServletHolder = createVaadinServletHolder(authenticationServlet, true);

oauth/src/main/java/pl/edu/icm/unity/oauth/as/webauthz/OAuthResponseHandler.java

@@ -5,19 +5,22 @@
 package pl.edu.icm.unity.oauth.as.webauthz;
 
 import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.HashMap;
+import java.util.Map;
 import java.util.Optional;
 
 import com.nimbusds.oauth2.sdk.AuthorizationResponse;
-import com.nimbusds.oauth2.sdk.SerializeException;
 import com.vaadin.server.Page;
 import com.vaadin.server.SynchronizedRequestHandler;
 import com.vaadin.server.VaadinRequest;
 import com.vaadin.server.VaadinResponse;
 import com.vaadin.server.VaadinServletResponse;
 import com.vaadin.server.VaadinSession;
 
-import pl.edu.icm.unity.oauth.as.OAuthIdpStatisticReporter;
+import pl.edu.icm.unity.engine.api.utils.FreemarkerAppHandler;
 import pl.edu.icm.unity.oauth.as.OAuthAuthzContext;
+import pl.edu.icm.unity.oauth.as.OAuthIdpStatisticReporter;
 import pl.edu.icm.unity.types.basic.idpStatistic.IdpStatistic.Status;
 import pl.edu.icm.unity.webui.LoginInProgressService.SignInContextSession;
 import pl.edu.icm.unity.webui.LoginInProgressService.VaadinContextSession;
@@ -32,11 +35,14 @@ public class OAuthResponseHandler
 {
 	private final OAuthSessionService oauthSessionService;
 	public final OAuthIdpStatisticReporter statReporter;
+	private final FreemarkerAppHandler freemarkerHandler;
 
-	public OAuthResponseHandler(OAuthSessionService oauthSessionService, OAuthIdpStatisticReporter statReporter)
+	public OAuthResponseHandler(OAuthSessionService oauthSessionService, OAuthIdpStatisticReporter statReporter,
+			FreemarkerAppHandler freemarkerHandler)
 	{
 		this.oauthSessionService = oauthSessionService;
 		this.statReporter = statReporter;
+		this.freemarkerHandler = freemarkerHandler;
 	}
 
 	public void returnOauthResponse(AuthorizationResponse oauthResponse, boolean destroySession) throws EopException
@@ -89,11 +95,12 @@ public boolean synchronizedHandleRequest(VaadinSession session, VaadinRequest re
 				oauthSessionService.cleanupBeforeResponseSent(sessionAttributes);
 				try
 				{
-					String redirectURL = oauthResponse.toURI().toString();
-					response.sendRedirect(redirectURL);
-				} catch (SerializeException e)
-				{
-					throw new IOException("Error: can not serialize error response", e);
+					Map<String, String> data = new HashMap<>();
+					data.put("redirectURL", oauthResponse.toURI().toString());
+					
+					response.setContentType("application/xhtml+xml; charset=utf-8");
+					PrintWriter writer = response.getWriter();
+					freemarkerHandler.printGenericPage(writer, "oauthFinish.ftl", data);
 				} finally
 				{
 					oauthSessionService.cleanupAfterResponseSent(sessionAttributes, destroySession);

oauth/src/main/resources/templates/oauthFinish.ftl

@@ -0,0 +1,8 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/2002/REC-xhtml1-20020801/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<html>
+   <head>
+      <title></title>
+      <meta http-equiv = "refresh" content = "0; url = ${redirectURL?xhtml}" />
+   </head>
+</html>