mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git


			
				
					
						
						
							1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
							/*
 * SonarQube
 * Copyright (C) 2009-2021 SonarSource SA
 * mailto:info AT sonarsource DOT com
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU Lesser General Public
 * License as published by the Free Software Foundation; either
 * version 3 of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public License
 * along with this program; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
 */
package org.sonar.server.authentication;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.sonar.api.utils.log.Logger;
import org.sonar.api.utils.log.Loggers;
import org.sonar.server.authentication.event.AuthenticationException;

import static org.sonar.server.authentication.AuthenticationRedirection.encodeMessage;
import static org.sonar.server.authentication.AuthenticationRedirection.redirectTo;
import static org.sonar.server.authentication.Cookies.newCookieBuilder;

public final class AuthenticationError {

  private static final String UNAUTHORIZED_PATH = "/sessions/unauthorized";

  private static final Logger LOGGER = Loggers.get(AuthenticationError.class);
  private static final String AUTHENTICATION_ERROR_COOKIE = "AUTHENTICATION-ERROR";
  private static final int FIVE_MINUTES_IN_SECONDS = 5 * 60;

  private AuthenticationError() {
    // Utility class
  }

  static void handleError(Exception e, HttpServletRequest request, HttpServletResponse response, String message) {
    LOGGER.warn(message, e);
    redirectToUnauthorized(request, response);
  }

  static void handleError(HttpServletRequest request, HttpServletResponse response, String message) {
    LOGGER.warn(message);
    redirectToUnauthorized(request, response);
  }

  static void handleAuthenticationError(AuthenticationException e, HttpServletRequest request, HttpServletResponse response) {
    String publicMessage = e.getPublicMessage();
    if (publicMessage != null && !publicMessage.isEmpty()) {
      addErrorCookie(request, response, publicMessage);
    }
    redirectToUnauthorized(request, response);
  }

  public static void addErrorCookie(HttpServletRequest request, HttpServletResponse response, String value) {
    response.addCookie(newCookieBuilder(request)
      .setName(AUTHENTICATION_ERROR_COOKIE)
      .setValue(encodeMessage(value))
      .setHttpOnly(false)
      .setExpiry(FIVE_MINUTES_IN_SECONDS)
      .build());
  }

  private static void redirectToUnauthorized(HttpServletRequest request, HttpServletResponse response) {
    redirectTo(response, request.getContextPath() + UNAUTHORIZED_PATH);
  }
}