diff options
author | David Ostrovsky <david@ostrovsky.org> | 2015-04-18 23:16:32 +0200 |
---|---|---|
committer | David Ostrovsky <david@ostrovsky.org> | 2015-04-28 08:27:29 +0200 |
commit | c28da9bb21d1cd3b91c87ea0b2c9d74c97252e16 (patch) | |
tree | eac5363cd2e5b0426b52ed74132b5f4f495c223a | |
parent | 3ae7ec043f00515ee0f900b740487794311b74a1 (diff) |
Hybrid OpenID/OAuth: Support switching identities
Change-Id: Iac0e36c2dd6b8e99a3b99c9594e29cca9bac22ca
GutHub-Bug: https://github.com/davido/gerrit-oauth-provider/issues/11
3 files changed, 4 insertions, 26 deletions
diff --git a/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/LoginForm.java b/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/LoginForm.java index e6bb25b382..aea816e7c2 100644 --- a/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/LoginForm.java +++ b/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/LoginForm.java @@ -175,8 +175,7 @@ class LoginForm extends HttpServlet { oauthSession.logout(); } if ((isGerritLogin(req) - || oauthSession.isOAuthFinal(req)) - && !oauthSession.isLoggedIn()) { + || oauthSession.isOAuthFinal(req))) { oauthSession.setServiceProvider(oauthProvider); oauthSession.setLinkMode(link); oauthSession.login(req, res, oauthProvider); diff --git a/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthSessionOverOpenID.java b/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthSessionOverOpenID.java index fb3d135edb..6d129bfd4f 100644 --- a/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthSessionOverOpenID.java +++ b/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthSessionOverOpenID.java @@ -88,10 +88,6 @@ class OAuthSessionOverOpenID { boolean login(HttpServletRequest request, HttpServletResponse response, OAuthServiceProvider oauth) throws IOException { - if (isLoggedIn()) { - return true; - } - log.debug("Login " + this); if (isOAuthFinal(request)) { diff --git a/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthWebFilterOverOpenID.java b/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthWebFilterOverOpenID.java index dff456f2f7..ff02419e92 100644 --- a/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthWebFilterOverOpenID.java +++ b/gerrit-openid/src/main/java/com/google/gerrit/httpd/auth/openid/OAuthWebFilterOverOpenID.java @@ -17,7 +17,6 @@ package com.google.gerrit.httpd.auth.openid; import com.google.common.collect.Iterables; import com.google.gerrit.extensions.auth.oauth.OAuthServiceProvider; import com.google.gerrit.extensions.registration.DynamicMap; -import com.google.gerrit.server.CurrentUser; import com.google.inject.Inject; import com.google.inject.Provider; import com.google.inject.Singleton; @@ -34,7 +33,6 @@ import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; /** OAuth web filter uses active OAuth session to perform OAuth requests */ @@ -42,16 +40,13 @@ import javax.servlet.http.HttpSession; class OAuthWebFilterOverOpenID implements Filter { static final String GERRIT_LOGIN = "/login"; - private final Provider<CurrentUser> currentUserProvider; private final Provider<OAuthSessionOverOpenID> oauthSessionProvider; private final DynamicMap<OAuthServiceProvider> oauthServiceProviders; private OAuthServiceProvider ssoProvider; @Inject - OAuthWebFilterOverOpenID(Provider<CurrentUser> currentUserProvider, - DynamicMap<OAuthServiceProvider> oauthServiceProviders, + OAuthWebFilterOverOpenID(DynamicMap<OAuthServiceProvider> oauthServiceProviders, Provider<OAuthSessionOverOpenID> oauthSessionProvider) { - this.currentUserProvider = currentUserProvider; this.oauthServiceProviders = oauthServiceProviders; this.oauthSessionProvider = oauthSessionProvider; } @@ -69,26 +64,14 @@ class OAuthWebFilterOverOpenID implements Filter { public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletRequest httpRequest = (HttpServletRequest) request; - HttpSession httpSession = ((HttpServletRequest) request).getSession(false); - OAuthSessionOverOpenID oauthSession = oauthSessionProvider.get(); - if (!oauthSession.isLinkMode() - && currentUserProvider.get().isIdentifiedUser()) { - if (httpSession != null) { - httpSession.invalidate(); - } - chain.doFilter(request, response); - return; - } - HttpServletResponse httpResponse = (HttpServletResponse) response; + OAuthSessionOverOpenID oauthSession = oauthSessionProvider.get(); OAuthServiceProvider service = ssoProvider == null ? oauthSession.getServiceProvider() : ssoProvider; - if ((isGerritLogin(httpRequest) - || oauthSession.isOAuthFinal(httpRequest)) - && !oauthSession.isLoggedIn()) { + if (isGerritLogin(httpRequest) || oauthSession.isOAuthFinal(httpRequest)) { if (service == null) { throw new IllegalStateException("service is unknown"); } |