Skip to content

Commit

Permalink
OPENAM-6373
Browse files Browse the repository at this point in the history
  • Loading branch information
@craigmcdonnell
craigmcdonnell committed Jan 11, 2016
1 parent f3a3209 commit 42e6f05
Showing 1 changed file with 27 additions and 12 deletions.
39 changes: 27 additions & 12 deletions openam-core/src/main/java/com/sun/identity/authentication/client/AuthClientUtils.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,8 @@
*/
package com.sun.identity.authentication.client;

import static java.util.Arrays.asList;

import com.iplanet.am.util.AMClientDetector;
import com.iplanet.am.util.SystemProperties;
import com.iplanet.dpro.session.SessionException;
Expand Down Expand Up @@ -91,7 +93,6 @@
import java.net.URLDecoder;
import java.security.AccessController;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
Expand All @@ -100,6 +101,7 @@
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.ResourceBundle;
import java.util.Set;
import java.util.StringTokenizer;
Expand Down Expand Up @@ -333,7 +335,7 @@ protected AuthClientUtils() {
private static List<String> getHeaderNameListForProperty(String property) {
String value = SystemProperties.get(property);
if (value != null) {
return Arrays.asList(value.toLowerCase().split(","));
return asList(value.toLowerCase().split(","));
}
return Collections.EMPTY_LIST;
}
Expand Down Expand Up @@ -2529,8 +2531,9 @@ public static Map<String, Object> sendAuthRequestToOrigServer(HttpServletRequest
// If we don't do this the server might going to deny the request because of invalid domain access.
conn.setRequestProperty("Host", request.getHeader("host"));

List<Cookie> cookies = removeLocalLoadBalancingCookie(asList(request.getCookies()));
// replay cookies
strCookies = getCookiesString(request);
strCookies = getCookiesString(cookies);
if (strCookies != null) {
if (utilDebug.messageEnabled()) {
utilDebug.message("Sending cookies : " + strCookies);
Expand Down Expand Up @@ -2573,7 +2576,7 @@ public static Map<String, Object> sendAuthRequestToOrigServer(HttpServletRequest
if (queryParams.containsKey(entry.getKey())) {
// TODO: do we need to care about params that can be both in GET and POST?
} else {
postParams.put(entry.getKey(), new HashSet<String>(Arrays.asList(entry.getValue())));
postParams.put(entry.getKey(), new HashSet<String>(asList(entry.getValue())));
}
}

Expand Down Expand Up @@ -2677,6 +2680,22 @@ public static Map<String, Object> sendAuthRequestToOrigServer(HttpServletRequest
return origRequestData;
}

/**
* Filter the load balancing cookie if it points to this server to avoid potential infinite redirect loop.
*/
private static List<Cookie> removeLocalLoadBalancingCookie(final List<Cookie> cookies) {
final String lblCookieName = getlbCookieName();
final String lblCookieValue = getlbCookieValue();
final List<Cookie> filteredCookies = new ArrayList<>();
for (final Cookie cookie : cookies) {
if (!Objects.equals(cookie.getName(), lblCookieName)
&& !Objects.equals(cookie.getValue(), lblCookieValue)) {
filteredCookies.add(cookie);
}
}
return filteredCookies;
}

private static boolean isSameServer(URL url1, URL url2) {
int port1 = url1.getPort() != -1 ? url1.getPort() : url1.getDefaultPort();
int port2 = url2.getPort() != -1 ? url2.getPort() : url2.getDefaultPort();
Expand Down Expand Up @@ -2736,25 +2755,21 @@ private static String getFormData(Map<String, Set<String>> params) {
}

// Get cookies string from HTTP request object
private static String getCookiesString(HttpServletRequest request) {
Cookie cookies[] = request.getCookies();
private static String getCookiesString(List<Cookie> cookies) {
StringBuilder cookieStr = null;
String strCookies = null;
// Process Cookies
if (cookies != null) {
for (int nCookie = 0; nCookie < cookies.length; nCookie++) {
for (final Cookie cookie : cookies) {
if (utilDebug.messageEnabled()) {
utilDebug.message("Cookie name='{}', value='{}'",
cookies[nCookie].getName(), cookies[nCookie].getValue());
utilDebug.message("Cookie name='{}', value='{}'", cookie.getName(), cookie.getValue());
}
if (cookieStr == null) {
cookieStr = new StringBuilder();
} else {
cookieStr.append(";");
}
cookieStr.append(cookies[nCookie].getName())
.append("=")
.append(cookies[nCookie].getValue());
cookieStr.append(cookie.getName()).append("=").append(cookie.getValue());
}
}
if (cookieStr != null) {
Expand Down

0 comments on commit 42e6f05

Please sign in to comment.