LinshareRememberMeServices.java example

Explorer
linshare-core-master
- src
/*
 * LinShare is an open source filesharing software, part of the LinPKI software
 * suite, developed by Linagora.
 * 
 * Copyright (C) 2015 LINAGORA
 * 
 * This program is free software: you can redistribute it and/or modify it under
 * the terms of the GNU Affero General Public License as published by the Free
 * Software Foundation, either version 3 of the License, or (at your option) any
 * later version, provided you comply with the Additional Terms applicable for
 * LinShare software by Linagora pursuant to Section 7 of the GNU Affero General
 * Public License, subsections (b), (c), and (e), pursuant to which you must
 * notably (i) retain the display of the “LinShare™” trademark/logo at the top
 * of the interface window, the display of the “You are using the Open Source
 * and free version of LinShare™, powered by Linagora © 2009–2015. Contribute to
 * Linshare R&D by subscribing to an Enterprise offer!” infobox and in the
 * e-mails sent with the Program, (ii) retain all hypertext links between
 * LinShare and linshare.org, between linagora.com and Linagora, and (iii)
 * refrain from infringing Linagora intellectual property rights over its
 * trademarks and commercial brands. Other Additional Terms apply, see
 * <http://www.linagora.com/licenses/> for more details.
 * 
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
 * details.
 * 
 * You should have received a copy of the GNU Affero General Public License and
 * its applicable Additional Terms for LinShare along with this program. If not,
 * see <http://www.gnu.org/licenses/> for the GNU Affero General Public License
 * version 3 and <http://www.linagora.com/licenses/> for the Additional Terms
 * applicable to LinShare software.
 */
package org.linagora.linshare.view.tapestry.services.impl;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.linagora.linshare.core.domain.entities.Cookie;
import org.linagora.linshare.core.exception.BusinessException;
import org.linagora.linshare.core.repository.CookieRepository;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;

/**
 * Service extending PersistentTokenBasedRememberMeServices to allow linshare
 * to delete the old cookie in database after user logout.
 * 
 * @author sduprey
 */
public class LinshareRememberMeServices extends
		PersistentTokenBasedRememberMeServices {

	public LinshareRememberMeServices(String key,
			UserDetailsService userDetailsService,
			PersistentTokenRepository tokenRepository) {
		super(key, userDetailsService, tokenRepository);
	}

	private CookieRepository cookieRepository;

	public CookieRepository getCookieRepository() {
		return cookieRepository;
	}

	public void setCookieRepository(CookieRepository cookieRepository) {
		this.cookieRepository = cookieRepository;
	}

	@Override
	public void logout(HttpServletRequest request,
			HttpServletResponse response, Authentication authentication) {
		String httpCookieValue = null;
		javax.servlet.http.Cookie[] httpCookies = request.getCookies();

		// find the right cookie
		if (httpCookies != null && httpCookies.length > 0) {
			for (javax.servlet.http.Cookie cookie : httpCookies) {
				if (cookie.getName().equals(
						SPRING_SECURITY_REMEMBER_ME_COOKIE_KEY)) {
					httpCookieValue = cookie.getValue();
					break;
				}
			}
		}
		if (httpCookieValue != null) {
			List<Cookie> linshareCookies = null;
			
			if (authentication != null && authentication.getName() != null && authentication.getName().length() > 0) {
				linshareCookies = cookieRepository.findByUserName(authentication.getName());
			} else {
				linshareCookies = cookieRepository.findAll();
			}
			
			/*
			 * A login can match more than one cookie in database
			 * because a user can connect to linShare from multiple computer 
			 */
			if (linshareCookies != null && linshareCookies.size() > 0) {
				for (Cookie cookie : linshareCookies) {
					String[] token = new String[] { cookie.getIdentifier(), cookie.getValue() };
					String encodeDBCookie = encodeCookie(token);
					
					if (httpCookieValue.equals(encodeDBCookie)) { 
						try {
							cookieRepository.delete(cookie);
						} catch (IllegalArgumentException e) {
							e.printStackTrace();
						} catch (BusinessException e) {
							e.printStackTrace();
						}
					}
				}
			}
		}
		/*
		 * Do the superclass logout : delete the cookie of user web browser
		 */
		super.logout(request, response, authentication);
	}
}