ControlledPwmServlet.java

/*
 * Password Management Servlets (PWM)
 * http://www.pwm-project.org
 *
 * Copyright (c) 2006-2009 Novell, Inc.
 * Copyright (c) 2009-2017 The PWM Project
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */

package password.pwm.http.servlet;

import com.novell.ldapchai.exception.ChaiUnavailableException;
import password.pwm.PwmConstants;
import password.pwm.error.ErrorInformation;
import password.pwm.error.PwmError;
import password.pwm.error.PwmUnrecoverableException;
import password.pwm.http.ProcessStatus;
import password.pwm.http.PwmRequest;
import password.pwm.http.PwmResponse;
import password.pwm.util.java.JavaHelper;
import password.pwm.util.logging.PwmLogger;

import javax.servlet.ServletException;
import java.io.IOException;
import java.lang.annotation.Retention;
import java.lang.annotation.RetentionPolicy;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.util.Collection;

public abstract class ControlledPwmServlet extends AbstractPwmServlet implements PwmServlet {

    private static final PwmLogger LOGGER = PwmLogger.forClass(AbstractPwmServlet.class);

    public String servletUriRemainder(final PwmRequest pwmRequest, final String command) throws PwmUnrecoverableException {
        String uri = pwmRequest.getURLwithoutQueryString();
        if (uri.startsWith(pwmRequest.getContextPath())) {
            uri = uri.substring(pwmRequest.getContextPath().length(), uri.length());
        }
        for (final String servletUri : getServletDefinition().urlPatterns()) {
            if (uri.startsWith(servletUri)) {
                uri = uri.substring(servletUri.length(), uri.length());
            }
        }
        return uri;
    }

    protected PwmServletDefinition getServletDefinition() {
        for (final PwmServletDefinition pwmServletDefinition : PwmServletDefinition.values()) {
            final Class pwmServletClass = pwmServletDefinition.getPwmServletClass();
            if (pwmServletClass.isInstance(this) ) {
                return pwmServletDefinition;
            }
        }
        throw new IllegalStateException("unable to determine PwmServletDefinition for class " + this.getClass().getName());
    }

    public abstract Class<? extends ProcessAction> getProcessActionsClass();

    protected ProcessAction readProcessAction(final PwmRequest request)
            throws PwmUnrecoverableException
    {
        try {
            final String inputParameter = request.readParameterAsString(PwmConstants.PARAM_ACTION_REQUEST);
            final Class processStatusClass = getProcessActionsClass();
            final Enum answer = JavaHelper.readEnumFromString(processStatusClass, null, inputParameter);
            return (ProcessAction)answer;
        } catch (Exception e) {
            LOGGER.error("error",e);
        }
        return null;
    }

    private ProcessStatus dispatchMethod(
            final PwmRequest pwmRequest
    )
            throws PwmUnrecoverableException
    {

        final ProcessAction action = readProcessAction(pwmRequest);
        if (action == null) {
            return ProcessStatus.Continue;
        }
        try {
            final Method interestedMethod = discoverMethodForAction(this.getClass(), action);
            if (interestedMethod != null) {
                interestedMethod.setAccessible(true);
                return (ProcessStatus) interestedMethod.invoke(this, pwmRequest);
            }
        } catch (InvocationTargetException e) {
            final Throwable cause = e.getCause();
            if (cause != null) {
                if (cause instanceof PwmUnrecoverableException) {
                    throw (PwmUnrecoverableException) cause;
                }
                final String msg = "unexpected error during action handler for '" + action + "', error: " + cause.getMessage();
                LOGGER.error(msg);
                throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, msg));
            }
            LOGGER.error("uncaused invocation error: " + e.getMessage(),e);
        } catch (Throwable e) {
            final String msg = "unexpected error invoking action handler for '" + action + "', error: " + e.getMessage();
            LOGGER.error(msg,e);
            throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, msg));
        }

        final String msg = "missing action handler for '" + action + "'";
        LOGGER.error(msg);
        throw new PwmUnrecoverableException(new ErrorInformation(PwmError.ERROR_UNKNOWN, msg));
    }

    protected void processAction(final PwmRequest pwmRequest)
            throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException
    {
        preProcessCheck(pwmRequest);

        final ProcessAction action = readProcessAction(pwmRequest);
        if (action != null) {
            final ProcessStatus status = dispatchMethod(pwmRequest);
            if (status == ProcessStatus.Halt) {
                if (!pwmRequest.getPwmResponse().isCommitted()) {
                    if (pwmRequest.getConfig().isDevDebugMode()) {
                        final String msg = "processing complete, handler returned halt but response is not committed";
                        LOGGER.error(pwmRequest, msg, new IllegalStateException(msg));
                    }
                }
                return;
            }

            final String servletUrl = pwmRequest.getURL().determinePwmServletPath();
            LOGGER.debug(pwmRequest, "this request is not idempotent, redirecting to self with no action");
            sendOtherRedirect(pwmRequest, servletUrl);

            return;
        }

        examineLastError(pwmRequest);

        nextStep(pwmRequest);
    }

    protected abstract void nextStep(PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException;

    public abstract ProcessStatus preProcessCheck(PwmRequest pwmRequest) throws PwmUnrecoverableException, IOException, ServletException;

    void sendOtherRedirect(final PwmRequest pwmRequest, final String location) throws IOException, PwmUnrecoverableException {
        final String protocol = pwmRequest.getHttpServletRequest().getProtocol();
        if (protocol != null && protocol.startsWith("HTTP/1.0")) {
            pwmRequest.sendRedirect(location);
        } else {
            pwmRequest.getPwmResponse().sendRedirect(location, PwmResponse.RedirectType.Other_303);
        }
    }

    @Retention(RetentionPolicy.RUNTIME)
    public @interface ActionHandler {
        String action();
    }

    public static Method discoverMethodForAction(final Class clazz, final ProcessAction action) {
        Method interestedMethod = null;
        final Collection<Method> methods = JavaHelper.getAllMethodsForClass(clazz);
        for (final Method method : methods) {
            if (method.getAnnotation(ActionHandler.class) != null) {
                final String actionName = method.getAnnotation(ActionHandler.class).action();
                if (action.toString().equals(actionName)) {
                    interestedMethod = method;
                    break;
                }
            }
        }
        return interestedMethod;
    }
}