Skip to content

Commit

Permalink
rename/remove other shib functionality, e.g. passivecookie
Browse files Browse the repository at this point in the history
  • Loading branch information
@qqmyers
qqmyers committed Aug 16, 2023
1 parent 66f13dd commit 78385c2
Show file tree
Hide file tree
Showing 4 changed files with 13 additions and 51 deletions.
4 changes: 2 additions & 2 deletions src/main/java/edu/harvard/iq/dataverse/DataverseHeaderFragment.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -243,8 +243,8 @@ public void logout() throws IOException {
// session is going to be issued to them.

String safeDefaultIfKeyNotFound = "https://idp.dev-aws.qdr.org/idp/profile/Logout";
String shibLogoutUrl = settingsService.getValueForKey(SettingsServiceBean.Key.ShibLogoutUrl, safeDefaultIfKeyNotFound);
externalContext.redirect(shibLogoutUrl);
String ssoLogoutUrl = settingsService.getValueForKey(SettingsServiceBean.Key.SSOLogoutUrl, safeDefaultIfKeyNotFound);
externalContext.redirect(ssoLogoutUrl);
}

private Boolean signupAllowed = null;
Expand Down
35 changes: 9 additions & 26 deletions src/main/java/edu/harvard/iq/dataverse/Shib.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -133,32 +133,19 @@ public void init() {
state = State.INIT;
ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
request = (HttpServletRequest) context.getRequest();
//QDR Custom - manage SSO cookies
response = (HttpServletResponse)context.getResponse();
String QDRDrupalSiteURL = settingsWrapper.get(":QDRDrupalSiteURL");
String QDRDrupalSiteHost = QDRDrupalSiteURL;
int index = QDRDrupalSiteURL.indexOf("://");
if (index >=0) {
QDRDrupalSiteHost = QDRDrupalSiteURL.substring(index + 3);
}
String cookieVal = getPrettyFacesHomePageString(false);
try {
cookieVal = URLEncoder.encode(cookieVal, "UTF-8");
} catch (UnsupportedEncodingException e) {
logger.warning("Unable to escape redirect URL for cookie: " + cookieVal);
}
Cookie passiveSSOCookie = new Cookie("_check_is_passive_dv", cookieVal);
//In QDR config, common domain for Drupal and Dataverse is '.<Drupal dns name>'
passiveSSOCookie.setDomain("." + QDRDrupalSiteHost);

ShibUtil.printAttributes(request);

/*
* QDRCustom
* Direct the user to the Drupal Terms & Conditions page if the user has not
* accepted the latest version of the T&C
*/
Integer acceptedTermsDocVer;
/*
* QDR No longer uses Shib, So this can be deleted. Keeping it for now in case
* we need to ~copy this into the OIDC code to redirect to the t&c page there.
* Hoping it isn't needed there either.
*/
/* Integer acceptedTermsDocVer;
try {
String acceptedTermsDocVerStr = getRequiredValueFromAssertion(ShibUtil.acceptedTermsDocVerAttribute);
acceptedTermsDocVer = new Integer(acceptedTermsDocVerStr);
Expand All @@ -183,7 +170,7 @@ public void init() {
return;
}
}

}
/**
* @todo Investigate why JkEnvVar is null since it may be useful for
* debugging per https://github.com/IQSS/dataverse/issues/2916 . See
Expand Down Expand Up @@ -321,8 +308,6 @@ else if (ShibAffiliationOrder.equals("firstAffiliation")) {
logInUserAndSetShibAttributes(au);
String prettyFacesHomePageString = getPrettyFacesHomePageString(false);
try {
//QDR - add SSO cookie
response.addCookie(passiveSSOCookie);
FacesContext.getCurrentInstance().getExternalContext().redirect(prettyFacesHomePageString);
} catch (IOException ex) {
logger.info("Unable to redirect user to homepage at " + prettyFacesHomePageString);
Expand Down Expand Up @@ -380,8 +365,6 @@ else if (ShibAffiliationOrder.equals("firstAffiliation")) {
String destinationAfterAccountCreation = confirmAndCreateAccount();
if (destinationAfterAccountCreation != null) {
try {
//QDR - add SSO cookie
response.addCookie(passiveSSOCookie);
context.redirect(destinationAfterAccountCreation);
return;
} catch (IOException ex) {
Expand Down Expand Up @@ -490,12 +473,12 @@ public List<String> getGroups(AuthenticatedUser au) {
public String cancel() {
// QDRCustom
ExternalContext context = FacesContext.getCurrentInstance().getExternalContext();
// Redirect user to Shibboleth login page
// Redirect user to SSO login page
try {
context.redirect(navigationWrapper.getSSOLoginPath());
return "";
} catch (IOException ex) {
logger.info("Unable to redirect user to Shibboleth login page");
logger.info("Unable to redirect user to SSO login page");
return "";
}
}
Expand Down
6 changes: 2 additions & 4 deletions src/main/java/edu/harvard/iq/dataverse/settings/SettingsServiceBean.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -410,10 +410,8 @@ Whether Harvesting (OAI) service is enabled
* QDR Custom settings
*
*/
/** URL for Shibboleth Single Logout */
ShibLogoutUrl,
/** Latest version of Terms and Conditions document */
ShibAuthTermsVer,
/** URL for Single Sign-On Logouti.e. a URL to cause logout of other sso'd components */
SSOLogoutUrl,
/** Url of integrated Drupal Site */
QDRDrupalSiteURL,
/** Base Url of this Dataverse Site */
Expand Down
19 changes: 0 additions & 19 deletions src/main/java/edu/harvard/iq/dataverse/util/SystemConfig.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -611,25 +611,6 @@ public boolean isShibPassiveLoginEnabled() {
return settingsService.isTrueForKey(SettingsServiceBean.Key.ShibPassiveLoginEnabled, defaultResponse);
}

/* QDRCustom */
public int getShibAuthTermsVer() {
String versionOption = settingsService.getValueForKey(SettingsServiceBean.Key.ShibAuthTermsVer);
Integer version = null;

if (versionOption != null && !versionOption.equals("")) {
try {
version = new Integer(versionOption);
} catch (NumberFormatException nfe) {
version = null;
}
}

if (version != null) {
return version;
}

return 1;
}
public boolean isShibAttributeCharacterSetConversionEnabled() {
boolean defaultResponse = true;
return settingsService.isTrueForKey(SettingsServiceBean.Key.ShibAttributeCharacterSetConversionEnabled, defaultResponse);
Expand Down

0 comments on commit 78385c2

Please sign in to comment.