From ebb110f2806724616f0d7cd039a86be15242b49f Mon Sep 17 00:00:00 2001
From: "Shawn O. Pearce" <sop@google.com>
Date: Tue, 29 Dec 2009 15:51:32 -0800
Subject: [PATCH] Revert "Remove unnecessary /login/* URLs when auth.type =
 LDAP"

This reverts commit 23e0987350e921e9e8fb55e178a11e13769311e6.

We have to have this servlet when auth.type = LDAP to support
logins for URLs like "#mine".  The web UI forces a reload of
the host page by redirecting through /login/mine, which just
quickly redirects back to /#mine, allowing the host page to
be pulled again with the user account information embedded.

Change-Id: I65898d5d0bef00c2b29940153a45441b29b8b53e
---
 .../httpd/auth/ldap/LdapAuthModule.java       |  1 +
 .../httpd/auth/ldap/LoginRedirectServlet.java | 78 +++++++++++++++++++
 2 files changed, 79 insertions(+)
 create mode 100644 gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LoginRedirectServlet.java

diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LdapAuthModule.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LdapAuthModule.java
index 3772dcaab4..c46edc3808 100644
--- a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LdapAuthModule.java
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LdapAuthModule.java
@@ -22,6 +22,7 @@ import com.google.inject.servlet.ServletModule;
 public class LdapAuthModule extends ServletModule {
   @Override
   protected void configureServlets() {
+    serve("/login/*").with(LoginRedirectServlet.class);
     install(new RpcServletModule(UiRpcModule.PREFIX) {
       @Override
       protected void configureServlets() {
diff --git a/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LoginRedirectServlet.java b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LoginRedirectServlet.java
new file mode 100644
index 0000000000..9bdd522e00
--- /dev/null
+++ b/gerrit-httpd/src/main/java/com/google/gerrit/httpd/auth/ldap/LoginRedirectServlet.java
@@ -0,0 +1,78 @@
+// Copyright (C) 2009 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package com.google.gerrit.httpd.auth.ldap;
+
+import com.google.gerrit.common.PageLinks;
+import com.google.gerrit.common.auth.SignInMode;
+import com.google.gerrit.httpd.WebSession;
+import com.google.gerrit.server.config.CanonicalWebUrl;
+import com.google.gerrit.server.config.Nullable;
+import com.google.inject.Inject;
+import com.google.inject.Provider;
+import com.google.inject.Singleton;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+@Singleton
+class LoginRedirectServlet extends HttpServlet {
+  private static final long serialVersionUID = 1L;
+
+  private final Provider<WebSession> webSession;
+  private final Provider<String> urlProvider;
+
+  @Inject
+  LoginRedirectServlet(final Provider<WebSession> webSession,
+      @CanonicalWebUrl @Nullable final Provider<String> urlProvider) {
+    this.webSession = webSession;
+    this.urlProvider = urlProvider;
+  }
+
+  @Override
+  protected void doGet(final HttpServletRequest req,
+      final HttpServletResponse rsp) throws IOException {
+    final String token;
+    if (webSession.get().isSignedIn()) {
+      token = getToken(req);
+    } else {
+      final String msg = "Session cookie not available.";
+      token = "SignInFailure," + SignInMode.SIGN_IN + "," + msg;
+    }
+
+    final StringBuilder rdr = new StringBuilder();
+    rdr.append(urlProvider.get());
+    rdr.append('#');
+    rdr.append(token);
+
+    rsp.setHeader("Expires", "Fri, 01 Jan 1980 00:00:00 GMT");
+    rsp.setHeader("Pragma", "no-cache");
+    rsp.setHeader("Cache-Control", "no-cache, must-revalidate");
+    rsp.sendRedirect(rdr.toString());
+  }
+
+  private String getToken(final HttpServletRequest req) {
+    String token = req.getPathInfo();
+    if (token != null && token.startsWith("/")) {
+      token = token.substring(1);
+    }
+    if (token == null || token.isEmpty()) {
+      token = PageLinks.MINE;
+    }
+    return token;
+  }
+}