From 0bc34efb61887f0825cdbe38ff4b02df70dc99a3 Mon Sep 17 00:00:00 2001
From: Julian Hochstetter <julian.hochstetter@mni.thm.de>
Date: Tue, 11 Sep 2012 09:12:55 +0200
Subject: [PATCH] Task #3834: Reuse existing guest username * Make guest login
 working with new UserService * Reuse existing guest username * Adapted tests

---
 .../java/de/thm/arsnova/LoginController.java  | 25 +++++++----
 .../java/de/thm/arsnova/entities/User.java    |  5 +++
 .../de/thm/arsnova/services/UserService.java  |  6 ++-
 .../controller/LoginControllerTest.java       | 45 ++++++++++++++++---
 4 files changed, 65 insertions(+), 16 deletions(-)

diff --git a/src/main/java/de/thm/arsnova/LoginController.java b/src/main/java/de/thm/arsnova/LoginController.java
index 231e37488..011769f5c 100644
--- a/src/main/java/de/thm/arsnova/LoginController.java
+++ b/src/main/java/de/thm/arsnova/LoginController.java
@@ -47,6 +47,8 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.View;
+import org.springframework.web.servlet.view.RedirectView;
 
 import de.thm.arsnova.entities.User;
 import de.thm.arsnova.services.IUserService;
@@ -69,35 +71,40 @@ public class LoginController {
 	@Autowired
 	IUserService userService;
 	
-	public static final Logger logger = LoggerFactory
-			.getLogger(LoginController.class);
+	public static final Logger logger = LoggerFactory.getLogger(LoginController.class);
 
 	@RequestMapping(method = RequestMethod.GET, value = "/doLogin")
-	public ModelAndView doLogin(@RequestParam("type") String type, HttpServletRequest request, HttpServletResponse response)
+	public View doLogin(@RequestParam("type") String type, @RequestParam(value="user", required=false) String guestName, HttpServletRequest request, HttpServletResponse response)
 			throws IOException, ServletException {
-		request.getSession().setAttribute("ars-referer", request.getHeader("referer"));
+		String referer = request.getHeader("referer");
+		request.getSession().setAttribute("ars-referer", referer);
 		if("cas".equals(type)) {
 			casEntryPoint.commence(request, response, null);
 		} else if("twitter".equals(type)) {
 			String authUrl = twitterProvider.getAuthorizationUrl(new HttpUserSession(request));
-			return new ModelAndView("redirect:" + authUrl);
+			return new RedirectView(authUrl);
 		} else if("facebook".equals(type)) {
 			String authUrl = facebookProvider.getAuthorizationUrl(new HttpUserSession(request));
-			return new ModelAndView("redirect:" + authUrl);
+			return new RedirectView(authUrl);
 		} else if("google".equals(type)) {
 			String authUrl = googleProvider.getAuthorizationUrl(new HttpUserSession(request));
-			return new ModelAndView("redirect:" + authUrl);
+			return new RedirectView(authUrl);
 		} else if("guest".equals(type)) {
 			List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
 			authorities.add(new SimpleGrantedAuthority("ROLE_GUEST"));
-			String username = "Guest" + Sha512DigestUtils.shaHex(request.getSession().getId()).substring(0, 10);
+			String username = "";
+			if(guestName != null && guestName.startsWith("Guest") && guestName.length() == 15) {
+				username = guestName;
+			} else {
+				username = "Guest" + Sha512DigestUtils.shaHex(request.getSession().getId()).substring(0, 10);	
+			}		
 			org.springframework.security.core.userdetails.User user = 
 					new org.springframework.security.core.userdetails.User(username, "", true, true, true, true, authorities);
 			Authentication token = new UsernamePasswordAuthenticationToken(user, null, authorities);
 
 			SecurityContextHolder.getContext().setAuthentication(token);
 			request.getSession(true).setAttribute(HttpSessionSecurityContextRepository.SPRING_SECURITY_CONTEXT_KEY, SecurityContextHolder.getContext());
-			return new ModelAndView("redirect:/#auth/checkLogin");
+			return new RedirectView(referer != null ? referer : "/" + "#auth/checkLogin");
 		}
 		return null;
 	}
diff --git a/src/main/java/de/thm/arsnova/entities/User.java b/src/main/java/de/thm/arsnova/entities/User.java
index 8de2f06d4..4f2863631 100644
--- a/src/main/java/de/thm/arsnova/entities/User.java
+++ b/src/main/java/de/thm/arsnova/entities/User.java
@@ -5,6 +5,7 @@ import org.scribe.up.profile.facebook.FacebookProfile;
 import org.scribe.up.profile.google.Google2Profile;
 import org.scribe.up.profile.twitter.TwitterProfile;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
 public class User {
 	
@@ -30,6 +31,10 @@ public class User {
 		setUsername("anonymous");
 	}
 
+	public User(UsernamePasswordAuthenticationToken token) {
+		setUsername(token.getName());
+	}
+
 	public String getUsername() {
 		return username;
 	}
diff --git a/src/main/java/de/thm/arsnova/services/UserService.java b/src/main/java/de/thm/arsnova/services/UserService.java
index e8bb017df..ab0436a0d 100644
--- a/src/main/java/de/thm/arsnova/services/UserService.java
+++ b/src/main/java/de/thm/arsnova/services/UserService.java
@@ -4,6 +4,7 @@ import org.scribe.up.profile.facebook.FacebookProfile;
 import org.scribe.up.profile.google.Google2Profile;
 import org.scribe.up.profile.twitter.TwitterProfile;
 import org.springframework.security.authentication.AnonymousAuthenticationToken;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.cas.authentication.CasAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.stereotype.Service;
@@ -39,7 +40,10 @@ public class UserService implements IUserService {
 		} else if(authentication instanceof AnonymousAuthenticationToken){
 			AnonymousAuthenticationToken token = (AnonymousAuthenticationToken) authentication;
 			return new User(token);
-		} 
+		} else if(authentication instanceof UsernamePasswordAuthenticationToken) {
+			UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication;
+			return new User(token);
+		}
 		return null;
 	}
 
diff --git a/src/test/java/de/thm/arsnova/controller/LoginControllerTest.java b/src/test/java/de/thm/arsnova/controller/LoginControllerTest.java
index 44c0fe7e4..3c1e97a4b 100644
--- a/src/test/java/de/thm/arsnova/controller/LoginControllerTest.java
+++ b/src/test/java/de/thm/arsnova/controller/LoginControllerTest.java
@@ -20,11 +20,9 @@ package de.thm.arsnova.controller;
 
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertTrue;
 
-import javax.servlet.Filter;
-
+import org.junit.After;
 import org.junit.Before;
 import org.junit.Test;
 import org.springframework.mock.web.MockHttpServletRequest;
@@ -33,8 +31,10 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.web.servlet.ModelAndView;
+import org.springframework.web.servlet.view.RedirectView;
 
 import de.thm.arsnova.AbstractSpringContextTestBase;
+import de.thm.arsnova.entities.User;
 
 public class LoginControllerTest extends AbstractSpringContextTestBase {
 
@@ -53,10 +53,43 @@ public class LoginControllerTest extends AbstractSpringContextTestBase {
 		final ModelAndView mav = handle(request, response);
 
 		assertNotNull(mav);
-		assertTrue(mav.getViewName().startsWith("redirect:/"));
-		Authentication auth = SecurityContextHolder.getContext()
-				.getAuthentication();
+		assertNotNull(mav.getView());
+		RedirectView view = (RedirectView) mav.getView();
+		assertEquals("/#auth/checkLogin", view.getUrl());
+		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
 		assertEquals(auth.getClass(), UsernamePasswordAuthenticationToken.class);
 	}
+	
+	@Test
+	public void testReuseGuestLogin() throws Exception {
+		request.setMethod("GET");
+		request.setRequestURI("/doLogin");
+		request.addParameter("type", "guest");
+		request.addParameter("user", "Guest1234567890");
+
+		final ModelAndView mav = handle(request, response);
+
+		assertNotNull(mav);
+		assertNotNull(mav.getView());
+		RedirectView view = (RedirectView) mav.getView();
+		assertEquals("/#auth/checkLogin", view.getUrl());
+		Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+		assertEquals(auth.getClass(), UsernamePasswordAuthenticationToken.class);
+		assertEquals("Guest1234567890", auth.getName());
+	}
+	
+
+	@Test
+	public void testUser() throws Exception {
+		request.setMethod("GET");
+		request.setRequestURI("/whoami");
+
+		final ModelAndView mav = handle(request, response);
+
+		assertNotNull(mav);
+		assertTrue(mav.getModel().containsKey("user"));
+		assertEquals(mav.getModel().get("user").getClass(), User.class);
+		assertEquals("Guest1234567890", ((User)mav.getModel().get("user")).getUsername());
+	}
 
 }
-- 
GitLab