001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (https://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH & Co. KG, please see the
018 * company website: https://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: https://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.security;
029
030import org.opencms.file.CmsObject;
031import org.opencms.main.CmsException;
032
033import java.io.IOException;
034import java.util.Map;
035
036import javax.servlet.http.HttpServletRequest;
037import javax.servlet.http.HttpServletResponse;
038
039/**
040 * Defines general authorization methods.<p>
041 *
042 * One of the application scenarios for this interface is a personalized SSO implementation.<p>
043 *
044 * @since 6.5.4
045 */
046public interface I_CmsAuthorizationHandler {
047
048    /**
049     * Class providing the privileged login action.<p>
050     */
051    interface I_PrivilegedLoginAction {
052
053        /**
054         * Performs a privileged login action and returns a cms object initialized for the principal.<p>
055         *
056         * @param request the current request
057         * @param principal the principal to login
058         *
059         * @return a cms object initialized for the principal
060         * @throws CmsException if the login action fails
061         */
062        CmsObject doLogin(HttpServletRequest request, String principal) throws CmsException;
063
064        /**
065         * Returns the cms object.<p>
066         *
067         * @return the cms object
068         */
069        CmsObject getCmsObject();
070
071        /**
072         * Used to provide an initial cms object.<p>
073         *
074         * @param cms an initial cms object
075         */
076        void setCmsObject(CmsObject cms);
077    }
078
079    /**
080     * Returns the full URL used to call a login form with additional parameters and a callbackURL.<p>
081     *
082     * @param loginFormURL the form URL specified in the cms (either as a property or system-wide)
083     * @param params additional parameters to provide to the login form
084     * @param callbackURL the call-back URL to redirect after a successful login
085     *
086     * @return the full URL used to call a login form
087     */
088    String getLoginFormURL(String loginFormURL, String params, String callbackURL);
089
090    /**
091     * Implementations can customize the logout redirect URI using this method.
092     *
093     * @param cms the current CmsObject
094     * @param request the current request
095     * @param cmsRedirectUri the normal redirect URI that would be used without a special authorization handler (might be null)
096     *
097     * @return the new redirect URI
098     * @throws Exception if something goes wrong
099     */
100    default String getLogoutRedirectUri(CmsObject cms, HttpServletRequest request, String cmsRedirectUri) {
101
102        return cmsRedirectUri;
103    }
104
105    /**
106     * Creates a new cms object from the given request object.<p>
107     *
108     * This method is called by OpenCms every time a resource is requested
109     * and the session can not automatically be authenticated.<p>
110     *
111     * @param request the HTTP request to authenticate
112     *
113     * @return the cms context object associated to the current session
114     */
115    CmsObject initCmsObject(HttpServletRequest request);
116
117    /**
118     * Creates a new cms object from the given request object.<p>
119     *
120     * This method is called by OpenCms every time a resource is requested
121     * and the session can not automatically be authenticated.<p>
122     *
123     * @param request the HTTP request to authenticate
124     * @param loginAction the privileged login action
125     *
126     * @return the cms context object associated to the current session
127     */
128    CmsObject initCmsObject(HttpServletRequest request, I_PrivilegedLoginAction loginAction);
129
130    /**
131     * Authenticates the current request with additional user information.<p>
132     *
133     * You have to call this method by your own.<p>
134     *
135     * @param request the HTTP request to authenticate
136     * @param userName the user name to authenticate
137     * @param pwd the user password to authenticate with
138     *
139     * @return the cms context object associated to the given user
140     *
141     * @throws CmsException if something goes wrong
142     */
143    CmsObject initCmsObject(HttpServletRequest request, String userName, String pwd) throws CmsException;
144
145    /**
146     * This method sends a request to the client to display a login form,
147     * it is needed for HTTP-Authentication.<p>
148     *
149     * @param req the client request
150     * @param res the response
151     * @param loginFormURL the full URL used for form based authentication
152     *
153     * @throws IOException if something goes wrong
154     */
155    void requestAuthorization(HttpServletRequest req, HttpServletResponse res, String loginFormURL) throws IOException;
156
157    /**
158     * Sets parameters which can be configured additionally for an authorization handler.<p>
159     *
160     * @param parameters the map of parameters
161     */
162    void setParameters(Map<String, String> parameters);
163}