- private String buildLoginPageUrl(HttpServletRequest request) {
- logger.trace("buildLoginPageUrl");
- // Why so much work to recover the original request?
- final StringBuffer sb = request.getRequestURL();
- sb.append(request.getQueryString() == null ? "" : "?" + request.getQueryString());
- final String requestedUrl = sb.toString();
- String encodedUrl = null;
- try {
- encodedUrl = URLEncoder.encode(requestedUrl, "UTF-8");
- } catch (UnsupportedEncodingException ex) {
- logger.error("buildLoginPageUrl: Failed to encode {}", requestedUrl);
- }
- return DashboardConstants.LOGIN_PAGE + "?" + REDIRECT_URL_KEY + "=" + encodedUrl;
+ /**
+ * Generates a page with text only, absolutely no references to any webapp
+ * resources, so this can be served to an unauthenticated user without
+ * triggering a new authentication attempt. The page has a link to the Portal
+ * URL from configuration, with a return URL that is the original request.
+ *
+ * @param appUrl
+ * Original requested URL
+ * @return HTML
+ * @throws UnsupportedEncodingException
+ * On error
+ */
+ private static String generateLoginRedirectPage(String appUrl) throws UnsupportedEncodingException {
+ String encodedAppUrl = URLEncoder.encode(appUrl, "UTF-8");
+ String portalBaseUrl = PortalApiProperties.getProperty(PortalApiConstants.ECOMP_REDIRECT_URL);
+ String redirectUrl = portalBaseUrl + "?" + PortalAuthenticationFilter.REDIRECT_URL_KEY + "=" + encodedAppUrl;
+ String aHref = "<a href=\"" + redirectUrl + "\">";
+ // If only Java had "here" documents.
+ String body = String.join(//
+ System.getProperty("line.separator"), //
+ "<html>", //
+ "<head>", //
+ "<title>RIC Dashboard</title>", //
+ "<style>", //
+ "html, body { ", //
+ " font-family: Helvetica, Arial, sans-serif;", //
+ "}", //
+ "</style>", //
+ "</head>", //
+ "<body>", //
+ "<h2>RIC Dashboard</h2>", //
+ "<h4>Please log in.</h4>", //
+ "<p>", //
+ aHref, "Click here to authenticate at the ONAP Portal</a>", //
+ "</p>", //
+ "</body>", //
+ "</html>");
+ return body;