We just upgraded to CUBA 6.9.5 and notice the class IdpAuthProvider has been deprecated and some methods and constants were removed.
we have a custom external AuthenticationProviderClass which extends IdpAuthProvider .
i have followed the document to add sevlet/mapping/filter in the web.xml.
and add cuba.web.idp.enabled = true in web-app.properties.
How should we implement the custom AuthenticationProvider?
our codes snippet:
public class CipIdpAuthProvider extends IdpAuthProvider {
private final Logger log = LoggerFactory.getLogger(CipIdpAuthProvider.class);
/**
* 默认token超时时间
*/
private final static Integer SCREEN_LINK_OPEN_DEFAULT_MAX_AGE = 60;
private final static String SCREEN_LINK_OPEN_FORM_KEY = "screenLinkOpen";
@Override
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)
throws IOException, ServletException {
.....
String idpBaseURL = webAuthConfig.getIdpBaseURL(); //this method is not there
...................
String screenLinkOpenAttr = "screenLinkOpen";
if (httpRequest.getParameter(screenLinkOpenAttr)!=null) {
Cookie cookie = new Cookie(screenLinkOpenAttr , httpRequest.getParameter(screenLinkOpenAttr));
if (AppContext.getProperty("cip.screenLinkOpen.maxAge") != null) {
cookie.setMaxAge(Integer.valueOf(AppContext.getProperty("cip.screenLinkOpen.maxAge")));
} else {
cookie.setMaxAge(Integer.valueOf(SCREEN_LINK_OPEN_DEFAULT_MAX_AGE));
}
cookie.setPath("/");
httpResponse.addCookie(cookie);
}
HttpSession session = httpRequest.getSession(true);
if (httpRequest.getParameter("idp_ticket")==null) {
// String queryString = httpRequest.getRequestURL()+"?"+httpRequest.getQueryString();
StringBuilder queryURL = new StringBuilder(httpRequest.getRequestURL());
Optional.ofNullable(httpRequest.getQueryString()).map(str -> queryURL.append("?").append(str));
session.setAttribute("requestURL", queryURL.toString());
} else if (session.getAttribute("requestURL")==null){
String queryString = httpRequest.getRequestURL() + "?"+ httpRequest.getQueryString().replaceAll("&*idp_ticket=[^&]*", "");
session.setAttribute("requestURL",queryString);
}
////IDP_SESSION_LOCK_ATTRIBUTE is not there
Lock sessionLock = (Lock) session.getAttribute(IDP_SESSION_LOCK_ATTRIBUTE);
if (sessionLock == null) {
sessionCheckLock.lock();
try {
sessionLock = (Lock) session.getAttribute(IDP_SESSION_LOCK_ATTRIBUTE);