#1342 #1291 #946 OAuth2 refactoring

TheHive-Project · Aug 12, 2020 · eb184c8 · eb184c8
1 parent bde63bb
commit eb184c8
Show file tree

Hide file tree

Showing 7 changed files with 134 additions and 247 deletions.
diff --git a/project/Dependencies.scala b/project/Dependencies.scala
@@ -6,22 +6,22 @@ object Dependencies {
   object Library {
 
     object Play {
-      val ws = "com.typesafe.play" %% "play-ws" % play.core.PlayVersion.current
-      val ahc = "com.typesafe.play" %% "play-ahc-ws" % play.core.PlayVersion.current
-      val cache = "com.typesafe.play" %% "play-ehcache" % play.core.PlayVersion.current
-      val test = "com.typesafe.play" %% "play-test" % play.core.PlayVersion.current
-      val specs2 = "com.typesafe.play" %% "play-specs2" % play.core.PlayVersion.current
+      val ws      = "com.typesafe.play" %% "play-ws"         % play.core.PlayVersion.current
+      val ahc     = "com.typesafe.play" %% "play-ahc-ws"     % play.core.PlayVersion.current
+      val cache   = "com.typesafe.play" %% "play-ehcache"    % play.core.PlayVersion.current
+      val test    = "com.typesafe.play" %% "play-test"       % play.core.PlayVersion.current
+      val specs2  = "com.typesafe.play" %% "play-specs2"     % play.core.PlayVersion.current
       val filters = "com.typesafe.play" %% "filters-helpers" % play.core.PlayVersion.current
-      val guice = "com.typesafe.play" %% "play-guice" % play.core.PlayVersion.current
+      val guice   = "com.typesafe.play" %% "play-guice"      % play.core.PlayVersion.current
     }
 
     val scalaGuice = "net.codingwell" %% "scala-guice" % "4.2.6"
 
-    val reflections = "org.reflections" % "reflections" % "0.9.11"
-    val zip4j = "net.lingala.zip4j" % "zip4j" % "2.6.0"
-    val elastic4play = "org.thehive-project" %% "elastic4play" % "1.12.0"
-    val akkaCluster = "com.typesafe.akka" %% "akka-cluster" % play.core.PlayVersion.akkaVersion
-    val akkaClusterTyped = "com.typesafe.akka" %% "akka-cluster-typed" % play.core.PlayVersion.akkaVersion
-    val akkaClusterTools = "com.typesafe.akka" %% "akka-cluster-tools" % play.core.PlayVersion.akkaVersion
+    val reflections      = "org.reflections"     % "reflections"         % "0.9.11"
+    val zip4j            = "net.lingala.zip4j"   % "zip4j"               % "2.6.0"
+    val elastic4play     = "org.thehive-project" %% "elastic4play"       % "1.12.1"
+    val akkaCluster      = "com.typesafe.akka"   %% "akka-cluster"       % play.core.PlayVersion.akkaVersion
+    val akkaClusterTyped = "com.typesafe.akka"   %% "akka-cluster-typed" % play.core.PlayVersion.akkaVersion
+    val akkaClusterTools = "com.typesafe.akka"   %% "akka-cluster-tools" % play.core.PlayVersion.akkaVersion
   }
 }
diff --git a/thehive-backend/app/controllers/AuthenticationCtrl.scala b/thehive-backend/app/controllers/AuthenticationCtrl.scala
@@ -5,14 +5,16 @@ import models.UserStatus
 import org.elastic4play.controllers.{Authenticated, Fields, FieldsBodyParser}
 import org.elastic4play.database.DBIndex
 import org.elastic4play.services.AuthSrv
-import org.elastic4play.{AuthorizationError, OAuth2Redirect, Timed}
+import org.elastic4play.{AuthorizationError, Timed}
+import play.api.Configuration
 import play.api.mvc._
 import services.UserSrv
 
 import scala.concurrent.{ExecutionContext, Future}
 
 @Singleton
 class AuthenticationCtrl @Inject()(
+    configuration: Configuration,
     authSrv: AuthSrv,
     userSrv: UserSrv,
     authenticated: Authenticated,
@@ -44,19 +46,18 @@ class AuthenticationCtrl @Inject()(
     dbIndex.getIndexStatus.flatMap {
       case false ⇒ Future.successful(Results.Status(520))
       case _ ⇒
-        (for {
-          authContext ← authSrv.authenticate()
-          user        ← userSrv.get(authContext.userId)
-        } yield {
-          if (user.status() == UserStatus.Ok)
-            authenticated.setSessingUser(Ok, authContext)
-          else
-            throw AuthorizationError("Your account is locked")
-        }) recover {
-          // A bit of a hack with the status code, so that Angular doesn't reject the origin
-          case OAuth2Redirect(redirectUrl, qp) ⇒ Redirect(redirectUrl, qp, status = OK)
-          case e                               ⇒ throw e
-        }
+        authSrv
+          .authenticate()
+          .flatMap {
+            case Right(authContext) ⇒
+              userSrv.get(authContext.userId).map { user ⇒
+                if (user.status() == UserStatus.Ok)
+                  authenticated.setSessingUser(Redirect(configuration.get[String]("play.http.context").stripSuffix("/") + "/index.html"), authContext)
+                else
+                  throw AuthorizationError("Your account is locked")
+              }
+            case Left(result) ⇒ Future.successful(result)
+          }
     }
   }