We do have the LocaleChangeInterceptor configured if that helps.
(Originally posted to http://forum.springsource.org/showthread.php?123391-Transition-to-set-locale )
Better would be to use existing components. Here is snippet of Spring WebFlow configured to use "LocaleChangeInterceptor":
#Bean
public FlowHandlerMapping flowHandlerMapping(FlowDefinitionRegistry flowDefinitionRegistry) {
FlowHandlerMapping handlerMapping = new FlowHandlerMapping();
handlerMapping.setInterceptors(new Object[] { localeChangeInterceptor() });
// ... other configuration
return handlerMapping;
}
/**
* #category locale_switcher
*/
#Bean
public SessionLocaleResolver localeResolver() {
SessionLocaleResolver localeResolver = new SessionLocaleResolver();
localeResolver.setDefaultLocale(Locale.ENGLISH);
return localeResolver;
}
/**
* #category locale_switcher
*/
#Bean
public LocaleChangeInterceptor localeChangeInterceptor() {
LocaleChangeInterceptor localeChangeInterceptor = new LocaleChangeInterceptor();
localeChangeInterceptor.setParamName("lang");
return localeChangeInterceptor;
}
How it works:
http://localhost:8080/myflow?execution=e1s1&lang=en
This is not what I was seeking, but it's the only thing I found to do. That is, I created an action method to call from the transition:
<transition on="switchLanguage" validate="false">
<evaluate expression="myAction.switchLanguage"/>
</transition>
And, specifically in this case for an Action class that extends MultiAction:
public Event switchLanguage(RequestContext context)
{
// get the "other" locale string itself from the current locale's resource bundle
Locale locale = context.getExternalContext().getLocale();
MessageSource ms = context.getActiveFlow().getApplicationContext();
String newLocaleString = ms.getMessage("lang.other", null, locale);
HttpServletRequest req = (HttpServletRequest) context.getExternalContext().getNativeRequest();
HttpServletResponse res = (HttpServletResponse) context.getExternalContext().getNativeResponse();
LocaleResolver localeResolver = RequestContextUtils.getLocaleResolver(req);
localeResolver.setLocale(req, res, StringUtils.parseLocaleString(newLocaleString));
return success();
}
Where, in my case, I only have to support two languages, so I define in my two messages.properties and messages_es.properties files, the property:
lang.other=es
or
lang.other=en
For other Action class approaches, return whatever you need to to indicate no failures, to either return to the same state again, or to transition to a new state, as desired.
See https://docs.spring.io/spring-webflow/docs/2.5.1.RELEASE/reference/html/views.html#transition-actions
If the transition action invokes a plain Java method, the invoked method may return a boolean whose value, true or false, indicates whether the transition should take place or be prevented from executing. A method may also return a String where the literal values "success", "yes", or "true" indicate the transition should occur, and any other value means the opposite.
Related
I am attempting to authorize against an external identity provider. Everything seems setup fine, but I keep getting a validation error with my identity provider because the state parameter automatically tacked onto my authorization request is not long enough:
For example:
&state=uYG5DC
The requirements of my IDP say that this state param must be at least 32-characters long. How can I programmatically increase the size of this auto-generated number?
Even if I could generate this number myself, it is not possible to override with other methods I have seen suggested. The following attempt fails because my manual setting of ?state=abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz is superceded by the autogenerated param placed after it during the actual request:
#Bean
public OAuth2ProtectedResourceDetails loginGovOpenId() {
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails() {
#Override
public String getUserAuthorizationUri() {
return super.getUserAuthorizationUri() + "?state=abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz";
}
};
details.setClientId(clientId);
details.setAccessTokenUri(accessTokenUri);
details.setUserAuthorizationUri(userAuthorizationUri);
details.setScope(Arrays.asList("openid", "email"));
details.setPreEstablishedRedirectUri(redirectUri);
details.setUseCurrentUri(true);
return details;
}
The 6-character setting seems to be set here, is there a way to override this?
https://github.com/spring-projects/spring-security-oauth/blob/master/spring-security-oauth2/src/main/java/org/springframework/security/oauth2/common/util/RandomValueStringGenerator.java
With the help of this post:
spring security StateKeyGenerator custom instance
I was able to come up with a working solution.
In my configuration class marked with these annotations:
#Configuration
#EnableOAuth2Client
I configured the following beans:
#Bean
public OAuth2ProtectedResourceDetails loginGovOpenId() {
AuthorizationCodeResourceDetails details = new AuthorizationCodeResourceDetails();
AuthorizationCodeResourceDetails details = new
details.setClientId(clientId);
details.setClientSecret(clientSecret);
details.setAccessTokenUri(accessTokenUri);
details.setUserAuthorizationUri(userAuthorizationUri);
details.setScope(Arrays.asList("openid", "email"));
details.setPreEstablishedRedirectUri(redirectUri);
details.setUseCurrentUri(true);
return details;
}
#Bean
public StateKeyGenerator stateKeyGenerator() {
return new CustomStateKeyGenerator();
}
#Bean
public AccessTokenProvider accessTokenProvider() {
AuthorizationCodeAccessTokenProvider accessTokenProvider = new AuthorizationCodeAccessTokenProvider();
accessTokenProvider.setStateKeyGenerator(stateKeyGenerator());
return accessTokenProvider;
}
#Bean
public OAuth2RestTemplate loginGovOpenIdTemplate(final OAuth2ClientContext clientContext) {
final OAuth2RestTemplate template = new OAuth2RestTemplate(loginGovOpenId(), clientContext);
template.setAccessTokenProvider(accessTokenProvider());
return template;
}
Where my CustomStateKeyGenerator implementation class looks as follows:
public class CustomStateKeyGenerator implements StateKeyGenerator {
// login.gov requires state to be at least 32-characters long
private static int length = 32;
private RandomValueStringGenerator generator = new RandomValueStringGenerator(length);
#Override
public String generateKey(OAuth2ProtectedResourceDetails resource) {
return generator.generate();
}
}
I'm currently struggeling returning http response status-codes on certain conditions. Let's say, the return objetct of taskService.getNewTasks is null. In this case I want to return status-code 404. On some exception I want to return some 50x, and so on.
My code so far
#RestController
public class TaskController {
#Autowired
private TaskService taskService;
#GetMapping(path = "gettasks")
private Future<Tasks> getNewTasks() {
return taskService.getNewTasks();
}
...
}
#Service
public class TaskService {
#Async
public Future<Tasks> getNewTasks() {
...
return CompletableFuture.completedFuture(tasks);
}
}
This could suit you.
#GetMapping(path = "gettasks")
private CompletableFuture<ResponseEntity<Tasks>> getNewTasks() {
CompletableFuture<Tasks> future = new CompletableFuture<>();
future.complete(taskService.getNewTasks());
if(yourCondition){
return future.thenApply(result -> new ResponseEntity<Tasks>(result, HttpStatus.STATUS_1));
}
return future.thenApply(result -> new ResponseEntity<Tasks>(result, HttpStatus.STATUS_2));
}
As described in https://docs.spring.io/spring/docs/current/spring-framework-reference/web.html#mvc-ann-return-types, Future isn’t supported as return type for controller handler methods.
Since you’re using CompletableFuture you can just return that or CompletionStage, which are supported by spring.
If that completes with an exception, you can use the regular Spring exception handling mechanisms like annotating the exception with #ResponseStatus .
With #RequestMapping, request can be associated with different controller functions through header or request parameters. Is there a way to achieve this base on the user user role? The aim is avoid if statement in the controller.
As far as I am aware, there is not anything that comes out of the box, but if you wanted to you could probably create a custom mapping annotation to do this routing for you.
I have not actually tried any of this code, but something like:
Your new annoation, used like #UserRoleMapping("ROLE_ADMIN")
#Target( ElementType.TYPE )
#Retention(RetentionPolicy.RUNTIME)
public #interface UserRoleMapping {
String[] value();
}
Next, you can just extend the standard Spring RequestMappingHandlerMapping class (this is the class that handles the standard mapping of #RequestMapping annotations). You just need to tell the mapping handler to also take into account a custom condition:
public class UserRoleRequestCondition extends RequestMappingHandlerMapping {
#Override protected RequestCondition<?> getCustomTypeCondition(Class<?> handlerType) {
UserRoleMapping typeAnnotation = AnnotationUtils.findAnnotation(handlerType, UserRoleMapping.class);
return (typeAnnotation != null) ? new UserRoleRequestCondition( typeAnnotation.value() ) : null;
}
}
The above code just checks the controller for your new annotation created above and if it is found it returns a new condition class, constructed with the value you have set in the annotation (e.g. "ROLE_ADMIN"). This MappingHandler will need to be set in your Spring config (whereever you are currently setting the RequestMappingHandlerMapping, just replace it with one of these).
Next we need to create the custom condition - this is the guy that is going to be invoked on request to determine if a request matches the controller:
public class UserRoleRequestCondition implements RequestCondition<UserRoleRequestCondition> {
private final Set<String> roles;
public UserRoleRequestCondition( String... roles ) {
this( Arrays.asList(roles) );
}
public UserRoleRequestCondition( Collection<String> roles ) {
this.roles = Collections.unmodifiableSet(new HashSet<String>(roles));
}
#Override public UserRoleRequestCondition combine(UserRoleRequestCondition other) {
Set<String> allRoles = new LinkedHashSet<String>(this.roles);
allRoles.addAll(other.roles);
return new UserRoleRequestCondition(allRoles);
}
#Override public UserRoleRequestCondition getMatchingCondition( HttpServletRequest request ) {
UserRoleRequestCondition condition = null;
for (String r : roles){
if ( request.isUserInRole( r ) ){
condition = this;
}
}
return condition;
}
#Override public int compareTo(UserRoleRequestCondition other, HttpServletRequest request) {
return (other.roles - this.roles).size();
}
}
In the above, the method getMatchingCondition is where we match the request. (apologies if I have missed some semi-colons or return keywords etc - this is based on groovy, but hopefully if you are in java you can work out where those bits go!)
Props to Marek for his more detailed answer on the more fully-formed solution to custom routing based on the subdomain that I used when I had to implement something similar! How to implement #RequestMapping custom properties - That gives more details about what is going on, and how to have method level annotations (this example skips that and only defines class level annotations)
I have also written up some notes on this here: http://automateddeveloper.blogspot.co.uk/2014/12/spring-mvc-custom-routing-conditions.html
Implement AuthenticationSuccessHandler onAuthenticationSuccess redirect to specific controller based on the User Role.
I have a Spring 3.2 Controller with basic request mappings like
#RequestMapping("/action")
public String action(#RequestParam("param") String param) {
//do stuff...
return "view";
}
This controller handles links created by non-technical business users. Sometimes the users mess it up and create links with duplicate parameters, e.g.,
www.example.com/action?param=value¶m=value
The parameter is an exact duplicate and probably a copy/paste error.
My problem is that Spring is concatenating these dupes together, so that the url above will give "value,value" for param, when I want only "value".
What is a good way to detect and handle these duplicates? I know I could change all my #RequestParams to List<String>s and go from there, but that's a whole lot of boilerplate over dozens of request mappings.
Ideally there would be a way to intercept and modify the url parameters before Spring attempts to bind them -- but only for this controller.
I found that I can register a custom String property editor to do this.
class DuplicateParameterReducingPropertyEditor extends PropertyEditorSupport {
Object value;
#Override
public void setValue(Object value) {
if (value instanceof String[]) {
String[] strings = (String[])value;
Set<String> unique = Sets.newHashSet(strings);
this.value = unique.toArray();
} else {
this.value = value;
}
}
#Override
public void setAsText(String text) throws IllegalArgumentException {
this.value = text;
}
#Override
public String getAsText() {
return value.toString();
}
#Override
public Object getValue() {
return value;
}
};
I added this to my controller:
#InitBinder
public void initBinder(WebDataBinder binder) {
PropertyEditor stringEditor = new DuplicateParameterReducingPropertyEditor();
binder.registerCustomEditor(String.class, stringEditor);
}
So whenever Spring encounters a #RequestParam-annotated String method argument, the PropertyEditor is invoked to transform the incoming data if needed. In the case of duplicate parameters, Spring passes a String[] of the values to the property editor setValue, which I can then manipulate.
This does have the results I am looking for. I'm not sure of all the implications of this, though, so I can't endorse it as good solution yet. Not having to alter any handler method signatures is a big plus though.
A good idea would be to extend AbstractNamedValueMethodArgumentResolver with your own strategy. Then the strategy could be used wherever you deem necessary.
This strategy only works for Spring 3.1+ which is not a problem for you since you are using Spring 3.2
I faced the same issue in Spring boot. Eventually I came up with this solution using converter, in case it helps anyone.
This method should be added as part of your WebMvcConfigurer class.
#Override
public void addFormatters(FormatterRegistry registry) {
// Duplicate query parameters converter
registry.addConverter(new Converter<String[], String>() {
public String convert(String[] arr) {
return arr[arr.length - 1]; // Return the last value
}
});
}
Is there a nice way to resolve locale based on the URL and in the other hand map requests without any additional requirement ?
For example
http://example.com/ru/news
http://example.com/iw/news
and in the controller still use the standard mappings
#Controller
#RequestMapping(value = "/news")
public class NewsController {
// Controller methods ...
}
You could write a custom interceptor that works like LocaleChangeInterceptor
Here's a sample implementation that uses a regex pattern (most of the code is copied from LocaleChangeInterceptor):
public class CustomLocaleChangeInterceptor extends HandlerInterceptorAdapter {
private Pattern localePattern;
public void setLocalePattern(final String localePattern) {
Assert.isTrue(localePattern.matches(".*\\(.*\\).*"), "Your pattern needs to define a match group");
this.localePattern = Pattern.compile(localePattern);
}
#Override
public boolean preHandle(final HttpServletRequest request, final HttpServletResponse response, final Object handler)
throws ServletException {
final String pathTranslated = request.getPathTranslated();
if (pathTranslated != null) {
final Matcher matcher = localePattern.matcher(pathTranslated);
if (matcher.find()) {
final String newLocale = matcher.group(1);
if (newLocale != null) {
final LocaleResolver localeResolver = RequestContextUtils.getLocaleResolver(request);
if (localeResolver == null) {
throw new IllegalStateException("No LocaleResolver found: not in a DispatcherServlet request?");
}
final LocaleEditor localeEditor = new LocaleEditor();
localeEditor.setAsText(newLocale);
localeResolver.setLocale(request, response, (Locale) localeEditor.getValue());
}
}
}
// Proceed in any case.
return true;
}
}
Wire it like this:
<bean id="localeChangeInterceptor"
class="foo.bar.CustomLocaleChangeInterceptor">
<property name="localePattern" value="\b([a-z]{2})\b"/>
</bean
I'm not aware of an out-of-the-box solution for this, but it's easy enough to implement using a custom interceptor and some wisely chosen mappings.
Write an implementation of HandlerInterceptor which implements preHandle so that the locale string is extracted from the request URI, and then tag the request with that locale (see the source code for the similar LocalChangeInterceptor, which does a similar thing to what you need, but uses a request parameter instead of a path variable).
Then wire it up using <mvc:interceptor> e.g.
<mvc:interceptors>
<mvc:interceptor>
<mapping path="/*"/>
<bean class="x.y.MyInterceptor" />
</mvc:interceptor>
</mvc:interceptors>
You can then loosen up the request mapping on your controller to tolerate (and ignore) the locale part of the URI:
#Controller
#RequestMapping(value = "*/news")
public class NewsController {
// Controller methods ...
}
Take a look at http://lrkwz.github.com/URLManagedLocale/ you can simply drop the dependency in your pom file and configure the interceptor and localeresolver.