private Authentication handleCachedAuthentication()

in plugins/jetty9/src/main/java/org/apache/cxf/fediz/jetty9/FederationAuthenticator.java [349:412]

• 49 lines of code
• 16 McCabe index (conditional complexity)

    private Authentication handleCachedAuthentication(HttpServletRequest request, HttpServletResponse response,
                                                      HttpSession session, FedizContext fedConfig) throws IOException {
        Authentication authentication =
            (Authentication) session.getAttribute(SessionAuthentication.__J_AUTHENTICATED);
        if (authentication != null) {
            // Has authentication been revoked?
            if (authentication instanceof Authentication.User
                && isTokenExpired(fedConfig, ((Authentication.User)authentication).getUserIdentity())) {
                session.removeAttribute(SessionAuthentication.__J_AUTHENTICATED);
            } else {
                //logout
                String action = request.getParameter(FederationConstants.PARAM_ACTION);
                boolean logout = FederationConstants.ACTION_SIGNOUT.equals(action);
                String logoutUrl = fedConfig.getLogoutURL();

                String uri = request.getRequestURI();
                if (uri == null) {
                    uri = URIUtil.SLASH;
                }

                String contextName = request.getSession().getServletContext().getContextPath();
                if (contextName == null || contextName.isEmpty()) {
                    contextName = "/";
                }

                if (logout || logoutUrl != null && !logoutUrl.isEmpty() && uri.equals(contextName + logoutUrl)) {
                    session.invalidate();

                    FedizProcessor wfProc =
                        FedizProcessorFactory.newFedizProcessor(fedConfig.getProtocol());
                    signOutRedirectToIssuer(request, response, wfProc);

                    return Authentication.SEND_CONTINUE;
                }

                String jUri = (String)session.getAttribute(J_URI);
                @SuppressWarnings("unchecked")
                MultiMap<String> jPost = (MultiMap<String>)session.getAttribute(J_POST);
                if (jUri != null && jPost != null) {
                    StringBuffer buf = request.getRequestURL();
                    if (request.getQueryString() != null) {
                        buf.append('?').append(request.getQueryString());
                    }

                    if (jUri.equals(buf.toString())) {
                        // This is a retry of an original POST request
                        // so restore method and parameters

                        session.removeAttribute(J_POST);
                        Request baseRequest = (Request)request;
                        // (req instanceof Request)?(Request)
                        // req:HttpConnection.getCurrentConnection().getRequest();
                        baseRequest.setMethod(HttpMethod.POST.asString());
                        baseRequest.setQueryParameters(jPost);
                    }
                } else if (jUri != null) {
                    session.removeAttribute(J_URI);
                }

                return authentication;
            }
        }
        return null;
    }