public boolean requestCredentials()

in src/main/java/org/apache/sling/auth/form/impl/FormAuthenticationHandler.java [229:294]

• 53 lines of code
• 15 McCabe index (conditional complexity)

    public boolean requestCredentials(HttpServletRequest request, HttpServletResponse response) throws IOException {

        // 0. ignore this handler if an authentication handler is requested
        if (ignoreRequestCredentials(request)) {
            // consider this handler is not used
            return false;
        }

        // check the referrer to see if the request is for this handler
        if (!AuthUtil.checkReferer(request, loginForm)) {
            // not for this handler, so return
            return false;
        }

        final String resource = AuthUtil.setLoginResourceAttribute(request, request.getRequestURI());

        if (includeLoginForm && (resourceResolverFactory != null)) {
            ResourceResolver resourceResolver = null;
            try {
                resourceResolver = resourceResolverFactory.getAdministrativeResourceResolver(null);
                Resource loginFormResource = resourceResolver.resolve(loginForm);
                Servlet loginFormServlet = loginFormResource.adaptTo(Servlet.class);
                if (loginFormServlet != null) {
                        loginFormServlet.service(request, response);
                        return true;
                }
                    } catch (ServletException e) {
                        log.error("Failed to include the form: " + loginForm, e);
            } catch (LoginException e) {
                log.error(
                        "Unable to get a resource resolver to include for the login resource. Will redirect instead.");
            } finally {
                if (resourceResolver != null) {
                    resourceResolver.close();
                }
            }
        }

        HashMap<String, String> params = new HashMap<>();
        params.put(Authenticator.LOGIN_RESOURCE, resource);

        // append indication of previous login failure
        if (preferReasonCode) {
            if (request.getAttribute(FAILURE_REASON_CODE) != null) {
                final Object jReasonCode = request.getAttribute(FAILURE_REASON_CODE);
                @SuppressWarnings("rawtypes")
                final String reasonCode = (jReasonCode instanceof Enum) ? ((Enum) jReasonCode).name() : jReasonCode.toString();
                params.put(FAILURE_REASON_CODE, reasonCode);
            }
        } else {
            if (request.getAttribute(FAILURE_REASON) != null) {
                final Object jReason = request.getAttribute(FAILURE_REASON);
                @SuppressWarnings("rawtypes")
                final String reason = (jReason instanceof Enum) ? ((Enum) jReason).name() : jReason.toString();
                params.put(FAILURE_REASON, reason);
            }
        }

        try {
            AuthUtil.sendRedirect(request, response, request.getContextPath() + loginForm, params);
        } catch (IOException e) {
            log.error("Failed to redirect to the login form " + loginForm, e);
        }

        return true;
    }