UY-1184 outdated credential handling moved to AuthenticationUI

also improved info message handling after change

Author: golbi

engine/src/main/java/pl/edu/icm/unity/engine/authn/InteractiveAuthneticationProcessorImpl.java

@@ -143,7 +143,6 @@ public PostAuthenticationStepDecision processFirstFactorResult(AuthenticationRes
 				AuthenticationProcessor.extractParticipants(result), sessionReinitializer, httpResponse);
 
 		setLastIdpCookie(httpResponse, stepContext.authnOptionId, stepContext.endpointPath);
-		log.info("Successful authentication after first factor for {}", result);
 		return PostAuthenticationStepDecision.completed();
 	}
 

engine/src/main/java/pl/edu/icm/unity/engine/authz/InternalAuthorizationManagerImpl.java

@@ -281,7 +281,7 @@ public boolean isSelf(long subject)
 
 	private Set<AuthzCapability> getRoleCapabilities(Set<AuthzRole> roles, boolean selfAccess)
 	{
-		Set<AuthzCapability> ret = new HashSet<AuthzCapability>();
+		Set<AuthzCapability> ret = new HashSet<>();
 		for (AuthzRole role: roles)
 			Collections.addAll(ret, role.getCapabilities(selfAccess));
 		return ret;

web-common/src/main/java/pl/edu/icm/unity/webui/authn/AuthenticationUI.java

@@ -126,7 +126,6 @@ protected void appInit(final VaadinRequest request)
 				formLauncher, sandboxRouter, inputTranslationEngine, 
 				getSandboxServletURLForAssociation());
 		authenticationUI = ColumnInstantAuthenticationScreen.getInstance(msg, imageAccessService, config, endpointDescription,
-				this::showOutdatedCredentialDialog, 
 				new CredentialResetLauncherImpl(),
 				this::showRegistration, 
 				cancelHandler, idsMan, execService, 
@@ -140,6 +139,7 @@ protected void appInit(final VaadinRequest request)
 
 	private void loadInitialState() 
 	{
+		LOG.debug("Loading initial state of authentication UI");
 		WrappedSession session = VaadinSession.getCurrent().getSession();
 		PostAuthenticationDecissionWithContext postAuthnStepDecision = (PostAuthenticationDecissionWithContext) session
 				.getAttribute(RemoteRedirectedAuthnResponseProcessingFilter.DECISION_SESSION_ATTRIBUTE);
@@ -158,35 +158,37 @@ private void loadInitialState()
 			}
 		} else
 		{
-			setContent(authenticationUI);
+			if (isUserAuthenticatedWithOutdatedCredential())
+				showOutdatedCredentialDialog();
+			else
+				setContent(authenticationUI);
 		}
 	}
 
-	
 	/**
 	 * We may end up in authentication UI also after being properly logged in,
 	 * when the credential is outdated. The credential change dialog must be displayed then.
 	 */
-	private boolean showOutdatedCredentialDialog()
+	private boolean isUserAuthenticatedWithOutdatedCredential()
 	{
 		WrappedSession vss = VaadinSession.getCurrent().getSession();
 		LoginSession ls = (LoginSession) vss.getAttribute(LoginToHttpSessionBinder.USER_SESSION_KEY);
-		if (ls != null && ls.isUsedOutdatedCredential())
-		{
-			CredentialChangeConfiguration uiConfig = new CredentialChangeConfiguration(
-					config.getValue(VaadinEndpointProperties.AUTHN_LOGO), 
-					getFirstColumnWidth(), 
-					config.getBooleanValue(VaadinEndpointProperties.CRED_RESET_COMPACT));
-			
-			
-			OutdatedCredentialController outdatedCredentialController = outdatedCredentialDialogFactory.getObject();
-			outdatedCredentialController.init(uiConfig, authnProcessor, this::resetToFreshAuthenticationScreen);
-			setContent(outdatedCredentialController.getComponent());
-			return true;
-		}
-		return false;
+		return ls != null && ls.isUsedOutdatedCredential();
 	}
 
+	private void showOutdatedCredentialDialog()
+	{
+		CredentialChangeConfiguration uiConfig = new CredentialChangeConfiguration(
+				config.getValue(VaadinEndpointProperties.AUTHN_LOGO), 
+				getFirstColumnWidth(), 
+				config.getBooleanValue(VaadinEndpointProperties.CRED_RESET_COMPACT));
+
+		OutdatedCredentialController outdatedCredentialController = outdatedCredentialDialogFactory.getObject();
+		outdatedCredentialController.init(uiConfig, authnProcessor, this::resetToFreshAuthenticationScreen);
+		setContent(outdatedCredentialController.getComponent());
+	}
+	
+	
 	private float getFirstColumnWidth()
 	{
 		Iterator<String> columnKeys = config.getStructuredListKeys(AUTHN_COLUMNS_PFX).iterator();

web-common/src/main/java/pl/edu/icm/unity/webui/authn/column/ColumnInstantAuthenticationScreen.java

@@ -10,7 +10,6 @@
 import java.util.List;
 import java.util.Optional;
 import java.util.function.Function;
-import java.util.function.Supplier;
 
 import org.apache.logging.log4j.Logger;
 
@@ -37,8 +36,8 @@
 import pl.edu.icm.unity.engine.api.authn.InteractiveAuthenticationProcessor;
 import pl.edu.icm.unity.engine.api.authn.InteractiveAuthenticationProcessor.PostAuthenticationStepDecision;
 import pl.edu.icm.unity.engine.api.authn.PartialAuthnState;
-import pl.edu.icm.unity.engine.api.authn.UnsuccessfulAuthenticationCounter;
 import pl.edu.icm.unity.engine.api.authn.RemoteAuthenticationResult.UnknownRemotePrincipalResult;
+import pl.edu.icm.unity.engine.api.authn.UnsuccessfulAuthenticationCounter;
 import pl.edu.icm.unity.engine.api.server.HTTPRequestContext;
 import pl.edu.icm.unity.engine.api.utils.ExecutorsService;
 import pl.edu.icm.unity.types.authn.AuthenticationOptionKey;
@@ -73,7 +72,6 @@ public class ColumnInstantAuthenticationScreen extends CustomComponent implement
 	private final ImageAccessService imageAccessService;
 	private final VaadinEndpointProperties config;
 	private final ResolvedEndpoint endpointDescription;
-	private final Supplier<Boolean> outdatedCredentialDialogLauncher;
 	private final Runnable registrationLayoutLauncher;
 	private final boolean enableRegistration;
 	private final CancelHandler cancelHandler;
@@ -99,7 +97,6 @@ public class ColumnInstantAuthenticationScreen extends CustomComponent implement
 	protected ColumnInstantAuthenticationScreen(MessageSource msg, ImageAccessService imageAccessService, 
 			VaadinEndpointProperties config,
 			ResolvedEndpoint endpointDescription,
-			Supplier<Boolean> outdatedCredentialDialogLauncher,
 			CredentialResetLauncher credentialResetLauncher,
 			Runnable registrationLayoutLauncher, CancelHandler cancelHandler,
 			EntityManagement idsMan,
@@ -112,7 +109,6 @@ protected ColumnInstantAuthenticationScreen(MessageSource msg, ImageAccessServic
 		this.msg = msg;
 		this.config = config;
 		this.endpointDescription = endpointDescription;
-		this.outdatedCredentialDialogLauncher = outdatedCredentialDialogLauncher;
 		this.credentialResetLauncher = credentialResetLauncher;
 		this.registrationLayoutLauncher = registrationLayoutLauncher;
 		this.cancelHandler = cancelHandler;
@@ -129,7 +125,6 @@ protected ColumnInstantAuthenticationScreen(MessageSource msg, ImageAccessServic
 	public static ColumnInstantAuthenticationScreen getInstance(MessageSource msg, ImageAccessService imageAccessService, 
 			VaadinEndpointProperties config,
 			ResolvedEndpoint endpointDescription,
-			Supplier<Boolean> outdatedCredentialDialogLauncher,
 			CredentialResetLauncher credentialResetLauncher,
 			Runnable registrationLayoutLauncher, CancelHandler cancelHandler,
 			EntityManagement idsMan,
@@ -140,7 +135,7 @@ public static ColumnInstantAuthenticationScreen getInstance(MessageSource msg, I
 			InteractiveAuthenticationProcessor interactiveAuthnProcessor)
 	{
 		ColumnInstantAuthenticationScreen instance = new ColumnInstantAuthenticationScreen(msg,
-				imageAccessService, config, endpointDescription, outdatedCredentialDialogLauncher,
+				imageAccessService, config, endpointDescription, 
 				credentialResetLauncher, registrationLayoutLauncher, cancelHandler, idsMan, execService,
 				enableRegistration, unknownUserDialogProvider, localeChoice, flows,
 				interactiveAuthnProcessor);
@@ -176,12 +171,6 @@ protected final void init()
 		topLevelLayout.setComponentAlignment(authnOptionsComponent, Alignment.MIDDLE_CENTER);
 
 		log.debug("Authn screen init finished loading authenticators");
-		
-		if (outdatedCredentialDialogLauncher.get())
-		{
-			log.info("Launched outdated credential dialog");
-			return;
-		}
 	}
 
 	/**

web-common/src/main/java/pl/edu/icm/unity/webui/authn/extensions/PasswordRetrieval.java

@@ -204,11 +204,11 @@ private void triggerAuthentication()
 
 			if (password.equals(""))
 			{
-				NotificationPopup.showError(msg.getMessage("AuthenticationUI.authnErrorTitle"), 
+				NotificationPopup.showErrorAutoClosing(msg.getMessage("AuthenticationUI.authnErrorTitle"), 
 						msg.getMessage("WebPasswordRetrieval.noPassword"));
 			} else if (username.equals(""))
 			{
-				NotificationPopup.showError(msg.getMessage("AuthenticationUI.authnErrorTitle"), 
+				NotificationPopup.showErrorAutoClosing(msg.getMessage("AuthenticationUI.authnErrorTitle"), 
 						msg.getMessage("WebPasswordRetrieval.noUser"));
 			} else 
 			{

web-common/src/main/java/pl/edu/icm/unity/webui/authn/outdated/OutdatedCredentialController.java

@@ -127,16 +127,21 @@ private CredentialDefinition getCredentialDefinition()
 
 	private void afterCredentialUpdate(boolean changed)
 	{
-		finishHandler.run();
-		authnProcessor.logout(true);
+		ui.setEnabled(false);
 		if (changed)
 		{
-			NotificationPopup.showSuccess(msg.getMessage("OutdatedCredentialDialog.finalOK"), 
-					msg.getMessage("OutdatedCredentialDialog.finalInfo"));
+			NotificationPopup.showWarningAutoClosing(msg.getMessage("OutdatedCredentialDialog.finalOK"), 
+					msg.getMessage("OutdatedCredentialDialog.finalInfo"), this::cleanup);
 		} else
 		{
-			NotificationPopup.showError(msg.getMessage("OutdatedCredentialDialog.finalError"), 
-					msg.getMessage("OutdatedCredentialDialog.finalInfoNotChanged"));
+			NotificationPopup.showWarningAutoClosing(msg.getMessage("OutdatedCredentialDialog.finalError"), 
+					msg.getMessage("OutdatedCredentialDialog.finalInfoNotChanged"), this::cleanup);
 		}
 	}
+	
+	private void cleanup()
+	{
+		finishHandler.run();
+		authnProcessor.logout(true);
+	}
 }

web-common/src/main/java/pl/edu/icm/unity/webui/common/NotificationPopup.java

@@ -54,17 +54,57 @@ public static void showError(String caption, String description)
 				ValoTheme.NOTIFICATION_CLOSABLE);
 	}
 
+	public static void showWarningAutoClosing(String caption, String description, Runnable afterCloseHandler)
+	{
+		showAutoClosing(getWarningNotificationPlain(caption, description), Position.MIDDLE_CENTER, afterCloseHandler);
+	}
+	
+	public static void showErrorAutoClosing(String caption, String description, Runnable afterCloseHandler)
+	{
+		showAutoClosing(getErrorNotificationPlain(caption, description), Position.TOP_CENTER, afterCloseHandler);
+	}
+
+	public static void showAssistiveAutoClosing(String caption, String description)
+	{		
+		showAutoClosing(getAssistiveNotificationPlain(caption, description), Position.TOP_CENTER, () -> {});
+	}
+	
 	public static void showErrorAutoClosing(String caption, String description)
 	{
-		Notification notification = new Notification(caption, description, Type.ERROR_MESSAGE);
-		notification.setIcon(Images.error.getResource());
+		showAutoClosing(getErrorNotificationPlain(caption, description), Position.TOP_CENTER, () -> {});
+	}
+	
+	private static void showAutoClosing(Notification notification, Position position, Runnable afterCloseHandler)
+	{
 		notification.setDelayMsec((int)NOTIFICATION_AUTOCLOSE_AFTER.toMillis());
 		StringBuilder sb = new StringBuilder(notification.getStyleName());
 		sb.append(" ").append(Styles.veryLargeIcon.toString());
-		notification.setPosition(Position.TOP_CENTER);
+		notification.setPosition(position);
+		notification.addCloseListener(e -> afterCloseHandler.run());
 		notification.show(Page.getCurrent());
 	}
 
+	private static Notification getWarningNotificationPlain(String caption, String description)
+	{
+		Notification notification = new Notification(caption, description, Type.WARNING_MESSAGE);
+		notification.setIcon(Images.info.getResource());
+		return notification;
+	}
+	
+	private static Notification getAssistiveNotificationPlain(String caption, String description)
+	{
+		Notification notification = new Notification(caption, description, Type.ASSISTIVE_NOTIFICATION);
+		notification.setIcon(Images.info.getResource());
+		return notification;
+	}
+	
+	private static Notification getErrorNotificationPlain(String caption, String description)
+	{
+		Notification notification = new Notification(caption, description, Type.ERROR_MESSAGE);
+		notification.setIcon(Images.error.getResource());
+		return notification;
+	}
+	
 	public static void showError(ControllerException exception)
 	{
 		if (exception.getType() == pl.edu.icm.unity.webui.exceptions.ControllerException.Type.ERROR)

web-common/src/main/java/pl/edu/icm/unity/webui/sandbox/SandboxAuthenticationScreen.java

@@ -77,7 +77,6 @@ class SandboxAuthenticationScreen extends ColumnInstantAuthenticationScreen
 				prepareConfigurationBasingOnEndpoint(config.getProperties(), title) : 
 				prepareFreshConfigurationWithAllOptions(title, authenticators), 
 				endpointDescription, 
-				() -> false,
 				new NoOpCredentialRestLauncher(),
 				() -> {},
 				cancelHandler, idsMan,