Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import java.io.IOException;
- import javax.servlet.ServletException;
- import javax.servlet.ServletOutputStream;
- import javax.servlet.annotation.WebServlet;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import javax.ws.rs.core.UriBuilder;
- import org.slf4j.Logger;
- import org.slf4j.LoggerFactory;
- @WebServlet("/openid-redirect")
- public class RedirectServlet extends HttpServlet {
- private final Logger logger = LoggerFactory.getLogger(getClass());
- // TODO remove after test.
- public static final String PATH = "/openid-redirect";
- public static final String PARAM_REDIRECT_URI = "u";
- public static final String PARAM_MODE = "mode";
- public static final String MODE_302_RESPONSE = "1";
- public static final String MODE_JAVASCRIPT_LOCATION = "2";
- public static final String MODE_META_REFRESH = "3";
- public static final String MODE_LINK = "4";
- public static final String MODE_CHAIN_JS_AND_302 = "5";
- public static final String MODE_LINK_AUTOCLICK = "6";
- @Override
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- String uri = request.getParameter(PARAM_REDIRECT_URI);
- String mode = request.getParameter(PARAM_MODE);
- logger.info("doGet: URI: {}", uri);
- if (uri == null) {
- response.sendError(400, "No redirect URI");
- }
- else if (mode == null || MODE_302_RESPONSE.equals(mode)) {
- response.sendRedirect(uri);
- }
- else if (MODE_JAVASCRIPT_LOCATION.equals(mode)) {
- response.addHeader("Content-Type", "text/html; charset=utf8");
- try (ServletOutputStream out = response.getOutputStream()) {
- // out.print("<!DOCTYPE html><html><body onload=\"window.location = '" + uri + "'\"></body></html>");
- out.print(String.format("<!DOCTYPE html><html><body><script type=\"text/javascript\">setTimeout(\"location.href = '%s';\",5000);</script>Redirecting in 5 seconds with location.href=uri</body></html>", uri));
- out.flush();
- }
- }
- else if (MODE_META_REFRESH.equals(mode)) {
- response.addHeader("Content-Type", "text/html; charset=utf8");
- try (ServletOutputStream out = response.getOutputStream()) {
- out.print("<!DOCTYPE html><html><head><meta http-equiv=\"refresh\" content=\"5; url=" + uri
- + "\"></head><body>Meta refresh test: Redirecting in 5 seconds to " + uri + "</body></html>");
- out.flush();
- }
- }
- else if (MODE_CHAIN_JS_AND_302.equals(mode)) {
- response.addHeader("Content-Type", "text/html; charset=utf8");
- try (ServletOutputStream out = response.getOutputStream()) {
- String uri302 = UriBuilder.fromPath("").queryParam(PARAM_REDIRECT_URI, uri).queryParam(PARAM_MODE, MODE_302_RESPONSE).build().toString();
- out.print(String.format("<!DOCTYPE html><html><body><script type=\"text/javascript\">setTimeout(\"location.href = '%s';\",5000);</script>Redirecting in 5 seconds with location.href=uri to %s</body></html>", uri302, uri302));
- out.flush();
- }
- }
- else if (MODE_LINK.equals(mode)) {
- response.addHeader("Content-Type", "text/html; charset=utf8");
- try (ServletOutputStream out = response.getOutputStream()) {
- out.print("<!DOCTYPE html><html><head><body><a href=\"" + uri
- + "\">Click here to redirect</a></body></html>");
- out.flush();
- }
- }
- else if (MODE_LINK_AUTOCLICK.equals(mode)) {
- response.addHeader("Content-Type", "text/html; charset=utf8");
- try (ServletOutputStream out = response.getOutputStream()) {
- out.print("<!DOCTYPE html><html><head><body><a id=\"redirectlink\" href=\"" + uri
- + "\">Click here to redirect</a> <script type='text/javascript'> alert('hello'); setTimeout(\"document.getElementById('redirectlink').click();\",3000); </script> Javascript should click this link in 3 seconds </body></html>");
- out.flush();
- }
- }
- else {
- // Unknown mode
- response.sendError(400, "Unknown mode");
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement