Java Groovy Grails
2019. 12. 5. 02:29
// this cookie works only WP is on the same server
//
def get_wp_cookie(String username, String password){ // will not work in server-side. use client-side javascript version
def JSONURL="http://"+api_server_ip+port_number+"/static/wp/api/user/generate_auth_cookie/?insecure=cool&username="+username+"&password="+password+"&seconds=3600"
println JSONURL
def jsonText = ""
try{
jsonText=JSONURL.toURL().getText(connectTimeout: 30000, readTimeout: 60000, requestProperties: [Accept: 'application/json'])
}
catch (e){
flash.message="WP autologin failed. (WP username is not found)"
return
}
JsonSlurper jsonSlurper = new JsonSlurper()
Object result = jsonSlurper.parseText(jsonText)
Map jsonResult = (Map) result;
String status = (String) jsonResult.get("status")
if (status=="ok"){
String gcookie_name = (String) jsonResult.get("cookie_name")
String gcookie = (String) jsonResult.get("cookie")
Cookie cookie = new Cookie(gcookie_name,gcookie)
cookie.maxAge = 100
cookie.setDomain(domain4cookie) // ******* this works only when domain is same as the code is running. Or will be rejected
cookie.setPath("/")
response.addCookie(cookie)
//render
println "WP cookie generation is success: "+gcookie_name+"="+gcookie
return
} else{
String error = (String) jsonResult.get("error")
//render
println "WP cookie generation is failed: "+error
return
}
return
}
def authenticated_then_setcookie(){
//println "Call authenticate_then_setcookie()"
def user = springSecurityService.currentUser
//log.debug user.username+" autologin WP"
def usernameFound=""
def passwordFound=""
Cookie[] cookies = request.getCookies();
if (cookies != null) {
for (Cookie cookie : cookies) {
if (cookie.getName().equals("u4wp")) {
//println "cookie found: u4wp="+ cookie.getValue()
usernameFound=cookie.getValue()
}
if (cookie.getName().equals("p4wp")) {
//println "cookie found: p4wp="+ cookie.getValue()
passwordFound=cookie.getValue()
}
}
}
else{
println "no cookie"
}
if (usernameFound && passwordFound){
if (SpringSecurityUtils.ifAllGranted('ROLE_ADMIN')){
get_wp_cookie(usernameFound, passwordFound)
flash.message="WP login is auto-login-ed"
} // do only when non-superuser
else {
flash.message = "You are loggedin as superusr. Be careful about changing anything."
}
}
else{
flash.message="WP login was not successful. Try to make passwords same on both."
}
//render view: "/formula/periodic_table_search3"
redirect uri: "/home"
}
Wordpress site should be in the same server. This plugin also need to be installed:
https://www.parorrey.com/solutions/json-api-user/
Finally, add the following line in grails-app/conf/application.groovy
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/login/authenticated_then_setcookie'