Merge pull request #10253 from wangkx/h17845

HPCC-17845 Add logout button to common ESP pages and fix bugs

Reviewed-By: Anthony Fishbeck <anthony.fishbeck@lexisnexis.com>
Reviewed-By: Richard Chapman <rchapman@hpccsystems.com>

esp/bindings/http/platform/httpbinding.cpp

@@ -339,20 +339,7 @@ void EspHttpBinding::readAuthDomainCfg(IPropertyTree* procCfg)
         //For example, an icon file on the login page.
         const char* unrestrictedResources = authDomainTree->queryProp("@unrestrictedResources");
         if (!isEmptyString(unrestrictedResources))
-        {
-            StringArray urlArray;
-            urlArray.appendListUniq(unrestrictedResources, ",");
-            ForEachItemIn(i, urlArray)
-            {
-                const char* url = urlArray.item(i);
-                if (isEmptyString(url))
-                    continue;
-                if (isWildString(url))
-                    domainAuthResourcesWildMatch.append(url);
-                else
-                    domainAuthResources.setValue(url, true);
-            }
-        }
+            readUnrestrictedResources(unrestrictedResources);
 
         const char* _loginURL = authDomainTree->queryProp("@logonURL");
         if (!isEmptyString(_loginURL))
@@ -370,13 +357,28 @@ void EspHttpBinding::readAuthDomainCfg(IPropertyTree* procCfg)
     else
     {//old environment.xml
         domainAuthType = AuthTypeMixed;
-        domainAuthResources.setValue(DEFAULT_UNRESTRICTED_RESOURCE1, true);
-        domainAuthResourcesWildMatch.append(DEFAULT_UNRESTRICTED_RESOURCE2);
+        readUnrestrictedResources(DEFAULT_UNRESTRICTED_RESOURCES);
         loginURL.set(DEFAULT_LOGIN_URL);
     }
     domainAuthResourcesWildMatch.sortCompare(compareLength);
 }
 
+void EspHttpBinding::readUnrestrictedResources(const char* resources)
+{
+    StringArray resourceArray;
+    resourceArray.appendListUniq(resources, ",");
+    ForEachItemIn(i, resourceArray)
+    {
+        const char* resource = resourceArray.item(i);
+        if (isEmptyString(resource))
+            continue;
+        if (isWildString(resource))
+            domainAuthResourcesWildMatch.append(resource);
+        else
+            domainAuthResources.setValue(resource, true);
+    }
+}
+
 StringBuffer &EspHttpBinding::generateNamespace(IEspContext &context, CHttpRequest* request, const char *serv, const char *method, StringBuffer &ns)
 {
     ns.append("urn:hpccsystems:ws:");
@@ -1177,7 +1179,10 @@ int EspHttpBinding::onGetSoapBuilder(IEspContext &context, CHttpRequest* request
 
     VStringBuffer url("%s?%s", methodQName.str(), params.str());
     xform->setStringParameter("destination", url.str());
-        
+    const char* authMethod = context.getAuthenticationMethod();
+    if (authMethod && !strieq(authMethod, "none") && ((context.getDomainAuthType() == AuthPerSessionOnly) || (context.getDomainAuthType() == AuthTypeMixed)))
+        xform->setParameter("showLogout", "1");
+
     StringBuffer page;
     xform->transform(page);     
 
@@ -2094,11 +2099,13 @@ int EspHttpBinding::onGetXForm(IEspContext &context, CHttpRequest* request, CHtt
         StringBuffer schema;
         context.addOptions(ESPCTX_ALL_ANNOTATION);
         getSchema(schema, context, request, serv, method, true);
-        //DBGLOG("Schema: %s", schema.str());
 
         Owned<IXslTransform> xform = xslp->createXslTransform();
         xform->loadXslFromFile(StringBuffer(getCFD()).append("./xslt/gen_form.xsl").str());
         xform->setXmlSource(schema.str(), schema.length()+1);
+        const char* authMethod = context.getAuthenticationMethod();
+        if (authMethod && !strieq(authMethod, "none") && ((context.getDomainAuthType() == AuthPerSessionOnly) || (context.getDomainAuthType() == AuthTypeMixed)))
+            xform->setParameter("showLogout", "1");
 
         // params
         xform->setStringParameter("serviceName", serviceQName);

esp/bindings/http/platform/httpbinding.hpp

@@ -367,6 +367,7 @@ public:
         return false;
     }
     void readAuthDomainCfg(IPropertyTree* procCfg);
+    void readUnrestrictedResources(const char* resources);
     void setSDSSession();
 
     static void escapeSingleQuote(StringBuffer& src, StringBuffer& escaped);

esp/files/gen_form.js

@@ -497,3 +497,4 @@ function  onClickValidate(chked)
         document.getElementById("esp_sort_result").checked = false;        
     }
 }
+

esp/files/logout.js

@@ -0,0 +1,31 @@
+/*##############################################################################
+#    HPCC SYSTEMS software Copyright (C) 2017 HPCC Systems®.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+############################################################################## */
+
+function logout()
+{
+  var logoutRequest = new XMLHttpRequest();
+  logoutRequest.onreadystatechange = function()
+  { 
+    if (logoutRequest.readyState != 4)
+      console.log("Logout failed -- readyState: " + logoutRequest.readyState);
+    else if (logoutRequest.status != 200)
+      console.log("Logout failed -- status: " + logoutRequest.status);
+    else
+      parent.location = '/esp/files/userlogout.html';
+  }
+  logoutRequest.open( "GET", '/esp/logout', true );            
+  logoutRequest.send( null );
+}

esp/files/userlogout.html

@@ -12,6 +12,5 @@
     <body class="yui-skin-sam" onload="onLoad()">
         <p align="left" />
         <h3>ESP log out.</h3>
-        <h4><a href="userlogon.html" target="_top">Click here to login.</a> </h4>
     </body>
 </html>

esp/platform/espcontext.hpp

@@ -38,8 +38,7 @@
 static const char* const SESSION_ID_COOKIE = "ESPSessionID";
 static const char* const SESSION_START_URL_COOKIE = "ESPAuthURL";
 static const char* const DEFAULT_LOGIN_URL = "/esp/files/eclwatch/templates/Login.html";
-static const char* const DEFAULT_UNRESTRICTED_RESOURCE1 = "/favicon.ico";
-static const char* const DEFAULT_UNRESTRICTED_RESOURCE2 = "/esp/files/*,/esp/xslt/*";
+static const char* const DEFAULT_UNRESTRICTED_RESOURCES = "/favicon.ico,/esp/files/*,/esp/xslt/*";
 
 //xpath in dali
 static const char* const PathSessionRoot="Sessions";

esp/services/esdl_svc_engine/esdl_binding.cpp

@@ -2097,6 +2097,10 @@ int EsdlBindingImpl::onGetXForm(IEspContext &context,
                 break;
             }
         }
+        const char* authMethod = context.getAuthenticationMethod();
+        if (authMethod && !strieq(authMethod, "none") && ((context.getDomainAuthType() == AuthPerSessionOnly) || (context.getDomainAuthType() == AuthTypeMixed)))
+            xform->setParameter("showLogout", "1");
+
         xform->transform(page);
         response->setContentType("text/html");
         response->setContent(page.str());

esp/xslt/gen_form.xsl

@@ -43,6 +43,7 @@
     <xsl:param name="includeJsonReqSample" select="0"/>
     <xsl:param name="schemaRoot" select="xsd:schema"/>
     <xsl:param name="esdl_links" select="0"/>
+    <xsl:param name="showLogout" select="showLogout"/>
     
     
     <!-- ===============================================================================
@@ -103,8 +104,8 @@
                 <script type="text/javascript" src="files_/req_array.js"/>
                 <script type="text/javascript" src="files_/hashtable.js"/>
                 <script type="text/javascript" src="files_/gen_form.js"/>
+                <script type="text/javascript" src="files_/logout.js"/>
                 <script type="text/javascript">         
-  
   var isIE = (navigator.appName == "Microsoft Internet Explorer");  
   
   function getRequestFormHtml()
@@ -168,6 +169,9 @@
                                 </b>
                             </font>
                         </td>
+                        <xsl:if test="$showLogout">
+                            <td><a href="javascript:void(0)" onclick="logout();">Log Out</a></td>
+                        </xsl:if>
                     </tr>
                     <tr class='method'>
                         <td height="23" align="left">

esp/xslt/soap_page.xsl

@@ -23,6 +23,8 @@
     <xsl:param name="soapbody" select="'yy'"/>
     <xsl:param name="inhouseUser" select="false()"/>
     <xsl:param name="showhttp" select="false()"/>
+    <xsl:param name="showLogout" select="showLogout"/>
+
     <!-- ===============================================================================-->
     <xsl:template match="/">
     <html>
@@ -34,9 +36,11 @@
       <script type="text/javascript" src="/esp/files/get_input.js"/>
       <script type="text/javascript" src="/esp/files/stack.js"/>
       <script type="text/javascript" src="/esp/files/stringbuffer.js"/>
+      <script type="text/javascript" src="/esp/files/logout.js"/>
 
 <script type="text/javascript">
 var showhttp = '<xsl:value-of select="$showhttp"/>';
+
 <![CDATA[ 
   var xmlhttp = null;
 
@@ -726,6 +730,9 @@ var gMethodName = "<xsl:value-of select="$methodName"/>";;
                         <tr align="left">
                             <td height="23" bgcolor="000099" align="center"><font color="#ffffff"><b><xsl:value-of select="concat('  ', $pageName, '  ')"/></b></font></td>
                             <td height="23" align="center"><font color="#ffffff"><b><xsl:value-of select="concat($serviceName, ' / ', $methodName)"/></b></font></td>
+                            <xsl:if test="$showLogout">
+                                <td><a href="javascript:void(0)" onclick="logout();">Log Out</a></td>
+                            </xsl:if>
                         </tr>
                     </table>