src/main/java/com/commafeed/frontend/CommaFeedApplication.java

package com.commafeed.frontend;

import javax.enterprise.inject.spi.BeanManager;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import javax.servlet.http.Cookie;

import lombok.extern.slf4j.Slf4j;

import org.apache.wicket.Application;
import org.apache.wicket.Component;
import org.apache.wicket.Page;
import org.apache.wicket.RuntimeConfigurationType;
import org.apache.wicket.Session;
import org.apache.wicket.ajax.AjaxRequestTarget;
import org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy;
import org.apache.wicket.authorization.Action;
import org.apache.wicket.authorization.IAuthorizationStrategy;
import org.apache.wicket.authroles.authentication.AbstractAuthenticatedWebSession;
import org.apache.wicket.authroles.authentication.AuthenticatedWebApplication;
import org.apache.wicket.authroles.authorization.strategies.role.Roles;
import org.apache.wicket.cdi.CdiConfiguration;
import org.apache.wicket.cdi.ConversationPropagation;
import org.apache.wicket.core.request.handler.PageProvider;
import org.apache.wicket.core.request.handler.RenderPageRequestHandler;
import org.apache.wicket.core.request.handler.RenderPageRequestHandler.RedirectPolicy;
import org.apache.wicket.markup.head.IHeaderResponse;
import org.apache.wicket.markup.head.filter.JavaScriptFilteredIntoFooterHeaderResponse;
import org.apache.wicket.markup.html.IHeaderResponseDecorator;
import org.apache.wicket.markup.html.WebPage;
import org.apache.wicket.request.IRequestHandler;
import org.apache.wicket.request.Request;
import org.apache.wicket.request.Response;
import org.apache.wicket.request.component.IRequestableComponent;
import org.apache.wicket.request.cycle.AbstractRequestCycleListener;
import org.apache.wicket.request.cycle.RequestCycle;
import org.apache.wicket.util.cookies.CookieUtils;

import com.commafeed.backend.services.ApplicationPropertiesService;
import com.commafeed.frontend.pages.DemoLoginPage;
import com.commafeed.frontend.pages.HomePage;
import com.commafeed.frontend.pages.LogoutPage;
import com.commafeed.frontend.pages.NextUnreadRedirectPage;
import com.commafeed.frontend.pages.PasswordRecoveryCallbackPage;
import com.commafeed.frontend.pages.PasswordRecoveryPage;
import com.commafeed.frontend.pages.WelcomePage;
import com.commafeed.frontend.utils.exception.DisplayExceptionPage;

@Slf4j
public class CommaFeedApplication extends AuthenticatedWebApplication {

	public CommaFeedApplication() {
		super();
		boolean prod = ApplicationPropertiesService.get().isProduction();
		setConfigurationType(prod ? RuntimeConfigurationType.DEPLOYMENT : RuntimeConfigurationType.DEVELOPMENT);
	}

	@Override
	protected void init() {
		super.init();

		mountPage("welcome", WelcomePage.class);
		mountPage("demo", DemoLoginPage.class);

		mountPage("recover", PasswordRecoveryPage.class);
		mountPage("recover2", PasswordRecoveryCallbackPage.class);

		mountPage("logout", LogoutPage.class);
		mountPage("error", DisplayExceptionPage.class);

		mountPage("next", NextUnreadRedirectPage.class);

		setupInjection();
		setupSecurity();

		getMarkupSettings().setStripWicketTags(true);
		getMarkupSettings().setCompressWhitespace(true);
		getMarkupSettings().setDefaultMarkupEncoding("UTF-8");

		setHeaderResponseDecorator(new IHeaderResponseDecorator() {
			@Override
			public IHeaderResponse decorate(IHeaderResponse response) {
				return new JavaScriptFilteredIntoFooterHeaderResponse(response, "footer-container");
			}
		});

		getRequestCycleListeners().add(new AbstractRequestCycleListener() {
			@Override
			public IRequestHandler onException(RequestCycle cycle, Exception ex) {
				AjaxRequestTarget target = cycle.find(AjaxRequestTarget.class);
				// redirect to the error page if ajax request, render error on current page otherwise
				RedirectPolicy policy = target == null ? RedirectPolicy.NEVER_REDIRECT : RedirectPolicy.AUTO_REDIRECT;
				return new RenderPageRequestHandler(new PageProvider(new DisplayExceptionPage(ex)), policy);
			}
		});
	}

	private void setupSecurity() {
		getSecuritySettings().setAuthenticationStrategy(new DefaultAuthenticationStrategy("LoggedIn") {

			private CookieUtils cookieUtils = null;

			@Override
			protected CookieUtils getCookieUtils() {

				if (cookieUtils == null) {
					cookieUtils = new CookieUtils() {
						@Override
						protected void initializeCookie(Cookie cookie) {
							super.initializeCookie(cookie);
							cookie.setHttpOnly(true);
						}
					};
				}
				return cookieUtils;
			}
		});
		getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy() {

			@Override
			public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass) {
				boolean authorized = true;

				boolean restricted = componentClass.isAnnotationPresent(SecurityCheck.class);
				if (restricted) {
					SecurityCheck annotation = componentClass.getAnnotation(SecurityCheck.class);
					Roles roles = CommaFeedSession.get().getRoles();
					authorized = roles.hasAnyRole(new Roles(annotation.value().name()));
				}
				return authorized;
			}

			@Override
			public boolean isActionAuthorized(Component component, Action action) {
				return true;
			}
		});
	}

	@Override
	public Class<? extends Page> getHomePage() {
		return HomePage.class;
	}

	protected void setupInjection() {
		try {
			BeanManager beanManager = (BeanManager) new InitialContext().lookup("java:comp/BeanManager");
			new CdiConfiguration(beanManager).setPropagation(ConversationPropagation.NONE).configure(this);
		} catch (NamingException e) {
			log.warn("Could not locate bean manager. CDI is disabled.");
		}
	}

	@Override
	public Session newSession(Request request, Response response) {
		return new CommaFeedSession(request);
	}

	@Override
	protected Class<? extends WebPage> getSignInPageClass() {
		return WelcomePage.class;
	}

	@Override
	protected Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass() {
		return CommaFeedSession.class;
	}

	public static CommaFeedApplication get() {

		return (CommaFeedApplication) Application.get();
	}
}
initial commit 2013-03-20 20:33:42 +01:00			`package com.commafeed.frontend;`

			`import javax.enterprise.inject.spi.BeanManager;`
			`import javax.naming.InitialContext;`
			`import javax.naming.NamingException;`
secure cookie 2013-04-11 11:11:57 +02:00			`import javax.servlet.http.Cookie;`
initial commit 2013-03-20 20:33:42 +01:00
use lombok slf4j annotation 2013-08-11 11:45:32 +02:00			`import lombok.extern.slf4j.Slf4j;`

handle session expiration 2013-03-23 19:46:09 +01:00			`import org.apache.wicket.Application;`
change role to enum 2013-03-30 19:06:32 +01:00			`import org.apache.wicket.Component;`
initial commit 2013-03-20 20:33:42 +01:00			`import org.apache.wicket.Page;`
resources concat and minify in production 2013-04-28 07:47:16 +02:00			`import org.apache.wicket.RuntimeConfigurationType;`
initial commit 2013-03-20 20:33:42 +01:00			`import org.apache.wicket.Session;`
			`import org.apache.wicket.ajax.AjaxRequestTarget;`
secure cookie 2013-04-11 11:11:57 +02:00			`import org.apache.wicket.authentication.strategy.DefaultAuthenticationStrategy;`
change role to enum 2013-03-30 19:06:32 +01:00			`import org.apache.wicket.authorization.Action;`
			`import org.apache.wicket.authorization.IAuthorizationStrategy;`
initial commit 2013-03-20 20:33:42 +01:00			`import org.apache.wicket.authroles.authentication.AbstractAuthenticatedWebSession;`
			`import org.apache.wicket.authroles.authentication.AuthenticatedWebApplication;`
			`import org.apache.wicket.authroles.authorization.strategies.role.Roles;`
			`import org.apache.wicket.cdi.CdiConfiguration;`
			`import org.apache.wicket.cdi.ConversationPropagation;`
			`import org.apache.wicket.core.request.handler.PageProvider;`
			`import org.apache.wicket.core.request.handler.RenderPageRequestHandler;`
			`import org.apache.wicket.core.request.handler.RenderPageRequestHandler.RedirectPolicy;`
use a cdn when possible 2013-04-14 08:45:24 +02:00			`import org.apache.wicket.markup.head.IHeaderResponse;`
			`import org.apache.wicket.markup.head.filter.JavaScriptFilteredIntoFooterHeaderResponse;`
			`import org.apache.wicket.markup.html.IHeaderResponseDecorator;`
initial commit 2013-03-20 20:33:42 +01:00			`import org.apache.wicket.markup.html.WebPage;`
			`import org.apache.wicket.request.IRequestHandler;`
			`import org.apache.wicket.request.Request;`
			`import org.apache.wicket.request.Response;`
change role to enum 2013-03-30 19:06:32 +01:00			`import org.apache.wicket.request.component.IRequestableComponent;`
initial commit 2013-03-20 20:33:42 +01:00			`import org.apache.wicket.request.cycle.AbstractRequestCycleListener;`
			`import org.apache.wicket.request.cycle.RequestCycle;`
secure cookie 2013-04-11 11:11:57 +02:00			`import org.apache.wicket.util.cookies.CookieUtils;`
initial commit 2013-03-20 20:33:42 +01:00
use ApplicationPropertiesService 2013-07-29 16:42:52 +02:00			`import com.commafeed.backend.services.ApplicationPropertiesService;`
link to log in with demo account on the welcome page 2013-04-21 14:11:49 +02:00			`import com.commafeed.frontend.pages.DemoLoginPage;`
package refactoring 2013-03-23 16:17:19 +01:00			`import com.commafeed.frontend.pages.HomePage;`
			`import com.commafeed.frontend.pages.LogoutPage;`
bookmarklet for next unread item 2013-05-19 16:24:56 +02:00			`import com.commafeed.frontend.pages.NextUnreadRedirectPage;`
recover password (wip) 2013-05-20 21:53:13 +02:00			`import com.commafeed.frontend.pages.PasswordRecoveryCallbackPage;`
			`import com.commafeed.frontend.pages.PasswordRecoveryPage;`
fix #20 2013-04-09 11:10:26 +02:00			`import com.commafeed.frontend.pages.WelcomePage;`
initial commit 2013-03-20 20:33:42 +01:00			`import com.commafeed.frontend.utils.exception.DisplayExceptionPage;`
use webjars 2013-03-27 20:56:45 +01:00
use lombok slf4j annotation 2013-08-11 11:45:32 +02:00			`@Slf4j`
initial commit 2013-03-20 20:33:42 +01:00			`public class CommaFeedApplication extends AuthenticatedWebApplication {`

resources concat and minify in production 2013-04-28 07:47:16 +02:00			`public CommaFeedApplication() {`
			`super();`
use ApplicationPropertiesService 2013-07-29 16:42:52 +02:00			`boolean prod = ApplicationPropertiesService.get().isProduction();`
			`setConfigurationType(prod ? RuntimeConfigurationType.DEPLOYMENT : RuntimeConfigurationType.DEVELOPMENT);`
resources concat and minify in production 2013-04-28 07:47:16 +02:00			`}`
initial commit 2013-03-20 20:33:42 +01:00
			`@Override`
			`protected void init() {`
			`super.init();`

added registration on welcome page 2013-04-06 21:38:18 +02:00			`mountPage("welcome", WelcomePage.class);`
link to log in with demo account on the welcome page 2013-04-21 14:11:49 +02:00			`mountPage("demo", DemoLoginPage.class);`
apply formatter 2013-07-25 09:17:33 +02:00
recover password (wip) 2013-05-20 21:53:13 +02:00			`mountPage("recover", PasswordRecoveryPage.class);`
			`mountPage("recover2", PasswordRecoveryCallbackPage.class);`
apply formatter 2013-07-25 09:17:33 +02:00
major cleanup 2013-03-21 18:40:09 +01:00			`mountPage("logout", LogoutPage.class);`
			`mountPage("error", DisplayExceptionPage.class);`
apply formatter 2013-07-25 09:17:33 +02:00
bookmarklet for next unread item 2013-05-19 16:24:56 +02:00			`mountPage("next", NextUnreadRedirectPage.class);`
fix #20 2013-04-09 11:10:26 +02:00
initial commit 2013-03-20 20:33:42 +01:00			`setupInjection();`
bundle js libs together 2013-04-13 18:50:38 +02:00			`setupSecurity();`
initial commit 2013-03-20 20:33:42 +01:00
			`getMarkupSettings().setStripWicketTags(true);`
			`getMarkupSettings().setCompressWhitespace(true);`
			`getMarkupSettings().setDefaultMarkupEncoding("UTF-8");`

use a cdn when possible 2013-04-14 08:45:24 +02:00			`setHeaderResponseDecorator(new IHeaderResponseDecorator() {`
			`@Override`
			`public IHeaderResponse decorate(IHeaderResponse response) {`
apply formatter 2013-07-25 09:17:33 +02:00			`return new JavaScriptFilteredIntoFooterHeaderResponse(response, "footer-container");`
use a cdn when possible 2013-04-14 08:45:24 +02:00			`}`
			`});`
bundle js libs together 2013-04-13 18:50:38 +02:00
			`getRequestCycleListeners().add(new AbstractRequestCycleListener() {`
			`@Override`
			`public IRequestHandler onException(RequestCycle cycle, Exception ex) {`
			`AjaxRequestTarget target = cycle.find(AjaxRequestTarget.class);`
use ApplicationPropertiesService 2013-07-29 16:42:52 +02:00			`// redirect to the error page if ajax request, render error on current page otherwise`
apply formatter 2013-07-25 09:17:33 +02:00			`RedirectPolicy policy = target == null ? RedirectPolicy.NEVER_REDIRECT : RedirectPolicy.AUTO_REDIRECT;`
			`return new RenderPageRequestHandler(new PageProvider(new DisplayExceptionPage(ex)), policy);`
bundle js libs together 2013-04-13 18:50:38 +02:00			`}`
			`});`
			`}`

			`private void setupSecurity() {`
apply formatter 2013-07-25 09:17:33 +02:00			`getSecuritySettings().setAuthenticationStrategy(new DefaultAuthenticationStrategy("LoggedIn") {`

			`private CookieUtils cookieUtils = null;`

			`@Override`
			`protected CookieUtils getCookieUtils() {`

			`if (cookieUtils == null) {`
			`cookieUtils = new CookieUtils() {`
			`@Override`
			`protected void initializeCookie(Cookie cookie) {`
			`super.initializeCookie(cookie);`
			`cookie.setHttpOnly(true);`
change role to enum 2013-03-30 19:06:32 +01:00			`}`
apply formatter 2013-07-25 09:17:33 +02:00			`};`
			`}`
			`return cookieUtils;`
			`}`
			`});`
			`getSecuritySettings().setAuthorizationStrategy(new IAuthorizationStrategy() {`

			`@Override`
			`public <T extends IRequestableComponent> boolean isInstantiationAuthorized(Class<T> componentClass) {`
			`boolean authorized = true;`

			`boolean restricted = componentClass.isAnnotationPresent(SecurityCheck.class);`
			`if (restricted) {`
			`SecurityCheck annotation = componentClass.getAnnotation(SecurityCheck.class);`
			`Roles roles = CommaFeedSession.get().getRoles();`
			`authorized = roles.hasAnyRole(new Roles(annotation.value().name()));`
			`}`
			`return authorized;`
			`}`

			`@Override`
			`public boolean isActionAuthorized(Component component, Action action) {`
			`return true;`
			`}`
			`});`
initial commit 2013-03-20 20:33:42 +01:00			`}`

			`@Override`
			`public Class<? extends Page> getHomePage() {`
angular prototype 2013-03-21 16:22:58 +01:00			`return HomePage.class;`
initial commit 2013-03-20 20:33:42 +01:00			`}`

			`protected void setupInjection() {`
			`try {`
apply formatter 2013-07-25 09:17:33 +02:00			`BeanManager beanManager = (BeanManager) new InitialContext().lookup("java:comp/BeanManager");`
			`new CdiConfiguration(beanManager).setPropagation(ConversationPropagation.NONE).configure(this);`
initial commit 2013-03-20 20:33:42 +01:00			`} catch (NamingException e) {`
			`log.warn("Could not locate bean manager. CDI is disabled.");`
			`}`
			`}`

			`@Override`
			`public Session newSession(Request request, Response response) {`
			`return new CommaFeedSession(request);`
			`}`

			`@Override`
			`protected Class<? extends WebPage> getSignInPageClass() {`
added registration on welcome page 2013-04-06 21:38:18 +02:00			`return WelcomePage.class;`
initial commit 2013-03-20 20:33:42 +01:00			`}`

			`@Override`
			`protected Class<? extends AbstractAuthenticatedWebSession> getWebSessionClass() {`
			`return CommaFeedSession.class;`
			`}`

handle session expiration 2013-03-23 19:46:09 +01:00			`public static CommaFeedApplication get() {`

			`return (CommaFeedApplication) Application.get();`
			`}`
initial commit 2013-03-20 20:33:42 +01:00			`}`