简柏林 / thingskit · Commits

Commit de7b5ff994ac161454dcb6c28003806345553ecc

Authored by Andrew Shvayka
Committed by GitHub
2 parents 33f6d01a 3bc32270

Merge pull request #46 from thingsboard/master 

Detect https protocol in case of forwarding
Inline Side-by-side
Showing 2 changed files with 25 additions and 6 deletions
@@ -124,9 +124,12 @@ public class AuthController extends BaseController { @@ -124,9 +124,12 @@ public class AuthController extends BaseController {
124 HttpServletRequest request) throws ThingsboardException { 124 HttpServletRequest request) throws ThingsboardException {
125 try { 125 try {
126 UserCredentials userCredentials = userService.requestPasswordReset(email); 126 UserCredentials userCredentials = userService.requestPasswordReset(email);
127 - 127 + String scheme = request.getScheme();
  128 + if (request.getHeader("x-forwarded-proto") != null) {
  129 + scheme = request.getHeader("x-forwarded-proto");
  130 + }
128 String baseUrl = String.format("%s://%s:%d", 131 String baseUrl = String.format("%s://%s:%d",
129 - request.getScheme(), 132 + scheme,
130 request.getServerName(), 133 request.getServerName(),
131 request.getServerPort()); 134 request.getServerPort());
132 String resetPasswordUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl, 135 String resetPasswordUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl,
@@ -172,8 +175,12 @@ public class AuthController extends BaseController { @@ -172,8 +175,12 @@ public class AuthController extends BaseController {
172 UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword); 175 UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
173 User user = userService.findUserById(credentials.getUserId()); 176 User user = userService.findUserById(credentials.getUserId());
174 SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled()); 177 SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled());
  178 + String scheme = request.getScheme();
  179 + if (request.getHeader("x-forwarded-proto") != null) {
  180 + scheme = request.getHeader("x-forwarded-proto");
  181 + }
175 String baseUrl = String.format("%s://%s:%d", 182 String baseUrl = String.format("%s://%s:%d",
176 - request.getScheme(), 183 + scheme,
177 request.getServerName(), 184 request.getServerName(),
178 request.getServerPort()); 185 request.getServerPort());
179 String loginUrl = String.format("%s/login", baseUrl); 186 String loginUrl = String.format("%s/login", baseUrl);
@@ -209,8 +216,12 @@ public class AuthController extends BaseController { @@ -209,8 +216,12 @@ public class AuthController extends BaseController {
209 userCredentials = userService.saveUserCredentials(userCredentials); 216 userCredentials = userService.saveUserCredentials(userCredentials);
210 User user = userService.findUserById(userCredentials.getUserId()); 217 User user = userService.findUserById(userCredentials.getUserId());
211 SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled()); 218 SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled());
  219 + String scheme = request.getScheme();
  220 + if (request.getHeader("x-forwarded-proto") != null) {
  221 + scheme = request.getHeader("x-forwarded-proto");
  222 + }
212 String baseUrl = String.format("%s://%s:%d", 223 String baseUrl = String.format("%s://%s:%d",
213 - request.getScheme(), 224 + scheme,
214 request.getServerName(), 225 request.getServerName(),
215 request.getServerPort()); 226 request.getServerPort());
216 String loginUrl = String.format("%s/login", baseUrl); 227 String loginUrl = String.format("%s/login", baseUrl);
@@ -77,8 +77,12 @@ public class UserController extends BaseController { @@ -77,8 +77,12 @@ public class UserController extends BaseController {
77 User savedUser = checkNotNull(userService.saveUser(user)); 77 User savedUser = checkNotNull(userService.saveUser(user));
78 if (sendEmail) { 78 if (sendEmail) {
79 UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId()); 79 UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId());
  80 + String scheme = request.getScheme();
  81 + if (request.getHeader("x-forwarded-proto") != null) {
  82 + scheme = request.getHeader("x-forwarded-proto");
  83 + }
80 String baseUrl = String.format("%s://%s:%d", 84 String baseUrl = String.format("%s://%s:%d",
81 - request.getScheme(), 85 + scheme,
82 request.getServerName(), 86 request.getServerName(),
83 request.getServerPort()); 87 request.getServerPort());
84 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl, 88 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl,
@@ -107,8 +111,12 @@ public class UserController extends BaseController { @@ -107,8 +111,12 @@ public class UserController extends BaseController {
107 User user = checkNotNull(userService.findUserByEmail(email)); 111 User user = checkNotNull(userService.findUserByEmail(email));
108 UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId()); 112 UserCredentials userCredentials = userService.findUserCredentialsByUserId(user.getId());
109 if (!userCredentials.isEnabled()) { 113 if (!userCredentials.isEnabled()) {
  114 + String scheme = request.getScheme();
  115 + if (request.getHeader("x-forwarded-proto") != null) {
  116 + scheme = request.getHeader("x-forwarded-proto");
  117 + }
110 String baseUrl = String.format("%s://%s:%d", 118 String baseUrl = String.format("%s://%s:%d",
111 - request.getScheme(), 119 + scheme,
112 request.getServerName(), 120 request.getServerName(),
113 request.getServerPort()); 121 request.getServerPort());
114 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl, 122 String activateUrl = String.format("%s/api/noauth/activate?activateToken=%s", baseUrl,