Merge pull request #6798 from ORCID/8625-awstechtogglz-redirect-token…

…-endpoint-in-puborcidorg-to-the-root-endpoint

8625 awstechtogglz redirect token endpoint in puborcidorg to the root endpoint

orcid-core/src/main/java/org/orcid/core/togglz/Features.java

@@ -5,6 +5,8 @@
 import org.togglz.core.context.FeatureContext;
 
 public enum Features implements Feature {
+    @Label("Redirect PUT token actions from *.pub.orcid.org to *.orcid.org")
+    REDIRECT_PUT_TOKEN_ENDPOINT,
 
     @Label("Stop sending notification if work has not been updated")
     STOP_SENDING_NOTIFICATION_WORK_NOT_UPDATED,

orcid-pub-web/src/main/java/org/orcid/api/filters/PutAuthTokenActionFilter.java

@@ -0,0 +1,53 @@
+package org.orcid.api.filters;
+
+import java.io.IOException;
+
+import javax.servlet.FilterChain;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import javax.ws.rs.core.Context;
+import javax.ws.rs.ext.Provider;
+
+import org.orcid.core.togglz.Features;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import org.springframework.beans.factory.annotation.Value;
+
+import org.springframework.stereotype.Component;
+import org.springframework.web.filter.OncePerRequestFilter;
+
+import liquibase.repackaged.org.apache.commons.lang3.StringUtils;
+
+@Provider
+@Component
+public class PutAuthTokenActionFilter extends OncePerRequestFilter {
+
+    private static final Logger LOGGER = LoggerFactory.getLogger(PutAuthTokenActionFilter.class);
+
+    private static final String OAUTH_TOKEN_PATH = "/oauth/token";
+
+    @Context
+    private HttpServletRequest httpServletRequest;
+
+    @Value("${org.orcid.papi.http.redirect.code:307}")
+    private int httpRedirectCode;
+
+    @Value("${org.orcid.core.baseUri}")
+    private String rootLocation;
+
+    @Override
+    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
+        if (Features.REDIRECT_PUT_TOKEN_ENDPOINT.isActive() && request.getRequestURI().contains(OAUTH_TOKEN_PATH)) {
+            response.setStatus(httpRedirectCode);
+            response.setHeader("Location", rootLocation);
+            LOGGER.debug("Redirecting PUT token request to root");
+        }
+        else {
+            filterChain.doFilter(request, response);
+        }
+    }
+}

orcid-pub-web/src/main/resources/orcid-t1-web-context.xml

@@ -20,6 +20,8 @@
 
 	<bean id="sanitizeAuthenticationFilter" class="org.orcid.core.web.filters.SanitizeAuthenticationFilter" />
 
+	<bean id="putAuthTokenActionFilter" class="org.orcid.api.filters.PutAuthTokenActionFilter" />
+
 	<bean id="corsFilter" class="org.orcid.core.web.filters.CorsFilter" />
 
     <bean id="jsonpCallbackFilter" class="org.orcid.core.web.filters.JsonpCallbackFilter" />

orcid-pub-web/src/main/webapp/WEB-INF/web.xml

@@ -57,6 +57,16 @@
 		<filter-name>sanitizeAuthenticationFilter</filter-name>
 		<url-pattern>*</url-pattern>
 	</filter-mapping>
+
+	<filter>
+		<filter-name>putAuthTokenActionFilter</filter-name>
+		<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter-class>
+	</filter>
+
+	<filter-mapping>
+		<filter-name>putAuthTokenActionFilter</filter-name>
+		<url-pattern>/oauth/token</url-pattern>
+	</filter-mapping>
 
 	<filter>
 		<filter-name>jsonpCallbackFilter</filter-name>