From 638c1526d0a71fc422ffa9ed694afde3d51e1bc5 Mon Sep 17 00:00:00 2001
From: Thomas O'Dowd <tpodowd@cloudian.com>
Date: Tue, 10 Sep 2024 21:52:59 +0900
Subject: [PATCH] Fix the Cloudian Integration SSO Redirect link (#9656)

---
 .../cloudian/client/CloudianUtils.java        |  8 +-
 .../cloudian/CloudianUtilsTest.java           | 87 +++++++++++++++++++
 2 files changed, 89 insertions(+), 6 deletions(-)
 create mode 100644 plugins/integrations/cloudian/src/test/java/org/apache/cloudstack/cloudian/CloudianUtilsTest.java

diff --git a/plugins/integrations/cloudian/src/main/java/org/apache/cloudstack/cloudian/client/CloudianUtils.java b/plugins/integrations/cloudian/src/main/java/org/apache/cloudstack/cloudian/client/CloudianUtils.java
index 882d615ca0b..6d70e785d0a 100644
--- a/plugins/integrations/cloudian/src/main/java/org/apache/cloudstack/cloudian/client/CloudianUtils.java
+++ b/plugins/integrations/cloudian/src/main/java/org/apache/cloudstack/cloudian/client/CloudianUtils.java
@@ -81,12 +81,8 @@ public class CloudianUtils {
             return null;
         }
 
-        stringBuilder.append("&redirect=");
-        if (group.equals("0")) {
-            stringBuilder.append("admin.htm");
-        } else {
-            stringBuilder.append("explorer.htm");
-        }
+        // Redirects to dashboard for admin users or the bucket browser for regular users
+        stringBuilder.append("&redirect=/");
 
         return cmcUrlPath + "ssosecurelogin.htm?" + stringBuilder.toString();
     }
diff --git a/plugins/integrations/cloudian/src/test/java/org/apache/cloudstack/cloudian/CloudianUtilsTest.java b/plugins/integrations/cloudian/src/test/java/org/apache/cloudstack/cloudian/CloudianUtilsTest.java
new file mode 100644
index 00000000000..4bc9ce1fe28
--- /dev/null
+++ b/plugins/integrations/cloudian/src/test/java/org/apache/cloudstack/cloudian/CloudianUtilsTest.java
@@ -0,0 +1,87 @@
+// Licensed to the Apache Software Foundation (ASF) under one
+// or more contributor license agreements.  See the NOTICE file
+// distributed with this work for additional information
+// regarding copyright ownership.  The ASF licenses this file
+// to you under the Apache License, Version 2.0 (the
+// "License"); you may not use this file except in compliance
+// with the License.  You may obtain a copy of the License at
+//
+//   http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing,
+// software distributed under the License is distributed on an
+// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+// KIND, either express or implied.  See the License for the
+// specific language governing permissions and limitations
+// under the License.
+
+package org.apache.cloudstack.cloudian;
+
+import java.io.UnsupportedEncodingException;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLDecoder;
+import java.util.HashMap;
+import org.apache.cloudstack.cloudian.client.CloudianUtils;
+import org.junit.Assert;
+import org.junit.Test;
+
+public class CloudianUtilsTest {
+
+    @Test
+    public void testGenerateSSOUrl() {
+        final String cmcUrlPath = "https://cmc.cloudian.com:8443/Cloudian/";
+        final String user = "abc-def-ghi";
+        final String group = "uvw-xyz";
+        final String ssoKey = "randomkey";
+
+        // test expectations
+        final String expPath = "/Cloudian/ssosecurelogin.htm";
+        HashMap<String, String> expected = new HashMap();
+        expected.put("user", user);
+        expected.put("group", group);
+        expected.put("timestamp", null); // null value will not be checked by this test
+        expected.put("signature", null); // null value will not be checked by this test
+        expected.put("redirect", "/");
+
+        // Generated URL will be something like this
+        // https://cmc.cloudian.com:8443/Cloudian/ssosecurelogin.htm?user=abc-def-ghi&group=uvw-xyz&timestamp=1725937474949&signature=Wu1hjafeyE82mGwd1MIwrp5hPt4%3D&redirect=/
+        String output = CloudianUtils.generateSSOUrl(cmcUrlPath, user, group, ssoKey);
+        Assert.assertNotNull(output);
+
+        // Check main parts of the output URL
+        URL url = null;
+        try {
+            url = new URL(output);
+        } catch (MalformedURLException e) {
+            Assert.fail("failed to parse URL: " + output);
+        }
+        String path = url.getPath();
+        Assert.assertEquals(expPath, path);
+
+        // No easy way to check Query parameters in Java still?
+        // Just do a rudementary check as we are in charge of the URL
+        String query = url.getQuery();
+        String[] nameValues = query.split("&");
+        int matchedCount = 0;
+        for(String nameValue : nameValues) {
+            String[] nameValuePair = nameValue.split("=", 2);
+            Assert.assertEquals(nameValue, 2, nameValuePair.length);
+            String name = null;
+            String value = null;
+            try {
+                name = URLDecoder.decode(nameValuePair[0], "UTF-8");
+                value = URLDecoder.decode(nameValuePair[1], "UTF-8");
+            } catch (UnsupportedEncodingException e) {
+                Assert.fail("not expecting UTF-8 to fail");
+            }
+            Assert.assertTrue(expected.containsKey(name));
+            matchedCount++;
+            String expValue = expected.get(name);
+            if (expValue != null) {
+                Assert.assertEquals("Parameter " + name, expValue, value);
+            }
+        }
+        Assert.assertEquals("Should be 5 query parameters", 5, matchedCount);
+    }
+}