remove CORS, change to /ssoreset

QualitativeDataRepository · May 1, 2024 · 4eb98dd · 4eb98dd
1 parent 1f181dd
commit 4eb98dd
Showing 1 changed file with 2 additions and 13 deletions.
diff --git a/src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java b/src/main/java/edu/harvard/iq/dataverse/authorization/AuthFilter.java
@@ -2,7 +2,6 @@
 
 import edu.harvard.iq.dataverse.authorization.providers.oauth2.AbstractOAuth2AuthenticationProvider;
 import edu.harvard.iq.dataverse.authorization.providers.oauth2.oidc.OIDCAuthProvider;
-import edu.harvard.iq.dataverse.settings.SettingsServiceBean;
 import edu.harvard.iq.dataverse.util.ClockUtil;
 import edu.harvard.iq.dataverse.util.StringUtil;
 import edu.harvard.iq.dataverse.util.SystemConfig;
@@ -39,24 +38,16 @@ public class AuthFilter implements Filter {
     @EJB
     SystemConfig systemConfig;
 
-    @EJB
-    SettingsServiceBean settingsService;
-
     @Inject
     AuthenticationServiceBean authenticationSvc;
 
     @Inject
     @ClockUtil.LocalTime
     Clock clock;
-
-    //QDR setting for the Drupal URL
-    private String drupalUrl;
 
     @Override
     public void init(FilterConfig filterConfig) throws ServletException {
         logger.fine(AuthFilter.class.getName() + "initialized. filterConfig.getServletContext().getServerInfo(): " + filterConfig.getServletContext().getServerInfo());
-        drupalUrl = settingsService.getValueForKey(SettingsServiceBean.Key.QDRDrupalSiteURL);
-        logger.fine("Setting Drupal URl to : " + drupalUrl);
     }
 
     @Override
@@ -71,10 +62,8 @@ public void doFilter(ServletRequest servletRequest, ServletResponse response, Fi
             //boolean hasAuthToken = httpServletRequest.getParameter("key") != null) || (httpServletRequest.getParameter("token")!= null)  || httpServletRequest.getHeader('X-Dataverse-key');
             //~QDR specific - a means to reset the passiveChecked flag so the next access will try passive login again
             //If the origin were configurable, this might be useful in general
-            boolean ssoPath = path.equals("/sso");
-            if(ssoPath) {
-                //((HttpServletResponse) response).addHeader("Access-Control-Allow-Origin", drupalUrl);
-                //((HttpServletResponse) response).addHeader("Access-Control-Allow-Methods", "GET");
+            boolean ssoResetPath = path.equals("/ssoreset");
+            if(ssoResetPath) {
                 if ((httpSession != null) && (httpSession.getAttribute("passiveChecked") != null)) {
                     httpSession.removeAttribute("passiveChecked");
                 }