From 884467d2b1beab0863e578d6c51eeeea4baee9c4 Mon Sep 17 00:00:00 2001
From: Jens Hardings <jhp@moit.cl>
Date: Wed, 17 Jul 2024 12:46:52 -0400
Subject: [PATCH] fix: do not depend on WebFacade to be instantiated when
 processing SsoLoginToken

---
 .../org/moqui/impl/context/ArtifactExecutionInfoImpl.java   | 2 +-
 .../groovy/org/moqui/impl/context/UserFacadeImpl.groovy     | 6 +++---
 framework/src/main/java/org/moqui/context/UserFacade.java   | 4 +++-
 .../org/moqui/security/SingleSignOnTokenLoginHandler.java   | 5 ++++-
 4 files changed, 11 insertions(+), 6 deletions(-)

diff --git a/framework/src/main/groovy/org/moqui/impl/context/ArtifactExecutionInfoImpl.java b/framework/src/main/groovy/org/moqui/impl/context/ArtifactExecutionInfoImpl.java
index 67fe40d54..fa4f0e680 100644
--- a/framework/src/main/groovy/org/moqui/impl/context/ArtifactExecutionInfoImpl.java
+++ b/framework/src/main/groovy/org/moqui/impl/context/ArtifactExecutionInfoImpl.java
@@ -180,7 +180,7 @@ public long getChildrenRunningTime() {
     @Override
     public ArtifactExecutionInfo getParent() { return parentAeii; }
     @Override
-    public BigDecimal getPercentOfParentTime() { return parentAeii != null && endTimeNanos != 0 ?
+    public BigDecimal getPercentOfParentTime() { return parentAeii != null && endTimeNanos != 0 && parentAeii.endTimeNanos != 0 ?
         new BigDecimal((getRunningTime() / parentAeii.getRunningTime()) * 100).setScale(2, RoundingMode.HALF_UP) : BigDecimal.ZERO; }
 
 
diff --git a/framework/src/main/groovy/org/moqui/impl/context/UserFacadeImpl.groovy b/framework/src/main/groovy/org/moqui/impl/context/UserFacadeImpl.groovy
index af2aaaae7..d23c7b7e9 100644
--- a/framework/src/main/groovy/org/moqui/impl/context/UserFacadeImpl.groovy
+++ b/framework/src/main/groovy/org/moqui/impl/context/UserFacadeImpl.groovy
@@ -179,7 +179,7 @@ class UserFacadeImpl implements UserFacade {
             if (ssoAuthFlowId)
                 ssoAuthFlowId = ssoAuthFlowId.trim()
             if (!ssoAccessToken.isEmpty() && !"null".equals(ssoAccessToken) && !"undefined".equals(ssoAccessToken))
-                this.loginSsoToken(ssoAccessToken, ssoAuthFlowId)
+                this.loginSsoToken(ssoAccessToken, ssoAuthFlowId, request, response)
         }
         if (currentInfo.username == null && secureParameters.authUsername) {
             // try the Moqui-specific parameters for instant login
@@ -811,13 +811,13 @@ class UserFacadeImpl implements UserFacade {
         return loginKey
     }
 
-    @Override boolean loginSsoToken(String ssoAccessToken, String ssoAuthFlowId) {
+    @Override boolean loginSsoToken(String ssoAccessToken, String ssoAuthFlowId, HttpServletRequest request, HttpServletResponse response) {
         if (eci.resourceFacade.ssoTokenHandlerFactory == null) {
             eci.logger.error("No SingleSignOnTokenLoginHandler ToolFactory configured, cannot handle SsoToken login")
             return false
         }
         final SingleSignOnTokenLoginHandler ssoTokenLoginHandler = eci.resourceFacade.ssoTokenHandlerFactory.getInstance()
-        return ssoTokenLoginHandler.handleSsoLoginToken(eci, ssoAccessToken, ssoAuthFlowId)
+        return ssoTokenLoginHandler.handleSsoLoginToken(eci, request, response, ssoAccessToken, ssoAuthFlowId)
     }
 
     @Override boolean loginAnonymousIfNoUser() {
diff --git a/framework/src/main/java/org/moqui/context/UserFacade.java b/framework/src/main/java/org/moqui/context/UserFacade.java
index 0e5529770..a52b11567 100644
--- a/framework/src/main/java/org/moqui/context/UserFacade.java
+++ b/framework/src/main/java/org/moqui/context/UserFacade.java
@@ -15,6 +15,8 @@
 
 import org.moqui.entity.EntityValue;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
 import java.sql.Timestamp;
 import java.util.*;
 
@@ -109,7 +111,7 @@ public interface UserFacade {
      * @param ssoAccessToken the accessToken provided by the SSO server
      * @param ssoAuthFlowId the (optional) authFlowId for identifying the SSO server
      */
-    boolean loginSsoToken(String ssoAccessToken, String ssoAuthFlowId);
+    boolean loginSsoToken(String ssoAccessToken, String ssoAuthFlowId, HttpServletRequest request, HttpServletResponse response);
 
     /** If no user is logged in consider an anonymous user logged in. For internal purposes to run things that require authentication. */
     boolean loginAnonymousIfNoUser();
diff --git a/framework/src/main/java/org/moqui/security/SingleSignOnTokenLoginHandler.java b/framework/src/main/java/org/moqui/security/SingleSignOnTokenLoginHandler.java
index fe1f2004b..9668942e1 100644
--- a/framework/src/main/java/org/moqui/security/SingleSignOnTokenLoginHandler.java
+++ b/framework/src/main/java/org/moqui/security/SingleSignOnTokenLoginHandler.java
@@ -2,6 +2,9 @@
 
 import org.moqui.context.ExecutionContext;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
 public interface SingleSignOnTokenLoginHandler {
-    public boolean handleSsoLoginToken(ExecutionContext ec, String ssoAccessToken, String ssoAuthFlowId);
+    public boolean handleSsoLoginToken(ExecutionContext ec, HttpServletRequest request, HttpServletResponse response, String ssoAccessToken, String ssoAuthFlowId);
 }