Revision 49173
Added by Katerina Iatropoulou about 7 years ago
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/user/UserProfileIS.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.user.user; |
|
2 |
|
|
3 |
/** |
|
4 |
* Created by sofia on 31/10/2016. |
|
5 |
*/ |
|
6 |
public class UserProfileIS extends UserProfile { |
|
7 |
|
|
8 |
private String username, password; |
|
9 |
private String email; |
|
10 |
private String fname, lname; |
|
11 |
private String institution; |
|
12 |
|
|
13 |
public String getUsername() { |
|
14 |
return username; |
|
15 |
} |
|
16 |
|
|
17 |
public void setUsername(String username) { |
|
18 |
this.username = username; |
|
19 |
} |
|
20 |
|
|
21 |
public String getPassword() { |
|
22 |
return password; |
|
23 |
} |
|
24 |
|
|
25 |
public void setPassword(String password) { |
|
26 |
this.password = password; |
|
27 |
} |
|
28 |
|
|
29 |
public String getEmail() { |
|
30 |
return email; |
|
31 |
} |
|
32 |
|
|
33 |
public void setEmail(String email) { |
|
34 |
this.email = email; |
|
35 |
} |
|
36 |
|
|
37 |
public String getFname() { |
|
38 |
return fname; |
|
39 |
} |
|
40 |
|
|
41 |
public void setFname(String fname) { |
|
42 |
this.fname = fname; |
|
43 |
} |
|
44 |
|
|
45 |
public String getLname() { |
|
46 |
return lname; |
|
47 |
} |
|
48 |
|
|
49 |
public void setLname(String lname) { |
|
50 |
this.lname = lname; |
|
51 |
} |
|
52 |
|
|
53 |
public void setInstitution(String institution) { |
|
54 |
this.institution = institution; |
|
55 |
} |
|
56 |
|
|
57 |
public String getInstitution() { |
|
58 |
return institution; |
|
59 |
} |
|
60 |
} |
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/user/UserProfile.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.user.user; |
|
2 |
|
|
3 |
/** |
|
4 |
* Created by sofia on 31/10/2016. |
|
5 |
*/ |
|
6 |
public class UserProfile { |
|
7 |
} |
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/ldap/MUserActionsLDAP2DB.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.user.ldap; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.dao.SQLMigrationUserDAO; |
|
4 |
|
|
5 |
/** |
|
6 |
* Created by sofia on 29/11/2016. |
|
7 |
*/ |
|
8 |
public class MUserActionsLDAP2DB { |
|
9 |
|
|
10 |
|
|
11 |
} |
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/migration/Tester.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.user.migration; |
|
2 |
|
|
3 |
import com.sun.org.apache.xpath.internal.SourceTree; |
|
4 |
import com.unboundid.ldap.sdk.*; |
|
5 |
import eu.dnetlib.openaire.user.ldap.Joomla15PasswordHash; |
|
6 |
import eu.dnetlib.openaire.user.ldap.MUserActionsLDAP; |
|
7 |
import eu.dnetlib.openaire.user.ldap.UserActionsLDAP; |
|
8 |
|
|
9 |
import java.sql.SQLException; |
|
10 |
import java.util.UUID; |
|
11 |
|
|
12 |
/** |
|
13 |
* Created by sofia on 25/4/2017. |
|
14 |
*/ |
|
15 |
public class Tester { |
|
16 |
|
|
17 |
public static void main(String[] args) throws LDAPException, SQLException { |
|
18 |
|
|
19 |
// ldapsearch -x -LLL -h beta.openaire.eu -b cn=admin,dc=openaire,dc=eu |
|
20 |
// ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) |
|
21 |
|
|
22 |
// String ldapAddress = "beta.openaire.eu"; |
|
23 |
// String ldapUsername = "cn=admin,dc=openaire,dc=eu"; |
|
24 |
// String ldapPassword = ""; |
|
25 |
String ldapUsersDN = "ou=users,dc=openaire,dc=eu"; |
|
26 |
// int ldapPort = 389; |
|
27 |
// |
|
28 |
// LDAPConnection connection = new LDAPConnection(ldapAddress, ldapPort, ldapUsername, ldapPassword); |
|
29 |
|
|
30 |
LDAPConnection connection = new LDAPConnection("beta.openaire.eu", 389, "cn=admin,dc=openaire,dc=eu", ""); |
|
31 |
System.out.println("Hi"); |
|
32 |
String email = "sbaltzi@di.uoa.gr"; |
|
33 |
String password = ""; |
|
34 |
|
|
35 |
try { |
|
36 |
System.out.println("checking if user " + email + " entered a correct password when logging in"); |
|
37 |
|
|
38 |
Filter filter = Filter.createEqualityFilter("mail", email); |
|
39 |
|
|
40 |
SearchRequest searchRequest = new SearchRequest(ldapUsersDN, SearchScope.SUB, filter, "userPassword"); |
|
41 |
SearchResult searchResult = connection.search(searchRequest); |
|
42 |
|
|
43 |
for (SearchResultEntry entry : searchResult.getSearchEntries()) { |
|
44 |
if (Joomla15PasswordHash.check(password, entry.getAttributeValue("userPassword"))) |
|
45 |
System.out.println("true"); |
|
46 |
} |
|
47 |
|
|
48 |
System.out.println("false"); |
|
49 |
} |
|
50 |
finally { |
|
51 |
if (connection != null) |
|
52 |
connection.close(); |
|
53 |
} |
|
54 |
} |
|
55 |
} |
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/migration/Migration.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.user.migration; |
|
2 |
|
|
3 |
import com.unboundid.ldap.sdk.*; |
|
4 |
import eu.dnetlib.openaire.user.ldap.Joomla15PasswordHash; |
|
5 |
import eu.dnetlib.openaire.user.ldap.MUserActionsLDAP; |
|
6 |
import eu.dnetlib.openaire.user.ldap.UserActionsLDAP; |
|
7 |
import eu.dnetlib.openaire.user.store.LDAPConnector; |
|
8 |
|
|
9 |
import java.sql.SQLException; |
|
10 |
import java.util.UUID; |
|
11 |
|
|
12 |
/** |
|
13 |
* Created by sofia on 31/10/2016. |
|
14 |
*/ |
|
15 |
public class Migration { |
|
16 |
|
|
17 |
public static void main(String[] args) throws LDAPException, SQLException { |
|
18 |
|
|
19 |
//MUserActionsLDAP mUserActionsLDAP = new MUserActionsLDAP(); |
|
20 |
// UserActionsLDAP UserActionsLDAP = new UserActionsLDAP(); |
|
21 |
// try { |
|
22 |
// UserActionsLDAP.addUser("Argiro", "argiro@gmail.com", "12345678", "Argiro", "Kokogianaki"); |
|
23 |
// } catch (Exception e) { |
|
24 |
// e.printStackTrace(); |
|
25 |
// } |
|
26 |
//boolean authenticated = mUserActionsLDAP.authenticateUser("sba@di.uoa.gr", "12345678"); |
|
27 |
//System.out.println(authenticated); |
|
28 |
//System.out.println(mUserActionsLDAP.getRole("sba@di.uoa.gr", "12345678")); |
|
29 |
|
|
30 |
|
|
31 |
Attribute cn = new Attribute("cn", "Argiro"); |
|
32 |
Attribute displayName = new Attribute("displayName", "Argiro" + " " + "Kokogianaki"); |
|
33 |
Attribute mail = new Attribute("mail", "argiro@gmail.com"); |
|
34 |
Attribute givenName = new Attribute("givenName", "Argiro"); |
|
35 |
Attribute joomlaBlockUser = new Attribute("JoomlaBlockUser", "1"); |
|
36 |
Attribute joomlaGroup = new Attribute("JoomlaGroup", "Registered"); |
|
37 |
Attribute objectClass = new Attribute("objectClass", "top", "inetOrgPerson", "JoomlaUser"); |
|
38 |
Attribute userPassword = new Attribute("userPassword", Joomla15PasswordHash.create("12345678")); |
|
39 |
Attribute sn = new Attribute("sn", "Kokogianaki"); |
|
40 |
Attribute uid = new Attribute("uid", "Argiro"); |
|
41 |
// Attribute joomlaUserParams = new Attribute("JoomlaUserParams", ""); |
|
42 |
String activationId = UUID.randomUUID().toString(); |
|
43 |
Attribute x500UniqueIdentifier = new Attribute("employeeNumber", activationId); |
|
44 |
LDAPConnection connection = null; |
|
45 |
try { |
|
46 |
DN dn = new DN("uid=" + "Argiro" + "," + "ou=users,dc=openaire,dc=eu"); |
|
47 |
System.out.println("cn: " + cn + " displayName: " + displayName + " mail: " + mail + " givenName: " + givenName + " joomlaBlockUser: " + joomlaBlockUser + " joomlaGroup: " + joomlaGroup + " objectClass: " + objectClass + " userPassword: " + userPassword + " sn: " + sn + " uid: " + uid + " x500UniqueIdentifier: " + x500UniqueIdentifier); |
|
48 |
Entry entry = new Entry(dn.toNormalizedString(), cn, displayName, mail, givenName, joomlaBlockUser, joomlaGroup, objectClass, userPassword, sn, uid/* |
|
49 |
* , |
|
50 |
* joomlaUserParams |
|
51 |
*/, x500UniqueIdentifier); |
|
52 |
connection = new LDAPConnection("esperos.di.uoa.gr", 389, "cn=admin,dc=openaire,dc=eu", "serenata"); |
|
53 |
connection.add(entry); |
|
54 |
|
|
55 |
} catch (Exception e) { |
|
56 |
throw e; |
|
57 |
} finally { |
|
58 |
if (connection != null) |
|
59 |
connection.close(); |
|
60 |
} |
|
61 |
} |
|
62 |
} |
modules/uoa-user-management/trunk/src/test/java/eu/dnetlib/openaire/user/ldap/LDAPEnhancer.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.user.ldap; |
|
2 |
|
|
3 |
import com.unboundid.ldap.sdk.*; |
|
4 |
import eu.dnetlib.openaire.user.LDAPUser; |
|
5 |
import org.junit.Before; |
|
6 |
import org.junit.Test; |
|
7 |
|
|
8 |
/** |
|
9 |
* Created by kiatrop on 27/9/2017. |
|
10 |
*/ |
|
11 |
public class LDAPEnhancer { |
|
12 |
|
|
13 |
LDAPConnection ldapConnector; |
|
14 |
String ldapUsersDN; |
|
15 |
|
|
16 |
@Before |
|
17 |
public void init() throws LDAPException { |
|
18 |
ldapConnector = new LDAPConnection("esperos.di.uoa.gr", 389, "cn=admin,dc=openaire,dc=eu", "serenata"); |
|
19 |
ldapUsersDN = "ou=users,dc=openaire,dc=eu"; |
|
20 |
} |
|
21 |
|
|
22 |
@Test |
|
23 |
public void enhance() throws LDAPSearchException { |
|
24 |
Filter filter = Filter.createEqualityFilter("ou", "users"); |
|
25 |
SearchRequest searchRequest = new SearchRequest(ldapUsersDN, SearchScope.SUBORDINATE_SUBTREE, filter); |
|
26 |
SearchResult searchResult = ldapConnector.search(searchRequest); |
|
27 |
|
|
28 |
for (SearchResultEntry entry : searchResult.getSearchEntries()) { |
|
29 |
System.out.println(entry.getAttribute("dn")); |
|
30 |
} |
|
31 |
} |
|
32 |
|
|
33 |
@Test |
|
34 |
public void getUserTest() throws LDAPSearchException { |
|
35 |
String usersDN = "ou=users,dc=openaire,dc=eu"; |
|
36 |
|
|
37 |
Filter filter = Filter.createEqualityFilter("cn","kiatrop"); |
|
38 |
SearchRequest searchRequest = |
|
39 |
new SearchRequest(usersDN, SearchScope.SUB, filter, "mail", "displayName", "cn"); |
|
40 |
|
|
41 |
SearchResult searchResult = ldapConnector.search(searchRequest); |
|
42 |
LDAPUser user = new LDAPUser(); |
|
43 |
|
|
44 |
for (SearchResultEntry entry : searchResult.getSearchEntries()) { |
|
45 |
System.out.println(entry.getAttributeValue("cn")); |
|
46 |
System.out.println(entry.getAttributeValue("mail")); |
|
47 |
System.out.println(entry.getAttributeValue("displayName")); |
|
48 |
} |
|
49 |
} |
|
50 |
|
|
51 |
|
|
52 |
|
|
53 |
} |
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/ldap/UserActionsLDAP.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.openaire.user.ldap; |
2 | 2 |
|
3 |
import eu.dnetlib.openaire.user.IUserActions; |
|
4 |
import eu.dnetlib.openaire.user.user.UserProfileIS; |
|
3 |
import com.unboundid.ldap.sdk.*; |
|
5 | 4 |
import org.apache.log4j.Logger; |
6 | 5 |
|
7 | 6 |
import java.util.UUID; |
8 | 7 |
|
9 |
import com.unboundid.ldap.sdk.Attribute; |
|
10 |
import com.unboundid.ldap.sdk.DN; |
|
11 |
import com.unboundid.ldap.sdk.Entry; |
|
12 |
import com.unboundid.ldap.sdk.Filter; |
|
13 |
import com.unboundid.ldap.sdk.LDAPConnection; |
|
14 |
import com.unboundid.ldap.sdk.Modification; |
|
15 |
import com.unboundid.ldap.sdk.ModificationType; |
|
16 |
import com.unboundid.ldap.sdk.SearchRequest; |
|
17 |
import com.unboundid.ldap.sdk.SearchResult; |
|
18 |
import com.unboundid.ldap.sdk.SearchResultEntry; |
|
19 |
import com.unboundid.ldap.sdk.SearchScope; |
|
20 | 8 |
|
21 |
|
|
22 | 9 |
/** |
23 | 10 |
* Created by sofia on 31/10/2016. |
24 | 11 |
*/ |
25 |
public class UserActionsLDAP implements IUserActions {
|
|
12 |
public class UserActionsLDAP { |
|
26 | 13 |
|
27 | 14 |
transient Logger logger = Logger.getLogger(UserActionsLDAP.class); |
28 | 15 |
|
... | ... | |
32 | 19 |
private String ldapPassword; |
33 | 20 |
private String ldapUsersDN; |
34 | 21 |
|
35 |
@Override |
|
36 | 22 |
public boolean activateUser(String activationId) throws Exception { |
37 | 23 |
LDAPConnection connection = null; |
38 | 24 |
try { |
... | ... | |
65 | 51 |
} |
66 | 52 |
} |
67 | 53 |
|
68 |
@Override |
|
69 | 54 |
public String addUser(String email, String password) throws Exception { |
70 | 55 |
throw new UnsupportedOperationException(); |
71 | 56 |
} |
72 | 57 |
|
73 |
@Override |
|
74 | 58 |
public String addUser(String username, String email, String password, String firstName, String lastName) throws Exception { |
75 | 59 |
logger.debug("adding user " + username + " " + email + " to ldap"); |
76 | 60 |
Attribute cn = new Attribute("cn", username); |
... | ... | |
107 | 91 |
} |
108 | 92 |
} |
109 | 93 |
|
110 |
@Override |
|
111 | 94 |
public boolean correctCreds(String email, String password) throws Exception { |
112 | 95 |
LDAPConnection connection = null; |
113 | 96 |
try { |
... | ... | |
130 | 113 |
} |
131 | 114 |
} |
132 | 115 |
|
133 |
@Override |
|
134 | 116 |
public void editUser(String email, String fname, String lname, String inst) throws Exception { |
135 | 117 |
LDAPConnection connection = null; |
136 | 118 |
try { |
... | ... | |
157 | 139 |
} |
158 | 140 |
} |
159 | 141 |
|
142 |
/* |
|
160 | 143 |
@Override |
161 | 144 |
public eu.dnetlib.openaire.user.user.UserProfile getUser(String userIdentifier) throws Exception { |
162 | 145 |
LDAPConnection connection = null; |
... | ... | |
182 | 165 |
if (connection != null) |
183 | 166 |
connection.close(); |
184 | 167 |
} |
185 |
} |
|
168 |
}*/
|
|
186 | 169 |
|
187 |
@Override |
|
188 | 170 |
public boolean isAdmin(String email) throws Exception { |
189 | 171 |
LDAPConnection connection = null; |
190 | 172 |
try { |
... | ... | |
210 | 192 |
} |
211 | 193 |
} |
212 | 194 |
|
213 |
@Override |
|
214 | 195 |
public boolean isUserActivated(String email) throws Exception { |
215 | 196 |
LDAPConnection connection = null; |
216 | 197 |
try { |
... | ... | |
236 | 217 |
return false; |
237 | 218 |
} |
238 | 219 |
|
239 |
@Override |
|
240 | 220 |
public String prepareResetPassword(String email) throws Exception { |
241 | 221 |
LDAPConnection connection = null; |
242 | 222 |
try { |
... | ... | |
262 | 242 |
} |
263 | 243 |
} |
264 | 244 |
|
265 |
@Override |
|
266 | 245 |
public void resetPassword(String uuid, String password) throws Exception { |
267 | 246 |
LDAPConnection connection = null; |
268 | 247 |
try { |
... | ... | |
286 | 265 |
} |
287 | 266 |
} |
288 | 267 |
|
289 |
@Override |
|
290 | 268 |
public boolean userExists(String email) throws Exception { |
291 | 269 |
LDAPConnection connection = null; |
292 | 270 |
try { |
... | ... | |
309 | 287 |
} |
310 | 288 |
} |
311 | 289 |
|
312 |
@Override |
|
313 | 290 |
public boolean usernameExists(String username) throws Exception { |
314 | 291 |
LDAPConnection connection = null; |
315 | 292 |
try { |
... | ... | |
333 | 310 |
} |
334 | 311 |
} |
335 | 312 |
|
336 |
@Override |
|
337 | 313 |
public String getEmailFromUsername(String username) throws Exception { |
338 | 314 |
LDAPConnection connection = null; |
339 | 315 |
try { |
... | ... | |
355 | 331 |
} |
356 | 332 |
} |
357 | 333 |
|
334 |
public String getUsername(String email) throws LDAPException { |
|
335 |
|
|
336 |
LDAPConnection ldapConnection = new LDAPConnection(ldapAddress, ldapPort, ldapUsername, ldapPassword); |
|
337 |
|
|
338 |
Filter filter = Filter.createEqualityFilter("mail", email); |
|
339 |
SearchRequest searchRequest = new SearchRequest("dc=openaire,dc=eu", SearchScope.SUB, filter, "uid"); |
|
340 |
|
|
341 |
SearchResult searchResult = ldapConnection.search(searchRequest); |
|
342 |
|
|
343 |
if (searchResult.getSearchEntries() != null) { |
|
344 |
if (searchResult.getSearchEntries().size() > 1) { |
|
345 |
logger.warn("An email is used for two different usernames! We only keep the first one"); |
|
346 |
} |
|
347 |
|
|
348 |
if (searchResult.getSearchEntries().get(0) != null) { |
|
349 |
return searchResult.getSearchEntries().get(0).getAttributeValue("uid"); |
|
350 |
} |
|
351 |
} |
|
352 |
|
|
353 |
return null; |
|
354 |
} |
|
355 |
|
|
358 | 356 |
public void setLdapPort(int ldapPort) { |
359 | 357 |
this.ldapPort = ldapPort; |
360 | 358 |
} |
modules/uoa-user-management/trunk/src/main/java/eu/dnetlib/openaire/user/security/JWTGenerator.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.openaire.user.security; |
2 | 2 |
|
3 |
import com.google.common.base.Charsets;
|
|
3 |
import com.google.gson.JsonObject;
|
|
4 | 4 |
import eu.dnetlib.openaire.user.MigrationUser; |
5 | 5 |
import io.jsonwebtoken.Claims; |
6 | 6 |
import io.jsonwebtoken.Jwts; |
... | ... | |
11 | 11 |
|
12 | 12 |
import java.io.UnsupportedEncodingException; |
13 | 13 |
import java.net.URLEncoder; |
14 |
import java.nio.charset.Charset; |
|
15 |
import java.nio.charset.StandardCharsets; |
|
16 | 14 |
import java.text.ParseException; |
17 | 15 |
import java.util.Date; |
18 | 16 |
|
19 |
/** |
|
20 |
* Created by kiatrop on 03/04/17. |
|
21 |
*/ |
|
22 | 17 |
public class JWTGenerator { |
23 | 18 |
|
24 | 19 |
private static final Logger logger = Logger.getLogger(JWTGenerator.class); |
... | ... | |
48 | 43 |
|
49 | 44 |
try { |
50 | 45 |
|
46 |
JsonObject userInfo = authOIDC.getUserInfo().getSource(); |
|
51 | 47 |
Claims claims = Jwts.claims().setSubject(authOIDC.getUserInfo().getSub()); |
52 | 48 |
claims.put("fullname", URLEncoder.encode(authOIDC.getUserInfo().getName(), "UTF-8") + ""); |
53 | 49 |
claims.put("firstname", URLEncoder.encode(authOIDC.getUserInfo().getGivenName(), "UTF-8") + ""); |
54 | 50 |
claims.put("lastname", URLEncoder.encode(authOIDC.getUserInfo().getFamilyName(), "UTF-8") + ""); |
55 | 51 |
claims.put("email", authOIDC.getUserInfo().getEmail() + ""); |
56 |
//TODO change to edu_person_scoped_affiliations |
|
57 |
//TODO THIS IS TEST |
|
58 |
claims.put("edu_person_scoped_affiliations", "faculty"); |
|
59 |
//TODO change to correct role |
|
60 |
//TODO THIS IS TEST |
|
61 |
claims.put("role", "2"); |
|
52 |
claims.put("role", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_entitlements").toString(), "UTF-8") + ""); |
|
62 | 53 |
|
54 |
//TODO remove, We don't need it but if we are going to use it, we need to check if the user has affiliation |
|
55 |
//claims.put("edu_person_scoped_affiliations", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_scoped_affiliations").toString(), "UTF-8") + ""); |
|
56 |
|
|
63 | 57 |
//TODO remove |
64 | 58 |
//TODO THIS IS TEST |
65 | 59 |
// claims.put("fullname", URLEncoder.encode("Σοφία Μπαλτζή", "UTF-8") + ""); |
... | ... | |
78 | 72 |
logger.info("email: " + authOIDC.getUserInfo().getEmail()); |
79 | 73 |
//logger.info("Check everything"); |
80 | 74 |
logger.info("locale: " + authOIDC.getUserInfo().getSource()); |
81 |
//logger.info("edu_person_scoped_affiliations: " + authOIDC.getUserInfo().getSub());
|
|
82 |
logger.info("eduPersonScopedAffiliations: " + "faculty");
|
|
75 |
logger.info("role: " + userInfo.getAsJsonArray("edu_person_entitlements").toString());
|
|
76 |
//logger.info("affiliation: " + userInfo.getAsJsonArray("edu_person_scoped_affiliations").toString());
|
|
83 | 77 |
logger.info("expirationTime: " + exp); |
84 | 78 |
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
85 | 79 |
|
... | ... | |
117 | 111 |
|
118 | 112 |
|
119 | 113 |
public static String generateToken(UserInfo user, String secret) { |
114 |
try { |
|
120 | 115 |
|
116 |
JsonObject userInfo = user.getSource(); |
|
117 |
|
|
121 | 118 |
Claims claims = Jwts.claims().setSubject(user.getSub()); |
122 | 119 |
claims.put("email", user.getEmail() + ""); |
123 |
claims.put("role", "2");
|
|
120 |
claims.put("role", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_entitlements").toString(), "UTF-8") + "");
|
|
124 | 121 |
|
125 | 122 |
return Jwts.builder() |
126 | 123 |
.setClaims(claims) |
127 | 124 |
.signWith(SignatureAlgorithm.HS512, secret) |
128 | 125 |
.compact(); |
126 |
} catch (UnsupportedEncodingException e) { |
|
127 |
e.printStackTrace(); |
|
128 |
logger.error("UnsupportedEncodingException UTF-8 ", e); |
|
129 |
return "error"; |
|
130 |
} |
|
129 | 131 |
} |
130 | 132 |
|
131 | 133 |
} |
modules/uoa-user-management/trunk/src/main/resources/eu/dnetlib/openaire/user/springContext-userManagementService.xml | ||
---|---|---|
52 | 52 |
|
53 | 53 |
<security:custom-filter before="PRE_AUTH_FILTER" ref="openIdConnectAuthenticationFilter" /> |
54 | 54 |
|
55 |
<!--<security:logout />-->
|
|
55 |
<security:logout logout-url="/openid_logout" invalidate-session="true"/>
|
|
56 | 56 |
|
57 | 57 |
</security:http> |
58 | 58 |
|
... | ... | |
98 | 98 |
<property name="frontDomain" value="${webbapp.front.domain}"/> |
99 | 99 |
</bean> |
100 | 100 |
|
101 |
<bean id="securityContextLogoutHandler" class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>
|
|
101 |
<!--<bean id="securityContextLogoutHandler" class="org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler"/>-->
|
|
102 | 102 |
<!--<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">--> |
103 | 103 |
<!--<property name="filterProcessesUrl" value="/logout"/>--> |
104 | 104 |
<!--<constructor-arg index="0" value="/"/>--> |
... | ... | |
110 | 110 |
<!--</constructor-arg>--> |
111 | 111 |
<!--</bean>--> |
112 | 112 |
|
113 |
<!--<bean class="eu.dnetlib.openaire.user.security.FrontEndLinkURILogoutSuccessHandler" id="frontEndRedirectLogout"/>--> |
|
114 |
|
|
115 |
<!--<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter">--> |
|
116 |
<!--<property name="filterProcessesUrl" value="/logout"/>--> |
|
117 |
<!--<constructor-arg index="0" value="/"/>--> |
|
118 |
<!--<constructor-arg index="1">--> |
|
119 |
<!--<list>--> |
|
120 |
<!--<ref bean="securityContextLogoutHandler"/>--> |
|
121 |
<!--<!–ref bean="myLogoutHandler"/–>--> |
|
122 |
<!--</list>--> |
|
123 |
<!--</constructor-arg>--> |
|
124 |
<!--</bean>--> |
|
113 | 125 |
<!-- |
114 |
<bean class="eu.dnetlib.openaire.user.security.FrontEndLinkURILogoutSuccessHandler" id="frontEndRedirectLogout"/> |
|
115 |
<bean id="logoutFilter" class="org.springframework.security.web.authentication.logout.LogoutFilter"> |
|
116 |
<property name="filterProcessesUrl" value="/logout"/> |
|
117 |
<constructor-arg index="0" value="/"/> |
|
118 |
<constructor-arg index="1"> |
|
119 |
<list> |
|
120 |
<ref bean="securityContextLogoutHandler"/>--> |
|
121 |
<!--ref bean="myLogoutHandler"/--> |
|
122 |
<!-- </list> |
|
123 |
</constructor-arg> |
|
124 |
</bean>--> |
|
125 |
<!-- |
|
126 | 126 |
- |
127 | 127 |
- The authentication filter |
128 | 128 |
- |
modules/uoa-user-management/trunk/src/main/resources/eu/dnetlib/openaire/user/springContext-userManagementService.properties | ||
---|---|---|
7 | 7 |
oidc.id = 24e83176-1312-4ba3-bc0b-ffeebea1603e |
8 | 8 |
oidc.issuer = https://aai.openminted.eu/oidc/ |
9 | 9 |
oidc.home = http://mpagasas.di.uoa.gr:8080/uoa-user-management-1.0.0-SNAPSHOT/openid_connect_login |
10 |
webbapp.front = http://scoobydoo.di.uoa.gr:5000/search/find |
|
10 |
webbapp.front = http://scoobydoo.di.uoa.gr:5000/reload |
|
11 |
#webbapp.front = http://scoobydoo.di.uoa.gr:5000/search/find |
|
11 | 12 |
webbapp.front.path = / |
12 | 13 |
#webbapp.front.path = /search/ |
13 | 14 |
webbapp.front.domain = .di.uoa.gr |
modules/uoa-user-management/trunk/pom.xml | ||
---|---|---|
128 | 128 |
<artifactId>jjwt</artifactId> |
129 | 129 |
<version>0.6.0</version> |
130 | 130 |
</dependency> |
131 |
|
|
132 | 131 |
</dependencies> |
133 | 132 |
</project> |
Also available in: Unified diff
tidy up project. removing unused classes