Revision 50321
Added by Panagiotis Kanakakis almost 7 years ago
modules/uoa-repository-manager-gui/branches/aai/src/main/java/eu/dnetlib/repo/manager/server/utils/FrontEndLinkURIAuthenticationSuccessHandler.java | ||
---|---|---|
2 | 2 |
|
3 | 3 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
4 | 4 |
import org.springframework.security.core.Authentication; |
5 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
5 | 6 |
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
6 | 7 |
|
7 | 8 |
import javax.servlet.ServletException; |
... | ... | |
19 | 20 |
@Override |
20 | 21 |
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException { |
21 | 22 |
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication; |
22 |
Cookie sessionCookie = new Cookie("name", authOIDC.getUserInfo().getName());
|
|
23 |
Cookie sessionCookie = new Cookie("currentUser", authOIDC.getSub());
|
|
23 | 24 |
int expireSec = -1; |
24 | 25 |
sessionCookie.setMaxAge(expireSec); |
25 | 26 |
sessionCookie.setPath("/"); |
modules/uoa-repository-manager-gui/branches/aai/src/main/java/eu/dnetlib/repo/manager/server/services/UserServiceImpl.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.repo.manager.server.services; |
2 | 2 |
|
3 |
import com.google.gwt.user.client.Cookies; |
|
3 | 4 |
import eu.dnetlib.domain.functionality.UserProfile; |
4 | 5 |
import eu.dnetlib.gwt.server.service.SpringGwtRemoteServiceServlet; |
5 | 6 |
import eu.dnetlib.repo.manager.client.services.UserService; |
... | ... | |
8 | 9 |
import eu.dnetlib.repo.manager.shared.UserAccessException; |
9 | 10 |
import eu.dnetlib.users.UserApi; |
10 | 11 |
import org.apache.log4j.Logger; |
12 |
import org.eclipse.jetty.server.Authentication; |
|
13 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
11 | 14 |
import org.springframework.beans.factory.annotation.Autowired; |
15 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
12 | 16 |
import org.springframework.stereotype.Service; |
13 | 17 |
|
14 | 18 |
import javax.servlet.ServletConfig; |
15 | 19 |
import javax.servlet.ServletException; |
20 |
import javax.servlet.http.Cookie; |
|
21 |
import javax.servlet.http.HttpSession; |
|
16 | 22 |
import java.util.ArrayList; |
17 | 23 |
import java.util.Arrays; |
18 | 24 |
import java.util.List; |
... | ... | |
243 | 249 |
|
244 | 250 |
} |
245 | 251 |
|
252 |
@Override |
|
253 |
public Tuple<UserProfile, String> checkCookie() throws Exception { |
|
254 |
OIDCAuthenticationToken authentication; |
|
255 |
try { |
|
256 |
authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
|
257 |
UserProfile userProfile = new UserProfile(); |
|
258 |
userProfile.setFirstname(authentication.getUserInfo().getGivenName()); |
|
259 |
userProfile.setLastname(authentication.getUserInfo().getFamilyName()); |
|
260 |
userProfile.setEmail(authentication.getUserInfo().getEmail()); |
|
261 |
|
|
262 |
LOGGER.debug("User email -> " + userProfile.getEmail()); |
|
263 |
|
|
264 |
|
|
265 |
String role = ""; |
|
266 |
String[] adminEmails = new String[] {"stefania.martziou@gmail.com" , "antleb@di.uoa.gr", "ant.lebesis@gmail.com", "natalia@di.uoa.gr", "pedroprincipe@sdum.uminho.pt", "dpierrakos@gmail.com", "jochen.schirrwagen@uni-bielefeld.de", "aenne.loehden@uni-bielefeld.de"}; |
|
267 |
if(Arrays.asList(adminEmails).contains(userProfile.getEmail())) |
|
268 |
role = "admin"; |
|
269 |
return new Tuple<>(userProfile, role); |
|
270 |
|
|
271 |
} catch (Exception e) { |
|
272 |
LOGGER.debug("Error on security context holder",e); |
|
273 |
LOGGER.debug(Cookies.getCookie("currentUser")); |
|
274 |
throw e; |
|
275 |
} |
|
276 |
} |
|
277 |
|
|
278 |
@Override |
|
279 |
public void clearCookie(){ |
|
280 |
SecurityContextHolder.clearContext(); |
|
281 |
Cookies.getCookie("currentUser"); |
|
282 |
} |
|
283 |
|
|
246 | 284 |
} |
modules/uoa-repository-manager-gui/branches/aai/src/main/java/eu/dnetlib/repo/manager/client/services/UserService.java | ||
---|---|---|
28 | 28 |
|
29 | 29 |
void resendActivation(String email) throws UserAccessException; |
30 | 30 |
|
31 |
Tuple<UserProfile, String> checkCookie() throws Exception; |
|
32 |
|
|
33 |
void clearCookie(); |
|
31 | 34 |
} |
modules/uoa-repository-manager-gui/branches/aai/src/main/java/eu/dnetlib/repo/manager/client/RepositoryManager.java | ||
---|---|---|
12 | 12 |
import com.google.gwt.user.client.History; |
13 | 13 |
import com.google.gwt.user.client.Window; |
14 | 14 |
import com.google.gwt.user.client.rpc.AsyncCallback; |
15 |
import com.google.gwt.user.client.ui.FlowPanel; |
|
16 |
import com.google.gwt.user.client.ui.RootPanel; |
|
17 | 15 |
import eu.dnetlib.domain.functionality.UserProfile; |
18 | 16 |
import eu.dnetlib.repo.manager.client.services.UserService; |
19 | 17 |
import eu.dnetlib.repo.manager.client.services.UserServiceAsync; |
20 | 18 |
import eu.dnetlib.repo.manager.shared.Tuple; |
21 |
import eu.dnetlib.repo.manager.shared.UserAccessException; |
|
22 | 19 |
|
23 | 20 |
import java.util.logging.Level; |
24 | 21 |
import java.util.logging.Logger; |
... | ... | |
54 | 51 |
History.addValueChangeHandler(new ValueChangeHandler<String>() { |
55 | 52 |
@Override |
56 | 53 |
public void onValueChange(ValueChangeEvent<String> event) { |
57 |
|
|
58 | 54 |
String historyToken = event.getValue(); |
59 |
|
|
60 | 55 |
if(historyToken!=null && !historyToken.equals("")) { |
61 |
|
|
62 | 56 |
String finalHistoryToken = getFinalHistoryToken(historyToken); |
63 |
|
|
57 |
Window.alert(finalHistoryToken); |
|
64 | 58 |
History.newItem(finalHistoryToken); |
65 | 59 |
NavigationManager.getInstance().navigate(finalHistoryToken); |
66 |
|
|
67 |
} else { |
|
68 |
|
|
60 |
}else { |
|
69 | 61 |
//TODO kapou peftei se loop |
70 | 62 |
History.newItem("landing"); |
71 | 63 |
NavigationManager.getInstance().navigate("landing"); |
72 | 64 |
} |
73 | 65 |
} |
74 | 66 |
}); |
67 |
checkCookie("dashboard"); |
|
68 |
addLogoutHandler(); |
|
69 |
} |
|
75 | 70 |
|
76 |
String hash = Window.Location.getHash(); |
|
77 |
String activationId = Window.Location.getParameter("activationId"); |
|
78 |
final String hashValue = hash.substring(1); |
|
71 |
private void checkCookie(final String nextPage) { |
|
72 |
userService.checkCookie(new AsyncCallback<Tuple<UserProfile, String>>() { |
|
73 |
@Override |
|
74 |
public void onFailure(Throwable throwable) { |
|
75 |
if(throwable instanceof ClassCastException) |
|
76 |
Window.alert("Authentication class exception"); |
|
77 |
else |
|
78 |
Window.alert("User not found exception"); |
|
79 | 79 |
|
80 |
if(hashValue.startsWith("activateAccount")) {
|
|
80 |
Cookies.removeCookie("currentUser");
|
|
81 | 81 |
|
82 |
Cookies.removeCookie("currentUser"); |
|
82 |
//String finalHistoryToken = getFinalHistoryToken(hashValue); |
|
83 |
History.newItem("landing"); |
|
84 |
NavigationManager.getInstance().navigate("landing"); |
|
85 |
} |
|
86 |
@Override |
|
87 |
public void onSuccess(Tuple<UserProfile, String> result) { |
|
88 |
RepositoryManager.currentUser = result.getFirst(); |
|
89 |
RepositoryManager.currentUserRole = result.getSecond(); |
|
83 | 90 |
|
84 |
if(activationId!=null) { |
|
91 |
if (RepositoryManager.currentUser != null) |
|
92 |
Document.get().getElementById("currentUser").setInnerText(RepositoryManager.currentUser.getFirstname() |
|
93 |
+ " " + RepositoryManager.currentUser.getLastname()); |
|
85 | 94 |
|
86 |
userService.activateUser(activationId, new AsyncCallback<Void>() { |
|
95 |
//TODO use role instead of email |
|
96 |
if(RepositoryManager.currentUserRole.equals("admin")) { |
|
97 |
Document.get().getElementById("admin1").getStyle().setDisplay(Style.Display.BLOCK); |
|
98 |
Document.get().getElementById("admin2").getStyle().setDisplay(Style.Display.BLOCK); |
|
99 |
} |
|
87 | 100 |
|
88 |
@Override |
|
89 |
public void onFailure(Throwable throwable) { |
|
90 |
|
|
91 |
if(throwable instanceof UserAccessException) { |
|
92 |
UserAccessException uae = (UserAccessException) throwable; |
|
93 |
LoginPage.getInstance().showSuccessfulMessage(uae.getMessage()); |
|
94 |
Window.Location.replace(GWT.getHostPageBaseURL() + "#login"); |
|
95 |
} else { |
|
96 |
//TODO |
|
97 |
} |
|
98 |
} |
|
99 |
|
|
100 |
@Override |
|
101 |
public void onSuccess(Void aVoid) { |
|
102 |
|
|
103 |
//TODO it does not show the message because it refreshes the page |
|
104 |
LoginPage.getInstance().showSuccessfulMessage("Account activation was successful! You can now log-in " + |
|
105 |
"using your account details."); |
|
106 |
Window.Location.replace(GWT.getHostPageBaseURL() + "#login"); |
|
107 |
// NavigationManager.getInstance().navigate("login"); |
|
108 |
// Window.Location.replace(GWT.getHostPageBaseURL() + "#login"); |
|
109 |
} |
|
110 |
}); |
|
111 |
|
|
112 |
} else { |
|
113 |
|
|
114 |
//TODO invalid url |
|
101 |
//String finalHistoryToken = getFinalHistoryToken(page); |
|
102 |
History.newItem(nextPage); |
|
103 |
NavigationManager.getInstance().navigate(nextPage); |
|
115 | 104 |
} |
105 |
}); |
|
106 |
} |
|
116 | 107 |
|
117 |
} else {
|
|
108 |
private void addLogoutHandler() {
|
|
118 | 109 |
|
119 |
String encryptedEmail = Cookies.getCookie("currentUser"); |
|
120 |
if (encryptedEmail == null) { |
|
110 |
$(".logoutLink").click(new Function() { |
|
121 | 111 |
|
122 |
String finalHistoryToken = getFinalHistoryToken(hashValue); |
|
123 |
History.newItem(finalHistoryToken); |
|
124 |
NavigationManager.getInstance().navigate(finalHistoryToken); |
|
112 |
public boolean f(Event e) { |
|
125 | 113 |
|
126 |
} else { |
|
127 |
|
|
128 |
userService.getUserByEmail(Crypto.decrypt(encryptedEmail), new AsyncCallback<Tuple<UserProfile, String>>() { |
|
129 |
|
|
114 |
Cookies.removeCookie("currentUser"); |
|
115 |
userService.clearCookie(new AsyncCallback<Void>() { |
|
130 | 116 |
@Override |
131 |
public void onFailure(Throwable caught) {
|
|
117 |
public void onFailure(Throwable throwable) {
|
|
132 | 118 |
|
133 |
Cookies.removeCookie("currentUser"); |
|
134 |
|
|
135 |
String finalHistoryToken = getFinalHistoryToken(hashValue); |
|
136 |
History.newItem(finalHistoryToken); |
|
137 |
NavigationManager.getInstance().navigate(finalHistoryToken); |
|
138 | 119 |
} |
139 | 120 |
|
140 | 121 |
@Override |
141 |
public void onSuccess(Tuple<UserProfile, String> result) { |
|
122 |
public void onSuccess(Void aVoid) { |
|
123 |
RepositoryManager.currentUser = null; |
|
124 |
RepositoryManager.currentUserRole = null; |
|
142 | 125 |
|
143 |
RepositoryManager.currentUser = result.getFirst(); |
|
144 |
RepositoryManager.currentUserRole = result.getSecond(); |
|
145 |
|
|
146 |
if (RepositoryManager.currentUser != null) |
|
147 |
Document.get().getElementById("currentUser").setInnerText(RepositoryManager.currentUser.getFirstname() |
|
148 |
+ " " + RepositoryManager.currentUser.getLastname()); |
|
149 |
|
|
150 |
//TODO use role instead of email |
|
151 |
if(RepositoryManager.currentUserRole.equals("admin")) { |
|
152 |
Document.get().getElementById("admin1").getStyle().setDisplay(Style.Display.BLOCK); |
|
153 |
Document.get().getElementById("admin2").getStyle().setDisplay(Style.Display.BLOCK); |
|
154 |
} |
|
155 |
|
|
156 |
String finalHistoryToken = getFinalHistoryToken(hashValue); |
|
157 |
History.newItem(finalHistoryToken); |
|
158 |
NavigationManager.getInstance().navigate(finalHistoryToken); |
|
126 |
if(RepositoryManager.currentToken.equals("landing")) |
|
127 |
NavigationManager.getInstance().navigate("landing"); |
|
128 |
else |
|
129 |
History.newItem("landing"); |
|
159 | 130 |
} |
160 | 131 |
}); |
161 |
} |
|
162 |
} |
|
163 |
|
|
164 |
addLogoutHandler(); |
|
165 |
} |
|
166 |
|
|
167 |
private void addLogoutHandler() { |
|
168 |
|
|
169 |
$(".logoutLink").click(new Function() { |
|
170 |
|
|
171 |
public boolean f(Event e) { |
|
172 |
|
|
173 |
Cookies.removeCookie("currentUser"); |
|
174 |
RepositoryManager.currentUser = null; |
|
175 |
RepositoryManager.currentUserRole = null; |
|
176 |
|
|
177 |
if(RepositoryManager.currentToken.equals("landing")) |
|
178 |
NavigationManager.getInstance().navigate("landing"); |
|
179 |
else |
|
180 |
History.newItem("landing"); |
|
181 |
|
|
182 | 132 |
return false; |
183 | 133 |
} |
184 | 134 |
}); |
modules/uoa-repository-manager-gui/branches/aai/src/main/java/eu/dnetlib/repo/manager/client/NavigationManager.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.repo.manager.client; |
2 | 2 |
|
3 |
import com.google.gwt.dev.protobuf.ServiceException; |
|
3 | 4 |
import com.google.gwt.dom.client.Document; |
4 | 5 |
import com.google.gwt.dom.client.Style; |
5 | 6 |
import com.google.gwt.user.client.History; |
7 |
import com.google.gwt.user.client.Window; |
|
6 | 8 |
import eu.dnetlib.domain.functionality.UserProfile; |
9 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
10 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
7 | 11 |
|
8 | 12 |
/** |
9 | 13 |
* Created by stefania on 12/2/15. |
... | ... | |
44 | 48 |
|
45 | 49 |
} else if (token.equals("login")) { |
46 | 50 |
|
47 |
LoginPage.getInstance().showLoginPage(); |
|
51 |
/* LoginPage.getInstance().showLoginPage();
|
|
48 | 52 |
LoginPage.LoginListener loginListener = new LoginPage.LoginListener() { |
49 | 53 |
@Override |
50 | 54 |
public void loginSucceeded(UserProfile userProfile) { |
... | ... | |
62 | 66 |
History.newItem("dashboard"); |
63 | 67 |
} |
64 | 68 |
}; |
65 |
LoginPage.getInstance().setLoginListener(loginListener); |
|
69 |
LoginPage.getInstance().setLoginListener(loginListener);*/
|
|
66 | 70 |
|
67 | 71 |
} else if (token.equals("register")) { |
68 | 72 |
|
69 |
RegisterPage.getInstance().showRegisterPage(); |
|
73 |
// RegisterPage.getInstance().showRegisterPage();
|
|
70 | 74 |
|
71 | 75 |
} else { |
72 | 76 |
|
modules/uoa-repository-manager-gui/branches/aai/src/main/resources/eu/dnetlib/repo/manager/server/springContext-repo-manager.properties | ||
---|---|---|
62 | 62 |
oidc.id = 24e83176-1312-4ba3-bc0b-ffeebea1603e |
63 | 63 |
oidc.secret = U_gLOupYu2trYIOwfxGgZkkZoOHG_zGfaViOUsXcZ7qVQuF1rcJeQYKIDX1TY3z27CIoHaqq9ht2rmAiUmBRYQ |
64 | 64 |
webapp.home = http://localhost:8380/uoa-repository-manager-gui/openid_connect_login |
65 |
webapp.front=http://localhost:8380/uoa-repository-manager-gui/ |
|
65 |
webapp.front=http://localhost:8380/uoa-repository-manager-gui/#dashboard |
Also available in: Unified diff
1. Modify web.xml file
2. Add check cookie methods on user service. Delete code for login/register/activate profile
3. Disable #login/#register uri's