Revision 56991
Added by Katerina Iatropoulou over 4 years ago
modules/dnet-openaire-users/branches/login/deploy.info | ||
---|---|---|
1 |
{ |
|
2 |
"type_source": "SVN", |
|
3 |
"goal": "package -U source:jar", |
|
4 |
"url": "http://svn-public.driver.research-infrastructures.eu/driver/dnet40/modules/dnet-openaire-users/trunk", |
|
5 |
"deploy_repository": "dnet4-snapshots", |
|
6 |
"version": "4", |
|
7 |
"mail": "antleb@di.uoa.gr, kiatrop@di.uoa.gr, sbaltzi@di.uoa.gr", |
|
8 |
"deploy_repository_url": "http://maven.research-infrastructures.eu/nexus/content/repositories/dnet4-snapshots", |
|
9 |
"name": "dnet-openaire-users" |
|
10 |
} |
|
11 |
|
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/VerifyToDeleteServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
10 |
|
|
11 |
import javax.servlet.ServletConfig; |
|
12 |
import javax.servlet.ServletException; |
|
13 |
import javax.servlet.http.HttpServlet; |
|
14 |
import javax.servlet.http.HttpServletRequest; |
|
15 |
import javax.servlet.http.HttpServletResponse; |
|
16 |
import javax.servlet.http.HttpSession; |
|
17 |
import java.io.IOException; |
|
18 |
import java.io.PrintWriter; |
|
19 |
|
|
20 |
/** |
|
21 |
* Created by sofia on 21/5/2018. |
|
22 |
*/ |
|
23 |
public class VerifyToDeleteServlet extends HttpServlet { |
|
24 |
|
|
25 |
public void init(ServletConfig config) throws ServletException { |
|
26 |
super.init(config); |
|
27 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
28 |
config.getServletContext()); |
|
29 |
} |
|
30 |
|
|
31 |
@Autowired |
|
32 |
private VerificationActions verificationActions; |
|
33 |
|
|
34 |
@Autowired |
|
35 |
private LDAPActions ldapActions; |
|
36 |
|
|
37 |
private Logger logger = Logger.getLogger(VerificationCodeServlet.class); |
|
38 |
|
|
39 |
@Override |
|
40 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
41 |
response.setContentType("text/html"); |
|
42 |
PrintWriter printWriter = response.getWriter(); |
|
43 |
|
|
44 |
String formUsername = request.getParameter("username").trim(); |
|
45 |
String formVerificationCode = request.getParameter("verification_code").trim(); |
|
46 |
|
|
47 |
try { |
|
48 |
if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) { |
|
49 |
if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) { |
|
50 |
if (!verificationActions.verificationCodeHasExpired(formUsername)) { |
|
51 |
|
|
52 |
Boolean isRegistered = false; |
|
53 |
Boolean isZombie = false; |
|
54 |
|
|
55 |
if (ldapActions.usernameExists(formUsername)) { |
|
56 |
logger.info("User " + formUsername + " is activated user!"); |
|
57 |
isRegistered = true; |
|
58 |
} else if (ldapActions.isZombieUsersUsername(formUsername)) { |
|
59 |
logger.info("User " + formUsername + " is zombie user!"); |
|
60 |
isZombie = true; |
|
61 |
} |
|
62 |
|
|
63 |
if (!isRegistered && !isZombie) { |
|
64 |
request.getSession().setAttribute("message", "Username or verification code are not valid."); |
|
65 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
66 |
} else { |
|
67 |
if (isRegistered) { |
|
68 |
ldapActions.deleteUser(formUsername); |
|
69 |
} else if (isZombie) { |
|
70 |
ldapActions.deleteZombieUser(formUsername); |
|
71 |
} |
|
72 |
verificationActions.deleteVerificationEntry(formUsername); |
|
73 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request,"successDeleteAccount.jsp")); |
|
74 |
|
|
75 |
} |
|
76 |
} else { |
|
77 |
logger.info("Verification code has expired!"); |
|
78 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp")); |
|
79 |
} |
|
80 |
} else { |
|
81 |
logger.info("Username or verification code are not valid!"); |
|
82 |
request.getSession().setAttribute("message", "Username or verification code are not valid."); |
|
83 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
84 |
} |
|
85 |
} else { |
|
86 |
if (!InputValidator.isFilled(formUsername)) { |
|
87 |
logger.info("No username"); |
|
88 |
request.getSession().setAttribute("msg_username_error", "Please enter your username."); |
|
89 |
} |
|
90 |
if (!InputValidator.isFilled(formVerificationCode)) { |
|
91 |
logger.info("No verification code"); |
|
92 |
request.getSession().setAttribute("msg_verification_code_error", "Please enter your verification code."); |
|
93 |
} |
|
94 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
95 |
} |
|
96 |
} catch (Exception ldape) { |
|
97 |
logger.error("Could not remove user with username " + formUsername, ldape); |
|
98 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
99 |
} |
|
100 |
|
|
101 |
printWriter.close(); |
|
102 |
} |
|
103 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/AddPasswordServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
4 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
6 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
10 |
|
|
11 |
import javax.servlet.ServletConfig; |
|
12 |
import javax.servlet.ServletException; |
|
13 |
import javax.servlet.http.HttpServlet; |
|
14 |
import javax.servlet.http.HttpServletRequest; |
|
15 |
import javax.servlet.http.HttpServletResponse; |
|
16 |
import javax.servlet.http.HttpSession; |
|
17 |
import java.io.IOException; |
|
18 |
import java.io.PrintWriter; |
|
19 |
|
|
20 |
/** |
|
21 |
* Created by sofia on 23/10/2017. |
|
22 |
*/ |
|
23 |
public class AddPasswordServlet extends HttpServlet { |
|
24 |
|
|
25 |
public void init(ServletConfig config) throws ServletException { |
|
26 |
super.init(config); |
|
27 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
28 |
config.getServletContext()); |
|
29 |
} |
|
30 |
|
|
31 |
@Autowired |
|
32 |
private VerificationActions verificationActions; |
|
33 |
|
|
34 |
@Autowired |
|
35 |
private LDAPActions ldapActions; |
|
36 |
|
|
37 |
private Logger logger = Logger.getLogger(AddPasswordServlet.class); |
|
38 |
|
|
39 |
@Override |
|
40 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
41 |
response.setContentType("text/html"); |
|
42 |
PrintWriter printWriter = response.getWriter(); |
|
43 |
|
|
44 |
HttpSession session = request.getSession(); |
|
45 |
String username = (String) session.getAttribute("username"); |
|
46 |
|
|
47 |
if (username == null){ |
|
48 |
logger.info("Empty username in session"); |
|
49 |
} |
|
50 |
|
|
51 |
String password = request.getParameter("password"); |
|
52 |
String confirmPassword = request.getParameter("password_conf"); |
|
53 |
|
|
54 |
if (InputValidator.isFilled(password)) { |
|
55 |
if (InputValidator.isValidPassword(password) && password.equals(confirmPassword) && username !=null) { |
|
56 |
try { |
|
57 |
ldapActions.resetPassword(username, password); |
|
58 |
logger.info("password added"); |
|
59 |
session.removeAttribute("username"); |
|
60 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "success.jsp")); |
|
61 |
} catch (Exception e) { |
|
62 |
logger.error("LDAP error in adding password", e); |
|
63 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
64 |
} |
|
65 |
} else { |
|
66 |
if (!InputValidator.isValidPassword(password)) { |
|
67 |
logger.info("No valid password"); |
|
68 |
// request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed."); |
|
69 |
} |
|
70 |
if (!password.equals(confirmPassword)) { |
|
71 |
logger.info("No matching passwords"); |
|
72 |
// request.getSession().setAttribute("msg_pass_conf_error", "These passwords don't match."); |
|
73 |
} |
|
74 |
response.sendRedirect("./addPassword.jsp"); |
|
75 |
} |
|
76 |
} else { |
|
77 |
logger.info("Empty password"); |
|
78 |
request.getSession().setAttribute("msg_password_error_display", "display:block" ); |
|
79 |
// request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed."); |
|
80 |
response.sendRedirect("./resetPassword.jsp"); |
|
81 |
} |
|
82 |
|
|
83 |
printWriter.close(); |
|
84 |
|
|
85 |
} |
|
86 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/RequestToDeleteAccountServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.EmailSender; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.user.utils.VerifyRecaptcha; |
|
7 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
8 |
import org.apache.commons.validator.routines.EmailValidator; |
|
9 |
import org.apache.log4j.Logger; |
|
10 |
import org.springframework.beans.factory.annotation.Autowired; |
|
11 |
import org.springframework.beans.factory.annotation.Value; |
|
12 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
13 |
|
|
14 |
import javax.mail.MessagingException; |
|
15 |
import javax.servlet.ServletConfig; |
|
16 |
import javax.servlet.ServletException; |
|
17 |
import javax.servlet.http.HttpServlet; |
|
18 |
import javax.servlet.http.HttpServletRequest; |
|
19 |
import javax.servlet.http.HttpServletResponse; |
|
20 |
import javax.servlet.http.HttpSession; |
|
21 |
import java.io.IOException; |
|
22 |
import java.sql.Timestamp; |
|
23 |
import java.util.Date; |
|
24 |
import java.util.UUID; |
|
25 |
|
|
26 |
/** |
|
27 |
* Created by sofia on 21/5/2018. |
|
28 |
*/ |
|
29 |
public class RequestToDeleteAccountServlet extends HttpServlet { |
|
30 |
|
|
31 |
@Autowired |
|
32 |
private VerificationActions verificationActions; |
|
33 |
|
|
34 |
@Autowired |
|
35 |
private LDAPActions ldapActions; |
|
36 |
|
|
37 |
@Autowired |
|
38 |
private EmailSender emailSender; |
|
39 |
|
|
40 |
@Value("${oidc.home}") |
|
41 |
private String oidcHomeUrl; |
|
42 |
|
|
43 |
@Value("${google.recaptcha.secret}") |
|
44 |
private String secret; |
|
45 |
|
|
46 |
@Value("${google.recaptcha.key}") |
|
47 |
private String sitekey; |
|
48 |
|
|
49 |
private static final Logger logger = Logger.getLogger(RequestActivationCodeServlet.class); |
|
50 |
|
|
51 |
public void init(ServletConfig config) throws ServletException { |
|
52 |
super.init(config); |
|
53 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
54 |
config.getServletContext()); |
|
55 |
config.getServletContext().setAttribute("sitekey", sitekey); |
|
56 |
|
|
57 |
} |
|
58 |
|
|
59 |
@Override |
|
60 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
61 |
String formEmail = request.getParameter("email").trim(); |
|
62 |
|
|
63 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response"); |
|
64 |
|
|
65 |
HttpSession session = request.getSession(); |
|
66 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
67 |
|
|
68 |
if (formEmail == null) { |
|
69 |
request.getSession().setAttribute("message", "Error reading email."); |
|
70 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
71 |
|
|
72 |
} else if (formEmail.isEmpty()) { |
|
73 |
request.getSession().setAttribute("message", "Please enter your email."); |
|
74 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
75 |
|
|
76 |
} else if (!EmailValidator.getInstance().isValid(formEmail)) { |
|
77 |
request.getSession().setAttribute("message", "Please enter a valid email."); |
|
78 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
79 |
|
|
80 |
} else if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) { |
|
81 |
request.getSession().setAttribute("reCAPTCHA_message", "You missed the reCAPTCHA validation!"); |
|
82 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
83 |
|
|
84 |
} else { |
|
85 |
|
|
86 |
try { |
|
87 |
|
|
88 |
Boolean isRegistered = false; |
|
89 |
Boolean isZombie = false; |
|
90 |
|
|
91 |
if (ldapActions.emailExists(formEmail)) { |
|
92 |
logger.info("User with email: " + formEmail + " is activated user!"); |
|
93 |
isRegistered = true; |
|
94 |
} else if (ldapActions.isZombieUsersEmail(formEmail)) { |
|
95 |
logger.info("User with email: " + formEmail + " is zombie user!"); |
|
96 |
isZombie = true; |
|
97 |
} |
|
98 |
|
|
99 |
if (!isRegistered && !isZombie) { |
|
100 |
request.getSession().setAttribute("message", "There is no user with that email."); |
|
101 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
102 |
} else { |
|
103 |
|
|
104 |
String username = null; |
|
105 |
|
|
106 |
if (isRegistered) { |
|
107 |
username = ldapActions.getUsername(formEmail); |
|
108 |
} else if (isZombie) { |
|
109 |
username = ldapActions.getZombieUsersUserName(formEmail); |
|
110 |
} |
|
111 |
|
|
112 |
UUID verificationCode = UUID.randomUUID(); |
|
113 |
Date creationDate = new Date(); |
|
114 |
String vCode = verificationCode.toString(); |
|
115 |
|
|
116 |
Timestamp timestamp = new Timestamp(creationDate.getTime()); |
|
117 |
|
|
118 |
if (!verificationActions.verificationEntryExists(username)) { |
|
119 |
verificationActions.addVerificationEntry(username, vCode, timestamp); |
|
120 |
|
|
121 |
} else { |
|
122 |
verificationActions.updateVerificationEntry(username, vCode, timestamp); |
|
123 |
} |
|
124 |
|
|
125 |
String resultPath = UrlConstructor.getRedirectUrl(request, "verifyToDelete.jsp"); |
|
126 |
String resultPathWithVCode = UrlConstructor.getVerificationLink(resultPath, vCode); |
|
127 |
|
|
128 |
String verificationCodeMsg = "<p>Hello " + username + ",</p>" + |
|
129 |
"<p> A request has been made to get a verification code to delete your OpenAIRE account. To delete your " + |
|
130 |
"account, you will need to submit your username and this verification code in order to verify that the " + |
|
131 |
"request was legitimate.</p>" + |
|
132 |
"<p>" + |
|
133 |
"The verification code is " + vCode + |
|
134 |
"</p>" + |
|
135 |
"Click the URL below and proceed with deleting your account." + |
|
136 |
"<p><a href=" + resultPathWithVCode + ">" + resultPathWithVCode + "</a></p>" + |
|
137 |
"<p>The verification code is valid for 24 hours.</p>" + |
|
138 |
"<p>Thank you,</p>" + |
|
139 |
"<p>OpenAIRE technical team</p>"; |
|
140 |
|
|
141 |
String verificationCodeSubject = "Request to delete your OpenAIRE account"; |
|
142 |
|
|
143 |
emailSender.sendEmail(formEmail, verificationCodeSubject, verificationCodeMsg); |
|
144 |
logger.info("Sending verification code to user: " + formEmail); |
|
145 |
|
|
146 |
|
|
147 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
148 |
} |
|
149 |
} catch (MessagingException e) { |
|
150 |
logger.error("Error in sending email", e); |
|
151 |
request.getSession().setAttribute("message", "Error sending email"); |
|
152 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
153 |
} catch (Exception ldape) { |
|
154 |
logger.error("Could not user with email " + formEmail, ldape); |
|
155 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
156 |
} |
|
157 |
} |
|
158 |
} |
|
159 |
|
|
160 |
public String getOidcHomeUrl() { |
|
161 |
return oidcHomeUrl; |
|
162 |
} |
|
163 |
|
|
164 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
165 |
this.oidcHomeUrl = oidcHomeUrl; |
|
166 |
} |
|
167 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/utils/UrlConstructor.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement.utils; |
|
2 |
|
|
3 |
import org.apache.log4j.Logger; |
|
4 |
|
|
5 |
import javax.servlet.http.HttpServletRequest; |
|
6 |
import java.util.UUID; |
|
7 |
|
|
8 |
/** |
|
9 |
* Created by sofia on 8/3/2018. |
|
10 |
*/ |
|
11 |
public class UrlConstructor { |
|
12 |
|
|
13 |
private static final Logger logger = Logger.getLogger(UrlConstructor.class); |
|
14 |
|
|
15 |
public static String getRedirectUrl(HttpServletRequest request, String jspPage) { |
|
16 |
|
|
17 |
String scheme = request.getScheme(); |
|
18 |
String serverName = request.getServerName(); |
|
19 |
int portNumber = request.getServerPort(); |
|
20 |
String contextPath = request.getContextPath(); |
|
21 |
|
|
22 |
String resultPath; |
|
23 |
if (portNumber == 80) { |
|
24 |
resultPath = scheme + "://" + serverName + contextPath + "/" + jspPage; |
|
25 |
} else { |
|
26 |
resultPath = scheme + "://" + serverName + ":" + portNumber + contextPath + "/" + jspPage; |
|
27 |
} |
|
28 |
|
|
29 |
if (jspPage.equals("error.jsp")) { |
|
30 |
request.getSession().setAttribute("error", "true"); |
|
31 |
} |
|
32 |
if (jspPage.equals("success.jsp")) { |
|
33 |
request.getSession().setAttribute("success", "true"); |
|
34 |
} |
|
35 |
if (jspPage.equals("successAddPassword.jsp")) { |
|
36 |
request.getSession().setAttribute("successAddPassword", "true"); |
|
37 |
} |
|
38 |
if (jspPage.equals("successDeleteAccount.jsp")) { |
|
39 |
request.getSession().setAttribute("successDeleteAccount", "true"); |
|
40 |
} |
|
41 |
if (jspPage.equals("expiredVerificationCode.jsp")) { |
|
42 |
request.getSession().setAttribute("expiredVerificationCode", "true"); |
|
43 |
} |
|
44 |
if (jspPage.equals("registerSuccess.jsp")) { |
|
45 |
request.getSession().setAttribute("registerSuccess", "true"); |
|
46 |
} |
|
47 |
if (jspPage.equals("emailSuccess.jsp")) { |
|
48 |
request.getSession().setAttribute("emailSuccess", "true"); |
|
49 |
} |
|
50 |
|
|
51 |
return resultPath; |
|
52 |
} |
|
53 |
|
|
54 |
public static String getVerificationLink(String path , String verificationCode ) { |
|
55 |
|
|
56 |
return path + "?code=" + verificationCode; |
|
57 |
|
|
58 |
} |
|
59 |
|
|
60 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/ActivationCodeServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
4 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
5 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
6 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.beans.factory.annotation.Value; |
|
10 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
11 |
|
|
12 |
import javax.servlet.ServletConfig; |
|
13 |
import javax.servlet.ServletException; |
|
14 |
import javax.servlet.http.HttpServlet; |
|
15 |
import javax.servlet.http.HttpServletRequest; |
|
16 |
import javax.servlet.http.HttpServletResponse; |
|
17 |
import javax.servlet.http.HttpSession; |
|
18 |
import java.io.IOException; |
|
19 |
import java.io.PrintWriter; |
|
20 |
|
|
21 |
/** |
|
22 |
* Created by sofia on 23/10/2017. |
|
23 |
*/ |
|
24 |
public class ActivationCodeServlet extends HttpServlet{ |
|
25 |
|
|
26 |
public void init(ServletConfig config) throws ServletException { |
|
27 |
super.init(config); |
|
28 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
29 |
config.getServletContext()); |
|
30 |
} |
|
31 |
|
|
32 |
@Autowired |
|
33 |
private VerificationActions verificationActions; |
|
34 |
|
|
35 |
@Autowired |
|
36 |
private LDAPActions ldapActions; |
|
37 |
|
|
38 |
@Value("${oidc.home}") |
|
39 |
private String oidcHomeUrl; |
|
40 |
|
|
41 |
private Logger logger = Logger.getLogger(ActivationCodeServlet.class); |
|
42 |
|
|
43 |
@Override |
|
44 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
45 |
response.setContentType("text/html"); |
|
46 |
PrintWriter printWriter = response.getWriter(); |
|
47 |
|
|
48 |
String formUsername = request.getParameter("username").trim(); |
|
49 |
String formVerificationCode = request.getParameter("verification_code").trim(); |
|
50 |
|
|
51 |
if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) { |
|
52 |
if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) { |
|
53 |
if (!verificationActions.verificationCodeHasExpired(formUsername)) { |
|
54 |
HttpSession session = request.getSession(); |
|
55 |
session.setAttribute("username", formUsername); |
|
56 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
57 |
try { |
|
58 |
ldapActions.moveUser(formUsername); |
|
59 |
} catch (Exception e) { |
|
60 |
logger.error("LDAP error in moving user", e); |
|
61 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
62 |
} |
|
63 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "registerSuccess.jsp")); |
|
64 |
} else { |
|
65 |
logger.info("Verification code has expired!"); |
|
66 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp")); |
|
67 |
} |
|
68 |
} else { |
|
69 |
logger.info("Username or activation code are not valid!"); |
|
70 |
request.getSession().setAttribute("message", "Username or activation code are not valid."); |
|
71 |
response.sendRedirect("./activate.jsp"); |
|
72 |
} |
|
73 |
} else { |
|
74 |
if (!InputValidator.isFilled(formUsername)) { |
|
75 |
logger.info("No username"); |
|
76 |
request.getSession().setAttribute("msg_username_error", "Please enter your username."); |
|
77 |
} |
|
78 |
if (!InputValidator.isFilled(formVerificationCode)) { |
|
79 |
logger.info("No activation code"); |
|
80 |
request.getSession().setAttribute("msg_activation_code_error", "Please enter your activation code."); |
|
81 |
} |
|
82 |
response.sendRedirect("./activate.jsp"); |
|
83 |
} |
|
84 |
printWriter.close(); |
|
85 |
|
|
86 |
} |
|
87 |
|
|
88 |
public String getOidcHomeUrl() { |
|
89 |
return oidcHomeUrl; |
|
90 |
} |
|
91 |
|
|
92 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
93 |
this.oidcHomeUrl = oidcHomeUrl; |
|
94 |
} |
|
95 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/VerificationCodeServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
4 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
5 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
6 |
import org.apache.log4j.Logger; |
|
7 |
import org.springframework.beans.factory.annotation.Autowired; |
|
8 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
9 |
|
|
10 |
import javax.servlet.ServletConfig; |
|
11 |
import javax.servlet.ServletException; |
|
12 |
import javax.servlet.http.HttpServlet; |
|
13 |
import javax.servlet.http.HttpServletRequest; |
|
14 |
import javax.servlet.http.HttpServletResponse; |
|
15 |
import javax.servlet.http.HttpSession; |
|
16 |
import java.io.IOException; |
|
17 |
import java.io.PrintWriter; |
|
18 |
|
|
19 |
/** |
|
20 |
* Created by kiatrop on 28/9/2017. |
|
21 |
*/ |
|
22 |
public class VerificationCodeServlet extends HttpServlet { |
|
23 |
|
|
24 |
public void init(ServletConfig config) throws ServletException { |
|
25 |
super.init(config); |
|
26 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
27 |
config.getServletContext()); |
|
28 |
} |
|
29 |
|
|
30 |
@Autowired |
|
31 |
private VerificationActions verificationActions; |
|
32 |
|
|
33 |
private Logger logger = Logger.getLogger(VerificationCodeServlet.class); |
|
34 |
|
|
35 |
@Override |
|
36 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
37 |
response.setContentType("text/html"); |
|
38 |
PrintWriter printWriter = response.getWriter(); |
|
39 |
|
|
40 |
String formUsername = request.getParameter("username").trim(); |
|
41 |
String formVerificationCode = request.getParameter("verification_code").trim(); |
|
42 |
|
|
43 |
if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) { |
|
44 |
if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) { |
|
45 |
if (!verificationActions.verificationCodeHasExpired(formUsername)) { |
|
46 |
HttpSession session = request.getSession(); |
|
47 |
session.setAttribute("username", formUsername); |
|
48 |
response.sendRedirect("./resetPassword.jsp"); |
|
49 |
} else { |
|
50 |
logger.info("Verification code has expired!"); |
|
51 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp")); |
|
52 |
} |
|
53 |
} else { |
|
54 |
logger.info("Username or verification code are not valid!"); |
|
55 |
request.getSession().setAttribute("message", "Username or verification code are not valid."); |
|
56 |
response.sendRedirect("./verify.jsp"); |
|
57 |
} |
|
58 |
} else { |
|
59 |
if (!InputValidator.isFilled(formUsername)) { |
|
60 |
logger.info("No username"); |
|
61 |
request.getSession().setAttribute("msg_username_error", "Please enter your username."); |
|
62 |
} |
|
63 |
if (!InputValidator.isFilled(formVerificationCode)) { |
|
64 |
logger.info("No verification code"); |
|
65 |
request.getSession().setAttribute("msg_verification_code_error", "Please enter your verification code."); |
|
66 |
} |
|
67 |
response.sendRedirect("./verify.jsp"); |
|
68 |
} |
|
69 |
|
|
70 |
printWriter.close(); |
|
71 |
} |
|
72 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/RemindUsernameServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import com.unboundid.ldap.sdk.LDAPException; |
|
4 |
import eu.dnetlib.openaire.user.utils.EmailSender; |
|
5 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
6 |
import eu.dnetlib.openaire.user.utils.VerifyRecaptcha; |
|
7 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
8 |
import org.apache.commons.validator.routines.EmailValidator; |
|
9 |
import org.apache.log4j.Logger; |
|
10 |
import org.springframework.beans.factory.annotation.Autowired; |
|
11 |
import org.springframework.beans.factory.annotation.Value; |
|
12 |
import org.springframework.stereotype.Component; |
|
13 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
14 |
|
|
15 |
import javax.mail.MessagingException; |
|
16 |
import javax.servlet.ServletConfig; |
|
17 |
import javax.servlet.ServletException; |
|
18 |
import javax.servlet.http.HttpServlet; |
|
19 |
import javax.servlet.http.HttpServletRequest; |
|
20 |
import javax.servlet.http.HttpServletResponse; |
|
21 |
import javax.servlet.http.HttpSession; |
|
22 |
import java.io.IOException; |
|
23 |
|
|
24 |
/** |
|
25 |
* Created by kiatrop on 2/10/2017. |
|
26 |
*/ |
|
27 |
@Component |
|
28 |
public class RemindUsernameServlet extends HttpServlet { |
|
29 |
|
|
30 |
@Autowired |
|
31 |
private LDAPActions ldapActions; |
|
32 |
|
|
33 |
@Autowired |
|
34 |
private EmailSender emailSender; |
|
35 |
|
|
36 |
@Value("${oidc.home}") |
|
37 |
private String oidcHomeUrl; |
|
38 |
|
|
39 |
@Value("${google.recaptcha.secret}") |
|
40 |
private String secret; |
|
41 |
|
|
42 |
@Value("${google.recaptcha.key}") |
|
43 |
private String sitekey; |
|
44 |
|
|
45 |
private static final Logger logger = Logger.getLogger(RemindUsernameServlet.class); |
|
46 |
|
|
47 |
public void init(ServletConfig config) throws ServletException { |
|
48 |
super.init(config); |
|
49 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
50 |
config.getServletContext()); |
|
51 |
config.getServletContext().setAttribute("sitekey", sitekey); |
|
52 |
|
|
53 |
} |
|
54 |
|
|
55 |
@Override |
|
56 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
57 |
String formEmail = request.getParameter("email").trim(); |
|
58 |
|
|
59 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response"); |
|
60 |
|
|
61 |
HttpSession session = request.getSession(); |
|
62 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
63 |
|
|
64 |
if (formEmail == null) { |
|
65 |
request.getSession().setAttribute("message", "Error reading email."); |
|
66 |
response.sendRedirect("./remindUsername.jsp"); |
|
67 |
|
|
68 |
} else if (formEmail.isEmpty()) { |
|
69 |
request.getSession().setAttribute("message", "Please enter your email."); |
|
70 |
response.sendRedirect("./remindUsername.jsp"); |
|
71 |
|
|
72 |
} else if (!EmailValidator.getInstance().isValid(formEmail)) { |
|
73 |
request.getSession().setAttribute("message", "Please enter a valid email."); |
|
74 |
response.sendRedirect("./remindUsername.jsp"); |
|
75 |
|
|
76 |
} else if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) { |
|
77 |
request.getSession().setAttribute("message", "You missed the reCAPTCHA validation!"); |
|
78 |
response.sendRedirect("./remindUsername.jsp"); |
|
79 |
|
|
80 |
} else { |
|
81 |
|
|
82 |
try { |
|
83 |
String username = ldapActions.getUsername(formEmail); |
|
84 |
if (username != null && !username.isEmpty()) { |
|
85 |
logger.info("Remind username to: "+username); |
|
86 |
String verificationCodeMsg = "<p>Hello,</p>" + |
|
87 |
"<p> A username reminder has been requested for your OpenAIRE account.</p>" + |
|
88 |
"<p> Your username is " + username + ".</p>" + |
|
89 |
"<p> Thank you, </p>" + |
|
90 |
"<p> OpenAIRE technical team</p>"; |
|
91 |
|
|
92 |
String verificationCodeSubject = "Your OpenAIRE username"; |
|
93 |
|
|
94 |
emailSender.sendEmail(formEmail, verificationCodeSubject, verificationCodeMsg); |
|
95 |
|
|
96 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "emailSuccess.jsp")); |
|
97 |
|
|
98 |
} else { |
|
99 |
request.getSession().setAttribute("message", "There is no user registered with that email."); |
|
100 |
response.sendRedirect("./remindUsername.jsp"); |
|
101 |
} |
|
102 |
|
|
103 |
} catch (LDAPException ldape) { |
|
104 |
logger.error("Could not find user with email " + formEmail, ldape); |
|
105 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
106 |
|
|
107 |
} catch (MessagingException e) { |
|
108 |
logger.error("Error in sending email", e); |
|
109 |
request.getSession().setAttribute("message", "Error sending email"); |
|
110 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "remindUsername.jsp")); |
|
111 |
} |
|
112 |
} |
|
113 |
} |
|
114 |
|
|
115 |
public String getOidcHomeUrl() { |
|
116 |
return oidcHomeUrl; |
|
117 |
} |
|
118 |
|
|
119 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
120 |
this.oidcHomeUrl = oidcHomeUrl; |
|
121 |
} |
|
122 |
|
|
123 |
} |
|
124 |
|
|
125 |
|
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/security/FrontEndLinkURIAuthenticationSuccessHandler.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement.security; |
|
2 |
|
|
3 |
import com.google.gson.Gson; |
|
4 |
import org.apache.log4j.Logger; |
|
5 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
6 |
import org.springframework.security.core.Authentication; |
|
7 |
import org.springframework.security.web.authentication.AuthenticationSuccessHandler; |
|
8 |
|
|
9 |
import javax.servlet.http.Cookie; |
|
10 |
import javax.servlet.http.HttpServletRequest; |
|
11 |
import javax.servlet.http.HttpServletResponse; |
|
12 |
import java.io.IOException; |
|
13 |
|
|
14 |
/** |
|
15 |
* Created by stefanos on 9/5/2017. |
|
16 |
*/ |
|
17 |
public class FrontEndLinkURIAuthenticationSuccessHandler implements AuthenticationSuccessHandler { |
|
18 |
|
|
19 |
private static final Logger logger = Logger.getLogger(FrontEndLinkURIAuthenticationSuccessHandler.class); |
|
20 |
|
|
21 |
private String frontEndURI; |
|
22 |
private String frontPath; |
|
23 |
private String frontDomain; |
|
24 |
|
|
25 |
@Override |
|
26 |
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IllegalArgumentException, IOException { |
|
27 |
|
|
28 |
OIDCAuthenticationToken authOIDC = (OIDCAuthenticationToken) authentication; |
|
29 |
|
|
30 |
try { |
|
31 |
|
|
32 |
// Cookie jwt = new Cookie("XCsrfToken", JWTGenerator.generateToken(authOIDC, "my-very-secret")); |
|
33 |
Cookie openAIREUser = new Cookie("openAIREUser", new Gson().toJson(JWTGenerator.generateJsonToken(authOIDC))); |
|
34 |
Cookie accessToken = new Cookie("AccessToken", authOIDC.getAccessTokenValue()); |
|
35 |
|
|
36 |
// Expire the cookies in four hours (4 * 3600) |
|
37 |
// jwt.setMaxAge(14400); |
|
38 |
openAIREUser.setMaxAge(14400); |
|
39 |
accessToken.setMaxAge(14400); |
|
40 |
|
|
41 |
//TODO DELETE LOG |
|
42 |
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
43 |
// logger.info("jwt: " + JWTGenerator.generateToken(authOIDC, "my-very-secret")); |
|
44 |
logger.info("access token: " + authOIDC.getAccessTokenValue()); |
|
45 |
logger.info("openAIREUser: " + JWTGenerator.generateJsonToken(authOIDC)); |
|
46 |
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
47 |
|
|
48 |
//TODO DELETE LOG |
|
49 |
// logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
50 |
// logger.info("refresh token: " + authOIDC.getRefreshTokenValue()); |
|
51 |
// logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
52 |
|
|
53 |
|
|
54 |
// jwt.setPath(frontPath); |
|
55 |
openAIREUser.setPath(frontPath); |
|
56 |
accessToken.setPath(frontPath); |
|
57 |
|
|
58 |
if (frontDomain!=null) { |
|
59 |
// jwt.setDomain(frontDomain); |
|
60 |
openAIREUser.setDomain(frontDomain); |
|
61 |
accessToken.setDomain(frontDomain); |
|
62 |
} |
|
63 |
|
|
64 |
// response.addCookie(jwt); |
|
65 |
response.addCookie(openAIREUser); |
|
66 |
response.addCookie(accessToken); |
|
67 |
response.sendRedirect(frontEndURI); |
|
68 |
|
|
69 |
} catch (IOException e) { |
|
70 |
logger.error("IOException in redirection ", e); |
|
71 |
throw new IOException(e); |
|
72 |
}catch (IllegalArgumentException e) { |
|
73 |
logger.error("IllegalArgumentException in redirection ", e); |
|
74 |
throw new IllegalArgumentException(e); |
|
75 |
} |
|
76 |
|
|
77 |
} |
|
78 |
|
|
79 |
public String getFrontEndURI() { |
|
80 |
return frontEndURI; |
|
81 |
} |
|
82 |
|
|
83 |
public void setFrontEndURI(String frontEndURI) { |
|
84 |
this.frontEndURI = frontEndURI; |
|
85 |
} |
|
86 |
|
|
87 |
public String getFrontPath() { |
|
88 |
return frontPath; |
|
89 |
} |
|
90 |
|
|
91 |
public void setFrontPath(String frontPath) { |
|
92 |
this.frontPath = frontPath; |
|
93 |
} |
|
94 |
|
|
95 |
public String getFrontDomain() { |
|
96 |
return frontDomain; |
|
97 |
} |
|
98 |
|
|
99 |
public void setFrontDomain(String frontDomain) { |
|
100 |
this.frontDomain = frontDomain; |
|
101 |
} |
|
102 |
} |
|
103 |
|
|
104 |
|
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/security/JWTGenerator.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement.security; |
|
2 |
|
|
3 |
import com.google.gson.JsonObject; |
|
4 |
import eu.dnetlib.openaire.user.pojos.migration.MigrationUser; |
|
5 |
import io.jsonwebtoken.Claims; |
|
6 |
import io.jsonwebtoken.Jwts; |
|
7 |
import io.jsonwebtoken.SignatureAlgorithm; |
|
8 |
import org.apache.log4j.Logger; |
|
9 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
10 |
import org.mitre.openid.connect.model.UserInfo; |
|
11 |
|
|
12 |
import java.io.UnsupportedEncodingException; |
|
13 |
import java.net.URLEncoder; |
|
14 |
import java.text.ParseException; |
|
15 |
import java.util.Date; |
|
16 |
|
|
17 |
public class JWTGenerator { |
|
18 |
|
|
19 |
private static final Logger logger = Logger.getLogger(JWTGenerator.class); |
|
20 |
|
|
21 |
public static String generateToken(MigrationUser u, String secret) { |
|
22 |
Claims claims = Jwts.claims().setSubject(u.getUsername()); |
|
23 |
claims.put("fullname", u.getFullname() + ""); |
|
24 |
claims.put("userId", u.getId() + ""); |
|
25 |
claims.put("email", u.getEmail() + ""); |
|
26 |
claims.put("role", u.getRoleId()); |
|
27 |
|
|
28 |
//expiration |
|
29 |
long nowMillis = System.currentTimeMillis(); |
|
30 |
Date now = new Date(nowMillis); |
|
31 |
long ttlMillis = 1800000; |
|
32 |
long expMillis = nowMillis + ttlMillis; |
|
33 |
Date exp = new Date(expMillis); |
|
34 |
|
|
35 |
return Jwts.builder() |
|
36 |
.setClaims(claims) |
|
37 |
.setExpiration(exp) |
|
38 |
.signWith(SignatureAlgorithm.HS512, secret) |
|
39 |
.compact(); |
|
40 |
} |
|
41 |
|
|
42 |
public static String generateToken(OIDCAuthenticationToken authOIDC, String secret) { |
|
43 |
|
|
44 |
try { |
|
45 |
|
|
46 |
JsonObject userInfo = authOIDC.getUserInfo().getSource(); |
|
47 |
Claims claims = Jwts.claims().setSubject(authOIDC.getUserInfo().getSub()); |
|
48 |
claims.put("fullname", URLEncoder.encode(authOIDC.getUserInfo().getName(), "UTF-8") + ""); |
|
49 |
|
|
50 |
if (authOIDC.getUserInfo().getGivenName() == null){ |
|
51 |
logger.info("User: " + authOIDC.getUserInfo().getName() + "doesn't have first name"); |
|
52 |
claims.put("firstname", URLEncoder.encode(" ", "UTF-8") + ""); |
|
53 |
} else { |
|
54 |
claims.put("firstname", URLEncoder.encode(authOIDC.getUserInfo().getGivenName(), "UTF-8") + ""); |
|
55 |
} |
|
56 |
if (authOIDC.getUserInfo().getFamilyName() == null){ |
|
57 |
logger.info("User: " + authOIDC.getUserInfo().getName() + "doesn't have first name"); |
|
58 |
claims.put("lastname", URLEncoder.encode(" ", "UTF-8") + ""); |
|
59 |
} else { |
|
60 |
claims.put("lastname", URLEncoder.encode(authOIDC.getUserInfo().getFamilyName(), "UTF-8") + ""); |
|
61 |
} |
|
62 |
claims.put("email", authOIDC.getUserInfo().getEmail() + ""); |
|
63 |
|
|
64 |
// if (userInfo.getAsJsonArray("eduPersonScopedAffiliation").toString() != null) { |
|
65 |
// claims.put("role", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_scoped_affiliations").toString(), "UTF-8") + ""); |
|
66 |
// } |
|
67 |
|
|
68 |
if (userInfo.getAsJsonArray("edu_person_entitlements") == null){ |
|
69 |
logger.info("User: " + authOIDC.getUserInfo().getName() + "doesn't have role"); |
|
70 |
claims.put("role", URLEncoder.encode(" ", "UTF-8") + ""); |
|
71 |
} else { |
|
72 |
claims.put("role", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_entitlements").toString(), "UTF-8") + ""); |
|
73 |
} |
|
74 |
|
|
75 |
//TODO remove, We don't need it but if we are going to use it, we need to check if the user has affiliation |
|
76 |
//claims.put("edu_person_scoped_affiliations", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_scoped_affiliations").toString(), "UTF-8") + ""); |
|
77 |
|
|
78 |
//TODO remove |
|
79 |
//TODO THIS IS TEST |
|
80 |
// claims.put("fullname", URLEncoder.encode("Σοφία Μπαλτζή", "UTF-8") + ""); |
|
81 |
// claims.put("firstname", URLEncoder.encode("Σοφία", "UTF-8") + ""); |
|
82 |
// claims.put("lastname", URLEncoder.encode("Μπαλτζή", "UTF-8") + ""); |
|
83 |
// claims.put("email", "sofie.mpl@gmail.com" + ""); |
|
84 |
// claims.put("edu_person_scoped_affiliations", "faculty"); |
|
85 |
|
|
86 |
Date exp = new Date(authOIDC.getIdToken().getJWTClaimsSet().getExpirationTime().getTime()); |
|
87 |
// logger.info("expirationTime: "+ exp); |
|
88 |
|
|
89 |
//TODO DELETE LOGS |
|
90 |
// logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
91 |
// logger.info("fullName: " + authOIDC.getUserInfo().getName()); |
|
92 |
// logger.info("firstName: " + authOIDC.getUserInfo().getGivenName()); |
|
93 |
// logger.info("lastName: " + authOIDC.getUserInfo().getFamilyName()); |
|
94 |
// logger.info("email: " + authOIDC.getUserInfo().getEmail()); |
|
95 |
// //logger.info("Check everything"); |
|
96 |
// logger.info("locale: " + authOIDC.getUserInfo().getSource()); |
|
97 |
// logger.info("role: " + userInfo.getAsJsonArray("edu_person_entitlements").toString()); |
|
98 |
// //logger.info("affiliation: " + userInfo.getAsJsonArray("edu_person_scoped_affiliations").toString()); |
|
99 |
// logger.info("expirationTime: " + exp); |
|
100 |
// logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
101 |
|
|
102 |
return Jwts.builder() |
|
103 |
.setClaims(claims) |
|
104 |
.setExpiration(exp) |
|
105 |
.signWith(SignatureAlgorithm.HS512, secret) |
|
106 |
.compact(); |
|
107 |
|
|
108 |
} catch (ParseException e) { |
|
109 |
e.printStackTrace(); |
|
110 |
logger.error("JWT Parse Exception from getting Expiration Time ", e); |
|
111 |
return "error"; |
|
112 |
} catch (UnsupportedEncodingException e) { |
|
113 |
e.printStackTrace(); |
|
114 |
logger.error("UnsupportedEncodingException UTF-8 ", e); |
|
115 |
return "error"; |
|
116 |
} |
|
117 |
} |
|
118 |
|
|
119 |
|
|
120 |
public static JsonObject generateJsonToken(OIDCAuthenticationToken authOIDC) { |
|
121 |
try { |
|
122 |
|
|
123 |
JsonObject userInfo = authOIDC.getUserInfo().getSource(); |
|
124 |
JsonObject userInfo2 = new JsonObject(); |
|
125 |
|
|
126 |
if (authOIDC.getUserInfo().getSub() == null) { |
|
127 |
logger.info("User doesn't have sub"); |
|
128 |
userInfo2.addProperty("sub", ""); |
|
129 |
} else { |
|
130 |
userInfo2.addProperty("sub", URLEncoder.encode(authOIDC.getUserInfo().getSub(), "UTF-8")); |
|
131 |
} |
|
132 |
if (authOIDC.getUserInfo().getName() == null) { |
|
133 |
logger.info("User doesn't have fullname"); |
|
134 |
userInfo2.addProperty("fullname", ""); |
|
135 |
} else { |
|
136 |
userInfo2.addProperty("fullname", URLEncoder.encode(authOIDC.getUserInfo().getName(), "UTF-8")); |
|
137 |
} |
|
138 |
if (authOIDC.getUserInfo().getGivenName() == null){ |
|
139 |
logger.info("User: " + authOIDC.getUserInfo().getName() + "doesn't have first name"); |
|
140 |
// userInfo2.addProperty("firstname", URLEncoder.encode(" ", "UTF-8") + ""); |
|
141 |
userInfo2.addProperty("firstname", ""); |
|
142 |
} else { |
|
143 |
userInfo2.addProperty("firstname", URLEncoder.encode(authOIDC.getUserInfo().getGivenName(), "UTF-8") + ""); |
|
144 |
} |
|
145 |
if (authOIDC.getUserInfo().getFamilyName() == null){ |
|
146 |
logger.info("User: " + authOIDC.getUserInfo().getName() + "doesn't have first name"); |
|
147 |
// userInfo2.addProperty("lastname", URLEncoder.encode(" ", "UTF-8") + ""); |
|
148 |
userInfo2.addProperty("lastname", ""); |
|
149 |
} else { |
|
150 |
userInfo2.addProperty("lastname", URLEncoder.encode(authOIDC.getUserInfo().getFamilyName(), "UTF-8") + ""); |
|
151 |
} |
|
152 |
userInfo2.addProperty("email", authOIDC.getUserInfo().getEmail() + ""); |
|
153 |
|
|
154 |
if (userInfo.getAsJsonArray("edu_person_entitlements") == null){ |
|
155 |
logger.info("User: " + authOIDC.getUserInfo().getName() + "doesn't have role"); |
|
156 |
// userInfo2.addProperty("role", URLEncoder.encode(" ", "UTF-8") + ""); |
|
157 |
userInfo2.addProperty("role", ""); |
|
158 |
} else { |
|
159 |
userInfo2.addProperty("role", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_entitlements").toString(), "UTF-8") + ""); |
|
160 |
} |
|
161 |
|
|
162 |
logger.info("UserINFO: " + userInfo2.toString()); |
|
163 |
return userInfo2; |
|
164 |
|
|
165 |
} catch (UnsupportedEncodingException e) { |
|
166 |
e.printStackTrace(); |
|
167 |
logger.error("UnsupportedEncodingException UTF-8 ", e); |
|
168 |
JsonObject error = new JsonObject(); |
|
169 |
error.addProperty("error", "UnsupportedEncodingException UTF-8 " + e); |
|
170 |
return error; |
|
171 |
} |
|
172 |
|
|
173 |
} |
|
174 |
|
|
175 |
//TODO DELETE IF IT IS NOT NECESSARY |
|
176 |
public static String generateAccessToken(OIDCAuthenticationToken authOIDC, String secret) { |
|
177 |
Claims claims = Jwts.claims().setId(authOIDC.getAccessTokenValue()); |
|
178 |
|
|
179 |
//TODO DELETE LOGS |
|
180 |
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
181 |
logger.info("access token: " + authOIDC.getAccessTokenValue()); |
|
182 |
logger.info("\n////////////////////////////////////////////////////////////////////////////////////////////////\n"); |
|
183 |
|
|
184 |
return Jwts.builder() |
|
185 |
.setClaims(claims) |
|
186 |
.signWith(SignatureAlgorithm.HS512, secret) |
|
187 |
.compact(); |
|
188 |
} |
|
189 |
|
|
190 |
|
|
191 |
public static String generateToken(UserInfo user, String secret) { |
|
192 |
try { |
|
193 |
|
|
194 |
JsonObject userInfo = user.getSource(); |
|
195 |
|
|
196 |
Claims claims = Jwts.claims().setSubject(user.getSub()); |
|
197 |
claims.put("email", user.getEmail() + ""); |
|
198 |
claims.put("role", URLEncoder.encode(userInfo.getAsJsonArray("edu_person_entitlements").toString(), "UTF-8") + ""); |
|
199 |
|
|
200 |
return Jwts.builder() |
|
201 |
.setClaims(claims) |
|
202 |
.signWith(SignatureAlgorithm.HS512, secret) |
|
203 |
.compact(); |
|
204 |
} catch (UnsupportedEncodingException e) { |
|
205 |
e.printStackTrace(); |
|
206 |
logger.error("UnsupportedEncodingException UTF-8 ", e); |
|
207 |
return "error"; |
|
208 |
} |
|
209 |
} |
|
210 |
|
|
211 |
} |
|
212 |
|
|
213 |
|
|
214 |
|
|
215 |
|
|
216 |
// How to add it manually |
|
217 |
// long nowMillis = System.currentTimeMillis(); |
|
218 |
// //This is my token |
|
219 |
// try { |
|
220 |
// String jwt = Jwts.builder() |
|
221 |
// .setSubject("Argiro") |
|
222 |
// .setExpiration(new Date(nowMillis+1800000)) |
|
223 |
// .claim("fullname", "Argiro Kokogianaki") |
|
224 |
// .claim("id", "8") |
|
225 |
// .claim("email", "argiro@gmail.com") |
|
226 |
// .claim("role","2") |
|
227 |
// .signWith( |
|
228 |
// SignatureAlgorithm.HS512, |
|
229 |
// "my-very-secret".getBytes("UTF-8") |
|
230 |
// ) |
|
231 |
// .compact(); |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import com.unboundid.ldap.sdk.LDAPException; |
|
4 |
import eu.dnetlib.openaire.user.utils.*; |
|
5 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
6 |
import org.apache.commons.validator.routines.EmailValidator; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.beans.factory.annotation.Value; |
|
10 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
11 |
|
|
12 |
import javax.mail.MessagingException; |
|
13 |
import javax.servlet.ServletConfig; |
|
14 |
import javax.servlet.ServletException; |
|
15 |
import javax.servlet.http.HttpServlet; |
|
16 |
import javax.servlet.http.HttpServletRequest; |
|
17 |
import javax.servlet.http.HttpServletResponse; |
|
18 |
import java.io.IOException; |
|
19 |
import java.sql.Timestamp; |
|
20 |
import java.util.Date; |
|
21 |
import java.util.UUID; |
|
22 |
/** |
|
23 |
* Created by kiatrop on 28/9/2017. |
|
24 |
*/ |
|
25 |
|
|
26 |
public class ForgotPasswordServlet extends HttpServlet { |
|
27 |
|
|
28 |
@Autowired |
|
29 |
private LDAPActions ldapActions; |
|
30 |
|
|
31 |
@Autowired |
|
32 |
private VerificationActions verificationActions; |
|
33 |
|
|
34 |
@Autowired |
|
35 |
private EmailSender emailSender; |
|
36 |
|
|
37 |
@Value("${google.recaptcha.secret}") |
|
38 |
private String secret; |
|
39 |
|
|
40 |
@Value("${google.recaptcha.key}") |
|
41 |
private String sitekey; |
|
42 |
|
|
43 |
private Logger logger = Logger.getLogger(ForgotPasswordServlet.class); |
|
44 |
|
|
45 |
public void init(ServletConfig config) throws ServletException { |
|
46 |
super.init(config); |
|
47 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
48 |
config.getServletContext()); |
|
49 |
config.getServletContext().setAttribute("sitekey", sitekey); |
|
50 |
|
|
51 |
} |
|
52 |
|
|
53 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
54 |
|
|
55 |
String formEmail = request.getParameter("email").trim(); |
|
56 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response"); |
|
57 |
|
|
58 |
|
|
59 |
if (formEmail == null) { |
|
60 |
request.getSession().setAttribute("message", "Error reading email."); |
|
61 |
response.sendRedirect("./forgotPassword.jsp"); |
|
62 |
} else if (formEmail.isEmpty()) { |
|
63 |
request.getSession().setAttribute("message", "Please enter your email."); |
|
64 |
response.sendRedirect("./forgotPassword.jsp"); |
|
65 |
} else if (!EmailValidator.getInstance().isValid(formEmail)) { |
|
66 |
request.getSession().setAttribute("message", "Please enter a valid email."); |
|
67 |
response.sendRedirect("./forgotPassword.jsp"); |
|
68 |
} else if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) { |
|
69 |
request.getSession().setAttribute("message", "You missed the reCAPTCHA validation!"); |
|
70 |
response.sendRedirect("./forgotPassword.jsp"); |
|
71 |
} else { |
|
72 |
try { |
|
73 |
String username = ldapActions.getUsername(formEmail); |
|
74 |
if (username == null || username.isEmpty()) { |
|
75 |
request.getSession().setAttribute("message", "There is no user registered with that email."); |
|
76 |
response.sendRedirect("./forgotPassword.jsp"); |
|
77 |
} else { |
|
78 |
UUID verificationCode = UUID.randomUUID(); |
|
79 |
Date creationDate = new Date(); |
|
80 |
String vCode = verificationCode.toString(); |
|
81 |
|
|
82 |
Timestamp timestamp = new Timestamp(creationDate.getTime()); |
|
83 |
|
|
84 |
if (!verificationActions.verificationEntryExists(username)) { |
|
85 |
verificationActions.addVerificationEntry(username, vCode, timestamp); |
|
86 |
|
|
87 |
} else { |
|
88 |
verificationActions.updateVerificationEntry(username, vCode, timestamp); |
|
89 |
} |
|
90 |
|
|
91 |
String resultPath = UrlConstructor.getRedirectUrl(request, "verify.jsp"); |
|
92 |
String resultPathWithVCode = UrlConstructor.getVerificationLink(resultPath, vCode); |
|
93 |
|
|
94 |
String verificationCodeMsg = "<p>Hello,</p>" + |
|
95 |
"<p> A request has been made to reset your OpenAIRE account password. To reset your " + |
|
96 |
"password, you will need to submit this verification code in order to verify that the " + |
|
97 |
"request was legitimate.</p>" + |
|
98 |
"<p> The verification code is " + vCode + "</p>" + |
|
99 |
"Click the URL below and proceed with verification." + |
|
100 |
"<p><a href=" + resultPathWithVCode + ">" + resultPathWithVCode + "</a></p>" + |
|
101 |
"<p>The verification code is valid for 24 hours.</p>" + |
|
102 |
"<p>Thank you,</p>" + |
|
103 |
"<p>OpenAIRE technical team</p>"; |
|
104 |
|
|
105 |
String verificationCodeSubject = "Your OpenAIRE password reset request"; |
|
106 |
|
|
107 |
emailSender.sendEmail(formEmail, verificationCodeSubject, verificationCodeMsg); |
|
108 |
|
|
109 |
response.setContentType("text/html"); |
|
110 |
response.sendRedirect("./verify.jsp"); |
|
111 |
} |
|
112 |
|
|
113 |
} catch (LDAPException ldape) { |
|
114 |
logger.error("LDAP error", ldape); |
|
115 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
116 |
} catch (MessagingException e) { |
|
117 |
logger.error("Error in sending email", e); |
|
118 |
request.getSession().setAttribute("message", "Error sending email."); |
|
119 |
response.sendRedirect("./forgotPassword.jsp"); |
|
120 |
} |
|
121 |
} |
|
122 |
} |
|
123 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/registry/beans/Config.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement.registry.beans; |
|
2 |
|
|
3 |
import org.apache.log4j.Logger; |
|
4 |
import org.springframework.beans.factory.annotation.Value; |
|
5 |
import org.springframework.context.annotation.Bean; |
|
6 |
import org.springframework.context.annotation.Configuration; |
|
7 |
import org.springframework.context.annotation.PropertySource; |
|
8 |
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory; |
|
9 |
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession; |
|
10 |
import org.springframework.session.web.http.CookieSerializer; |
|
11 |
import org.springframework.session.web.http.DefaultCookieSerializer; |
|
12 |
|
|
13 |
/** |
|
14 |
* Created by stefanos on 14/6/2017. |
|
15 |
*/ |
|
16 |
@PropertySource(value = { "classpath:eu/dnet/openaire/usermanagement/redis.properties", "classpath:eu/dnet/openaire/usermanagement/springContext-dnetOpenaireUsersService.properties"} ) |
|
17 |
@Configuration |
|
18 |
@EnableRedisHttpSession |
|
19 |
public class Config { |
|
20 |
|
|
21 |
private static Logger logger = Logger.getLogger(Config.class); |
|
22 |
|
|
23 |
@Value("${redis.host:localhost}") |
|
24 |
private String host; |
|
25 |
|
|
26 |
@Value("${redis.port:6379}") |
|
27 |
private String port; |
|
28 |
|
|
29 |
@Value("${redis.password:#{null}}") |
|
30 |
private String password; |
|
31 |
|
|
32 |
@Value("${webbapp.front.domain:.openaire.eu}") |
|
33 |
private String domain; |
|
34 |
|
|
35 |
@Bean |
|
36 |
public LettuceConnectionFactory connectionFactory() { |
|
37 |
logger.info(String.format("Redis connection listens to %s:%s ",host,port)); |
|
38 |
LettuceConnectionFactory factory = new LettuceConnectionFactory(host,Integer.parseInt(port)); |
|
39 |
if(password != null) factory.setPassword(password); |
|
40 |
return factory; |
|
41 |
} |
|
42 |
|
|
43 |
@Bean |
|
44 |
public CookieSerializer cookieSerializer() { |
|
45 |
logger.info("Cookie Serializer: Domain is "+domain); |
|
46 |
DefaultCookieSerializer serializer = new DefaultCookieSerializer(); |
|
47 |
serializer.setCookieName("openAIRESession"); // <1> |
|
48 |
serializer.setCookiePath("/"); // <2> |
|
49 |
// serializer.setDomainNamePattern(""); //with value "" set's the domain of the service e.g scoobydoo.di.uoa.gr |
|
50 |
serializer.setDomainName(domain); |
|
51 |
return serializer; |
|
52 |
} |
|
53 |
} |
modules/dnet-openaire-users/branches/login/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import com.unboundid.ldap.sdk.LDAPException; |
|
4 |
import eu.dnetlib.openaire.user.utils.EmailSender; |
|
5 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
6 |
import org.apache.commons.validator.routines.EmailValidator; |
|
7 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
8 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
9 |
import eu.dnetlib.openaire.user.utils.VerifyRecaptcha; |
|
10 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
11 |
import org.apache.log4j.Logger; |
|
12 |
import org.springframework.beans.factory.annotation.Autowired; |
|
13 |
import org.springframework.beans.factory.annotation.Value; |
|
14 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
15 |
|
|
16 |
import javax.mail.MessagingException; |
|
17 |
import javax.mail.internet.AddressException; |
|
18 |
import javax.mail.internet.InternetAddress; |
|
19 |
import javax.servlet.ServletConfig; |
|
20 |
import javax.servlet.ServletException; |
|
21 |
import javax.servlet.http.HttpServlet; |
|
22 |
import javax.servlet.http.HttpServletRequest; |
|
23 |
import javax.servlet.http.HttpServletResponse; |
|
24 |
import java.io.IOException; |
|
25 |
import java.io.PrintWriter; |
|
26 |
import java.sql.Timestamp; |
|
27 |
import java.util.Date; |
|
28 |
import java.util.UUID; |
|
29 |
|
|
30 |
/** |
|
31 |
* Created by sofia on 20/10/2017. |
|
32 |
*/ |
|
33 |
public class RegisterServlet extends HttpServlet { |
|
34 |
|
|
35 |
@Autowired |
|
36 |
private VerificationActions verificationActions; |
|
37 |
|
|
38 |
@Autowired |
|
39 |
private EmailSender emailSender; |
|
40 |
|
|
41 |
@Autowired |
|
42 |
private LDAPActions ldapActions; |
|
43 |
|
|
44 |
@Value("${google.recaptcha.secret}") |
|
45 |
private String secret; |
|
46 |
|
|
47 |
@Value("${google.recaptcha.key}") |
|
48 |
private String sitekey; |
|
49 |
|
|
50 |
|
|
51 |
public void init(ServletConfig config) throws ServletException { |
|
52 |
super.init(config); |
|
53 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
54 |
config.getServletContext()); |
|
55 |
config.getServletContext().setAttribute("sitekey", sitekey); |
|
56 |
} |
|
57 |
|
|
58 |
private static Logger logger = Logger.getLogger(RegisterServlet.class); |
|
59 |
|
|
60 |
@Override |
|
61 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
62 |
response.setContentType("text/html"); |
|
63 |
PrintWriter printWriter = response.getWriter(); |
|
64 |
|
|
65 |
String firstName = request.getParameter("first_name").trim(); |
|
66 |
String lastName = request.getParameter("last_name").trim(); |
|
67 |
String organization = request.getParameter("organization").trim(); |
|
68 |
String username = request.getParameter("username").trim(); |
|
69 |
String email =request.getParameter("email").trim(); |
|
70 |
String confirmEmail = request.getParameter("email_conf").trim(); |
|
71 |
String password = request.getParameter("password"); |
|
72 |
String confirmPassword = request.getParameter("password_conf"); |
|
73 |
|
|
74 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response"); |
|
75 |
|
|
76 |
boolean isRecaptchaVerified = VerifyRecaptcha.verify(gRecaptchaResponse, secret); |
|
77 |
//System.out.println("RESPONSE " + gRecaptchaResponse); |
|
78 |
|
|
79 |
if (organization == null){ |
|
80 |
logger.info("organization is null"); |
|
81 |
} |
|
82 |
|
|
83 |
if (firstName != null && lastName != null && username != null && email!= null && |
|
84 |
email.equals(confirmEmail) && password!= null && password.equals(confirmPassword) && |
|
85 |
EmailValidator.getInstance().isValid(email) && InputValidator.isValidPassword(password) && isRecaptchaVerified) { |
|
86 |
|
|
87 |
try { |
|
88 |
if (InputValidator.isValidUsername(username) && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email) |
|
89 |
&& !ldapActions.isZombieUsersEmail(email) && !ldapActions.isZombieUsersUsername(username) && EmailValidator.getInstance().isValid(email)) { |
|
90 |
|
|
91 |
ldapActions.createZombieUser(username, email, firstName, lastName, organization, password); |
|
92 |
logger.info("Zombie user successfully created"); |
|
93 |
|
|
94 |
UUID verificationCode = UUID.randomUUID(); |
|
95 |
Date creationDate = new Date(); |
|
96 |
String vCode = verificationCode.toString(); |
|
97 |
|
|
98 |
Timestamp timestamp = new Timestamp(creationDate.getTime()); |
|
99 |
|
|
100 |
if (!verificationActions.verificationEntryExists(username)) { |
|
101 |
verificationActions.addVerificationEntry(username, vCode, timestamp); |
|
102 |
|
|
103 |
} else { |
|
104 |
verificationActions.updateVerificationEntry(username, vCode, timestamp); |
|
105 |
} |
|
106 |
|
|
107 |
String resultPath = UrlConstructor.getRedirectUrl(request, "activate.jsp"); |
|
108 |
String resultPathWithVCode = UrlConstructor.getVerificationLink(resultPath, vCode); |
|
109 |
|
|
110 |
String verificationCodeMsg = "<p>Hello " + username + ",</p>" + |
|
111 |
"<p> A request has been made to verify your email and activate your OpenAIRE account. To activate your " + |
|
112 |
"account, you will need to submit your username and this activation code in order to verify that the " + |
|
113 |
"request was legitimate.</p>" + |
|
114 |
"<p>" + |
|
115 |
"The activation code is " + vCode + |
|
116 |
"</p>" + |
|
117 |
"Click the URL below and proceed with activating your password." + |
|
118 |
"<p><a href=" + resultPathWithVCode + ">" + resultPathWithVCode + "</a></p>" + |
|
119 |
"<p>The activation code is valid for 24 hours.</p>" + |
|
120 |
"<p>Thank you,</p>" + |
|
121 |
"<p>OpenAIRE technical team</p>"; |
|
122 |
|
|
123 |
String verificationCodeSubject = "Activate your OpenAIRE account"; |
|
124 |
|
|
125 |
emailSender.sendEmail(email, verificationCodeSubject, verificationCodeMsg); |
|
126 |
|
|
127 |
response.sendRedirect("./activate.jsp"); |
|
128 |
|
|
129 |
} else { |
|
130 |
|
|
131 |
validateUsername(request, username); |
|
132 |
|
|
133 |
if (ldapActions.usernameExists(username) || ldapActions.isZombieUsersUsername(username)) { |
|
134 |
request.getSession().setAttribute("username_message", "Username already exists! Choose another one."); |
|
135 |
logger.info("Username already exists"); |
|
136 |
} |
|
137 |
|
|
138 |
if (!EmailValidator.getInstance().isValid(email)) { |
|
139 |
request.getSession().setAttribute("email_message", "Please enter a valid email."); |
|
140 |
logger.info("Invalid email."); |
|
141 |
} |
|
142 |
|
|
143 |
if (ldapActions.emailExists(email)) { |
|
144 |
request.getSession().setAttribute("email_message", "There is another user with this email."); |
|
145 |
logger.info("There is another user with this email"); |
|
146 |
} |
|
147 |
|
|
148 |
if (ldapActions.isZombieUsersEmail(email)) { |
|
149 |
request.getSession().setAttribute("email_message", "You have already registered with this email address! Please check your email to activate your account or contact OpenAIRE <a href=\"https://www.openaire.eu/support/helpdesk\">helpdesk</a>."); |
|
150 |
logger.info("There is another user with this email"); |
|
151 |
} |
|
152 |
|
|
153 |
request.getSession().setAttribute("first_name", firstName); |
|
154 |
request.getSession().setAttribute("msg_first_name_error_display", "display:none"); |
|
155 |
|
|
156 |
request.getSession().setAttribute("last_name", lastName); |
|
157 |
request.getSession().setAttribute("msg_last_name_error_display", "display:none"); |
|
158 |
|
|
159 |
request.getSession().setAttribute("organization", organization); |
|
160 |
request.getSession().setAttribute("username", username); |
|
161 |
request.getSession().setAttribute("email", email); |
|
162 |
request.getSession().setAttribute("msg_email_error_display", "display:none" ); |
|
163 |
|
|
164 |
request.getSession().setAttribute("email_conf", confirmEmail); |
|
165 |
request.getSession().setAttribute("msg_email_conf_error_display", "display:none"); |
|
166 |
request.getSession().setAttribute("msg_email_validation_error_display", "display:none"); |
|
167 |
|
|
168 |
request.getSession().setAttribute("msg_password_error_display", "display:none" ); |
|
169 |
request.getSession().setAttribute("msg_pass_conf_error_display", "display:none" ); |
|
170 |
request.getSession().setAttribute("msg_invalid_password_display", "display:none"); |
|
171 |
|
|
172 |
request.getSession().setAttribute("recaptcha_error_display", "display:none"); |
|
173 |
|
|
174 |
response.sendRedirect("./register.jsp"); |
|
175 |
} |
|
176 |
|
|
177 |
|
|
178 |
} catch (MessagingException e) { |
|
179 |
logger.error("Error in sending email", e); |
|
180 |
request.getSession().setAttribute("message","Error sending email"); |
|
181 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, ".register.jsp")); |
|
182 |
|
|
183 |
//TODO better handling of these exceprions |
|
184 |
} catch (Exception e) { |
|
185 |
logger.error("LDAP error in creating user", e); |
|
186 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
187 |
} |
|
188 |
|
|
189 |
} else { |
|
190 |
|
|
191 |
request.getSession().setAttribute("first_name", firstName); |
|
192 |
request.getSession().setAttribute("last_name", lastName); |
|
193 |
request.getSession().setAttribute("organization", organization); |
|
194 |
request.getSession().setAttribute("username", username); |
|
195 |
request.getSession().setAttribute("email", email); |
|
196 |
request.getSession().setAttribute("email_conf", confirmEmail); |
|
197 |
|
|
198 |
if (!InputValidator.isFilled(firstName)) { |
|
199 |
logger.info("No first name"); |
|
200 |
request.getSession().setAttribute("msg_first_name_error_display", "display:block" ); |
|
201 |
} |
|
202 |
|
|
203 |
if (!InputValidator.isFilled(lastName)) { |
|
204 |
logger.info("No last name"); |
Also available in: Unified diff
Creating branch to split the login process