Revision 59601
Added by Katerina Iatropoulou over 3 years ago
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java | ||
---|---|---|
3 | 3 |
import eu.dnetlib.openaire.user.pojos.RegisteredService; |
4 | 4 |
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils; |
5 | 5 |
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils; |
6 |
import org.apache.http.HttpResponse; |
|
6 | 7 |
import org.apache.log4j.Logger; |
7 | 8 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
8 | 9 |
import org.springframework.beans.factory.annotation.Autowired; |
... | ... | |
76 | 77 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
77 | 78 |
} |
78 | 79 |
|
80 |
@Override |
|
81 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { |
|
82 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder. |
|
83 |
getContext().getAuthentication(); |
|
84 |
String id = request.getParameter("id"); |
|
85 |
|
|
86 |
System.out.println("POST " +id); |
|
87 |
|
|
88 |
if (id!=null && !id.isEmpty()) { |
|
89 |
try { |
|
90 |
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(id)); |
|
91 |
|
|
92 |
if (!registeredService.getOwner().equals(authentication.getSub())) { |
|
93 |
request.getSession().setAttribute("message", "You are not allowed to delete the service."); |
|
94 |
System.out.println("BLOCKED " + registeredService.getOwner() + " >> " + authentication.getSub()); |
|
95 |
response.setContentType("text/html"); |
|
96 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
97 |
} |
|
98 |
|
|
99 |
System.out.println("HERE"); |
|
100 |
String aai_id = registeredService.getAai_id(); |
|
101 |
HttpResponse resp = TokenUtils.deleteService(aai_id, authentication.getAccessTokenValue()); |
|
102 |
|
|
103 |
int statusCode = resp.getStatusLine().getStatusCode(); |
|
104 |
System.out.println("STATUS CODE " + statusCode); |
|
105 |
|
|
106 |
if (statusCode != 200) { |
|
107 |
logger.error("Unable to delete the service. Status code was " + statusCode); |
|
108 |
request.getSession().setAttribute("message", "Fail to delete the service. Status " + statusCode); |
|
109 |
System.out.println("AAI blocked"); |
|
110 |
} else { |
|
111 |
registeredServicesUtils.getRegisteredServiceDao().delete(Integer.parseInt(id)); |
|
112 |
request.getSession().setAttribute("success", "The service was successfully deleted."); |
|
113 |
System.out.println("HERE HERE"); |
|
114 |
} |
|
115 |
|
|
116 |
response.setContentType("text/html"); |
|
117 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
118 |
|
|
119 |
} catch (SQLException sqle) { |
|
120 |
logger.error("Unable to contact db.", sqle); |
|
121 |
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later."); |
|
122 |
response.setContentType("text/html"); |
|
123 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
124 |
} |
|
125 |
|
|
126 |
} else { |
|
127 |
System.out.println("SO WRONG ID..."); |
|
128 |
request.getSession().setAttribute("message", "Error selecting service to delete. Please try again."); |
|
129 |
} |
|
130 |
|
|
131 |
System.out.println("FINALLY "); |
|
132 |
response.setContentType("text/html"); |
|
133 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
134 |
} |
|
135 |
|
|
79 | 136 |
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) { |
80 | 137 |
if (registeredServices.size() == 5) { |
81 | 138 |
return true; |
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java | ||
---|---|---|
78 | 78 |
System.out.println("SQLE SKATA " + sqle.getMessage()); |
79 | 79 |
logger.error("SQLE SKATA", sqle); |
80 | 80 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
81 |
response.sendRedirect("/registeredServices"); |
|
81 |
response.sendRedirect("./registeredServices");
|
|
82 | 82 |
} |
83 | 83 |
|
84 | 84 |
request.getSession().setAttribute("accessToken", authentication.getAccessTokenValue()); |
85 | 85 |
request.getSession().setAttribute("refreshToken", authentication.getRefreshTokenValue()); |
86 | 86 |
|
87 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
|
87 |
response.sendRedirect("./registeredServices");
|
|
88 | 88 |
} |
89 | 89 |
} |
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/utils/TokenUtils.java | ||
---|---|---|
67 | 67 |
return httpclient.execute(httpPut); |
68 | 68 |
} |
69 | 69 |
|
70 |
public static HttpResponse deleteService(String serviceId, String accessToken) throws IOException { |
|
71 |
|
|
72 |
System.out.println("DELETE " + "https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId); |
|
73 |
HttpDelete httpDelete = new HttpDelete("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId); |
|
74 |
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json"); |
|
75 |
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken); |
|
76 |
|
|
77 |
CloseableHttpClient httpclient = HttpClients.createDefault(); |
|
78 |
return httpclient.execute(httpDelete); |
|
79 |
} |
|
80 |
|
|
70 | 81 |
public static ServiceResponse getRegisteredService(String serviceId, String accessToken) throws IOException { |
71 | 82 |
HttpGet httpGet = new HttpGet("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId); |
72 | 83 |
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken); |
... | ... | |
84 | 95 |
} |
85 | 96 |
} |
86 | 97 |
|
87 |
public void deleteService(String serviceId, String accessToken) throws IOException { |
|
88 |
HttpDelete httpDelete = new HttpDelete("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId); |
|
89 |
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json"); |
|
90 |
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken); |
|
91 |
|
|
92 |
CloseableHttpClient httpclient = HttpClients.createDefault(); |
|
93 |
HttpResponse httpResponse = httpclient.execute(httpDelete); |
|
94 |
} |
|
95 |
|
|
96 | 98 |
private static String createServiceJson(String name, String description) { |
97 | 99 |
ServiceRequest serviceJSON = new ServiceRequest(); |
98 | 100 |
serviceJSON.setClientName(name); |
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/EditRegisteredService.java | ||
---|---|---|
30 | 30 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
31 | 31 |
config.getServletContext()); |
32 | 32 |
} |
33 |
|
|
33 | 34 |
@Override |
34 | 35 |
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { |
35 |
|
|
36 | 36 |
request.getSession().setAttribute("authenticated", |
37 | 37 |
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString() |
38 | 38 |
.equals("anonymousUser")); |
... | ... | |
93 | 93 |
|
94 | 94 |
@Override |
95 | 95 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { |
96 |
|
|
97 | 96 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
98 | 97 |
String accessToken = authentication.getAccessTokenValue(); |
99 | 98 |
|
... | ... | |
104 | 103 |
HttpResponse resp = TokenUtils.updateService(serviceId, authentication.getSub(), name, description, authentication.getUserInfo().getEmail(), accessToken); |
105 | 104 |
|
106 | 105 |
if (resp.getStatusLine().getStatusCode()==200) { |
106 |
|
|
107 |
RegisteredService registeredService = new RegisteredService(); |
|
108 |
registeredService.setName(name); |
|
109 |
registeredService.setAai_id(serviceId); |
|
110 |
try { |
|
111 |
registeredServicesUtils.getRegisteredServiceDao().update(registeredService); |
|
112 |
} catch (SQLException sqle) { |
|
113 |
logger.error("Unable to contact db.", sqle); |
|
114 |
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later."); |
|
115 |
response.setContentType("text/html"); |
|
116 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
117 |
} |
|
118 |
|
|
107 | 119 |
request.getSession().setAttribute("success", "Your service with name '" + name + "' was successfully updated"); |
108 | 120 |
} |
109 | 121 |
|
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/PersonalTokenServlet.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.openaire.usermanagement; |
2 | 2 |
|
3 |
import org.apache.commons.io.IOUtils; |
|
4 |
import org.apache.http.HttpEntity; |
|
5 |
import org.apache.http.HttpHeaders; |
|
6 |
import org.apache.http.HttpResponse; |
|
7 |
import org.apache.http.NameValuePair; |
|
8 |
import org.apache.http.client.entity.UrlEncodedFormEntity; |
|
9 |
import org.apache.http.client.methods.HttpPost; |
|
10 |
import org.apache.http.entity.StringEntity; |
|
11 |
import org.apache.http.impl.client.CloseableHttpClient; |
|
12 |
import org.apache.http.impl.client.HttpClients; |
|
13 |
import org.apache.http.message.BasicNameValuePair; |
|
14 |
import org.apache.log4j.Logger; |
|
3 | 15 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
16 |
import org.springframework.beans.factory.annotation.Value; |
|
4 | 17 |
import org.springframework.security.access.prepost.PreAuthorize; |
5 | 18 |
import org.springframework.security.core.context.SecurityContextHolder; |
6 | 19 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
... | ... | |
10 | 23 |
import javax.servlet.http.HttpServlet; |
11 | 24 |
import javax.servlet.http.HttpServletRequest; |
12 | 25 |
import javax.servlet.http.HttpServletResponse; |
13 |
import javax.ws.rs.core.Response; |
|
14 | 26 |
import java.io.IOException; |
15 |
import java.io.PrintWriter; |
|
27 |
import java.io.UnsupportedEncodingException; |
|
28 |
import java.nio.charset.StandardCharsets; |
|
29 |
import java.util.ArrayList; |
|
30 |
import java.util.Base64; |
|
31 |
import java.util.List; |
|
16 | 32 |
|
33 |
|
|
17 | 34 |
public class PersonalTokenServlet extends HttpServlet { |
18 | 35 |
|
36 |
@Value("${oidc.secret}") |
|
37 |
private String secret; |
|
38 |
|
|
39 |
@Value("${oidc.id}") |
|
40 |
private String id; |
|
41 |
|
|
42 |
private Logger logger = Logger.getLogger(PersonalTokenServlet.class); |
|
43 |
|
|
44 |
public void init(ServletConfig config) throws ServletException { |
|
45 |
super.init(config); |
|
46 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
47 |
config.getServletContext()); |
|
48 |
} |
|
49 |
|
|
19 | 50 |
public void doGet(HttpServletRequest request, HttpServletResponse response) |
20 | 51 |
throws ServletException, IOException { |
52 |
System.out.println("IN GET"); |
|
21 | 53 |
response.setContentType("text/html"); |
22 | 54 |
|
23 | 55 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
... | ... | |
26 | 58 |
|
27 | 59 |
request.getRequestDispatcher("./personal.jsp").include(request, response); |
28 | 60 |
} |
29 |
} |
|
61 |
|
|
62 |
public void doPost(HttpServletRequest request, HttpServletResponse response) { |
|
63 |
System.out.println("IN POST"); |
|
64 |
System.out.println(id); |
|
65 |
System.out.println(secret); |
|
66 |
|
|
67 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
|
68 |
|
|
69 |
try { |
|
70 |
CloseableHttpClient httpclient = HttpClients.createDefault(); |
|
71 |
HttpPost httppost = new HttpPost("https://openaire-dev.aai-dev.grnet.gr/oidc/revoke"); |
|
72 |
httppost.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded"); |
|
73 |
String encoding = Base64.getEncoder().encodeToString((id.concat(":").concat(secret)).getBytes("UTF-8")); |
|
74 |
httppost.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + encoding); |
|
75 |
|
|
76 |
List<NameValuePair> params = new ArrayList<NameValuePair>(); |
|
77 |
params.add(new BasicNameValuePair("token", authentication.getAccessTokenValue())); |
|
78 |
params.add(new BasicNameValuePair("token_type_hint", "access_token")); |
|
79 |
httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8")); |
|
80 |
|
|
81 |
HttpResponse resp = httpclient.execute(httppost); |
|
82 |
System.out.println("status " + resp.getStatusLine().getStatusCode()); |
|
83 |
|
|
84 |
HttpEntity entity = resp.getEntity(); |
|
85 |
|
|
86 |
System.out.println("REVOKE " + IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name())); |
|
87 |
|
|
88 |
response.sendRedirect("./personalToken"); |
|
89 |
|
|
90 |
} catch (UnsupportedEncodingException uee) { |
|
91 |
logger.error("Error in Base64 encoding.", uee); |
|
92 |
request.getSession().setAttribute("message", "Unable to revoke your token. Please try again later"); |
|
93 |
System.out.println("ERROR >>>> " + uee.getMessage()); |
|
94 |
|
|
95 |
} catch (IOException ioe) { |
|
96 |
logger.error("Error in Base64 encoding.", ioe); |
|
97 |
request.getSession().setAttribute("message", "Unable to revoke your token. Please try again later"); |
|
98 |
System.out.println("ERROR >>>> " + ioe.getMessage()); |
|
99 |
|
|
100 |
} |
|
101 |
} |
|
102 |
} |
modules/dnet-openaire-users/trunk/src/main/webapp/registeredServices.jsp | ||
---|---|---|
87 | 87 |
</div> |
88 | 88 |
<!-- CENTER SIDE --> |
89 | 89 |
<div class="uk-width-2-3@l uk-width-2-3@m"> |
90 |
<h2 class="uk-h2 uk-margin-small-bottom">Registered services</h2>
|
|
91 |
|
|
92 |
<p class="uk-text-success uk-text-medium uk-float-left">${success}</p>
|
|
90 |
<p class="uk-text-success uk-text-medium uk-center">
|
|
91 |
${success} |
|
92 |
</p> |
|
93 | 93 |
<c:remove var="success" scope="session" /> |
94 | 94 |
|
95 |
<p id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</p> |
|
95 |
<div id="server_error" class="uk-text-danger uk-text-medium uk-container-center"> |
|
96 |
${message} |
|
97 |
</div> |
|
96 | 98 |
<c:remove var="message" scope="session" /> |
97 | 99 |
|
98 |
<p><span class="uk-alert-primary uk-text-medium uk-float-left">You can register up to 5 services.</span></p>
|
|
100 |
<h2 class="uk-h2 uk-margin-small-bottom">Registered services</h2>
|
|
99 | 101 |
|
102 |
<p class="uk-alert-primary uk-text-medium uk-float-left"> |
|
103 |
<span uk-icon="info"></span> You can register up to 5 services. |
|
104 |
</p> |
|
105 |
|
|
100 | 106 |
<c:if test="${reachedLimit}"> |
101 |
<br> |
|
102 |
<p><span class="uk-alert-warning uk-text-medium uk-float-left">You have reached the maximum size of allowed registered services.</span></p> |
|
103 |
<c:remove var="message" scope="session" /> |
|
104 |
<br> |
|
107 |
<p class="uk-alert-warning uk-text-medium uk-float-left"> |
|
108 |
<span uk-icon="warning"></span> You have reached the maximum size of allowed registered services. |
|
109 |
</p> |
|
105 | 110 |
</c:if> |
111 |
|
|
106 | 112 |
<div class="middle-box loginscreen animated fadeInDown "> |
107 | 113 |
<div class="uk-width-1-1@m uk-width-1-1@s"> |
108 |
<div> <span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span> </div> |
|
109 |
<c:remove var="message" scope="session" /> |
|
110 |
|
|
111 | 114 |
<c:if test="${empty registeredServices && showEmptyList}"> |
112 | 115 |
<p>You have not registered any service yet!</p> |
113 | 116 |
</c:if> |
... | ... | |
134 | 137 |
<div> |
135 | 138 |
|
136 | 139 |
<a href="./editRegisteredService?id=${registeredService.id}"><span class="uk-margin-small-right" uk-icon="pencil" ></span> |
137 |
<span class="uk-margin-small-right uk-text-danger" uk-icon="trash" uk-toggle="target: #modal1"></span>
|
|
140 |
<span class="uk-margin-small-right uk-text-danger" uk-icon="trash" uk-toggle="target: #modal${registeredService.id}"></span>
|
|
138 | 141 |
|
139 | 142 |
<!-- This is the modal --> |
140 |
<div id="modal1" uk-modal>
|
|
143 |
<div id="modal${registeredService.id}" uk-modal>
|
|
141 | 144 |
<div class="uk-modal-dialog uk-modal-body"> |
142 |
<h2 class="uk-modal-title">Delete service</h2> |
|
143 |
<p>Are you sure you want to delete the service? You cannot undo this action!</p> |
|
144 |
<p class="uk-text-right"> |
|
145 |
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel</button> |
|
146 |
<button class="uk-button uk-button-danger" type="button">Delete</button> |
|
147 |
</p> |
|
145 |
<form name="delete${registeredService.id}" id="delete${registeredService.id}" method="post"> |
|
146 |
<input type="hidden" name="id" value="${registeredService.id}"/> |
|
147 |
<h2 class="uk-modal-title">Delete service</h2> |
|
148 |
<p>Are you sure you want to delete the '${registeredService.name}' service? You cannot undo this action!</p> |
|
149 |
<p class="uk-text-right"> |
|
150 |
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel</button> |
|
151 |
<button class="uk-button uk-button-danger" type="button" onclick="document.delete${registeredService.id}.submit();document.getElementById('modal${registeredService.id}').style.visibility='hidden';">Delete</button> |
|
152 |
</p> |
|
153 |
</form> |
|
148 | 154 |
</div> |
149 | 155 |
</div> |
150 | 156 |
</div> |
... | ... | |
159 | 165 |
</div> |
160 | 166 |
</li> |
161 | 167 |
</c:forEach> |
162 |
<li> |
|
163 |
<hr class="uk-margin-remove-top"> |
|
164 |
<div class="uk-grid uk-child-width-1-3"> |
|
165 |
<div ><a uk-toggle="target: #details2; animation: uk-animation-fade">Service 2 <span uk-icon="icon:info;ratio:0.7"></span></a> |
|
166 |
</div> |
|
167 |
<div>last year</div> |
|
168 |
<div> |
|
169 |
<a class="uk-margin-small-right" uk-icon="pencil" href="./editRegisterService"></a> |
|
170 |
<a class="uk-margin-small-right uk-text-danger" uk-icon="trash" uk-toggle="target: #modal1"></a> |
|
171 |
</div> |
|
172 |
</div> |
|
173 |
</li> |
|
174 |
<li id="details2" hidden="hidden" > |
|
175 |
<div class="uk-alert"> |
|
176 |
<p>Service Name:</p> |
|
177 |
<p>Service Description:</p> |
|
178 |
<p>Service Id:</p> |
|
179 |
<p>Creation Date:</p> |
|
180 |
</div> |
|
181 |
</li> |
|
182 | 168 |
</ul> |
183 | 169 |
</c:if> |
170 |
|
|
184 | 171 |
<div class="uk-text-center"> |
185 | 172 |
<c:choose> |
186 | 173 |
<c:when test="${not reachedLimit}"> |
modules/dnet-openaire-users/trunk/src/main/webapp/personal.jsp | ||
---|---|---|
121 | 121 |
<!-- CENTER SIDE --> |
122 | 122 |
<div class="uk-width-2-3@l uk-width-2-3@m"> |
123 | 123 |
<div> |
124 |
<a class=" uk-text-danger uk-float-right" title="Revoke access token"><span uk-icon="refresh" ></span></a> |
|
125 |
<a class=" uk-float-right uk-margin-small-left" onclick="copy('accessToken')" title="Copy access token"><span uk-icon="icon:copy"></span></a> |
|
126 |
<div class="uk-h5">Your personal access token is</div> |
|
127 |
<pre><code id="accessToken">${accessToken}</code></pre> |
|
124 |
<span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span> |
|
125 |
<c:remove var="message" scope="session" /> |
|
126 |
<form id="revoke" name="revoke" action="./personalToken" method="post"> |
|
127 |
<a class=" uk-text-danger uk-float-right" title="Revoke access token" onClick="document.revoke.submit();"><span uk-icon="refresh" ></span></a> |
|
128 |
<a class=" uk-float-right uk-margin-small-left" onclick="copy('accessToken')" title="Copy access token"><span uk-icon="icon:copy"></span></a> |
|
129 |
<div class="uk-h5">Your personal access token is</div> |
|
130 |
<pre><code id="accessToken">${accessToken}</code></pre> |
|
131 |
</form> |
|
128 | 132 |
</div> |
129 | 133 |
<div> |
130 | 134 |
<a class=" uk-text-danger uk-float-right" title="Revoke refresh token"><span uk-icon="refresh"></span></a> |
Also available in: Unified diff
mainly delete and revoke added.