1
|
package eu.dnetlib.openaire.usermanagement;
|
2
|
|
3
|
import org.apache.commons.io.IOUtils;
|
4
|
import org.apache.http.HttpEntity;
|
5
|
import org.apache.http.HttpHeaders;
|
6
|
import org.apache.http.HttpResponse;
|
7
|
import org.apache.http.NameValuePair;
|
8
|
import org.apache.http.client.entity.UrlEncodedFormEntity;
|
9
|
import org.apache.http.client.methods.HttpPost;
|
10
|
import org.apache.http.entity.StringEntity;
|
11
|
import org.apache.http.impl.client.CloseableHttpClient;
|
12
|
import org.apache.http.impl.client.HttpClients;
|
13
|
import org.apache.http.message.BasicNameValuePair;
|
14
|
import org.apache.log4j.Logger;
|
15
|
import org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService;
|
16
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
17
|
import org.springframework.beans.factory.annotation.Autowired;
|
18
|
import org.springframework.beans.factory.annotation.Value;
|
19
|
import org.springframework.security.access.prepost.PreAuthorize;
|
20
|
import org.springframework.security.core.context.SecurityContextHolder;
|
21
|
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
22
|
|
23
|
import javax.servlet.ServletConfig;
|
24
|
import javax.servlet.ServletException;
|
25
|
import javax.servlet.http.HttpServlet;
|
26
|
import javax.servlet.http.HttpServletRequest;
|
27
|
import javax.servlet.http.HttpServletResponse;
|
28
|
import java.io.IOException;
|
29
|
import java.io.UnsupportedEncodingException;
|
30
|
import java.nio.charset.StandardCharsets;
|
31
|
import java.util.ArrayList;
|
32
|
import java.util.Base64;
|
33
|
import java.util.List;
|
34
|
|
35
|
|
36
|
public class PersonalTokenServlet extends HttpServlet {
|
37
|
|
38
|
@Value("${oidc.secret}")
|
39
|
private String secret;
|
40
|
|
41
|
@Value("${oidc.id}")
|
42
|
private String id;
|
43
|
|
44
|
@Autowired
|
45
|
private StaticClientConfigurationService staticClientConfigurationService;
|
46
|
|
47
|
private Logger logger = Logger.getLogger(PersonalTokenServlet.class);
|
48
|
|
49
|
public void init(ServletConfig config) throws ServletException {
|
50
|
super.init(config);
|
51
|
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
52
|
config.getServletContext());
|
53
|
}
|
54
|
|
55
|
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
56
|
throws ServletException, IOException {
|
57
|
System.out.println("IN GET");
|
58
|
response.setContentType("text/html");
|
59
|
|
60
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
61
|
request.getSession().setAttribute("accessToken", authentication.getAccessTokenValue());
|
62
|
request.getSession().setAttribute("refreshToken", authentication.getRefreshTokenValue());
|
63
|
|
64
|
request.getRequestDispatcher("./personal.jsp").include(request, response);
|
65
|
}
|
66
|
|
67
|
public void doPost(HttpServletRequest request, HttpServletResponse response) {
|
68
|
System.out.println("IN POST");
|
69
|
System.out.println(id);
|
70
|
System.out.println(secret);
|
71
|
|
72
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
73
|
|
74
|
try {
|
75
|
CloseableHttpClient httpclient = HttpClients.createDefault();
|
76
|
HttpPost httppost = new HttpPost("https://openaire-dev.aai-dev.grnet.gr/oidc/revoke");
|
77
|
httppost.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
|
78
|
String encoding = Base64.getEncoder().encodeToString((id.concat(":").concat(secret)).getBytes("UTF-8"));
|
79
|
httppost.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + encoding);
|
80
|
|
81
|
List<NameValuePair> params = new ArrayList<NameValuePair>();
|
82
|
params.add(new BasicNameValuePair("token", authentication.getAccessTokenValue()));
|
83
|
params.add(new BasicNameValuePair("token_type_hint", "access_token"));
|
84
|
httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
|
85
|
|
86
|
HttpResponse resp = httpclient.execute(httppost);
|
87
|
System.out.println("status " + resp.getStatusLine().getStatusCode());
|
88
|
|
89
|
HttpEntity entity = resp.getEntity();
|
90
|
|
91
|
System.out.println("REVOKE " + IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name()));
|
92
|
|
93
|
response.sendRedirect("./personalToken");
|
94
|
|
95
|
} catch (UnsupportedEncodingException uee) {
|
96
|
logger.error("Error in Base64 encoding.", uee);
|
97
|
request.getSession().setAttribute("message", "Unable to revoke your token. Please try again later");
|
98
|
System.out.println("ERROR >>>> " + uee.getMessage());
|
99
|
|
100
|
} catch (IOException ioe) {
|
101
|
logger.error("Error in Base64 encoding.", ioe);
|
102
|
request.getSession().setAttribute("message", "Unable to revoke your token. Please try again later");
|
103
|
System.out.println("ERROR >>>> " + ioe.getMessage());
|
104
|
|
105
|
}
|
106
|
}
|
107
|
}
|