Revision 59908
Added by Katerina Iatropoulou over 3 years ago
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java | ||
---|---|---|
155 | 155 |
} |
156 | 156 |
|
157 | 157 |
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) { |
158 |
return registeredServices.size() == 5;
|
|
158 |
return registeredServices.size() >= 5;
|
|
159 | 159 |
} |
160 | 160 |
} |
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java | ||
---|---|---|
195 | 195 |
|
196 | 196 |
if (mode.equals("create")) { |
197 | 197 |
//Careful! Redirects in method |
198 |
checkNumberOfRegisteredServices(request, response, authentication); |
|
198 |
if (!checkNumberOfRegisteredServices(request, response, authentication)) { |
|
199 |
return; |
|
200 |
} |
|
199 | 201 |
String serverRequestJSON = null; |
200 | 202 |
if(keyType == null) { |
201 | 203 |
serverRequestJSON = createServiceJson(null, name, email); |
... | ... | |
223 | 225 |
if(registeredService.getKeyType() != null) { |
224 | 226 |
request.getSession().setAttribute("success", |
225 | 227 |
"Your service has been successfully registered!<br>" + |
226 |
"<b>Client ID<b>: " + serviceResponse.getClientId()); |
|
228 |
"<b>Client ID</b>: " + serviceResponse.getClientId());
|
|
227 | 229 |
} else { |
228 | 230 |
request.getSession().setAttribute("success", |
229 | 231 |
"Your service has been successfully registered!<br>" + |
... | ... | |
256 | 258 |
if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) { |
257 | 259 |
request.getSession().setAttribute("message", "You have no permission to edit the service."); |
258 | 260 |
response.sendRedirect("./registeredServices"); |
259 |
} |
|
260 | 261 |
|
261 |
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt); |
|
262 |
if (registeredService != null && registeredService.getClientId() != null) { |
|
263 |
String serverRequestJSON = null; |
|
264 |
if (keyType == null) { |
|
265 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email); |
|
266 |
} else if (keyType.equals("uri")) { |
|
267 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri); |
|
268 |
} else if (keyType.equals("value")) { |
|
269 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks); |
|
270 |
} |
|
271 |
if (serverRequestJSON != null) { |
|
272 |
System.out.println("SERVER JSON " + serverRequestJSON); |
|
273 |
HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken()); |
|
274 |
if (resp.getStatusLine().getStatusCode() == 200) { |
|
275 |
System.out.println("NAME >>>>" + name); |
|
276 |
registeredService.setName(name); |
|
262 |
} else { |
|
277 | 263 |
|
278 |
System.out.println("Client Id " + registeredService.getClientId()); |
|
279 |
try { |
|
280 |
registeredServicesUtils.getRegisteredServiceDao().update(registeredService); |
|
281 |
} catch (SQLException sqle) { |
|
282 |
logger.error("Unable to contact db.", sqle); |
|
283 |
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later."); |
|
284 |
response.setContentType("text/html"); |
|
285 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
286 |
return; |
|
264 |
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt); |
|
265 |
if (registeredService != null && registeredService.getClientId() != null) { |
|
266 |
String serverRequestJSON = null; |
|
267 |
if (keyType == null) { |
|
268 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email); |
|
269 |
} else if (keyType.equals("uri")) { |
|
270 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri); |
|
271 |
} else if (keyType.equals("value")) { |
|
272 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks); |
|
273 |
} |
|
274 |
if (serverRequestJSON != null) { |
|
275 |
System.out.println("SERVER JSON " + serverRequestJSON); |
|
276 |
HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken()); |
|
277 |
if (resp.getStatusLine().getStatusCode() == 200) { |
|
278 |
System.out.println("NAME >>>>" + name); |
|
279 |
registeredService.setName(name); |
|
280 |
|
|
281 |
System.out.println("Client Id " + registeredService.getClientId()); |
|
282 |
try { |
|
283 |
registeredServicesUtils.getRegisteredServiceDao().update(registeredService); |
|
284 |
} catch (SQLException sqle) { |
|
285 |
logger.error("Unable to contact db.", sqle); |
|
286 |
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later."); |
|
287 |
response.setContentType("text/html"); |
|
288 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
289 |
return; |
|
290 |
} |
|
291 |
request.getSession().setAttribute("success", |
|
292 |
"Your service has been successfully updated!<br>" + |
|
293 |
"<b>Client ID</b>: " + registeredService.getClientId()); |
|
287 | 294 |
} |
288 |
request.getSession().setAttribute("success", |
|
289 |
"Your service has been successfully updated!<br>" + |
|
290 |
"<b>Client ID</b>: " + registeredService.getClientId()); |
|
295 |
|
|
296 |
} else { |
|
297 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist."); |
|
298 |
response.sendRedirect("./registeredServices"); |
|
299 |
return; |
|
291 | 300 |
} |
292 |
|
|
293 | 301 |
} else { |
294 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist."); |
|
302 |
logger.error("Service request JSON is null"); |
|
303 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
|
295 | 304 |
response.sendRedirect("./registeredServices"); |
296 | 305 |
return; |
297 | 306 |
} |
298 |
} else { |
|
299 |
logger.error("Service request JSON is null"); |
|
300 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
|
301 |
response.sendRedirect("./registeredServices"); |
|
302 |
return; |
|
303 | 307 |
} |
304 |
} catch(SQLException sqle){
|
|
305 |
logger.error("Unable to access service with id " + serviceId, sqle);
|
|
306 |
request.getSession().setAttribute("message", "There was an error accessing your service.");
|
|
307 |
response.sendRedirect("./registeredServices");
|
|
308 |
} catch(SQLException sqle){ |
|
309 |
logger.error("Unable to access service with id " + serviceId, sqle); |
|
310 |
request.getSession().setAttribute("message", "There was an error accessing your service."); |
|
311 |
response.sendRedirect("./registeredServices"); |
|
308 | 312 |
|
309 |
} catch(NumberFormatException nfe){
|
|
310 |
logger.error("Unable to access service with id " + serviceId, nfe);
|
|
311 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
|
312 |
response.sendRedirect("./registeredServices");
|
|
313 |
}
|
|
313 |
} catch(NumberFormatException nfe){ |
|
314 |
logger.error("Unable to access service with id " + serviceId, nfe); |
|
315 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist."); |
|
316 |
response.sendRedirect("./registeredServices"); |
|
317 |
} |
|
314 | 318 |
} |
315 | 319 |
} |
316 | 320 |
|
... | ... | |
358 | 362 |
return name != null && !name.isEmpty(); |
359 | 363 |
} |
360 | 364 |
|
361 |
private void checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
|
|
365 |
private boolean checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
|
|
362 | 366 |
try { |
363 | 367 |
long numberOfRegisteredServices = |
364 | 368 |
registeredServicesUtils.getRegisteredServiceDao().countRegisteredServices(authentication.getSub()); |
365 | 369 |
|
366 | 370 |
if (numberOfRegisteredServices >= 5) { |
367 | 371 |
response.sendRedirect("./registeredServices"); // The message there already exists. |
372 |
return false; |
|
368 | 373 |
} |
369 | 374 |
|
370 | 375 |
} catch (SQLException sqle) { |
371 | 376 |
logger.error("Unable to count registered services.", sqle); |
372 | 377 |
request.getSession().setAttribute("message", "Unable to contact DB. Please try again later."); |
373 | 378 |
response.sendRedirect("./registeredServices"); |
374 |
return; |
|
379 |
return false;
|
|
375 | 380 |
} |
381 |
|
|
382 |
return true; |
|
376 | 383 |
} |
377 | 384 |
|
378 | 385 |
private static String createServiceJson(String clientId, String name, String email) { |
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.openaire.usermanagement; |
2 | 2 |
|
3 | 3 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
4 |
import org.springframework.security.core.Authentication; |
|
4 | 5 |
import org.springframework.security.core.context.SecurityContextHolder; |
5 | 6 |
|
6 | 7 |
import javax.servlet.ServletException; |
... | ... | |
19 | 20 |
|
20 | 21 |
if (isAuthenticated) { |
21 | 22 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication(); |
23 |
|
|
22 | 24 |
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0)); |
23 | 25 |
name.append(authentication.getUserInfo().getFamilyName().charAt(0)); |
24 | 26 |
request.getSession().setAttribute("authenticated", isAuthenticated); |
modules/dnet-openaire-users/trunk/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java | ||
---|---|---|
1 | 1 |
package eu.dnetlib.openaire.usermanagement.utils; |
2 | 2 |
|
3 | 3 |
import com.google.gson.JsonParser; |
4 |
import eu.dnetlib.openaire.usermanagement.api.Test3Service; |
|
4 | 5 |
import org.apache.commons.io.IOUtils; |
5 | 6 |
import org.apache.http.HttpResponse; |
6 | 7 |
import org.apache.http.NameValuePair; |
... | ... | |
9 | 10 |
import org.apache.http.impl.client.CloseableHttpClient; |
10 | 11 |
import org.apache.http.impl.client.HttpClients; |
11 | 12 |
import org.apache.http.message.BasicNameValuePair; |
13 |
import org.apache.log4j.Logger; |
|
12 | 14 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
15 |
import org.springframework.beans.factory.annotation.Value; |
|
13 | 16 |
|
14 | 17 |
import javax.ws.rs.core.MediaType; |
15 | 18 |
import javax.ws.rs.core.Response; |
... | ... | |
24 | 27 |
import java.util.regex.Pattern; |
25 | 28 |
|
26 | 29 |
public class AuthenticationUtils { |
30 |
|
|
31 |
@Value("${oidc.issuer}") |
|
32 |
private String issuer; |
|
33 |
|
|
34 |
@Value("${oidc.secret}") |
|
35 |
private String secret; |
|
36 |
|
|
37 |
@Value("${oidc.id}") |
|
38 |
private String id; |
|
39 |
|
|
40 |
private Logger logger = Logger.getLogger(AuthenticationUtils.class); |
|
41 |
|
|
27 | 42 |
public static boolean isAuthenticated(OIDCAuthenticationToken authenticationToken) { |
28 | 43 |
if (authenticationToken != null) { |
29 | 44 |
return true; |
... | ... | |
38 | 53 |
long exp = new JsonParser().parse(new String(Base64.getDecoder().decode(matcher.group(2)))).getAsJsonObject().get("exp").getAsLong(); |
39 | 54 |
return (exp - (new Date().getTime()/1000)<=0); |
40 | 55 |
} |
56 |
|
|
57 |
/* |
|
58 |
public void refreshAccessToken(String refreshToken) { |
|
59 |
//TODO fix this |
|
60 |
if (refreshToken == null || refreshToken.isEmpty()) { |
|
61 |
return; |
|
62 |
} |
|
63 |
|
|
64 |
CloseableHttpClient httpclient = HttpClients.createDefault(); |
|
65 |
HttpPost httppost = new HttpPost(issuer+"/token"); |
|
66 |
|
|
67 |
// Request parameters and other properties. |
|
68 |
List<NameValuePair> params = new ArrayList<NameValuePair>(); |
|
69 |
params.add(new BasicNameValuePair("client_id", id)); |
|
70 |
params.add(new BasicNameValuePair("client_secret", secret)); |
|
71 |
params.add(new BasicNameValuePair("grant_type", "refresh_token")); |
|
72 |
params.add(new BasicNameValuePair("refresh_token", refreshToken)); |
|
73 |
params.add(new BasicNameValuePair("scope", "openid")); |
|
74 |
|
|
75 |
HttpResponse response = null; |
|
76 |
|
|
77 |
try { |
|
78 |
httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8")); |
|
79 |
//Execute and get the response. |
|
80 |
response = httpclient.execute(httppost); |
|
81 |
org.apache.http.HttpEntity entity = response.getEntity(); |
|
82 |
|
|
83 |
//TODO fix this |
|
84 |
if (response.getStatusLine().getStatusCode() == 401) { |
|
85 |
return; |
|
86 |
} |
|
87 |
|
|
88 |
String serverMessage = IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name()); |
|
89 |
|
|
90 |
} catch (UnsupportedEncodingException uee) { |
|
91 |
logger.error(uee); |
|
92 |
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(, 500, "Fail to get access token.", uee.getMessage())) |
|
93 |
.type(MediaType.APPLICATION_JSON).build(); |
|
94 |
|
|
95 |
} catch (IOException ioe) { |
|
96 |
logger.error(ioe); |
|
97 |
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(, 500, "Fail to get access token.", ioe.getMessage())) |
|
98 |
.type(MediaType.APPLICATION_JSON).build(); |
|
99 |
|
|
100 |
} |
|
101 |
}*/ |
|
41 | 102 |
} |
modules/dnet-openaire-users/trunk/src/main/webapp/registerService.jsp | ||
---|---|---|
166 | 166 |
<button id="create" type="submit" class="uk-button uk-button-primary" onclick="return validate();"> |
167 | 167 |
<c:choose> |
168 | 168 |
<c:when test="${not empty param.id}"> |
169 |
Edit service
|
|
169 |
Update service
|
|
170 | 170 |
</c:when> |
171 | 171 |
<c:otherwise> |
172 | 172 |
Add new service |
Also available in: Unified diff
securing edit delete