Revision 60022
Added by Katerina Iatropoulou over 3 years ago
modules/dnet-openaire-users/branches/beta/deploy.info | ||
---|---|---|
1 |
{ |
|
2 |
"type_source": "SVN", |
|
3 |
"goal": "package -U source:jar", |
|
4 |
"url": "http://svn-public.driver.research-infrastructures.eu/driver/dnet45/modules/dnet-openaire-users/trunk", |
|
5 |
"deploy_repository": "dnet45-snapshots", |
|
6 |
"version": "4", |
|
7 |
"mail": "antleb@di.uoa.gr, kiatrop@di.uoa.gr, sbaltzi@di.uoa.gr", |
|
8 |
"deploy_repository_url": "https://maven.d4science.org/nexus/content/repositories/dnet45-snapshots", |
|
9 |
"name": "dnet-openaire-users" |
|
10 |
} |
|
11 |
|
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/RefreshToken.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
public class RefreshToken { |
|
4 |
private String value; |
|
5 |
private int id; |
|
6 |
private String[] scopes; |
|
7 |
private String clientId; |
|
8 |
private String userId; |
|
9 |
private String expliration; |
|
10 |
|
|
11 |
public String getValue() { |
|
12 |
return value; |
|
13 |
} |
|
14 |
|
|
15 |
public void setValue(String value) { |
|
16 |
this.value = value; |
|
17 |
} |
|
18 |
|
|
19 |
public int getId() { |
|
20 |
return id; |
|
21 |
} |
|
22 |
|
|
23 |
public void setId(int id) { |
|
24 |
this.id = id; |
|
25 |
} |
|
26 |
|
|
27 |
public String[] getScopes() { |
|
28 |
return scopes; |
|
29 |
} |
|
30 |
|
|
31 |
public void setScopes(String[] scopes) { |
|
32 |
this.scopes = scopes; |
|
33 |
} |
|
34 |
|
|
35 |
public String getClientId() { |
|
36 |
return clientId; |
|
37 |
} |
|
38 |
|
|
39 |
public void setClientId(String clientId) { |
|
40 |
this.clientId = clientId; |
|
41 |
} |
|
42 |
|
|
43 |
public String getUserId() { |
|
44 |
return userId; |
|
45 |
} |
|
46 |
|
|
47 |
public void setUserId(String userId) { |
|
48 |
this.userId = userId; |
|
49 |
} |
|
50 |
|
|
51 |
public String getExpliration() { |
|
52 |
return expliration; |
|
53 |
} |
|
54 |
|
|
55 |
public void setExpliration(String expliration) { |
|
56 |
this.expliration = expliration; |
|
57 |
} |
|
58 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/VerifyToDeleteServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
10 |
|
|
11 |
import javax.servlet.ServletConfig; |
|
12 |
import javax.servlet.ServletException; |
|
13 |
import javax.servlet.http.HttpServlet; |
|
14 |
import javax.servlet.http.HttpServletRequest; |
|
15 |
import javax.servlet.http.HttpServletResponse; |
|
16 |
import java.io.IOException; |
|
17 |
import java.io.PrintWriter; |
|
18 |
|
|
19 |
/** |
|
20 |
* Created by sofia on 21/5/2018. |
|
21 |
*/ |
|
22 |
public class VerifyToDeleteServlet extends HttpServlet { |
|
23 |
|
|
24 |
public void init(ServletConfig config) throws ServletException { |
|
25 |
super.init(config); |
|
26 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
27 |
config.getServletContext()); |
|
28 |
} |
|
29 |
|
|
30 |
@Autowired |
|
31 |
private VerificationActions verificationActions; |
|
32 |
|
|
33 |
@Autowired |
|
34 |
private LDAPActions ldapActions; |
|
35 |
|
|
36 |
private Logger logger = Logger.getLogger(VerificationCodeServlet.class); |
|
37 |
|
|
38 |
@Override |
|
39 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
40 |
response.setContentType("text/html"); |
|
41 |
PrintWriter printWriter = response.getWriter(); |
|
42 |
|
|
43 |
String formUsername = request.getParameter("username").trim(); |
|
44 |
String formVerificationCode = request.getParameter("verification_code").trim(); |
|
45 |
|
|
46 |
try { |
|
47 |
if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) { |
|
48 |
if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) { |
|
49 |
if (!verificationActions.verificationCodeHasExpired(formUsername)) { |
|
50 |
|
|
51 |
Boolean isRegistered = false; |
|
52 |
Boolean isZombie = false; |
|
53 |
|
|
54 |
if (ldapActions.usernameExists(formUsername)) { |
|
55 |
logger.info("User " + formUsername + " is activated user!"); |
|
56 |
isRegistered = true; |
|
57 |
} else if (ldapActions.isZombieUsersUsername(formUsername)) { |
|
58 |
logger.info("User " + formUsername + " is zombie user!"); |
|
59 |
isZombie = true; |
|
60 |
} |
|
61 |
|
|
62 |
if (!isRegistered && !isZombie) { |
|
63 |
request.getSession().setAttribute("message", "Username or verification code are not valid."); |
|
64 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
65 |
} else { |
|
66 |
if (isRegistered) { |
|
67 |
ldapActions.deleteUser(formUsername); |
|
68 |
} else if (isZombie) { |
|
69 |
ldapActions.deleteZombieUser(formUsername); |
|
70 |
} |
|
71 |
verificationActions.deleteVerificationEntry(formUsername); |
|
72 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request,"successDeleteAccount.jsp")); |
|
73 |
|
|
74 |
} |
|
75 |
} else { |
|
76 |
logger.info("Verification code has expired!"); |
|
77 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp")); |
|
78 |
} |
|
79 |
} else { |
|
80 |
logger.info("Username or verification code are not valid!"); |
|
81 |
request.getSession().setAttribute("message", "Username or verification code are not valid."); |
|
82 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
83 |
} |
|
84 |
} else { |
|
85 |
if (!InputValidator.isFilled(formUsername)) { |
|
86 |
logger.info("No username"); |
|
87 |
request.getSession().setAttribute("msg_username_error", "Please enter your username."); |
|
88 |
} |
|
89 |
if (!InputValidator.isFilled(formVerificationCode)) { |
|
90 |
logger.info("No verification code"); |
|
91 |
request.getSession().setAttribute("msg_verification_code_error", "Please enter your verification code."); |
|
92 |
} |
|
93 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
94 |
} |
|
95 |
} catch (Exception ldape) { |
|
96 |
logger.error("Could not remove user with username " + formUsername, ldape); |
|
97 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
98 |
} |
|
99 |
|
|
100 |
printWriter.close(); |
|
101 |
} |
|
102 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/RequestToDeleteAccountServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.EmailSender; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.user.utils.VerifyRecaptcha; |
|
7 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
8 |
import org.apache.commons.validator.routines.EmailValidator; |
|
9 |
import org.apache.log4j.Logger; |
|
10 |
import org.springframework.beans.factory.annotation.Autowired; |
|
11 |
import org.springframework.beans.factory.annotation.Value; |
|
12 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
13 |
|
|
14 |
import javax.mail.MessagingException; |
|
15 |
import javax.servlet.ServletConfig; |
|
16 |
import javax.servlet.ServletException; |
|
17 |
import javax.servlet.http.HttpServlet; |
|
18 |
import javax.servlet.http.HttpServletRequest; |
|
19 |
import javax.servlet.http.HttpServletResponse; |
|
20 |
import javax.servlet.http.HttpSession; |
|
21 |
import java.io.IOException; |
|
22 |
import java.sql.Timestamp; |
|
23 |
import java.util.Date; |
|
24 |
import java.util.UUID; |
|
25 |
|
|
26 |
/** |
|
27 |
* Created by sofia on 21/5/2018. |
|
28 |
*/ |
|
29 |
public class RequestToDeleteAccountServlet extends HttpServlet { |
|
30 |
|
|
31 |
@Autowired |
|
32 |
private VerificationActions verificationActions; |
|
33 |
|
|
34 |
@Autowired |
|
35 |
private LDAPActions ldapActions; |
|
36 |
|
|
37 |
@Autowired |
|
38 |
private EmailSender emailSender; |
|
39 |
|
|
40 |
@Value("${oidc.home}") |
|
41 |
private String oidcHomeUrl; |
|
42 |
|
|
43 |
@Value("${google.recaptcha.secret}") |
|
44 |
private String secret; |
|
45 |
|
|
46 |
@Value("${google.recaptcha.key}") |
|
47 |
private String sitekey; |
|
48 |
|
|
49 |
private static final Logger logger = Logger.getLogger(RequestActivationCodeServlet.class); |
|
50 |
|
|
51 |
public void init(ServletConfig config) throws ServletException { |
|
52 |
super.init(config); |
|
53 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
54 |
config.getServletContext()); |
|
55 |
config.getServletContext().setAttribute("sitekey", sitekey); |
|
56 |
|
|
57 |
} |
|
58 |
|
|
59 |
@Override |
|
60 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
61 |
String formEmail = request.getParameter("email").trim(); |
|
62 |
|
|
63 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response"); |
|
64 |
|
|
65 |
HttpSession session = request.getSession(); |
|
66 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
67 |
|
|
68 |
if (formEmail == null) { |
|
69 |
request.getSession().setAttribute("message", "Error reading email."); |
|
70 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
71 |
|
|
72 |
} else if (formEmail.isEmpty()) { |
|
73 |
request.getSession().setAttribute("message", "Please enter your email."); |
|
74 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
75 |
|
|
76 |
} else if (!EmailValidator.getInstance().isValid(formEmail)) { |
|
77 |
request.getSession().setAttribute("message", "Please enter a valid email."); |
|
78 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
79 |
|
|
80 |
} else if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) { |
|
81 |
request.getSession().setAttribute("reCAPTCHA_message", "You missed the reCAPTCHA validation!"); |
|
82 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
83 |
|
|
84 |
} else { |
|
85 |
|
|
86 |
try { |
|
87 |
|
|
88 |
Boolean isRegistered = false; |
|
89 |
Boolean isZombie = false; |
|
90 |
|
|
91 |
if (ldapActions.emailExists(formEmail)) { |
|
92 |
logger.info("User with email: " + formEmail + " is activated user!"); |
|
93 |
isRegistered = true; |
|
94 |
} else if (ldapActions.isZombieUsersEmail(formEmail)) { |
|
95 |
logger.info("User with email: " + formEmail + " is zombie user!"); |
|
96 |
isZombie = true; |
|
97 |
} |
|
98 |
|
|
99 |
if (!isRegistered && !isZombie) { |
|
100 |
request.getSession().setAttribute("message", "There is no user with that email."); |
|
101 |
response.sendRedirect("./requestToDeleteAccount.jsp"); |
|
102 |
} else { |
|
103 |
|
|
104 |
String username = null; |
|
105 |
|
|
106 |
if (isRegistered) { |
|
107 |
username = ldapActions.getUsername(formEmail); |
|
108 |
} else if (isZombie) { |
|
109 |
username = ldapActions.getZombieUsersUserName(formEmail); |
|
110 |
} |
|
111 |
|
|
112 |
UUID verificationCode = UUID.randomUUID(); |
|
113 |
Date creationDate = new Date(); |
|
114 |
String vCode = verificationCode.toString(); |
|
115 |
|
|
116 |
Timestamp timestamp = new Timestamp(creationDate.getTime()); |
|
117 |
|
|
118 |
if (!verificationActions.verificationEntryExists(username)) { |
|
119 |
verificationActions.addVerificationEntry(username, vCode, timestamp); |
|
120 |
|
|
121 |
} else { |
|
122 |
verificationActions.updateVerificationEntry(username, vCode, timestamp); |
|
123 |
} |
|
124 |
|
|
125 |
String resultPath = UrlConstructor.getRedirectUrl(request, "verifyToDelete.jsp"); |
|
126 |
String resultPathWithVCode = UrlConstructor.getVerificationLink(resultPath, vCode); |
|
127 |
|
|
128 |
String verificationCodeMsg = "<p>Hello " + username + ",</p>" + |
|
129 |
"<p> A request has been made to get a verification code to delete your OpenAIRE account. To delete your " + |
|
130 |
"account, you will need to submit your username and this verification code in order to verify that the " + |
|
131 |
"request was legitimate.</p>" + |
|
132 |
"<p>" + |
|
133 |
"The verification code is " + vCode + |
|
134 |
"</p>" + |
|
135 |
"Click the URL below and proceed with deleting your account." + |
|
136 |
"<p><a href=" + resultPathWithVCode + ">" + resultPathWithVCode + "</a></p>" + |
|
137 |
"<p>The verification code is valid for 24 hours.</p>" + |
|
138 |
"<p>Thank you,</p>" + |
|
139 |
"<p>OpenAIRE technical team</p>"; |
|
140 |
|
|
141 |
String verificationCodeSubject = "Request to delete your OpenAIRE account"; |
|
142 |
|
|
143 |
emailSender.sendEmail(formEmail, verificationCodeSubject, verificationCodeMsg); |
|
144 |
logger.info("Sending verification code to user: " + formEmail); |
|
145 |
|
|
146 |
|
|
147 |
response.sendRedirect("./verifyToDelete.jsp"); |
|
148 |
} |
|
149 |
} catch (MessagingException e) { |
|
150 |
logger.error("Error in sending email", e); |
|
151 |
request.getSession().setAttribute("message", "Error sending email"); |
|
152 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
153 |
} catch (Exception ldape) { |
|
154 |
logger.error("Could not user with email " + formEmail, ldape); |
|
155 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
156 |
} |
|
157 |
} |
|
158 |
} |
|
159 |
|
|
160 |
public String getOidcHomeUrl() { |
|
161 |
return oidcHomeUrl; |
|
162 |
} |
|
163 |
|
|
164 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
165 |
this.oidcHomeUrl = oidcHomeUrl; |
|
166 |
} |
|
167 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/ActivationCodeServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.beans.factory.annotation.Value; |
|
10 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
11 |
|
|
12 |
import javax.servlet.ServletConfig; |
|
13 |
import javax.servlet.ServletException; |
|
14 |
import javax.servlet.http.HttpServlet; |
|
15 |
import javax.servlet.http.HttpServletRequest; |
|
16 |
import javax.servlet.http.HttpServletResponse; |
|
17 |
import javax.servlet.http.HttpSession; |
|
18 |
import java.io.IOException; |
|
19 |
import java.io.PrintWriter; |
|
20 |
|
|
21 |
/** |
|
22 |
* Created by sofia on 23/10/2017. |
|
23 |
*/ |
|
24 |
public class ActivationCodeServlet extends HttpServlet{ |
|
25 |
|
|
26 |
public void init(ServletConfig config) throws ServletException { |
|
27 |
super.init(config); |
|
28 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
29 |
config.getServletContext()); |
|
30 |
} |
|
31 |
|
|
32 |
@Autowired |
|
33 |
private VerificationActions verificationActions; |
|
34 |
|
|
35 |
@Autowired |
|
36 |
private LDAPActions ldapActions; |
|
37 |
|
|
38 |
@Value("${oidc.home}") |
|
39 |
private String oidcHomeUrl; |
|
40 |
|
|
41 |
private Logger logger = Logger.getLogger(ActivationCodeServlet.class); |
|
42 |
|
|
43 |
@Override |
|
44 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
45 |
response.setContentType("text/html"); |
|
46 |
PrintWriter printWriter = response.getWriter(); |
|
47 |
|
|
48 |
String formUsername = request.getParameter("username").trim(); |
|
49 |
String formVerificationCode = request.getParameter("verification_code").trim(); |
|
50 |
|
|
51 |
if (InputValidator.isFilled(formUsername) && InputValidator.isFilled(formVerificationCode)) { |
|
52 |
if (verificationActions.verificationEntryExists(formUsername) && verificationActions.verificationCodeIsCorrect(formUsername, formVerificationCode)) { |
|
53 |
if (!verificationActions.verificationCodeHasExpired(formUsername)) { |
|
54 |
HttpSession session = request.getSession(); |
|
55 |
session.setAttribute("username", formUsername); |
|
56 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
57 |
try { |
|
58 |
ldapActions.moveUser(formUsername); |
|
59 |
} catch (Exception e) { |
|
60 |
logger.error("LDAP error in moving user", e); |
|
61 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
62 |
} |
|
63 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "registerSuccess.jsp")); |
|
64 |
} else { |
|
65 |
logger.info("Verification code has expired!"); |
|
66 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "expiredVerificationCode.jsp")); |
|
67 |
} |
|
68 |
} else { |
|
69 |
logger.info("Username or activation code are not valid!"); |
|
70 |
request.getSession().setAttribute("message", "Username or activation code are not valid."); |
|
71 |
response.sendRedirect("./activate.jsp"); |
|
72 |
} |
|
73 |
} else { |
|
74 |
if (!InputValidator.isFilled(formUsername)) { |
|
75 |
logger.info("No username"); |
|
76 |
request.getSession().setAttribute("msg_username_error", "Please enter your username."); |
|
77 |
} |
|
78 |
if (!InputValidator.isFilled(formVerificationCode)) { |
|
79 |
logger.info("No activation code"); |
|
80 |
request.getSession().setAttribute("msg_activation_code_error", "Please enter your activation code."); |
|
81 |
} |
|
82 |
response.sendRedirect("./activate.jsp"); |
|
83 |
} |
|
84 |
printWriter.close(); |
|
85 |
|
|
86 |
} |
|
87 |
|
|
88 |
public String getOidcHomeUrl() { |
|
89 |
return oidcHomeUrl; |
|
90 |
} |
|
91 |
|
|
92 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
93 |
this.oidcHomeUrl = oidcHomeUrl; |
|
94 |
} |
|
95 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import com.google.gson.Gson; |
|
4 |
import com.google.gson.GsonBuilder; |
|
5 |
import eu.dnetlib.openaire.user.pojos.RegisteredService; |
|
6 |
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils; |
|
7 |
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils; |
|
8 |
import org.apache.http.HttpResponse; |
|
9 |
import org.apache.log4j.Logger; |
|
10 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
11 |
import org.springframework.beans.factory.annotation.Autowired; |
|
12 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
13 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
14 |
|
|
15 |
import javax.servlet.ServletConfig; |
|
16 |
import javax.servlet.ServletException; |
|
17 |
import javax.servlet.http.HttpServlet; |
|
18 |
import javax.servlet.http.HttpServletRequest; |
|
19 |
import javax.servlet.http.HttpServletResponse; |
|
20 |
import java.io.IOException; |
|
21 |
import java.sql.SQLException; |
|
22 |
import java.util.HashMap; |
|
23 |
import java.util.List; |
|
24 |
import java.util.Map; |
|
25 |
|
|
26 |
public class RegisteredServicesServlet extends HttpServlet { |
|
27 |
|
|
28 |
private Logger logger = Logger.getLogger(RegisteredServicesServlet.class); |
|
29 |
|
|
30 |
@Autowired |
|
31 |
private RegisteredServicesUtils registeredServicesUtils; |
|
32 |
|
|
33 |
@Autowired |
|
34 |
private TokenUtils tokenUtils; |
|
35 |
|
|
36 |
public void init(ServletConfig config) throws ServletException { |
|
37 |
super.init(config); |
|
38 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
39 |
config.getServletContext()); |
|
40 |
} |
|
41 |
|
|
42 |
public void doGet(HttpServletRequest request, HttpServletResponse response) |
|
43 |
throws ServletException, IOException { |
|
44 |
|
|
45 |
request.getSession().setAttribute("authenticated", |
|
46 |
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString() |
|
47 |
.equals("anonymousUser")); |
|
48 |
|
|
49 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder. |
|
50 |
getContext().getAuthentication(); |
|
51 |
|
|
52 |
String userId = authentication.getSub(); |
|
53 |
|
|
54 |
List<RegisteredService> registeredServices = null; |
|
55 |
try { |
|
56 |
registeredServices = registeredServicesUtils. |
|
57 |
getRegisteredServiceDao().fetchAllRegisteredServicesByOwner(userId); |
|
58 |
System.out.println("LOAD REGISTERED SERVICES. " + registeredServices.size()); |
|
59 |
|
|
60 |
if (registeredServices.isEmpty()) { |
|
61 |
request.getSession().setAttribute("showEmptyList", true); |
|
62 |
} else { |
|
63 |
Map<String, ServiceResponse> serviceResponses = new HashMap<>(); |
|
64 |
Map<String, String> serviceKey = new HashMap<>(); |
|
65 |
|
|
66 |
for (RegisteredService registeredService:registeredServices) { |
|
67 |
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(),registeredService.getRegistrationAccessToken()); |
|
68 |
serviceResponses.put(registeredService.getId(), serviceResponse); |
|
69 |
serviceKey.put(registeredService.getId(), extractPublicKeySet(serviceResponse)); |
|
70 |
} |
|
71 |
|
|
72 |
boolean reachedLimit = reachedMaximumNumberOfServices(registeredServices); |
|
73 |
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0)); |
|
74 |
name.append(authentication.getUserInfo().getFamilyName().charAt(0)); |
|
75 |
request.getSession().setAttribute("name", name.toString()); |
|
76 |
request.getSession().setAttribute("reachedLimit", reachedLimit); |
|
77 |
System.out.println("REACHED LIMIT??? " + reachedLimit); |
|
78 |
|
|
79 |
request.getSession().setAttribute("services", serviceResponses); |
|
80 |
request.getSession().setAttribute("keys", serviceKey); |
|
81 |
} |
|
82 |
request.getSession().setAttribute("registeredServices", registeredServices); |
|
83 |
|
|
84 |
} catch (SQLException sqle) { |
|
85 |
logger.error("Error fetching registered services for user " + userId , sqle); |
|
86 |
request.getSession().setAttribute("message", "Error fetching registered services. " + |
|
87 |
"Please try again later."); |
|
88 |
request.getSession().setAttribute("showEmptyList", false); |
|
89 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
90 |
} |
|
91 |
|
|
92 |
response.setContentType("text/html"); |
|
93 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
94 |
} |
|
95 |
|
|
96 |
private String extractPublicKeySet(ServiceResponse serviceResponse) { |
|
97 |
if (serviceResponse.getJwksUri()!=null && !serviceResponse.getJwksUri().isEmpty()) |
|
98 |
return serviceResponse.getJwksUri(); |
|
99 |
|
|
100 |
return extractJSONJwk(serviceResponse.getJwks()); |
|
101 |
} |
|
102 |
|
|
103 |
private String extractJSONJwk(Jwks jwks) { |
|
104 |
Gson gson = new GsonBuilder().setPrettyPrinting().create(); |
|
105 |
System.out.println(gson.toJson(jwks)); |
|
106 |
return gson.toJson(jwks); |
|
107 |
} |
|
108 |
|
|
109 |
@Override |
|
110 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { |
|
111 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder. |
|
112 |
getContext().getAuthentication(); |
|
113 |
String id = request.getParameter("id"); |
|
114 |
|
|
115 |
System.out.println("POST " +id); |
|
116 |
|
|
117 |
if (id!=null && !id.isEmpty()) { |
|
118 |
try { |
|
119 |
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(id)); |
|
120 |
|
|
121 |
if (!registeredService.getOwner().equals(authentication.getSub())) { |
|
122 |
request.getSession().setAttribute("message", "You are not allowed to delete the service."); |
|
123 |
System.out.println("BLOCKED " + registeredService.getOwner() + " >> " + authentication.getSub()); |
|
124 |
response.sendRedirect("./registeredServices"); |
|
125 |
return; |
|
126 |
} |
|
127 |
|
|
128 |
HttpResponse resp = tokenUtils.deleteService(registeredService.getClientId(), registeredService.getRegistrationAccessToken()); |
|
129 |
|
|
130 |
int statusCode = resp.getStatusLine().getStatusCode(); |
|
131 |
System.out.println("STATUS CODE " + statusCode); |
|
132 |
|
|
133 |
if (statusCode != 204) { |
|
134 |
logger.error("Unable to delete the service. Status code was " + statusCode); |
|
135 |
request.getSession().setAttribute("message", "Fail to delete the service. Status " + statusCode); |
|
136 |
System.out.println("AAI blocked"); |
|
137 |
response.sendRedirect("./registeredServices"); |
|
138 |
return; |
|
139 |
} else { |
|
140 |
registeredServicesUtils.getRegisteredServiceDao().delete(Integer.parseInt(id)); |
|
141 |
request.getSession().setAttribute("success", "The service was successfully deleted."); |
|
142 |
System.out.println("HERE HERE"); |
|
143 |
} |
|
144 |
|
|
145 |
} catch (SQLException sqle) { |
|
146 |
logger.error("Unable to contact db.", sqle); |
|
147 |
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later."); |
|
148 |
} |
|
149 |
|
|
150 |
} else { |
|
151 |
request.getSession().setAttribute("message", "Error selecting service to delete. Please try again."); |
|
152 |
} |
|
153 |
|
|
154 |
response.sendRedirect("./registeredServices"); |
|
155 |
} |
|
156 |
|
|
157 |
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) { |
|
158 |
return registeredServices.size() >= 5; |
|
159 |
} |
|
160 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/dto/Role.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement.dto; |
|
2 |
|
|
3 |
import javax.xml.bind.annotation.XmlRootElement; |
|
4 |
|
|
5 |
@XmlRootElement |
|
6 |
public class Role { |
|
7 |
String name; |
|
8 |
String description; |
|
9 |
|
|
10 |
public Role() {} |
|
11 |
|
|
12 |
public Role(String name, String description) { |
|
13 |
this.name = name; |
|
14 |
this.description = description; |
|
15 |
} |
|
16 |
|
|
17 |
public String getName() { |
|
18 |
return name; |
|
19 |
} |
|
20 |
|
|
21 |
public void setName(String name) { |
|
22 |
this.name = name; |
|
23 |
} |
|
24 |
|
|
25 |
public String getDescription() { |
|
26 |
return description; |
|
27 |
} |
|
28 |
|
|
29 |
public void setDescription(String description) { |
|
30 |
this.description = description; |
|
31 |
} |
|
32 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/ServiceRequest.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import java.io.Serializable; |
|
4 |
|
|
5 |
public class ServiceRequest { |
|
6 |
String client_name; |
|
7 |
String client_id; |
|
8 |
String logo_uri; |
|
9 |
String policy_uri; |
|
10 |
String[] contacts; |
|
11 |
String[] redirect_uris = new String[]{}; |
|
12 |
String[] grant_types = new String[] {"client_credentials"}; |
|
13 |
String token_endpoint_auth_method = "private_key_jwt"; |
|
14 |
String token_endpoint_auth_signing_alg = "RS256"; |
|
15 |
String jwks_uri; |
|
16 |
Jwks jwks; |
|
17 |
|
|
18 |
public String getClientName() { |
|
19 |
return client_name; |
|
20 |
} |
|
21 |
|
|
22 |
public void setClientName(String clientName) { |
|
23 |
this.client_name = clientName; |
|
24 |
} |
|
25 |
|
|
26 |
public String getClientId() { |
|
27 |
return client_id; |
|
28 |
} |
|
29 |
|
|
30 |
public void setClientId(String clientId) { |
|
31 |
this.client_id = clientId; |
|
32 |
} |
|
33 |
|
|
34 |
public String[] getRedirectUris() { |
|
35 |
return redirect_uris; |
|
36 |
} |
|
37 |
|
|
38 |
public void setRedirectUris(String[] redirectUris) { |
|
39 |
this.redirect_uris = redirectUris; |
|
40 |
} |
|
41 |
|
|
42 |
public String getLogoUri() { |
|
43 |
return logo_uri; |
|
44 |
} |
|
45 |
|
|
46 |
public void setLogoUri(String logoUri) { |
|
47 |
this.logo_uri = logoUri; |
|
48 |
} |
|
49 |
|
|
50 |
public String getPolicyUri() { |
|
51 |
return policy_uri; |
|
52 |
} |
|
53 |
|
|
54 |
public void setPolicyUri(String policyUri) { |
|
55 |
this.policy_uri = policyUri; |
|
56 |
} |
|
57 |
|
|
58 |
public String[] getContacts() { |
|
59 |
return contacts; |
|
60 |
} |
|
61 |
|
|
62 |
public void setContacts(String[] contacts) { |
|
63 |
this.contacts = contacts; |
|
64 |
} |
|
65 |
|
|
66 |
public String[] getGrantTypes() { |
|
67 |
return grant_types; |
|
68 |
} |
|
69 |
|
|
70 |
public void setGrantTypes(String[] grantTypes) { |
|
71 |
this.grant_types = grantTypes; |
|
72 |
} |
|
73 |
|
|
74 |
public String getToken_endpoint_auth_method() { |
|
75 |
return token_endpoint_auth_method; |
|
76 |
} |
|
77 |
|
|
78 |
public void setToken_endpoint_auth_method(String token_endpoint_auth_method) { |
|
79 |
this.token_endpoint_auth_method = token_endpoint_auth_method; |
|
80 |
} |
|
81 |
|
|
82 |
public String getTokenEndpointAuthSigningAlg() { |
|
83 |
return token_endpoint_auth_signing_alg; |
|
84 |
} |
|
85 |
|
|
86 |
public void setTokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlg) { |
|
87 |
this.token_endpoint_auth_signing_alg = tokenEndpointAuthSigningAlg; |
|
88 |
} |
|
89 |
|
|
90 |
public String getJwksUri() { |
|
91 |
return jwks_uri; |
|
92 |
} |
|
93 |
|
|
94 |
public void setJwksUri(String jwksUri) { |
|
95 |
this.jwks_uri = jwksUri; |
|
96 |
} |
|
97 |
|
|
98 |
public Jwks getJwks() { |
|
99 |
return jwks; |
|
100 |
} |
|
101 |
|
|
102 |
public void setJwks(Jwks jwks) { |
|
103 |
this.jwks = jwks; |
|
104 |
} |
|
105 |
} |
|
106 |
|
|
107 |
class Jwks implements Serializable { |
|
108 |
Key[] keys; |
|
109 |
|
|
110 |
public Key[] getKeys() { |
|
111 |
return keys; |
|
112 |
} |
|
113 |
|
|
114 |
public void setKeys(Key[] keys) { |
|
115 |
this.keys = keys; |
|
116 |
} |
|
117 |
} |
|
118 |
|
|
119 |
class Key implements Serializable { |
|
120 |
String kty; |
|
121 |
String e; |
|
122 |
String kid; |
|
123 |
String alg; |
|
124 |
String n; |
|
125 |
|
|
126 |
public String getKty() { |
|
127 |
return kty; |
|
128 |
} |
|
129 |
|
|
130 |
public void setKty(String kty) { |
|
131 |
this.kty = kty; |
|
132 |
} |
|
133 |
|
|
134 |
public String getE() { |
|
135 |
return e; |
|
136 |
} |
|
137 |
|
|
138 |
public void setE(String e) { |
|
139 |
this.e = e; |
|
140 |
} |
|
141 |
|
|
142 |
public String getKid() { |
|
143 |
return kid; |
|
144 |
} |
|
145 |
|
|
146 |
public void setKid(String kid) { |
|
147 |
this.kid = kid; |
|
148 |
} |
|
149 |
|
|
150 |
public String getAlg() { |
|
151 |
return alg; |
|
152 |
} |
|
153 |
|
|
154 |
public void setAlg(String alg) { |
|
155 |
this.alg = alg; |
|
156 |
} |
|
157 |
|
|
158 |
public String getN() { |
|
159 |
return n; |
|
160 |
} |
|
161 |
|
|
162 |
public void setN(String n) { |
|
163 |
this.n = n; |
|
164 |
} |
|
165 |
} |
|
166 |
|
|
167 |
|
|
168 |
|
|
169 |
|
|
170 |
|
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.InputValidator; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
7 |
import org.apache.log4j.Logger; |
|
8 |
import org.springframework.beans.factory.annotation.Autowired; |
|
9 |
import org.springframework.beans.factory.annotation.Value; |
|
10 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
11 |
|
|
12 |
import javax.servlet.ServletConfig; |
|
13 |
import javax.servlet.ServletException; |
|
14 |
import javax.servlet.http.HttpServlet; |
|
15 |
import javax.servlet.http.HttpServletRequest; |
|
16 |
import javax.servlet.http.HttpServletResponse; |
|
17 |
import javax.servlet.http.HttpSession; |
|
18 |
import java.io.IOException; |
|
19 |
import java.io.PrintWriter; |
|
20 |
|
|
21 |
/** |
|
22 |
* Created by kiatrop on 28/9/2017. |
|
23 |
*/ |
|
24 |
public class ResetPasswordServlet extends HttpServlet { |
|
25 |
|
|
26 |
public void init(ServletConfig config) throws ServletException { |
|
27 |
super.init(config); |
|
28 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
29 |
config.getServletContext()); |
|
30 |
} |
|
31 |
|
|
32 |
@Autowired |
|
33 |
private VerificationActions verificationActions; |
|
34 |
|
|
35 |
@Autowired |
|
36 |
private LDAPActions ldapActions; |
|
37 |
|
|
38 |
@Value("${oidc.home}") |
|
39 |
private String oidcHomeUrl; |
|
40 |
|
|
41 |
private Logger logger = Logger.getLogger(ResetPasswordServlet.class); |
|
42 |
|
|
43 |
@Override |
|
44 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
45 |
response.setContentType("text/html"); |
|
46 |
PrintWriter printWriter = response.getWriter(); |
|
47 |
|
|
48 |
HttpSession session = request.getSession(); |
|
49 |
String username = (String) session.getAttribute("username"); |
|
50 |
|
|
51 |
String password = request.getParameter("password"); |
|
52 |
String confirmPassword = request.getParameter("password_conf"); |
|
53 |
|
|
54 |
if (InputValidator.isFilled(password)) { |
|
55 |
if (InputValidator.isValidPassword(password) && password.equals(confirmPassword) && username != null) { |
|
56 |
try { |
|
57 |
ldapActions.resetPassword(username, password); |
|
58 |
logger.info("password resetted"); |
|
59 |
session.removeAttribute("username"); |
|
60 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
61 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "success.jsp")); |
|
62 |
} catch (Exception e) { |
|
63 |
logger.error("LDAP error in resetting password", e); |
|
64 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
65 |
} |
|
66 |
} else { |
|
67 |
if (!InputValidator.isValidPassword(password)) { |
|
68 |
logger.info("No valid password"); |
|
69 |
// request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed."); |
|
70 |
} |
|
71 |
if (!password.equals(confirmPassword)) { |
|
72 |
logger.info("No matching passwords"); |
|
73 |
// request.getSession().setAttribute("msg_pass_conf_error", "These passwords don't match."); |
|
74 |
} |
|
75 |
response.sendRedirect("./resetPassword.jsp"); |
|
76 |
} |
|
77 |
} else { |
|
78 |
logger.info("Empty password"); |
|
79 |
request.getSession().setAttribute("msg_password_error_display", "display:block" ); |
|
80 |
// request.getSession().setAttribute("msg_invalid_password", "The password must contain a lowercase letter, a capital (uppercase) letter, a number and must be at least 6 characters long. White space character is not allowed."); |
|
81 |
response.sendRedirect("./resetPassword.jsp"); |
|
82 |
} |
|
83 |
printWriter.close(); |
|
84 |
} |
|
85 |
|
|
86 |
public String getOidcHomeUrl() { |
|
87 |
return oidcHomeUrl; |
|
88 |
} |
|
89 |
|
|
90 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
91 |
this.oidcHomeUrl = oidcHomeUrl; |
|
92 |
} |
|
93 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/RequestActivationCodeServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import eu.dnetlib.openaire.user.utils.EmailSender; |
|
4 |
import eu.dnetlib.openaire.user.utils.LDAPActions; |
|
5 |
import eu.dnetlib.openaire.user.utils.VerificationActions; |
|
6 |
import eu.dnetlib.openaire.user.utils.VerifyRecaptcha; |
|
7 |
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor; |
|
8 |
import org.apache.log4j.Logger; |
|
9 |
import org.springframework.beans.factory.annotation.Autowired; |
|
10 |
import org.springframework.beans.factory.annotation.Value; |
|
11 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
12 |
|
|
13 |
import javax.mail.MessagingException; |
|
14 |
import javax.servlet.ServletConfig; |
|
15 |
import javax.servlet.ServletException; |
|
16 |
import javax.servlet.http.HttpServlet; |
|
17 |
import javax.servlet.http.HttpServletRequest; |
|
18 |
import javax.servlet.http.HttpServletResponse; |
|
19 |
import javax.servlet.http.HttpSession; |
|
20 |
import java.io.IOException; |
|
21 |
import java.sql.Timestamp; |
|
22 |
import java.util.Date; |
|
23 |
import java.util.UUID; |
|
24 |
|
|
25 |
/** |
|
26 |
* Created by sofia on 14/5/2018. |
|
27 |
*/ |
|
28 |
public class RequestActivationCodeServlet extends HttpServlet { |
|
29 |
|
|
30 |
@Autowired |
|
31 |
private VerificationActions verificationActions; |
|
32 |
|
|
33 |
@Autowired |
|
34 |
private LDAPActions ldapActions; |
|
35 |
|
|
36 |
@Autowired |
|
37 |
private EmailSender emailSender; |
|
38 |
|
|
39 |
@Value("${oidc.home}") |
|
40 |
private String oidcHomeUrl; |
|
41 |
|
|
42 |
@Value("${google.recaptcha.secret}") |
|
43 |
private String secret; |
|
44 |
|
|
45 |
@Value("${google.recaptcha.key}") |
|
46 |
private String sitekey; |
|
47 |
|
|
48 |
private static final Logger logger = Logger.getLogger(RequestActivationCodeServlet.class); |
|
49 |
|
|
50 |
public void init(ServletConfig config) throws ServletException { |
|
51 |
super.init(config); |
|
52 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
53 |
config.getServletContext()); |
|
54 |
config.getServletContext().setAttribute("sitekey", sitekey); |
|
55 |
|
|
56 |
} |
|
57 |
|
|
58 |
@Override |
|
59 |
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { |
|
60 |
String formUsername = request.getParameter("username").trim(); |
|
61 |
|
|
62 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response"); |
|
63 |
|
|
64 |
HttpSession session = request.getSession(); |
|
65 |
session.setAttribute("homeUrl", oidcHomeUrl); |
|
66 |
|
|
67 |
if (formUsername == null) { |
|
68 |
request.getSession().setAttribute("message", "Error reading username."); |
|
69 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
70 |
|
|
71 |
} else if (formUsername.isEmpty()) { |
|
72 |
request.getSession().setAttribute("message", "Please enter your username."); |
|
73 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
74 |
|
|
75 |
} else if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) { |
|
76 |
request.getSession().setAttribute("reCAPTCHA_message", "You missed the reCAPTCHA validation!"); |
|
77 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
78 |
|
|
79 |
} else { |
|
80 |
|
|
81 |
try { |
|
82 |
if (ldapActions.isZombieUsersUsername(formUsername)) { |
|
83 |
logger.info("User " + formUsername + " is zombie user!"); |
|
84 |
|
|
85 |
UUID verificationCode = UUID.randomUUID(); |
|
86 |
Date creationDate = new Date(); |
|
87 |
String vCode = verificationCode.toString(); |
|
88 |
|
|
89 |
Timestamp timestamp = new Timestamp(creationDate.getTime()); |
|
90 |
|
|
91 |
if (!verificationActions.verificationEntryExists(formUsername)) { |
|
92 |
verificationActions.addVerificationEntry(formUsername, vCode, timestamp); |
|
93 |
|
|
94 |
} else { |
|
95 |
verificationActions.updateVerificationEntry(formUsername, vCode, timestamp); |
|
96 |
} |
|
97 |
|
|
98 |
String resultPath = UrlConstructor.getRedirectUrl(request, "activate.jsp"); |
|
99 |
String resultPathWithVCode = UrlConstructor.getVerificationLink(resultPath, vCode); |
|
100 |
|
|
101 |
String verificationCodeMsg = "<p>Hello " + formUsername + ",</p>" + |
|
102 |
"<p> A request has been made to get a new activation code to verify your email and activate your OpenAIRE account. To activate your " + |
|
103 |
"account, you will need to submit your username and this activation code in order to verify that the " + |
|
104 |
"request was legitimate.</p>" + |
|
105 |
"<p>" + |
|
106 |
"The activation code is " + vCode + |
|
107 |
"</p>" + |
|
108 |
"Click the URL below and proceed with activating your password." + |
|
109 |
"<p><a href=" + resultPathWithVCode + ">" + resultPathWithVCode + "</a></p>" + |
|
110 |
"<p>The activation code is valid for 24 hours.</p>" + |
|
111 |
"<p>Thank you,</p>" + |
|
112 |
"<p>OpenAIRE technical team</p>"; |
|
113 |
|
|
114 |
String verificationCodeSubject = "Request a new activation code for your OpenAIRE account"; |
|
115 |
|
|
116 |
String email = ldapActions.getZombieUsersEmail(formUsername); |
|
117 |
|
|
118 |
if (email != null && !email.isEmpty()) { |
|
119 |
emailSender.sendEmail(email, verificationCodeSubject, verificationCodeMsg); |
|
120 |
logger.info("Sending activation code to user: " + formUsername); |
|
121 |
} |
|
122 |
|
|
123 |
response.sendRedirect("./activate.jsp"); |
|
124 |
|
|
125 |
} else if (ldapActions.usernameExists(formUsername)) { |
|
126 |
logger.info("User " + formUsername + " has already activated his account."); |
|
127 |
request.getSession().setAttribute("message", "Your account is already activated."); |
|
128 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
129 |
|
|
130 |
} else { |
|
131 |
logger.info("No user with username: " + formUsername); |
|
132 |
request.getSession().setAttribute("message", "There is no user registered with that username."); |
|
133 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
134 |
} |
|
135 |
|
|
136 |
} catch (MessagingException e) { |
|
137 |
logger.error("Error in sending email", e); |
|
138 |
request.getSession().setAttribute("message", "Error sending email"); |
|
139 |
response.sendRedirect("./requestActivationCode.jsp"); |
|
140 |
} catch (Exception ldape) { |
|
141 |
logger.error("Could not find zombie user with username " + formUsername, ldape); |
|
142 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp")); |
|
143 |
} |
|
144 |
} |
|
145 |
} |
|
146 |
|
|
147 |
public String getOidcHomeUrl() { |
|
148 |
return oidcHomeUrl; |
|
149 |
} |
|
150 |
|
|
151 |
public void setOidcHomeUrl(String oidcHomeUrl) { |
|
152 |
this.oidcHomeUrl = oidcHomeUrl; |
|
153 |
} |
|
154 |
|
|
155 |
|
|
156 |
|
|
157 |
|
|
158 |
|
|
159 |
} |
modules/dnet-openaire-users/branches/beta/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java | ||
---|---|---|
1 |
package eu.dnetlib.openaire.usermanagement; |
|
2 |
|
|
3 |
import com.google.gson.Gson; |
|
4 |
import com.google.gson.GsonBuilder; |
|
5 |
import com.google.gson.JsonParseException; |
|
6 |
import eu.dnetlib.openaire.user.pojos.RegisteredService; |
|
7 |
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils; |
|
8 |
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils; |
|
9 |
import org.apache.commons.validator.routines.UrlValidator; |
|
10 |
import org.apache.http.HttpResponse; |
|
11 |
import org.apache.log4j.Logger; |
|
12 |
import org.mitre.openid.connect.model.OIDCAuthenticationToken; |
|
13 |
import org.springframework.beans.factory.annotation.Autowired; |
|
14 |
import org.springframework.security.access.method.P; |
|
15 |
import org.springframework.security.core.context.SecurityContextHolder; |
|
16 |
import org.springframework.web.context.support.SpringBeanAutowiringSupport; |
|
17 |
|
|
18 |
import javax.servlet.ServletConfig; |
|
19 |
import javax.servlet.ServletException; |
|
20 |
import javax.servlet.http.HttpServlet; |
|
21 |
import javax.servlet.http.HttpServletRequest; |
|
22 |
import javax.servlet.http.HttpServletResponse; |
|
23 |
import java.io.IOException; |
|
24 |
import java.sql.SQLException; |
|
25 |
|
|
26 |
|
|
27 |
public class RegisterServiceServlet extends HttpServlet { |
|
28 |
|
|
29 |
private Logger logger = Logger.getLogger(RegisterServiceServlet.class); |
|
30 |
|
|
31 |
public void init(ServletConfig config) throws ServletException { |
|
32 |
super.init(config); |
|
33 |
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this, |
|
34 |
config.getServletContext()); |
|
35 |
} |
|
36 |
|
|
37 |
@Autowired |
|
38 |
private RegisteredServicesUtils registeredServicesUtils; |
|
39 |
|
|
40 |
@Autowired |
|
41 |
private TokenUtils tokenUtils; |
|
42 |
|
|
43 |
public void doGet(HttpServletRequest request, HttpServletResponse response) |
|
44 |
throws ServletException, IOException { |
|
45 |
|
|
46 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder. |
|
47 |
getContext().getAuthentication(); |
|
48 |
String userid = authentication.getSub(); |
|
49 |
|
|
50 |
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0)); |
|
51 |
name.append(authentication.getUserInfo().getFamilyName().charAt(0)); |
|
52 |
request.getSession().setAttribute("name", name.toString()); |
|
53 |
|
|
54 |
String idParam = request.getParameter("id"); |
|
55 |
|
|
56 |
if (idParam != null && !idParam.isEmpty()) { // EDIT CASE |
|
57 |
System.out.println("In edit"); |
|
58 |
try { |
|
59 |
int id = Integer.parseInt(idParam); |
|
60 |
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(id); |
|
61 |
|
|
62 |
if (registeredService != null && registeredServicesUtils.isAuthorized(userid, id)) { |
|
63 |
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(), registeredService.getRegistrationAccessToken()); |
|
64 |
|
|
65 |
updateFormFields(request, registeredService.getName(), registeredService.getKeyType(), serviceResponse); |
|
66 |
|
|
67 |
} else { |
|
68 |
if (registeredService == null) { |
|
69 |
System.out.println("No service found!"); |
|
70 |
request.getSession().setAttribute("message", "Not valid registered service with given id " + id + "."); |
|
71 |
response.sendRedirect("./registeredServices"); |
|
72 |
logger.warn("Not valid registered service with " + id + "id."); |
|
73 |
|
|
74 |
} else { |
|
75 |
System.out.println("Not authorized"); |
|
76 |
request.getSession().setAttribute("message", "Not authorized to edit the registered service with id " + id + "."); |
|
77 |
response.sendRedirect("./registeredServices"); |
|
78 |
logger.warn("Not authorized to edit the service with " + id + "id."); |
|
79 |
} |
|
80 |
} |
|
81 |
|
|
82 |
} catch (NumberFormatException nfe) { |
|
83 |
System.out.println("WRONG FORMAT"); |
|
84 |
request.getSession().setAttribute("message", "Invalid service id."); |
|
85 |
response.sendRedirect("./registeredServices"); |
|
86 |
logger.error("Invalid service id.", nfe); |
|
87 |
|
|
88 |
} catch (SQLException sqle) { |
|
89 |
System.out.println("SQL PROBLEM"); |
|
90 |
request.getSession().setAttribute("message", "Could not fetch registered service."); |
|
91 |
response.sendRedirect("./registeredServices"); |
|
92 |
logger.error("Could not fetch registered service.", sqle); |
|
93 |
} |
|
94 |
|
|
95 |
} else {// NEW SERVICE CASE |
|
96 |
//Careful! Redirects in method |
|
97 |
request.getSession().setAttribute("first_name", null); |
|
98 |
request.getSession().setAttribute("key_type", null); |
|
99 |
request.getSession().setAttribute("jwksUri", null); |
|
100 |
request.getSession().setAttribute("value", null); |
|
101 |
checkNumberOfRegisteredServices(request, response, authentication); |
|
102 |
} |
|
103 |
|
|
104 |
response.setContentType("text/html"); |
|
105 |
request.getRequestDispatcher("./registerService.jsp").include(request, response); |
|
106 |
} |
|
107 |
|
|
108 |
private void updateFormFields(HttpServletRequest request, String serviceName, String keyType, ServiceResponse serviceResponse) { |
|
109 |
System.out.println("UPDATING FORM"); |
|
110 |
request.getSession().setAttribute("first_name", serviceName); |
|
111 |
System.out.println("Service response URI " + serviceResponse.getJwksUri()); |
|
112 |
request.getSession().setAttribute("key_type", keyType); |
|
113 |
if (keyType != null) { |
|
114 |
if (keyType.equals("uri")) { |
|
115 |
request.getSession().setAttribute("jwksUri", serviceResponse.getJwksUri()); |
|
116 |
} else { |
|
117 |
Key key; |
|
118 |
if (serviceResponse.getJwks() != null) { |
|
119 |
key = serviceResponse.getJwks().keys[0]; |
|
120 |
} else { |
|
121 |
key = new Key(); |
|
122 |
} |
|
123 |
System.out.println("Service response keys " + serviceResponse.getJwksUri()); |
|
124 |
Gson gson = new GsonBuilder().setPrettyPrinting().create(); |
|
125 |
request.getSession().setAttribute("value", gson.toJson(key)); |
|
126 |
} |
|
127 |
} |
|
128 |
} |
|
129 |
|
|
130 |
public void doPost(HttpServletRequest request, HttpServletResponse response) |
|
131 |
throws ServletException, IOException { |
|
132 |
|
|
133 |
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder. |
|
134 |
getContext().getAuthentication(); |
|
135 |
|
|
136 |
response.setContentType("text/html"); |
|
137 |
boolean canProceed = true; |
|
138 |
|
|
139 |
String mode = request.getParameter("mode").trim(); |
|
140 |
System.out.println("Mode was " + mode); |
|
141 |
checkmode(mode); |
|
142 |
System.out.println("Mode is " + mode); |
|
143 |
|
|
144 |
String serviceId = request.getParameter("id"); |
|
145 |
|
|
146 |
String name = request.getParameter("first_name").trim(); |
|
147 |
if (name.isEmpty()) { |
|
148 |
request.getSession().setAttribute("first_name_error", true); |
|
149 |
canProceed = false; |
|
150 |
} |
|
151 |
String keyType = request.getParameter("key_type"); |
|
152 |
String jwksUri = null; |
|
153 |
String jwksString = null; |
|
154 |
Jwks jwks = null; |
|
155 |
if(keyType != null) { |
|
156 |
keyType = keyType.trim(); |
|
157 |
if (keyType.equals("uri")) { |
|
158 |
jwksUri = request.getParameter("uri"); |
|
159 |
request.getSession().setAttribute("jwksUri", jwksUri); |
|
160 |
|
|
161 |
String[] schemes = {"https"}; |
|
162 |
UrlValidator urlValidator = new UrlValidator(schemes); |
|
163 |
if (!urlValidator.isValid(jwksUri)) { |
|
164 |
request.getSession().setAttribute("uri_error", true); |
|
165 |
canProceed = false; |
|
166 |
} |
|
167 |
} else { |
|
168 |
jwksString = request.getParameter("value"); |
|
169 |
try { |
|
170 |
Gson gson = new GsonBuilder().registerTypeAdapter(Jwks.class, new JwksDeserializer()).create(); |
|
171 |
String jwksSet = String.format("{\"keys\":[%s]}", jwksString); |
|
172 |
jwks = gson.fromJson(jwksSet, Jwks.class); |
|
173 |
request.getSession().setAttribute("value", jwksString); |
|
174 |
|
|
175 |
if (jwks.getKeys() == null || jwks.getKeys().length == 0) { |
|
176 |
System.out.println("Something wrong with the keys."); |
|
177 |
request.getSession().setAttribute("value_error", true); |
|
178 |
canProceed = false; |
|
179 |
} |
|
180 |
|
|
181 |
|
|
182 |
} catch (JsonParseException jpe) { |
|
183 |
request.getSession().setAttribute("value_error", true); |
|
184 |
canProceed = false; |
|
185 |
} |
|
186 |
} |
|
187 |
} |
|
188 |
String userid = authentication.getSub(); |
|
189 |
String email = authentication.getUserInfo().getEmail(); |
|
190 |
ServiceResponse serviceResponse = null; |
|
191 |
|
|
192 |
if (nameIsValid(name) && userInfoIsValid(userid, email) && keyIsValid(keyType, jwksUri, jwksString) && canProceed) { |
|
193 |
|
|
194 |
String serverMessage; |
|
195 |
|
|
196 |
if (mode.equals("create")) { |
|
197 |
//Careful! Redirects in method |
|
198 |
if (!checkNumberOfRegisteredServices(request, response, authentication)) { |
|
199 |
return; |
|
200 |
} |
|
201 |
String serverRequestJSON = null; |
|
202 |
if(keyType == null) { |
|
203 |
serverRequestJSON = createServiceJson(null, name, email); |
|
204 |
} else if (keyType.equals("uri")) { |
|
205 |
serverRequestJSON = createServiceJson(null, name, email, jwksUri); |
|
206 |
} else if (keyType.equals("value")){ |
|
207 |
serverRequestJSON = createServiceJson(null, name, email, jwks); |
|
208 |
} |
|
209 |
if(serverRequestJSON != null) { |
|
210 |
System.out.println("SERVER JSON " + serverRequestJSON); |
|
211 |
serverMessage = tokenUtils.registerService(serverRequestJSON); |
|
212 |
logger.debug(serverMessage); |
|
213 |
if (serverMessage == null) { |
|
214 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
|
215 |
response.sendRedirect("./registeredServices"); |
|
216 |
return; |
|
217 |
} |
|
218 |
serviceResponse = new Gson().fromJson(serverMessage, ServiceResponse.class); |
|
219 |
String client_id = serviceResponse.getClientId(); |
|
220 |
|
|
221 |
RegisteredService registeredService = new RegisteredService(client_id, userid, name, serviceResponse.getRegistrationAccessToken(), keyType); |
|
222 |
|
|
223 |
try { |
|
224 |
registeredServicesUtils.addRegistedService(registeredService); |
|
225 |
if(registeredService.getKeyType() != null) { |
|
226 |
request.getSession().setAttribute("success", |
|
227 |
"Your service has been successfully registered!<br>" + |
|
228 |
"<b>Client ID</b>: " + serviceResponse.getClientId()); |
|
229 |
} else { |
|
230 |
request.getSession().setAttribute("success", |
|
231 |
"Your service has been successfully registered!<br>" + |
|
232 |
"<b>Client ID</b>: " + serviceResponse.getClientId() + |
|
233 |
"<br><span style=\"word-wrap: break-word\"><b>Client Secret</b>:" + serviceResponse.getClientSecret() + "</span>"); |
|
234 |
} |
|
235 |
|
|
236 |
} catch (SQLException sqle) { |
|
237 |
logger.error("Fail to save service.", sqle); |
|
238 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
|
239 |
response.sendRedirect("./registeredServices"); |
|
240 |
return; |
|
241 |
} |
|
242 |
} else { |
|
243 |
logger.error("Service request JSON is null"); |
|
244 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
|
245 |
response.sendRedirect("./registeredServices"); |
|
246 |
return; |
|
247 |
} |
|
248 |
} else { |
|
249 |
int serviceIdInt = 0; |
|
250 |
if (serviceId == null || serviceId.isEmpty()) { //TODO WRONG MESSAGE |
|
251 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist."); |
|
252 |
response.sendRedirect("./registeredServices"); |
|
253 |
|
|
254 |
} else { |
|
255 |
System.out.println("In edit..."); |
|
256 |
try { |
|
257 |
serviceIdInt = Integer.parseInt(serviceId); |
|
258 |
if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) { |
|
259 |
request.getSession().setAttribute("message", "You have no permission to edit the service."); |
|
260 |
response.sendRedirect("./registeredServices"); |
|
261 |
|
|
262 |
} else { |
|
263 |
|
|
264 |
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt); |
|
265 |
if (registeredService != null && registeredService.getClientId() != null) { |
|
266 |
String serverRequestJSON = null; |
|
267 |
if (keyType == null) { |
|
268 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email); |
|
269 |
} else if (keyType.equals("uri")) { |
|
270 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri); |
|
271 |
} else if (keyType.equals("value")) { |
|
272 |
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks); |
|
273 |
} |
|
274 |
if (serverRequestJSON != null) { |
|
275 |
System.out.println("SERVER JSON " + serverRequestJSON); |
|
276 |
HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken()); |
|
277 |
if (resp.getStatusLine().getStatusCode() == 200) { |
|
278 |
System.out.println("NAME >>>>" + name); |
|
279 |
registeredService.setName(name); |
|
280 |
|
|
281 |
System.out.println("Client Id " + registeredService.getClientId()); |
|
282 |
try { |
|
283 |
registeredServicesUtils.getRegisteredServiceDao().update(registeredService); |
|
284 |
} catch (SQLException sqle) { |
|
285 |
logger.error("Unable to contact db.", sqle); |
|
286 |
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later."); |
|
287 |
response.setContentType("text/html"); |
|
288 |
request.getRequestDispatcher("./registeredServices.jsp").include(request, response); |
|
289 |
return; |
|
290 |
} |
|
291 |
request.getSession().setAttribute("success", |
|
292 |
"Your service has been successfully updated!<br>" + |
|
293 |
"<b>Client ID</b>: " + registeredService.getClientId()); |
|
294 |
} |
|
295 |
|
|
296 |
} else { |
|
297 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist."); |
|
298 |
response.sendRedirect("./registeredServices"); |
|
299 |
return; |
|
300 |
} |
|
301 |
} else { |
|
302 |
logger.error("Service request JSON is null"); |
|
303 |
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later."); |
|
304 |
response.sendRedirect("./registeredServices"); |
|
305 |
return; |
|
306 |
} |
|
307 |
} |
|
308 |
} catch(SQLException sqle){ |
|
309 |
logger.error("Unable to access service with id " + serviceId, sqle); |
|
310 |
request.getSession().setAttribute("message", "There was an error accessing your service."); |
|
311 |
response.sendRedirect("./registeredServices"); |
|
312 |
|
|
313 |
} catch(NumberFormatException nfe){ |
|
314 |
logger.error("Unable to access service with id " + serviceId, nfe); |
|
315 |
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist."); |
|
316 |
response.sendRedirect("./registeredServices"); |
|
317 |
} |
|
318 |
} |
|
319 |
} |
|
320 |
|
|
321 |
} else { |
|
322 |
//something is wrong with the form and the error messages will appear |
|
323 |
request.getSession().setAttribute("first_name", name); |
|
324 |
request.getSession().setAttribute("key_type", keyType); |
|
325 |
request.getSession().setAttribute("uri", jwksUri); |
|
326 |
request.getSession().setAttribute("value", jwksString); |
|
327 |
|
|
328 |
if (serviceId != null && !serviceId.isEmpty()) { |
|
329 |
request.getRequestDispatcher("./registerService.jsp?id=" + serviceId).forward(request, response); |
|
330 |
|
|
331 |
} else { |
|
332 |
request.getRequestDispatcher("./registerService.jsp").include(request, response); |
|
333 |
|
|
334 |
} |
|
335 |
return; |
|
336 |
} |
|
337 |
|
|
338 |
response.sendRedirect("./registeredServices"); |
|
339 |
} |
|
340 |
|
|
341 |
private void checkmode(String mode) { |
|
342 |
if (mode != null && !mode.isEmpty()) { |
|
343 |
if (!mode.equals("edit") || mode.equals("create")) { |
|
344 |
mode = "create"; |
|
345 |
} |
|
346 |
} else { |
|
347 |
mode = "create"; |
|
348 |
} |
|
349 |
} |
|
350 |
|
|
351 |
private boolean keyIsValid(String keyType, String jwksUri, String jwksString) { |
|
352 |
return keyType == null || (keyType.equals("uri") && jwksUri != null && !jwksUri.isEmpty()) || |
|
353 |
keyType.equals("value") && jwksString != null && !jwksString.isEmpty(); |
|
354 |
} |
|
355 |
|
|
356 |
private boolean userInfoIsValid(String userid, String email) { |
|
357 |
return userid != null && !userid.isEmpty() && |
|
358 |
email != null && !email.isEmpty(); |
|
359 |
} |
|
360 |
|
|
361 |
private boolean nameIsValid(String name) { |
|
362 |
return name != null && !name.isEmpty(); |
|
363 |
} |
|
364 |
|
|
365 |
private boolean checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException { |
|
366 |
try { |
|
367 |
long numberOfRegisteredServices = |
|
368 |
registeredServicesUtils.getRegisteredServiceDao().countRegisteredServices(authentication.getSub()); |
|
369 |
|
|
370 |
if (numberOfRegisteredServices >= 5) { |
|
371 |
response.sendRedirect("./registeredServices"); // The message there already exists. |
|
372 |
return false; |
|
373 |
} |
|
374 |
|
|
375 |
} catch (SQLException sqle) { |
|
376 |
logger.error("Unable to count registered services.", sqle); |
|
377 |
request.getSession().setAttribute("message", "Unable to contact DB. Please try again later."); |
|
378 |
response.sendRedirect("./registeredServices"); |
|
379 |
return false; |
|
380 |
} |
|
381 |
|
|
382 |
return true; |
|
383 |
} |
|
384 |
|
|
385 |
private static String createServiceJson(String clientId, String name, String email) { |
|
386 |
ServiceRequest serviceJSON = new ServiceRequest(); |
|
387 |
serviceJSON.setClientId(clientId); |
|
388 |
serviceJSON.setClientName(name); |
|
389 |
serviceJSON.setContacts(new String[]{email}); |
|
390 |
serviceJSON.setToken_endpoint_auth_method("client_secret_basic"); |
|
391 |
serviceJSON.setTokenEndpointAuthSigningAlg(null); |
|
392 |
GsonBuilder builder = new GsonBuilder(); |
|
393 |
builder.serializeNulls(); |
|
394 |
Gson gson = builder.create(); |
|
395 |
System.out.println("Created json " + serviceJSON); |
|
396 |
return gson.toJson(serviceJSON); |
|
397 |
} |
|
398 |
|
Also available in: Unified diff
adding beta branch #6194