Commit 05ee4cdf authored by igoshin's avatar igoshin Committed by Matija Obreza
Browse files

First version of user story "OAuth token management for users"

#10393
parent 99d5fddd
......@@ -16,13 +16,12 @@
package org.genesys2.server.model.oauth;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Lob;
import javax.persistence.Table;
import org.genesys2.server.model.HibernateModel;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.util.SerializationUtils;
import javax.persistence.*;
import java.util.Date;
@Entity
@Table(name = "oauth_access_token")
......@@ -54,7 +53,29 @@ public class OAuthAccessToken implements HibernateModel {
@Column(name = "refresh_token")
private String refreshToken;
public String getTokenId() {
private DefaultOAuth2AccessToken defaultOAuth2AccessToken;
private synchronized DefaultOAuth2AccessToken getDefaultOAuth2AccessToken () {
if (this.defaultOAuth2AccessToken==null) {
this.defaultOAuth2AccessToken = SerializationUtils.deserialize(this.token);
}
return this.defaultOAuth2AccessToken;
}
public Date getTokenExpiration() {
return getDefaultOAuth2AccessToken().getExpiration();
}
public Date getIssuedDate() {
return new Date(getTokenExpiration().getTime()-432000000l);
}
public String getTokenId() {
return tokenId;
}
......
......@@ -27,4 +27,6 @@ public interface OAuth2ClientDetailsService extends ClientDetailsService, Client
boolean exists(String clientId);
Collection<OAuthAccessToken> findTokensByClientId(String clientId);
Collection<OAuthAccessToken> findTokensByUserName(String userName);
}
......@@ -68,6 +68,11 @@ public class OAuth2ClientDetailsServiceImpl implements OAuth2ClientDetailsServic
return accessTokenPersistence.findByClientId(clientId);
}
@Override
public Collection<OAuthAccessToken> findTokensByUserName(String userName) {
return accessTokenPersistence.findByUserName(userName);
}
@Override
public ClientDetails loadClientByClientId(String clientId) throws InvalidClientException {
logger.info("loadClientByClientId: " + clientId);
......
......@@ -2,13 +2,14 @@ package org.genesys2.server.servlet.controller;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.lang.time.DateUtils;
import org.genesys2.server.model.oauth.OAuthAccessToken;
import org.genesys2.server.service.OAuth2ClientDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
import org.springframework.security.oauth2.common.OAuth2AccessToken;
import org.springframework.security.oauth2.provider.ClientDetails;
import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
import org.springframework.security.oauth2.provider.OAuth2Authentication;
......@@ -19,6 +20,7 @@ import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
......@@ -33,16 +35,17 @@ public class OAuthManagementController extends BaseController {
@Autowired
@Qualifier("tokenStore")
// @Qualifier("jdbcTokenStore")
private TokenStore tokenStore;
@RequestMapping("/tokens")
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/allTokens")
public String getAllTokens(Model model) {
model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails());
return "/oauth/clientslist";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}")
public String clientDetailsInfo(Model model, @PathVariable("clientId") String clientId) {
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
......@@ -53,9 +56,9 @@ public class OAuthManagementController extends BaseController {
return "/oauth/detailsinfo";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}/removeAll")
public String removeAllAccessTokens(@PathVariable("clientId") String clientId) {
createDefaultTestToken();
Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByClientId(clientId);
for (OAuthAccessToken token : tokens) {
......@@ -65,7 +68,7 @@ public class OAuthManagementController extends BaseController {
return "redirect:/management/" + clientId;
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}/{tokenId}/remove")
public String removeAccessTokens(@PathVariable("tokenId") String tokenId,
@PathVariable("clientId") String clientId) {
......@@ -74,12 +77,29 @@ public class OAuthManagementController extends BaseController {
return "redirect:/management/" + clientId;
}
@RequestMapping("/user/{userName}/tokens")
public String getIssuedTokens(@PathVariable("userName") String userName, Model model) {
Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByUserName(userName);
model.addAttribute("tokens", tokens);
return "/oauth/tokenslist";
}
@RequestMapping("/user/{userName}/{tokenId}/remove")
public String removeUsersAccessToken(@PathVariable("tokenId") String tokenId,
@PathVariable("userName") String userName) {
tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(tokenId));
return "redirect:/management/user/" + userName + "/tokens";
}
private void createDefaultTestToken() {
OAuth2AccessToken token = new DefaultOAuth2AccessToken(RandomStringUtils.randomAlphanumeric(5));
DefaultOAuth2AccessToken token = new DefaultOAuth2AccessToken(RandomStringUtils.randomAlphanumeric(5));
token.setExpiration(DateUtils.addDays(new Date(), 5));
Map<String, String> map = new HashMap<>();
map.put("scope", "scope");
DefaultAuthorizationRequest request = new DefaultAuthorizationRequest(map);
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(RandomStringUtils.randomAlphanumeric(5), RandomStringUtils.randomAlphabetic(5));
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken("igoshin1991@gmail.com", "igoshin1991@gmail.com");
OAuth2Authentication authentication = new OAuth2Authentication(request, authenticationToken);
tokenStore.storeAccessToken(token, authentication);
}
......
......@@ -442,3 +442,7 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -21,4 +21,8 @@ userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
\ No newline at end of file
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
\ No newline at end of file
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -254,6 +254,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# blurp.admin-no-blurp-here=No blurp here.
# blurp.blurp-title=Blurp title
......
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -26,4 +26,8 @@ clinet.details.client.id=Client details id
clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
\ No newline at end of file
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
\ No newline at end of file
......@@ -396,6 +396,10 @@ clinet.details.additional.info=Additional info
clinet.details.token.list=List of tokens granted by all users
oauth-client.remove=Remove
oauth-client.remove.all=Remove all
oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
# validate.email.key=Enter key
# validate.email=Email validation
# validate.email.invalid.key=Invalid key
......
......@@ -19,26 +19,29 @@
<div class="col-lg-5">${clientDetails.clientId}</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label"><spring:message code="clinet.details.token.list"/></label>
<div class="col-lg-5">
<table class="accessions">
<tbody>
<c:forEach items="${accessTokens}" var="accessToken">
<tr>
<td>${accessToken.userName}</td>
<td>
<a href="<c:url value="/management/${clientDetails.clientId}/${accessToken.tokenId}/remove"/> "><spring:message code="oauth-client.remove"/></a>
</td>
</tr>
</c:forEach>
</tbody>
</table>
<security:authorize access="hasRole('ADMINISTRATOR') && isAuthenticated()">
<div class="form-group">
<label class="col-lg-2 control-label"><spring:message code="clinet.details.token.list"/></label>
<div class="col-lg-5">
<table class="accessions">
<tbody>
<c:forEach items="${accessTokens}" var="accessToken">
<tr>
<td>${accessToken.userName}</td>
<td>
<a href="<c:url value="/management/${clientDetails.clientId}/${accessToken.tokenId}/remove"/> "><spring:message
code="oauth-client.remove"/></a>
</td>
</tr>
</c:forEach>
<a href="<c:url value="/management/${clientDetails.clientId}/removeAll"/> "><spring:message
code="oauth-client.remove.all"/></a>
</tbody>
</table>
</div>
</div>
<a href="<c:url value="/management/${clientDetails.clientId}/removeAll"/> "><spring:message code="oauth-client.remove.all"/></a>
</div>
</security:authorize>
</div>
......
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp" %>
<html>
<head>
<title><spring:message code="oauth-client.page.list.title"/></title>
</head>
<body>
<h1>
<spring:message code="oauth-client.list"/>
</h1>
<p></p>
<table class="accessions">
<thead>
<tr>
<td><spring:message code="oauth-client"/></td>
<td><spring:message code="oauth-client.token.issue.date"/></td>
<td><spring:message code="oauth-client.expires.date"/></td>
<td><spring:message code="edit"/></td>
</tr>
</thead>
<tbody>
<c:forEach items="${tokens}" var="token">
<tr>
<td>
<a href="<c:url value="/management/${token.clientId}"/> ">${token.clientId}</a>
</td>
<td>
<fmt:formatDate value="${token.issuedDate}" pattern="MM-dd-yyyy hh:mm:ss"/>
</td>
<td>
<fmt:formatDate value="${token.tokenExpiration}" pattern="MM-dd-yyyy hh:mm:ss"/>
</td>
<td>
<a href="<c:url value="/management/user/${token.userName}/${token.tokenId}/remove"/>"><spring:message
code="oauth-client.remove"/></a>
</td>
</tr>
</c:forEach>
</tbody>
</table>
</body>
</html>
......@@ -55,9 +55,11 @@
</security:authorize>
<div class="form-group">
<security:authorize access="hasRole('ADMINISTRATOR') && (isAuthenticated() && principal.user.id == #user.id)">
<a href="<c:url value="/management/allTokens" />" class="btn btn-default"> <spring:message code="oauth-client.list" /></a>
</security:authorize>
<security:authorize access="hasRole('ADMINISTRATOR') || (isAuthenticated() && principal.user.id == #user.id)">
<%--<security:authorize access="hasRole('ADMINISTRATOR') && (isAuthenticated() && principal.user.id == #user.id)">--%>
<a href="<c:url value="/management/tokens" />" class="btn btn-default"> <spring:message code="oauth-client.list" /></a>
<a href="<c:url value="/management/user/${user.email}/tokens" />" class="btn btn-default"><spring:message code="oauth-client.issued.tokens" /></a>
</security:authorize>
<security:authorize access="(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)">
<a href="<c:url value="/profile/${user.uuid}/send"/>" class="btn btn-default"/>Send validation email</a>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment