Commit 2987dee3 authored by Matija Obreza's avatar Matija Obreza
Browse files

Fixed URLs for OAuth client management

parent 0148336a
...@@ -29,9 +29,12 @@ import org.springframework.web.bind.annotation.RequestMapping; ...@@ -29,9 +29,12 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.SessionAttributes; import org.springframework.web.bind.annotation.SessionAttributes;
/**
* OAuth access confirmation controller
*/
@Controller @Controller
@SessionAttributes("authorizationRequest") @SessionAttributes("authorizationRequest")
public class ConfirmationController extends BaseController { public class OAuthAccessConfirmationController extends BaseController {
@Autowired @Autowired
protected ClientDetailsService clientDetailsService; protected ClientDetailsService clientDetailsService;
......
...@@ -14,7 +14,7 @@ ...@@ -14,7 +14,7 @@
* limitations under the License. * limitations under the License.
**/ **/
package org.genesys2.server.servlet.controller; package org.genesys2.server.servlet.controller.admin;
import java.util.Collection; import java.util.Collection;
...@@ -24,6 +24,7 @@ import org.genesys2.server.model.oauth.OAuthClientType; ...@@ -24,6 +24,7 @@ import org.genesys2.server.model.oauth.OAuthClientType;
import org.genesys2.server.model.oauth.OAuthRefreshToken; import org.genesys2.server.model.oauth.OAuthRefreshToken;
import org.genesys2.server.service.JPATokenStore; import org.genesys2.server.service.JPATokenStore;
import org.genesys2.server.service.OAuth2ClientDetailsService; import org.genesys2.server.service.OAuth2ClientDetailsService;
import org.genesys2.server.servlet.controller.BaseController;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Qualifier; import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.access.prepost.PreAuthorize;
...@@ -36,9 +37,15 @@ import org.springframework.web.bind.annotation.RequestMapping; ...@@ -36,9 +37,15 @@ import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
/**
* Allow administrators to manage OAuth API keys.
*/
@Controller @Controller
@RequestMapping("/management") @RequestMapping(OAuthManagementController.CONTROLLER_PATH)
@PreAuthorize("hasRole('ADMINISTRATOR')")
public class OAuthManagementController extends BaseController { public class OAuthManagementController extends BaseController {
final static String CONTROLLER_PATH = "/admin/oauth-clients";
final static String VIEW_PATH = "/admin/oauth";
@Autowired @Autowired
private OAuth2ClientDetailsService clientDetailsService; private OAuth2ClientDetailsService clientDetailsService;
...@@ -51,7 +58,7 @@ public class OAuthManagementController extends BaseController { ...@@ -51,7 +58,7 @@ public class OAuthManagementController extends BaseController {
@RequestMapping("/") @RequestMapping("/")
public String listClients(Model model) { public String listClients(Model model) {
model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails()); model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails());
return "/oauth/clientslist"; return VIEW_PATH + "/clientslist";
} }
@PreAuthorize("hasRole('ADMINISTRATOR')") @PreAuthorize("hasRole('ADMINISTRATOR')")
...@@ -63,7 +70,7 @@ public class OAuthManagementController extends BaseController { ...@@ -63,7 +70,7 @@ public class OAuthManagementController extends BaseController {
tokenStore.removeAccessToken(token); tokenStore.removeAccessToken(token);
} }
return "redirect:/management/" + clientId + "/"; return "redirect:" + CONTROLLER_PATH + "/" + clientId + "/";
} }
@PreAuthorize("hasRole('ADMINISTRATOR')") @PreAuthorize("hasRole('ADMINISTRATOR')")
...@@ -75,7 +82,7 @@ public class OAuthManagementController extends BaseController { ...@@ -75,7 +82,7 @@ public class OAuthManagementController extends BaseController {
tokenStore.removeRefreshToken(token.getId()); tokenStore.removeRefreshToken(token.getId());
} }
return "redirect:/management/" + clientId + "/"; return "redirect:" + CONTROLLER_PATH + "/" + clientId + "/";
} }
@PreAuthorize("hasRole('ADMINISTRATOR')") @PreAuthorize("hasRole('ADMINISTRATOR')")
...@@ -83,7 +90,7 @@ public class OAuthManagementController extends BaseController { ...@@ -83,7 +90,7 @@ public class OAuthManagementController extends BaseController {
public String removeRefreshToken(@PathVariable("tokenId") long tokenId, @PathVariable("clientId") String clientId) { public String removeRefreshToken(@PathVariable("tokenId") long tokenId, @PathVariable("clientId") String clientId) {
tokenStore.removeRefreshToken(tokenId); tokenStore.removeRefreshToken(tokenId);
return "redirect:/management/" + clientId + "/"; return "redirect:" + CONTROLLER_PATH + "/" + clientId + "/";
} }
@PreAuthorize("hasRole('ADMINISTRATOR')") @PreAuthorize("hasRole('ADMINISTRATOR')")
...@@ -91,7 +98,7 @@ public class OAuthManagementController extends BaseController { ...@@ -91,7 +98,7 @@ public class OAuthManagementController extends BaseController {
public String removeAccessToken(@PathVariable("tokenId") long tokenId, @PathVariable("clientId") String clientId) { public String removeAccessToken(@PathVariable("tokenId") long tokenId, @PathVariable("clientId") String clientId) {
tokenStore.removeAccessToken(tokenId); tokenStore.removeAccessToken(tokenId);
return "redirect:/management/" + clientId + "/"; return "redirect:" + CONTROLLER_PATH + "/" + clientId + "/";
} }
@RequestMapping("/user/{uuid}/tokens") @RequestMapping("/user/{uuid}/tokens")
...@@ -99,20 +106,20 @@ public class OAuthManagementController extends BaseController { ...@@ -99,20 +106,20 @@ public class OAuthManagementController extends BaseController {
public String getIssuedTokens(@PathVariable("uuid") String uuid, Model model) { public String getIssuedTokens(@PathVariable("uuid") String uuid, Model model) {
final Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByUserUuid(uuid); final Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByUserUuid(uuid);
model.addAttribute("tokens", tokens); model.addAttribute("tokens", tokens);
return "/oauth/tokenslist"; return VIEW_PATH + "/tokenslist";
} }
@RequestMapping("/user/{uuid}/{tokenId}/remove") @RequestMapping("/user/{uuid}/{tokenId}/remove")
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid") @PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String removeUsersAccessToken(@PathVariable("tokenId") long tokenId, @PathVariable("uuid") String uuid) { public String removeUsersAccessToken(@PathVariable("tokenId") long tokenId, @PathVariable("uuid") String uuid) {
tokenStore.removeAccessToken(tokenId); tokenStore.removeAccessToken(tokenId);
return "redirect:/management/user/" + uuid + "/tokens"; return "redirect:" + CONTROLLER_PATH + "/user/" + uuid + "/tokens";
} }
@PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')") @PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')")
@RequestMapping("/add-client") @RequestMapping("/add-client")
public String addClientEntry() { public String addClientEntry() {
return "/oauth/edit"; return VIEW_PATH + "/edit";
} }
@PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')") @PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')")
...@@ -120,7 +127,7 @@ public class OAuthManagementController extends BaseController { ...@@ -120,7 +127,7 @@ public class OAuthManagementController extends BaseController {
public String editClient(Model model, @PathVariable("id") long id) { public String editClient(Model model, @PathVariable("id") long id) {
final ClientDetails clientDetails = clientDetailsService.getClientDetails(id); final ClientDetails clientDetails = clientDetailsService.getClientDetails(id);
model.addAttribute("clientDetails", clientDetails); model.addAttribute("clientDetails", clientDetails);
return "/oauth/edit"; return VIEW_PATH + "/edit";
} }
@PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')") @PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')")
...@@ -134,7 +141,7 @@ public class OAuthManagementController extends BaseController { ...@@ -134,7 +141,7 @@ public class OAuthManagementController extends BaseController {
OAuthClientDetails clientDetails = clientDetailsService.addClientDetails(title, description, redirectUris, accessTokenValiditySeconds, OAuthClientDetails clientDetails = clientDetailsService.addClientDetails(title, description, redirectUris, accessTokenValiditySeconds,
refreshTokenValiditySeconds, clientType); refreshTokenValiditySeconds, clientType);
return "redirect:/management/" + clientDetails.getId() + "/edit"; return "redirect:" + CONTROLLER_PATH + "/" + clientDetails.getId() + "/edit";
} }
@PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')") @PreAuthorize("hasAnyRole('VETTEDUSER','ADMINISTRATOR')")
...@@ -143,7 +150,7 @@ public class OAuthManagementController extends BaseController { ...@@ -143,7 +150,7 @@ public class OAuthManagementController extends BaseController {
final OAuthClientDetails clientDetails = clientDetailsService.getClientDetails(id); final OAuthClientDetails clientDetails = clientDetailsService.getClientDetails(id);
_logger.info("Deleting client " + clientDetails.getClientId()); _logger.info("Deleting client " + clientDetails.getClientId());
clientDetailsService.removeClient(clientDetails); clientDetailsService.removeClient(clientDetails);
return "redirect:/management/"; return "redirect:" + CONTROLLER_PATH + "/";
} }
@RequestMapping(value = "/save-client", method = RequestMethod.POST, params = { "id", "action-save" }) @RequestMapping(value = "/save-client", method = RequestMethod.POST, params = { "id", "action-save" })
...@@ -154,10 +161,10 @@ public class OAuthManagementController extends BaseController { ...@@ -154,10 +161,10 @@ public class OAuthManagementController extends BaseController {
@RequestParam("refreshTokenValiditySeconds") Integer refreshTokenValiditySeconds, @RequestParam("refreshTokenValiditySeconds") Integer refreshTokenValiditySeconds,
@RequestParam(value = "clientType", required = false) OAuthClientType clientType) { @RequestParam(value = "clientType", required = false) OAuthClientType clientType) {
final OAuthClientDetails clientDetails = clientDetailsService.update(clientDetailsService.getClientDetails(id), title, description, clientSecret, redirectUris, final OAuthClientDetails clientDetails = clientDetailsService.update(clientDetailsService.getClientDetails(id), title, description, clientSecret,
accessTokenValiditySeconds, refreshTokenValiditySeconds); redirectUris, accessTokenValiditySeconds, refreshTokenValiditySeconds);
return "redirect:/management/" + clientDetails.getId() + "/edit"; return "redirect:" + CONTROLLER_PATH + "/" + clientDetails.getId() + "/edit";
} }
@PreAuthorize("hasRole('ADMINISTRATOR')") @PreAuthorize("hasRole('ADMINISTRATOR')")
...@@ -170,7 +177,7 @@ public class OAuthManagementController extends BaseController { ...@@ -170,7 +177,7 @@ public class OAuthManagementController extends BaseController {
model.addAttribute("accessTokens", tokensByClientId); model.addAttribute("accessTokens", tokensByClientId);
model.addAttribute("refreshTokens", refreshTokensByClientId); model.addAttribute("refreshTokens", refreshTokensByClientId);
model.addAttribute("clientDetails", clientDetails); model.addAttribute("clientDetails", clientDetails);
return "/oauth/detailsinfo"; return VIEW_PATH + "/detailsinfo";
} }
} }
...@@ -8,5 +8,6 @@ ...@@ -8,5 +8,6 @@
/></a> <a class="" href="<c:url value="/admin/kpi/" />"><spring:message code="menu.admin.kpi" /></a> /></a> <a class="" href="<c:url value="/admin/kpi/" />"><spring:message code="menu.admin.kpi" /></a>
<a href="<c:url value="/admin/elastic/" />" class="">Elasticsearch</a> <a href="<c:url value="/admin/elastic/" />" class="">Elasticsearch</a>
<a href="<c:url value="/admin/r/files" />" class="">Repository</a> <a href="<c:url value="/admin/r/files" />" class="">Repository</a>
<a href="<c:url value="/admin/oauth-clients/" />" class="">OAuth</a>
</div> </div>
</div> </div>
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="oauth-client.page.profile.title" arguments="${item.clientId}" argumentSeparator="|" /></title>
</head>
<body>
<h1>
<c:out value="${item.clientId}" />
</h1>
<div>
<c:forEach items="${item.authorities}" var="authority">
<c:out value="${authority}" />
</c:forEach>
</div>
<div>
<c:forEach items="${item.authorizedGrantTypes}" var="authGrantType">
<c:out value="${authGrantType}" />
</c:forEach>
</div>
<div>
<c:out value="${item.clientSecret}" />
</div>
<h2><spring:message code="oauth-client.active-tokens" /></h2>
<ul class="funny-list">
<c:forEach items="${tokens}" var="token">
<li><c:out value="${token}" /></li>
</c:forEach>
</ul>
</body>
</html>
\ No newline at end of file
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="oauth-client.page.profile.title" arguments="${item.clientId}" argumentSeparator="|" /></title>
</head>
<body>
<h1>
<c:out value="${item.clientId}" />
</h1>
<form class="" action="<c:url value="/admin/oauth/update" />" method="post">
<div class="form-group">
<label for="blurp-body" class="control-label"><spring:message code="blurp.blurp-body" /></label>
<div class="controls">
<textarea id="blurp-body" name="blurp" class="span9 required html-editor">
<c:out value="${blurp.body}" />
</textarea>
</div>
</div>
<input type="submit" value="<spring:message code="blurp.update-blurp"/>" class="btn btn-primary" />
<a href="<c:url value="/geo/${country.code3}" />" class="btn btn-default"> <spring:message code="cancel" />
</a>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>
<content tag="javascript">
<script type="text/javascript">
jQuery(document).ready(function() {
tinyMCE.init({
selector : "#blurp-body.html-editor",
menubar : false,
statusbar : false,
height : 200,
plugins: "link autolink",
directionality: document.dir,
convert_urls: false
});
});
</script>
</content>
</body>
</html>
\ No newline at end of file
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="oauth-client.page.list.title" /></title>
</head>
<body>
<h1>
<spring:message code="oauth-client.page.list.title" />
</h1>
<ul class="funny-list">
<c:forEach items="${items}" var="item" varStatus="status">
<li class="${status.count % 2 == 0 ? 'even' : 'odd'}"><a href="<c:url value="/admin/oauth/${item.clientId}" />"><c:out value="${item.clientId}" /></a></li>
</c:forEach>
</ul>
</body>
</html>
\ No newline at end of file
...@@ -46,6 +46,7 @@ ...@@ -46,6 +46,7 @@
<label for="redirectUri" class="col-lg-2 control-label"><spring:message code="oauth-client.redirect.uri" /></label> <label for="redirectUri" class="col-lg-2 control-label"><spring:message code="oauth-client.redirect.uri" /></label>
<div class="col-lg-10"> <div class="col-lg-10">
<textarea id="redirectUri" name="redirectUris" class="form-control"><c:out value="${clientDetails.redirectUris}" /></textarea> <textarea id="redirectUri" name="redirectUris" class="form-control"><c:out value="${clientDetails.redirectUris}" /></textarea>
<p class="help-block">oob,urn:ietf:wg:oauth:2.0:oob</p>
</div> </div>
</div> </div>
<div class="form-group"> <div class="form-group">
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment