Commit 7dcc7af3 authored by igoshin's avatar igoshin Committed by Matija Obreza
Browse files

Create OAuth client

parent a1927b61
......@@ -3,6 +3,7 @@ package org.genesys2.server.servlet.controller;
import java.util.Collection;
import org.genesys2.server.model.oauth.OAuthAccessToken;
import org.genesys2.server.model.oauth.OAuthClientDetails;
import org.genesys2.server.service.JPATokenStore;
import org.genesys2.server.service.OAuth2ClientDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -14,68 +15,97 @@ import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
@Controller
@RequestMapping("/management")
public class OAuthManagementController extends BaseController {
@Autowired
private OAuth2ClientDetailsService clientDetailsService;
@Autowired
private OAuth2ClientDetailsService clientDetailsService;
@Autowired
@Qualifier("tokenStore")
@Autowired
@Qualifier("tokenStore")
private JPATokenStore tokenStore;
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/allTokens")
public String getAllTokens(Model model) {
model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails());
return "/oauth/clientslist";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}")
public String clientDetailsInfo(Model model, @PathVariable("clientId") String clientId) {
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
Collection<OAuthAccessToken> tokensByClientId = clientDetailsService.findTokensByClientId(clientId);
model.addAttribute("accessTokens", tokensByClientId);
model.addAttribute("clientDetails", clientDetails);
return "/oauth/detailsinfo";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}/removeAll")
public String removeAllAccessTokens(@PathVariable("clientId") String clientId) {
Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByClientId(clientId);
for (OAuthAccessToken token : tokens) {
tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(token.getTokenId()));
}
return "redirect:/management/" + clientId;
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}/{tokenId}/remove")
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/allTokens")
public String getAllTokens(Model model) {
model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails());
return "/oauth/clientslist";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}")
public String clientDetailsInfo(Model model, @PathVariable("clientId") String clientId) {
ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
Collection<OAuthAccessToken> tokensByClientId = clientDetailsService.findTokensByClientId(clientId);
model.addAttribute("accessTokens", tokensByClientId);
model.addAttribute("clientDetails", clientDetails);
return "/oauth/detailsinfo";
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}/removeAll")
public String removeAllAccessTokens(@PathVariable("clientId") String clientId) {
Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByClientId(clientId);
for (OAuthAccessToken token : tokens) {
tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(token.getTokenId()));
}
return "redirect:/management/" + clientId;
}
@PreAuthorize("hasRole('ADMINISTRATOR')")
@RequestMapping("/{clientId}/{tokenId}/remove")
public String removeAccessTokens(@PathVariable("tokenId") String tokenId, @PathVariable("clientId") String clientId) {
tokenStore.removeAccessToken(tokenId);
return "redirect:/management/" + clientId;
}
return "redirect:/management/" + clientId;
}
@RequestMapping("/user/{uuid}/tokens")
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String getIssuedTokens(@PathVariable("uuid") String uuid, Model model) {
Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByUserUuid(uuid);
model.addAttribute("tokens", tokens);
return "/oauth/tokenslist";
}
model.addAttribute("tokens", tokens);
return "/oauth/tokenslist";
}
@RequestMapping("/user/{uuid}/{tokenId}/remove")
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String removeUsersAccessToken(@PathVariable("tokenId") String tokenId, @PathVariable("uuid") String uuid) {
tokenStore.removeAccessToken(tokenId);
return "redirect:/management/user/" + uuid + "/tokens";
}
}
@RequestMapping("/addClient")
public String addClientEntry() {
return "/oauth/createclient";
}
@RequestMapping("/createClient")
public String createClientEntry(@RequestParam("clientId") String clientId,
@RequestParam("clientSecret") String clientSecret,
@RequestParam(value = "redirectUri", required = false) String redirectUri) {
OAuthClientDetails clientDetails = new OAuthClientDetails();
clientDetails.setClientId(clientId);
clientDetails.setClientSecret(clientSecret);
if (redirectUri != null) {
clientDetails.setRegisteredRedirectUri(redirectUri);
}
clientDetails.setScope("read,write");
clientDetails.setAuthorizedGrantTypes("authorization_code,refresh_token");
clientDetails.setAuthorities("USER");
// 50 days
clientDetails.setRefreshTokenValiditySeconds(50 * 24 * 60 * 60);
// 7 days
clientDetails.setAccessTokenValiditySeconds(7 * 24 * 60 * 60);
clientDetailsService.addClientDetails(clientDetails);
return "redirect:/profile";
}
}
......@@ -448,6 +448,11 @@ oauth-client=Client
oauth-client.token.issue.date=Issue date
oauth-client.expires.date=Expires date
oauth-client.issued.tokens=Issued tokens
client.details.add=Add OAuth Client
oauth-client.create=Create OAuth Client
oauth-client.id=Client ID
oauth-client.secret=Client Secret
oauth-client.redirect.uri=Client redirect URI
team.user.enter.email=Enter user email
user.not.found=User not found
......
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="oauth-client.create" /></title>
</head>
<body>
<h1>
<spring:message code="oauth-client.create" />
</h1>
<form role="form" class="form-horizontal validate" action="<c:url value="/management/createClient" />" method="post">
<div class="form-group">
<label for="clientId" class="col-lg-2 control-label"><spring:message code="oauth-client.id" /></label>
<div class="col-lg-3">
<input type="text" id="clientId" name="clientId" class="span3 form-control"/>
</div>
</div>
<div class="form-group">
<label for="secret" class="col-lg-2 control-label"><spring:message code="oauth-client.secret" /></label>
<div class="col-lg-3">
<input type="text" id="secret" name="clientSecret" class="span3 form-control" />
</div>
</div>
<div class="form-group">
<label for="redirectUri" class="col-lg-2 control-label"><spring:message code="oauth-client.redirect.uri" /></label>
<div class="col-lg-3">
<input type="text" id="redirectUri" name="redirectUri" class="span3 form-control" />
</div>
</div>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-10">
<input type="submit" value="<spring:message code="save"/>" class="btn btn-primary" /> <a class="btn btn-default" href="<c:url value="/profile" />" class="btn"> <spring:message code="cancel" />
</a>
</div>
</div>
</form>
</body>
</html>
\ No newline at end of file
......@@ -37,7 +37,7 @@
</c:if>
</div>
</div>
<div class="form-group">
<label class="col-lg-2 control-label"><spring:message code="user.roles" /></label>
<div class="col-lg-5">
......@@ -75,6 +75,9 @@
<a href="<c:url value="/profile/${user.uuid}/send"/>" class="btn btn-default"/>Send validation email</a>
</c:if>
</security:authorize>
<security:authorize access="hasRole('ADMINISTRATOR') || (isAuthenticated() && principal.user.id == #user.id)">
<a href="<c:url value="/management/addClient" />" class="btn btn-default"><spring:message code="client.details.add" /></a>
</security:authorize>
<security:authorize access="hasRole('ADMINISTRATOR')">
<c:if test="${not user.hasRole('VETTEDUSER')}">
<a href="<c:url value="/profile/${user.uuid}/vetted-user"/> "class="btn btn-default"/>Vetted user</a>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment