First version of user story "OAuth client management"

#10392

src/main/java/org/genesys2/server/service/OAuth2ClientDetailsService.java

@@ -16,11 +16,15 @@
 
 package org.genesys2.server.service;
 
+import org.genesys2.server.model.oauth.OAuthAccessToken;
 import org.springframework.security.oauth2.provider.ClientDetailsService;
 import org.springframework.security.oauth2.provider.ClientRegistrationService;
 
+import java.util.Collection;
+
 public interface OAuth2ClientDetailsService extends ClientDetailsService, ClientRegistrationService {
 
 	boolean exists(String clientId);
 
+    Collection<OAuthAccessToken> findTokensByClientId(String clientId);
 }

src/main/java/org/genesys2/server/service/impl/OAuth2ClientDetailsServiceImpl.java

@@ -16,12 +16,11 @@
 
 package org.genesys2.server.service.impl;
 
-import java.util.ArrayList;
-import java.util.List;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.genesys2.server.model.oauth.OAuthAccessToken;
 import org.genesys2.server.model.oauth.OAuthClientDetails;
+import org.genesys2.server.persistence.domain.OAuthAccessTokenPersistence;
 import org.genesys2.server.persistence.domain.OAuthClientDetailsPersistence;
 import org.genesys2.server.service.OAuth2ClientDetailsService;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -36,6 +35,10 @@ import org.springframework.security.oauth2.provider.NoSuchClientException;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
 @Service("clientDetails")
 @Transactional
 public class OAuth2ClientDetailsServiceImpl implements OAuth2ClientDetailsService {
@@ -44,6 +47,9 @@ public class OAuth2ClientDetailsServiceImpl implements OAuth2ClientDetailsServic
 	@Autowired
 	private OAuthClientDetailsPersistence clientDetailsPersistence;
 
+    @Autowired
+    private OAuthAccessTokenPersistence accessTokenPersistence;
+
 	private PasswordEncoder passwordEncoder = NoOpPasswordEncoder.getInstance();
 
 	public OAuth2ClientDetailsServiceImpl() {
@@ -57,6 +63,11 @@ public class OAuth2ClientDetailsServiceImpl implements OAuth2ClientDetailsServic
 		this.passwordEncoder = passwordEncoder;
 	}
 
+    @Override
+    public Collection<OAuthAccessToken> findTokensByClientId(String clientId) {
+        return accessTokenPersistence.findByClientId(clientId);
+    }
+
 	@Override
 	public ClientDetails loadClientByClientId(String clientId) throws InvalidClientException {
 		logger.info("loadClientByClientId: " + clientId);

src/main/java/org/genesys2/server/service/impl/OAuth2JPATokenStoreImpl.java

@@ -16,16 +16,6 @@
 
 package org.genesys2.server.service.impl;
 
-import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.genesys2.server.model.oauth.OAuthAccessToken;
@@ -44,6 +34,12 @@ import org.springframework.security.oauth2.provider.token.TokenStore;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.io.UnsupportedEncodingException;
+import java.math.BigInteger;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.*;
+
 /**
  * OAuth2JPATokenStoreImpl based on JdbcTokenStore
  * 

src/main/java/org/genesys2/server/servlet/controller/OAuthManagementController.java

+package org.genesys2.server.servlet.controller;
+
+
+import org.apache.commons.lang.RandomStringUtils;
+import org.genesys2.server.model.oauth.OAuthAccessToken;
+import org.genesys2.server.service.OAuth2ClientDetailsService;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.oauth2.common.DefaultOAuth2AccessToken;
+import org.springframework.security.oauth2.common.OAuth2AccessToken;
+import org.springframework.security.oauth2.provider.ClientDetails;
+import org.springframework.security.oauth2.provider.DefaultAuthorizationRequest;
+import org.springframework.security.oauth2.provider.OAuth2Authentication;
+import org.springframework.security.oauth2.provider.token.TokenStore;
+import org.springframework.stereotype.Controller;
+import org.springframework.ui.Model;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestMapping;
+
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Map;
+
+
+@Controller
+@RequestMapping("/management")
+public class OAuthManagementController extends BaseController {
+
+
+    @Autowired
+    private OAuth2ClientDetailsService clientDetailsService;
+
+    @Autowired
+    @Qualifier("tokenStore")
+//    @Qualifier("jdbcTokenStore")
+    private TokenStore tokenStore;
+
+
+    @RequestMapping("/tokens")
+    public String getAllTokens(Model model) {
+        model.addAttribute("clientDetailsList", clientDetailsService.listClientDetails());
+        return "/oauth/clientslist";
+    }
+
+    @RequestMapping("/{clientId}")
+    public String clientDetailsInfo(Model model, @PathVariable("clientId") String clientId) {
+        ClientDetails clientDetails = clientDetailsService.loadClientByClientId(clientId);
+        Collection<OAuthAccessToken> tokensByClientId = clientDetailsService.findTokensByClientId(clientId);
+
+        model.addAttribute("accessTokens", tokensByClientId);
+        model.addAttribute("clientDetails", clientDetails);
+        return "/oauth/detailsinfo";
+    }
+
+    @RequestMapping("/{clientId}/removeAll")
+    public String removeAllAccessTokens(@PathVariable("clientId") String clientId) {
+        createDefaultTestToken();
+
+        Collection<OAuthAccessToken> tokens = clientDetailsService.findTokensByClientId(clientId);
+        for (OAuthAccessToken token : tokens) {
+            tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(token.getTokenId()));
+        }
+
+        return "redirect:/management/" + clientId;
+    }
+
+
+    @RequestMapping("/{clientId}/{tokenId}/remove")
+    public String removeAccessTokens(@PathVariable("tokenId") String tokenId,
+                                     @PathVariable("clientId") String clientId) {
+
+        tokenStore.removeAccessToken(new DefaultOAuth2AccessToken(tokenId));
+        return "redirect:/management/" + clientId;
+    }
+
+    private void createDefaultTestToken() {
+        OAuth2AccessToken token = new DefaultOAuth2AccessToken(RandomStringUtils.randomAlphanumeric(5));
+        Map<String, String> map = new HashMap<>();
+        map.put("scope", "scope");
+        DefaultAuthorizationRequest request = new DefaultAuthorizationRequest(map);
+        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(RandomStringUtils.randomAlphanumeric(5), RandomStringUtils.randomAlphabetic(5));
+        OAuth2Authentication authentication = new OAuth2Authentication(request, authenticationToken);
+        tokenStore.storeAccessToken(token, authentication);
+    }
+
+
+}

src/main/resources/content/language.properties

@@ -434,4 +434,11 @@ verification.token-key=Validation key
 login.invalid-token=Invalid access token
 
 descriptor.category=Descriptor category
-method.coding-table=Coding table
\ No newline at end of file
+method.coding-table=Coding tableoauth-client.info=Client info
+
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all

src/main/resources/content/language_ar.properties

@@ -389,6 +389,13 @@ team.leave-team=مغادرة الفريق
 team.team-members=أعضاء الفريق
 team.page.profile.title=فريق\: {0}
 team.page.list.title=جميع الفرق
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/content/language_de.properties

@@ -389,6 +389,13 @@ team.leave-team=Team verlassen
 team.team-members=Teammitglieder
 team.page.profile.title=Team\: {0}
 team.page.list.title=Alle Teams
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/content/language_en.properties

@@ -19,4 +19,6 @@ validate.email.invalid.key=Invalid key
 userprofile.password=Reset password
 userprofile.enter.email=Enter your email
 userprofile.enter.password=Enter new password
-userprofile.email.send=Send email
\ No newline at end of file
+userprofile.email.send=Send email
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
\ No newline at end of file

src/main/resources/content/language_es.properties

@@ -389,6 +389,13 @@ team.leave-team=Dejar equipo
 team.team-members=Miembros del equipo
 team.page.profile.title=Equipo\: {0}
 team.page.list.title=Todos los equipos
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/content/language_fa.properties

@@ -247,6 +247,13 @@ userprofile.password=Reset password
 userprofile.enter.email=Enter your email
 userprofile.enter.password=Enter new password
 userprofile.email.send=Send email
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 
 # blurp.admin-no-blurp-here=No blurp here.
 # blurp.blurp-title=Blurp title

src/main/resources/content/language_fr.properties

@@ -389,6 +389,13 @@ team.leave-team=Quitter l'équipe
 team.team-members=Membres de l'équipe
 team.page.profile.title=Équipe \: {0}
 team.page.list.title=Toutes les équipes
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/content/language_pt.properties

@@ -389,6 +389,13 @@ team.leave-team=Sair da equipa
 team.team-members=Membros da equipa
 team.page.profile.title=Equipa\: {0}
 team.page.list.title=Todas as equipas
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/content/language_ru.properties

@@ -389,6 +389,13 @@ team.leave-team=Покинуть команду
 team.team-members=Члены команды
 team.page.profile.title=Команда\: {0}
 team.page.list.title=Все команды
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/content/language_sl.properties

@@ -19,4 +19,11 @@ validate.email.invalid.key=Invalid key
 userprofile.password=Reset password
 userprofile.enter.email=Enter your email
 userprofile.enter.password=Enter new password
-userprofile.email.send=Send email
\ No newline at end of file
+userprofile.email.send=Send email
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
\ No newline at end of file

src/main/resources/content/language_zh.properties

@@ -389,6 +389,13 @@ team.leave-team=离开团队
 team.team-members=团队成员
 team.page.profile.title=团队：{0}
 team.page.list.title=所有团队
+oauth-client.info=Client info
+oauth-client.list=List of oauth clients
+clinet.details.client.id=Client details id
+clinet.details.additional.info=Additional info
+clinet.details.token.list=List of tokens granted by all users
+oauth-client.remove=Remove
+oauth-client.remove.all=Remove all
 # validate.email.key=Enter key
 # validate.email=Email validation
 # validate.email.invalid.key=Invalid key

src/main/resources/spring/spring-db.xml

@@ -54,6 +54,7 @@
 				<prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop>
 				<prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop>
 				<prop key="hibernate.search.default.exclusive_index_use">false</prop>
+                <prop key="hibernate.dialect">org.hibernate.dialect.MySQL5Dialect</prop>
 			</props>
 		</property>
 		<property name="packagesToScan">

src/main/resources/spring/spring-security.xml

@@ -61,4 +61,8 @@
 		<sec:expression-handler ref="webExpressionHandler"/>
 	</sec:http>
 
+    <bean name="jdbcTokenStore" class="org.springframework.security.oauth2.provider.token.JdbcTokenStore">
+        <constructor-arg ref="dataSource"/>
+    </bean>
+
 </beans>
\ No newline at end of file

src/main/resources/spring/spring.properties

@@ -16,12 +16,12 @@
 
 base.url=http://localhost:8080
 
-db.url=jdbc:mysql://localhost/genesys4?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
+db.url=jdbc:mysql://localhost/genesys2?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
 db.driverClassName = com.mysql.jdbc.Driver
 db.username = root
-db.password = 
+db.password = 1
 db.showSql=false
-db.hbm2ddl=do-nothing
+db.hbm2ddl=update
 
 c3p0.acquireIncrement=1
 c3p0.minPoolSize=1

src/main/webapp/WEB-INF/jsp/oauth/clientslist.jsp

+<!DOCTYPE html>
+
+<%@include file="/WEB-INF/jsp/init.jsp" %>
+
+<html>
+<head>
+    <title><spring:message code="oauth-client.page.list.title"/></title>
+</head>
+<body>
+<h1>
+    <spring:message code="oauth-client.list"/>
+</h1>
+
+<p></p>
+<table class="accessions">
+    <tbody>
+    <c:forEach items="${clientDetailsList}" var="clientDetail">
+        <tr>
+            <td>
+                <a href="<c:url value="/management/${clientDetail.clientId}/"/>"><c:out
+                        value="${clientDetail.clientId}"/></a>
+            </td>
+        </tr>
+    </c:forEach>
+    </tbody>
+</table>
+</body>
+</html>

src/main/webapp/WEB-INF/jsp/oauth/detailsinfo.jsp

+<!DOCTYPE html>
+
+<%@include file="/WEB-INF/jsp/init.jsp" %>
+
+<html>
+<head>
+    <title><spring:message code="oauth-client.page.list.title"/></title>
+</head>
+<body>
+<h1>
+    <spring:message code="oauth-client.info"/>
+</h1>
+
+<div class="form-horizontal">
+
+    <div class="form-group">
+        <label class="col-lg-2 control-label"><spring:message code="clinet.details.client.id"/></label>
+
+        <div class="col-lg-5">${clientDetails.clientId}</div>
+    </div>
+
+    <div class="form-group">
+        <label class="col-lg-2 control-label"><spring:message code="clinet.details.token.list"/></label>
+
+        <div class="col-lg-5">
+            <table class="accessions">
+                <tbody>
+                <c:forEach items="${accessTokens}" var="accessToken">
+                    <tr>
+                        <td>${accessToken.userName}</td>
+                        <td>
+                            <a href="<c:url value="/management/${clientDetails.clientId}/${accessToken.tokenId}/remove"/> "><spring:message code="oauth-client.remove"/></a>
+                        </td>
+                    </tr>
+                </c:forEach>
+                </tbody>
+            </table>
+        </div>
+        <a href="<c:url value="/management/${clientDetails.clientId}/removeAll"/> "><spring:message code="oauth-client.remove.all"/></a>
+    </div>
+
+</div>
+
+
+</body>
+</html>