Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Genesys PGR
Genesys Backend
Commits
e9e6e37b
Commit
e9e6e37b
authored
Jan 31, 2014
by
Matija Obreza
Browse files
Updates to OAuth token management
parent
ba9efe93
Changes
10
Hide whitespace changes
Inline
Side-by-side
src/main/java/org/genesys2/server/model/oauth/OAuthAccessToken.java
View file @
e9e6e37b
...
...
@@ -16,13 +16,18 @@
package
org.genesys2.server.model.oauth
;
import
java.util.Date
;
import
javax.persistence.Column
;
import
javax.persistence.Entity
;
import
javax.persistence.Id
;
import
javax.persistence.Lob
;
import
javax.persistence.Table
;
import
org.genesys2.server.model.HibernateModel
;
import
org.springframework.security.oauth2.common.
Default
OAuth2AccessToken
;
import
org.springframework.security.oauth2.common.OAuth2AccessToken
;
import
org.springframework.security.oauth2.common.util.SerializationUtils
;
import
javax.persistence.*
;
import
java.util.Date
;
@Entity
@Table
(
name
=
"oauth_access_token"
)
public
class
OAuthAccessToken
implements
HibernateModel
{
...
...
@@ -53,31 +58,18 @@ public class OAuthAccessToken implements HibernateModel {
@Column
(
name
=
"refresh_token"
)
private
String
refreshToken
;
@Column
(
name
=
"created_date"
)
private
Date
createdDate
;
private
DefaultOAuth2AccessToken
defaultOAuth2AccessToken
;
@Column
(
name
=
"created_date"
)
private
Date
createdDate
;
private
synchronized
DefaultOAuth2AccessToken
getDefaultOAuth2AccessToken
()
{
if
(
this
.
defaultOAuth2AccessToken
==
null
)
{
this
.
defaultOAuth2AccessToken
=
SerializationUtils
.
deserialize
(
this
.
token
);
}
return
this
.
defaultOAuth2AccessToken
;
}
public
Date
getTokenExpiration
()
{
return
getDefaultOAuth2AccessToken
().
getExpiration
();
}
public
Date
getCreatedDate
()
{
return
createdDate
;
}
public
Date
getCreatedDate
()
{
return
createdDate
;
}
public
void
setCreatedDate
(
Date
createdDate
)
{
this
.
createdDate
=
createdDate
;
}
public
void
setCreatedDate
(
Date
createdDate
)
{
this
.
createdDate
=
createdDate
;
}
public
String
getTokenId
()
{
public
String
getTokenId
()
{
return
tokenId
;
}
...
...
@@ -171,4 +163,8 @@ public class OAuthAccessToken implements HibernateModel {
result
=
31
*
result
+
(
refreshToken
!=
null
?
refreshToken
.
hashCode
()
:
0
);
return
result
;
}
public
OAuth2AccessToken
getAccessToken
()
{
return
SerializationUtils
.
deserialize
(
this
.
token
);
}
}
src/main/java/org/genesys2/server/service/impl/OAuth2JPATokenStoreImpl.java
View file @
e9e6e37b
...
...
@@ -107,7 +107,7 @@ public class OAuth2JPATokenStoreImpl implements TokenStore {
List
<
OAuth2AccessToken
>
tokens
=
new
ArrayList
<
OAuth2AccessToken
>();
for
(
OAuthAccessToken
token
:
accessTokenPersistence
.
findByClientId
(
clientId
))
{
if
(
token
!=
null
)
{
tokens
.
add
(
deserializeAccessToken
(
token
.
getToken
())
)
;
tokens
.
add
(
token
.
get
Access
Token
());
}
}
return
tokens
;
...
...
@@ -118,7 +118,7 @@ public class OAuth2JPATokenStoreImpl implements TokenStore {
List
<
OAuth2AccessToken
>
tokens
=
new
ArrayList
<
OAuth2AccessToken
>();
for
(
OAuthAccessToken
token
:
accessTokenPersistence
.
findByUserName
(
username
))
{
if
(
token
!=
null
)
{
tokens
.
add
(
deserializeAccessToken
(
token
.
getToken
())
)
;
tokens
.
add
(
token
.
get
Access
Token
());
}
}
return
tokens
;
...
...
@@ -132,7 +132,7 @@ public class OAuth2JPATokenStoreImpl implements TokenStore {
try
{
// FIXME Dies with two keys issued to same user in same client
OAuthAccessToken
persisted
=
accessTokenPersistence
.
findByAuthenticationId
(
key
);
accessToken
=
deserializeAccessToken
(
persisted
.
getToken
()
)
;
accessToken
=
persisted
.
get
Access
Token
();
}
catch
(
NullPointerException
e
)
{
if
(
LOG
.
isInfoEnabled
())
{
LOG
.
debug
(
"Failed to find access token for authentication "
+
authentication
);
...
...
@@ -157,7 +157,7 @@ public class OAuth2JPATokenStoreImpl implements TokenStore {
try
{
OAuthAccessToken
persisted
=
accessTokenPersistence
.
findOne
(
extractTokenKey
(
tokenValue
));
accessToken
=
deserializeAccessToken
(
persisted
.
getToken
()
)
;
accessToken
=
persisted
.
get
Access
Token
();
}
catch
(
NullPointerException
e
)
{
if
(
LOG
.
isInfoEnabled
())
{
LOG
.
info
(
"Failed to find access token for token "
+
tokenValue
);
...
...
@@ -324,10 +324,6 @@ public class OAuth2JPATokenStoreImpl implements TokenStore {
return
SerializationUtils
.
serialize
(
authentication
);
}
protected
OAuth2AccessToken
deserializeAccessToken
(
byte
[]
token
)
{
return
SerializationUtils
.
deserialize
(
token
);
}
protected
OAuth2RefreshToken
deserializeRefreshToken
(
byte
[]
token
)
{
return
SerializationUtils
.
deserialize
(
token
);
}
...
...
src/main/java/org/genesys2/server/servlet/controller/OAuthManagementController.java
View file @
e9e6e37b
package
org.genesys2.server.servlet.controller
;
import
org.genesys2.server.model.oauth.OAuthAccessToken
;
import
org.genesys2.server.service.OAuth2ClientDetailsService
;
import
org.springframework.beans.factory.annotation.Autowired
;
...
...
@@ -16,70 +15,67 @@ import org.springframework.web.bind.annotation.RequestMapping;
import
java.util.Collection
;
@Controller
@RequestMapping
(
"/management"
)
public
class
OAuthManagementController
extends
BaseController
{
@Autowired
private
OAuth2ClientDetailsService
clientDetailsService
;
@Autowired
@Qualifier
(
"tokenStore"
)
private
TokenStore
tokenStore
;
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/allTokens"
)
public
String
getAllTokens
(
Model
model
)
{
model
.
addAttribute
(
"clientDetailsList"
,
clientDetailsService
.
listClientDetails
());
return
"/oauth/clientslist"
;
}
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/{clientId}"
)
public
String
clientDetailsInfo
(
Model
model
,
@PathVariable
(
"clientId"
)
String
clientId
)
{
ClientDetails
clientDetails
=
clientDetailsService
.
loadClientByClientId
(
clientId
);
Collection
<
OAuthAccessToken
>
tokensByClientId
=
clientDetailsService
.
findTokensByClientId
(
clientId
);
model
.
addAttribute
(
"accessTokens"
,
tokensByClientId
);
model
.
addAttribute
(
"clientDetails"
,
clientDetails
);
return
"/oauth/detailsinfo"
;
}
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/{clientId}/removeAll"
)
public
String
removeAllAccessTokens
(
@PathVariable
(
"clientId"
)
String
clientId
)
{
Collection
<
OAuthAccessToken
>
tokens
=
clientDetailsService
.
findTokensByClientId
(
clientId
);
for
(
OAuthAccessToken
token
:
tokens
)
{
tokenStore
.
removeAccessToken
(
new
DefaultOAuth2AccessToken
(
token
.
getTokenId
()));
}
return
"redirect:/management/"
+
clientId
;
}
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/{clientId}/{tokenId}/remove"
)
public
String
removeAccessTokens
(
@PathVariable
(
"tokenId"
)
String
tokenId
,
@PathVariable
(
"clientId"
)
String
clientId
)
{
tokenStore
.
removeAccessToken
(
new
DefaultOAuth2AccessToken
(
tokenId
));
return
"redirect:/management/"
+
clientId
;
}
@RequestMapping
(
"/user/{userName}/tokens"
)
public
String
getIssuedTokens
(
@PathVariable
(
"userName"
)
String
userName
,
Model
model
)
{
Collection
<
OAuthAccessToken
>
tokens
=
clientDetailsService
.
findTokensByUserName
(
userName
);
model
.
addAttribute
(
"tokens"
,
tokens
);
return
"/oauth/tokenslist"
;
}
@RequestMapping
(
"/user/{userName}/{tokenId}/remove"
)
public
String
removeUsersAccessToken
(
@PathVariable
(
"tokenId"
)
String
tokenId
,
@PathVariable
(
"userName"
)
String
userName
)
{
tokenStore
.
removeAccessToken
(
new
DefaultOAuth2AccessToken
(
tokenId
));
return
"redirect:/management/user/"
+
userName
+
"/tokens"
;
}
@Autowired
private
OAuth2ClientDetailsService
clientDetailsService
;
@Autowired
@Qualifier
(
"tokenStore"
)
private
TokenStore
tokenStore
;
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/allTokens"
)
public
String
getAllTokens
(
Model
model
)
{
model
.
addAttribute
(
"clientDetailsList"
,
clientDetailsService
.
listClientDetails
());
return
"/oauth/clientslist"
;
}
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/{clientId}"
)
public
String
clientDetailsInfo
(
Model
model
,
@PathVariable
(
"clientId"
)
String
clientId
)
{
ClientDetails
clientDetails
=
clientDetailsService
.
loadClientByClientId
(
clientId
);
Collection
<
OAuthAccessToken
>
tokensByClientId
=
clientDetailsService
.
findTokensByClientId
(
clientId
);
model
.
addAttribute
(
"accessTokens"
,
tokensByClientId
);
model
.
addAttribute
(
"clientDetails"
,
clientDetails
);
return
"/oauth/detailsinfo"
;
}
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/{clientId}/removeAll"
)
public
String
removeAllAccessTokens
(
@PathVariable
(
"clientId"
)
String
clientId
)
{
Collection
<
OAuthAccessToken
>
tokens
=
clientDetailsService
.
findTokensByClientId
(
clientId
);
for
(
OAuthAccessToken
token
:
tokens
)
{
tokenStore
.
removeAccessToken
(
new
DefaultOAuth2AccessToken
(
token
.
getTokenId
()));
}
return
"redirect:/management/"
+
clientId
;
}
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
@RequestMapping
(
"/{clientId}/{tokenId}/remove"
)
public
String
removeAccessTokens
(
@PathVariable
(
"tokenId"
)
String
tokenId
,
@PathVariable
(
"clientId"
)
String
clientId
)
{
tokenStore
.
removeAccessToken
(
new
DefaultOAuth2AccessToken
(
tokenId
));
return
"redirect:/management/"
+
clientId
;
}
@RequestMapping
(
"/user/{uuid}/tokens"
)
@PreAuthorize
(
"hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid"
)
public
String
getIssuedTokens
(
@PathVariable
(
"uuid"
)
String
uuid
,
Model
model
)
{
Collection
<
OAuthAccessToken
>
tokens
=
clientDetailsService
.
findTokensByUserName
(
uuid
);
model
.
addAttribute
(
"tokens"
,
tokens
);
return
"/oauth/tokenslist"
;
}
@RequestMapping
(
"/user/{uuid}/{tokenId}/remove"
)
@PreAuthorize
(
"hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid"
)
public
String
removeUsersAccessToken
(
@PathVariable
(
"tokenId"
)
String
tokenId
,
@PathVariable
(
"uuid"
)
String
uuid
)
{
tokenStore
.
removeAccessToken
(
new
DefaultOAuth2AccessToken
(
tokenId
));
return
"redirect:/management/user/"
+
uuid
+
"/tokens"
;
}
}
src/main/resources/spring/spring-db.xml
View file @
e9e6e37b
...
...
@@ -54,7 +54,6 @@
<prop
key=
"hibernate.hbm2ddl.auto"
>
${db.hbm2ddl}
</prop>
<prop
key=
"hibernate.search.default.indexBase"
>
${lucene.indexDir}
</prop>
<prop
key=
"hibernate.search.default.exclusive_index_use"
>
false
</prop>
<prop
key=
"hibernate.dialect"
>
org.hibernate.dialect.MySQL5Dialect
</prop>
</props>
</property>
<property
name=
"packagesToScan"
>
...
...
src/main/resources/spring/spring-security.xml
View file @
e9e6e37b
...
...
@@ -61,8 +61,4 @@
<sec:expression-handler
ref=
"webExpressionHandler"
/>
</sec:http>
<bean
name=
"jdbcTokenStore"
class=
"org.springframework.security.oauth2.provider.token.JdbcTokenStore"
>
<constructor-arg
ref=
"dataSource"
/>
</bean>
</beans>
\ No newline at end of file
src/main/resources/spring/spring.properties
View file @
e9e6e37b
...
...
@@ -16,12 +16,12 @@
base.url
=
http://localhost:8080
db.url
=
jdbc:mysql://localhost/genesys
2
?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
db.url
=
jdbc:mysql://localhost/genesys
4
?useUnicode=true&characterEncoding=UTF-8&useFastDateParsing=false
db.driverClassName
=
com.mysql.jdbc.Driver
db.username
=
root
db.password
=
1
db.showSql
=
fals
e
db.hbm2ddl
=
update
db.password
=
db.showSql=
tru
e
db.hbm2ddl
=
do-nothing
c3p0.acquireIncrement
=
1
c3p0.minPoolSize
=
1
...
...
src/main/webapp/WEB-INF/jsp/oauth/detailsinfo.jsp
View file @
e9e6e37b
...
...
@@ -23,12 +23,13 @@
<div
class=
"form-group"
>
<label
class=
"col-lg-2 control-label"
><spring:message
code=
"clinet.details.token.list"
/></label>
<div
class=
"col-lg-
5
"
>
<div
class=
"col-lg-
10
"
>
<table
class=
"accessions"
>
<tbody>
<c:forEach
items=
"
${
accessTokens
}
"
var=
"accessToken"
>
<tr>
<tr
class=
"${accessToken.accessToken.expired ? 'expired' : ''}"
>
<td>
${accessToken.userName}
</td>
<td><c:out
value=
"
${
jspHelper
.
userByUuid
(
accessToken
.
userName
).
email
}
"
/></td>
<td>
<a
href=
"
<c:url
value=
"/management/${clientDetails.clientId}/${accessToken.tokenId}/remove"
/>
"
><spring:message
code=
"oauth-client.remove"
/></a>
...
...
src/main/webapp/WEB-INF/jsp/oauth/tokenslist.jsp
View file @
e9e6e37b
...
...
@@ -25,7 +25,7 @@
<tbody>
<c:forEach
items=
"
${
tokens
}
"
var=
"token"
>
<tr>
<tr
class=
"${token.accessToken.expired ? 'expired' : ''}"
>
<td>
<a
href=
"
<c:url
value=
"/management/${token.clientId}"
/>
"
>
${token.clientId}
</a>
</td>
...
...
@@ -33,9 +33,10 @@
<fmt:formatDate
value=
"
${
token
.
createdDate
}
"
pattern=
"MM-dd-yyyy hh:mm:ss"
/>
</td>
<td>
<fmt:formatDate
value=
"
${
token
.
t
oken
E
xpiration
}
"
pattern=
"MM-dd-yyyy hh:mm:ss"
/>
<fmt:formatDate
value=
"
${
token
.
accessT
oken
.
e
xpiration
}
"
pattern=
"MM-dd-yyyy hh:mm:ss"
/>
</td>
<td>
<!-- FIXME Use POST -->
<a
href=
"
<c:url
value=
"/management/user/${token.userName}/${token.tokenId}/remove"
/>
"
><spring:message
code=
"oauth-client.remove"
/></a>
</td>
...
...
src/main/webapp/WEB-INF/jsp/user/profile.jsp
View file @
e9e6e37b
...
...
@@ -59,7 +59,7 @@
<a
href=
"
<c:url
value=
"/management/allTokens"
/>
"
class=
"btn btn-default"
>
<spring:message
code=
"oauth-client.list"
/></a>
</security:authorize>
<security:authorize
access=
"hasRole('ADMINISTRATOR') || (isAuthenticated() && principal.user.id == #user.id)"
>
<a
href=
"
<c:url
value=
"/management/user/${user.
email
}/tokens"
/>
"
class=
"btn btn-default"
><spring:message
code=
"oauth-client.issued.tokens"
/></a>
<a
href=
"
<c:url
value=
"/management/user/${user.
uuid
}/tokens"
/>
"
class=
"btn btn-default"
><spring:message
code=
"oauth-client.issued.tokens"
/></a>
</security:authorize>
<security:authorize
access=
"(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)"
>
<a
href=
"
<c:url
value=
"/profile/${user.uuid}/send"
/>
"
class=
"btn btn-default"
/>
Send validation email
</a>
...
...
src/main/webapp/html/css/custom.css
View file @
e9e6e37b
...
...
@@ -1234,7 +1234,7 @@ ul.funny-list {
background-position
:
center
right
;
}
table
.accessions
tr
.not-available
>
td
{
table
.accessions
tr
.not-available
>
td
,
table
tr
.expired
>
td
{
text-decoration
:
line-through
;
opacity
:
0.5
;
}
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment