MaDgIK
/
dnet-openaire-users
13
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge from clean services

This commit is contained in:
Konstantinos Triantafyllou 2023-08-03 16:39:20 +03:00
parent f84a3aa574 13665afe14
commit 20446e6fac
22 changed files with 198 additions and 1959 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
pom.xml
View File

@ -8,9 +8,8 @@
<modelVersion>4.0.0</modelVersion>
<artifactId>dnet-openaire-users</artifactId>
<packaging>war</packaging>
<version>2.1.1-BETA-SNAPSHOT</version>
<version>3.0.0-BETA-SNAPSHOT</version>
<scm>
<connection>scm:git:gitea@code-repo.d4science.org:MaDgIK/dnet-openaire-users.git</connection>
<developerConnection>scm:git:gitea@code-repo.d4science.org:MaDgIK/dnet-openaire-users.git</developerConnection>
<url>https://code-repo.d4science.org/MaDgIK/dnet-openaire-users/</url>
<tag>HEAD</tag>
@ -21,11 +20,6 @@
<artifactId>uoa-user-management</artifactId>
<version>2.0.5</version>
</dependency>
<dependency>
<groupId>eu.dnetlib</groupId>
<artifactId>uoa-login-core</artifactId>
<version>1.0.3</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
@ -56,6 +50,7 @@
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
</dependency>
<!-- About spring security -->
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-core</artifactId>
@ -71,6 +66,34 @@
<artifactId>spring-security-web</artifactId>
<version>4.2.1.RELEASE</version>
</dependency>
<!-- About redis -->
<dependency>
<groupId>org.springframework.session</groupId>
<artifactId>spring-session-data-redis</artifactId>
<version>1.3.1.RELEASE</version>
<type>pom</type>
</dependency>
<dependency>
<groupId>biz.paluch.redis</groupId>
<artifactId>lettuce</artifactId>
<version>3.5.0.Final</version>
</dependency>
<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>3.0.1</version>
</dependency>
<dependency>
<groupId>org.mitre</groupId>
<artifactId>openid-connect-client</artifactId>
<version>1.3.0</version>
<exclusions>
<exclusion>
<groupId>org.bouncycastle</groupId>
<artifactId>bcprov-jdk15on</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>

70
src/main/java/eu/dnetlib/openaire/usermanagement/JwksDeserializer.java
View File

@ -1,70 +0,0 @@
package eu.dnetlib.openaire.usermanagement;
import com.google.gson.*;
import java.lang.reflect.Type;
public class JwksDeserializer implements JsonDeserializer<Jwks> {
@Override
public Jwks deserialize(JsonElement jsonElement, Type type, JsonDeserializationContext jsonDeserializationContext)
throws JsonParseException {
JsonObject jsonObject = jsonElement.getAsJsonObject();
if (jsonObject == null) throw new JsonParseException("Jwks not valid.");
JsonArray jsonArray = jsonObject.getAsJsonArray("keys");
if (jsonArray == null ) throw new JsonParseException("Jwks not valid.");
Jwks jwks = new Jwks();
Key[] keys = new Key[jsonArray.size()];
Key key = null;
for (int i = 0; i < jsonArray.size(); i++) {
key = new Key();
JsonElement je = jsonArray.get(i);
if (je == null) throw new JsonParseException("Jwks not valid.");
if (je.getAsJsonObject().get("kty")==null) throw new JsonParseException("Jwks not valid.");
key.setKty(je.getAsJsonObject().get("kty").getAsString());
if (je.getAsJsonObject().get("e")==null) throw new JsonParseException("Jwks not valid.");
key.setE(je.getAsJsonObject().get("e").getAsString());
if (je.getAsJsonObject().get("kid")==null) throw new JsonParseException("Jwks not valid.");
key.setKid(je.getAsJsonObject().get("kid").getAsString());
if (je.getAsJsonObject().get("alg")==null) throw new JsonParseException("Jwks not valid.");
key.setAlg(je.getAsJsonObject().get("alg").getAsString());
if (je.getAsJsonObject().get("n")==null) throw new JsonParseException("Jwks not valid.");
key.setN(je.getAsJsonObject().get("n").getAsString());
keys[i] = key;
}
jwks.setKeys(keys);
return jwks;
}
}
/*
public static void main(String[] args) {
Gson gson = new GsonBuilder().registerTypeAdapter(Jwks.class, new JwksDeserializer()).create();
String jwksJson = "{\n" +
" \"keys\": [\n" +
" {\n" +
" \"kty\": \"RSA\",\n" +
" \"e\": \"AQAB\",\n" +
" \"kid\": \"05794a3c-a6f5-430c-9822-da4e53597ba5\",\n" +
" \"alg\": \"RS256\",\n" +
" \"n\": \"hm_OUny05OJEwbGBqPjE7wWvnwTMgqUHJFis_S9nM7hTivXQ_LX9f89RaVcPpXboox81Y8rrfuVwV0nc-FGr_E0FFpI-IwJ_sUUEDwf-5Qxor3LNc_S_5BiPOfFHY7c-R-ablRIAvVTXqwIjcyLVQnaHLjb9XQPf9lBt9sCZ2jN-9HOLztMO3BZWZYIFqvNr8ySKHfVPdlk0Wx3N45KPY0kgxk5RPYW0HLRakSlhIJtqYCJOr2IiDUEMAj9Z9BoWjeUKiAX3E3ZRo-DO1TWcc7feq-0Pei2IBw3lvNpgcBBv1_BlrsZYzQqkKOcDbLAppuhR3inUNhc3G67OuWt8ow\"\n" +
" }\n" +
" ]\n" +
"}";
Jwks jwks = gson.fromJson(jwksJson, Jwks.class);
for(Key key:jwks.getKeys()) {
//System.out.println(key.getE());
}
}
}
*/

30
src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java
View File

@ -1,9 +1,9 @@
package eu.dnetlib.openaire.usermanagement;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
@ -12,22 +12,16 @@ import java.io.IOException;
public class OverviewServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
@Value("${developers.url}")
private String url;
boolean isAuthenticated = !SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
.equals("anonymousUser");
public void init(ServletConfig config) throws ServletException {
super.init(config);
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
config.getServletContext());
}
if (isAuthenticated) {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
request.getSession().setAttribute("authenticated", isAuthenticated);
request.getSession().setAttribute("name", name.toString());
}
response.setContentType("text/html");
request.getRequestDispatcher("./overview.jsp").include(request, response);
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
response.sendRedirect(url + "/");
}
}

99
src/main/java/eu/dnetlib/openaire/usermanagement/PersonalTokenServlet.java
View File

@ -1,19 +1,6 @@
package eu.dnetlib.openaire.usermanagement;
import com.google.gson.Gson;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpHeaders;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.log4j.Logger;
import org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
import javax.servlet.ServletConfig;
@ -22,25 +9,11 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.ArrayList;
import java.util.List;
public class PersonalTokenServlet extends HttpServlet {
@Value("${oidc.secret}")
private String secret;
@Value("${oidc.id}")
private String id;
@Value("${oidc.issuer}")
private String issuer;
@Autowired
private StaticClientConfigurationService staticClientConfigurationService;
private Logger logger = Logger.getLogger(PersonalTokenServlet.class);
@Value("${developers.url}")
private String url;
public void init(ServletConfig config) throws ServletException {
super.init(config);
@ -48,69 +21,7 @@ public class PersonalTokenServlet extends HttpServlet {
config.getServletContext());
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
response.setContentType("text/html");
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
request.getSession().setAttribute("name", name.toString());
request.getSession().setAttribute("accessToken", authentication.getAccessTokenValue());
request.getSession().setAttribute("refreshToken", authentication.getRefreshTokenValue());
request.getRequestDispatcher("./personal.jsp").include(request, response);
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
response.sendRedirect(url + "/personal-token");
}
public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
String refreshToken = authentication.getRefreshTokenValue();
List<String> oldRefreshTokens = null;
try {
oldRefreshTokens = getOldRefreshTokens(authentication.getRefreshTokenValue(), authentication.getAccessTokenValue());
deleteOldRefreshTokens(oldRefreshTokens, authentication.getAccessTokenValue());
} catch (IOException e) {
logger.error("Error deleting old refresh tokens.", e);
//TODO should I let user know?
}
request.getSession().setAttribute("showRefreshToken", true);
response.sendRedirect("./personalToken");
}
private void deleteOldRefreshTokens(List<String> oldRefreshTokens, String accessToken) throws IOException {
HttpDelete httpDelete;
CloseableHttpClient httpclient = HttpClients.createDefault();
for (String refreshTokenId:oldRefreshTokens) {
httpDelete = new HttpDelete(issuer + "/api/tokens/refresh/" + refreshTokenId);
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
HttpResponse response = httpclient.execute(httpDelete);
if (response.getStatusLine().getStatusCode()!=200) {
logger.warn("Could not delete old refresh tokens." + response.getStatusLine().getStatusCode());
//System.out.println("Could not delete old refresh tokens." + response.getStatusLine().getStatusCode());//TODO should I throw exception?
}
}
}
private List<String> getOldRefreshTokens(String currentRefreshToken, String accessToken) throws IOException {
HttpGet httpGet = new HttpGet(issuer + "/api/tokens/refresh");
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
CloseableHttpClient httpclient = HttpClients.createDefault();
String jsonResponse = IOUtils.toString(httpclient.execute(httpGet).getEntity().getContent(), StandardCharsets.UTF_8.name());
Gson gson = new Gson();
List<String> oldRefreshTokens = null;
for(RefreshToken refreshToken:gson.fromJson(jsonResponse, RefreshToken[].class)){
if (oldRefreshTokens == null) {
oldRefreshTokens = new ArrayList<>();
}
if (!refreshToken.getValue().equals(currentRefreshToken)) {
oldRefreshTokens.add(refreshToken.getId()+"");
}
}
return oldRefreshTokens;
}
}
}

58
src/main/java/eu/dnetlib/openaire/usermanagement/RefreshToken.java
View File

@ -1,58 +0,0 @@
package eu.dnetlib.openaire.usermanagement;
public class RefreshToken {
private String value;
private int id;
private String[] scopes;
private String clientId;
private String userId;
private String expliration;
public String getValue() {
return value;
}
public void setValue(String value) {
this.value = value;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public String[] getScopes() {
return scopes;
}
public void setScopes(String[] scopes) {
this.scopes = scopes;
}
public String getClientId() {
return clientId;
}
public void setClientId(String clientId) {
this.clientId = clientId;
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
this.userId = userId;
}
public String getExpliration() {
return expliration;
}
public void setExpliration(String expliration) {
this.expliration = expliration;
}
}

409
src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java
View File

@ -1,18 +1,6 @@
package eu.dnetlib.openaire.usermanagement;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import com.google.gson.JsonParseException;
import eu.dnetlib.openaire.user.pojos.RegisteredService;
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
import org.apache.commons.validator.routines.UrlValidator;
import org.apache.http.HttpResponse;
import org.apache.log4j.Logger;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.method.P;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
import javax.servlet.ServletConfig;
@ -21,12 +9,12 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.SQLException;
public class RegisterServiceServlet extends HttpServlet {
private Logger logger = Logger.getLogger(RegisterServiceServlet.class);
@Value("${developers.url}")
private String url;
public void init(ServletConfig config) throws ServletException {
super.init(config);
@ -34,394 +22,7 @@ public class RegisterServiceServlet extends HttpServlet {
config.getServletContext());
}
@Autowired
private RegisteredServicesUtils registeredServicesUtils;
@Autowired
private TokenUtils tokenUtils;
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
getContext().getAuthentication();
String userid = authentication.getSub();
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
request.getSession().setAttribute("name", name.toString());
String idParam = request.getParameter("id");
if (idParam != null && !idParam.isEmpty()) { // EDIT CASE
//System.out.println("In edit");
try {
int id = Integer.parseInt(idParam);
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(id);
if (registeredService != null && registeredServicesUtils.isAuthorized(userid, id)) {
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(), registeredService.getRegistrationAccessToken());
updateFormFields(request, registeredService.getName(), registeredService.getKeyType(), serviceResponse);
} else {
if (registeredService == null) {
//System.out.println("No service found!");
request.getSession().setAttribute("message", "Not valid registered service with given id " + id + ".");
response.sendRedirect("./registeredServices");
logger.warn("Not valid registered service with " + id + "id.");
} else {
//System.out.println("Not authorized");
request.getSession().setAttribute("message", "Not authorized to edit the registered service with id " + id + ".");
response.sendRedirect("./registeredServices");
logger.warn("Not authorized to edit the service with " + id + "id.");
}
}
} catch (NumberFormatException nfe) {
//System.out.println("WRONG FORMAT");
request.getSession().setAttribute("message", "Invalid service id.");
response.sendRedirect("./registeredServices");
logger.error("Invalid service id.", nfe);
} catch (SQLException sqle) {
//System.out.println("SQL PROBLEM");
request.getSession().setAttribute("message", "Could not fetch registered service.");
response.sendRedirect("./registeredServices");
logger.error("Could not fetch registered service.", sqle);
}
} else {// NEW SERVICE CASE
//Careful! Redirects in method
request.getSession().setAttribute("first_name", null);
request.getSession().setAttribute("key_type", null);
request.getSession().setAttribute("jwksUri", null);
request.getSession().setAttribute("value", null);
checkNumberOfRegisteredServices(request, response, authentication);
}
response.setContentType("text/html");
request.getRequestDispatcher("./registerService.jsp").include(request, response);
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
response.sendRedirect(url + "/apis");
}
private void updateFormFields(HttpServletRequest request, String serviceName, String keyType, ServiceResponse serviceResponse) {
//System.out.println("UPDATING FORM");
request.getSession().setAttribute("first_name", serviceName);
//System.out.println("Service response URI " + serviceResponse.getJwksUri());
request.getSession().setAttribute("key_type", keyType);
if (keyType != null) {
if (keyType.equals("uri")) {
request.getSession().setAttribute("jwksUri", serviceResponse.getJwksUri());
} else {
Key key;
if (serviceResponse.getJwks() != null) {
key = serviceResponse.getJwks().keys[0];
} else {
key = new Key();
}
//System.out.println("Service response keys " + serviceResponse.getJwksUri());
Gson gson = new GsonBuilder().setPrettyPrinting().create();
request.getSession().setAttribute("value", gson.toJson(key));
}
}
}
public void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
getContext().getAuthentication();
response.setContentType("text/html");
boolean canProceed = true;
String mode = request.getParameter("mode").trim();
//System.out.println("Mode was " + mode);
checkmode(mode);
//System.out.println("Mode is " + mode);
String serviceId = request.getParameter("id");
String name = request.getParameter("first_name").trim();
if (name.isEmpty()) {
request.getSession().setAttribute("first_name_error", true);
canProceed = false;
}
String keyType = request.getParameter("key_type");
String jwksUri = null;
String jwksString = null;
Jwks jwks = null;
if(keyType != null) {
keyType = keyType.trim();
if (keyType.equals("uri")) {
jwksUri = request.getParameter("uri");
request.getSession().setAttribute("jwksUri", jwksUri);
String[] schemes = {"https"};
UrlValidator urlValidator = new UrlValidator(schemes);
if (!urlValidator.isValid(jwksUri)) {
request.getSession().setAttribute("uri_error", true);
canProceed = false;
}
} else {
jwksString = request.getParameter("value");
try {
Gson gson = new GsonBuilder().registerTypeAdapter(Jwks.class, new JwksDeserializer()).create();
String jwksSet = String.format("{\"keys\":[%s]}", jwksString);
jwks = gson.fromJson(jwksSet, Jwks.class);
request.getSession().setAttribute("value", jwksString);
if (jwks.getKeys() == null || jwks.getKeys().length == 0) {
//System.out.println("Something wrong with the keys.");
request.getSession().setAttribute("value_error", true);
canProceed = false;
}
} catch (JsonParseException jpe) {
request.getSession().setAttribute("value_error", true);
canProceed = false;
}
}
}
String userid = authentication.getSub();
String email = authentication.getUserInfo().getEmail();
ServiceResponse serviceResponse = null;
if (nameIsValid(name) && userInfoIsValid(userid, email) && keyIsValid(keyType, jwksUri, jwksString) && canProceed) {
String serverMessage;
if (mode.equals("create")) {
//Careful! Redirects in method
if (!checkNumberOfRegisteredServices(request, response, authentication)) {
return;
}
String serverRequestJSON = null;
if(keyType == null) {
serverRequestJSON = createServiceJson(null, name, email);
} else if (keyType.equals("uri")) {
serverRequestJSON = createServiceJson(null, name, email, jwksUri);
} else if (keyType.equals("value")){
serverRequestJSON = createServiceJson(null, name, email, jwks);
}
if(serverRequestJSON != null) {
//System.out.println("SERVER JSON " + serverRequestJSON);
serverMessage = tokenUtils.registerService(serverRequestJSON);
logger.debug(serverMessage);
if (serverMessage == null) {
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
response.sendRedirect("./registeredServices");
return;
}
serviceResponse = new Gson().fromJson(serverMessage, ServiceResponse.class);
String client_id = serviceResponse.getClientId();
RegisteredService registeredService = new RegisteredService(client_id, userid, name, serviceResponse.getRegistrationAccessToken(), keyType);
try {
registeredServicesUtils.addRegistedService(registeredService);
if(registeredService.getKeyType() != null) {
request.getSession().setAttribute("success",
"Your service has been successfully registered!<br>" +
"<b>Client ID</b>: " + serviceResponse.getClientId());
} else {
request.getSession().setAttribute("success",
"Your service has been successfully registered!<br>" +
"<b>Client ID</b>: " + serviceResponse.getClientId() +
"<br><span style=\"word-wrap: break-word\"><b>Client Secret</b>:" + serviceResponse.getClientSecret() + "</span>");
}
} catch (SQLException sqle) {
logger.error("Fail to save service.", sqle);
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
response.sendRedirect("./registeredServices");
return;
}
} else {
logger.error("Service request JSON is null");
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
response.sendRedirect("./registeredServices");
return;
}
} else {
int serviceIdInt = 0;
if (serviceId == null || serviceId.isEmpty()) { //TODO WRONG MESSAGE
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
response.sendRedirect("./registeredServices");
} else {
//System.out.println("In edit...");
try {
serviceIdInt = Integer.parseInt(serviceId);
if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) {
request.getSession().setAttribute("message", "You have no permission to edit the service.");
response.sendRedirect("./registeredServices");
} else {
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt);
if (registeredService != null && registeredService.getClientId() != null) {
String serverRequestJSON = null;
if (keyType == null) {
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email);
} else if (keyType.equals("uri")) {
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri);
} else if (keyType.equals("value")) {
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks);
}
if (serverRequestJSON != null) {
//System.out.println("SERVER JSON " + serverRequestJSON);
HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken());
if (resp.getStatusLine().getStatusCode() == 200) {
//System.out.println("NAME >>>>" + name);
registeredService.setName(name);
//System.out.println("Client Id " + registeredService.getClientId());
try {
registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
} catch (SQLException sqle) {
logger.error("Unable to contact db.", sqle);
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
response.setContentType("text/html");
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
return;
}
request.getSession().setAttribute("success",
"Your service has been successfully updated!<br>" +
"<b>Client ID</b>: " + registeredService.getClientId());
}
} else {
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
response.sendRedirect("./registeredServices");
return;
}
} else {
logger.error("Service request JSON is null");
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
response.sendRedirect("./registeredServices");
return;
}
}
} catch(SQLException sqle){
logger.error("Unable to access service with id " + serviceId, sqle);
request.getSession().setAttribute("message", "There was an error accessing your service.");
response.sendRedirect("./registeredServices");
} catch(NumberFormatException nfe){
logger.error("Unable to access service with id " + serviceId, nfe);
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
response.sendRedirect("./registeredServices");
}
}
}
} else {
//something is wrong with the form and the error messages will appear
request.getSession().setAttribute("first_name", name);
request.getSession().setAttribute("key_type", keyType);
request.getSession().setAttribute("uri", jwksUri);
request.getSession().setAttribute("value", jwksString);
if (serviceId != null && !serviceId.isEmpty()) {
request.getRequestDispatcher("./registerService.jsp?id=" + serviceId).forward(request, response);
} else {
request.getRequestDispatcher("./registerService.jsp").include(request, response);
}
return;
}
response.sendRedirect("./registeredServices");
}
private void checkmode(String mode) {
if (mode != null && !mode.isEmpty()) {
if (!mode.equals("edit") || mode.equals("create")) {
mode = "create";
}
} else {
mode = "create";
}
}
private boolean keyIsValid(String keyType, String jwksUri, String jwksString) {
return keyType == null || (keyType.equals("uri") && jwksUri != null && !jwksUri.isEmpty()) ||
keyType.equals("value") && jwksString != null && !jwksString.isEmpty();
}
private boolean userInfoIsValid(String userid, String email) {
return userid != null && !userid.isEmpty() &&
email != null && !email.isEmpty();
}
private boolean nameIsValid(String name) {
return name != null && !name.isEmpty();
}
private boolean checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
try {
long numberOfRegisteredServices =
registeredServicesUtils.getRegisteredServiceDao().countRegisteredServices(authentication.getSub());
if (numberOfRegisteredServices >= 5) {
response.sendRedirect("./registeredServices"); // The message there already exists.
return false;
}
} catch (SQLException sqle) {
logger.error("Unable to count registered services.", sqle);
request.getSession().setAttribute("message", "Unable to contact DB. Please try again later.");
response.sendRedirect("./registeredServices");
return false;
}
return true;
}
private static String createServiceJson(String clientId, String name, String email) {
ServiceRequest serviceJSON = new ServiceRequest();
serviceJSON.setClientId(clientId);
serviceJSON.setClientName(name);
serviceJSON.setContacts(new String[]{email});
serviceJSON.setToken_endpoint_auth_method("client_secret_basic");
serviceJSON.setTokenEndpointAuthSigningAlg(null);
GsonBuilder builder = new GsonBuilder();
builder.serializeNulls();
Gson gson = builder.create();
//System.out.println("Created json " + serviceJSON);
return gson.toJson(serviceJSON);
}
private static String createServiceJson(String clientId, String name, String email, String jwksURI) {
ServiceRequest serviceJSON = new ServiceRequest();
serviceJSON.setClientId(clientId);
serviceJSON.setClientName(name);
serviceJSON.setContacts(new String[]{email});
serviceJSON.setJwksUri(jwksURI);
GsonBuilder builder = new GsonBuilder();
builder.serializeNulls();
Gson gson = builder.create();
//System.out.println("Created json " + serviceJSON);
return gson.toJson(serviceJSON);
}
private static String createServiceJson(String clientId, String name, String email, Jwks jwks) {
ServiceRequest serviceJSON = new ServiceRequest();
serviceJSON.setClientId(clientId);
serviceJSON.setClientName(name);
serviceJSON.setContacts(new String[]{email});
serviceJSON.setJwks(jwks);
GsonBuilder builder = new GsonBuilder();
builder.serializeNulls();
Gson gson = builder.create();
//System.out.println("Created json " + serviceJSON);
return gson.toJson(serviceJSON);
}
}

143
src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java
View File

@ -1,15 +1,6 @@
package eu.dnetlib.openaire.usermanagement;
import com.google.gson.Gson;
import com.google.gson.GsonBuilder;
import eu.dnetlib.openaire.user.pojos.RegisteredService;
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
import org.apache.http.HttpResponse;
import org.apache.log4j.Logger;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
import javax.servlet.ServletConfig;
@ -18,20 +9,11 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class RegisteredServicesServlet extends HttpServlet {
private Logger logger = Logger.getLogger(RegisteredServicesServlet.class);
@Autowired
private RegisteredServicesUtils registeredServicesUtils;
@Autowired
private TokenUtils tokenUtils;
@Value("${developers.url}")
private String url;
public void init(ServletConfig config) throws ServletException {
super.init(config);
@ -39,122 +21,7 @@ public class RegisteredServicesServlet extends HttpServlet {
config.getServletContext());
}
public void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getSession().setAttribute("authenticated",
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
.equals("anonymousUser"));
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
getContext().getAuthentication();
String userId = authentication.getSub();
List<RegisteredService> registeredServices = null;
try {
registeredServices = registeredServicesUtils.
getRegisteredServiceDao().fetchAllRegisteredServicesByOwner(userId);
//System.out.println("LOAD REGISTERED SERVICES. " + registeredServices.size());
if (registeredServices.isEmpty()) {
request.getSession().setAttribute("showEmptyList", true);
} else {
Map<String, ServiceResponse> serviceResponses = new HashMap<>();
Map<String, String> serviceKey = new HashMap<>();
for (RegisteredService registeredService:registeredServices) {
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(),registeredService.getRegistrationAccessToken());
serviceResponses.put(registeredService.getId(), serviceResponse);
serviceKey.put(registeredService.getId(), extractPublicKeySet(serviceResponse));
}
boolean reachedLimit = reachedMaximumNumberOfServices(registeredServices);
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
request.getSession().setAttribute("name", name.toString());
request.getSession().setAttribute("reachedLimit", reachedLimit);
//System.out.println("REACHED LIMIT??? " + reachedLimit);
request.getSession().setAttribute("services", serviceResponses);
request.getSession().setAttribute("keys", serviceKey);
}
request.getSession().setAttribute("registeredServices", registeredServices);
} catch (SQLException sqle) {
logger.error("Error fetching registered services for user " + userId , sqle);
request.getSession().setAttribute("message", "Error fetching registered services. " +
"Please try again later.");
request.getSession().setAttribute("showEmptyList", false);
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
}
response.setContentType("text/html");
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
}
private String extractPublicKeySet(ServiceResponse serviceResponse) {
if (serviceResponse.getJwksUri()!=null && !serviceResponse.getJwksUri().isEmpty())
return serviceResponse.getJwksUri();
return extractJSONJwk(serviceResponse.getJwks());
}
private String extractJSONJwk(Jwks jwks) {
Gson gson = new GsonBuilder().setPrettyPrinting().create();
//System.out.println(gson.toJson(jwks));
return gson.toJson(jwks);
}
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
getContext().getAuthentication();
String id = request.getParameter("id");
//System.out.println("POST " +id);
if (id!=null && !id.isEmpty()) {
try {
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(id));
if (!registeredService.getOwner().equals(authentication.getSub())) {
request.getSession().setAttribute("message", "You are not allowed to delete the service.");
//System.out.println("BLOCKED " + registeredService.getOwner() + " >> " + authentication.getSub());
response.sendRedirect("./registeredServices");
return;
}
HttpResponse resp = tokenUtils.deleteService(registeredService.getClientId(), registeredService.getRegistrationAccessToken());
int statusCode = resp.getStatusLine().getStatusCode();
//System.out.println("STATUS CODE " + statusCode);
if (statusCode != 204) {
logger.error("Unable to delete the service. Status code was " + statusCode);
request.getSession().setAttribute("message", "Fail to delete the service. Status " + statusCode);
//System.out.println("AAI blocked");
response.sendRedirect("./registeredServices");
return;
} else {
registeredServicesUtils.getRegisteredServiceDao().delete(Integer.parseInt(id));
request.getSession().setAttribute("success", "The service was successfully deleted.");
//System.out.println("HERE HERE");
}
} catch (SQLException sqle) {
logger.error("Unable to contact db.", sqle);
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
}
} else {
request.getSession().setAttribute("message", "Error selecting service to delete. Please try again.");
}
response.sendRedirect("./registeredServices");
}
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) {
return registeredServices.size() >= 5;
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
response.sendRedirect(url + "/apis");
}
}

170
src/main/java/eu/dnetlib/openaire/usermanagement/ServiceRequest.java
View File

@ -1,170 +0,0 @@
package eu.dnetlib.openaire.usermanagement;
import java.io.Serializable;
public class ServiceRequest {
String client_name;
String client_id;
String logo_uri;
String policy_uri;
String[] contacts;
String[] redirect_uris = new String[]{};
String[] grant_types = new String[] {"client_credentials"};
String token_endpoint_auth_method = "private_key_jwt";
String token_endpoint_auth_signing_alg = "RS256";
String jwks_uri;
Jwks jwks;
public String getClientName() {
return client_name;
}
public void setClientName(String clientName) {
this.client_name = clientName;
}
public String getClientId() {
return client_id;
}
public void setClientId(String clientId) {
this.client_id = clientId;
}
public String[] getRedirectUris() {
return redirect_uris;
}
public void setRedirectUris(String[] redirectUris) {
this.redirect_uris = redirectUris;
}
public String getLogoUri() {
return logo_uri;
}
public void setLogoUri(String logoUri) {
this.logo_uri = logoUri;
}
public String getPolicyUri() {
return policy_uri;
}
public void setPolicyUri(String policyUri) {
this.policy_uri = policyUri;
}
public String[] getContacts() {
return contacts;
}
public void setContacts(String[] contacts) {
this.contacts = contacts;
}
public String[] getGrantTypes() {
return grant_types;
}
public void setGrantTypes(String[] grantTypes) {
this.grant_types = grantTypes;
}
public String getToken_endpoint_auth_method() {
return token_endpoint_auth_method;
}
public void setToken_endpoint_auth_method(String token_endpoint_auth_method) {
this.token_endpoint_auth_method = token_endpoint_auth_method;
}
public String getTokenEndpointAuthSigningAlg() {
return token_endpoint_auth_signing_alg;
}
public void setTokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlg) {
this.token_endpoint_auth_signing_alg = tokenEndpointAuthSigningAlg;
}
public String getJwksUri() {
return jwks_uri;
}
public void setJwksUri(String jwksUri) {
this.jwks_uri = jwksUri;
}
public Jwks getJwks() {
return jwks;
}
public void setJwks(Jwks jwks) {
this.jwks = jwks;
}
}
class Jwks implements Serializable {
Key[] keys;
public Key[] getKeys() {
return keys;
}
public void setKeys(Key[] keys) {
this.keys = keys;
}
}
class Key implements Serializable {
String kty;
String e;
String kid;
String alg;
String n;
public String getKty() {
return kty;
}
public void setKty(String kty) {
this.kty = kty;
}
public String getE() {
return e;
}
public void setE(String e) {
this.e = e;
}
public String getKid() {
return kid;
}
public void setKid(String kid) {
this.kid = kid;
}
public String getAlg() {
return alg;
}
public void setAlg(String alg) {
this.alg = alg;
}
public String getN() {
return n;
}
public void setN(String n) {
this.n = n;
}
}

93
src/main/java/eu/dnetlib/openaire/usermanagement/ServiceResponse.java
View File

@ -1,93 +0,0 @@
package eu.dnetlib.openaire.usermanagement;
import java.io.Serializable;
public class ServiceResponse implements Serializable {
String client_id;
Long client_id_issued_at;
String client_secret;
Long client_secret_expires_at;
String registration_access_token;
String registration_client_uri;
String[] redirect_uris;
String client_name;
String logo_uri;
String policy_uri;
String[] contacts;
String[] grant_types;
String token_endpoint_auth_method;
String token_endpoint_auth_signing_alg;
String scope;
String jwks_uri;
Jwks jwks;
public String getClientId() {
return client_id;
}
public Long getClientIdIssuedAt() {
return client_id_issued_at;
}
public String getClientSecret() {
return client_secret;
}
public Long getClientSecretExpiresAt() {
return client_secret_expires_at;
}
public String getRegistrationAccessToken() {
return registration_access_token;
}
public String getRegistrationClientUri() {
return registration_client_uri;
}
public String[] getRedirectUris() {
return redirect_uris;
}
public String getClientName() {
return client_name;
}
public String getLogoUri() {
return logo_uri;
}
public String getPolicyUri() {
return policy_uri;
}
public String[] getContacts() {
return contacts;
}
public String[] getGrantTypes() {
return grant_types;
}
public String getTokenEndpointAuthMethod() {
return token_endpoint_auth_method;
}
public String getTokenEndpointAuthSigningAlg() {
return token_endpoint_auth_signing_alg;
}
public String getScope() {
return scope;
}
public String getJwksUri() {
return jwks_uri;
}
public Jwks getJwks() {
return jwks;
}
}

2
src/main/java/eu/dnetlib/openaire/usermanagement/api/Test3Service.java
View File

@ -7,9 +7,9 @@ import com.google.gson.JsonObject;
import com.google.gson.JsonParser;
import eu.dnetlib.openaire.user.dao.SQLMigrationUserDAO;
import eu.dnetlib.openaire.user.ldap.MUserActionsLDAP;
import eu.dnetlib.openaire.user.login.utils.AuthoritiesMapper;
import eu.dnetlib.openaire.user.pojos.migration.LDAPUser;
import eu.dnetlib.openaire.user.store.DataSourceConnector;
import eu.dnetlib.openaire.usermanagement.authorization.AuthoritiesMapper;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;

41
src/main/java/eu/dnetlib/openaire/usermanagement/authorization/AuthoritiesMapper.java Normal file
View File

@ -0,0 +1,41 @@
package eu.dnetlib.openaire.usermanagement.authorization;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import org.apache.log4j.Logger;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import java.util.Collection;
import java.util.HashSet;
import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class AuthoritiesMapper {
private static final Logger logger = Logger.getLogger(AuthoritiesMapper.class);
public static Collection<? extends GrantedAuthority> map(JsonArray entitlements) {
HashSet<SimpleGrantedAuthority> authorities = new HashSet<>();
String regex = "urn:geant:openaire[.]eu:group:([^:]*):?(.*)?:role=member#aai[.]openaire[.]eu";
for(JsonElement obj: entitlements) {
Matcher matcher = Pattern.compile(regex).matcher(obj.getAsString());
if (matcher.find()) {
StringBuilder sb = new StringBuilder();
if(matcher.group(1) != null && matcher.group(1).length() > 0) {
sb.append(matcher.group(1).replace("+-+", "_").replaceAll("[+.]", "_").toUpperCase());
}
if(matcher.group(2).length() > 0) {
sb.append("_");
if(matcher.group(2).equals("admins")) {
sb.append("MANAGER");
} else {
sb.append(matcher.group(2).toUpperCase());
}
}
authorities.add(new SimpleGrantedAuthority(sb.toString()));
}
}
return authorities;
}
}

49
src/main/java/eu/dnetlib/openaire/usermanagement/authorization/Config.java Normal file
View File

@ -0,0 +1,49 @@
package eu.dnetlib.openaire.usermanagement.authorization;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.PropertySource;
import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
import org.springframework.session.data.redis.config.annotation.web.http.EnableRedisHttpSession;
import org.springframework.session.web.http.CookieSerializer;
import org.springframework.session.web.http.DefaultCookieSerializer;
@Configuration
@EnableRedisHttpSession
public class Config {
private static Logger logger = Logger.getLogger(Config.class);
@Value("${redis.host:localhost}")
private String host;
@Value("${redis.port:6379}")
private String port;
@Value("${redis.password:#{null}}")
private String password;
@Value("${webbapp.front.domain:.openaire.eu}")
private String domain;
@Bean
public LettuceConnectionFactory connectionFactory() {
logger.info(String.format("Redis connection listens to %s:%s ",host,port));
LettuceConnectionFactory factory = new LettuceConnectionFactory(host,Integer.parseInt(port));
if(password != null) factory.setPassword(password);
return factory;
}
@Bean
public CookieSerializer cookieSerializer() {
logger.info("Cookie Serializer: Domain is "+domain);
DefaultCookieSerializer serializer = new DefaultCookieSerializer();
serializer.setCookieName("openAIRESession"); // <1>
serializer.setCookiePath("/"); // <2>
// serializer.setDomainNamePattern(""); //with value "" set's the domain of the service e.g scoobydoo.di.uoa.gr
serializer.setDomainName(domain);
return serializer;
}
}

19
src/main/java/eu/dnetlib/openaire/usermanagement/authorization/EntryPoint.java Normal file
View File

@ -0,0 +1,19 @@
package eu.dnetlib.openaire.usermanagement.authorization;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
public class EntryPoint implements AuthenticationEntryPoint {
@Override
public void commence(HttpServletRequest request, HttpServletResponse response,
AuthenticationException authException) throws IOException {
response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authException.getMessage());
}
}

35
src/main/java/eu/dnetlib/openaire/usermanagement/utils/RegisteredServicesUtils.java
View File

@ -1,35 +0,0 @@
package eu.dnetlib.openaire.usermanagement.utils;
import eu.dnetlib.openaire.user.pojos.RegisteredService;
import eu.dnetlib.openaire.user.registeredService.RegisteredServiceDao;
import eu.dnetlib.openaire.user.registeredService.RegisteredServiceSQL;
import org.springframework.stereotype.Component;
import java.sql.SQLException;
@Component
public class RegisteredServicesUtils {
RegisteredServiceDao registeredServiceDao = new RegisteredServiceSQL();
public RegisteredServiceDao getRegisteredServiceDao() {
return registeredServiceDao;
}
public void setRegisteredServiceDao(RegisteredServiceDao registeredServiceDao) {
this.registeredServiceDao = registeredServiceDao;
}
public void addRegistedService(RegisteredService registeredService) throws SQLException {
registeredServiceDao.insertRegisteredService(registeredService);
}
public boolean isAuthorized(String userid, int id) throws SQLException {
RegisteredService registeredService = registeredServiceDao.fetchRegisteredServiceById(id);
if (registeredService == null) {
return false; //no harm in accessing nothing
}
return registeredService.getOwner().equals(userid);
}
}

91
src/main/java/eu/dnetlib/openaire/usermanagement/utils/TokenUtils.java
View File

@ -1,91 +0,0 @@
package eu.dnetlib.openaire.usermanagement.utils;
import com.google.gson.Gson;
import eu.dnetlib.openaire.usermanagement.ServiceResponse;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpHeaders;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpDelete;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.methods.HttpPut;
import org.apache.http.entity.StringEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.List;
@Component
public class TokenUtils {
private Logger logger = Logger.getLogger(TokenUtils.class);
@Value("${oidc.issuer}")
private String issuer;
public String registerService(String serverRequestJSON)
throws IOException {
HttpPost httppost = new HttpPost( issuer + "register");
httppost.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
StringEntity params = new StringEntity(serverRequestJSON);
httppost.setEntity(params);
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpResponse httpResponse = httpclient.execute(httppost);
//System.out.println("HTTP RESPONSE " + httpResponse.getStatusLine().getStatusCode());
if (httpResponse.getStatusLine().getStatusCode() == 201) {
//logger.debug(IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name()));
return IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name());
}
return null;
}
public HttpResponse updateService(String serviceId, String serviceSON, String registeredAccessToken) throws IOException {
HttpPut httpPut = new HttpPut(issuer + "register/"+serviceId);
httpPut.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
httpPut.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + registeredAccessToken);
StringEntity params = new StringEntity(serviceSON.toString());
httpPut.setEntity(params);
CloseableHttpClient httpclient = HttpClients.createDefault();
return httpclient.execute(httpPut);
}
public HttpResponse deleteService(String serviceId, String registeredAccessToken) throws IOException {
//System.out.println("DELETE " + issuer + "register/"+serviceId);
HttpDelete httpDelete = new HttpDelete(issuer + "register/"+serviceId);
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + registeredAccessToken);
CloseableHttpClient httpclient = HttpClients.createDefault();
return httpclient.execute(httpDelete);
}
public ServiceResponse getRegisteredService(String serviceId, String registeredAccessToken) throws IOException {
//System.out.println("ISSUER " + issuer);
HttpGet httpGet = new HttpGet(issuer + "register/"+ serviceId);
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + registeredAccessToken);
CloseableHttpClient httpclient = HttpClients.createDefault();
HttpResponse httpResponse = httpclient.execute(httpGet);
String registeredService = IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name());
//System.out.println(registeredService);
return new Gson().fromJson(registeredService,ServiceResponse.class);
}
public void viewRegisteredServices(List<String> serviceIds, String registeredAccessToken) throws IOException {
for (String serviceId: serviceIds) {
getRegisteredService(serviceId, registeredAccessToken);
}
}
}

10
src/main/resources/eu/dnet/openaire/usermanagement/springContext-dnetOpenaireUsersService.properties
View File

@ -2,3 +2,13 @@ google.recaptcha.secret = 6LfYrU8UAAAAADwrbImPvDo_XcxEZvrkkgMy9yU0
google.recaptcha.key = 6LfYrU8UAAAAAFsl3m2YhP1uavdmAdFEXBkoY_vd
role-management.url = http://mpagasas.di.uoa.gr:8080/dnet-role-management
developers.url = http://mpagasas.di.uoa.gr:5100
# Redis
redis.host = 127.0.0.1
#redis.port = 6379
#redis.password
webbapp.front = http://mpagasas.di.uoa.gr:4200/reload
webbapp.front.path = /
webbapp.front.domain = .di.uoa.gr

8
src/main/webapp/WEB-INF/applicationContext.xml
View File

@ -9,9 +9,7 @@
http://www.springframework.org/schema/context/spring-context-4.2.xsd">
<import resource="classpath*:/eu/dnetlib/openaire/user/springContext-userManagementService.xml" />
<import resource="classpath*:/eu/dnetlib/openaire/user/login/springContext-userLoginCore.xml" />
<import resource="classpath*:/eu/dnetlib/openaire/user/springContext-userManagementService.xml"/>
<context:component-scan base-package="eu.dnetlib.openaire.usermanagement.*"/>
<context:annotation-config />
@ -33,12 +31,10 @@
<value>classpath*:/eu/**/applicationContext*.properties</value>
<value>classpath*:/eu/dnetlib/applicationContext-defaultProperties.properties</value>
<value>classpath*:/eu/**/springContext-userManagementService.properties</value>
<value>classpath*:/eu/**/springContext-userLoginCore.properties</value>
<value>classpath*:/eu/**/springContext-dnetOpenaireUsersService.properties</value>
<value>classpath*:/uoa-override.properties</value>
<value>classpath*:/dnet-override.properties</value>
</list>
</property>
</bean>
</beans>
</beans>

23
src/main/webapp/WEB-INF/springContext-dnetOpenaireUsersService.xml
View File

@ -2,12 +2,27 @@
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:context="http://www.springframework.org/schema/context"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
xmlns:security="http://www.springframework.org/schema/security"
xsi:schemaLocation="http://www.springframework.org/schema/security http://www.springframework.org/schema/security/spring-security-4.2.xsd
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-4.2.xsd
http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-4.2.xsd"
default-autowire="byType">
<context:component-scan base-package="eu.dnetlib.openaire.user.api.services" />
<context:component-scan base-package="eu.dnetlib.openaire.user"/>
<context:annotation-config></context:annotation-config>
</beans>
<bean id="entryPoint" class="eu.dnetlib.openaire.usermanagement.authorization.EntryPoint"/>
<bean id="openIdConnectAuthenticationProvider" class="org.mitre.openid.connect.client.OIDCAuthenticationProvider">
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider ref="openIdConnectAuthenticationProvider" />
</security:authentication-manager>
<security:global-method-security pre-post-annotations="enabled" secured-annotations="enabled" authentication-manager-ref="authenticationManager" />
<security:http auto-config="true" use-expressions="true">
<security:csrf disabled="true"/>
<security:http-basic entry-point-ref="entryPoint"/>
<!-- Permit all requests -->
<security:intercept-url pattern="/**" access="permitAll" />
</security:http>
<context:annotation-config/>
</beans>

79
src/main/webapp/overview.jsp
View File

@ -1,79 +0,0 @@
<%--
Created by IntelliJ IDEA.
User: sofia
Date: 19/10/2017
Time: 4:30 μμ
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<base href=".">
<title>OpenAIRE - APIs Authentication</title>
<script src="./js/jquery.js"></script>
<script src="./js/uikit.min.js"></script>
<script src="./js/validation.js"></script>
<script src="./js/uikit-icons-max.js"></script>
<link rel="stylesheet" style="text/css" href="./css/theme.css">
<link rel="stylesheet" style="text/css" href="./css/custom.css">
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
</head>
<body class="" style="">
<div class="uk-offcanvas-content uk-height-viewport">
<!-- MENU STARTS HERE -->
<jsp:include page="header.jsp"/>
<!-- CONTENT STARTS HERE -->
<div class="first_page_section uk-section-default uk-section uk-padding-remove-vertical">
<div class="first_page_banner_headline uk-grid-collapse uk-flex-middle uk-margin-remove-vertical uk-grid" uk-grid="">
</div>
</div>
<div class=" uk-section uk-margin-small-top uk-container " id="tm-main">
<div class="uk-text-center">
<!-- CENTER SIDE -->
<h2 class="uk-h2 uk-margin-small-bottom">OpenAIRE APIs Authentication</h2>
<div class="uk-margin-top">
The OpenAIRE APIs can be accessed over HTTPS both by authenticated and unauthenticated requests.
To achieve <b>better rate limits</b> you need to make <b>authenticated requests</b>.
</div>
<div class="uk-container uk-container-small uk-margin-top">
<div class="uk-alert-primary uk-alert uk-margin-top-remove">
<span uk-icon="info"></span>
<span class="uk-margin-small-left">For more information please read the <a href="https://graph.openaire.eu/develop/authentication.html" target="_blank">OpenAIRE API Authentication documentation</a>.</span>
</div>
<div class="uk-grid uk-child-width-1-2@m uk-child-width-1-1" uk-grid>
<div>
<div class="uk-card uk-card-default uk-card-body">
<div class=""> <a class="uk-link uk-text-large" href="./personalToken"> Personal token</a></div>
<div>Get access to the OpenAIRE APIs with your personal access and refresh token.</div>
</div>
</div>
<div>
<div class="uk-card uk-card-default uk-card-body ">
<div class=""> <a class="uk-link uk-text-large" href="./registeredServices"> Registered Services</a></div>
<div>Register your services to get access to the OpenAIRE APIs.</div>
</div>
</div>
</div>
</div>
<!-- END OF CENTER SIDE -->
</div>
</div>
<!-- CONTENT ENDS HERE -->
<c:import url="footer.jsp"/>
</div>
</body>
</html>

186
src/main/webapp/personal.jsp
View File

@ -1,186 +0,0 @@
<!DOCTYPE html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>OpenAIRE - Personal token</title>
<script src="./js/jquery.js"></script>
<script src="./js/uikit.min.js"></script>
<script src="./js/uikit-icons-max.js"></script>
<script>
function copy(id) {
var element = document.getElementById(id);
if (document.body.createTextRange) {
range = document.body.createTextRange();
range.moveToElementText(element);
range.select();
} else if (window.getSelection) {
selection = window.getSelection();
range = document.createRange();
range.selectNodeContents(element);
selection.removeAllRanges();
selection.addRange(range);
}
try {
document.execCommand('copy');
UIkit.notification({message: 'Copied to clipboard!', status: 'primary', pos: 'top-right'});
} catch (err) {
console.error('unable to copy text');
}
}
$(document).ready(function () {
document.addEventListener('copy', (event) => {
const selection = document.getSelection();
event.clipboardData.setData('text/plain', selection.toString().trim());
event.preventDefault();
});
});
</script>
<link rel="stylesheet" style="text/css" href="./css/theme.css">
<link rel="stylesheet" style="text/css" href="./css/custom.css">
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon"/>
</head>
<body class="" style="">
<div class="uk-offcanvas-content uk-height-viewport">
<jsp:include page="header.jsp"/>
<div class="first_page_section uk-section-default uk-section uk-padding-remove-vertical">
<div class="first_page_banner_headline uk-grid-collapse uk-flex-middle uk-margin-remove-vertical uk-grid"
uk-grid="">
</div>
</div>
<div class=" uk-section uk-margin-small-top uk-container uk-container-large" id="tm-main">
<div class="uk-grid ">
<div class="uk-width-1-4@m">
<div class="uk-card uk-card-default uk-card-body">
<div class="uk-h4">API Access</div>
<ul class="uk-nav uk-nav-default">
<li class="uk-active"><a href="./personalToken">Personal token</a></li>
<li class=""><a href="./registeredServices">Registered services</a></li>
<%--<li class="uk-parent">
<a href="#">Parent</a>
<ul class="uk-nav-sub">
<li><a href="#">Sub item</a></li>
<li>
<a href="#">Sub item</a>
<ul>
<li><a href="#">Sub item</a></li>
<li><a href="#">Sub item</a></li>
</ul>
</li>
</ul>
</li>--%>
</ul>
</div>
</div>
<!-- CENTER SIDE -->
<div class="uk-width-2-3@l uk-width-2-3@m">
<div>
<span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span>
<c:remove var="message" scope="session"/>
<div class="uk-alert-primary uk-margin-remove-top uk-alert uk-flex uk-flex-middle">
<span uk-icon="info"></span>
<span class="uk-margin-small-left">
For further information on how to use the tokens please visit the
<a href="https://graph.openaire.eu/develop/personalToken.html" target="_blank">OpenAIRE API Authentication documentation</a>.
</span>
</div>
<form id="revoke" name="revoke" action="./personalToken" method="post">
<!-- <a class=" uk-text-danger uk-float-right" title="Revoke access token" onClick="document.revoke.submit();"><span uk-icon="refresh" ></span></a> -->
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Your personal access token is</h4>
<div class="uk-flex uk-flex-middle uk-margin-bottom">
<div class="uk-width-expand">
<pre class="uk-margin-remove-bottom"><code id="accessToken">${accessToken}</code></pre>
</div>
<div class="uk-width-auto uk-padding-small uk-text-center">
<a onclick="copy('accessToken')"
title="Copy access token"><span uk-icon="copy"></span>
</a>
</div>
</div>
<div class="uk-flex uk-flex-middle">
<span uk-icon="info"></span>
<span class="uk-margin-small-left">
Your access token is <span class="uk-text-bold">valid for an hour</span>.
</span>
</div>
<div class="uk-text-danger uk-flex uk-flex-middle uk-margin-small-top">
<span uk-icon="warning"></span>
<span class="uk-margin-small-left">
Do not share your personal access token. Send your personal access token only over HTTPS.
</span>
</div>
</form>
</div>
<div class="uk-section">
<!--<a class=" uk-text-danger uk-float-right" title="Revoke refresh token"><span uk-icon="refresh"></span></a>-->
<c:choose>
<c:when test="${showRefreshToken == true}">
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Your refresh token is</h4>
<div class="uk-flex uk-flex-middle uk-margin-bottom">
<div class="uk-width-expand">
<pre class="uk-margin-remove-bottom"><code id="refreshToken">${refreshToken}</code></pre>
</div>
<div class="uk-width-auto uk-padding-small uk-text-center">
<a onclick="copy('refreshToken')"
title="Copy refreshToken token"><span uk-icon="copy"></span>
</a>
</div>
</div>
<div class="uk-flex uk-flex-middle">
<span uk-icon="info"></span>
<span class="uk-margin-small-left">OpenAIRE refresh token <span class="uk-text-bold">expires after 1 month</span> and allows you to programmatically get a new access token.</span>
</div>
<div class="uk-text-danger uk-flex uk-flex-middle uk-margin-small-top">
<span uk-icon="warning"></span>
<div class="uk-margin-small-left">
<div>Please copy your refresh token and store it confidentially. You will not be able to retrieve it.</div>
<div>Do not share your refresh token. Send your refresh token only over HTTPS.</div>
</div>
</div>
</c:when>
<c:otherwise>
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Do you need a refresh token?</h4>
<div class="uk-flex uk-flex-middle">
<span uk-icon="info"></span>
<span class="uk-margin-small-left">OpenAIRE refresh token <span class="uk-text-bold">expires after 1 month</span> and allows you to programmatically get a new access token.</span>
</div>
<button type="submit" class="uk-button uk-button-primary uk-margin-medium-top" uk-toggle="target: #refreshWarning">Get a
refresh token
</button>
</c:otherwise>
</c:choose>
</div>
<!-- This is the modal -->
<div id="refreshWarning" uk-modal>
<div class="uk-modal-dialog uk-modal-body">
<form id="refreshForm" action="./personalToken" method="POST">
<h2 class="uk-modal-title">Get refresh token</h2>
<p>In case you already have a refresh token, it will no longer be valid. Do you want to
proceed?</p>
<p class="uk-text-right">
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel</button>
<button class="uk-button uk-button-primary uk-margin-small-left" type="button" onclick="submit();">Get
refresh token
</button>
</p>
</form>
</div>
</div>
</div>
<!-- END OF CENTER SIDE -->
</div>
</div>
<!-- CONTENT ENDS HERE -->
<c:import url="footer.jsp"/>
</div>
</body>
</html>

314
src/main/webapp/registerService.jsp
View File

@ -1,314 +0,0 @@
<%--
Created by IntelliJ IDEA.
User: sofia
Date: 19/10/2017
Time: 4:30 μμ
To change this template use File | Settings | File Templates.
--%>
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<base href=".">
<title>OpenAIRE - Register</title>
<script src="./js/jquery.js"></script>
<script src="./js/uikit.min.js"></script>
<script src="./js/uikit-icons-max.js"></script>
<link rel="stylesheet" style="text/css" href="./css/theme.css">
<link rel="stylesheet" style="text/css" href="./css/custom.css">
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon"/>
</head>
<body class="" style="">
<div class="uk-offcanvas-content uk-height-viewport">
<jsp:include page="header.jsp"/>
<!-- CONTENT STARTS HERE -->
<div class=" uk-section uk-margin-small-top uk-container uk-container-large" id="tm-main">
<div class="uk-grid ">
<div class="uk-width-1-4@m">
<div class="uk-card uk-card-default uk-card-body">
<div class="uk-h4">API Access</div>
<ul class="uk-nav uk-nav-default">
<li class=""><a href="./personalToken">Personal token</a></li>
<li class=""><a href="./registeredServices">Registered services</a></li>
</ul>
</div>
</div>
<!-- CENTER SIDE -->
<div class="uk-width-2-3@l uk-width-2-3@m">
<c:choose>
<c:when test="${not empty param.id}">
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Edit service</h4>
</c:when>
<c:otherwise>
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Add a new service</h4>
</c:otherwise>
</c:choose>
<!-- REGISTER FORM -->
<div id="registerForm">
<form action="registerService" method="POST" role="form" class="m-t uk-form-horizontal"
id="register_form">
<input type="hidden" name="id" value="${param.id}"/>
<c:choose>
<c:when test = "${not empty param.id}">
<input type="hidden" name="mode" value="edit"/>
</c:when>
<c:otherwise>
<input type="hidden" name="mode" value="create"/>
</c:otherwise>
</c:choose>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
<div class="alert alert-success" aria-hidden="true" style="display: none;"></div>
<div class="alert alert-danger" aria-hidden="true" style="display: none;"></div>
<div class="uk-margin-medium-top">
<label class="uk-form-label uk-text-bold" for="first_name">Name*</label>
<div class="uk-margin-small">Give a name to your service</div>
<input id="first_name" name="first_name" type="text" placeholder="Name (*)"
class="uk-input ${first_name_error == true?'uk-form-danger':''}"
onkeyup="validate()" onfocusout="nameTouched = true;validate()" value="${(first_name != null)?first_name:''}">
<c:choose>
<c:when test="${first_name_error == true}">
<div id="first_name_error" class="uk-text-danger uk-text-small">Please enter a name for your service.
</div>
</c:when>
<c:otherwise>
<div id="first_name_error" style="display:none;" class="uk-text-danger uk-text-small">Please enter a name for your service.</div>
</c:otherwise>
</c:choose>
<c:remove var="first_name" scope="session"/>
<c:remove var="first_name_error" scope="session"/>
</div>
<div class="uk-margin-medium-top">
<label class="uk-form-label uk-text-bold">Security level</label>
<div id="security-hint" class="uk-margin"></div>
<div class="uk-margin-small-top">
<span class="uk-margin-small-right">
<input id="basic" class="uk-radio uk-margin-small-right" type="radio"
name="security_level"
value="basic" ${key_type == null ? 'checked' : ''}>
<label class="clickable" for="by_value">Basic</label>
</span>
<span>
<input id="advanced" class="uk-radio uk-margin-small-right" type="radio"
name="security_level" value="advanced" ${key_type != null ? 'checked' : ''}>
<label class="clickable" for="by_uri">Advanced</label>
</span>
</div>
</div>
<div id="public-key" class="uk-margin-medium-top">
<label class="uk-form-label uk-text-bold">Public Key</label>
<span class="uk-float-right">
<span class="uk-margin-small-right">
<input id="by_value" class="uk-radio uk-margin-small-right" type="radio"
name="key_type"
value="value" ${(key_type == 'value') ? 'checked' : ''}>
<label class="clickable" for="by_value">By Value</label>
</span>
<span>
<input id="by_uri" class="uk-radio uk-margin-small-right" type="radio"
name="key_type"
value="uri" ${key_type == 'uri' ? 'checked' : ''}>
<label class="clickable" for="by_uri">By URI</label>
</span>
</span>
<c:remove var="key_type" scope="session"/>
<div class="uk-margin">Public Key hint</div>
<div id="value_input">
<textarea id="value" name="value" type="textarea"
placeholder='{"kty": ..., "e": ... , "use": ... , "kid": ..., "alg": ... , "n": ...}'
onfocusout="valueTouched = true;validate()"
onkeyup="validate()"
class="uk-textarea ${value_error == true?'uk-form-danger':''}" rows="10">${(value != null)?value:''}</textarea>
<c:choose>
<c:when test="${value_error == true}">
<div id="value_error" class="uk-text-danger uk-text-small">Please provide a valid JSON. The format should be
{"kty": ..., "e": ... , "use": ... , "kid": ..., "alg": ... , "n": ...} </div>
<c:remove var="value_error" scope="session"/>
</c:when>
<c:otherwise>
<div id="value_error" style="display:none;" class="uk-text-danger uk-text-small">Please provide a valid JSON. The format should be
{"kty": ..., "e": ... , "use": ... , "kid": ..., "alg": ... , "n": ...} </div>
</c:otherwise>
</c:choose>
<c:remove var="value" scope="session"/>
</div>
<div id="uri_input" style="display:none;">
<input id="uri" name="uri" type="text" placeholder="https://" onfocusout="uriTouched = true;validate()"
onkeyup="validate()"
class="uk-input ${uri_error == true?'uk-form-danger':''}" value="${(jwksUri != null)?jwksUri:''}">
<c:choose>
<c:when test="${uri_error == true}">
<div id="uri_error" class="uk-text-danger uk-text-small">
Please provide a valid URI (do not forget the protocol! https://...)
</div>
<c:remove var="uri_error" scope="session"/>
</c:when>
<c:otherwise>
<div id="uri_error" style="display:none;" class="uk-text-danger uk-text-small">
Please provide a valid URI (do not forget the protocol! https://...)
</div>
</c:otherwise>
</c:choose>
<c:remove var="jwksUri" scope="session"/>
</div>
</div>
<div class="uk-flex uk-flex-right uk-margin-medium-top">
<a type="submit" class="uk-button uk-button-default uk-margin-small-right"
href="./registeredServices">Cancel</a>
<button id="create" type="submit" class="uk-button uk-button-primary" onclick="return validate();">
<c:choose>
<c:when test="${not empty param.id}">
Update service
</c:when>
<c:otherwise>
Add new service
</c:otherwise>
</c:choose>
</button>
</div>
</form>
</div>
<!-- END OF REGISTER FORM -->
</ul>
</div>
<!-- END OF CENTER SIDE -->
</div>
</div>
<!-- CONTENT ENDS HERE -->
<c:import url="footer.jsp"/>
</div>
</body>
</html>
<script>
var nameTouched = false;
var valueTouched = false;
var uriTouched = false;
$(document).ready(function () {
checkRadio();
if($('input[name=mode]').val() === 'edit') {
$("#basic").prop("disabled", true);
$("#advanced").prop("disabled", true);
}
if($('#value_error').is(':visible')) {
$("#value_input").get(0).scrollIntoView();
} else if($('#uri_error').is(':visible')) {
$("#uri_input").get(0).scrollIntoView();
}
$('input[type=radio][name=security_level]').change(function () {
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
if(securityLevel === 'advanced') {
$("#by_value").prop("checked", true);
} else {
$("#by_value").prop("checked", false);
$("#by_uri").prop("checked", false);
}
checkRadio();
});
$('input[type=radio][name=key_type]').change(function () {
checkRadio();
});
});
function checkRadio() {
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
if(securityLevel === 'basic') {
$("#security-hint").html('Register your service to get a client id and a client secret. Use the client id and secret to make your requests. <a href="https://graph.openaire.eu/develop/basic.html" target="_blank">Read more...</a>');
$("#public-key").hide();
} else {
$("#security-hint").html('Register your service to get a client id. Declare your public key and instead of using the client secret to make a request, send a client assertion (JWT) signed with your private key. <a href="https://graph.openaire.eu/develop/advanced.html" target="_blank">Read more...</a>');
var keyType = $('input[type=radio][name=key_type]:checked').val();
$("#public-key").show();
if (keyType === 'uri') {
$("#uri_input").show();
$("#value_input").hide();
} else if (keyType === 'value') {
$("#uri_input").hide();
$("#value_input").show();
}
}
validate();
}
function validate() {
var isValid = true;
var create = $('#create');
create.prop('disabled', true);
var name = $("#first_name");
if (name.val() !== undefined) {
if ($.trim(name.val()).length <= 0) {
if (nameTouched) {
name.addClass('uk-form-danger');
$("#first_name_error").show();
}
isValid = false;
} else {
if (nameTouched) {
name.removeClass('uk-form-danger');
$("#first_name_error").hide();
}
}
}
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
if(securityLevel === 'advanced') {
var keyType = $('input[type=radio][name=key_type]:checked');
if (keyType.val() === 'value') {
if (!validateJSON()) {
if (valueTouched) {
$("#value").addClass('uk-form-danger');
$("#value_error").show();
}
isValid = false;
} else {
if (valueTouched) {
$("#value").removeClass('uk-form-danger');
$("#value_error").hide();
}
}
}
if (keyType.val() === 'uri') {
if (!validateURI()) {
if (uriTouched) {
$("#uri").addClass('uk-form-danger');
$("#uri_error").show();
}
isValid = false;
} else {
if (uriTouched) {
$("#uri").removeClass('uk-form-danger');
$("#uri_error").hide();
}
}
}
}
if (isValid) {
create.prop('disabled', false);
}
return isValid;
}
function validateJSON() {
var value = $("#value").val();
if (value !== undefined && value !== "") {
return /^[\],:{}\s]*$/.test(value.replace(/\\["\\\/bfnrtu]/g, '@').replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']').replace(/(?:^|:|,)(?:\s*\[)+/g, ''));
}
return false;
}
function validateURI() {
var value = $("#uri").val();
if (value !== undefined && value !== "") {
return /^(?:(?:(?:https):)?\/\/)(?:\S+(?::\S*)?@)?(?:(?!(?:10|127)(?:\.\d{1,3}){3})(?!(?:169\.254|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\u00a1-\uffff0-9]-*)*[a-z\u00a1-\uffff0-9]+)(?:\.(?:[a-z\u00a1-\uffff0-9]-*)*[a-z\u00a1-\uffff0-9]+)*(?:\.(?:[a-z\u00a1-\uffff]{2,})))(?::\d{2,5})?(?:[/?#]\S*)?$/i.test(value);
}
return false;
}
</script>

191
src/main/webapp/registeredServices.jsp
View File

@ -1,191 +0,0 @@
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<!DOCTYPE html>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<base href=".">
<title>OpenAIRE - Registered services</title>
<script src="./js/jquery.js"></script>
<script src="./js/uikit.min.js"></script>
<script src="./js/validation.js"></script>
<script src="./js/uikit-icons-max.js"></script>
<link rel="stylesheet" style="text/css" href="./css/theme.css">
<link rel="stylesheet" style="text/css" href="./css/custom.css">
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon"/>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
</head>
<body class="" style="" onload="success();">
<div class="uk-offcanvas-content uk-height-viewport">
<jsp:include page="header.jsp"/>
<!-- CONTENT STARTS HERE -->
<div class=" uk-section uk-margin-small-top uk-container uk-container-large" id="tm-main">
<div class="uk-grid ">
<div class="uk-width-1-4@m">
<div class="uk-card uk-card-default uk-card-body">
<div class="uk-h4">API Access</div>
<ul class="uk-nav uk-nav-default">
<li class=""><a href="./personalToken">Personal token</a></li>
<li class="uk-active"><a href="./registeredServices">Registered services</a></li>
</ul>
</div>
</div>
<!-- CENTER SIDE -->
<div class="uk-width-2-3@l uk-width-2-3@m">
<div class="uk-grid" uk-grid>
<div class="uk-width-expand@m">
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Registered services</h4>
<c:if test="${message != null}">
<div class="uk-text-danger uk-margin-small-bottom">${message}</div>
<c:remove var="message" scope="session"/>
</c:if>
</div>
<div class="uk-text-center uk-width-auto@m">
<c:choose>
<c:when test="${not reachedLimit}">
<a class="uk-button uk-button-primary" href="./registerService">
<span class="uk-icon" uk-icon="icon:plus-circle"></span>
<span class="uk-margin-small-left">New service</span>
</a>
</c:when>
<c:otherwise>
<button class="uk-button uk-button-default" disabled>
<span class="uk-icon" uk-icon="icon:plus-circle"></span>
<span class="uk-margin-small-left">New service</span>
</button>
</c:otherwise>
</c:choose>
<c:remove var="reachedLimit" scope="session"/>
</div>
</div>
<div class="uk-margin-top">
<div class="uk-alert-primary uk-alert uk-margin-top-remove uk-flex uk-flex-middle">
<span uk-icon="info"></span>
<span class="uk-margin-small-left">You can register up to 5 services.
For more information please read the <a href="https://graph.openaire.eu/develop/authentication.html" target="_blank">OpenAIRE API Authentication documentation</a>.</span>
</div>
<c:if test="${reachedLimit}">
<div class="uk-alert-warning uk-flex uk-flex-middle uk-margin-small-top">
<span uk-icon="warning"></span>
<span class="uk-margin-small-left">You have reached the maximum size of allowed registered services.</span>
</div>
</c:if>
<c:if test="${empty registeredServices && showEmptyList}">
<div class="uk-text-center">You have not registered any service yet!</div>
</c:if>
<c:if test="${registeredServices.size() > 0}">
<ul class="uk-list uk-list-divider">
<li>
<div class="uk-grid uk-child-width-1-4 uk-text-muted" uk-grid>
<div>Name</div>
<div>Client Id</div>
<div>Creation Date</div>
<div>Actions</div>
</div>
</li>
<c:forEach items="${registeredServices}" var="registeredService" varStatus="loop">
<c:set var="key" value="${registeredService.id}"/>
<li>
<div class="uk-grid uk-child-width-1-4" uk-grid>
<div>
<a uk-toggle="target: #details${registeredService.id}; animation: uk-animation-fade">
<span>${registeredService.name}</span>
<span class="space" uk-icon="icon:info;ratio:0.7"></span>
</a>
</div>
<div>
<span>${registeredService.clientId}</span>
</div>
<div><fmt:formatDate value="${registeredService.date}"
pattern="dd-MM-yyyy HH:mm"/>
</div>
<div>
<a href="./registerService?id=${registeredService.id}" class="uk-margin-small-right">
<span uk-icon="pencil"></span>
</a>
<a class="uk-text-danger" uk-icon="trash" uk-toggle="target: #modal${registeredService.id}"></a>
<!-- This is the modal -->
<div id="modal${registeredService.id}" uk-modal>
<div class="uk-modal-dialog uk-modal-body">
<form name="delete${registeredService.id}"
id="delete${registeredService.id}" method="post">
<input type="hidden" name="id"
value="${registeredService.id}"/>
<h2 class="uk-margin-remove-top">Delete service</h2>
<div class="uk-margin-medium-bottom">
Are you sure you want to delete the
'${registeredService.name}' service? You cannot undo
this action!
</div>
<div class="uk-text-right">
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel
</button>
<button class="uk-button uk-button-danger uk-margin-small-left" type="button"
onclick="document.delete${registeredService.id}.submit();document.getElementById('modal${registeredService.id}').style.visibility='hidden';">
Delete
</button>
</div>
</form>
</div>
</div>
</div>
</div>
</li>
<li id="details${registeredService.id}" hidden="hidden">
<div class="uk-alert">
<p><span class="uk-text-primary">Name:</span> ${services[key].clientName}</p>
<p><span class="uk-text-primary">Client Id:</span> ${services[key].clientId}</p>
<p><span class="uk-text-primary">Scope:</span> openid</p>
<p><span class="uk-text-primary">Grant type:</span> client credentials</p>
<c:choose>
<c:when test="${registeredService.keyType == null}">
<p><span class="uk-text-primary">Client secret:</span> ${services[key].clientSecret}</p>
<p><span class="uk-text-primary">Authentication Method</span> Client Secret Basic</p>
</c:when>
<c:otherwise>
<p><span class="uk-text-primary">Authentication Method</span> Asymmetrically-signed JWT assertion</p>
<p><span class="uk-text-primary">Token Endpoint Authentication Signing Algorithm</span> RSASSA using
SHA-256 hash algorithm</p>
<p><span class="uk-text-primary">Public Key</span>
<pre><code>${keys[key]}</code></pre>
</p>
</c:otherwise>
</c:choose>
<p><span class="uk-text-primary">Creation Date:</span>
<jsp:useBean id="date" class="java.util.Date"/>
<jsp:setProperty name="date" property="time" value="${services[key].clientIdIssuedAt*1000}"/>
<fmt:formatDate value="${date}"
pattern="dd-MM-yyyy HH:mm"/>
</p>
</div>
</li>
</c:forEach>
</ul>
</c:if>
</div>
<!-- END OF CENTER SIDE -->
</div>
</div>
</div>
<!-- CONTENT ENDS HERE -->
<c:import url="footer.jsp"/>
</body>
</html>
<script>
function success() {
if('${success}' !=='')
UIkit.modal.alert('${success}');
}
</script>
<c:remove var="success" scope="session"/>