Adding the first version of personal tokens page
This commit is contained in:
parent
8b58ee13f5
commit
4452f81249
16
pom.xml
16
pom.xml
|
@ -52,6 +52,16 @@
|
||||||
<artifactId>jstl</artifactId>
|
<artifactId>jstl</artifactId>
|
||||||
<version>1.2</version>
|
<version>1.2</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>javax.servlet</groupId>
|
||||||
|
<artifactId>javax.servlet-api</artifactId>
|
||||||
|
<version>3.0.1</version>
|
||||||
|
</dependency>
|
||||||
|
<dependency>
|
||||||
|
<groupId>eu.dnetlib</groupId>
|
||||||
|
<artifactId>uoa-user-management</artifactId>
|
||||||
|
<version>2.0.0-SNAPSHOT</version>
|
||||||
|
</dependency>
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>org.springframework.security</groupId>
|
<groupId>org.springframework.security</groupId>
|
||||||
<artifactId>spring-security-core</artifactId>
|
<artifactId>spring-security-core</artifactId>
|
||||||
|
@ -72,12 +82,6 @@
|
||||||
<artifactId>gson</artifactId>
|
<artifactId>gson</artifactId>
|
||||||
<version>2.6.2</version>
|
<version>2.6.2</version>
|
||||||
</dependency>
|
</dependency>
|
||||||
<dependency>
|
|
||||||
<groupId>javax.servlet</groupId>
|
|
||||||
<artifactId>javax.servlet-api</artifactId>
|
|
||||||
<version>3.0.1</version>
|
|
||||||
<scope>provided</scope>
|
|
||||||
</dependency>
|
|
||||||
<dependency>
|
<dependency>
|
||||||
<groupId>commons-io</groupId>
|
<groupId>commons-io</groupId>
|
||||||
<artifactId>commons-io</artifactId>
|
<artifactId>commons-io</artifactId>
|
||||||
|
|
|
@ -0,0 +1,33 @@
|
||||||
|
package eu.dnetlib.openaire.usermanagement;
|
||||||
|
|
||||||
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||||
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
|
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||||
|
|
||||||
|
import javax.servlet.ServletConfig;
|
||||||
|
import javax.servlet.ServletException;
|
||||||
|
import javax.servlet.http.HttpServlet;
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
|
import javax.servlet.http.HttpServletResponse;
|
||||||
|
import javax.ws.rs.core.Response;
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.io.PrintWriter;
|
||||||
|
|
||||||
|
public class PersonalTokenServlet extends HttpServlet {
|
||||||
|
|
||||||
|
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||||
|
throws ServletException, IOException {
|
||||||
|
response.setContentType("text/html");
|
||||||
|
PrintWriter printWriter = response.getWriter();
|
||||||
|
|
||||||
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
System.out.println(authentication);
|
||||||
|
|
||||||
|
request.getSession().setAttribute("accessToken", authentication.getAccessTokenValue());
|
||||||
|
request.getSession().setAttribute("refreshToken", authentication.getRefreshTokenValue());
|
||||||
|
System.out.println("LALALLALLALALALA" + authentication.getAccessTokenValue());
|
||||||
|
|
||||||
|
request.getRequestDispatcher("./personal.jsp").include(request, response);
|
||||||
|
}
|
||||||
|
}
|
|
@ -8,7 +8,8 @@ import com.google.gson.JsonObject;
|
||||||
import com.google.gson.JsonParser;
|
import com.google.gson.JsonParser;
|
||||||
import eu.dnetlib.openaire.user.dao.SQLMigrationUserDAO;
|
import eu.dnetlib.openaire.user.dao.SQLMigrationUserDAO;
|
||||||
import eu.dnetlib.openaire.user.ldap.MUserActionsLDAP;
|
import eu.dnetlib.openaire.user.ldap.MUserActionsLDAP;
|
||||||
import eu.dnetlib.openaire.user.login.utils.AuthoritiesMapper;
|
//import eu.dnetlib.openaire.user.login.utils.AuthoritiesMapper;
|
||||||
|
import eu.dnetlib.openaire.user.login.authorization.OpenAIREAuthoritiesMapper;
|
||||||
import eu.dnetlib.openaire.user.pojos.migration.LDAPUser;
|
import eu.dnetlib.openaire.user.pojos.migration.LDAPUser;
|
||||||
import eu.dnetlib.openaire.user.store.DataSourceConnector;
|
import eu.dnetlib.openaire.user.store.DataSourceConnector;
|
||||||
import org.apache.commons.io.IOUtils;
|
import org.apache.commons.io.IOUtils;
|
||||||
|
@ -25,6 +26,7 @@ import org.mitre.openid.connect.model.UserInfo;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
import org.springframework.beans.factory.annotation.Value;
|
import org.springframework.beans.factory.annotation.Value;
|
||||||
import org.springframework.http.*;
|
import org.springframework.http.*;
|
||||||
|
import org.springframework.security.access.prepost.PreAuthorize;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
||||||
import org.springframework.stereotype.Component;
|
import org.springframework.stereotype.Component;
|
||||||
|
@ -32,10 +34,12 @@ import org.springframework.web.bind.annotation.CookieValue;
|
||||||
import org.springframework.web.client.DefaultResponseErrorHandler;
|
import org.springframework.web.client.DefaultResponseErrorHandler;
|
||||||
import org.springframework.web.client.RestTemplate;
|
import org.springframework.web.client.RestTemplate;
|
||||||
|
|
||||||
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.ws.rs.GET;
|
import javax.ws.rs.GET;
|
||||||
import javax.ws.rs.Path;
|
import javax.ws.rs.Path;
|
||||||
import javax.ws.rs.Produces;
|
import javax.ws.rs.Produces;
|
||||||
import javax.ws.rs.QueryParam;
|
import javax.ws.rs.QueryParam;
|
||||||
|
import javax.ws.rs.core.Context;
|
||||||
import javax.ws.rs.core.MediaType;
|
import javax.ws.rs.core.MediaType;
|
||||||
import javax.ws.rs.core.Response;
|
import javax.ws.rs.core.Response;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
@ -46,6 +50,7 @@ import java.util.ArrayList;
|
||||||
import java.util.HashSet;
|
import java.util.HashSet;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
|
import eu.dnetlib.openaire.user.login.utils.AuthoritiesMapper;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Created by sofia on 24/11/2016.
|
* Created by sofia on 24/11/2016.
|
||||||
|
@ -56,6 +61,9 @@ public class Test3Service {
|
||||||
|
|
||||||
private static final Logger logger = Logger.getLogger(Test3Service.class);
|
private static final Logger logger = Logger.getLogger(Test3Service.class);
|
||||||
|
|
||||||
|
public static final String errorMessage = "{ \"status\" : \"error\", \"code\" : \"%s\", \"message\" : \"%s\", \"description\" : \"%s\" }";
|
||||||
|
|
||||||
|
|
||||||
@Autowired
|
@Autowired
|
||||||
private SQLMigrationUserDAO sqlMigrationUserDAO;
|
private SQLMigrationUserDAO sqlMigrationUserDAO;
|
||||||
|
|
||||||
|
@ -74,6 +82,76 @@ public class Test3Service {
|
||||||
@Value("${oidc.id}")
|
@Value("${oidc.id}")
|
||||||
private String id;
|
private String id;
|
||||||
|
|
||||||
|
@GET
|
||||||
|
@PreAuthorize("hasAuthority('ROLE_USER')")
|
||||||
|
@Path("/getRefreshToken")
|
||||||
|
public Response getRefreshToken(){
|
||||||
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
return Response.status(200).entity(authentication.getRefreshTokenValue()).build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@GET
|
||||||
|
@PreAuthorize("hasAuthority('ROLE_USER')")
|
||||||
|
@Path("/getJWTToken")
|
||||||
|
public Response getAccessToken(){
|
||||||
|
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||||
|
return Response.status(200).entity(authentication.getAccessTokenValue()).build();
|
||||||
|
}
|
||||||
|
|
||||||
|
@GET
|
||||||
|
@Path("/getAccessToken")
|
||||||
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
|
public Response getAccessTokenFromRefreshToken(@Context final HttpServletRequest request){
|
||||||
|
|
||||||
|
String header = request.getHeader("Authorization");
|
||||||
|
|
||||||
|
if (header == null || !header.startsWith("Bearer ")) {
|
||||||
|
return Response.status(Response.Status.BAD_REQUEST)
|
||||||
|
.entity(String.format(errorMessage, 400, "No JWT token found in request headers", "No JWT token found in request headers")).build();
|
||||||
|
}
|
||||||
|
|
||||||
|
String refreshToken = header.substring(7);
|
||||||
|
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||||
|
HttpPost httppost = new HttpPost(issuer+"/token");
|
||||||
|
|
||||||
|
// Request parameters and other properties.
|
||||||
|
List<NameValuePair> params = new ArrayList<NameValuePair>();
|
||||||
|
params.add(new BasicNameValuePair("client_id", id));
|
||||||
|
params.add(new BasicNameValuePair("client_secret", secret));
|
||||||
|
params.add(new BasicNameValuePair("grant_type", "refresh_token"));
|
||||||
|
params.add(new BasicNameValuePair("refresh_token", refreshToken));
|
||||||
|
params.add(new BasicNameValuePair("scope", "openid email profile offline_access"));
|
||||||
|
|
||||||
|
HttpResponse response = null;
|
||||||
|
|
||||||
|
try {
|
||||||
|
httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
|
||||||
|
//Execute and get the response.
|
||||||
|
|
||||||
|
response = httpclient.execute(httppost);
|
||||||
|
|
||||||
|
org.apache.http.HttpEntity entity = response.getEntity();
|
||||||
|
logger.debug("entity " + response.getEntity());
|
||||||
|
|
||||||
|
logger.debug("I am here");
|
||||||
|
String serverMessage = IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name());
|
||||||
|
|
||||||
|
return Response.status(response.getStatusLine().getStatusCode())
|
||||||
|
.entity(serverMessage).type(MediaType.APPLICATION_JSON).build();
|
||||||
|
|
||||||
|
} catch (UnsupportedEncodingException uee) {
|
||||||
|
logger.error(uee);
|
||||||
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", uee.getMessage()))
|
||||||
|
.type(MediaType.APPLICATION_JSON).build();
|
||||||
|
|
||||||
|
} catch (IOException ioe) {
|
||||||
|
logger.error(ioe);
|
||||||
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", ioe.getMessage()))
|
||||||
|
.type(MediaType.APPLICATION_JSON).build();
|
||||||
|
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@GET
|
@GET
|
||||||
@Path("/getToken")
|
@Path("/getToken")
|
||||||
@Produces(MediaType.APPLICATION_JSON)
|
@Produces(MediaType.APPLICATION_JSON)
|
||||||
|
@ -101,11 +179,16 @@ public class Test3Service {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
} catch (UnsupportedEncodingException e) {
|
} catch (UnsupportedEncodingException uee) {
|
||||||
logger.error(e);
|
logger.error(uee);
|
||||||
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", uee.getMessage()))
|
||||||
|
.type(MediaType.APPLICATION_JSON).build();
|
||||||
|
|
||||||
|
} catch (IOException ioe) {
|
||||||
|
logger.error(ioe);
|
||||||
|
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(errorMessage, 500, "Fail to get access token.", ioe.getMessage()))
|
||||||
|
.type(MediaType.APPLICATION_JSON).build();
|
||||||
|
|
||||||
} catch (IOException e) {
|
|
||||||
logger.error(e);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
return Response.status(200).type(MediaType.APPLICATION_JSON).build();
|
return Response.status(200).type(MediaType.APPLICATION_JSON).build();
|
||||||
|
|
|
@ -142,6 +142,17 @@
|
||||||
<url-pattern>/verifyToDelete</url-pattern>
|
<url-pattern>/verifyToDelete</url-pattern>
|
||||||
</servlet-mapping>
|
</servlet-mapping>
|
||||||
|
|
||||||
|
<servlet>
|
||||||
|
<servlet-name>PersonalTokenServlet</servlet-name>
|
||||||
|
<display-name>Activate</display-name>
|
||||||
|
<servlet-class>eu.dnetlib.openaire.usermanagement.PersonalTokenServlet</servlet-class>
|
||||||
|
<load-on-startup>1</load-on-startup>
|
||||||
|
</servlet>
|
||||||
|
|
||||||
|
<servlet-mapping>
|
||||||
|
<servlet-name>PersonalTokenServlet</servlet-name>
|
||||||
|
<url-pattern>/personalToken</url-pattern>
|
||||||
|
</servlet-mapping>
|
||||||
|
|
||||||
<filter>
|
<filter>
|
||||||
<filter-name>CorsFilter</filter-name>
|
<filter-name>CorsFilter</filter-name>
|
||||||
|
@ -185,7 +196,7 @@
|
||||||
<url-pattern>/*</url-pattern>
|
<url-pattern>/*</url-pattern>
|
||||||
</filter-mapping>
|
</filter-mapping>
|
||||||
|
|
||||||
<error-page>
|
<!--error-page>
|
||||||
<error-code>500</error-code>
|
<error-code>500</error-code>
|
||||||
<location>/error.jsp</location>
|
<location>/error.jsp</location>
|
||||||
</error-page>
|
</error-page>
|
||||||
|
@ -208,6 +219,6 @@
|
||||||
<error-page>
|
<error-page>
|
||||||
<error-code>405</error-code>
|
<error-code>405</error-code>
|
||||||
<location>/error.jsp</location>
|
<location>/error.jsp</location>
|
||||||
</error-page>
|
</error-page-->
|
||||||
|
|
||||||
</web-app>
|
</web-app>
|
||||||
|
|
|
@ -0,0 +1,104 @@
|
||||||
|
<!DOCTYPE html>
|
||||||
|
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||||
|
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
|
||||||
|
<head>
|
||||||
|
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||||
|
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||||
|
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||||
|
<title>OpenAIRE - Forgot password</title>
|
||||||
|
<script src="./js/jquery.js"></script>
|
||||||
|
<script src="./js/uikit.js"></script>
|
||||||
|
<link rel="stylesheet" style="text/css" href="./css/theme.css">
|
||||||
|
<link rel="stylesheet" style="text/css" href="./css/custom.css">
|
||||||
|
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
|
||||||
|
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
|
||||||
|
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
|
||||||
|
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
|
||||||
|
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
|
||||||
|
<script src='https://www.google.com/recaptcha/api.js'></script>
|
||||||
|
</head>
|
||||||
|
<body class="" style="">
|
||||||
|
<div class="uk-offcanvas-content uk-height-viewport">
|
||||||
|
<!-- MENU STARTS HERE -->
|
||||||
|
<!-- MAIN MENU STARTS HERE -->
|
||||||
|
<div class="tm-header tm-header-transparent" uk-header="">
|
||||||
|
<div class="uk-container uk-container-expand">
|
||||||
|
<nav class="uk-navbar" uk-navbar="{"align":"left"}">
|
||||||
|
<div class="uk-navbar-center">
|
||||||
|
<div class="uk-logo uk-navbar-item">
|
||||||
|
<img alt="OpenAIRE" class="uk-responsive-height" src="./images/Logo_Horizontal.png">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</nav>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<!-- MENU ENDS HERE -->
|
||||||
|
<!-- CONTENT STARTS HERE -->
|
||||||
|
<div class="first_page_section uk-section-default uk-section uk-padding-remove-vertical">
|
||||||
|
<div class="first_page_banner_headline uk-grid-collapse uk-flex-middle uk-margin-remove-vertical uk-grid" uk-grid="">
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div class=" uk-section uk-margin-small-top tm-middle custom-main-content" id="tm-main">
|
||||||
|
<div uk-grid="" class="uk-grid uk-grid-stack">
|
||||||
|
<div class="tm-main uk-width-2-3@s uk-width-2-3@m uk-width-3-4@l uk-row-first uk-first-column uk-align-center">
|
||||||
|
<div class="uk-grid ">
|
||||||
|
<!-- CENTER SIDE -->
|
||||||
|
<div class="uk-width-1-1@m uk-width-1-1@s uk-text-left">
|
||||||
|
<!-- <h3 class="uk-h3">Create an account</h3> -->
|
||||||
|
<div class="middle-box text-center animated fadeInDown ">
|
||||||
|
|
||||||
|
<div class="uk-width-2-3@l uk-width-2-3@m uk-align-center">
|
||||||
|
|
||||||
|
<p>
|
||||||
|
Your personal access token is
|
||||||
|
<pre><code>${accessToken}</code></pre>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<p>
|
||||||
|
Your refresh token is
|
||||||
|
<pre><code>${refreshToken}</code></pre>
|
||||||
|
</p>
|
||||||
|
|
||||||
|
<div class="uk-alert-danger" uk-alert>
|
||||||
|
<p><b>Do not share your personal access token. Send your personal access token only over HTTPS.</b></p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="uk-alert-primary" uk-alert>
|
||||||
|
For further information on how to use the tokens please visit the <a href="">OpenAIRE API Authentication documentation<a>.
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<!-- END OF CENTER SIDE -->
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<!-- CONTENT ENDS HERE -->
|
||||||
|
<!-- FOOTER STARTS HERE-->
|
||||||
|
<div class="custom-footer" style="z-index: 200;">
|
||||||
|
<div class="uk-section-primary uk-section uk-section-small">
|
||||||
|
<div class="uk-container">
|
||||||
|
<div class="uk-grid-margin uk-grid uk-grid-stack" uk-grid="">
|
||||||
|
<div class="uk-width-1-1@m uk-first-column">
|
||||||
|
<div class="uk-margin uk-margin-remove-top uk-margin-remove-bottom uk-text-center">
|
||||||
|
<img alt="OpenAIRE" class="el-image" src="./images/Logo_Horizontal_white_small.png">
|
||||||
|
</div>
|
||||||
|
<div class="footer-license uk-margin uk-margin-remove-bottom uk-text-center uk-text-lead">
|
||||||
|
<div><a href="http://creativecommons.org/licenses/by/4.0/" target="_blank" rel="license"><img alt="Creative" src="./images/80x15.png" style="height: auto; max-width: 100%; vertical-align: middle;"></a> UNLESS OTHERWISE INDICATED, ALL MATERIALS CREATED BY THE OPENAIRE CONSORTIUM ARE LICENSED UNDER A <a href="http://creativecommons.org/licenses/by/4.0/" rel="license">CREATIVE COMMONS ATTRIBUTION 4.0 INTERNATIONAL LICENSE</a>.</div>
|
||||||
|
<div>OPENAIRE IS POWERED BY <a href="http://www.d-net.research-infrastructures.eu/">D-NET</a>.</div>
|
||||||
|
</div>
|
||||||
|
<div class="uk-margin uk-margin-remove-top uk-margin-remove-bottom uk-text-right">
|
||||||
|
<a class="uk-totop uk-icon" href="#" uk-scroll="" uk-totop="">
|
||||||
|
</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div> <!-- FOOTER ENDS HERE -->
|
||||||
|
</div>
|
||||||
|
</body>
|
||||||
|
</html>
|
Loading…
Reference in New Issue