diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java
index 94f9237..0fbe4f3 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/OverviewServlet.java
@@ -1,6 +1,7 @@
package eu.dnetlib.openaire.usermanagement;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
+import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import javax.servlet.ServletException;
@@ -19,6 +20,7 @@ public class OverviewServlet extends HttpServlet {
if (isAuthenticated) {
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
+
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
request.getSession().setAttribute("authenticated", isAuthenticated);
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java
index a7d2007..d422e2a 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServiceServlet.java
@@ -195,7 +195,9 @@ public class RegisterServiceServlet extends HttpServlet {
if (mode.equals("create")) {
//Careful! Redirects in method
- checkNumberOfRegisteredServices(request, response, authentication);
+ if (!checkNumberOfRegisteredServices(request, response, authentication)) {
+ return;
+ }
String serverRequestJSON = null;
if(keyType == null) {
serverRequestJSON = createServiceJson(null, name, email);
@@ -223,7 +225,7 @@ public class RegisterServiceServlet extends HttpServlet {
if(registeredService.getKeyType() != null) {
request.getSession().setAttribute("success",
"Your service has been successfully registered!
" +
- "Client ID: " + serviceResponse.getClientId());
+ "Client ID: " + serviceResponse.getClientId());
} else {
request.getSession().setAttribute("success",
"Your service has been successfully registered!
" +
@@ -256,61 +258,63 @@ public class RegisterServiceServlet extends HttpServlet {
if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) {
request.getSession().setAttribute("message", "You have no permission to edit the service.");
response.sendRedirect("./registeredServices");
- }
- RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt);
- if (registeredService != null && registeredService.getClientId() != null) {
- String serverRequestJSON = null;
- if (keyType == null) {
- serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email);
- } else if (keyType.equals("uri")) {
- serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri);
- } else if (keyType.equals("value")) {
- serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks);
- }
- if (serverRequestJSON != null) {
- System.out.println("SERVER JSON " + serverRequestJSON);
- HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken());
- if (resp.getStatusLine().getStatusCode() == 200) {
- System.out.println("NAME >>>>" + name);
- registeredService.setName(name);
+ } else {
- System.out.println("Client Id " + registeredService.getClientId());
- try {
- registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
- } catch (SQLException sqle) {
- logger.error("Unable to contact db.", sqle);
- request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
- response.setContentType("text/html");
- request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
- return;
- }
- request.getSession().setAttribute("success",
- "Your service has been successfully updated!
" +
- "Client ID: " + registeredService.getClientId());
+ RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt);
+ if (registeredService != null && registeredService.getClientId() != null) {
+ String serverRequestJSON = null;
+ if (keyType == null) {
+ serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email);
+ } else if (keyType.equals("uri")) {
+ serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri);
+ } else if (keyType.equals("value")) {
+ serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks);
}
+ if (serverRequestJSON != null) {
+ System.out.println("SERVER JSON " + serverRequestJSON);
+ HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken());
+ if (resp.getStatusLine().getStatusCode() == 200) {
+ System.out.println("NAME >>>>" + name);
+ registeredService.setName(name);
+ System.out.println("Client Id " + registeredService.getClientId());
+ try {
+ registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
+ } catch (SQLException sqle) {
+ logger.error("Unable to contact db.", sqle);
+ request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
+ response.setContentType("text/html");
+ request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
+ return;
+ }
+ request.getSession().setAttribute("success",
+ "Your service has been successfully updated!
" +
+ "Client ID: " + registeredService.getClientId());
+ }
+
+ } else {
+ request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
+ response.sendRedirect("./registeredServices");
+ return;
+ }
} else {
- request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
+ logger.error("Service request JSON is null");
+ request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
response.sendRedirect("./registeredServices");
return;
}
- } else {
- logger.error("Service request JSON is null");
- request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
- response.sendRedirect("./registeredServices");
- return;
}
- } catch(SQLException sqle){
- logger.error("Unable to access service with id " + serviceId, sqle);
- request.getSession().setAttribute("message", "There was an error accessing your service.");
- response.sendRedirect("./registeredServices");
+ } catch(SQLException sqle){
+ logger.error("Unable to access service with id " + serviceId, sqle);
+ request.getSession().setAttribute("message", "There was an error accessing your service.");
+ response.sendRedirect("./registeredServices");
- } catch(NumberFormatException nfe){
- logger.error("Unable to access service with id " + serviceId, nfe);
- request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
- response.sendRedirect("./registeredServices");
- }
+ } catch(NumberFormatException nfe){
+ logger.error("Unable to access service with id " + serviceId, nfe);
+ request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
+ response.sendRedirect("./registeredServices");
+ }
}
}
@@ -358,21 +362,24 @@ public class RegisterServiceServlet extends HttpServlet {
return name != null && !name.isEmpty();
}
- private void checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
+ private boolean checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
try {
long numberOfRegisteredServices =
registeredServicesUtils.getRegisteredServiceDao().countRegisteredServices(authentication.getSub());
if (numberOfRegisteredServices >= 5) {
response.sendRedirect("./registeredServices"); // The message there already exists.
+ return false;
}
} catch (SQLException sqle) {
logger.error("Unable to count registered services.", sqle);
request.getSession().setAttribute("message", "Unable to contact DB. Please try again later.");
response.sendRedirect("./registeredServices");
- return;
+ return false;
}
+
+ return true;
}
private static String createServiceJson(String clientId, String name, String email) {
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java
index 495ddb1..b200f30 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/RegisteredServicesServlet.java
@@ -155,6 +155,6 @@ public class RegisteredServicesServlet extends HttpServlet {
}
private boolean reachedMaximumNumberOfServices(List registeredServices) {
- return registeredServices.size() == 5;
+ return registeredServices.size() >= 5;
}
}
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java
index c6f1ae2..27ef2f0 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/utils/AuthenticationUtils.java
@@ -1,6 +1,7 @@
package eu.dnetlib.openaire.usermanagement.utils;
import com.google.gson.JsonParser;
+import eu.dnetlib.openaire.usermanagement.api.Test3Service;
import org.apache.commons.io.IOUtils;
import org.apache.http.HttpResponse;
import org.apache.http.NameValuePair;
@@ -9,7 +10,9 @@ import org.apache.http.client.methods.HttpPost;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.message.BasicNameValuePair;
+import org.apache.log4j.Logger;
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
+import org.springframework.beans.factory.annotation.Value;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
@@ -24,6 +27,18 @@ import java.util.regex.Matcher;
import java.util.regex.Pattern;
public class AuthenticationUtils {
+
+ @Value("${oidc.issuer}")
+ private String issuer;
+
+ @Value("${oidc.secret}")
+ private String secret;
+
+ @Value("${oidc.id}")
+ private String id;
+
+ private Logger logger = Logger.getLogger(AuthenticationUtils.class);
+
public static boolean isAuthenticated(OIDCAuthenticationToken authenticationToken) {
if (authenticationToken != null) {
return true;
@@ -38,4 +53,50 @@ public class AuthenticationUtils {
long exp = new JsonParser().parse(new String(Base64.getDecoder().decode(matcher.group(2)))).getAsJsonObject().get("exp").getAsLong();
return (exp - (new Date().getTime()/1000)<=0);
}
+
+ /*
+ public void refreshAccessToken(String refreshToken) {
+ //TODO fix this
+ if (refreshToken == null || refreshToken.isEmpty()) {
+ return;
+ }
+
+ CloseableHttpClient httpclient = HttpClients.createDefault();
+ HttpPost httppost = new HttpPost(issuer+"/token");
+
+ // Request parameters and other properties.
+ List params = new ArrayList();
+ params.add(new BasicNameValuePair("client_id", id));
+ params.add(new BasicNameValuePair("client_secret", secret));
+ params.add(new BasicNameValuePair("grant_type", "refresh_token"));
+ params.add(new BasicNameValuePair("refresh_token", refreshToken));
+ params.add(new BasicNameValuePair("scope", "openid"));
+
+ HttpResponse response = null;
+
+ try {
+ httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
+ //Execute and get the response.
+ response = httpclient.execute(httppost);
+ org.apache.http.HttpEntity entity = response.getEntity();
+
+ //TODO fix this
+ if (response.getStatusLine().getStatusCode() == 401) {
+ return;
+ }
+
+ String serverMessage = IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name());
+
+ } catch (UnsupportedEncodingException uee) {
+ logger.error(uee);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(, 500, "Fail to get access token.", uee.getMessage()))
+ .type(MediaType.APPLICATION_JSON).build();
+
+ } catch (IOException ioe) {
+ logger.error(ioe);
+ return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity(String.format(, 500, "Fail to get access token.", ioe.getMessage()))
+ .type(MediaType.APPLICATION_JSON).build();
+
+ }
+ }*/
}
diff --git a/src/main/webapp/registerService.jsp b/src/main/webapp/registerService.jsp
index a78d162..95c0cd0 100644
--- a/src/main/webapp/registerService.jsp
+++ b/src/main/webapp/registerService.jsp
@@ -166,7 +166,7 @@