mainly delete and revoke added.
This commit is contained in:
parent
f106d42191
commit
4c5687f36a
|
|
@ -30,9 +30,9 @@ public class EditRegisteredService extends HttpServlet {
|
|||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
config.getServletContext());
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
|
||||
request.getSession().setAttribute("authenticated",
|
||||
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
|
||||
.equals("anonymousUser"));
|
||||
|
|
@ -93,7 +93,6 @@ public class EditRegisteredService extends HttpServlet {
|
|||
|
||||
@Override
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
String accessToken = authentication.getAccessTokenValue();
|
||||
|
||||
|
|
@ -104,6 +103,19 @@ public class EditRegisteredService extends HttpServlet {
|
|||
HttpResponse resp = TokenUtils.updateService(serviceId, authentication.getSub(), name, description, authentication.getUserInfo().getEmail(), accessToken);
|
||||
|
||||
if (resp.getStatusLine().getStatusCode()==200) {
|
||||
|
||||
RegisteredService registeredService = new RegisteredService();
|
||||
registeredService.setName(name);
|
||||
registeredService.setAai_id(serviceId);
|
||||
try {
|
||||
registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to contact db.", sqle);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
request.getSession().setAttribute("success", "Your service with name '" + name + "' was successfully updated");
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,19 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.HttpEntity;
|
||||
import org.apache.http.HttpHeaders;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.NameValuePair;
|
||||
import org.apache.http.client.entity.UrlEncodedFormEntity;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.message.BasicNameValuePair;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||
|
|
@ -10,14 +23,33 @@ import javax.servlet.ServletException;
|
|||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
import java.io.PrintWriter;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Base64;
|
||||
import java.util.List;
|
||||
|
||||
|
||||
public class PersonalTokenServlet extends HttpServlet {
|
||||
|
||||
@Value("${oidc.secret}")
|
||||
private String secret;
|
||||
|
||||
@Value("${oidc.id}")
|
||||
private String id;
|
||||
|
||||
private Logger logger = Logger.getLogger(PersonalTokenServlet.class);
|
||||
|
||||
public void init(ServletConfig config) throws ServletException {
|
||||
super.init(config);
|
||||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
config.getServletContext());
|
||||
}
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
System.out.println("IN GET");
|
||||
response.setContentType("text/html");
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
|
|
@ -26,4 +58,45 @@ public class PersonalTokenServlet extends HttpServlet {
|
|||
|
||||
request.getRequestDispatcher("./personal.jsp").include(request, response);
|
||||
}
|
||||
}
|
||||
|
||||
public void doPost(HttpServletRequest request, HttpServletResponse response) {
|
||||
System.out.println("IN POST");
|
||||
System.out.println(id);
|
||||
System.out.println(secret);
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
try {
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
HttpPost httppost = new HttpPost("https://openaire-dev.aai-dev.grnet.gr/oidc/revoke");
|
||||
httppost.setHeader(HttpHeaders.CONTENT_TYPE, "application/x-www-form-urlencoded");
|
||||
String encoding = Base64.getEncoder().encodeToString((id.concat(":").concat(secret)).getBytes("UTF-8"));
|
||||
httppost.setHeader(HttpHeaders.AUTHORIZATION, "Basic " + encoding);
|
||||
|
||||
List<NameValuePair> params = new ArrayList<NameValuePair>();
|
||||
params.add(new BasicNameValuePair("token", authentication.getAccessTokenValue()));
|
||||
params.add(new BasicNameValuePair("token_type_hint", "access_token"));
|
||||
httppost.setEntity(new UrlEncodedFormEntity(params, "UTF-8"));
|
||||
|
||||
HttpResponse resp = httpclient.execute(httppost);
|
||||
System.out.println("status " + resp.getStatusLine().getStatusCode());
|
||||
|
||||
HttpEntity entity = resp.getEntity();
|
||||
|
||||
System.out.println("REVOKE " + IOUtils.toString(entity.getContent(), StandardCharsets.UTF_8.name()));
|
||||
|
||||
response.sendRedirect("./personalToken");
|
||||
|
||||
} catch (UnsupportedEncodingException uee) {
|
||||
logger.error("Error in Base64 encoding.", uee);
|
||||
request.getSession().setAttribute("message", "Unable to revoke your token. Please try again later");
|
||||
System.out.println("ERROR >>>> " + uee.getMessage());
|
||||
|
||||
} catch (IOException ioe) {
|
||||
logger.error("Error in Base64 encoding.", ioe);
|
||||
request.getSession().setAttribute("message", "Unable to revoke your token. Please try again later");
|
||||
System.out.println("ERROR >>>> " + ioe.getMessage());
|
||||
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -78,12 +78,12 @@ public class RegisterServiceServlet extends HttpServlet {
|
|||
System.out.println("SQLE SKATA " + sqle.getMessage());
|
||||
logger.error("SQLE SKATA", sqle);
|
||||
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
|
||||
response.sendRedirect("/registeredServices");
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
|
||||
request.getSession().setAttribute("accessToken", authentication.getAccessTokenValue());
|
||||
request.getSession().setAttribute("refreshToken", authentication.getRefreshTokenValue());
|
||||
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -3,6 +3,7 @@ package eu.dnetlib.openaire.usermanagement;
|
|||
import eu.dnetlib.openaire.user.pojos.RegisteredService;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
|
|
@ -76,6 +77,62 @@ public class RegisteredServicesServlet extends HttpServlet {
|
|||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
String id = request.getParameter("id");
|
||||
|
||||
System.out.println("POST " +id);
|
||||
|
||||
if (id!=null && !id.isEmpty()) {
|
||||
try {
|
||||
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(id));
|
||||
|
||||
if (!registeredService.getOwner().equals(authentication.getSub())) {
|
||||
request.getSession().setAttribute("message", "You are not allowed to delete the service.");
|
||||
System.out.println("BLOCKED " + registeredService.getOwner() + " >> " + authentication.getSub());
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
System.out.println("HERE");
|
||||
String aai_id = registeredService.getAai_id();
|
||||
HttpResponse resp = TokenUtils.deleteService(aai_id, authentication.getAccessTokenValue());
|
||||
|
||||
int statusCode = resp.getStatusLine().getStatusCode();
|
||||
System.out.println("STATUS CODE " + statusCode);
|
||||
|
||||
if (statusCode != 200) {
|
||||
logger.error("Unable to delete the service. Status code was " + statusCode);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Status " + statusCode);
|
||||
System.out.println("AAI blocked");
|
||||
} else {
|
||||
registeredServicesUtils.getRegisteredServiceDao().delete(Integer.parseInt(id));
|
||||
request.getSession().setAttribute("success", "The service was successfully deleted.");
|
||||
System.out.println("HERE HERE");
|
||||
}
|
||||
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to contact db.", sqle);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
} else {
|
||||
System.out.println("SO WRONG ID...");
|
||||
request.getSession().setAttribute("message", "Error selecting service to delete. Please try again.");
|
||||
}
|
||||
|
||||
System.out.println("FINALLY ");
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) {
|
||||
if (registeredServices.size() == 5) {
|
||||
return true;
|
||||
|
|
|
|||
|
|
@ -67,6 +67,17 @@ public class TokenUtils {
|
|||
return httpclient.execute(httpPut);
|
||||
}
|
||||
|
||||
public static HttpResponse deleteService(String serviceId, String accessToken) throws IOException {
|
||||
|
||||
System.out.println("DELETE " + "https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
HttpDelete httpDelete = new HttpDelete("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
return httpclient.execute(httpDelete);
|
||||
}
|
||||
|
||||
public static ServiceResponse getRegisteredService(String serviceId, String accessToken) throws IOException {
|
||||
HttpGet httpGet = new HttpGet("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
|
|
@ -84,15 +95,6 @@ public class TokenUtils {
|
|||
}
|
||||
}
|
||||
|
||||
public void deleteService(String serviceId, String accessToken) throws IOException {
|
||||
HttpDelete httpDelete = new HttpDelete("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
HttpResponse httpResponse = httpclient.execute(httpDelete);
|
||||
}
|
||||
|
||||
private static String createServiceJson(String name, String description) {
|
||||
ServiceRequest serviceJSON = new ServiceRequest();
|
||||
serviceJSON.setClientName(name);
|
||||
|
|
|
|||
|
|
@ -121,10 +121,14 @@
|
|||
<!-- CENTER SIDE -->
|
||||
<div class="uk-width-2-3@l uk-width-2-3@m">
|
||||
<div>
|
||||
<a class=" uk-text-danger uk-float-right" title="Revoke access token"><span uk-icon="refresh" ></span></a>
|
||||
<a class=" uk-float-right uk-margin-small-left" onclick="copy('accessToken')" title="Copy access token"><span uk-icon="icon:copy"></span></a>
|
||||
<div class="uk-h5">Your personal access token is</div>
|
||||
<pre><code id="accessToken">${accessToken}</code></pre>
|
||||
<span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span>
|
||||
<c:remove var="message" scope="session" />
|
||||
<form id="revoke" name="revoke" action="./personalToken" method="post">
|
||||
<a class=" uk-text-danger uk-float-right" title="Revoke access token" onClick="document.revoke.submit();"><span uk-icon="refresh" ></span></a>
|
||||
<a class=" uk-float-right uk-margin-small-left" onclick="copy('accessToken')" title="Copy access token"><span uk-icon="icon:copy"></span></a>
|
||||
<div class="uk-h5">Your personal access token is</div>
|
||||
<pre><code id="accessToken">${accessToken}</code></pre>
|
||||
</form>
|
||||
</div>
|
||||
<div>
|
||||
<a class=" uk-text-danger uk-float-right" title="Revoke refresh token"><span uk-icon="refresh"></span></a>
|
||||
|
|
|
|||
|
|
@ -87,27 +87,30 @@
|
|||
</div>
|
||||
<!-- CENTER SIDE -->
|
||||
<div class="uk-width-2-3@l uk-width-2-3@m">
|
||||
<h2 class="uk-h2 uk-margin-small-bottom">Registered services</h2>
|
||||
|
||||
<p class="uk-text-success uk-text-medium uk-float-left">${success}</p>
|
||||
<p class="uk-text-success uk-text-medium uk-center">
|
||||
${success}
|
||||
</p>
|
||||
<c:remove var="success" scope="session" />
|
||||
|
||||
<p id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</p>
|
||||
<div id="server_error" class="uk-text-danger uk-text-medium uk-container-center">
|
||||
${message}
|
||||
</div>
|
||||
<c:remove var="message" scope="session" />
|
||||
|
||||
<p><span class="uk-alert-primary uk-text-medium uk-float-left">You can register up to 5 services.</span></p>
|
||||
<h2 class="uk-h2 uk-margin-small-bottom">Registered services</h2>
|
||||
|
||||
<p class="uk-alert-primary uk-text-medium uk-float-left">
|
||||
<span uk-icon="info"></span> You can register up to 5 services.
|
||||
</p>
|
||||
|
||||
<c:if test="${reachedLimit}">
|
||||
<br>
|
||||
<p><span class="uk-alert-warning uk-text-medium uk-float-left">You have reached the maximum size of allowed registered services.</span></p>
|
||||
<c:remove var="message" scope="session" />
|
||||
<br>
|
||||
<p class="uk-alert-warning uk-text-medium uk-float-left">
|
||||
<span uk-icon="warning"></span> You have reached the maximum size of allowed registered services.
|
||||
</p>
|
||||
</c:if>
|
||||
|
||||
<div class="middle-box loginscreen animated fadeInDown ">
|
||||
<div class="uk-width-1-1@m uk-width-1-1@s">
|
||||
<div> <span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span> </div>
|
||||
<c:remove var="message" scope="session" />
|
||||
|
||||
<c:if test="${empty registeredServices && showEmptyList}">
|
||||
<p>You have not registered any service yet!</p>
|
||||
</c:if>
|
||||
|
|
@ -134,17 +137,20 @@
|
|||
<div>
|
||||
|
||||
<a href="./editRegisteredService?id=${registeredService.id}"><span class="uk-margin-small-right" uk-icon="pencil" ></span>
|
||||
<span class="uk-margin-small-right uk-text-danger" uk-icon="trash" uk-toggle="target: #modal1"></span>
|
||||
<span class="uk-margin-small-right uk-text-danger" uk-icon="trash" uk-toggle="target: #modal${registeredService.id}"></span>
|
||||
|
||||
<!-- This is the modal -->
|
||||
<div id="modal1" uk-modal>
|
||||
<div id="modal${registeredService.id}" uk-modal>
|
||||
<div class="uk-modal-dialog uk-modal-body">
|
||||
<h2 class="uk-modal-title">Delete service</h2>
|
||||
<p>Are you sure you want to delete the service? You cannot undo this action!</p>
|
||||
<p class="uk-text-right">
|
||||
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel</button>
|
||||
<button class="uk-button uk-button-danger" type="button">Delete</button>
|
||||
</p>
|
||||
<form name="delete${registeredService.id}" id="delete${registeredService.id}" method="post">
|
||||
<input type="hidden" name="id" value="${registeredService.id}"/>
|
||||
<h2 class="uk-modal-title">Delete service</h2>
|
||||
<p>Are you sure you want to delete the '${registeredService.name}' service? You cannot undo this action!</p>
|
||||
<p class="uk-text-right">
|
||||
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel</button>
|
||||
<button class="uk-button uk-button-danger" type="button" onclick="document.delete${registeredService.id}.submit();document.getElementById('modal${registeredService.id}').style.visibility='hidden';">Delete</button>
|
||||
</p>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
|
@ -159,28 +165,9 @@
|
|||
</div>
|
||||
</li>
|
||||
</c:forEach>
|
||||
<li>
|
||||
<hr class="uk-margin-remove-top">
|
||||
<div class="uk-grid uk-child-width-1-3">
|
||||
<div ><a uk-toggle="target: #details2; animation: uk-animation-fade">Service 2 <span uk-icon="icon:info;ratio:0.7"></span></a>
|
||||
</div>
|
||||
<div>last year</div>
|
||||
<div>
|
||||
<a class="uk-margin-small-right" uk-icon="pencil" href="./editRegisterService"></a>
|
||||
<a class="uk-margin-small-right uk-text-danger" uk-icon="trash" uk-toggle="target: #modal1"></a>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li id="details2" hidden="hidden" >
|
||||
<div class="uk-alert">
|
||||
<p>Service Name:</p>
|
||||
<p>Service Description:</p>
|
||||
<p>Service Id:</p>
|
||||
<p>Creation Date:</p>
|
||||
</div>
|
||||
</li>
|
||||
</ul>
|
||||
</c:if>
|
||||
|
||||
<div class="uk-text-center">
|
||||
<c:choose>
|
||||
<c:when test="${not reachedLimit}">
|
||||
|
|
|
|||
Loading…
Reference in New Issue