Clean up all servlets for registered services.
This commit is contained in:
parent
99c59c9b77
commit
970abc0596
|
@ -1,70 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import com.google.gson.*;
|
||||
|
||||
import java.lang.reflect.Type;
|
||||
|
||||
public class JwksDeserializer implements JsonDeserializer<Jwks> {
|
||||
|
||||
@Override
|
||||
public Jwks deserialize(JsonElement jsonElement, Type type, JsonDeserializationContext jsonDeserializationContext)
|
||||
throws JsonParseException {
|
||||
|
||||
JsonObject jsonObject = jsonElement.getAsJsonObject();
|
||||
if (jsonObject == null) throw new JsonParseException("Jwks not valid.");
|
||||
JsonArray jsonArray = jsonObject.getAsJsonArray("keys");
|
||||
|
||||
if (jsonArray == null ) throw new JsonParseException("Jwks not valid.");
|
||||
|
||||
Jwks jwks = new Jwks();
|
||||
Key[] keys = new Key[jsonArray.size()];
|
||||
|
||||
Key key = null;
|
||||
for (int i = 0; i < jsonArray.size(); i++) {
|
||||
key = new Key();
|
||||
JsonElement je = jsonArray.get(i);
|
||||
|
||||
if (je == null) throw new JsonParseException("Jwks not valid.");
|
||||
if (je.getAsJsonObject().get("kty")==null) throw new JsonParseException("Jwks not valid.");
|
||||
key.setKty(je.getAsJsonObject().get("kty").getAsString());
|
||||
|
||||
if (je.getAsJsonObject().get("e")==null) throw new JsonParseException("Jwks not valid.");
|
||||
key.setE(je.getAsJsonObject().get("e").getAsString());
|
||||
|
||||
if (je.getAsJsonObject().get("kid")==null) throw new JsonParseException("Jwks not valid.");
|
||||
key.setKid(je.getAsJsonObject().get("kid").getAsString());
|
||||
|
||||
if (je.getAsJsonObject().get("alg")==null) throw new JsonParseException("Jwks not valid.");
|
||||
key.setAlg(je.getAsJsonObject().get("alg").getAsString());
|
||||
|
||||
if (je.getAsJsonObject().get("n")==null) throw new JsonParseException("Jwks not valid.");
|
||||
key.setN(je.getAsJsonObject().get("n").getAsString());
|
||||
keys[i] = key;
|
||||
}
|
||||
|
||||
jwks.setKeys(keys);
|
||||
return jwks;
|
||||
}
|
||||
}
|
||||
/*
|
||||
public static void main(String[] args) {
|
||||
Gson gson = new GsonBuilder().registerTypeAdapter(Jwks.class, new JwksDeserializer()).create();
|
||||
|
||||
String jwksJson = "{\n" +
|
||||
" \"keys\": [\n" +
|
||||
" {\n" +
|
||||
" \"kty\": \"RSA\",\n" +
|
||||
" \"e\": \"AQAB\",\n" +
|
||||
" \"kid\": \"05794a3c-a6f5-430c-9822-da4e53597ba5\",\n" +
|
||||
" \"alg\": \"RS256\",\n" +
|
||||
" \"n\": \"hm_OUny05OJEwbGBqPjE7wWvnwTMgqUHJFis_S9nM7hTivXQ_LX9f89RaVcPpXboox81Y8rrfuVwV0nc-FGr_E0FFpI-IwJ_sUUEDwf-5Qxor3LNc_S_5BiPOfFHY7c-R-ablRIAvVTXqwIjcyLVQnaHLjb9XQPf9lBt9sCZ2jN-9HOLztMO3BZWZYIFqvNr8ySKHfVPdlk0Wx3N45KPY0kgxk5RPYW0HLRakSlhIJtqYCJOr2IiDUEMAj9Z9BoWjeUKiAX3E3ZRo-DO1TWcc7feq-0Pei2IBw3lvNpgcBBv1_BlrsZYzQqkKOcDbLAppuhR3inUNhc3G67OuWt8ow\"\n" +
|
||||
" }\n" +
|
||||
" ]\n" +
|
||||
"}";
|
||||
Jwks jwks = gson.fromJson(jwksJson, Jwks.class);
|
||||
for(Key key:jwks.getKeys()) {
|
||||
//System.out.println(key.getE());
|
||||
}
|
||||
}
|
||||
}
|
||||
*/
|
|
@ -1,10 +1,7 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
@ -12,22 +9,10 @@ import java.io.IOException;
|
|||
|
||||
public class OverviewServlet extends HttpServlet {
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
@Value("${client-management.url}")
|
||||
private String url;
|
||||
|
||||
boolean isAuthenticated = !SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
|
||||
.equals("anonymousUser");
|
||||
|
||||
if (isAuthenticated) {
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
|
||||
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
|
||||
request.getSession().setAttribute("authenticated", isAuthenticated);
|
||||
request.getSession().setAttribute("name", name.toString());
|
||||
}
|
||||
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./overview.jsp").include(request, response);
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
response.sendRedirect(url + "/");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,116 +1,18 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.HttpHeaders;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.methods.HttpDelete;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.mitre.openid.connect.client.service.impl.StaticClientConfigurationService;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||
|
||||
import javax.servlet.ServletConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
public class PersonalTokenServlet extends HttpServlet {
|
||||
|
||||
@Value("${oidc.secret}")
|
||||
private String secret;
|
||||
@Value("${client-management.url}")
|
||||
private String url;
|
||||
|
||||
@Value("${oidc.id}")
|
||||
private String id;
|
||||
|
||||
@Value("${oidc.issuer}")
|
||||
private String issuer;
|
||||
|
||||
@Autowired
|
||||
private StaticClientConfigurationService staticClientConfigurationService;
|
||||
|
||||
private Logger logger = Logger.getLogger(PersonalTokenServlet.class);
|
||||
|
||||
public void init(ServletConfig config) throws ServletException {
|
||||
super.init(config);
|
||||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
config.getServletContext());
|
||||
}
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
response.setContentType("text/html");
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
|
||||
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
|
||||
request.getSession().setAttribute("name", name.toString());
|
||||
request.getSession().setAttribute("accessToken", authentication.getAccessTokenValue());
|
||||
request.getSession().setAttribute("refreshToken", authentication.getRefreshTokenValue());
|
||||
request.getRequestDispatcher("./personal.jsp").include(request, response);
|
||||
}
|
||||
|
||||
public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
String refreshToken = authentication.getRefreshTokenValue();
|
||||
List<String> oldRefreshTokens = null;
|
||||
|
||||
try {
|
||||
oldRefreshTokens = getOldRefreshTokens(authentication.getRefreshTokenValue(), authentication.getAccessTokenValue());
|
||||
deleteOldRefreshTokens(oldRefreshTokens, authentication.getAccessTokenValue());
|
||||
|
||||
} catch (IOException e) {
|
||||
logger.error("Error deleting old refresh tokens.", e);
|
||||
//TODO should I let user know?
|
||||
}
|
||||
request.getSession().setAttribute("showRefreshToken", true);
|
||||
response.sendRedirect("./personalToken");
|
||||
}
|
||||
|
||||
private void deleteOldRefreshTokens(List<String> oldRefreshTokens, String accessToken) throws IOException {
|
||||
HttpDelete httpDelete;
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
|
||||
for (String refreshTokenId:oldRefreshTokens) {
|
||||
httpDelete = new HttpDelete(issuer + "/api/tokens/refresh/" + refreshTokenId);
|
||||
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
HttpResponse response = httpclient.execute(httpDelete);
|
||||
if (response.getStatusLine().getStatusCode()!=200) {
|
||||
logger.warn("Could not delete old refresh tokens." + response.getStatusLine().getStatusCode());
|
||||
//System.out.println("Could not delete old refresh tokens." + response.getStatusLine().getStatusCode());//TODO should I throw exception?
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
private List<String> getOldRefreshTokens(String currentRefreshToken, String accessToken) throws IOException {
|
||||
HttpGet httpGet = new HttpGet(issuer + "/api/tokens/refresh");
|
||||
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
String jsonResponse = IOUtils.toString(httpclient.execute(httpGet).getEntity().getContent(), StandardCharsets.UTF_8.name());
|
||||
Gson gson = new Gson();
|
||||
|
||||
List<String> oldRefreshTokens = null;
|
||||
for(RefreshToken refreshToken:gson.fromJson(jsonResponse, RefreshToken[].class)){
|
||||
if (oldRefreshTokens == null) {
|
||||
oldRefreshTokens = new ArrayList<>();
|
||||
}
|
||||
|
||||
if (!refreshToken.getValue().equals(currentRefreshToken)) {
|
||||
oldRefreshTokens.add(refreshToken.getId()+"");
|
||||
}
|
||||
}
|
||||
|
||||
return oldRefreshTokens;
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
response.sendRedirect(url + "/personal-token");
|
||||
}
|
||||
}
|
|
@ -1,58 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
public class RefreshToken {
|
||||
private String value;
|
||||
private int id;
|
||||
private String[] scopes;
|
||||
private String clientId;
|
||||
private String userId;
|
||||
private String expliration;
|
||||
|
||||
public String getValue() {
|
||||
return value;
|
||||
}
|
||||
|
||||
public void setValue(String value) {
|
||||
this.value = value;
|
||||
}
|
||||
|
||||
public int getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(int id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String[] getScopes() {
|
||||
return scopes;
|
||||
}
|
||||
|
||||
public void setScopes(String[] scopes) {
|
||||
this.scopes = scopes;
|
||||
}
|
||||
|
||||
public String getClientId() {
|
||||
return clientId;
|
||||
}
|
||||
|
||||
public void setClientId(String clientId) {
|
||||
this.clientId = clientId;
|
||||
}
|
||||
|
||||
public String getUserId() {
|
||||
return userId;
|
||||
}
|
||||
|
||||
public void setUserId(String userId) {
|
||||
this.userId = userId;
|
||||
}
|
||||
|
||||
public String getExpliration() {
|
||||
return expliration;
|
||||
}
|
||||
|
||||
public void setExpliration(String expliration) {
|
||||
this.expliration = expliration;
|
||||
}
|
||||
}
|
|
@ -1,427 +1,19 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.GsonBuilder;
|
||||
import com.google.gson.JsonParseException;
|
||||
import eu.dnetlib.openaire.user.pojos.RegisteredService;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
|
||||
import org.apache.commons.validator.routines.UrlValidator;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.access.method.P;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
|
||||
import javax.servlet.ServletConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.sql.SQLException;
|
||||
|
||||
|
||||
public class RegisterServiceServlet extends HttpServlet {
|
||||
|
||||
private Logger logger = Logger.getLogger(RegisterServiceServlet.class);
|
||||
@Value("${client-management.url}")
|
||||
private String url;
|
||||
|
||||
public void init(ServletConfig config) throws ServletException {
|
||||
super.init(config);
|
||||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
config.getServletContext());
|
||||
}
|
||||
|
||||
@Autowired
|
||||
private RegisteredServicesUtils registeredServicesUtils;
|
||||
|
||||
@Autowired
|
||||
private TokenUtils tokenUtils;
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
String userid = authentication.getSub();
|
||||
|
||||
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
|
||||
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
|
||||
request.getSession().setAttribute("name", name.toString());
|
||||
|
||||
String idParam = request.getParameter("id");
|
||||
|
||||
if (idParam != null && !idParam.isEmpty()) { // EDIT CASE
|
||||
//System.out.println("In edit");
|
||||
try {
|
||||
int id = Integer.parseInt(idParam);
|
||||
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(id);
|
||||
|
||||
if (registeredService != null && registeredServicesUtils.isAuthorized(userid, id)) {
|
||||
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(), registeredService.getRegistrationAccessToken());
|
||||
|
||||
updateFormFields(request, registeredService.getName(), registeredService.getKeyType(), serviceResponse);
|
||||
|
||||
} else {
|
||||
if (registeredService == null) {
|
||||
//System.out.println("No service found!");
|
||||
request.getSession().setAttribute("message", "Not valid registered service with given id " + id + ".");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.warn("Not valid registered service with " + id + "id.");
|
||||
|
||||
} else {
|
||||
//System.out.println("Not authorized");
|
||||
request.getSession().setAttribute("message", "Not authorized to edit the registered service with id " + id + ".");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.warn("Not authorized to edit the service with " + id + "id.");
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
response.sendRedirect(url + "/apis");
|
||||
}
|
||||
}
|
||||
|
||||
} catch (NumberFormatException nfe) {
|
||||
//System.out.println("WRONG FORMAT");
|
||||
request.getSession().setAttribute("message", "Invalid service id.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.error("Invalid service id.", nfe);
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
//System.out.println("SQL PROBLEM");
|
||||
request.getSession().setAttribute("message", "Could not fetch registered service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.error("Could not fetch registered service.", sqle);
|
||||
}
|
||||
|
||||
} else {// NEW SERVICE CASE
|
||||
//Careful! Redirects in method
|
||||
request.getSession().setAttribute("first_name", null);
|
||||
request.getSession().setAttribute("key_type", null);
|
||||
request.getSession().setAttribute("jwksUri", null);
|
||||
request.getSession().setAttribute("value", null);
|
||||
checkNumberOfRegisteredServices(request, response, authentication);
|
||||
}
|
||||
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registerService.jsp").include(request, response);
|
||||
}
|
||||
|
||||
private void updateFormFields(HttpServletRequest request, String serviceName, String keyType, ServiceResponse serviceResponse) {
|
||||
//System.out.println("UPDATING FORM");
|
||||
request.getSession().setAttribute("first_name", serviceName);
|
||||
//System.out.println("Service response URI " + serviceResponse.getJwksUri());
|
||||
request.getSession().setAttribute("key_type", keyType);
|
||||
if (keyType != null) {
|
||||
if (keyType.equals("uri")) {
|
||||
request.getSession().setAttribute("jwksUri", serviceResponse.getJwksUri());
|
||||
} else {
|
||||
Key key;
|
||||
if (serviceResponse.getJwks() != null) {
|
||||
key = serviceResponse.getJwks().keys[0];
|
||||
} else {
|
||||
key = new Key();
|
||||
}
|
||||
//System.out.println("Service response keys " + serviceResponse.getJwksUri());
|
||||
Gson gson = new GsonBuilder().setPrettyPrinting().create();
|
||||
request.getSession().setAttribute("value", gson.toJson(key));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public void doPost(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
|
||||
response.setContentType("text/html");
|
||||
boolean canProceed = true;
|
||||
|
||||
String mode = request.getParameter("mode").trim();
|
||||
//System.out.println("Mode was " + mode);
|
||||
checkmode(mode);
|
||||
//System.out.println("Mode is " + mode);
|
||||
|
||||
String serviceId = request.getParameter("id");
|
||||
|
||||
String name = request.getParameter("first_name").trim();
|
||||
if (name.isEmpty()) {
|
||||
request.getSession().setAttribute("first_name_error", true);
|
||||
canProceed = false;
|
||||
}
|
||||
String keyType = request.getParameter("key_type");
|
||||
String jwksUri = null;
|
||||
String jwksString = null;
|
||||
Jwks jwks = null;
|
||||
if(keyType != null) {
|
||||
keyType = keyType.trim();
|
||||
if (keyType.equals("uri")) {
|
||||
jwksUri = request.getParameter("uri");
|
||||
request.getSession().setAttribute("jwksUri", jwksUri);
|
||||
|
||||
String[] schemes = {"https"};
|
||||
UrlValidator urlValidator = new UrlValidator(schemes);
|
||||
if (!urlValidator.isValid(jwksUri)) {
|
||||
request.getSession().setAttribute("uri_error", true);
|
||||
canProceed = false;
|
||||
}
|
||||
} else {
|
||||
jwksString = request.getParameter("value");
|
||||
try {
|
||||
Gson gson = new GsonBuilder().registerTypeAdapter(Jwks.class, new JwksDeserializer()).create();
|
||||
String jwksSet = String.format("{\"keys\":[%s]}", jwksString);
|
||||
jwks = gson.fromJson(jwksSet, Jwks.class);
|
||||
request.getSession().setAttribute("value", jwksString);
|
||||
|
||||
if (jwks.getKeys() == null || jwks.getKeys().length == 0) {
|
||||
//System.out.println("Something wrong with the keys.");
|
||||
request.getSession().setAttribute("value_error", true);
|
||||
canProceed = false;
|
||||
}
|
||||
|
||||
|
||||
} catch (JsonParseException jpe) {
|
||||
request.getSession().setAttribute("value_error", true);
|
||||
canProceed = false;
|
||||
}
|
||||
}
|
||||
}
|
||||
String userid = authentication.getSub();
|
||||
String email = authentication.getUserInfo().getEmail();
|
||||
ServiceResponse serviceResponse = null;
|
||||
|
||||
if (nameIsValid(name) && userInfoIsValid(userid, email) && keyIsValid(keyType, jwksUri, jwksString) && canProceed) {
|
||||
|
||||
String serverMessage;
|
||||
|
||||
if (mode.equals("create")) {
|
||||
//Careful! Redirects in method
|
||||
if (!checkNumberOfRegisteredServices(request, response, authentication)) {
|
||||
return;
|
||||
}
|
||||
String serverRequestJSON = null;
|
||||
if(keyType == null) {
|
||||
serverRequestJSON = createServiceJson(null, name, email);
|
||||
} else if (keyType.equals("uri")) {
|
||||
serverRequestJSON = createServiceJson(null, name, email, jwksUri);
|
||||
} else if (keyType.equals("value")){
|
||||
serverRequestJSON = createServiceJson(null, name, email, jwks);
|
||||
}
|
||||
if(serverRequestJSON != null) {
|
||||
//System.out.println("SERVER JSON " + serverRequestJSON);
|
||||
serverMessage = tokenUtils.registerService(serverRequestJSON);
|
||||
logger.debug(serverMessage);
|
||||
if (serverMessage == null) {
|
||||
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
}
|
||||
serviceResponse = new Gson().fromJson(serverMessage, ServiceResponse.class);
|
||||
String client_id = serviceResponse.getClientId();
|
||||
|
||||
RegisteredService registeredService = new RegisteredService(client_id, userid, name, serviceResponse.getRegistrationAccessToken(), keyType);
|
||||
|
||||
try {
|
||||
registeredServicesUtils.addRegistedService(registeredService);
|
||||
if(registeredService.getKeyType() != null) {
|
||||
request.getSession().setAttribute("success",
|
||||
"Your service has been successfully registered!<br>" +
|
||||
"<b>Client ID</b>: " + serviceResponse.getClientId());
|
||||
} else {
|
||||
request.getSession().setAttribute("success",
|
||||
"Your service has been successfully registered!<br>" +
|
||||
"<b>Client ID</b>: " + serviceResponse.getClientId() +
|
||||
"<br><span style=\"word-wrap: break-word\"><b>Client Secret</b>:" + serviceResponse.getClientSecret() + "</span>");
|
||||
}
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Fail to save service.", sqle);
|
||||
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
logger.error("Service request JSON is null");
|
||||
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
int serviceIdInt = 0;
|
||||
if (serviceId == null || serviceId.isEmpty()) { //TODO WRONG MESSAGE
|
||||
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
|
||||
} else {
|
||||
//System.out.println("In edit...");
|
||||
try {
|
||||
serviceIdInt = Integer.parseInt(serviceId);
|
||||
if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) {
|
||||
request.getSession().setAttribute("message", "You have no permission to edit the service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
|
||||
} else {
|
||||
|
||||
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(serviceIdInt);
|
||||
if (registeredService != null && registeredService.getClientId() != null) {
|
||||
String serverRequestJSON = null;
|
||||
if (keyType == null) {
|
||||
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email);
|
||||
} else if (keyType.equals("uri")) {
|
||||
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwksUri);
|
||||
} else if (keyType.equals("value")) {
|
||||
serverRequestJSON = createServiceJson(registeredService.getClientId(), name, email, jwks);
|
||||
}
|
||||
if (serverRequestJSON != null) {
|
||||
//System.out.println("SERVER JSON " + serverRequestJSON);
|
||||
HttpResponse resp = tokenUtils.updateService(registeredService.getClientId(), serverRequestJSON, registeredService.getRegistrationAccessToken());
|
||||
if (resp.getStatusLine().getStatusCode() == 200) {
|
||||
//System.out.println("NAME >>>>" + name);
|
||||
registeredService.setName(name);
|
||||
|
||||
//System.out.println("Client Id " + registeredService.getClientId());
|
||||
try {
|
||||
registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to contact db.", sqle);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
return;
|
||||
}
|
||||
request.getSession().setAttribute("success",
|
||||
"Your service has been successfully updated!<br>" +
|
||||
"<b>Client ID</b>: " + registeredService.getClientId());
|
||||
}
|
||||
|
||||
} else {
|
||||
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
}
|
||||
} else {
|
||||
logger.error("Service request JSON is null");
|
||||
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
}
|
||||
}
|
||||
} catch(SQLException sqle){
|
||||
logger.error("Unable to access service with id " + serviceId, sqle);
|
||||
request.getSession().setAttribute("message", "There was an error accessing your service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
|
||||
} catch(NumberFormatException nfe){
|
||||
logger.error("Unable to access service with id " + serviceId, nfe);
|
||||
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
} else {
|
||||
//something is wrong with the form and the error messages will appear
|
||||
request.getSession().setAttribute("first_name", name);
|
||||
request.getSession().setAttribute("key_type", keyType);
|
||||
request.getSession().setAttribute("uri", jwksUri);
|
||||
request.getSession().setAttribute("value", jwksString);
|
||||
|
||||
if (serviceId != null && !serviceId.isEmpty()) {
|
||||
request.getRequestDispatcher("./registerService.jsp?id=" + serviceId).forward(request, response);
|
||||
|
||||
} else {
|
||||
request.getRequestDispatcher("./registerService.jsp").include(request, response);
|
||||
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
|
||||
private void checkmode(String mode) {
|
||||
if (mode != null && !mode.isEmpty()) {
|
||||
if (!mode.equals("edit") || mode.equals("create")) {
|
||||
mode = "create";
|
||||
}
|
||||
} else {
|
||||
mode = "create";
|
||||
}
|
||||
}
|
||||
|
||||
private boolean keyIsValid(String keyType, String jwksUri, String jwksString) {
|
||||
return keyType == null || (keyType.equals("uri") && jwksUri != null && !jwksUri.isEmpty()) ||
|
||||
keyType.equals("value") && jwksString != null && !jwksString.isEmpty();
|
||||
}
|
||||
|
||||
private boolean userInfoIsValid(String userid, String email) {
|
||||
return userid != null && !userid.isEmpty() &&
|
||||
email != null && !email.isEmpty();
|
||||
}
|
||||
|
||||
private boolean nameIsValid(String name) {
|
||||
return name != null && !name.isEmpty();
|
||||
}
|
||||
|
||||
private boolean checkNumberOfRegisteredServices(HttpServletRequest request, HttpServletResponse response, OIDCAuthenticationToken authentication) throws IOException {
|
||||
try {
|
||||
long numberOfRegisteredServices =
|
||||
registeredServicesUtils.getRegisteredServiceDao().countRegisteredServices(authentication.getSub());
|
||||
|
||||
if (numberOfRegisteredServices >= 5) {
|
||||
response.sendRedirect("./registeredServices"); // The message there already exists.
|
||||
return false;
|
||||
}
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to count registered services.", sqle);
|
||||
request.getSession().setAttribute("message", "Unable to contact DB. Please try again later.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
private static String createServiceJson(String clientId, String name, String email) {
|
||||
ServiceRequest serviceJSON = new ServiceRequest();
|
||||
serviceJSON.setClientId(clientId);
|
||||
serviceJSON.setClientName(name);
|
||||
serviceJSON.setContacts(new String[]{email});
|
||||
serviceJSON.setToken_endpoint_auth_method("client_secret_basic");
|
||||
serviceJSON.setTokenEndpointAuthSigningAlg(null);
|
||||
GsonBuilder builder = new GsonBuilder();
|
||||
builder.serializeNulls();
|
||||
Gson gson = builder.create();
|
||||
//System.out.println("Created json " + serviceJSON);
|
||||
return gson.toJson(serviceJSON);
|
||||
}
|
||||
|
||||
private static String createServiceJson(String clientId, String name, String email, String jwksURI) {
|
||||
ServiceRequest serviceJSON = new ServiceRequest();
|
||||
serviceJSON.setClientId(clientId);
|
||||
serviceJSON.setClientName(name);
|
||||
serviceJSON.setContacts(new String[]{email});
|
||||
serviceJSON.setJwksUri(jwksURI);
|
||||
|
||||
GsonBuilder builder = new GsonBuilder();
|
||||
builder.serializeNulls();
|
||||
Gson gson = builder.create();
|
||||
//System.out.println("Created json " + serviceJSON);
|
||||
return gson.toJson(serviceJSON);
|
||||
}
|
||||
|
||||
private static String createServiceJson(String clientId, String name, String email, Jwks jwks) {
|
||||
ServiceRequest serviceJSON = new ServiceRequest();
|
||||
serviceJSON.setClientId(clientId);
|
||||
serviceJSON.setClientName(name);
|
||||
serviceJSON.setContacts(new String[]{email});
|
||||
serviceJSON.setJwks(jwks);
|
||||
|
||||
GsonBuilder builder = new GsonBuilder();
|
||||
builder.serializeNulls();
|
||||
Gson gson = builder.create();
|
||||
//System.out.println("Created json " + serviceJSON);
|
||||
return gson.toJson(serviceJSON);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -1,160 +1,19 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import com.google.gson.GsonBuilder;
|
||||
import eu.dnetlib.openaire.user.pojos.RegisteredService;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
|
||||
import javax.servlet.ServletConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.sql.SQLException;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
|
||||
public class RegisteredServicesServlet extends HttpServlet {
|
||||
|
||||
private Logger logger = Logger.getLogger(RegisteredServicesServlet.class);
|
||||
@Value("${client-management.url}")
|
||||
private String url;
|
||||
|
||||
@Autowired
|
||||
private RegisteredServicesUtils registeredServicesUtils;
|
||||
|
||||
@Autowired
|
||||
private TokenUtils tokenUtils;
|
||||
|
||||
public void init(ServletConfig config) throws ServletException {
|
||||
super.init(config);
|
||||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
config.getServletContext());
|
||||
}
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
|
||||
request.getSession().setAttribute("authenticated",
|
||||
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
|
||||
.equals("anonymousUser"));
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
|
||||
String userId = authentication.getSub();
|
||||
|
||||
List<RegisteredService> registeredServices = null;
|
||||
try {
|
||||
registeredServices = registeredServicesUtils.
|
||||
getRegisteredServiceDao().fetchAllRegisteredServicesByOwner(userId);
|
||||
//System.out.println("LOAD REGISTERED SERVICES. " + registeredServices.size());
|
||||
|
||||
if (registeredServices.isEmpty()) {
|
||||
request.getSession().setAttribute("showEmptyList", true);
|
||||
} else {
|
||||
Map<String, ServiceResponse> serviceResponses = new HashMap<>();
|
||||
Map<String, String> serviceKey = new HashMap<>();
|
||||
|
||||
for (RegisteredService registeredService:registeredServices) {
|
||||
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getClientId(),registeredService.getRegistrationAccessToken());
|
||||
serviceResponses.put(registeredService.getId(), serviceResponse);
|
||||
serviceKey.put(registeredService.getId(), extractPublicKeySet(serviceResponse));
|
||||
}
|
||||
|
||||
boolean reachedLimit = reachedMaximumNumberOfServices(registeredServices);
|
||||
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
|
||||
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
|
||||
request.getSession().setAttribute("name", name.toString());
|
||||
request.getSession().setAttribute("reachedLimit", reachedLimit);
|
||||
//System.out.println("REACHED LIMIT??? " + reachedLimit);
|
||||
|
||||
request.getSession().setAttribute("services", serviceResponses);
|
||||
request.getSession().setAttribute("keys", serviceKey);
|
||||
}
|
||||
request.getSession().setAttribute("registeredServices", registeredServices);
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Error fetching registered services for user " + userId , sqle);
|
||||
request.getSession().setAttribute("message", "Error fetching registered services. " +
|
||||
"Please try again later.");
|
||||
request.getSession().setAttribute("showEmptyList", false);
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
private String extractPublicKeySet(ServiceResponse serviceResponse) {
|
||||
if (serviceResponse.getJwksUri()!=null && !serviceResponse.getJwksUri().isEmpty())
|
||||
return serviceResponse.getJwksUri();
|
||||
|
||||
return extractJSONJwk(serviceResponse.getJwks());
|
||||
}
|
||||
|
||||
private String extractJSONJwk(Jwks jwks) {
|
||||
Gson gson = new GsonBuilder().setPrettyPrinting().create();
|
||||
//System.out.println(gson.toJson(jwks));
|
||||
return gson.toJson(jwks);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
String id = request.getParameter("id");
|
||||
|
||||
//System.out.println("POST " +id);
|
||||
|
||||
if (id!=null && !id.isEmpty()) {
|
||||
try {
|
||||
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(id));
|
||||
|
||||
if (!registeredService.getOwner().equals(authentication.getSub())) {
|
||||
request.getSession().setAttribute("message", "You are not allowed to delete the service.");
|
||||
//System.out.println("BLOCKED " + registeredService.getOwner() + " >> " + authentication.getSub());
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
}
|
||||
|
||||
HttpResponse resp = tokenUtils.deleteService(registeredService.getClientId(), registeredService.getRegistrationAccessToken());
|
||||
|
||||
int statusCode = resp.getStatusLine().getStatusCode();
|
||||
//System.out.println("STATUS CODE " + statusCode);
|
||||
|
||||
if (statusCode != 204) {
|
||||
logger.error("Unable to delete the service. Status code was " + statusCode);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Status " + statusCode);
|
||||
//System.out.println("AAI blocked");
|
||||
response.sendRedirect("./registeredServices");
|
||||
return;
|
||||
} else {
|
||||
registeredServicesUtils.getRegisteredServiceDao().delete(Integer.parseInt(id));
|
||||
request.getSession().setAttribute("success", "The service was successfully deleted.");
|
||||
//System.out.println("HERE HERE");
|
||||
}
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to contact db.", sqle);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
|
||||
}
|
||||
|
||||
} else {
|
||||
request.getSession().setAttribute("message", "Error selecting service to delete. Please try again.");
|
||||
}
|
||||
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
|
||||
private boolean reachedMaximumNumberOfServices(List<RegisteredService> registeredServices) {
|
||||
return registeredServices.size() >= 5;
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
|
||||
response.sendRedirect(url + "/apis");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,170 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
public class ServiceRequest {
|
||||
String client_name;
|
||||
String client_id;
|
||||
String logo_uri;
|
||||
String policy_uri;
|
||||
String[] contacts;
|
||||
String[] redirect_uris = new String[]{};
|
||||
String[] grant_types = new String[] {"client_credentials"};
|
||||
String token_endpoint_auth_method = "private_key_jwt";
|
||||
String token_endpoint_auth_signing_alg = "RS256";
|
||||
String jwks_uri;
|
||||
Jwks jwks;
|
||||
|
||||
public String getClientName() {
|
||||
return client_name;
|
||||
}
|
||||
|
||||
public void setClientName(String clientName) {
|
||||
this.client_name = clientName;
|
||||
}
|
||||
|
||||
public String getClientId() {
|
||||
return client_id;
|
||||
}
|
||||
|
||||
public void setClientId(String clientId) {
|
||||
this.client_id = clientId;
|
||||
}
|
||||
|
||||
public String[] getRedirectUris() {
|
||||
return redirect_uris;
|
||||
}
|
||||
|
||||
public void setRedirectUris(String[] redirectUris) {
|
||||
this.redirect_uris = redirectUris;
|
||||
}
|
||||
|
||||
public String getLogoUri() {
|
||||
return logo_uri;
|
||||
}
|
||||
|
||||
public void setLogoUri(String logoUri) {
|
||||
this.logo_uri = logoUri;
|
||||
}
|
||||
|
||||
public String getPolicyUri() {
|
||||
return policy_uri;
|
||||
}
|
||||
|
||||
public void setPolicyUri(String policyUri) {
|
||||
this.policy_uri = policyUri;
|
||||
}
|
||||
|
||||
public String[] getContacts() {
|
||||
return contacts;
|
||||
}
|
||||
|
||||
public void setContacts(String[] contacts) {
|
||||
this.contacts = contacts;
|
||||
}
|
||||
|
||||
public String[] getGrantTypes() {
|
||||
return grant_types;
|
||||
}
|
||||
|
||||
public void setGrantTypes(String[] grantTypes) {
|
||||
this.grant_types = grantTypes;
|
||||
}
|
||||
|
||||
public String getToken_endpoint_auth_method() {
|
||||
return token_endpoint_auth_method;
|
||||
}
|
||||
|
||||
public void setToken_endpoint_auth_method(String token_endpoint_auth_method) {
|
||||
this.token_endpoint_auth_method = token_endpoint_auth_method;
|
||||
}
|
||||
|
||||
public String getTokenEndpointAuthSigningAlg() {
|
||||
return token_endpoint_auth_signing_alg;
|
||||
}
|
||||
|
||||
public void setTokenEndpointAuthSigningAlg(String tokenEndpointAuthSigningAlg) {
|
||||
this.token_endpoint_auth_signing_alg = tokenEndpointAuthSigningAlg;
|
||||
}
|
||||
|
||||
public String getJwksUri() {
|
||||
return jwks_uri;
|
||||
}
|
||||
|
||||
public void setJwksUri(String jwksUri) {
|
||||
this.jwks_uri = jwksUri;
|
||||
}
|
||||
|
||||
public Jwks getJwks() {
|
||||
return jwks;
|
||||
}
|
||||
|
||||
public void setJwks(Jwks jwks) {
|
||||
this.jwks = jwks;
|
||||
}
|
||||
}
|
||||
|
||||
class Jwks implements Serializable {
|
||||
Key[] keys;
|
||||
|
||||
public Key[] getKeys() {
|
||||
return keys;
|
||||
}
|
||||
|
||||
public void setKeys(Key[] keys) {
|
||||
this.keys = keys;
|
||||
}
|
||||
}
|
||||
|
||||
class Key implements Serializable {
|
||||
String kty;
|
||||
String e;
|
||||
String kid;
|
||||
String alg;
|
||||
String n;
|
||||
|
||||
public String getKty() {
|
||||
return kty;
|
||||
}
|
||||
|
||||
public void setKty(String kty) {
|
||||
this.kty = kty;
|
||||
}
|
||||
|
||||
public String getE() {
|
||||
return e;
|
||||
}
|
||||
|
||||
public void setE(String e) {
|
||||
this.e = e;
|
||||
}
|
||||
|
||||
public String getKid() {
|
||||
return kid;
|
||||
}
|
||||
|
||||
public void setKid(String kid) {
|
||||
this.kid = kid;
|
||||
}
|
||||
|
||||
public String getAlg() {
|
||||
return alg;
|
||||
}
|
||||
|
||||
public void setAlg(String alg) {
|
||||
this.alg = alg;
|
||||
}
|
||||
|
||||
public String getN() {
|
||||
return n;
|
||||
}
|
||||
|
||||
public void setN(String n) {
|
||||
this.n = n;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
|
|
@ -1,93 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
public class ServiceResponse implements Serializable {
|
||||
String client_id;
|
||||
Long client_id_issued_at;
|
||||
String client_secret;
|
||||
Long client_secret_expires_at;
|
||||
String registration_access_token;
|
||||
String registration_client_uri;
|
||||
String[] redirect_uris;
|
||||
String client_name;
|
||||
String logo_uri;
|
||||
String policy_uri;
|
||||
String[] contacts;
|
||||
String[] grant_types;
|
||||
String token_endpoint_auth_method;
|
||||
String token_endpoint_auth_signing_alg;
|
||||
String scope;
|
||||
String jwks_uri;
|
||||
Jwks jwks;
|
||||
|
||||
|
||||
public String getClientId() {
|
||||
return client_id;
|
||||
}
|
||||
|
||||
public Long getClientIdIssuedAt() {
|
||||
return client_id_issued_at;
|
||||
}
|
||||
|
||||
public String getClientSecret() {
|
||||
return client_secret;
|
||||
}
|
||||
|
||||
public Long getClientSecretExpiresAt() {
|
||||
return client_secret_expires_at;
|
||||
}
|
||||
|
||||
public String getRegistrationAccessToken() {
|
||||
return registration_access_token;
|
||||
}
|
||||
|
||||
public String getRegistrationClientUri() {
|
||||
return registration_client_uri;
|
||||
}
|
||||
|
||||
public String[] getRedirectUris() {
|
||||
return redirect_uris;
|
||||
}
|
||||
|
||||
public String getClientName() {
|
||||
return client_name;
|
||||
}
|
||||
|
||||
|
||||
public String getLogoUri() {
|
||||
return logo_uri;
|
||||
}
|
||||
|
||||
public String getPolicyUri() {
|
||||
return policy_uri;
|
||||
}
|
||||
|
||||
public String[] getContacts() {
|
||||
return contacts;
|
||||
}
|
||||
|
||||
public String[] getGrantTypes() {
|
||||
return grant_types;
|
||||
}
|
||||
|
||||
public String getTokenEndpointAuthMethod() {
|
||||
return token_endpoint_auth_method;
|
||||
}
|
||||
|
||||
public String getTokenEndpointAuthSigningAlg() {
|
||||
return token_endpoint_auth_signing_alg;
|
||||
}
|
||||
|
||||
public String getScope() {
|
||||
return scope;
|
||||
}
|
||||
|
||||
public String getJwksUri() {
|
||||
return jwks_uri;
|
||||
}
|
||||
|
||||
public Jwks getJwks() {
|
||||
return jwks;
|
||||
}
|
||||
}
|
|
@ -1,35 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement.utils;
|
||||
|
||||
import eu.dnetlib.openaire.user.pojos.RegisteredService;
|
||||
import eu.dnetlib.openaire.user.registeredService.RegisteredServiceDao;
|
||||
import eu.dnetlib.openaire.user.registeredService.RegisteredServiceSQL;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.sql.SQLException;
|
||||
|
||||
@Component
|
||||
public class RegisteredServicesUtils {
|
||||
|
||||
RegisteredServiceDao registeredServiceDao = new RegisteredServiceSQL();
|
||||
|
||||
public RegisteredServiceDao getRegisteredServiceDao() {
|
||||
return registeredServiceDao;
|
||||
}
|
||||
|
||||
public void setRegisteredServiceDao(RegisteredServiceDao registeredServiceDao) {
|
||||
this.registeredServiceDao = registeredServiceDao;
|
||||
}
|
||||
|
||||
public void addRegistedService(RegisteredService registeredService) throws SQLException {
|
||||
registeredServiceDao.insertRegisteredService(registeredService);
|
||||
}
|
||||
|
||||
public boolean isAuthorized(String userid, int id) throws SQLException {
|
||||
RegisteredService registeredService = registeredServiceDao.fetchRegisteredServiceById(id);
|
||||
if (registeredService == null) {
|
||||
return false; //no harm in accessing nothing
|
||||
}
|
||||
return registeredService.getOwner().equals(userid);
|
||||
}
|
||||
|
||||
}
|
|
@ -1,91 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement.utils;
|
||||
|
||||
import com.google.gson.Gson;
|
||||
import eu.dnetlib.openaire.usermanagement.ServiceResponse;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.HttpHeaders;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.client.methods.HttpDelete;
|
||||
import org.apache.http.client.methods.HttpGet;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.client.methods.HttpPut;
|
||||
import org.apache.http.entity.StringEntity;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.List;
|
||||
|
||||
@Component
|
||||
public class TokenUtils {
|
||||
|
||||
private Logger logger = Logger.getLogger(TokenUtils.class);
|
||||
|
||||
@Value("${oidc.issuer}")
|
||||
private String issuer;
|
||||
|
||||
public String registerService(String serverRequestJSON)
|
||||
throws IOException {
|
||||
|
||||
HttpPost httppost = new HttpPost( issuer + "register");
|
||||
httppost.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
StringEntity params = new StringEntity(serverRequestJSON);
|
||||
httppost.setEntity(params);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
HttpResponse httpResponse = httpclient.execute(httppost);
|
||||
|
||||
//System.out.println("HTTP RESPONSE " + httpResponse.getStatusLine().getStatusCode());
|
||||
if (httpResponse.getStatusLine().getStatusCode() == 201) {
|
||||
//logger.debug(IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name()));
|
||||
return IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name());
|
||||
}
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public HttpResponse updateService(String serviceId, String serviceSON, String registeredAccessToken) throws IOException {
|
||||
|
||||
HttpPut httpPut = new HttpPut(issuer + "register/"+serviceId);
|
||||
httpPut.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httpPut.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + registeredAccessToken);
|
||||
StringEntity params = new StringEntity(serviceSON.toString());
|
||||
httpPut.setEntity(params);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
return httpclient.execute(httpPut);
|
||||
}
|
||||
|
||||
public HttpResponse deleteService(String serviceId, String registeredAccessToken) throws IOException {
|
||||
|
||||
//System.out.println("DELETE " + issuer + "register/"+serviceId);
|
||||
HttpDelete httpDelete = new HttpDelete(issuer + "register/"+serviceId);
|
||||
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + registeredAccessToken);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
return httpclient.execute(httpDelete);
|
||||
}
|
||||
|
||||
public ServiceResponse getRegisteredService(String serviceId, String registeredAccessToken) throws IOException {
|
||||
//System.out.println("ISSUER " + issuer);
|
||||
HttpGet httpGet = new HttpGet(issuer + "register/"+ serviceId);
|
||||
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + registeredAccessToken);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
HttpResponse httpResponse = httpclient.execute(httpGet);
|
||||
String registeredService = IOUtils.toString(httpResponse.getEntity().getContent(), StandardCharsets.UTF_8.name());
|
||||
//System.out.println(registeredService);
|
||||
return new Gson().fromJson(registeredService,ServiceResponse.class);
|
||||
}
|
||||
|
||||
public void viewRegisteredServices(List<String> serviceIds, String registeredAccessToken) throws IOException {
|
||||
for (String serviceId: serviceIds) {
|
||||
getRegisteredService(serviceId, registeredAccessToken);
|
||||
}
|
||||
}
|
||||
}
|
|
@ -2,3 +2,4 @@ google.recaptcha.secret = 6LfYrU8UAAAAADwrbImPvDo_XcxEZvrkkgMy9yU0
|
|||
google.recaptcha.key = 6LfYrU8UAAAAAFsl3m2YhP1uavdmAdFEXBkoY_vd
|
||||
|
||||
role-management.url = http://mpagasas.di.uoa.gr:8080/dnet-role-management
|
||||
client-management.url = http://mpagasas.di.uoa.gr:5100
|
||||
|
|
|
@ -1,79 +0,0 @@
|
|||
<%--
|
||||
Created by IntelliJ IDEA.
|
||||
User: sofia
|
||||
Date: 19/10/2017
|
||||
Time: 4:30 μμ
|
||||
To change this template use File | Settings | File Templates.
|
||||
--%>
|
||||
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
|
||||
<!DOCTYPE html>
|
||||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
|
||||
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<base href=".">
|
||||
<title>OpenAIRE - APIs Authentication</title>
|
||||
<script src="./js/jquery.js"></script>
|
||||
<script src="./js/uikit.min.js"></script>
|
||||
<script src="./js/validation.js"></script>
|
||||
<script src="./js/uikit-icons-max.js"></script>
|
||||
<link rel="stylesheet" style="text/css" href="./css/theme.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/custom.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
|
||||
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
|
||||
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
|
||||
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon" />
|
||||
</head>
|
||||
<body class="" style="">
|
||||
<div class="uk-offcanvas-content uk-height-viewport">
|
||||
<!-- MENU STARTS HERE -->
|
||||
<jsp:include page="header.jsp"/>
|
||||
<!-- CONTENT STARTS HERE -->
|
||||
<div class="first_page_section uk-section-default uk-section uk-padding-remove-vertical">
|
||||
<div class="first_page_banner_headline uk-grid-collapse uk-flex-middle uk-margin-remove-vertical uk-grid" uk-grid="">
|
||||
</div>
|
||||
</div>
|
||||
<div class=" uk-section uk-margin-small-top uk-container " id="tm-main">
|
||||
<div class="uk-text-center">
|
||||
<!-- CENTER SIDE -->
|
||||
|
||||
<h2 class="uk-h2 uk-margin-small-bottom">OpenAIRE APIs Authentication</h2>
|
||||
<div class="uk-margin-top">
|
||||
The OpenAIRE APIs can be accessed over HTTPS both by authenticated and unauthenticated requests.
|
||||
To achieve <b>better rate limits</b> you need to make <b>authenticated requests</b>.
|
||||
</div>
|
||||
|
||||
<div class="uk-container uk-container-small uk-margin-top">
|
||||
|
||||
<div class="uk-alert-primary uk-alert uk-margin-top-remove">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">For more information please read the <a href="https://graph.openaire.eu/develop/authentication.html" target="_blank">OpenAIRE API Authentication documentation</a>.</span>
|
||||
</div>
|
||||
|
||||
<div class="uk-grid uk-child-width-1-2@m uk-child-width-1-1" uk-grid>
|
||||
<div>
|
||||
<div class="uk-card uk-card-default uk-card-body">
|
||||
<div class=""> <a class="uk-link uk-text-large" href="./personalToken"> Personal token</a></div>
|
||||
<div>Get access to the OpenAIRE APIs with your personal access and refresh token.</div>
|
||||
</div>
|
||||
</div>
|
||||
<div>
|
||||
<div class="uk-card uk-card-default uk-card-body ">
|
||||
<div class=""> <a class="uk-link uk-text-large" href="./registeredServices"> Registered Services</a></div>
|
||||
<div>Register your services to get access to the OpenAIRE APIs.</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
<!-- END OF CENTER SIDE -->
|
||||
</div>
|
||||
</div>
|
||||
<!-- CONTENT ENDS HERE -->
|
||||
<c:import url="footer.jsp"/>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -1,186 +0,0 @@
|
|||
<!DOCTYPE html>
|
||||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
|
||||
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<title>OpenAIRE - Personal token</title>
|
||||
<script src="./js/jquery.js"></script>
|
||||
<script src="./js/uikit.min.js"></script>
|
||||
<script src="./js/uikit-icons-max.js"></script>
|
||||
<script>
|
||||
function copy(id) {
|
||||
var element = document.getElementById(id);
|
||||
if (document.body.createTextRange) {
|
||||
range = document.body.createTextRange();
|
||||
range.moveToElementText(element);
|
||||
range.select();
|
||||
} else if (window.getSelection) {
|
||||
selection = window.getSelection();
|
||||
range = document.createRange();
|
||||
range.selectNodeContents(element);
|
||||
selection.removeAllRanges();
|
||||
selection.addRange(range);
|
||||
}
|
||||
try {
|
||||
document.execCommand('copy');
|
||||
UIkit.notification({message: 'Copied to clipboard!', status: 'primary', pos: 'top-right'});
|
||||
} catch (err) {
|
||||
console.error('unable to copy text');
|
||||
}
|
||||
}
|
||||
$(document).ready(function () {
|
||||
document.addEventListener('copy', (event) => {
|
||||
const selection = document.getSelection();
|
||||
event.clipboardData.setData('text/plain', selection.toString().trim());
|
||||
event.preventDefault();
|
||||
});
|
||||
});
|
||||
</script>
|
||||
<link rel="stylesheet" style="text/css" href="./css/theme.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/custom.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
|
||||
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
|
||||
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
|
||||
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon"/>
|
||||
</head>
|
||||
<body class="" style="">
|
||||
<div class="uk-offcanvas-content uk-height-viewport">
|
||||
<jsp:include page="header.jsp"/>
|
||||
<div class="first_page_section uk-section-default uk-section uk-padding-remove-vertical">
|
||||
<div class="first_page_banner_headline uk-grid-collapse uk-flex-middle uk-margin-remove-vertical uk-grid"
|
||||
uk-grid="">
|
||||
</div>
|
||||
</div>
|
||||
<div class=" uk-section uk-margin-small-top uk-container uk-container-large" id="tm-main">
|
||||
<div class="uk-grid ">
|
||||
<div class="uk-width-1-4@m">
|
||||
<div class="uk-card uk-card-default uk-card-body">
|
||||
<div class="uk-h4">API Access</div>
|
||||
<ul class="uk-nav uk-nav-default">
|
||||
<li class="uk-active"><a href="./personalToken">Personal token</a></li>
|
||||
<li class=""><a href="./registeredServices">Registered services</a></li>
|
||||
<%--<li class="uk-parent">
|
||||
<a href="#">Parent</a>
|
||||
<ul class="uk-nav-sub">
|
||||
<li><a href="#">Sub item</a></li>
|
||||
<li>
|
||||
<a href="#">Sub item</a>
|
||||
<ul>
|
||||
<li><a href="#">Sub item</a></li>
|
||||
<li><a href="#">Sub item</a></li>
|
||||
</ul>
|
||||
</li>
|
||||
</ul>
|
||||
</li>--%>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<!-- CENTER SIDE -->
|
||||
<div class="uk-width-2-3@l uk-width-2-3@m">
|
||||
<div>
|
||||
<span id="server_error" class="uk-text-danger uk-text-small uk-float-left">${message}</span>
|
||||
<c:remove var="message" scope="session"/>
|
||||
<div class="uk-alert-primary uk-margin-remove-top uk-alert uk-flex uk-flex-middle">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">
|
||||
For further information on how to use the tokens please visit the
|
||||
<a href="https://graph.openaire.eu/develop/personalToken.html" target="_blank">OpenAIRE API Authentication documentation</a>.
|
||||
</span>
|
||||
</div>
|
||||
<form id="revoke" name="revoke" action="./personalToken" method="post">
|
||||
<!-- <a class=" uk-text-danger uk-float-right" title="Revoke access token" onClick="document.revoke.submit();"><span uk-icon="refresh" ></span></a> -->
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Your personal access token is</h4>
|
||||
<div class="uk-flex uk-flex-middle uk-margin-bottom">
|
||||
<div class="uk-width-expand">
|
||||
<pre class="uk-margin-remove-bottom"><code id="accessToken">${accessToken}</code></pre>
|
||||
</div>
|
||||
<div class="uk-width-auto uk-padding-small uk-text-center">
|
||||
<a onclick="copy('accessToken')"
|
||||
title="Copy access token"><span uk-icon="copy"></span>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="uk-flex uk-flex-middle">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">
|
||||
Your access token is <span class="uk-text-bold">valid for an hour</span>.
|
||||
</span>
|
||||
</div>
|
||||
<div class="uk-text-danger uk-flex uk-flex-middle uk-margin-small-top">
|
||||
<span uk-icon="warning"></span>
|
||||
<span class="uk-margin-small-left">
|
||||
Do not share your personal access token. Send your personal access token only over HTTPS.
|
||||
</span>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<div class="uk-section">
|
||||
<!--<a class=" uk-text-danger uk-float-right" title="Revoke refresh token"><span uk-icon="refresh"></span></a>-->
|
||||
<c:choose>
|
||||
<c:when test="${showRefreshToken == true}">
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Your refresh token is</h4>
|
||||
<div class="uk-flex uk-flex-middle uk-margin-bottom">
|
||||
<div class="uk-width-expand">
|
||||
<pre class="uk-margin-remove-bottom"><code id="refreshToken">${refreshToken}</code></pre>
|
||||
</div>
|
||||
<div class="uk-width-auto uk-padding-small uk-text-center">
|
||||
<a onclick="copy('refreshToken')"
|
||||
title="Copy refreshToken token"><span uk-icon="copy"></span>
|
||||
</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="uk-flex uk-flex-middle">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">OpenAIRE refresh token <span class="uk-text-bold">expires after 1 month</span> and allows you to programmatically get a new access token.</span>
|
||||
</div>
|
||||
<div class="uk-text-danger uk-flex uk-flex-middle uk-margin-small-top">
|
||||
<span uk-icon="warning"></span>
|
||||
<div class="uk-margin-small-left">
|
||||
<div>Please copy your refresh token and store it confidentially. You will not be able to retrieve it.</div>
|
||||
<div>Do not share your refresh token. Send your refresh token only over HTTPS.</div>
|
||||
</div>
|
||||
</div>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Do you need a refresh token?</h4>
|
||||
<div class="uk-flex uk-flex-middle">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">OpenAIRE refresh token <span class="uk-text-bold">expires after 1 month</span> and allows you to programmatically get a new access token.</span>
|
||||
</div>
|
||||
<button type="submit" class="uk-button uk-button-primary uk-margin-medium-top" uk-toggle="target: #refreshWarning">Get a
|
||||
refresh token
|
||||
</button>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
|
||||
</div>
|
||||
|
||||
<!-- This is the modal -->
|
||||
<div id="refreshWarning" uk-modal>
|
||||
<div class="uk-modal-dialog uk-modal-body">
|
||||
<form id="refreshForm" action="./personalToken" method="POST">
|
||||
<h2 class="uk-modal-title">Get refresh token</h2>
|
||||
<p>In case you already have a refresh token, it will no longer be valid. Do you want to
|
||||
proceed?</p>
|
||||
<p class="uk-text-right">
|
||||
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel</button>
|
||||
<button class="uk-button uk-button-primary uk-margin-small-left" type="button" onclick="submit();">Get
|
||||
refresh token
|
||||
</button>
|
||||
</p>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<!-- END OF CENTER SIDE -->
|
||||
</div>
|
||||
</div>
|
||||
<!-- CONTENT ENDS HERE -->
|
||||
<c:import url="footer.jsp"/>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
|
@ -1,314 +0,0 @@
|
|||
<%--
|
||||
Created by IntelliJ IDEA.
|
||||
User: sofia
|
||||
Date: 19/10/2017
|
||||
Time: 4:30 μμ
|
||||
To change this template use File | Settings | File Templates.
|
||||
--%>
|
||||
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
|
||||
<!DOCTYPE html>
|
||||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
|
||||
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<base href=".">
|
||||
<title>OpenAIRE - Register</title>
|
||||
<script src="./js/jquery.js"></script>
|
||||
<script src="./js/uikit.min.js"></script>
|
||||
<script src="./js/uikit-icons-max.js"></script>
|
||||
<link rel="stylesheet" style="text/css" href="./css/theme.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/custom.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
|
||||
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
|
||||
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
|
||||
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon"/>
|
||||
</head>
|
||||
<body class="" style="">
|
||||
<div class="uk-offcanvas-content uk-height-viewport">
|
||||
<jsp:include page="header.jsp"/>
|
||||
<!-- CONTENT STARTS HERE -->
|
||||
<div class=" uk-section uk-margin-small-top uk-container uk-container-large" id="tm-main">
|
||||
<div class="uk-grid ">
|
||||
<div class="uk-width-1-4@m">
|
||||
<div class="uk-card uk-card-default uk-card-body">
|
||||
<div class="uk-h4">API Access</div>
|
||||
<ul class="uk-nav uk-nav-default">
|
||||
<li class=""><a href="./personalToken">Personal token</a></li>
|
||||
<li class=""><a href="./registeredServices">Registered services</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<!-- CENTER SIDE -->
|
||||
<div class="uk-width-2-3@l uk-width-2-3@m">
|
||||
<c:choose>
|
||||
<c:when test="${not empty param.id}">
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Edit service</h4>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Add a new service</h4>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
|
||||
<!-- REGISTER FORM -->
|
||||
<div id="registerForm">
|
||||
<form action="registerService" method="POST" role="form" class="m-t uk-form-horizontal"
|
||||
id="register_form">
|
||||
<input type="hidden" name="id" value="${param.id}"/>
|
||||
<c:choose>
|
||||
<c:when test = "${not empty param.id}">
|
||||
<input type="hidden" name="mode" value="edit"/>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<input type="hidden" name="mode" value="create"/>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
|
||||
<div class="alert alert-success" aria-hidden="true" style="display: none;"></div>
|
||||
<div class="alert alert-danger" aria-hidden="true" style="display: none;"></div>
|
||||
<div class="uk-margin-medium-top">
|
||||
<label class="uk-form-label uk-text-bold" for="first_name">Name*</label>
|
||||
<div class="uk-margin-small">Give a name to your service</div>
|
||||
<input id="first_name" name="first_name" type="text" placeholder="Name (*)"
|
||||
class="uk-input ${first_name_error == true?'uk-form-danger':''}"
|
||||
onkeyup="validate()" onfocusout="nameTouched = true;validate()" value="${(first_name != null)?first_name:''}">
|
||||
<c:choose>
|
||||
<c:when test="${first_name_error == true}">
|
||||
<div id="first_name_error" class="uk-text-danger uk-text-small">Please enter a name for your service.
|
||||
</div>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<div id="first_name_error" style="display:none;" class="uk-text-danger uk-text-small">Please enter a name for your service.</div>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<c:remove var="first_name" scope="session"/>
|
||||
<c:remove var="first_name_error" scope="session"/>
|
||||
</div>
|
||||
<div class="uk-margin-medium-top">
|
||||
<label class="uk-form-label uk-text-bold">Security level</label>
|
||||
<div id="security-hint" class="uk-margin"></div>
|
||||
<div class="uk-margin-small-top">
|
||||
<span class="uk-margin-small-right">
|
||||
<input id="basic" class="uk-radio uk-margin-small-right" type="radio"
|
||||
name="security_level"
|
||||
value="basic" ${key_type == null ? 'checked' : ''}>
|
||||
<label class="clickable" for="by_value">Basic</label>
|
||||
</span>
|
||||
<span>
|
||||
<input id="advanced" class="uk-radio uk-margin-small-right" type="radio"
|
||||
name="security_level" value="advanced" ${key_type != null ? 'checked' : ''}>
|
||||
<label class="clickable" for="by_uri">Advanced</label>
|
||||
</span>
|
||||
</div>
|
||||
</div>
|
||||
<div id="public-key" class="uk-margin-medium-top">
|
||||
<label class="uk-form-label uk-text-bold">Public Key</label>
|
||||
<span class="uk-float-right">
|
||||
<span class="uk-margin-small-right">
|
||||
<input id="by_value" class="uk-radio uk-margin-small-right" type="radio"
|
||||
name="key_type"
|
||||
value="value" ${(key_type == 'value') ? 'checked' : ''}>
|
||||
<label class="clickable" for="by_value">By Value</label>
|
||||
</span>
|
||||
<span>
|
||||
<input id="by_uri" class="uk-radio uk-margin-small-right" type="radio"
|
||||
name="key_type"
|
||||
value="uri" ${key_type == 'uri' ? 'checked' : ''}>
|
||||
<label class="clickable" for="by_uri">By URI</label>
|
||||
</span>
|
||||
</span>
|
||||
<c:remove var="key_type" scope="session"/>
|
||||
<div class="uk-margin">Public Key hint</div>
|
||||
<div id="value_input">
|
||||
<textarea id="value" name="value" type="textarea"
|
||||
placeholder='{"kty": ..., "e": ... , "use": ... , "kid": ..., "alg": ... , "n": ...}'
|
||||
onfocusout="valueTouched = true;validate()"
|
||||
onkeyup="validate()"
|
||||
class="uk-textarea ${value_error == true?'uk-form-danger':''}" rows="10">${(value != null)?value:''}</textarea>
|
||||
<c:choose>
|
||||
<c:when test="${value_error == true}">
|
||||
<div id="value_error" class="uk-text-danger uk-text-small">Please provide a valid JSON. The format should be
|
||||
{"kty": ..., "e": ... , "use": ... , "kid": ..., "alg": ... , "n": ...} </div>
|
||||
<c:remove var="value_error" scope="session"/>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<div id="value_error" style="display:none;" class="uk-text-danger uk-text-small">Please provide a valid JSON. The format should be
|
||||
{"kty": ..., "e": ... , "use": ... , "kid": ..., "alg": ... , "n": ...} </div>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<c:remove var="value" scope="session"/>
|
||||
</div>
|
||||
<div id="uri_input" style="display:none;">
|
||||
<input id="uri" name="uri" type="text" placeholder="https://" onfocusout="uriTouched = true;validate()"
|
||||
onkeyup="validate()"
|
||||
class="uk-input ${uri_error == true?'uk-form-danger':''}" value="${(jwksUri != null)?jwksUri:''}">
|
||||
<c:choose>
|
||||
<c:when test="${uri_error == true}">
|
||||
<div id="uri_error" class="uk-text-danger uk-text-small">
|
||||
Please provide a valid URI (do not forget the protocol! https://...)
|
||||
</div>
|
||||
<c:remove var="uri_error" scope="session"/>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<div id="uri_error" style="display:none;" class="uk-text-danger uk-text-small">
|
||||
Please provide a valid URI (do not forget the protocol! https://...)
|
||||
</div>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<c:remove var="jwksUri" scope="session"/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="uk-flex uk-flex-right uk-margin-medium-top">
|
||||
<a type="submit" class="uk-button uk-button-default uk-margin-small-right"
|
||||
href="./registeredServices">Cancel</a>
|
||||
<button id="create" type="submit" class="uk-button uk-button-primary" onclick="return validate();">
|
||||
<c:choose>
|
||||
<c:when test="${not empty param.id}">
|
||||
Update service
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
Add new service
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
<!-- END OF REGISTER FORM -->
|
||||
</ul>
|
||||
</div>
|
||||
<!-- END OF CENTER SIDE -->
|
||||
</div>
|
||||
</div>
|
||||
<!-- CONTENT ENDS HERE -->
|
||||
<c:import url="footer.jsp"/>
|
||||
</div>
|
||||
</body>
|
||||
</html>
|
||||
<script>
|
||||
var nameTouched = false;
|
||||
var valueTouched = false;
|
||||
var uriTouched = false;
|
||||
$(document).ready(function () {
|
||||
checkRadio();
|
||||
if($('input[name=mode]').val() === 'edit') {
|
||||
$("#basic").prop("disabled", true);
|
||||
$("#advanced").prop("disabled", true);
|
||||
}
|
||||
if($('#value_error').is(':visible')) {
|
||||
$("#value_input").get(0).scrollIntoView();
|
||||
} else if($('#uri_error').is(':visible')) {
|
||||
$("#uri_input").get(0).scrollIntoView();
|
||||
}
|
||||
$('input[type=radio][name=security_level]').change(function () {
|
||||
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
|
||||
if(securityLevel === 'advanced') {
|
||||
$("#by_value").prop("checked", true);
|
||||
} else {
|
||||
$("#by_value").prop("checked", false);
|
||||
$("#by_uri").prop("checked", false);
|
||||
}
|
||||
checkRadio();
|
||||
});
|
||||
$('input[type=radio][name=key_type]').change(function () {
|
||||
checkRadio();
|
||||
});
|
||||
});
|
||||
|
||||
function checkRadio() {
|
||||
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
|
||||
if(securityLevel === 'basic') {
|
||||
$("#security-hint").html('Register your service to get a client id and a client secret. Use the client id and secret to make your requests. <a href="https://graph.openaire.eu/develop/basic.html" target="_blank">Read more...</a>');
|
||||
$("#public-key").hide();
|
||||
} else {
|
||||
$("#security-hint").html('Register your service to get a client id. Declare your public key and instead of using the client secret to make a request, send a client assertion (JWT) signed with your private key. <a href="https://graph.openaire.eu/develop/advanced.html" target="_blank">Read more...</a>');
|
||||
var keyType = $('input[type=radio][name=key_type]:checked').val();
|
||||
$("#public-key").show();
|
||||
if (keyType === 'uri') {
|
||||
$("#uri_input").show();
|
||||
$("#value_input").hide();
|
||||
} else if (keyType === 'value') {
|
||||
$("#uri_input").hide();
|
||||
$("#value_input").show();
|
||||
}
|
||||
}
|
||||
validate();
|
||||
}
|
||||
|
||||
function validate() {
|
||||
var isValid = true;
|
||||
var create = $('#create');
|
||||
create.prop('disabled', true);
|
||||
var name = $("#first_name");
|
||||
|
||||
if (name.val() !== undefined) {
|
||||
if ($.trim(name.val()).length <= 0) {
|
||||
if (nameTouched) {
|
||||
name.addClass('uk-form-danger');
|
||||
$("#first_name_error").show();
|
||||
}
|
||||
isValid = false;
|
||||
} else {
|
||||
if (nameTouched) {
|
||||
name.removeClass('uk-form-danger');
|
||||
$("#first_name_error").hide();
|
||||
}
|
||||
}
|
||||
}
|
||||
var securityLevel = $('input[type=radio][name=security_level]:checked').val();
|
||||
if(securityLevel === 'advanced') {
|
||||
var keyType = $('input[type=radio][name=key_type]:checked');
|
||||
if (keyType.val() === 'value') {
|
||||
if (!validateJSON()) {
|
||||
if (valueTouched) {
|
||||
$("#value").addClass('uk-form-danger');
|
||||
$("#value_error").show();
|
||||
}
|
||||
isValid = false;
|
||||
} else {
|
||||
if (valueTouched) {
|
||||
$("#value").removeClass('uk-form-danger');
|
||||
$("#value_error").hide();
|
||||
}
|
||||
}
|
||||
}
|
||||
if (keyType.val() === 'uri') {
|
||||
if (!validateURI()) {
|
||||
if (uriTouched) {
|
||||
$("#uri").addClass('uk-form-danger');
|
||||
$("#uri_error").show();
|
||||
}
|
||||
isValid = false;
|
||||
} else {
|
||||
if (uriTouched) {
|
||||
$("#uri").removeClass('uk-form-danger');
|
||||
$("#uri_error").hide();
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (isValid) {
|
||||
create.prop('disabled', false);
|
||||
}
|
||||
return isValid;
|
||||
}
|
||||
|
||||
function validateJSON() {
|
||||
var value = $("#value").val();
|
||||
if (value !== undefined && value !== "") {
|
||||
return /^[\],:{}\s]*$/.test(value.replace(/\\["\\\/bfnrtu]/g, '@').replace(/"[^"\\\n\r]*"|true|false|null|-?\d+(?:\.\d*)?(?:[eE][+\-]?\d+)?/g, ']').replace(/(?:^|:|,)(?:\s*\[)+/g, ''));
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
function validateURI() {
|
||||
var value = $("#uri").val();
|
||||
if (value !== undefined && value !== "") {
|
||||
return /^(?:(?:(?:https):)?\/\/)(?:\S+(?::\S*)?@)?(?:(?!(?:10|127)(?:\.\d{1,3}){3})(?!(?:169\.254|192\.168)(?:\.\d{1,3}){2})(?!172\.(?:1[6-9]|2\d|3[0-1])(?:\.\d{1,3}){2})(?:[1-9]\d?|1\d\d|2[01]\d|22[0-3])(?:\.(?:1?\d{1,2}|2[0-4]\d|25[0-5])){2}(?:\.(?:[1-9]\d?|1\d\d|2[0-4]\d|25[0-4]))|(?:(?:[a-z\u00a1-\uffff0-9]-*)*[a-z\u00a1-\uffff0-9]+)(?:\.(?:[a-z\u00a1-\uffff0-9]-*)*[a-z\u00a1-\uffff0-9]+)*(?:\.(?:[a-z\u00a1-\uffff]{2,})))(?::\d{2,5})?(?:[/?#]\S*)?$/i.test(value);
|
||||
}
|
||||
return false;
|
||||
}
|
||||
</script>
|
|
@ -1,191 +0,0 @@
|
|||
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
|
||||
<!DOCTYPE html>
|
||||
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
|
||||
<html lang="en-gb" dir="ltr" vocab="http://schema.org/">
|
||||
<head>
|
||||
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
|
||||
<meta http-equiv="X-UA-Compatible" content="IE=edge">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1">
|
||||
<base href=".">
|
||||
<title>OpenAIRE - Registered services</title>
|
||||
<script src="./js/jquery.js"></script>
|
||||
<script src="./js/uikit.min.js"></script>
|
||||
<script src="./js/validation.js"></script>
|
||||
<script src="./js/uikit-icons-max.js"></script>
|
||||
<link rel="stylesheet" style="text/css" href="./css/theme.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/custom.css">
|
||||
<link rel="stylesheet" style="text/css" href="./css/aai-custom.css">
|
||||
<link rel="icon" type="image/png" sizes="32x32" href="images/favicon/favicon-32x32.png">
|
||||
<link rel="icon" type="image/png" sizes="96x96" href="images/favicon//favicon-96x96.png">
|
||||
<link rel="icon" type="image/png" sizes="16x16" href="images/favicon/favicon-16x16.png">
|
||||
<link href="images/favicon/favicon.ico" rel="shortcut icon" type="image/vnd.microsoft.icon"/>
|
||||
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>
|
||||
</head>
|
||||
<body class="" style="" onload="success();">
|
||||
<div class="uk-offcanvas-content uk-height-viewport">
|
||||
<jsp:include page="header.jsp"/>
|
||||
<!-- CONTENT STARTS HERE -->
|
||||
<div class=" uk-section uk-margin-small-top uk-container uk-container-large" id="tm-main">
|
||||
<div class="uk-grid ">
|
||||
<div class="uk-width-1-4@m">
|
||||
<div class="uk-card uk-card-default uk-card-body">
|
||||
<div class="uk-h4">API Access</div>
|
||||
<ul class="uk-nav uk-nav-default">
|
||||
<li class=""><a href="./personalToken">Personal token</a></li>
|
||||
<li class="uk-active"><a href="./registeredServices">Registered services</a></li>
|
||||
</ul>
|
||||
</div>
|
||||
</div>
|
||||
<!-- CENTER SIDE -->
|
||||
<div class="uk-width-2-3@l uk-width-2-3@m">
|
||||
<div class="uk-grid" uk-grid>
|
||||
<div class="uk-width-expand@m">
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Registered services</h4>
|
||||
<c:if test="${message != null}">
|
||||
<div class="uk-text-danger uk-margin-small-bottom">${message}</div>
|
||||
<c:remove var="message" scope="session"/>
|
||||
</c:if>
|
||||
|
||||
|
||||
</div>
|
||||
<div class="uk-text-center uk-width-auto@m">
|
||||
<c:choose>
|
||||
<c:when test="${not reachedLimit}">
|
||||
<a class="uk-button uk-button-primary" href="./registerService">
|
||||
<span class="uk-icon" uk-icon="icon:plus-circle"></span>
|
||||
<span class="uk-margin-small-left">New service</span>
|
||||
</a>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<button class="uk-button uk-button-default" disabled>
|
||||
<span class="uk-icon" uk-icon="icon:plus-circle"></span>
|
||||
<span class="uk-margin-small-left">New service</span>
|
||||
</button>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<c:remove var="reachedLimit" scope="session"/>
|
||||
</div>
|
||||
</div>
|
||||
<div class="uk-margin-top">
|
||||
<div class="uk-alert-primary uk-alert uk-margin-top-remove uk-flex uk-flex-middle">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">You can register up to 5 services.
|
||||
For more information please read the <a href="https://graph.openaire.eu/develop/authentication.html" target="_blank">OpenAIRE API Authentication documentation</a>.</span>
|
||||
</div>
|
||||
<c:if test="${reachedLimit}">
|
||||
<div class="uk-alert-warning uk-flex uk-flex-middle uk-margin-small-top">
|
||||
<span uk-icon="warning"></span>
|
||||
<span class="uk-margin-small-left">You have reached the maximum size of allowed registered services.</span>
|
||||
</div>
|
||||
</c:if>
|
||||
<c:if test="${empty registeredServices && showEmptyList}">
|
||||
<div class="uk-text-center">You have not registered any service yet!</div>
|
||||
</c:if>
|
||||
<c:if test="${registeredServices.size() > 0}">
|
||||
<ul class="uk-list uk-list-divider">
|
||||
<li>
|
||||
<div class="uk-grid uk-child-width-1-4 uk-text-muted" uk-grid>
|
||||
<div>Name</div>
|
||||
<div>Client Id</div>
|
||||
<div>Creation Date</div>
|
||||
<div>Actions</div>
|
||||
</div>
|
||||
</li>
|
||||
<c:forEach items="${registeredServices}" var="registeredService" varStatus="loop">
|
||||
<c:set var="key" value="${registeredService.id}"/>
|
||||
<li>
|
||||
<div class="uk-grid uk-child-width-1-4" uk-grid>
|
||||
<div>
|
||||
<a uk-toggle="target: #details${registeredService.id}; animation: uk-animation-fade">
|
||||
<span>${registeredService.name}</span>
|
||||
<span class="space" uk-icon="icon:info;ratio:0.7"></span>
|
||||
</a>
|
||||
</div>
|
||||
<div>
|
||||
<span>${registeredService.clientId}</span>
|
||||
</div>
|
||||
<div><fmt:formatDate value="${registeredService.date}"
|
||||
pattern="dd-MM-yyyy HH:mm"/>
|
||||
</div>
|
||||
<div>
|
||||
<a href="./registerService?id=${registeredService.id}" class="uk-margin-small-right">
|
||||
<span uk-icon="pencil"></span>
|
||||
</a>
|
||||
<a class="uk-text-danger" uk-icon="trash" uk-toggle="target: #modal${registeredService.id}"></a>
|
||||
|
||||
<!-- This is the modal -->
|
||||
<div id="modal${registeredService.id}" uk-modal>
|
||||
<div class="uk-modal-dialog uk-modal-body">
|
||||
<form name="delete${registeredService.id}"
|
||||
id="delete${registeredService.id}" method="post">
|
||||
<input type="hidden" name="id"
|
||||
value="${registeredService.id}"/>
|
||||
<h2 class="uk-margin-remove-top">Delete service</h2>
|
||||
<div class="uk-margin-medium-bottom">
|
||||
Are you sure you want to delete the
|
||||
'${registeredService.name}' service? You cannot undo
|
||||
this action!
|
||||
</div>
|
||||
<div class="uk-text-right">
|
||||
<button class="uk-button uk-button-default uk-modal-close" type="button">Cancel
|
||||
</button>
|
||||
<button class="uk-button uk-button-danger uk-margin-small-left" type="button"
|
||||
onclick="document.delete${registeredService.id}.submit();document.getElementById('modal${registeredService.id}').style.visibility='hidden';">
|
||||
Delete
|
||||
</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</li>
|
||||
<li id="details${registeredService.id}" hidden="hidden">
|
||||
<div class="uk-alert">
|
||||
<p><span class="uk-text-primary">Name:</span> ${services[key].clientName}</p>
|
||||
<p><span class="uk-text-primary">Client Id:</span> ${services[key].clientId}</p>
|
||||
<p><span class="uk-text-primary">Scope:</span> openid</p>
|
||||
<p><span class="uk-text-primary">Grant type:</span> client credentials</p>
|
||||
<c:choose>
|
||||
<c:when test="${registeredService.keyType == null}">
|
||||
<p><span class="uk-text-primary">Client secret:</span> ${services[key].clientSecret}</p>
|
||||
<p><span class="uk-text-primary">Authentication Method</span> Client Secret Basic</p>
|
||||
</c:when>
|
||||
<c:otherwise>
|
||||
<p><span class="uk-text-primary">Authentication Method</span> Asymmetrically-signed JWT assertion</p>
|
||||
<p><span class="uk-text-primary">Token Endpoint Authentication Signing Algorithm</span> RSASSA using
|
||||
SHA-256 hash algorithm</p>
|
||||
<p><span class="uk-text-primary">Public Key</span>
|
||||
<pre><code>${keys[key]}</code></pre>
|
||||
</p>
|
||||
</c:otherwise>
|
||||
</c:choose>
|
||||
<p><span class="uk-text-primary">Creation Date:</span>
|
||||
<jsp:useBean id="date" class="java.util.Date"/>
|
||||
<jsp:setProperty name="date" property="time" value="${services[key].clientIdIssuedAt*1000}"/>
|
||||
<fmt:formatDate value="${date}"
|
||||
pattern="dd-MM-yyyy HH:mm"/>
|
||||
</p>
|
||||
</div>
|
||||
</li>
|
||||
</c:forEach>
|
||||
</ul>
|
||||
</c:if>
|
||||
</div>
|
||||
<!-- END OF CENTER SIDE -->
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
<!-- CONTENT ENDS HERE -->
|
||||
<c:import url="footer.jsp"/>
|
||||
</body>
|
||||
</html>
|
||||
<script>
|
||||
function success() {
|
||||
if('${success}' !=='')
|
||||
UIkit.modal.alert('${success}');
|
||||
}
|
||||
</script>
|
||||
<c:remove var="success" scope="session"/>
|
||||
|
||||
|
Loading…
Reference in New Issue