merging edit and create registered service
This commit is contained in:
parent
d2bacd8e98
commit
9ba8cb3d7d
|
@ -1,124 +0,0 @@
|
|||
package eu.dnetlib.openaire.usermanagement;
|
||||
|
||||
import eu.dnetlib.openaire.user.pojos.RegisteredService;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.RegisteredServicesUtils;
|
||||
import eu.dnetlib.openaire.usermanagement.utils.TokenUtils;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.web.context.support.SpringBeanAutowiringSupport;
|
||||
|
||||
import javax.servlet.ServletConfig;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServlet;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import java.io.IOException;
|
||||
import java.sql.SQLException;
|
||||
|
||||
public class EditRegisteredService extends HttpServlet {
|
||||
|
||||
@Autowired
|
||||
private RegisteredServicesUtils registeredServicesUtils;
|
||||
private static final Logger logger = Logger.getLogger(EditRegisteredService.class);
|
||||
|
||||
public void init(ServletConfig config) throws ServletException {
|
||||
super.init(config);
|
||||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
config.getServletContext());
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
request.getSession().setAttribute("authenticated",
|
||||
!SecurityContextHolder.getContext().getAuthentication().getPrincipal().toString()
|
||||
.equals("anonymousUser"));
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
|
||||
String accessToken = authentication.getAccessTokenValue();
|
||||
String serviceId = request.getParameter("id");
|
||||
|
||||
int serviceIdInt = Integer.parseInt(serviceId);
|
||||
|
||||
try {
|
||||
if (!registeredServicesUtils.isAuthorized(authentication.getSub(), serviceIdInt)) {
|
||||
request.getSession().setAttribute("message", "You have no permission to edit the service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to access service with id " + serviceId, sqle);
|
||||
request.getSession().setAttribute("message", "There was an error accessing your service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
|
||||
} catch (NumberFormatException nfe) {
|
||||
logger.error("Unable to access service with id " + serviceId, nfe);
|
||||
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
|
||||
if (serviceId == null || serviceId.isEmpty()) { //TODO WRONG MESSAGE
|
||||
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
||||
}
|
||||
|
||||
RegisteredService registeredService = null;
|
||||
try {
|
||||
registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(Integer.parseInt(serviceId));
|
||||
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to access service with id " + serviceId, sqle);
|
||||
request.getSession().setAttribute("message", "There was an error accessing your service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
}
|
||||
|
||||
if (registeredService != null && registeredService.getAai_id() != null) {
|
||||
ServiceResponse serviceResponse = TokenUtils.getRegisteredService(registeredService.getAai_id(), accessToken);
|
||||
request.getSession().setAttribute("serviceId", serviceResponse.getId());
|
||||
System.out.println("service client name " + serviceResponse.getClientName());
|
||||
request.getSession().setAttribute("first_name", serviceResponse.getClientName());
|
||||
System.out.println("service client description " + serviceResponse.getClientDescription());
|
||||
request.getSession().setAttribute("description", serviceResponse.getClientDescription());
|
||||
|
||||
} else {
|
||||
request.getSession().setAttribute("message", "Service with id " + serviceId + " does not exist.");
|
||||
}
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./editRegisteredService.jsp").include(request, response);
|
||||
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
String accessToken = authentication.getAccessTokenValue();
|
||||
|
||||
String serviceId = request.getParameter("serviceId");
|
||||
String name = request.getParameter("first_name");
|
||||
String description = request.getParameter("description");
|
||||
|
||||
HttpResponse resp = TokenUtils.updateService(serviceId, authentication.getSub(), name, description, authentication.getUserInfo().getEmail(), accessToken);
|
||||
|
||||
if (resp.getStatusLine().getStatusCode()==200) {
|
||||
|
||||
RegisteredService registeredService = new RegisteredService();
|
||||
registeredService.setName(name);
|
||||
registeredService.setAai_id(serviceId);
|
||||
try {
|
||||
registeredServicesUtils.getRegisteredServiceDao().update(registeredService);
|
||||
} catch (SQLException sqle) {
|
||||
logger.error("Unable to contact db.", sqle);
|
||||
request.getSession().setAttribute("message", "Fail to delete the service. Please try again later.");
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registeredServices.jsp").include(request, response);
|
||||
}
|
||||
|
||||
request.getSession().setAttribute("success", "Your service with name '" + name + "' was successfully updated");
|
||||
}
|
||||
|
||||
response.sendRedirect("./registeredServices");
|
||||
|
||||
}
|
||||
}
|
|
@ -26,7 +26,6 @@ import java.nio.charset.StandardCharsets;
|
|||
import java.util.ArrayList;
|
||||
import java.util.List;
|
||||
|
||||
|
||||
public class PersonalTokenServlet extends HttpServlet {
|
||||
|
||||
@Value("${oidc.secret}")
|
||||
|
|
|
@ -35,22 +35,101 @@ public class RegisterServiceServlet extends HttpServlet {
|
|||
@Autowired
|
||||
private RegisteredServicesUtils registeredServicesUtils;
|
||||
|
||||
@Autowired
|
||||
private TokenUtils tokenUtils;
|
||||
|
||||
public void doGet(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
|
||||
OIDCAuthenticationToken authentication = (OIDCAuthenticationToken) SecurityContextHolder.
|
||||
getContext().getAuthentication();
|
||||
String userid = authentication.getSub();
|
||||
|
||||
//Careful! Redirects in method
|
||||
checkNumberOfRegisteredServices(request, response, authentication);
|
||||
|
||||
response.setContentType("text/html");
|
||||
StringBuilder name = new StringBuilder().append(authentication.getUserInfo().getGivenName().charAt(0));
|
||||
name.append(authentication.getUserInfo().getFamilyName().charAt(0));
|
||||
request.getSession().setAttribute("name", name.toString());
|
||||
|
||||
String idParam = request.getParameter("id");
|
||||
|
||||
String serviceName = (String) request.getSession().getAttribute("first_name");
|
||||
String description = (String) request.getSession().getAttribute("description");
|
||||
String keyType = (String) request.getSession().getAttribute("key_radio");
|
||||
String jwksUri = (String) request.getSession().getAttribute("uri");
|
||||
String jwksString = (String) request.getSession().getAttribute("value");
|
||||
|
||||
|
||||
if (idParam != null && !idParam.isEmpty()) { // EDIT CASE
|
||||
System.out.println("In edit");
|
||||
try {
|
||||
int id = Integer.parseInt(idParam);
|
||||
RegisteredService registeredService = registeredServicesUtils.getRegisteredServiceDao().fetchRegisteredServiceById(id);
|
||||
|
||||
if (registeredService != null && registeredServicesUtils.isAuthorized(userid, id)) {
|
||||
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getAai_id(), authentication.getAccessTokenValue());
|
||||
|
||||
updateFormFields(request, serviceName, description, keyType, serviceResponse);
|
||||
|
||||
} else {
|
||||
if (registeredService == null) {
|
||||
System.out.println("No service found!");
|
||||
request.getSession().setAttribute("message", "Not valid registered service with given id " + id + ".");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.warn("Not valid registered service with " + id + "id.");
|
||||
|
||||
} else {
|
||||
System.out.println("Not authorized");
|
||||
request.getSession().setAttribute("message", "Not authorized to edit the registered service with " + id + "id.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.warn("Not authorized to edit the service with " + id + "id.");
|
||||
}
|
||||
}
|
||||
|
||||
} catch(NumberFormatException nfe){
|
||||
System.out.println("WRONG FORMAT");
|
||||
request.getSession().setAttribute("message", "Invalid service id.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.error("Invalid service id.", nfe);
|
||||
|
||||
} catch(SQLException sqle){
|
||||
System.out.println("SQL PROBLEM");
|
||||
request.getSession().setAttribute("message", "Could not fetch registered service.");
|
||||
response.sendRedirect("./registeredServices");
|
||||
logger.error("Could not fetch registered service.", sqle);
|
||||
}
|
||||
|
||||
} else {// NEW SERVICE CASE
|
||||
//Careful! Redirects in method
|
||||
checkNumberOfRegisteredServices(request, response, authentication);
|
||||
}
|
||||
|
||||
response.setContentType("text/html");
|
||||
request.getRequestDispatcher("./registerService.jsp").include(request, response);
|
||||
}
|
||||
|
||||
private void updateFormFields(HttpServletRequest request, String serviceName, String description, String keyType, ServiceResponse serviceResponse) {
|
||||
String jwksUri;
|
||||
if (serviceName ==null || serviceName.trim().isEmpty()) {
|
||||
request.getSession().setAttribute("first_name", serviceResponse.getClientName());
|
||||
}
|
||||
|
||||
if (description == null || description.trim().isEmpty()) {
|
||||
request.getSession().setAttribute("description", serviceResponse.getClientDescription());
|
||||
}
|
||||
|
||||
if (keyType == null || keyType.trim().isEmpty()) {
|
||||
if (serviceResponse.getJwksUri()!=null){
|
||||
keyType = "uri";
|
||||
jwksUri = serviceResponse.getJwksUri();
|
||||
|
||||
} else {
|
||||
keyType = "value";
|
||||
Key key = serviceResponse.getJwks().keys[0];
|
||||
Gson gson = new GsonBuilder().setPrettyPrinting().create();
|
||||
request.getSession().setAttribute("value", gson.toJson(key));
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public void doPost(HttpServletRequest request, HttpServletResponse response)
|
||||
throws ServletException, IOException {
|
||||
|
||||
|
@ -111,7 +190,7 @@ public class RegisterServiceServlet extends HttpServlet {
|
|||
serverRequestJSON = createServiceJson(name, description, email, jwks);
|
||||
}
|
||||
|
||||
serverMessage = TokenUtils.registerService(serverRequestJSON, accessToken);
|
||||
serverMessage = tokenUtils.registerService(serverRequestJSON, accessToken);
|
||||
|
||||
if (serverMessage == null) {
|
||||
request.getSession().setAttribute("message", "There was an error registering your service. Please try again later.");
|
||||
|
|
|
@ -30,6 +30,9 @@ public class RegisteredServicesServlet extends HttpServlet {
|
|||
@Autowired
|
||||
private RegisteredServicesUtils registeredServicesUtils;
|
||||
|
||||
@Autowired
|
||||
private TokenUtils tokenUtils;
|
||||
|
||||
public void init(ServletConfig config) throws ServletException {
|
||||
super.init(config);
|
||||
SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
|
||||
|
@ -67,7 +70,7 @@ public class RegisteredServicesServlet extends HttpServlet {
|
|||
Map<String, String> serviceKey = new HashMap<>();
|
||||
|
||||
for (RegisteredService registeredService:registeredServices) {
|
||||
ServiceResponse serviceResponse = TokenUtils.getRegisteredService(registeredService.getAai_id(),authentication.getAccessTokenValue());
|
||||
ServiceResponse serviceResponse = tokenUtils.getRegisteredService(registeredService.getAai_id(),authentication.getAccessTokenValue());
|
||||
serviceResponses.put(registeredService.getId(), serviceResponse);
|
||||
serviceKey.put(registeredService.getId(), extractPublicKeySet(serviceResponse));
|
||||
}
|
||||
|
@ -121,7 +124,7 @@ public class RegisteredServicesServlet extends HttpServlet {
|
|||
}
|
||||
|
||||
String aai_id = registeredService.getAai_id();
|
||||
HttpResponse resp = TokenUtils.deleteService(aai_id, authentication.getAccessTokenValue());
|
||||
HttpResponse resp = tokenUtils.deleteService(aai_id, authentication.getAccessTokenValue());
|
||||
|
||||
int statusCode = resp.getStatusLine().getStatusCode();
|
||||
System.out.println("STATUS CODE " + statusCode);
|
||||
|
|
|
@ -1,13 +1,41 @@
|
|||
package eu.dnetlib.openaire.usermanagement.utils;
|
||||
|
||||
import com.google.gson.JsonParser;
|
||||
import org.apache.commons.io.IOUtils;
|
||||
import org.apache.http.HttpResponse;
|
||||
import org.apache.http.NameValuePair;
|
||||
import org.apache.http.client.entity.UrlEncodedFormEntity;
|
||||
import org.apache.http.client.methods.HttpPost;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.http.message.BasicNameValuePair;
|
||||
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
||||
|
||||
import javax.ws.rs.core.MediaType;
|
||||
import javax.ws.rs.core.Response;
|
||||
import java.io.IOException;
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Base64;
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.regex.Matcher;
|
||||
import java.util.regex.Pattern;
|
||||
|
||||
public class AuthenticationUtils {
|
||||
public static boolean isAuthenticated(OIDCAuthenticationToken authenticationToken) {
|
||||
if (authenticationToken != null) {
|
||||
return true;
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
public static boolean hasJWTExpired(String accessToken){
|
||||
String regex = "^([A-Za-z0-9-_=]+)\\.([A-Za-z0-9-_=]+)\\.?([A-Za-z0-9-_.+=]*)$";
|
||||
Matcher matcher = Pattern.compile(regex).matcher(accessToken);
|
||||
|
||||
long exp = new JsonParser().parse(new String(Base64.getDecoder().decode(matcher.group(2)))).getAsJsonObject().get("exp").getAsLong();
|
||||
return (exp - (new Date().getTime()/1000)<=0);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -13,20 +13,25 @@ import org.apache.http.entity.StringEntity;
|
|||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.util.List;
|
||||
|
||||
@Component
|
||||
public class TokenUtils {
|
||||
|
||||
private Logger logger = Logger.getLogger(TokenUtils.class);
|
||||
|
||||
public static String registerService(String serverRequestJSON, String accessToken)
|
||||
@Value("${oidc.issuer}")
|
||||
private String issuer;
|
||||
|
||||
public String registerService(String serverRequestJSON, String accessToken)
|
||||
throws IOException {
|
||||
|
||||
//TODO fix this
|
||||
HttpPost httppost = new HttpPost("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients");
|
||||
HttpPost httppost = new HttpPost( issuer + "/api/clients");
|
||||
httppost.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httppost.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
StringEntity params = new StringEntity(serverRequestJSON.toString());
|
||||
|
@ -43,14 +48,14 @@ public class TokenUtils {
|
|||
return null;
|
||||
}
|
||||
|
||||
public static HttpResponse updateService(String serviceId, String userId, String name, String description, String email, String accessToken) throws IOException {
|
||||
public HttpResponse updateService(String serviceId, String userId, String name, String description, String email, String accessToken) throws IOException {
|
||||
System.out.println("Updated name " + name);
|
||||
System.out.println("Updated description " + description);
|
||||
//TODO FIX THIS!!!
|
||||
//String json = createServiceJson(name, description);
|
||||
String json ="";
|
||||
|
||||
HttpPut httpPut = new HttpPut("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
HttpPut httpPut = new HttpPut(issuer + "/api/clients/"+serviceId);
|
||||
httpPut.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httpPut.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
StringEntity params = new StringEntity(json.toString());
|
||||
|
@ -60,10 +65,10 @@ public class TokenUtils {
|
|||
return httpclient.execute(httpPut);
|
||||
}
|
||||
|
||||
public static HttpResponse deleteService(String serviceId, String accessToken) throws IOException {
|
||||
public HttpResponse deleteService(String serviceId, String accessToken) throws IOException {
|
||||
|
||||
System.out.println("DELETE " + "https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
HttpDelete httpDelete = new HttpDelete("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
System.out.println("DELETE " + issuer + "/api/clients/"+serviceId);
|
||||
HttpDelete httpDelete = new HttpDelete(issuer + "/api/clients/"+serviceId);
|
||||
httpDelete.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||
httpDelete.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
|
||||
|
@ -71,8 +76,9 @@ public class TokenUtils {
|
|||
return httpclient.execute(httpDelete);
|
||||
}
|
||||
|
||||
public static ServiceResponse getRegisteredService(String serviceId, String accessToken) throws IOException {
|
||||
HttpGet httpGet = new HttpGet("https://openaire-dev.aai-dev.grnet.gr/oidc/api/clients/"+serviceId);
|
||||
public ServiceResponse getRegisteredService(String serviceId, String accessToken) throws IOException {
|
||||
System.out.println("ISSUER " + issuer);
|
||||
HttpGet httpGet = new HttpGet(issuer + "/api/clients/"+ serviceId);
|
||||
httpGet.setHeader(HttpHeaders.AUTHORIZATION, "Bearer " + accessToken);
|
||||
|
||||
CloseableHttpClient httpclient = HttpClients.createDefault();
|
||||
|
|
|
@ -190,18 +190,6 @@
|
|||
<url-pattern>/registeredServices</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<servlet>
|
||||
<servlet-name>EditRegisteredServicesServlet</servlet-name>
|
||||
<display-name>Activate</display-name>
|
||||
<servlet-class>eu.dnetlib.openaire.usermanagement.EditRegisteredService</servlet-class>
|
||||
<load-on-startup>1</load-on-startup>
|
||||
</servlet>
|
||||
|
||||
<servlet-mapping>
|
||||
<servlet-name>EditRegisteredServicesServlet</servlet-name>
|
||||
<url-pattern>/editRegisteredService</url-pattern>
|
||||
</servlet-mapping>
|
||||
|
||||
<filter>
|
||||
<filter-name>CorsFilter</filter-name>
|
||||
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
|
||||
|
|
|
@ -45,6 +45,9 @@
|
|||
<div class="uk-width-2-3@l uk-width-2-3@m">
|
||||
<h4 class="uk-margin-remove-top uk-text-bold uk-text-primary">Add a new service</h4>
|
||||
<!-- REGISTER FORM -->
|
||||
PPPPPPPPP
|
||||
${registeredService}
|
||||
|
||||
<div id="registerForm">
|
||||
<form action="registerService" method="POST" role="form" class="m-t uk-form-horizontal"
|
||||
id="register_form">
|
||||
|
|
|
@ -45,6 +45,10 @@
|
|||
<div class="uk-text-success uk-margin-small-bottom">${success}</div>
|
||||
<c:remove var="success" scope="session"/>
|
||||
</c:if>
|
||||
<c:if test="${message != null}">
|
||||
<div class="uk-text-danger uk-margin-small-bottom">${message}</div>
|
||||
<c:remove var="message" scope="session"/>
|
||||
</c:if>
|
||||
<div class="uk-alert-primary uk-flex uk-flex-middle">
|
||||
<span uk-icon="info"></span>
|
||||
<span class="uk-margin-small-left">You can register up to 5 services.</span>
|
||||
|
@ -101,7 +105,7 @@
|
|||
pattern="dd-MM-yyyy HH:mm"/>
|
||||
</div>
|
||||
<div>
|
||||
<a href="./editRegisteredService?id=${registeredService.id}" class="uk-margin-small-right">
|
||||
<a href="./registerService?id=${registeredService.id}" class="uk-margin-small-right">
|
||||
<span uk-icon="pencil"></span>
|
||||
</a>
|
||||
<a class="uk-text-danger" uk-icon="trash" uk-toggle="target: #modal${registeredService.id}"></a>
|
||||
|
|
Loading…
Reference in New Issue