Single Sign On: Changing cookie names, format, remove unused methods

git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-services-library/trunk/ng-openaire-library/src/app@52451 d315682c-612b-4755-9ff5-7f18f6832af3
This commit is contained in:
argiro.kokogiannaki 2018-06-12 11:15:42 +00:00
parent 668304da29
commit d5b745fc65
15 changed files with 72 additions and 203 deletions

View File

@ -195,7 +195,7 @@ isSelected(id):boolean{
}
getCommunities () {
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.saveStateAndRedirectLogin();
}else{
@ -217,7 +217,7 @@ getCommunities () {
this.loading = true;
this.categories=[];
if(this.selectedCommunityId != '0'){
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.saveStateAndRedirectLogin();
}else{
@ -245,11 +245,11 @@ getCommunities () {
getConcepts () {
this.loading = true;
if(this.selectedCategoryId != '0'){
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.saveStateAndRedirectLogin();
}else{
this.concepts = [];
var token=Session.getUserJwt();
this._contextService.getConcepts(this.selectedCategoryId, "",true, this.properties.contextsAPI).subscribe(
data => {
@ -282,7 +282,7 @@ getCommunities () {
getSubConcepts (conceptId) {
this.loading = true;
if(this.selectedCategoryId != '0'){
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.saveStateAndRedirectLogin();
}else{
this._contextService.getSubConcepts(conceptId, "",true, this.properties.contextsAPI).subscribe(
@ -319,7 +319,7 @@ getCommunities () {
}
}
browseConcepts (categoryId) {
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.saveStateAndRedirectLogin();
}else{
if(this.conceptsClass[categoryId] != null){

View File

@ -103,11 +103,10 @@ export class DisplayClaimsComponent {
claimsDeleted:number = 0;
@Input() communityId:string = null;
getClaims () {
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.userValidMessage = "User session has expired. Please login again.";
}else{
var token=Session.getUserJwt();
this.selected=[];
var types = '';
this.showErrorMessage = false;
@ -422,11 +421,10 @@ handleErrors(err){
}
deleteById(id:string){
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.userValidMessage = "User session has expired. Please login again.";
}else{
var token=Session.getUserJwt();
console.log("Deleting claim with id:"+id);
// this._claimService.deleteClaimById(id);
this._claimService.deleteClaimById(id, this.properties.claimsAPIURL).subscribe(
@ -455,11 +453,10 @@ handleErrors(err){
}
}
batchDeleteById(ids:string[]){
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.userValidMessage = "User session has expired. Please login again.";
}else{
var token=Session.getUserJwt();
console.warn("Deleting claim with ids:"+ids);
this._claimService.deleteBulk(ids,this.properties.claimsAPIURL).subscribe(
res => {

View File

@ -131,9 +131,9 @@ public sortByTitle2= (claim: any) => {
validateJWTandToken() {
var jwtToken=Session.getUserJwt();
if(this.token) {
this.claimsByTokenService.getClaims(this.token, jwtToken, this.properties.claimsAPIURL).subscribe(
this.claimsByTokenService.getClaims(this.token, this.properties.claimsAPIURL).subscribe(
data => {
this.closeLoading();
this.accessStatus = "valid";
@ -220,8 +220,6 @@ public sortByTitle2= (claim: any) => {
saveChanges() {
console.info("Changes Saved!");
var jwtToken=Session.getUserJwt();
this.claimsByTokenService.updateClaimsCuration(this.selectedRight, this.selectedWrong, this.properties.claimsAPIURL).subscribe(
data => {
console.info(data);

View File

@ -11,7 +11,7 @@ export class ClaimsByTokenService {
constructor(private http: Http ) {}
getClaims(token: string, jwtToken: string, apiURL:string):any {
getClaims(token: string, apiURL:string):any {
console.info("getClaims in service");
let url = apiURL+"project/claims?projectToken="+token;

View File

@ -78,7 +78,7 @@ private insertActions(){
this.errorInClaims=[];
this.insertedRecords=[];
this.errorInRecords=[];
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
this.showButton = false;
localStorage.setItem("projects", JSON.stringify(this.projects));
localStorage.setItem("contexts", JSON.stringify(this.contexts));

View File

@ -21,7 +21,7 @@ export class ConnectAdminLoginGuard implements CanActivate {
let community = (route.queryParams["communityId"]);
if(Session.isLoggedIn()){
loggedIn = true;
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
loggedIn = false;
errorCode = ErrorCodes.NOT_VALID;
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });

View File

@ -21,7 +21,7 @@ export class ConnectRIGuard implements CanActivate {
let community = (route.queryParams["communityId"]);
if(Session.isLoggedIn()){
loggedIn = true;
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
loggedIn = false;
errorCode = ErrorCodes.NOT_VALID;
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });

View File

@ -16,7 +16,7 @@ export class AdminLoginGuard implements CanActivate {
var errorCode = ErrorCodes.NOT_LOGGIN;
if(Session.isLoggedIn()){
loggedIn = true;
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
loggedIn = false;
errorCode = ErrorCodes.NOT_VALID;
}else {

View File

@ -18,7 +18,7 @@ export class ClaimsCuratorGuard implements CanActivate {
if(Session.isLoggedIn()){
loggedIn = true;
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
loggedIn = false;
errorCode = ErrorCodes.NOT_VALID;
}else {

View File

@ -17,7 +17,7 @@ export class FreeGuard implements CanActivate {
if(Session.isLoggedIn()){
loggedIn = true;
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
loggedIn = false;
valid = false;
errorCode = ErrorCodes.NOT_VALID;

View File

@ -16,7 +16,7 @@ export class LoginGuard implements CanActivate {
if(Session.isLoggedIn()){
loggedIn = true;
if(!Session.isValidAndRemove()){
if(!Session.isLoggedIn()){
loggedIn = false;
errorCode = ErrorCodes.NOT_VALID;
}

View File

@ -106,7 +106,6 @@ export class UserMiniComponent {
initialize(){
this.redirectUrl = this.location.path();
if(Session.isLoggedIn()){
if(Session.isUserValid()){
this.loggedIn = Session.isLoggedIn();
this.user = Session.getUser();
if(Session.isClaimsCurator() || Session.isPortalAdministrator()){
@ -115,12 +114,6 @@ export class UserMiniComponent {
this.isAuthorized = false;
}
}else{
Session.removeUser();
this.loggedIn = false;
this.isAuthorized = false;
this.user = null;
}
}else {
this.loggedIn = false;
this.isAuthorized = false;

View File

@ -13,55 +13,15 @@ export class User {
}
export class Session{
// public static setUser(user:User): User {
//
// localStorage.setItem("user", JSON.stringify(user));
//
// return user;
// }
public static removeUser() {
if(Session.isLoggedIn()){
// localStorage.removeItem("user");
COOKIE.deleteCookie(COOKIE.cookieName_id)
COOKIE.deleteCookie(COOKIE.cookieName_u);
COOKIE.deleteCookie("SESSION");
}
}
public static getUser():User {
// if(Session.isLoggedIn()){
// return JSON.parse(localStorage.getItem("user"));
// }else{
// return null;
// }
return this.getUserFromCookie();
}
// public static isLoggedIn(): boolean {
// var loggedIn:boolean = false;
// var user:User = null;
// var cookie= COOKIE.getCookie(COOKIE.cookieName_u);
// if( typeof localStorage !== 'undefined') {
// if(localStorage.getItem("user") || (cookie != null && cookie != "")) {
// user = JSON.parse(localStorage.getItem("user"));
// if(user && (user.fullname != null || user.lastname !=null || user.firstname !=null)){
// loggedIn = true;
// }else if(cookie != null && this.getUserFromCookie()!= null){
// loggedIn = true
// }else{
// loggedIn = false;
// }
// }else{
// if(cookie != null && this.getUserFromCookie()!= null){
// loggedIn = true
// }else{
// loggedIn = false;
// }
//
// }
// }else{
// loggedIn = false;
// }
// return loggedIn;
// }
public static isLoggedIn(): boolean {
var loggedIn:boolean = false;
var user:User = null;
@ -75,52 +35,58 @@ export class Session{
}
return true;
}
}
public static getUserFromCookie():User{
var cookie= COOKIE.getCookie(COOKIE.cookieName_u);
if(cookie != null){
var user:User = MyJWT.parseUserInfo(cookie);
// if( typeof localStorage !== 'undefined') {
// localStorage.setItem("user", JSON.stringify(user));
var user:User = this.parseUserInfo(cookie);
if(user && user.email){
// COOKIE.deleteCookie(COOKIE.cookieName_u); // delete cookie to avoid transfer through requests
return user;
}else{
return null;
}
// }else{
// return null;
// }
}else{
return null;
}
}
public static getUserJwt():string {
var user:User = this.getUserFromCookie();
if(user!=null){
return user.jwt;
}
return null;
// if(Session.isLoggedIn()){
// return Session.getUser().jwt;
// }else{
// return null;
// }
public static parseUserInfo(data: any): User {
var dataStr:string = data.substr(1,data.length-2).replace(/\\/g,"");
var info = JSON.parse(dataStr);
var user: User = new User();
user.id = (info.sub && info.sub.indexOf('@'))?info.sub.substring(0,info.sub.indexOf('@')):info.sub;
user.firstname = (StringUtils.URIDecode((info.firstname && info.firstname!="")?info.firstname:"")).replace("+"," ");
user.lastname = (StringUtils.URIDecode((info.lastname && info.lastname!="")?info.lastname:"")).replace("+"," ");
user.email = info.email;
user.fullname = (StringUtils.URIDecode((info.fullname && info.fullname!="")?info.fullname:"")).replace("+"," ");
if(user.fullname == ""){
if(user.firstname != ""){
user.fullname += user.firstname;
}
if(user.lastname !=""){
user.fullname += user.lastname;
}
if(user.fullname == ""){ //fullname is still empty set a default
user.fullname = "Anonymous user";
}
}
if(info.role && info.role != ""){
user.role =JSON.parse( StringUtils.URIDecode(info.role));
}else{
user.role =[];
}
user.expirationDate = info.exp;
return user;
}
public static getUserEmail():string {
var user:User = this.getUserFromCookie();
if(user!=null){
return user.email;
}
return null;
// if(Session.isLoggedIn()){
// return Session.getUser().email;
// }else{
// return null;
// }
}
public static setReloadUrl(host:string,path:string, params:string) {
@ -129,7 +95,6 @@ export class Session{
URL["path"]=path;
URL["params"]=params;
COOKIE.setCookie("reloadURL", JSON.stringify(URL), -1);
}
public static getReloadUrl(plainText:boolean =false) {
var URL = COOKIE.getCookie("reloadURL");
@ -151,14 +116,13 @@ export class Session{
}
//Methods to check roles
public static isClaimsCurator():boolean {
var isAuthorized = false;
var user:User = this.getUserFromCookie();
if(user!=null){
return false;
}
var claimRoles = ["urn:geant:openaire.eu:group:Curator+-+Claim#aai.openaire.eu"]
for (var i = 0; i < claimRoles.length; i++) {
if ((user.role).indexOf(claimRoles[i]) > -1) {
@ -166,8 +130,7 @@ export class Session{
break;
}
}
return (isAuthorized);
return isAuthorized;
}
public static isCommunityCurator():boolean {
var isAuthorized = false;
@ -179,9 +142,9 @@ export class Session{
break;
}
}
return (isAuthorized);
return isAuthorized;
}
return (isAuthorized);
return isAuthorized;
}
public static isPortalAdministrator():boolean {
var isAuthorized = false;
@ -193,108 +156,29 @@ export class Session{
break;
}
}
// console.log("Is admin:"+ isAdmin)
return (isAuthorized);
return isAuthorized;
}
// console.log("Is admin:"+ isAdmin)
return (isAuthorized);
return isAuthorized;
}
public static isRegisteredUser():boolean {
var isRegisteredUser = false;
var isAuthorized = false;
if(Session.isLoggedIn()){
var claimRoles = ["urn:geant:openaire.eu:group:Registered+User#aai.openaire.eu"];
for (var i = 0; i < claimRoles.length; i++) {
if ((Session.getUser().role).indexOf(claimRoles[i]) > -1) {
isRegisteredUser = true;
isAuthorized = true;
break;
}
}
// console.log("Is isRegisteredUser:"+ isRegisteredUser)
return (isRegisteredUser);
return isAuthorized;
}
// console.log("Is isRegisteredUser:"+ isRegisteredUser)
return (isRegisteredUser);
}
public static isUserValid() {
// if(Session.isLoggedIn()){
var user:User = Session.getUser();
if(user!=null){
// var expires = user.expirationDate;
// var now = new Date().getTime() / 1000;
// console.log(" is still valid ? "+(now +0 < expires) +" Remaining:"+ (expires - (now+0))+ " now is:"+now + "expires at:"+expires);
// return now +0 < expires;
return true;
}
return false;
}
public static isValidAndRemove() {
// if(Session.isLoggedIn()){
if(!Session.isUserValid()){
Session.removeUser();
return false;
}else{
return true;
}
// }else{
// return false;
// }
return isAuthorized;
}
}
export class MyJWT{
private static validateJWTFormat(data){
if(data != null && (data.indexOf(".") !=-1 && data.split('.').length == 3)){
return true;
}
return false;
}
private static getPayload(data){
var payload = data.split('.')[1];
return StringUtils.b64DecodeUnicode(payload);
}
public static parseUserInfo(data: any): User {
if(this.validateJWTFormat(data)){
var info = JSON.parse(this.getPayload(data));
}else{
return null;
}
var user: User = new User();
user.id = (info.sub && info.sub.indexOf('@'))?info.sub.substring(0,info.sub.indexOf('@')):info.sub;
user.firstname = (StringUtils.URIDecode((info.firstname && info.firstname!="")?info.firstname:"")).replace("+"," ");
user.lastname = (StringUtils.URIDecode((info.lastname && info.lastname!="")?info.lastname:"")).replace("+"," ");
user.email = info.email;
// user.id = info.userId;
user.fullname = (StringUtils.URIDecode((info.fullname && info.fullname!="")?info.fullname:"")).replace("+"," ");
if(user.fullname == ""){
if(user.firstname != ""){
user.fullname += user.firstname;
}
if(user.lastname !=""){
user.fullname += user.lastname;
}
if(user.fullname == ""){ //it is still empty set a default
user.fullname = "Anonymous user";
}
}
if(info.role && info.role != ""){
user.role =JSON.parse( StringUtils.URIDecode(info.role));
}else{
user.role =[];
}
// console.log("User Role is:");
// console.log(user.role)
user.jwt = data;
user.expirationDate = info.exp;
// localStorage.setItem("user", JSON.stringify(user));
// console.log(user)
return user;
}
}
export class COOKIE{
public static cookieName_u:string="XCsrfToken";
public static cookieName_u:string="openAIREUser"//"XCsrfToken";
public static cookieName_id:string="AccessToken";
public static getCookie(name: string) : string {
@ -323,7 +207,7 @@ export class MyJWT{
let expires:string = `expires=${d.toUTCString()}`;
// let cpath:string = path ? `; path=${path}` : '';
let domain = "";
if(document.domain.indexOf(".di.uoa.gr")!= -1){
if(document.domain.indexOf(".di.uoa.gr")!= -1){ // for development
domain = ".di.uoa.gr";
}else if(document.domain.indexOf(".openaire.eu") != -1){
domain = ".openaire.eu";

View File

@ -75,7 +75,7 @@ export class NavigationBarComponent {
this.sub.unsubscribe();
}
initialize(){
if(Session.isLoggedIn() && Session.isUserValid() && (Session.isClaimsCurator() || Session.isPortalAdministrator())){
if(Session.isLoggedIn() && (Session.isClaimsCurator() || Session.isPortalAdministrator())){
this.isAuthorized = true;
}else {
this.isAuthorized = false;

View File

@ -64,9 +64,6 @@ export class EnvProperties {
logoutUrl;
logoutOpenaireUrl;
cookieDomain;