Single Sign On: Changing cookie names, format, remove unused methods
git-svn-id: https://svn.driver.research-infrastructures.eu/driver/dnet40/modules/uoa-services-library/trunk/ng-openaire-library/src/app@52451 d315682c-612b-4755-9ff5-7f18f6832af3
This commit is contained in:
parent
668304da29
commit
d5b745fc65
|
@ -195,7 +195,7 @@ isSelected(id):boolean{
|
|||
}
|
||||
|
||||
getCommunities () {
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.saveStateAndRedirectLogin();
|
||||
|
||||
}else{
|
||||
|
@ -217,7 +217,7 @@ getCommunities () {
|
|||
this.loading = true;
|
||||
this.categories=[];
|
||||
if(this.selectedCommunityId != '0'){
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.saveStateAndRedirectLogin();
|
||||
|
||||
}else{
|
||||
|
@ -245,11 +245,11 @@ getCommunities () {
|
|||
getConcepts () {
|
||||
this.loading = true;
|
||||
if(this.selectedCategoryId != '0'){
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.saveStateAndRedirectLogin();
|
||||
}else{
|
||||
this.concepts = [];
|
||||
var token=Session.getUserJwt();
|
||||
|
||||
this._contextService.getConcepts(this.selectedCategoryId, "",true, this.properties.contextsAPI).subscribe(
|
||||
data => {
|
||||
|
||||
|
@ -282,7 +282,7 @@ getCommunities () {
|
|||
getSubConcepts (conceptId) {
|
||||
this.loading = true;
|
||||
if(this.selectedCategoryId != '0'){
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.saveStateAndRedirectLogin();
|
||||
}else{
|
||||
this._contextService.getSubConcepts(conceptId, "",true, this.properties.contextsAPI).subscribe(
|
||||
|
@ -319,7 +319,7 @@ getCommunities () {
|
|||
}
|
||||
}
|
||||
browseConcepts (categoryId) {
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.saveStateAndRedirectLogin();
|
||||
}else{
|
||||
if(this.conceptsClass[categoryId] != null){
|
||||
|
|
|
@ -103,11 +103,10 @@ export class DisplayClaimsComponent {
|
|||
claimsDeleted:number = 0;
|
||||
@Input() communityId:string = null;
|
||||
getClaims () {
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.userValidMessage = "User session has expired. Please login again.";
|
||||
|
||||
}else{
|
||||
var token=Session.getUserJwt();
|
||||
this.selected=[];
|
||||
var types = '';
|
||||
this.showErrorMessage = false;
|
||||
|
@ -422,11 +421,10 @@ handleErrors(err){
|
|||
}
|
||||
|
||||
deleteById(id:string){
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.userValidMessage = "User session has expired. Please login again.";
|
||||
|
||||
}else{
|
||||
var token=Session.getUserJwt();
|
||||
console.log("Deleting claim with id:"+id);
|
||||
// this._claimService.deleteClaimById(id);
|
||||
this._claimService.deleteClaimById(id, this.properties.claimsAPIURL).subscribe(
|
||||
|
@ -455,11 +453,10 @@ handleErrors(err){
|
|||
}
|
||||
}
|
||||
batchDeleteById(ids:string[]){
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.userValidMessage = "User session has expired. Please login again.";
|
||||
|
||||
}else{
|
||||
var token=Session.getUserJwt();
|
||||
console.warn("Deleting claim with ids:"+ids);
|
||||
this._claimService.deleteBulk(ids,this.properties.claimsAPIURL).subscribe(
|
||||
res => {
|
||||
|
|
|
@ -131,9 +131,9 @@ public sortByTitle2= (claim: any) => {
|
|||
|
||||
|
||||
validateJWTandToken() {
|
||||
var jwtToken=Session.getUserJwt();
|
||||
|
||||
if(this.token) {
|
||||
this.claimsByTokenService.getClaims(this.token, jwtToken, this.properties.claimsAPIURL).subscribe(
|
||||
this.claimsByTokenService.getClaims(this.token, this.properties.claimsAPIURL).subscribe(
|
||||
data => {
|
||||
this.closeLoading();
|
||||
this.accessStatus = "valid";
|
||||
|
@ -220,8 +220,6 @@ public sortByTitle2= (claim: any) => {
|
|||
|
||||
saveChanges() {
|
||||
console.info("Changes Saved!");
|
||||
var jwtToken=Session.getUserJwt();
|
||||
|
||||
this.claimsByTokenService.updateClaimsCuration(this.selectedRight, this.selectedWrong, this.properties.claimsAPIURL).subscribe(
|
||||
data => {
|
||||
console.info(data);
|
||||
|
|
|
@ -11,7 +11,7 @@ export class ClaimsByTokenService {
|
|||
|
||||
constructor(private http: Http ) {}
|
||||
|
||||
getClaims(token: string, jwtToken: string, apiURL:string):any {
|
||||
getClaims(token: string, apiURL:string):any {
|
||||
console.info("getClaims in service");
|
||||
|
||||
let url = apiURL+"project/claims?projectToken="+token;
|
||||
|
|
|
@ -78,7 +78,7 @@ private insertActions(){
|
|||
this.errorInClaims=[];
|
||||
this.insertedRecords=[];
|
||||
this.errorInRecords=[];
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
this.showButton = false;
|
||||
localStorage.setItem("projects", JSON.stringify(this.projects));
|
||||
localStorage.setItem("contexts", JSON.stringify(this.contexts));
|
||||
|
|
|
@ -21,7 +21,7 @@ export class ConnectAdminLoginGuard implements CanActivate {
|
|||
let community = (route.queryParams["communityId"]);
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
|
|
|
@ -21,7 +21,7 @@ export class ConnectRIGuard implements CanActivate {
|
|||
let community = (route.queryParams["communityId"]);
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
this.router.navigate(['/user-info'], { queryParams: { "errorCode": errorCode, "redirectUrl": state.url } });
|
||||
|
|
|
@ -16,7 +16,7 @@ export class AdminLoginGuard implements CanActivate {
|
|||
var errorCode = ErrorCodes.NOT_LOGGIN;
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
}else {
|
||||
|
|
|
@ -18,7 +18,7 @@ export class ClaimsCuratorGuard implements CanActivate {
|
|||
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
}else {
|
||||
|
|
|
@ -17,7 +17,7 @@ export class FreeGuard implements CanActivate {
|
|||
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
loggedIn = false;
|
||||
valid = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
|
|
|
@ -16,7 +16,7 @@ export class LoginGuard implements CanActivate {
|
|||
|
||||
if(Session.isLoggedIn()){
|
||||
loggedIn = true;
|
||||
if(!Session.isValidAndRemove()){
|
||||
if(!Session.isLoggedIn()){
|
||||
loggedIn = false;
|
||||
errorCode = ErrorCodes.NOT_VALID;
|
||||
}
|
||||
|
|
|
@ -106,7 +106,6 @@ export class UserMiniComponent {
|
|||
initialize(){
|
||||
this.redirectUrl = this.location.path();
|
||||
if(Session.isLoggedIn()){
|
||||
if(Session.isUserValid()){
|
||||
this.loggedIn = Session.isLoggedIn();
|
||||
this.user = Session.getUser();
|
||||
if(Session.isClaimsCurator() || Session.isPortalAdministrator()){
|
||||
|
@ -115,12 +114,6 @@ export class UserMiniComponent {
|
|||
this.isAuthorized = false;
|
||||
}
|
||||
|
||||
}else{
|
||||
Session.removeUser();
|
||||
this.loggedIn = false;
|
||||
this.isAuthorized = false;
|
||||
this.user = null;
|
||||
}
|
||||
}else {
|
||||
this.loggedIn = false;
|
||||
this.isAuthorized = false;
|
||||
|
|
|
@ -13,55 +13,15 @@ export class User {
|
|||
}
|
||||
|
||||
export class Session{
|
||||
// public static setUser(user:User): User {
|
||||
//
|
||||
// localStorage.setItem("user", JSON.stringify(user));
|
||||
//
|
||||
// return user;
|
||||
// }
|
||||
public static removeUser() {
|
||||
if(Session.isLoggedIn()){
|
||||
// localStorage.removeItem("user");
|
||||
COOKIE.deleteCookie(COOKIE.cookieName_id)
|
||||
COOKIE.deleteCookie(COOKIE.cookieName_u);
|
||||
COOKIE.deleteCookie("SESSION");
|
||||
}
|
||||
COOKIE.deleteCookie(COOKIE.cookieName_id)
|
||||
COOKIE.deleteCookie(COOKIE.cookieName_u);
|
||||
COOKIE.deleteCookie("SESSION");
|
||||
|
||||
}
|
||||
public static getUser():User {
|
||||
// if(Session.isLoggedIn()){
|
||||
// return JSON.parse(localStorage.getItem("user"));
|
||||
// }else{
|
||||
// return null;
|
||||
// }
|
||||
return this.getUserFromCookie();
|
||||
}
|
||||
// public static isLoggedIn(): boolean {
|
||||
// var loggedIn:boolean = false;
|
||||
// var user:User = null;
|
||||
// var cookie= COOKIE.getCookie(COOKIE.cookieName_u);
|
||||
// if( typeof localStorage !== 'undefined') {
|
||||
// if(localStorage.getItem("user") || (cookie != null && cookie != "")) {
|
||||
// user = JSON.parse(localStorage.getItem("user"));
|
||||
// if(user && (user.fullname != null || user.lastname !=null || user.firstname !=null)){
|
||||
// loggedIn = true;
|
||||
// }else if(cookie != null && this.getUserFromCookie()!= null){
|
||||
// loggedIn = true
|
||||
// }else{
|
||||
// loggedIn = false;
|
||||
// }
|
||||
// }else{
|
||||
// if(cookie != null && this.getUserFromCookie()!= null){
|
||||
// loggedIn = true
|
||||
// }else{
|
||||
// loggedIn = false;
|
||||
// }
|
||||
//
|
||||
// }
|
||||
// }else{
|
||||
// loggedIn = false;
|
||||
// }
|
||||
// return loggedIn;
|
||||
// }
|
||||
public static isLoggedIn(): boolean {
|
||||
var loggedIn:boolean = false;
|
||||
var user:User = null;
|
||||
|
@ -75,52 +35,58 @@ export class Session{
|
|||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
}
|
||||
public static getUserFromCookie():User{
|
||||
var cookie= COOKIE.getCookie(COOKIE.cookieName_u);
|
||||
if(cookie != null){
|
||||
var user:User = MyJWT.parseUserInfo(cookie);
|
||||
// if( typeof localStorage !== 'undefined') {
|
||||
// localStorage.setItem("user", JSON.stringify(user));
|
||||
var user:User = this.parseUserInfo(cookie);
|
||||
if(user && user.email){
|
||||
// COOKIE.deleteCookie(COOKIE.cookieName_u); // delete cookie to avoid transfer through requests
|
||||
return user;
|
||||
}else{
|
||||
return null;
|
||||
}
|
||||
// }else{
|
||||
// return null;
|
||||
// }
|
||||
}else{
|
||||
return null;
|
||||
}
|
||||
}
|
||||
public static getUserJwt():string {
|
||||
var user:User = this.getUserFromCookie();
|
||||
if(user!=null){
|
||||
return user.jwt;
|
||||
}
|
||||
return null;
|
||||
// if(Session.isLoggedIn()){
|
||||
// return Session.getUser().jwt;
|
||||
// }else{
|
||||
// return null;
|
||||
// }
|
||||
|
||||
public static parseUserInfo(data: any): User {
|
||||
|
||||
var dataStr:string = data.substr(1,data.length-2).replace(/\\/g,"");
|
||||
var info = JSON.parse(dataStr);
|
||||
var user: User = new User();
|
||||
user.id = (info.sub && info.sub.indexOf('@'))?info.sub.substring(0,info.sub.indexOf('@')):info.sub;
|
||||
|
||||
user.firstname = (StringUtils.URIDecode((info.firstname && info.firstname!="")?info.firstname:"")).replace("+"," ");
|
||||
user.lastname = (StringUtils.URIDecode((info.lastname && info.lastname!="")?info.lastname:"")).replace("+"," ");
|
||||
user.email = info.email;
|
||||
user.fullname = (StringUtils.URIDecode((info.fullname && info.fullname!="")?info.fullname:"")).replace("+"," ");
|
||||
if(user.fullname == ""){
|
||||
if(user.firstname != ""){
|
||||
user.fullname += user.firstname;
|
||||
}
|
||||
if(user.lastname !=""){
|
||||
user.fullname += user.lastname;
|
||||
}
|
||||
if(user.fullname == ""){ //fullname is still empty set a default
|
||||
user.fullname = "Anonymous user";
|
||||
}
|
||||
}
|
||||
if(info.role && info.role != ""){
|
||||
user.role =JSON.parse( StringUtils.URIDecode(info.role));
|
||||
}else{
|
||||
user.role =[];
|
||||
}
|
||||
user.expirationDate = info.exp;
|
||||
return user;
|
||||
}
|
||||
|
||||
public static getUserEmail():string {
|
||||
var user:User = this.getUserFromCookie();
|
||||
if(user!=null){
|
||||
return user.email;
|
||||
}
|
||||
return null;
|
||||
// if(Session.isLoggedIn()){
|
||||
// return Session.getUser().email;
|
||||
// }else{
|
||||
// return null;
|
||||
// }
|
||||
|
||||
}
|
||||
|
||||
public static setReloadUrl(host:string,path:string, params:string) {
|
||||
|
@ -129,7 +95,6 @@ export class Session{
|
|||
URL["path"]=path;
|
||||
URL["params"]=params;
|
||||
COOKIE.setCookie("reloadURL", JSON.stringify(URL), -1);
|
||||
|
||||
}
|
||||
public static getReloadUrl(plainText:boolean =false) {
|
||||
var URL = COOKIE.getCookie("reloadURL");
|
||||
|
@ -151,14 +116,13 @@ export class Session{
|
|||
|
||||
}
|
||||
|
||||
//Methods to check roles
|
||||
public static isClaimsCurator():boolean {
|
||||
var isAuthorized = false;
|
||||
var user:User = this.getUserFromCookie();
|
||||
if(user!=null){
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
var claimRoles = ["urn:geant:openaire.eu:group:Curator+-+Claim#aai.openaire.eu"]
|
||||
for (var i = 0; i < claimRoles.length; i++) {
|
||||
if ((user.role).indexOf(claimRoles[i]) > -1) {
|
||||
|
@ -166,8 +130,7 @@ export class Session{
|
|||
break;
|
||||
}
|
||||
}
|
||||
return (isAuthorized);
|
||||
|
||||
return isAuthorized;
|
||||
}
|
||||
public static isCommunityCurator():boolean {
|
||||
var isAuthorized = false;
|
||||
|
@ -179,9 +142,9 @@ export class Session{
|
|||
break;
|
||||
}
|
||||
}
|
||||
return (isAuthorized);
|
||||
return isAuthorized;
|
||||
}
|
||||
return (isAuthorized);
|
||||
return isAuthorized;
|
||||
}
|
||||
public static isPortalAdministrator():boolean {
|
||||
var isAuthorized = false;
|
||||
|
@ -193,108 +156,29 @@ export class Session{
|
|||
break;
|
||||
}
|
||||
}
|
||||
// console.log("Is admin:"+ isAdmin)
|
||||
return (isAuthorized);
|
||||
return isAuthorized;
|
||||
}
|
||||
// console.log("Is admin:"+ isAdmin)
|
||||
return (isAuthorized);
|
||||
return isAuthorized;
|
||||
}
|
||||
public static isRegisteredUser():boolean {
|
||||
var isRegisteredUser = false;
|
||||
var isAuthorized = false;
|
||||
if(Session.isLoggedIn()){
|
||||
var claimRoles = ["urn:geant:openaire.eu:group:Registered+User#aai.openaire.eu"];
|
||||
for (var i = 0; i < claimRoles.length; i++) {
|
||||
if ((Session.getUser().role).indexOf(claimRoles[i]) > -1) {
|
||||
isRegisteredUser = true;
|
||||
isAuthorized = true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
// console.log("Is isRegisteredUser:"+ isRegisteredUser)
|
||||
return (isRegisteredUser);
|
||||
return isAuthorized;
|
||||
}
|
||||
// console.log("Is isRegisteredUser:"+ isRegisteredUser)
|
||||
return (isRegisteredUser);
|
||||
}
|
||||
public static isUserValid() {
|
||||
// if(Session.isLoggedIn()){
|
||||
var user:User = Session.getUser();
|
||||
if(user!=null){
|
||||
// var expires = user.expirationDate;
|
||||
// var now = new Date().getTime() / 1000;
|
||||
// console.log(" is still valid ? "+(now +0 < expires) +" Remaining:"+ (expires - (now+0))+ " now is:"+now + "expires at:"+expires);
|
||||
// return now +0 < expires;
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
public static isValidAndRemove() {
|
||||
// if(Session.isLoggedIn()){
|
||||
if(!Session.isUserValid()){
|
||||
Session.removeUser();
|
||||
return false;
|
||||
}else{
|
||||
return true;
|
||||
}
|
||||
// }else{
|
||||
// return false;
|
||||
// }
|
||||
return isAuthorized;
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
export class MyJWT{
|
||||
private static validateJWTFormat(data){
|
||||
if(data != null && (data.indexOf(".") !=-1 && data.split('.').length == 3)){
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
private static getPayload(data){
|
||||
var payload = data.split('.')[1];
|
||||
return StringUtils.b64DecodeUnicode(payload);
|
||||
}
|
||||
public static parseUserInfo(data: any): User {
|
||||
if(this.validateJWTFormat(data)){
|
||||
var info = JSON.parse(this.getPayload(data));
|
||||
}else{
|
||||
return null;
|
||||
}
|
||||
var user: User = new User();
|
||||
user.id = (info.sub && info.sub.indexOf('@'))?info.sub.substring(0,info.sub.indexOf('@')):info.sub;
|
||||
|
||||
user.firstname = (StringUtils.URIDecode((info.firstname && info.firstname!="")?info.firstname:"")).replace("+"," ");
|
||||
user.lastname = (StringUtils.URIDecode((info.lastname && info.lastname!="")?info.lastname:"")).replace("+"," ");
|
||||
user.email = info.email;
|
||||
// user.id = info.userId;
|
||||
user.fullname = (StringUtils.URIDecode((info.fullname && info.fullname!="")?info.fullname:"")).replace("+"," ");
|
||||
if(user.fullname == ""){
|
||||
if(user.firstname != ""){
|
||||
user.fullname += user.firstname;
|
||||
}
|
||||
if(user.lastname !=""){
|
||||
user.fullname += user.lastname;
|
||||
}
|
||||
if(user.fullname == ""){ //it is still empty set a default
|
||||
user.fullname = "Anonymous user";
|
||||
}
|
||||
}
|
||||
if(info.role && info.role != ""){
|
||||
user.role =JSON.parse( StringUtils.URIDecode(info.role));
|
||||
}else{
|
||||
user.role =[];
|
||||
}
|
||||
|
||||
// console.log("User Role is:");
|
||||
// console.log(user.role)
|
||||
user.jwt = data;
|
||||
user.expirationDate = info.exp;
|
||||
// localStorage.setItem("user", JSON.stringify(user));
|
||||
// console.log(user)
|
||||
return user;
|
||||
}
|
||||
|
||||
}
|
||||
export class COOKIE{
|
||||
public static cookieName_u:string="XCsrfToken";
|
||||
export class COOKIE{
|
||||
public static cookieName_u:string="openAIREUser"//"XCsrfToken";
|
||||
public static cookieName_id:string="AccessToken";
|
||||
|
||||
public static getCookie(name: string) : string {
|
||||
|
@ -323,7 +207,7 @@ export class MyJWT{
|
|||
let expires:string = `expires=${d.toUTCString()}`;
|
||||
// let cpath:string = path ? `; path=${path}` : '';
|
||||
let domain = "";
|
||||
if(document.domain.indexOf(".di.uoa.gr")!= -1){
|
||||
if(document.domain.indexOf(".di.uoa.gr")!= -1){ // for development
|
||||
domain = ".di.uoa.gr";
|
||||
}else if(document.domain.indexOf(".openaire.eu") != -1){
|
||||
domain = ".openaire.eu";
|
||||
|
|
|
@ -75,7 +75,7 @@ export class NavigationBarComponent {
|
|||
this.sub.unsubscribe();
|
||||
}
|
||||
initialize(){
|
||||
if(Session.isLoggedIn() && Session.isUserValid() && (Session.isClaimsCurator() || Session.isPortalAdministrator())){
|
||||
if(Session.isLoggedIn() && (Session.isClaimsCurator() || Session.isPortalAdministrator())){
|
||||
this.isAuthorized = true;
|
||||
}else {
|
||||
this.isAuthorized = false;
|
||||
|
|
|
@ -64,9 +64,6 @@ export class EnvProperties {
|
|||
logoutUrl;
|
||||
|
||||
|
||||
logoutOpenaireUrl;
|
||||
|
||||
|
||||
cookieDomain;
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue