diff --git a/dmp-backend/web/src/main/java/eu/eudat/controllers/Login.java b/dmp-backend/web/src/main/java/eu/eudat/controllers/Login.java index a6315f15a..15acf15ae 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/controllers/Login.java +++ b/dmp-backend/web/src/main/java/eu/eudat/controllers/Login.java @@ -7,6 +7,9 @@ import eu.eudat.logic.security.CustomAuthenticationProvider; import eu.eudat.logic.security.validators.b2access.B2AccessTokenValidator; import eu.eudat.logic.security.validators.b2access.helpers.B2AccessRequest; import eu.eudat.logic.security.validators.b2access.helpers.B2AccessResponseToken; +import eu.eudat.logic.security.validators.linkedin.LinkedInTokenValidator; +import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInRequest; +import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken; import eu.eudat.logic.security.validators.orcid.ORCIDTokenValidator; import eu.eudat.logic.security.validators.orcid.helpers.ORCIDRequest; import eu.eudat.logic.security.validators.orcid.helpers.ORCIDResponseToken; @@ -37,17 +40,19 @@ public class Login { private TwitterTokenValidator twitterTokenValidator; private B2AccessTokenValidator b2AccessTokenValidator; private ORCIDTokenValidator orcidTokenValidator; + private LinkedInTokenValidator linkedInTokenValidator; private Logger logger; private UserManager userManager; @Autowired public Login(CustomAuthenticationProvider customAuthenticationProvider, AuthenticationService nonVerifiedUserAuthenticationService, - TwitterTokenValidator twitterTokenValidator, B2AccessTokenValidator b2AccessTokenValidator, ORCIDTokenValidator orcidTokenValidator, - UserManager userManager ,Logger logger) { + TwitterTokenValidator twitterTokenValidator, LinkedInTokenValidator linkedInTokenValidator, B2AccessTokenValidator b2AccessTokenValidator, + ORCIDTokenValidator orcidTokenValidator, UserManager userManager, Logger logger) { this.customAuthenticationProvider = customAuthenticationProvider; this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService; this.twitterTokenValidator = twitterTokenValidator; + this.linkedInTokenValidator = linkedInTokenValidator; this.b2AccessTokenValidator = b2AccessTokenValidator; this.orcidTokenValidator = orcidTokenValidator; this.logger = logger; @@ -76,6 +81,12 @@ public class Login { return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem().payload(this.twitterTokenValidator.getRequestToken()).status(ApiMessageCode.NO_MESSAGE)); } + @RequestMapping(method = RequestMethod.POST, value = {"/linkedInRequestToken"}, produces = "application/json", consumes = "application/json") + public @ResponseBody + ResponseEntity> linkedInRequestToken(@RequestBody LinkedInRequest linkedInRequest) { + return ResponseEntity.status(HttpStatus.OK).body(new ResponseItem().payload(this.linkedInTokenValidator.getAccessToken(linkedInRequest)).status(ApiMessageCode.NO_MESSAGE)); + } + @RequestMapping(method = RequestMethod.POST, value = {"/b2AccessRequestToken"}, produces = "application/json", consumes = "application/json") public @ResponseBody ResponseEntity> b2AccessRequestToken(@RequestBody B2AccessRequest b2AccessRequest) { diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInCustomProvider.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInCustomProvider.java new file mode 100644 index 000000000..2d8c481ce --- /dev/null +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInCustomProvider.java @@ -0,0 +1,10 @@ +package eu.eudat.logic.security.customproviders.LinkedIn; + +import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken; + +public interface LinkedInCustomProvider { + + LinkedInUser getUser(String accessToken); + + LinkedInResponseToken getAccessToken(String code, String redirectUri, String clientId, String clientSecret); +} diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInCustomProviderImpl.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInCustomProviderImpl.java new file mode 100644 index 000000000..6de95e988 --- /dev/null +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInCustomProviderImpl.java @@ -0,0 +1,71 @@ +package eu.eudat.logic.security.customproviders.LinkedIn; + +import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken; +import org.apache.http.conn.ssl.NoopHostnameVerifier; +import org.apache.http.impl.client.CloseableHttpClient; +import org.apache.http.impl.client.HttpClients; +import org.springframework.core.env.Environment; +import org.springframework.http.HttpEntity; +import org.springframework.http.HttpHeaders; +import org.springframework.http.HttpMethod; +import org.springframework.http.MediaType; +import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; +import org.springframework.stereotype.Component; +import org.springframework.util.LinkedMultiValueMap; +import org.springframework.util.MultiValueMap; +import org.springframework.web.client.RestTemplate; + +import java.util.Map; + +@Component("LinkedInCustomProvider") +public class LinkedInCustomProviderImpl implements LinkedInCustomProvider { + + private Environment environment; + + public LinkedInCustomProviderImpl(Environment environment) { + this.environment = environment; + } + + public LinkedInUser getUser(String accessToken) { + RestTemplate restTemplate = new RestTemplate(); + HttpHeaders headers = this.createBearerAuthHeaders(accessToken); + HttpEntity entity = new HttpEntity<>(headers); + + Map profileValues = restTemplate.exchange(this.environment.getProperty("linkedin.login.user_info_url"), HttpMethod.GET, entity, Map.class).getBody(); + Map emailValues = restTemplate.exchange(this.environment.getProperty("linkedin.login.user_email"), HttpMethod.GET, entity, Map.class).getBody(); + LinkedInUser linkedInUser = new LinkedInUser(); + linkedInUser.setEmail((String)emailValues.get("email")); + linkedInUser.setName((String)profileValues.get("localizedFirstName")); + linkedInUser.setId((String)profileValues.get("id")); + return linkedInUser; + } + + public LinkedInResponseToken getAccessToken(String code, String redirectUri, String clientId, String clientSecret) { + RestTemplate template = new RestTemplate(); + HttpHeaders headers = new HttpHeaders(); + headers.setContentType(MediaType.APPLICATION_FORM_URLENCODED); + + MultiValueMap map = new LinkedMultiValueMap(); + + map.add("grant_type", "authorization_code"); + map.add("code", code); + map.add("redirect_uri", redirectUri); + map.add("client_id", clientId); + map.add("client_secret", clientSecret); + HttpEntity> request = new HttpEntity>(map, headers); + + Map values = template.postForObject(this.environment.getProperty("linkedin.login.access_token_url"), request, Map.class); + LinkedInResponseToken linkedInResponseToken = new LinkedInResponseToken(); + linkedInResponseToken.setAccessToken((String) values.get("access_token")); + linkedInResponseToken.setExpiresIn((Integer) values.get("expires_in")); + + return linkedInResponseToken; + } + + private HttpHeaders createBearerAuthHeaders(String accessToken) { + return new HttpHeaders() {{ + String authHeader = "Bearer " + new String(accessToken); + set("Authorization", authHeader); + }}; + } +} diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInUser.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInUser.java new file mode 100644 index 000000000..0cbe2d7df --- /dev/null +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/customproviders/LinkedIn/LinkedInUser.java @@ -0,0 +1,29 @@ +package eu.eudat.logic.security.customproviders.LinkedIn; + +public class LinkedInUser { + private String id; + private String name; + private String email; + + + public String getId() { + return id; + } + public void setId(String id) { + this.id = id; + } + + public String getName() { + return name; + } + public void setName(String name) { + this.name = name; + } + + public String getEmail() { + return email; + } + public void setEmail(String email) { + this.email = email; + } +} diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/TokenValidatorFactoryImpl.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/TokenValidatorFactoryImpl.java index 404de9b55..ed17db2e0 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/TokenValidatorFactoryImpl.java +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/TokenValidatorFactoryImpl.java @@ -1,6 +1,8 @@ package eu.eudat.logic.security.validators; import eu.eudat.logic.security.customproviders.B2Access.B2AccessCustomProvider; +import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInCustomProvider; +import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInCustomProviderImpl; import eu.eudat.logic.security.customproviders.ORCID.ORCIDCustomProvider; import eu.eudat.logic.security.validators.b2access.B2AccessTokenValidator; import eu.eudat.logic.security.validators.facebook.FacebookTokenValidator; @@ -57,14 +59,19 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory { private AuthenticationService nonVerifiedUserAuthenticationService; private B2AccessCustomProvider b2AccessCustomProvider; private ORCIDCustomProvider orcidCustomProvider; + private LinkedInCustomProvider linkedInCustomProvider; @Autowired - public TokenValidatorFactoryImpl(ApiContext apiContext, Environment environment, AuthenticationService nonVerifiedUserAuthenticationService, B2AccessCustomProvider b2AccessCustomProvider, ORCIDCustomProvider orcidCustomProvider) { + public TokenValidatorFactoryImpl( + ApiContext apiContext, Environment environment, + AuthenticationService nonVerifiedUserAuthenticationService, B2AccessCustomProvider b2AccessCustomProvider, + ORCIDCustomProvider orcidCustomProvider, LinkedInCustomProvider linkedInCustomProvider) { this.apiContext = apiContext; this.environment = environment; this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService; this.b2AccessCustomProvider = b2AccessCustomProvider; this.orcidCustomProvider = orcidCustomProvider; + this.linkedInCustomProvider = linkedInCustomProvider; } public TokenValidator getProvider(LoginProvider provider) { @@ -74,13 +81,13 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory { case FACEBOOK: return new FacebookTokenValidator(this.apiContext, this.environment, this.nonVerifiedUserAuthenticationService); case LINKEDIN: - return new LinkedInTokenValidator(this.apiContext, this.environment, this.nonVerifiedUserAuthenticationService); + return new LinkedInTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, linkedInCustomProvider); case TWITTER: return new TwitterTokenValidator(this.apiContext, this.environment, this.nonVerifiedUserAuthenticationService); case B2_ACCESS: return new B2AccessTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.b2AccessCustomProvider); case ORCID: - return new ORCIDTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.orcidCustomProvider, this.apiContext); + return new ORCIDTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.orcidCustomProvider); default: throw new RuntimeException("Login Provider Not Implemented"); } diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/LinkedInTokenValidator.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/LinkedInTokenValidator.java index f89c82317..fa8452035 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/LinkedInTokenValidator.java +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/LinkedInTokenValidator.java @@ -1,8 +1,12 @@ package eu.eudat.logic.security.validators.linkedin; import eu.eudat.exceptions.security.UnauthorisedException; +import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInCustomProvider; +import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInUser; import eu.eudat.logic.security.validators.TokenValidator; import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl; +import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInRequest; +import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken; import eu.eudat.logic.services.ApiContext; import eu.eudat.logic.services.operations.authentication.AuthenticationService; import eu.eudat.models.data.login.LoginInfo; @@ -21,21 +25,21 @@ import org.springframework.stereotype.Component; public class LinkedInTokenValidator implements TokenValidator { private Environment environment; - private ApiContext apiContext; private AuthenticationService nonVerifiedUserAuthenticationService; private LinkedInServiceProvider linkedInServiceProvider; + private LinkedInCustomProvider linkedInCustomProvider; @Autowired - public LinkedInTokenValidator(ApiContext apiContext, Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) { + public LinkedInTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService, LinkedInCustomProvider linkedInCustomProvider) { this.environment = environment; - this.apiContext = apiContext; this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService; this.linkedInServiceProvider = new LinkedInServiceProvider(this.environment.getProperty("linkedin.login.clientId"), this.environment.getProperty("linkedin.login.clientSecret")); + this.linkedInCustomProvider = linkedInCustomProvider; } @Override public Principal validateToken(LoginInfo credentials) { - AccessGrant accessGrant = this.linkedInServiceProvider.getOAuthOperations().exchangeForAccess(credentials.getTicket(), this.environment.getProperty("linkedin.login.redirect_uri"), null); + /*AccessGrant accessGrant = this.linkedInServiceProvider.getOAuthOperations().exchangeForAccess(credentials.getTicket(), this.environment.getProperty("linkedin.login.redirect_uri"), null); LinkedIn linkedInService = this.linkedInServiceProvider.getApi(accessGrant.getAccessToken()); LinkedInProfile linkedInProfile = linkedInService.profileOperations().getUserProfile(); LoginProviderUser user = new LoginProviderUser(); @@ -48,7 +52,24 @@ public class LinkedInTokenValidator implements TokenValidator { user.setAvatarUrl(linkedInProfile.getProfilePictureUrl()); user.setName(linkedInProfile.getFirstName() + " " + linkedInProfile.getLastName()); user.setProvider(TokenValidatorFactoryImpl.LoginProvider.LINKEDIN); - user.setSecret(accessGrant.getAccessToken()); + user.setSecret(accessGrant.getAccessToken());*/ + + LinkedInUser linkedInUser = this.linkedInCustomProvider.getUser(credentials.getTicket()); + if (linkedInUser.getEmail() == null) + throw new UnauthorisedException("Cannot login user.LinkedIn account did not provide email"); + LoginProviderUser user = new LoginProviderUser(); + user.setId(linkedInUser.getId()); + user.setName(linkedInUser.getName()); + user.setEmail(linkedInUser.getEmail()); + user.setProvider(credentials.getProvider()); + user.setSecret(credentials.getTicket()); + return this.nonVerifiedUserAuthenticationService.Touch(user); } + + public LinkedInResponseToken getAccessToken(LinkedInRequest linkedInRequest) { + return this.linkedInCustomProvider.getAccessToken( + linkedInRequest.getCode(), this.environment.getProperty("linkedin.login.redirect_uri"), + this.environment.getProperty("linkedin.login.clientId"), this.environment.getProperty("linkedin.login.clientSecret")); + } } diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/helpers/LinkedInRequest.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/helpers/LinkedInRequest.java new file mode 100644 index 000000000..a03bb9fe1 --- /dev/null +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/helpers/LinkedInRequest.java @@ -0,0 +1,12 @@ +package eu.eudat.logic.security.validators.linkedin.helpers; + +public class LinkedInRequest { + private String code; + + public String getCode() { + return code; + } + public void setCode(String code) { + this.code = code; + } +} diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/helpers/LinkedInResponseToken.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/helpers/LinkedInResponseToken.java new file mode 100644 index 000000000..f39776e48 --- /dev/null +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/linkedin/helpers/LinkedInResponseToken.java @@ -0,0 +1,21 @@ +package eu.eudat.logic.security.validators.linkedin.helpers; + +public class LinkedInResponseToken { + + private String accessToken; + private Integer expiresIn; + + public String getAccessToken() { + return accessToken; + } + public void setAccessToken(String accessToken) { + this.accessToken = accessToken; + } + + public Integer getExpiresIn() { + return expiresIn; + } + public void setExpiresIn(Integer expiresIn) { + this.expiresIn = expiresIn; + } +} diff --git a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/orcid/ORCIDTokenValidator.java b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/orcid/ORCIDTokenValidator.java index 8d365a052..b87ac2cbd 100644 --- a/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/orcid/ORCIDTokenValidator.java +++ b/dmp-backend/web/src/main/java/eu/eudat/logic/security/validators/orcid/ORCIDTokenValidator.java @@ -7,7 +7,6 @@ import eu.eudat.logic.security.customproviders.ORCID.ORCIDUser; import eu.eudat.logic.security.validators.TokenValidator; import eu.eudat.logic.security.validators.orcid.helpers.ORCIDRequest; import eu.eudat.logic.security.validators.orcid.helpers.ORCIDResponseToken; -import eu.eudat.logic.services.ApiContext; import eu.eudat.logic.services.operations.authentication.AuthenticationService; import eu.eudat.models.data.login.LoginInfo; import eu.eudat.models.data.loginprovider.LoginProviderUser; @@ -25,14 +24,12 @@ public class ORCIDTokenValidator implements TokenValidator { private ORCIDCustomProvider orcidCustomProvider; private Environment environment; private AuthenticationService nonVerifiedUserAuthenticationService; - private ApiContext apiContext; @Autowired - public ORCIDTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService, ORCIDCustomProvider orcidCustomProvider, ApiContext apiContext) { + public ORCIDTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService, ORCIDCustomProvider orcidCustomProvider) { this.environment = environment; this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService; this.orcidCustomProvider = orcidCustomProvider; - this.apiContext = apiContext; } @Override diff --git a/dmp-backend/web/src/main/resources/application-devel.properties b/dmp-backend/web/src/main/resources/application-devel.properties index d6460eb55..f05d23d04 100644 --- a/dmp-backend/web/src/main/resources/application-devel.properties +++ b/dmp-backend/web/src/main/resources/application-devel.properties @@ -29,7 +29,12 @@ dataset.tags.mock=/mockupTags.json twitter.login.redirect_uri=http://127.0.0.1:4200/login/twitter #############LINKEDIN LOGIN CONFIGURATIONS######### +linkedin.login.clientId= +linkedin.login.clientSecret= linkedin.login.redirect_uri=http://localhost:4200/login/linkedin +linkedin.login.user_info_url=https://api.linkedin.com/v2/me +linkedin.login.user_email=https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~)) +linkedin.login.access_token_url=https://www.linkedin.com/uas/oauth2/accessToken #############FACEBOOK LOGIN CONFIGURATIONS######### facebook.login.clientId= diff --git a/dmp-backend/web/src/main/resources/application-production.properties b/dmp-backend/web/src/main/resources/application-production.properties index 6de88b0a2..cd4b738b6 100644 --- a/dmp-backend/web/src/main/resources/application-production.properties +++ b/dmp-backend/web/src/main/resources/application-production.properties @@ -46,6 +46,9 @@ google.login.clientId= linkedin.login.clientId= linkedin.login.clientSecret= linkedin.login.redirect_uri=https://opendmp.eu/login/linkedin +linkedin.login.user_info_url=https://api.linkedin.com/v2/me +linkedin.login.user_email=https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~)) +linkedin.login.access_token_url=https://www.linkedin.com/uas/oauth2/accessToken #############TWITTER LOGIN CONFIGURATIONS######### twitter.login.clientId= diff --git a/dmp-backend/web/src/main/resources/application-staging.properties b/dmp-backend/web/src/main/resources/application-staging.properties index 226accae4..3cdae2ccc 100644 --- a/dmp-backend/web/src/main/resources/application-staging.properties +++ b/dmp-backend/web/src/main/resources/application-staging.properties @@ -48,6 +48,9 @@ google.login.clientId= linkedin.login.clientId= linkedin.login.clientSecret= linkedin.login.redirect_uri=https://devel.opendmp.eu/login/linkedin +linkedin.login.user_info_url=https://api.linkedin.com/v2/me +linkedin.login.user_email=https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~)) +linkedin.login.access_token_url=https://www.linkedin.com/uas/oauth2/accessToken #############TWITTER LOGIN CONFIGURATIONS######### twitter.login.clientId= diff --git a/dmp-backend/web/src/main/resources/application.properties b/dmp-backend/web/src/main/resources/application.properties index cacdd641f..c79002d88 100644 --- a/dmp-backend/web/src/main/resources/application.properties +++ b/dmp-backend/web/src/main/resources/application.properties @@ -37,6 +37,9 @@ google.login.clientId= linkedin.login.clientId= linkedin.login.clientSecret= linkedin.login.redirect_uri=http://opendmp.eu/login/linkedin +linkedin.login.user_info_url=https://api.linkedin.com/v2/me +linkedin.login.user_email=https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~)) +linkedin.login.access_token_url=https://www.linkedin.com/uas/oauth2/accessToken #############TWITTER LOGIN CONFIGURATIONS######### twitter.login.clientId= diff --git a/dmp-frontend/src/app/ui/auth/login/linkedin-login/linkedin-login.component.ts b/dmp-frontend/src/app/ui/auth/login/linkedin-login/linkedin-login.component.ts index 5af22cde4..bf2981f99 100644 --- a/dmp-frontend/src/app/ui/auth/login/linkedin-login/linkedin-login.component.ts +++ b/dmp-frontend/src/app/ui/auth/login/linkedin-login/linkedin-login.component.ts @@ -1,11 +1,12 @@ import { Component, OnInit } from '@angular/core'; -import { ActivatedRoute, Params } from '@angular/router'; +import { ActivatedRoute, Params, Router } from '@angular/router'; import { takeUntil } from 'rxjs/operators'; import { environment } from '../../../../../environments/environment'; import { BaseComponent } from '../../../../core/common/base/base.component'; import { AuthProvider } from '../../../../core/common/enum/auth-provider'; import { AuthService } from '../../../../core/services/auth/auth.service'; import { LoginService } from '../utilities/login.service'; +import { HttpClient } from "@angular/common/http"; @Component({ selector: 'app-linkedin-login', @@ -18,7 +19,9 @@ export class LinkedInLoginComponent extends BaseComponent implements OnInit { constructor( private route: ActivatedRoute, private loginService: LoginService, - private authService: AuthService + private authService: AuthService, + private router: Router, + private httpClient: HttpClient ) { super(); } @@ -29,21 +32,31 @@ export class LinkedInLoginComponent extends BaseComponent implements OnInit { .subscribe((params: Params) => { const returnUrl = params['returnUrl']; if (returnUrl) { this.returnUrl = returnUrl; } - if (!params['code']) { this.linkedinAuthorize(); } else { this.linkedInLoginUser(params['code']); } + if (!params['code']) { this.linkedinAuthorize(); } else { this.linkedInLoginUser(params['code'], params['state']); } }); } public linkedinAuthorize() { - window.location.href = environment.loginProviders.linkedInConfiguration.oauthUrl + '?response_type=code&client_id=' + environment.loginProviders.linkedInConfiguration.clientId + '&redirect_uri=' + environment.loginProviders.linkedInConfiguration.redirectUri + '&state=987654321'; + window.location.href = environment.loginProviders.linkedInConfiguration.oauthUrl + + '?response_type=code&client_id=' + environment.loginProviders.linkedInConfiguration.clientId + + '&redirect_uri=' + environment.loginProviders.linkedInConfiguration.redirectUri + + '&state=' + environment.loginProviders.linkedInConfiguration.state + + '&scope=r_emailaddress'; } - - public linkedInLoginUser(code: string) { - this.authService.login({ ticket: code, provider: AuthProvider.LinkedIn }) + public linkedInLoginUser(code: string, state: string) { + if (state !== environment.loginProviders.linkedInConfiguration.state) { + this.router.navigate(['/login']); + } + this.httpClient.post(environment.Server + 'auth/linkedInRequestToken', { code: code, provider: AuthProvider.LinkedIn }) .pipe(takeUntil(this._destroyed)) - .subscribe( - res => this.loginService.onLogInSuccess(res, this.returnUrl), - error => this.loginService.onLogInError(error) - ); + .subscribe((data: any) => { + this.authService.login({ ticket: data.payload.accessToken, provider: AuthProvider.LinkedIn, data: null }) + .pipe(takeUntil(this._destroyed)) + .subscribe( + res => this.loginService.onLogInSuccess(res, this.returnUrl), + error => this.loginService.onLogInError(error) + ); + }); } } diff --git a/dmp-frontend/src/app/ui/auth/login/utilities/login.service.ts b/dmp-frontend/src/app/ui/auth/login/utilities/login.service.ts index 93d5db2be..59426a466 100644 --- a/dmp-frontend/src/app/ui/auth/login/utilities/login.service.ts +++ b/dmp-frontend/src/app/ui/auth/login/utilities/login.service.ts @@ -44,11 +44,11 @@ export class LoginService extends BaseService { public onLogInSuccess(loginResponse: any, returnUrl: string) { this.zone.run(() => { - this.uiNotificationService.snackBarNotification(this.language.instant('GENERAL.SNACK-BAR.SUCCESSFUL-LOGIN'), SnackBarNotificationLevel.Success); - if (this.authService.current().culture) { this.cultureService.cultureSelected(this.authService.current().culture); } - const redirectUrl = returnUrl || '/'; - this.router.navigate([redirectUrl]); - }); + this.uiNotificationService.snackBarNotification(this.language.instant('GENERAL.SNACK-BAR.SUCCESSFUL-LOGIN'), SnackBarNotificationLevel.Success); + if (this.authService.current().culture) { this.cultureService.cultureSelected(this.authService.current().culture); } + const redirectUrl = returnUrl || '/'; + this.router.navigate([redirectUrl]); + }); } public onLogInError(errorMessage: string) {