Fixes various code missteps on application's login logic.
This commit is contained in:
parent
967d4bfe40
commit
1c6d58a47b
|
@ -16,9 +16,6 @@ import org.springframework.web.client.RestTemplate;
|
|||
import java.nio.charset.Charset;
|
||||
import java.util.Map;
|
||||
|
||||
/**
|
||||
* Created by ikalyvas on 2/22/2018.
|
||||
*/
|
||||
@Component("b2AccessCustomProvider")
|
||||
public class B2AccessCustomProviderImpl implements B2AccessCustomProvider {
|
||||
|
||||
|
|
|
@ -1,15 +1,11 @@
|
|||
package eu.eudat.logic.security.customproviders.LinkedIn;
|
||||
|
||||
import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken;
|
||||
import org.apache.http.conn.ssl.NoopHostnameVerifier;
|
||||
import org.apache.http.impl.client.CloseableHttpClient;
|
||||
import org.apache.http.impl.client.HttpClients;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.http.HttpEntity;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
||||
import org.springframework.stereotype.Component;
|
||||
import org.springframework.util.LinkedMultiValueMap;
|
||||
import org.springframework.util.MultiValueMap;
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
package eu.eudat.logic.security.customproviders.OpenAIRE;
|
||||
|
||||
import eu.eudat.logic.security.validators.openaire.helpers.OpenAIREResponseToken;
|
||||
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.http.HttpEntity;
|
||||
import org.springframework.http.HttpHeaders;
|
||||
|
@ -56,7 +55,7 @@ public class OpenAIRECustomProviderImpl implements OpenAIRECustomProvider {
|
|||
|
||||
private HttpHeaders createBearerAuthHeaders(String accessToken) {
|
||||
return new HttpHeaders() {{
|
||||
String authHeader = "Bearer " + new String(accessToken);
|
||||
String authHeader = "Bearer " + accessToken;
|
||||
set("Authorization", authHeader);
|
||||
}};
|
||||
}
|
||||
|
|
|
@ -11,7 +11,6 @@ import eu.eudat.logic.security.validators.linkedin.LinkedInTokenValidator;
|
|||
import eu.eudat.logic.security.validators.openaire.OpenAIRETokenValidator;
|
||||
import eu.eudat.logic.security.validators.orcid.ORCIDTokenValidator;
|
||||
import eu.eudat.logic.security.validators.twitter.TwitterTokenValidator;
|
||||
import eu.eudat.logic.services.ApiContext;
|
||||
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.env.Environment;
|
||||
|
@ -57,7 +56,6 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
|
|||
}
|
||||
}
|
||||
|
||||
private ApiContext apiContext;
|
||||
private Environment environment;
|
||||
private AuthenticationService nonVerifiedUserAuthenticationService;
|
||||
private B2AccessCustomProvider b2AccessCustomProvider;
|
||||
|
@ -67,10 +65,9 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
|
|||
|
||||
@Autowired
|
||||
public TokenValidatorFactoryImpl(
|
||||
ApiContext apiContext, Environment environment,
|
||||
Environment environment,
|
||||
AuthenticationService nonVerifiedUserAuthenticationService, B2AccessCustomProvider b2AccessCustomProvider,
|
||||
ORCIDCustomProvider orcidCustomProvider, LinkedInCustomProvider linkedInCustomProvider, OpenAIRECustomProvider openAIRECustomProvider) {
|
||||
this.apiContext = apiContext;
|
||||
this.environment = environment;
|
||||
this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
|
||||
this.b2AccessCustomProvider = b2AccessCustomProvider;
|
||||
|
@ -82,13 +79,13 @@ public class TokenValidatorFactoryImpl implements TokenValidatorFactory {
|
|||
public TokenValidator getProvider(LoginProvider provider) {
|
||||
switch (provider) {
|
||||
case GOOGLE:
|
||||
return new GoogleTokenValidator(this.apiContext, this.environment, this.nonVerifiedUserAuthenticationService);
|
||||
return new GoogleTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService);
|
||||
case FACEBOOK:
|
||||
return new FacebookTokenValidator(this.apiContext, this.environment, this.nonVerifiedUserAuthenticationService);
|
||||
return new FacebookTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService);
|
||||
case LINKEDIN:
|
||||
return new LinkedInTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, linkedInCustomProvider);
|
||||
case TWITTER:
|
||||
return new TwitterTokenValidator(this.apiContext, this.environment, this.nonVerifiedUserAuthenticationService);
|
||||
return new TwitterTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService);
|
||||
case B2_ACCESS:
|
||||
return new B2AccessTokenValidator(this.environment, this.nonVerifiedUserAuthenticationService, this.b2AccessCustomProvider);
|
||||
case ORCID:
|
||||
|
|
|
@ -18,9 +18,6 @@ import org.springframework.stereotype.Component;
|
|||
import java.io.IOException;
|
||||
import java.security.GeneralSecurityException;
|
||||
|
||||
/**
|
||||
* Created by ikalyvas on 2/22/2018.
|
||||
*/
|
||||
@Component("b2AccessTokenValidator ")
|
||||
public class B2AccessTokenValidator implements TokenValidator {
|
||||
|
||||
|
|
|
@ -3,7 +3,6 @@ package eu.eudat.logic.security.validators.facebook;
|
|||
import eu.eudat.exceptions.security.UnauthorisedException;
|
||||
import eu.eudat.logic.security.validators.TokenValidator;
|
||||
import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl;
|
||||
import eu.eudat.logic.services.ApiContext;
|
||||
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
||||
import eu.eudat.models.data.login.LoginInfo;
|
||||
import eu.eudat.models.data.loginprovider.LoginProviderUser;
|
||||
|
@ -22,17 +21,13 @@ import java.util.Map;
|
|||
@Component("facebookTokenValidator")
|
||||
public class FacebookTokenValidator implements TokenValidator {
|
||||
|
||||
private Environment environment;
|
||||
private ApiContext apiContext;
|
||||
private AuthenticationService nonVerifiedUserAuthenticationService;
|
||||
private FacebookServiceProvider facebookServiceProvider;
|
||||
|
||||
@Autowired
|
||||
public FacebookTokenValidator(ApiContext apiContext, Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
||||
this.environment = environment;
|
||||
this.apiContext = apiContext;
|
||||
public FacebookTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
||||
this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
|
||||
this.facebookServiceProvider = new FacebookServiceProvider(this.environment.getProperty("facebook.login.clientId"), this.environment.getProperty("facebook.login.clientSecret"), this.environment.getProperty("facebook.login.namespace"));
|
||||
this.facebookServiceProvider = new FacebookServiceProvider(environment.getProperty("facebook.login.clientId"), environment.getProperty("facebook.login.clientSecret"), environment.getProperty("facebook.login.namespace"));
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -56,8 +51,7 @@ public class FacebookTokenValidator implements TokenValidator {
|
|||
|
||||
private User getFacebookUser(String accessToken) {
|
||||
String[] fields = {"id", "email", "first_name", "last_name", "name", "verified", "picture"};
|
||||
User profile = this.facebookServiceProvider.getApi(accessToken).fetchObject("me", User.class, fields);
|
||||
return profile;
|
||||
return this.facebookServiceProvider.getApi(accessToken).fetchObject("me", User.class, fields);
|
||||
}
|
||||
|
||||
private Date addADay(Date date) {
|
||||
|
|
|
@ -8,7 +8,6 @@ import com.google.api.client.http.javanet.NetHttpTransport;
|
|||
import com.google.api.client.json.jackson2.JacksonFactory;
|
||||
import eu.eudat.logic.security.validators.TokenValidator;
|
||||
import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl;
|
||||
import eu.eudat.logic.services.ApiContext;
|
||||
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
||||
import eu.eudat.models.data.login.LoginInfo;
|
||||
import eu.eudat.models.data.loginprovider.LoginProviderUser;
|
||||
|
@ -24,24 +23,19 @@ import java.util.Collections;
|
|||
public class GoogleTokenValidator implements TokenValidator {
|
||||
|
||||
private static final HttpTransport transport = new NetHttpTransport();
|
||||
private ApiContext apiContext;
|
||||
private AuthenticationService nonVerifiedUserAuthenticationService;
|
||||
private GoogleIdTokenVerifier verifier;
|
||||
private Environment environment;
|
||||
|
||||
@Autowired
|
||||
public GoogleTokenValidator(ApiContext apiContext, Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
||||
this.apiContext = apiContext;
|
||||
this.environment = environment;
|
||||
public GoogleTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
||||
this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
|
||||
verifier = new GoogleIdTokenVerifier.Builder(transport, JacksonFactory.getDefaultInstance())
|
||||
.setAudience(Collections.singletonList(this.environment.getProperty("google.login.clientId")))
|
||||
.setAudience(Collections.singletonList(environment.getProperty("google.login.clientId")))
|
||||
.build();
|
||||
}
|
||||
|
||||
private GoogleIdToken verifyUserAndGetUser(String idTokenString) throws IOException, GeneralSecurityException {
|
||||
GoogleIdToken idToken = verifier.verify(idTokenString);
|
||||
return idToken;
|
||||
return verifier.verify(idTokenString);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
@ -58,5 +52,4 @@ public class GoogleTokenValidator implements TokenValidator {
|
|||
user.setIsVerified(payload.getEmailVerified());
|
||||
return this.nonVerifiedUserAuthenticationService.Touch(user);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
@ -4,20 +4,14 @@ import eu.eudat.exceptions.security.UnauthorisedException;
|
|||
import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInCustomProvider;
|
||||
import eu.eudat.logic.security.customproviders.LinkedIn.LinkedInUser;
|
||||
import eu.eudat.logic.security.validators.TokenValidator;
|
||||
import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl;
|
||||
import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInRequest;
|
||||
import eu.eudat.logic.security.validators.linkedin.helpers.LinkedInResponseToken;
|
||||
import eu.eudat.logic.services.ApiContext;
|
||||
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
||||
import eu.eudat.models.data.login.LoginInfo;
|
||||
import eu.eudat.models.data.loginprovider.LoginProviderUser;
|
||||
import eu.eudat.models.data.security.Principal;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.core.env.Environment;
|
||||
import org.springframework.social.linkedin.api.LinkedIn;
|
||||
import org.springframework.social.linkedin.api.LinkedInProfile;
|
||||
import org.springframework.social.linkedin.connect.LinkedInServiceProvider;
|
||||
import org.springframework.social.oauth2.AccessGrant;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
|
||||
|
@ -26,14 +20,12 @@ public class LinkedInTokenValidator implements TokenValidator {
|
|||
|
||||
private Environment environment;
|
||||
private AuthenticationService nonVerifiedUserAuthenticationService;
|
||||
private LinkedInServiceProvider linkedInServiceProvider;
|
||||
private LinkedInCustomProvider linkedInCustomProvider;
|
||||
|
||||
@Autowired
|
||||
public LinkedInTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService, LinkedInCustomProvider linkedInCustomProvider) {
|
||||
this.environment = environment;
|
||||
this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
|
||||
this.linkedInServiceProvider = new LinkedInServiceProvider(this.environment.getProperty("linkedin.login.clientId"), this.environment.getProperty("linkedin.login.clientSecret"));
|
||||
this.linkedInCustomProvider = linkedInCustomProvider;
|
||||
}
|
||||
|
||||
|
|
|
@ -5,7 +5,6 @@ import eu.eudat.exceptions.security.NullEmailException;
|
|||
import eu.eudat.exceptions.security.UnauthorisedException;
|
||||
import eu.eudat.logic.security.validators.TokenValidator;
|
||||
import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl;
|
||||
import eu.eudat.logic.services.ApiContext;
|
||||
import eu.eudat.logic.services.operations.authentication.AuthenticationService;
|
||||
import eu.eudat.models.data.login.LoginInfo;
|
||||
import eu.eudat.models.data.loginprovider.LoginProviderUser;
|
||||
|
@ -28,14 +27,12 @@ import java.util.Map;
|
|||
public class TwitterTokenValidator implements TokenValidator {
|
||||
|
||||
private Environment environment;
|
||||
private ApiContext apiContext;
|
||||
private AuthenticationService nonVerifiedUserAuthenticationService;
|
||||
private TwitterServiceProvider twitterServiceProvider;
|
||||
|
||||
@Autowired
|
||||
public TwitterTokenValidator(ApiContext apiContext, Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
||||
public TwitterTokenValidator(Environment environment, AuthenticationService nonVerifiedUserAuthenticationService) {
|
||||
this.environment = environment;
|
||||
this.apiContext = apiContext;
|
||||
this.nonVerifiedUserAuthenticationService = nonVerifiedUserAuthenticationService;
|
||||
this.twitterServiceProvider = new TwitterServiceProvider(this.environment.getProperty("twitter.login.clientId"), this.environment.getProperty("twitter.login.clientSecret"));
|
||||
}
|
||||
|
|
|
@ -17,7 +17,6 @@ pdf.converter.url=http://localhost:88/
|
|||
####################CONFIGURATION FILES OVERRIDES CONFIGURATIONS##########
|
||||
configuration.externalUrls=/web/src/main/resources/ExternalUrls.xml
|
||||
configuration.rda=/web/src/main/resources/RDACommonStandards.txt
|
||||
configuration.loginProviders=C:/Users/gkolokythas/Documents/openDmp/dmp-backend/web/src/main/resources/LoginProviders.xml
|
||||
configuration.h2020template=/web/src/main/resources/documents/h2020.docx
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue