diff --git a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp index c283710..2695227 100644 --- a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp +++ b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp @@ -13,6 +13,7 @@ %>
<% @@ -22,22 +23,36 @@ String clientId = queryMap.get(GET_CLIENT_ID_PARAMETER); if (clientId == null || clientId.compareTo("")==0) { clientNotAuthorised = true;%> -

We're sorry your application is not authorised by +

We're sorry your application is not authorised by D4Science

Please check that you are passing all the required parameters for you application

<%} String scope = queryMap.get(GET_SCOPE_PARAMETER); - if (clientId != null && clientId.compareTo("") != 0) { + if (scope != null && scope.compareTo("") != 0) { + boolean isValid = AuthUtil.isValidContext(scope); + clientNotAuthorised = !isValid; + if (!isValid) {%> +

We're sorry the scope (infrastructure context) you passed as parameter is not valid in D4Science, passed scope: <%= scope %>

+

+ Please check that you are passing all the required parameters for you application +

+ <% } + } + if (clientId != null && clientId.compareTo("") != 0 && !clientNotAuthorised) { RequestingApp app = AuthUtil.getAuthorisedApplicationInfoFromIs(clientId); if (app != null) { hideCreateAccountAndForgotPassword = true; - if (app.getLogoURL() != null && !app.getLogoURL().isEmpty()) { - %> -

- -

+ %> + +

+ <% + if (app.getLogoURL() != null && !app.getLogoURL().isEmpty()) { + %> + + + <% } %> @@ -47,18 +62,22 @@ would like to access some of your D4Science info:
Name, photo, email and current roles <% - if (scope != null && scope.compareTo("") != 0) { + String displayContext = scope; + if (scope != null && scope.compareTo("") != 0) { + displayContext = scope.substring(scope.lastIndexOf('/')+1); %> - on context: <%=scope%> + on context: <%=displayContext%> <% } %>

+

By signing in with your <%=context.getGatewayName(request)%> credentials you are approving - this application's request to access your member data and interact + this application's request to access your data and interact with D4Science on your behalf.

+

<% } else { diff --git a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp index 5bd702c..fec08dd 100644 --- a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp +++ b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp @@ -40,6 +40,8 @@ String workspaceUrl = siteUrl + GCubePortalConstants.USER_WORKSPACE_FRIENDLY_URL; final String GET_CLIENT_ID_PARAMETER = "client_id"; final String GET_SCOPE_PARAMETER = "scope"; + final String GET_REDIRECTURL_PARAMETER = "redirect_uri"; + final String GET_STATE_PARAMETER = "state"; boolean hideCreateAccountAndForgotPassword = false; boolean clientNotAuthorised = false; %> @@ -85,9 +87,9 @@ String redirect = ParamUtil.getString(request, "redirect"); %> - + <%@ include file="/html/portlet/login/RequestingApplication.jsp"%> - +

<%=LanguageUtil.get(pageContext, "sign-in")%>

@@ -233,9 +235,14 @@ + <% + Map queryMap = AuthUtil.getQueryMap(redirect); + String redirectURI = queryMap.get(GET_REDIRECTURL_PARAMETER); + String responseWithError = redirectURI+"?error=user_cancelled_login&error_description=refused%2flogin&state="+queryMap.get(GET_STATE_PARAMETER); + %>
+ onClick="location.href='<%=responseWithError%>'">Deny Access