From 74c524ed26eb49962d113f55b89a0b317e6b6783 Mon Sep 17 00:00:00 2001
From: Massimiliano Assante <massimiliano.assante@isti.cnr.it>
Date: Mon, 6 Feb 2017 16:20:23 +0000
Subject: [PATCH] ready to release

git-svn-id: http://svn.research-infrastructures.eu/public/d4science/gcube/trunk/portal/liferay62-plugins/login-hook@142280 82a268e6-3cf1-43bd-a215-b396298e98cf
---
 .../portlet/login/RequestingApplication.jsp   | 39 ++++++++++++++-----
 .../custom_jsps/html/portlet/login/login.jsp  | 13 +++++--
 2 files changed, 39 insertions(+), 13 deletions(-)

diff --git a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp
index c283710..2695227 100644
--- a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp
+++ b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/RequestingApplication.jsp
@@ -13,6 +13,7 @@
 %>
 <script>
 	$(".portlet-title-text").text("Sign in to approve application");
+	$("#navigation").css("display", "none");
 </script>
 <div style="text-align: center;">
 	<%
@@ -22,22 +23,36 @@
 				String clientId = queryMap.get(GET_CLIENT_ID_PARAMETER);
 				if (clientId == null || clientId.compareTo("")==0) {
 					clientNotAuthorised = true;%>
-					<p class="lead">We're sorry your application is not authorised by
+					<p>We're sorry your application is not authorised by
 							D4Science</p>
 						<p style="color: red;">
 							Please check that you are passing all the required parameters for you application
 						</p>
 				<%}
 				String scope = queryMap.get(GET_SCOPE_PARAMETER);
-				if (clientId != null && clientId.compareTo("") != 0) {
+				if (scope != null && scope.compareTo("") != 0) {
+					boolean isValid = AuthUtil.isValidContext(scope);
+					clientNotAuthorised = !isValid;
+					if (!isValid) {%>
+					<p>We're sorry the scope (infrastructure context) you passed as parameter is not valid in D4Science, passed scope: <b><%= scope %></b></p>
+						<p style="color: red;">
+							Please check that you are passing all the required parameters for you application
+						</p>
+				<%  }
+				}
+				if (clientId != null && clientId.compareTo("") != 0 && !clientNotAuthorised) {
 					RequestingApp app = AuthUtil.getAuthorisedApplicationInfoFromIs(clientId);
 					if (app != null) {
 						hideCreateAccountAndForgotPassword = true;
-						if (app.getLogoURL() != null && !app.getLogoURL().isEmpty()) {
-	%>
-	<p>
-		<img style="width: 150px;" src="<%=app.getLogoURL()%>" />
-	<p>
+						%>
+						
+	<div>
+		<%
+		if (app.getLogoURL() != null && !app.getLogoURL().isEmpty()) {
+		%>
+
+		<img style="width: auto; height: 75px; float: left;" src="<%=app.getLogoURL()%>" />
+
 		<%
 			}
 		%>
@@ -47,18 +62,22 @@
 		would like to access some of your D4Science info: <br /> Name, photo,
 		email and current roles
 		<%
-			if (scope != null && scope.compareTo("") != 0) {
+			String displayContext = scope;
+			if (scope != null && scope.compareTo("") != 0) {				
+				displayContext = scope.substring(scope.lastIndexOf('/')+1);
 		%>
-		on context: <span style="font-weight: bolder;"><%=scope%></span>
+		on context: <span style="font-weight: bolder;"><%=displayContext%></span>
 		<%
 			}
 		%>
 	
 	<p>
+	</div>
 	<p>By signing in with your <span style="font-weight: bolder;"><%=context.getGatewayName(request)%> credentials</span> you are approving
-		this application's request to access your member data and interact
+		this application's request to access your data and interact
 		with D4Science on your behalf.
 	<p>
+	
 </div>
 <%
 	} else {
diff --git a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp
index 5bd702c..fec08dd 100644
--- a/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp
+++ b/src/main/webapp/META-INF/custom_jsps/html/portlet/login/login.jsp
@@ -40,6 +40,8 @@
 	String workspaceUrl = siteUrl + GCubePortalConstants.USER_WORKSPACE_FRIENDLY_URL;
 	final String GET_CLIENT_ID_PARAMETER = "client_id";
 	final String GET_SCOPE_PARAMETER = "scope";
+	final String GET_REDIRECTURL_PARAMETER = "redirect_uri";
+	final String GET_STATE_PARAMETER = "state";
 	boolean hideCreateAccountAndForgotPassword = false;
 	boolean clientNotAuthorised = false;
 %>
@@ -85,9 +87,9 @@
 			String redirect = ParamUtil.getString(request, "redirect");
 		%>
 
-		<!-- include for recongnizing requesting apps-->
+		<!-- include for recognising requesting apps-->
 		<%@ include file="/html/portlet/login/RequestingApplication.jsp"%>
-		<!-- end include for recongnizing requesting apps-->
+		<!-- end include for recognising requesting apps-->
 
 
 		<h4 class="login-sign-in"><%=LanguageUtil.get(pageContext, "sign-in")%></h4>
@@ -233,9 +235,14 @@
 
 		</aui:form>
 		<c:if test="<%=hideCreateAccountAndForgotPassword == true%>">
+		<%
+		Map<String, String> queryMap = AuthUtil.getQueryMap(redirect);
+		String redirectURI = queryMap.get(GET_REDIRECTURL_PARAMETER);
+		String responseWithError = redirectURI+"?error=user_cancelled_login&error_description=refused%2flogin&state="+queryMap.get(GET_STATE_PARAMETER);
+		%>
 			<div style="text-align: center;">
 				<button class="btn input-xlarge"
-					onClick="location.href='<%=context.getGatewayURL(request)%>'">Cancel</button>
+					onClick="location.href='<%=responseWithError%>'">Deny Access</button>
 			</div>
 		</c:if>
 		<liferay-util:include page="/html/portlet/login/navigation.jsp" />