OAuth2 Access Confirmation
OAuth2 Access Confirmation
This commit is contained in:
shimingxy
@@ -1,17 +1,18 @@
|
||||
package org.maxkey.authz.oauth2.provider.approval.controller;
|
||||
|
||||
import java.security.Principal;
|
||||
import java.util.HashMap;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.Map;
|
||||
|
||||
import org.maxkey.authn.BasicAuthentication;
|
||||
import org.maxkey.authz.endpoint.AuthorizeBaseEndpoint;
|
||||
import org.maxkey.authz.oauth2.common.util.OAuth2Utils;
|
||||
import org.maxkey.authz.oauth2.provider.AuthorizationRequest;
|
||||
import org.maxkey.authz.oauth2.provider.ClientDetailsService;
|
||||
import org.maxkey.authz.oauth2.provider.approval.Approval;
|
||||
import org.maxkey.authz.oauth2.provider.approval.ApprovalStore;
|
||||
import org.maxkey.authz.oauth2.provider.approval.Approval.ApprovalStatus;
|
||||
import org.maxkey.authz.oauth2.provider.approval.ApprovalStore;
|
||||
import org.maxkey.dao.service.AppsService;
|
||||
import org.maxkey.domain.apps.Apps;
|
||||
import org.maxkey.domain.apps.oauth2.provider.ClientDetails;
|
||||
import org.maxkey.web.WebContext;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@@ -32,56 +33,84 @@ import org.springframework.web.servlet.ModelAndView;
|
||||
@SessionAttributes("authorizationRequest")
|
||||
public class OAuth20AccessConfirmationController {
|
||||
|
||||
@Autowired
|
||||
@Qualifier("oauth20JdbcClientDetailsService")
|
||||
private ClientDetailsService clientDetailsService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("oauth20ApprovalStore")
|
||||
private ApprovalStore approvalStore;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("oauth20UserApprovalHandler")
|
||||
OAuth20UserApprovalHandler oauth20UserApprovalHandler;
|
||||
|
||||
|
||||
@RequestMapping("/oauth/v20/approval_confirm")
|
||||
public ModelAndView getAccessConfirmation(@RequestParam Map<String, Object> model) throws Exception {
|
||||
model.remove("authorizationRequest");
|
||||
Map<String, String> modelRequest=new HashMap<String, String>();
|
||||
for(Object key:model.keySet()){
|
||||
modelRequest.put(key.toString(), model.get(key).toString());
|
||||
}
|
||||
String principal=((BasicAuthentication)WebContext.getAuthentication().getPrincipal()).getUsername();
|
||||
//Map<String, Object> model
|
||||
AuthorizationRequest clientAuth = (AuthorizationRequest) WebContext.getAttribute("authorizationRequest");
|
||||
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
|
||||
model.put("auth_request", clientAuth);
|
||||
model.put("client", client);
|
||||
model.put("oauth_version", "oauth 2.0");
|
||||
Map<String, String> scopes = new LinkedHashMap<String, String>();
|
||||
for (String scope : clientAuth.getScope()) {
|
||||
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
|
||||
}
|
||||
|
||||
for (Approval approval : approvalStore.getApprovals(principal, client.getClientId())) {
|
||||
if (clientAuth.getScope().contains(approval.getScope())) {
|
||||
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
|
||||
approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
|
||||
}
|
||||
}
|
||||
model.put("scopes", scopes);
|
||||
|
||||
ModelAndView modelAndView=new ModelAndView("authorize/oauth_access_confirmation");
|
||||
modelAndView.addObject("model",model);
|
||||
return modelAndView;
|
||||
}
|
||||
@Autowired
|
||||
@Qualifier("appsService")
|
||||
protected AppsService appsService;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("oauth20JdbcClientDetailsService")
|
||||
private ClientDetailsService clientDetailsService;
|
||||
|
||||
@RequestMapping("/oauth/v20/error")
|
||||
public String handleError(Map<String,Object> model) throws Exception {
|
||||
// We can add more stuff to the model here for JSP rendering. If the client was a machine then
|
||||
// the JSON will already have been rendered.
|
||||
model.put("message", "There was a problem with the OAuth2 protocol");
|
||||
return "oauth_error";
|
||||
}
|
||||
@Autowired
|
||||
@Qualifier("oauth20ApprovalStore")
|
||||
private ApprovalStore approvalStore;
|
||||
|
||||
@Autowired
|
||||
@Qualifier("oauth20UserApprovalHandler")
|
||||
OAuth20UserApprovalHandler oauth20UserApprovalHandler;
|
||||
|
||||
/**
|
||||
* getAccessConfirmation.
|
||||
* @param model Map
|
||||
* @return
|
||||
* throws Exception
|
||||
*/
|
||||
@RequestMapping("/oauth/v20/approval_confirm")
|
||||
public ModelAndView getAccessConfirmation(
|
||||
@RequestParam Map<String, Object> model) throws Exception {
|
||||
model.remove("authorizationRequest");
|
||||
Map<String, String> modelRequest = new HashMap<String, String>();
|
||||
for (Object key : model.keySet()) {
|
||||
modelRequest.put(key.toString(), model.get(key).toString());
|
||||
}
|
||||
|
||||
// Map<String, Object> model
|
||||
AuthorizationRequest clientAuth =
|
||||
(AuthorizationRequest) WebContext.getAttribute("authorizationRequest");
|
||||
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuth.getClientId());
|
||||
Apps app = (Apps)WebContext.getAttribute(AuthorizeBaseEndpoint.class.getName());
|
||||
//session中为空或者id不一致重新加载
|
||||
if (app == null || !app.getId().equalsIgnoreCase(clientAuth.getClientId())) {
|
||||
app = appsService.get(clientAuth.getClientId());
|
||||
WebContext.setAttribute(AuthorizeBaseEndpoint.class.getName(), app);
|
||||
WebContext.setAttribute(app.getId(), app.getIcon());
|
||||
}
|
||||
|
||||
model.put("auth_request", clientAuth);
|
||||
model.put("client", client);
|
||||
model.put("app", app);
|
||||
model.put("oauth_version", "oauth 2.0");
|
||||
Map<String, String> scopes = new LinkedHashMap<String, String>();
|
||||
for (String scope : clientAuth.getScope()) {
|
||||
scopes.put(OAuth2Utils.SCOPE_PREFIX + scope, "false");
|
||||
}
|
||||
String principal =
|
||||
((BasicAuthentication) WebContext.getAuthentication().getPrincipal()).getUsername();
|
||||
for (Approval approval : approvalStore.getApprovals(principal, client.getClientId())) {
|
||||
if (clientAuth.getScope().contains(approval.getScope())) {
|
||||
scopes.put(OAuth2Utils.SCOPE_PREFIX + approval.getScope(),
|
||||
approval.getStatus() == ApprovalStatus.APPROVED ? "true" : "false");
|
||||
}
|
||||
}
|
||||
model.put("scopes", scopes);
|
||||
|
||||
ModelAndView modelAndView = new ModelAndView("authorize/oauth_access_confirmation");
|
||||
modelAndView.addObject("model", model);
|
||||
return modelAndView;
|
||||
}
|
||||
|
||||
/**
|
||||
* handleError.
|
||||
* @param model Map
|
||||
* @return
|
||||
* throws Exception
|
||||
*/
|
||||
@RequestMapping("/oauth/v20/error")
|
||||
public String handleError(Map<String, Object> model) throws Exception {
|
||||
// We can add more stuff to the model here for JSP rendering. If the client was
|
||||
// a machine then
|
||||
// the JSON will already have been rendered.
|
||||
model.put("message", "There was a problem with the OAuth2 protocol");
|
||||
return "oauth_error";
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user