From f3e53386f94a4ea0bb2d4fe4f79707f243cb0bca Mon Sep 17 00:00:00 2001
From: Michael Jett <mjett@mitre.org>
Date: Mon, 12 Mar 2012 12:50:13 -0400
Subject: [PATCH 1/3] Updating approval page to use oauth2 libs

---
 .../webapp/WEB-INF/views/oauth/approve.jsp    | 34 ++++++++-----------
 1 file changed, 14 insertions(+), 20 deletions(-)

diff --git a/server/src/main/webapp/WEB-INF/views/oauth/approve.jsp b/server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
index 48230c836..f27f5ac1a 100644
--- a/server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
+++ b/server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
@@ -1,25 +1,23 @@
 <%@ page import="org.springframework.security.core.AuthenticationException" %>
-<%@ page import="org.springframework.security.oauth2.provider.verification.BasicUserApprovalFilter" %>
-<%@ page import="org.springframework.security.oauth2.provider.verification.VerificationCodeFilter" %>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException" %>
 <%@ page import="org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter" %>
 <%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt" %>
-<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %>
 <%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
 
 <o:header title="approve access"/>
 <o:topbar/>
 <div class="container">
     <div class="content">
-        <c:if test="${!empty sessionScope.SPRING_SECURITY_LAST_EXCEPTION}">
-            <div class="alert-message error">
-                <a href="#" class="close">&times;</a>
+        <% if (session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null && !(session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) instanceof UnapprovedClientAuthenticationException)) { %>
+        <div class="alert-message error">
+            <a href="#" class="close">&times;</a>
 
-                <p><strong>Access could not be granted.</strong>
-                    (<%= ((AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
-                    )</p>
-            </div>
-        </c:if>
+            <p><strong>Access could not be granted.</strong>
+                (<%= ((AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
+                )</p>
+        </div>
+        <% } %>
         <c:remove scope="session" var="SPRING_SECURITY_LAST_EXCEPTION"/>
 
         <authz:authorize ifAllGranted="ROLE_USER">
@@ -32,18 +30,14 @@
                 <p>
 
                 <form id="confirmationForm" name="confirmationForm"
-                      action="<%=request.getContextPath() + VerificationCodeFilter.DEFAULT_PROCESSING_URL%>"
-                      method="post">
-                    <input name="<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_REQUEST_PARAMETER%>"
-                           value="<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_PARAMETER_VALUE%>" type="hidden"/>
+                      action="<%=request.getContextPath()%>/oauth/authorize" method="post">
+                    <input name="user_oauth_approval" value="true" type="hidden"/>
                     <input name="authorize" value="Authorize" type="submit" class="btn success large"/>
                 </form>
                 &nbsp;
-                <form id="denialForm" name="denialForm"
-                      action="<%=request.getContextPath() + VerificationCodeFilter.DEFAULT_PROCESSING_URL%>"
+                <form id="denialForm" name="denialForm" action="<%=request.getContextPath()%>/oauth/authorize"
                       method="post">
-                    <input name="<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_REQUEST_PARAMETER%>"
-                           value="not_<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_PARAMETER_VALUE%>" type="hidden"/>
+                    <input name="user_oauth_approval" value="false" type="hidden"/>
                     <input name="deny" value="Deny" type="submit" class="btn secondary large"/>
                 </form>
                 </p>

From c015329e5273216f17a88aba870f4f01524134b6 Mon Sep 17 00:00:00 2001
From: Michael Jett <mjett@mitre.org>
Date: Tue, 13 Mar 2012 16:27:21 -0400
Subject: [PATCH 2/3] Altering resig js tmpl library. JSP has a hate passion
 for it.

---
 .../resources/admin/manage_clients.html       | 22 +++++++++----------
 server/src/main/webapp/resources/js/tmpl.js   | 21 +++++++++++-------
 2 files changed, 24 insertions(+), 19 deletions(-)

diff --git a/server/src/main/webapp/resources/admin/manage_clients.html b/server/src/main/webapp/resources/admin/manage_clients.html
index 7773a1b06..1a255cda6 100644
--- a/server/src/main/webapp/resources/admin/manage_clients.html
+++ b/server/src/main/webapp/resources/admin/manage_clients.html
@@ -65,26 +65,26 @@
 
 <script type="text/html" id="client_tmpl">
     <tr>
-        <td><%=name%></td>
-        <td><%=redirectURL%></td>
+        <td><#=name#></td>
+        <td><#=redirectURL#></td>
         <td>
             <ul>
-                <% for (var i in grantType) { %>
-                <li><%=grantType[i]%></li>
-                <% } %>
+                <# for (var i in grantType) { #>
+                    <li><#=grantType[i]#></li>
+                    <# } #>
             </ul>
         </td>
         <td>
             <ul>
-                <% for (var i in scope) { %>
-                <li><%=scope[i]%></li>
-                <% } %>
+                <# for (var i in scope) { #>
+                    <li><#=scope[i]#></li>
+                    <# } #>
             </ul>
         </td>
-        <td><%=authority%></td>
-        <td><%=description%>
+        <td><#=authority#></td>
+        <td><#=description#>
         </td>
-        <td><input type="checkbox" "<%=(refreshTokens == 1 ? 'checked' : '')%> value="" id="" name="" disabled></td>
+        <td><input type="checkbox" "<#=(refreshTokens == 1 ? 'checked' : '')#> value="" id="" name="" disabled></td>
         <td>
             <button data-controls-modal="modal-from-dom" data-backdrop="true" data-keyboard="true"
                     class="btn">edit
diff --git a/server/src/main/webapp/resources/js/tmpl.js b/server/src/main/webapp/resources/js/tmpl.js
index 96864cf5f..e72802f98 100644
--- a/server/src/main/webapp/resources/js/tmpl.js
+++ b/server/src/main/webapp/resources/js/tmpl.js
@@ -1,9 +1,12 @@
+// A slightly modified version of the Resig Templating library
+// JSP hates the original
+
 // Simple JavaScript Templating
 // John Resig - http://ejohn.org/ - MIT Licensed
-(function() {
+(function(){
     var cache = {};
 
-    this.tmpl = function tmpl(str, data) {
+    this.tmpl = function tmpl(str, data){
         // Figure out if we're getting a template, or if we need to
         // load the template - and be sure to cache the result.
         var fn = !/\W/.test(str) ?
@@ -19,16 +22,18 @@
                     "with(obj){p.push('" +
 
                     // Convert the template into pure JavaScript
-                    str.replace(/[\r\t\n]/g, " ")
-                        .replace(/'(?=[^%]*%>)/g,"\t")
+                    str
+                        .replace(/[\r\t\n]/g, " ")
+                        .replace(/'(?=[^#]*#>)/g, "\t")
                         .split("'").join("\\'")
                         .split("\t").join("'")
-                        .replace(/<%=(.+?)%>/g, "',$1,'")
-                        .split("<%").join("');")
-                        .split("%>").join("p.push('")
+                        .replace(/<#=(.+?)#>/g, "',$1,'")
+                        .split("<#").join("');")
+                        .split("#>").join("p.push('")
+                        .split("\r").join("\\'")
                     + "');}return p.join('');");
 
         // Provide some basic currying to the user
-        return data ? fn(data) : fn;
+        return data ? fn( data ) : fn;
     };
 })();
\ No newline at end of file

From c23d31bc5468b6428537ff7ba7ac8f70078423b0 Mon Sep 17 00:00:00 2001
From: Michael Jett <mjett@mitre.org>
Date: Tue, 13 Mar 2012 16:28:13 -0400
Subject: [PATCH 3/3] Initial commit of admin client management section

---
 .../openid/connect/web/ManagerController.java |   6 +
 .../src/main/webapp/WEB-INF/tags/header.tag   |   6 +-
 .../src/main/webapp/WEB-INF/tags/sidebar.tag  |   2 +-
 .../WEB-INF/views/admin/manage/clients.jsp    | 215 ++++++++++++++++++
 server/src/main/webapp/resources/js/app.js    |  17 ++
 5 files changed, 242 insertions(+), 4 deletions(-)
 create mode 100644 server/src/main/webapp/WEB-INF/views/admin/manage/clients.jsp
 create mode 100644 server/src/main/webapp/resources/js/app.js

diff --git a/server/src/main/java/org/mitre/openid/connect/web/ManagerController.java b/server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
index 479dd18c5..debe19fe7 100644
--- a/server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
+++ b/server/src/main/java/org/mitre/openid/connect/web/ManagerController.java
@@ -15,4 +15,10 @@ public class ManagerController {
     public String showHomePage() {
         return "home";
     }
+
+    @RequestMapping("/admin/manage/clients")
+    public String showClientManager() {
+        return "admin/manage/clients";
+    }
+
 }
diff --git a/server/src/main/webapp/WEB-INF/tags/header.tag b/server/src/main/webapp/WEB-INF/tags/header.tag
index 63eee9a48..26d969aa5 100644
--- a/server/src/main/webapp/WEB-INF/tags/header.tag
+++ b/server/src/main/webapp/WEB-INF/tags/header.tag
@@ -15,6 +15,9 @@
 
     <!-- Le javascript -->
     <script src="http://code.jquery.com/jquery-1.7.min.js"></script>
+    <script src="resources/js/app.js"></script>
+    <script src="resources/js/tmpl.js"></script>
+
     <script src="resources/bootstrap/js/bootstrap-modal.js"></script>
     <script src="resources/bootstrap/js/bootstrap-alerts.js"></script>
     <script src="resources/bootstrap/js/bootstrap-twipsy.js"></script>
@@ -24,9 +27,6 @@
     <script src="resources/bootstrap/js/bootstrap-tabs.js"></script>
     <script src="resources/bootstrap/js/bootstrap-buttons.js"></script>
 
-    <script>$(function () {
-
-    })</script>
 
     <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
     <!--[if lt IE 9]>
diff --git a/server/src/main/webapp/WEB-INF/tags/sidebar.tag b/server/src/main/webapp/WEB-INF/tags/sidebar.tag
index ee92a62e0..7885e3e94 100644
--- a/server/src/main/webapp/WEB-INF/tags/sidebar.tag
+++ b/server/src/main/webapp/WEB-INF/tags/sidebar.tag
@@ -2,7 +2,7 @@
         <div class="well">
             <h5>Administrative</h5>
             <ul>
-                <li><a href="#">Manage Clients</a></li>
+                <li><a href="admin/manage/clients">Manage Clients</a></li>
                 <li><a href="#">White Lists</a></li>
                 <li><a href="#">Black Lists</a></li>
             </ul>
diff --git a/server/src/main/webapp/WEB-INF/views/admin/manage/clients.jsp b/server/src/main/webapp/WEB-INF/views/admin/manage/clients.jsp
new file mode 100644
index 000000000..724fabe53
--- /dev/null
+++ b/server/src/main/webapp/WEB-INF/views/admin/manage/clients.jsp
@@ -0,0 +1,215 @@
+<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
+<%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
+
+<o:header title="welcome" />
+
+<script type="text/html" id="client_tmpl">
+    <tr>
+        <td><#=name#></td>
+        <td><#=redirectURL#></td>
+        <td>
+            <ul>
+                <# for (var i in grantType) { #>
+                    <li><#=grantType[i]#></li>
+                    <# } #>
+            </ul>
+        </td>
+        <td>
+            <ul>
+                <# for (var i in scope) { #>
+                    <li><#=scope[i]#></li>
+                    <# } #>
+            </ul>
+        </td>
+        <td><#=authority#></td>
+        <td><#=description#>
+        </td>
+        <td><input type="checkbox" "<#=(refreshTokens == 1 ? 'checked' : '')#> value="" id="" name="" disabled></td>
+        <td>
+            <button data-controls-modal="modal-from-dom" data-backdrop="true" data-keyboard="true"
+                    class="btn">edit
+            </button>
+        </td>
+        <td>
+            <button class="btn danger">delete</button>
+        </td>
+    </tr>
+</script>
+
+<div id="modal-from-dom" class="modal hide fade" style="width: 577px; max-height: none; top: 35%">
+    <div class="modal-header">
+        <a href="#" class="close">&times;</a>
+
+        <h3>Edit Client</h3>
+    </div>
+    <div class="modal-body">
+
+        <form>
+            <fieldset>
+                <!--<legend>OpenID Client</legend>-->
+                <div class="clearfix">
+                    <label for="xlInput">Client Name</label>
+
+                    <div class="input">
+                        <input type="text" size="30" name="xlInput" id="xlInput" class="xlarge">
+                    </div>
+                </div>
+
+                <div class="clearfix">
+                    <label for="prependedInput">Redirect Url</label>
+
+                    <div class="input">
+                        <div class="input-prepend">
+                            <span class="add-on">http://</span>
+                            <input type="text" size="16" name="prependedInput" id="prependedInput" class="medium">
+                        </div>
+                        <span class="help-block">Url to be redirected</span>
+                    </div>
+                </div>
+
+                <div class="clearfix">
+                    <label id="optionsCheckboxes">Grant Types:</label>
+
+                    <div class="input">
+                        <ul class="inputs-list">
+                            <li>
+                                <label>
+                                    <input type="checkbox" value="option1" name="optionsCheckboxes">
+                                    <span>Grant Type Blah</span>
+                                </label>
+                            </li>
+                            <li>
+                                <label>
+                                    <input type="checkbox" value="option2" name="optionsCheckboxes">
+                                    <span>Grant Type Blah</span>
+                                </label>
+                            </li>
+                            <li>
+                                <label>
+                                    <input type="checkbox" value="option2" name="optionsCheckboxes">
+                                    <span>Grant Type Blah</span>
+                                </label>
+                            </li>
+                        </ul>
+              <span class="help-block">
+                <strong>Note:</strong> Grant type help text.
+              </span>
+                    </div>
+                </div>
+
+                <div class="clearfix">
+                    <label for="textarea2">Scope</label>
+
+                    <div class="input">
+                        <textarea rows="3" name="textarea2" id="textarea2" class="xlarge">email,first name</textarea>
+              <span class="help-block">
+                Please enter scopes separated by commas
+              </span>
+                    </div>
+                </div>
+
+                <div class="clearfix">
+                    <label for="normalSelect">Authority</label>
+
+                    <div class="input">
+                        <select id="normalSelect" name="normalSelect">
+                            <option>My Authority Option 1</option>
+                            <option>My Authority Option 2</option>
+                        </select>
+                    </div>
+                </div>
+
+            </fieldset>
+
+            <div class="clearfix">
+                <label for="form-description">Description</label>
+
+                <div class="input">
+                    <input type="text" size="30" name="form-description" id="form-description" class="xlarge">
+                </div>
+            </div>
+
+            <div class="clearfix">
+                <label id="form-allow-tokens">Allow refresh tokens?</label>
+
+                <div class="input">
+                    <ul class="inputs-list">
+                        <li>
+                            <label>
+                                <input type="checkbox" value="option1" name="form-allow-tokens">
+                                <span>&nbsp;</span>
+                            </label>
+                        </li>
+                    </ul>
+              <span class="help-block">
+                <strong>Note:</strong> Labels surround all the options for much larger click areas and a more usable form.
+              </span>
+                </div>
+            </div>
+
+        </form>
+    </div>
+    <div class="modal-footer">
+        <a href="#" class="btn primary">Save</a>
+        <a href="#" class="btn secondary">Cancel</a>
+    </div>
+</div>
+
+<o:topbar/>
+<div class="container-fluid">
+    <o:sidebar/>
+    <div class="content">
+        <!-- Main hero unit for a primary marketing message or call to action -->
+        <div class="hero-unit">
+            <h1>Welcome, User Name!</h1>
+
+            <p>Can't remember your passwords? Tired of filling out registration forms?
+                OpenID is a <strong>safe</strong>, <strong>faster</strong>, and <strong>easier</strong> way to log in to
+                web sites.</p>
+
+            <p><a class="btn primary large" href="http://openid.net/connect/">Learn more &raquo;</a></p>
+        </div>
+        <!-- Example row of columns -->
+        <div class="row">
+            <div class="span8">
+                <h2>About</h2>
+
+                <p>Donec id elit non mi porta gravida at eget metus. Fusce dapibus, tellus ac cursus commodo,
+                    tortor
+                    mauris condimentum nibh, ut fermentum massa justo sit amet risus. Etiam porta sem malesuada
+                    magna
+                    mollis euismod. Donec sed odio dui. </p>
+
+                <p><a class="btn" href="#">More &raquo;</a></p>
+            </div>
+            <div class="span8">
+                <h2>Contact</h2>
+
+                <p>Donec id elit non mi porta gravida at eget metus. Fusce dapibus, tellus ac cursus commodo,
+                    tortor
+                    mauris condimentum nibh, ut fermentum massa justo sit amet risus. Etiam porta sem malesuada
+                    magna
+                    mollis euismod. Donec sed odio dui. </p>
+
+                <p><a class="btn" href="#">Email &raquo;</a></p>
+            </div>
+
+        </div>
+        <hr>
+        <!-- Example row of columns -->
+        <div class="row">
+            <div class="span16">
+                <h2>Current Statistics</h2>
+
+                <p>You'll be keen to know that there have been <span class="label notice">4720</span> users of this
+                    system who have logged in to
+                    <span class="label notice">203</span>
+                    total sites, for a total of <span class="label notice">6224</span> site approvals.</p>
+
+            </div>
+        </div>
+
+        <o:copyright/>
+    </div>
+</div>
+<o:footer/>
diff --git a/server/src/main/webapp/resources/js/app.js b/server/src/main/webapp/resources/js/app.js
new file mode 100644
index 000000000..c5451c320
--- /dev/null
+++ b/server/src/main/webapp/resources/js/app.js
@@ -0,0 +1,17 @@
+$(function () {
+
+    var ExampleOpenIdClient = {
+        name:"A name",
+        redirectURL:"http://myURL.domain",
+        grantType:["my grant type 1", "my grant type 2"],
+        scope:["scope 1", "scope 2"],
+        authority:"my authority",
+        description:"my description",
+        refreshTokens:false
+    };
+
+    console.log(tmpl('client_tmpl',ExampleOpenIdClient));
+
+    $('#client-table').append(tmpl('client_tmpl',ExampleOpenIdClient));
+
+});
\ No newline at end of file