allow polling of device codes, fixed UI for device code input

2017-03-27 14:39:40 -05:00 · 2017-03-27 14:39:40 -05:00 · 835a326627
parent 1d7fba5d6e
commit 835a326627
5 changed files with 47 additions and 16 deletions
--- a/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
+++ b/openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
@ -48,8 +48,16 @@ public interface DeviceCodeService {
 	 * @param client
 	 * @return
 	 */
-	public DeviceCode consumeDeviceCode(String deviceCode, ClientDetails client);
+	public DeviceCode findDeviceCode(String deviceCode, ClientDetails client);

+
+	/**
+	 * 
+	 * @param deviceCode
+	 * @param client
+	 */
+	public void clearDeviceCode(String deviceCode, ClientDetails client);
+	
 	/**
 	 * @param deviceCode
 	 * @param userCode
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp
@ -37,7 +37,7 @@
 		</h1>

 		<form name="confirmationForm"
-			action="${pageContext.request.contextPath.endsWith('/') ? pageContext.request.contextPath : pageContext.request.contextPath.concat('/') }device-user/approve" method="post">
+			action="${pageContext.request.contextPath.endsWith('/') ? pageContext.request.contextPath : pageContext.request.contextPath.concat('/') }device/approve" method="post">

 			<div class="row">
 				<div class="span5 offset1 well-small" style="text-align: left">
@ -163,8 +163,9 @@
 								</div>
 						</c:if>

+						<ul>
 						<c:forEach var="scope" items="${ scopes }">
-
+							<li>
 								<c:if test="${ not empty scope.icon }">
 									<i class="icon-${ fn:escapeXml(scope.icon) }"></i>
 								</c:if> 
@ -199,9 +200,9 @@
 										
 									</span>
 								</c:if>
-								
+								</li>
 						</c:forEach>
-
+						</ul>
 					</fieldset>

 				</div>
--- a/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/requestUserCode.jsp
+++ b/openid-connect-server-webapp/src/main/webapp/WEB-INF/views/requestUserCode.jsp
@ -39,7 +39,7 @@
 	</c:if>


-		<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }device-user/verify" method="POST">
+		<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }device/verify" method="POST">

 			<div class="row-fluid">
 				<div class="span12">
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java
@ -90,22 +90,26 @@ public class DefaultDeviceCodeService implements DeviceCodeService {
 	 * @see org.mitre.oauth2.service.DeviceCodeService#consumeDeviceCode(java.lang.String, org.springframework.security.oauth2.provider.ClientDetails)
 	 */
 	@Override
-	public DeviceCode consumeDeviceCode(String deviceCode, ClientDetails client) {
+	public DeviceCode findDeviceCode(String deviceCode, ClientDetails client) {
 		DeviceCode found = repository.getByDeviceCode(deviceCode);

-		// make sure it's not used twice
-		repository.remove(found);
-
-		if (found.getClientId().equals(client.getClientId())) {
-			// make sure the client matches, if so, we're good
-			return found;
+		if (found != null) {
+			if (found.getClientId().equals(client.getClientId())) {
+				// make sure the client matches, if so, we're good
+				return found;
+			} else {
+				// if the clients don't match, pretend the code wasn't found
+				return null;
+			}
 		} else {
-			// if the clients don't match, pretend the code wasn't found
+			// didn't find the code, return null
 			return null;
 		}

 	}

+	
+	
 	/* (non-Javadoc)
 	 * @see org.mitre.oauth2.service.DeviceCodeService#clearExpiredDeviceCodes()
 	 */
@ -126,4 +130,18 @@ public class DefaultDeviceCodeService implements DeviceCodeService {
 		}.execute();
 	}

+	/* (non-Javadoc)
+	 * @see org.mitre.oauth2.service.DeviceCodeService#clearDeviceCode(java.lang.String, org.springframework.security.oauth2.provider.ClientDetails)
+	 */
+	@Override
+	public void clearDeviceCode(String deviceCode, ClientDetails client) {
+		DeviceCode found = findDeviceCode(deviceCode, client);
+		
+		if (found != null) {
+			// make sure it's not used twice
+			repository.remove(found);
+		}
+
+	}
+
 }
--- a/openid-connect-server/src/main/java/org/mitre/oauth2/token/DeviceTokenGranter.java
+++ b/openid-connect-server/src/main/java/org/mitre/oauth2/token/DeviceTokenGranter.java
@ -70,13 +70,15 @@ public class DeviceTokenGranter extends AbstractTokenGranter {
 		String deviceCode = tokenRequest.getRequestParameters().get("device_code");

 		// look up the device code and consume it
-		DeviceCode dc = deviceCodeService.consumeDeviceCode(deviceCode, client);
+		DeviceCode dc = deviceCodeService.findDeviceCode(deviceCode, client);

 		if (dc != null) {

 			// make sure the code hasn't expired yet
 			if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) {
-				// TODO: return an error
+				
+				deviceCodeService.clearDeviceCode(deviceCode, client);
+				
 				throw new DeviceCodeExpiredException("Device code has expired " + deviceCode);

 			} else if (!dc.isApproved()) {
@ -90,6 +92,8 @@ public class DeviceTokenGranter extends AbstractTokenGranter {

 				OAuth2Authentication auth = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), dc.getAuthenticationHolder().getUserAuth());

+				deviceCodeService.clearDeviceCode(deviceCode, client);
+				
 				return auth;
 			}
 		} else {