github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

allow polling of device codes, fixed UI for device code input

pull/1228/head
Justin Richer 2017-03-27 14:39:40 -05:00
parent 1d7fba5d6e
commit 835a326627
5 changed files with 47 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
openid-connect-common/src/main/java/org/mitre/oauth2/service/DeviceCodeService.java
View File

@ -48,7 +48,15 @@ public interface DeviceCodeService {
* @param client * @param client
* @return * @return
*/ */
public DeviceCode consumeDeviceCode(String deviceCode, ClientDetails client); public DeviceCode findDeviceCode(String deviceCode, ClientDetails client);
/**
*
* @param deviceCode
* @param client
*/
public void clearDeviceCode(String deviceCode, ClientDetails client);
/** /**
* @param deviceCode * @param deviceCode

9
openid-connect-server-webapp/src/main/webapp/WEB-INF/views/approveDevice.jsp
View File

@ -37,7 +37,7 @@
</h1> </h1>
<form name="confirmationForm" <form name="confirmationForm"
action="${pageContext.request.contextPath.endsWith('/') ? pageContext.request.contextPath : pageContext.request.contextPath.concat('/') }device-user/approve" method="post"> action="${pageContext.request.contextPath.endsWith('/') ? pageContext.request.contextPath : pageContext.request.contextPath.concat('/') }device/approve" method="post">
<div class="row"> <div class="row">
<div class="span5 offset1 well-small" style="text-align: left"> <div class="span5 offset1 well-small" style="text-align: left">
@ -163,8 +163,9 @@
</div> </div>
</c:if> </c:if>
<ul>
<c:forEach var="scope" items="${ scopes }"> <c:forEach var="scope" items="${ scopes }">
<li>
<c:if test="${ not empty scope.icon }"> <c:if test="${ not empty scope.icon }">
<i class="icon-${ fn:escapeXml(scope.icon) }"></i> <i class="icon-${ fn:escapeXml(scope.icon) }"></i>
</c:if> </c:if>
@ -199,9 +200,9 @@
</span> </span>
</c:if> </c:if>
</li>
</c:forEach> </c:forEach>
</ul>
</fieldset> </fieldset>
</div> </div>

2
openid-connect-server-webapp/src/main/webapp/WEB-INF/views/requestUserCode.jsp
View File

@ -39,7 +39,7 @@
</c:if> </c:if>
<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }device-user/verify" method="POST"> <form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }device/verify" method="POST">
<div class="row-fluid"> <div class="row-fluid">
<div class="span12"> <div class="span12">

26
openid-connect-server/src/main/java/org/mitre/oauth2/service/impl/DefaultDeviceCodeService.java
View File

@ -90,12 +90,10 @@ public class DefaultDeviceCodeService implements DeviceCodeService {
* @see org.mitre.oauth2.service.DeviceCodeService#consumeDeviceCode(java.lang.String, org.springframework.security.oauth2.provider.ClientDetails) * @see org.mitre.oauth2.service.DeviceCodeService#consumeDeviceCode(java.lang.String, org.springframework.security.oauth2.provider.ClientDetails)
*/ */
@Override @Override
public DeviceCode consumeDeviceCode(String deviceCode, ClientDetails client) { public DeviceCode findDeviceCode(String deviceCode, ClientDetails client) {
DeviceCode found = repository.getByDeviceCode(deviceCode); DeviceCode found = repository.getByDeviceCode(deviceCode);
// make sure it's not used twice if (found != null) {
repository.remove(found);
if (found.getClientId().equals(client.getClientId())) { if (found.getClientId().equals(client.getClientId())) {
// make sure the client matches, if so, we're good // make sure the client matches, if so, we're good
return found; return found;
@ -103,9 +101,15 @@ public class DefaultDeviceCodeService implements DeviceCodeService {
// if the clients don't match, pretend the code wasn't found // if the clients don't match, pretend the code wasn't found
return null; return null;
} }
} else {
// didn't find the code, return null
return null;
}
} }
/* (non-Javadoc) /* (non-Javadoc)
* @see org.mitre.oauth2.service.DeviceCodeService#clearExpiredDeviceCodes() * @see org.mitre.oauth2.service.DeviceCodeService#clearExpiredDeviceCodes()
*/ */
@ -126,4 +130,18 @@ public class DefaultDeviceCodeService implements DeviceCodeService {
}.execute(); }.execute();
} }
/* (non-Javadoc)
* @see org.mitre.oauth2.service.DeviceCodeService#clearDeviceCode(java.lang.String, org.springframework.security.oauth2.provider.ClientDetails)
*/
@Override
public void clearDeviceCode(String deviceCode, ClientDetails client) {
DeviceCode found = findDeviceCode(deviceCode, client);
if (found != null) {
// make sure it's not used twice
repository.remove(found);
}
}
} }

8
openid-connect-server/src/main/java/org/mitre/oauth2/token/DeviceTokenGranter.java
View File

@ -70,13 +70,15 @@ public class DeviceTokenGranter extends AbstractTokenGranter {
String deviceCode = tokenRequest.getRequestParameters().get("device_code"); String deviceCode = tokenRequest.getRequestParameters().get("device_code");
// look up the device code and consume it // look up the device code and consume it
DeviceCode dc = deviceCodeService.consumeDeviceCode(deviceCode, client); DeviceCode dc = deviceCodeService.findDeviceCode(deviceCode, client);
if (dc != null) { if (dc != null) {
// make sure the code hasn't expired yet // make sure the code hasn't expired yet
if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) { if (dc.getExpiration() != null && dc.getExpiration().before(new Date())) {
// TODO: return an error
deviceCodeService.clearDeviceCode(deviceCode, client);
throw new DeviceCodeExpiredException("Device code has expired " + deviceCode); throw new DeviceCodeExpiredException("Device code has expired " + deviceCode);
} else if (!dc.isApproved()) { } else if (!dc.isApproved()) {
@ -90,6 +92,8 @@ public class DeviceTokenGranter extends AbstractTokenGranter {
OAuth2Authentication auth = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), dc.getAuthenticationHolder().getUserAuth()); OAuth2Authentication auth = new OAuth2Authentication(getRequestFactory().createOAuth2Request(client, tokenRequest), dc.getAuthenticationHolder().getUserAuth());
deviceCodeService.clearDeviceCode(deviceCode, client);
return auth; return auth;
} }
} else { } else {