Justin Richer
commit
938d7e00c2
|
|
@ -68,6 +68,8 @@ public class ConfigurationPropertiesBean {
|
|||
private boolean dualClient = false;
|
||||
|
||||
private boolean heartMode = false;
|
||||
|
||||
private boolean allowCompleteDeviceCodeUri = false;
|
||||
|
||||
public ConfigurationPropertiesBean() {
|
||||
|
||||
|
|
@ -257,4 +259,18 @@ public class ConfigurationPropertiesBean {
|
|||
public void setHeartMode(boolean heartMode) {
|
||||
this.heartMode = heartMode;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return the allowCompleteDeviceCodeUri
|
||||
*/
|
||||
public boolean isAllowCompleteDeviceCodeUri() {
|
||||
return allowCompleteDeviceCodeUri;
|
||||
}
|
||||
|
||||
/**
|
||||
* @param allowCompleteDeviceCodeUri the allowCompleteDeviceCodeUri to set
|
||||
*/
|
||||
public void setAllowCompleteDeviceCodeUri(boolean allowCompleteDeviceCodeUri) {
|
||||
this.allowCompleteDeviceCodeUri = allowCompleteDeviceCodeUri;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -68,6 +68,10 @@
|
|||
<!-- This property turns on HEART compliance mode -->
|
||||
<!-- <property name="heartMode" value="true" /> -->
|
||||
|
||||
<!-- This property allows the server to create and accept fully-composed
|
||||
user URIs (with the user-code emebedded) for the device flow -->
|
||||
<!-- <property name="allowCompleteDeviceCodeUri" value="true" /> -->
|
||||
|
||||
</bean>
|
||||
|
||||
</beans>
|
||||
|
|
|
|||
|
|
@ -510,7 +510,7 @@
|
|||
"expiredUserCode": "The code that you entered has expired. Return to your device and request a new code.",
|
||||
"userCodeAlreadyApproved": "The code that you entered has already been used.",
|
||||
"userCodeMismatch": "There was an error processing the code you entered. Try refreshing the page and returning to your device to request a new code.",
|
||||
"error": "There was an error processing the code you entered. Return to your device adn request a new code."
|
||||
"error": "There was an error processing the code you entered. Return to your device and request a new code."
|
||||
},
|
||||
"approve": {
|
||||
"approved": "The device has been approved.",
|
||||
|
|
|
|||
|
|
@ -16,6 +16,8 @@
|
|||
|
||||
package org.mitre.oauth2.web;
|
||||
|
||||
import java.net.URI;
|
||||
import java.net.URISyntaxException;
|
||||
import java.util.Collection;
|
||||
import java.util.Date;
|
||||
import java.util.HashMap;
|
||||
|
|
@ -26,6 +28,7 @@ import java.util.UUID;
|
|||
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import org.apache.http.client.utils.URIBuilder;
|
||||
import org.mitre.oauth2.exception.DeviceCodeCreationException;
|
||||
import org.mitre.oauth2.model.ClientDetailsEntity;
|
||||
import org.mitre.oauth2.model.DeviceCode;
|
||||
|
|
@ -134,7 +137,7 @@ public class DeviceEndpoint {
|
|||
|
||||
try {
|
||||
DeviceCode dc = deviceCodeService.createNewDeviceCode(requestedScopes, client, parameters);
|
||||
|
||||
|
||||
Map<String, Object> response = new HashMap<>();
|
||||
response.put("device_code", dc.getDeviceCode());
|
||||
response.put("user_code", dc.getUserCode());
|
||||
|
|
@ -142,6 +145,14 @@ public class DeviceEndpoint {
|
|||
if (client.getDeviceCodeValiditySeconds() != null) {
|
||||
response.put("expires_in", client.getDeviceCodeValiditySeconds());
|
||||
}
|
||||
|
||||
if (config.isAllowCompleteDeviceCodeUri()) {
|
||||
URI verificationUriComplete = new URIBuilder(config.getIssuer() + USER_URL)
|
||||
.addParameter("user_code", dc.getUserCode())
|
||||
.build();
|
||||
|
||||
response.put("verification_uri_complete", verificationUriComplete.toString());
|
||||
}
|
||||
|
||||
model.put(JsonEntityView.ENTITY, response);
|
||||
|
||||
|
|
@ -154,18 +165,31 @@ public class DeviceEndpoint {
|
|||
model.put(JsonErrorView.ERROR_MESSAGE, dcce.getMessage());
|
||||
|
||||
return JsonErrorView.VIEWNAME;
|
||||
} catch (URISyntaxException use) {
|
||||
logger.error("unable to build verification_uri_complete due to wrong syntax of uri components");
|
||||
model.put(HttpCodeView.CODE, HttpStatus.INTERNAL_SERVER_ERROR);
|
||||
|
||||
return HttpCodeView.VIEWNAME;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
@RequestMapping(value = "/" + USER_URL, method = RequestMethod.GET)
|
||||
public String requestUserCode(ModelMap model) {
|
||||
public String requestUserCode(@RequestParam(value = "user_code", required = false) String userCode, ModelMap model, HttpSession session) {
|
||||
|
||||
// print out a page that asks the user to enter their user code
|
||||
// user must be logged in
|
||||
if (!config.isAllowCompleteDeviceCodeUri() || userCode == null) {
|
||||
// if we don't allow the complete URI or we didn't get a user code on the way in,
|
||||
// print out a page that asks the user to enter their user code
|
||||
// user must be logged in
|
||||
return "requestUserCode";
|
||||
} else {
|
||||
|
||||
return "requestUserCode";
|
||||
// complete verification uri was used, we received user code directly
|
||||
// skip requesting code page
|
||||
// user must be logged in
|
||||
return readUserCode(userCode, model, session);
|
||||
}
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ROLE_USER')")
|
||||
|
|
|
|||
Loading…
Reference in New Issue