Merge branch 'ondrejvelisek/verification-uri-complete'

Closes #1386
pull/1315/merge
Justin Richer 2018-05-03 14:39:23 -04:00
commit 938d7e00c2
4 changed files with 50 additions and 6 deletions

View File

@ -69,6 +69,8 @@ public class ConfigurationPropertiesBean {
private boolean heartMode = false; private boolean heartMode = false;
private boolean allowCompleteDeviceCodeUri = false;
public ConfigurationPropertiesBean() { public ConfigurationPropertiesBean() {
} }
@ -257,4 +259,18 @@ public class ConfigurationPropertiesBean {
public void setHeartMode(boolean heartMode) { public void setHeartMode(boolean heartMode) {
this.heartMode = heartMode; this.heartMode = heartMode;
} }
/**
* @return the allowCompleteDeviceCodeUri
*/
public boolean isAllowCompleteDeviceCodeUri() {
return allowCompleteDeviceCodeUri;
}
/**
* @param allowCompleteDeviceCodeUri the allowCompleteDeviceCodeUri to set
*/
public void setAllowCompleteDeviceCodeUri(boolean allowCompleteDeviceCodeUri) {
this.allowCompleteDeviceCodeUri = allowCompleteDeviceCodeUri;
}
} }

View File

@ -68,6 +68,10 @@
<!-- This property turns on HEART compliance mode --> <!-- This property turns on HEART compliance mode -->
<!-- <property name="heartMode" value="true" /> --> <!-- <property name="heartMode" value="true" /> -->
<!-- This property allows the server to create and accept fully-composed
user URIs (with the user-code emebedded) for the device flow -->
<!-- <property name="allowCompleteDeviceCodeUri" value="true" /> -->
</bean> </bean>
</beans> </beans>

View File

@ -510,7 +510,7 @@
"expiredUserCode": "The code that you entered has expired. Return to your device and request a new code.", "expiredUserCode": "The code that you entered has expired. Return to your device and request a new code.",
"userCodeAlreadyApproved": "The code that you entered has already been used.", "userCodeAlreadyApproved": "The code that you entered has already been used.",
"userCodeMismatch": "There was an error processing the code you entered. Try refreshing the page and returning to your device to request a new code.", "userCodeMismatch": "There was an error processing the code you entered. Try refreshing the page and returning to your device to request a new code.",
"error": "There was an error processing the code you entered. Return to your device adn request a new code." "error": "There was an error processing the code you entered. Return to your device and request a new code."
}, },
"approve": { "approve": {
"approved": "The device has been approved.", "approved": "The device has been approved.",

View File

@ -16,6 +16,8 @@
package org.mitre.oauth2.web; package org.mitre.oauth2.web;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.Collection; import java.util.Collection;
import java.util.Date; import java.util.Date;
import java.util.HashMap; import java.util.HashMap;
@ -26,6 +28,7 @@ import java.util.UUID;
import javax.servlet.http.HttpSession; import javax.servlet.http.HttpSession;
import org.apache.http.client.utils.URIBuilder;
import org.mitre.oauth2.exception.DeviceCodeCreationException; import org.mitre.oauth2.exception.DeviceCodeCreationException;
import org.mitre.oauth2.model.ClientDetailsEntity; import org.mitre.oauth2.model.ClientDetailsEntity;
import org.mitre.oauth2.model.DeviceCode; import org.mitre.oauth2.model.DeviceCode;
@ -143,6 +146,14 @@ public class DeviceEndpoint {
response.put("expires_in", client.getDeviceCodeValiditySeconds()); response.put("expires_in", client.getDeviceCodeValiditySeconds());
} }
if (config.isAllowCompleteDeviceCodeUri()) {
URI verificationUriComplete = new URIBuilder(config.getIssuer() + USER_URL)
.addParameter("user_code", dc.getUserCode())
.build();
response.put("verification_uri_complete", verificationUriComplete.toString());
}
model.put(JsonEntityView.ENTITY, response); model.put(JsonEntityView.ENTITY, response);
@ -154,18 +165,31 @@ public class DeviceEndpoint {
model.put(JsonErrorView.ERROR_MESSAGE, dcce.getMessage()); model.put(JsonErrorView.ERROR_MESSAGE, dcce.getMessage());
return JsonErrorView.VIEWNAME; return JsonErrorView.VIEWNAME;
} catch (URISyntaxException use) {
logger.error("unable to build verification_uri_complete due to wrong syntax of uri components");
model.put(HttpCodeView.CODE, HttpStatus.INTERNAL_SERVER_ERROR);
return HttpCodeView.VIEWNAME;
} }
} }
@PreAuthorize("hasRole('ROLE_USER')") @PreAuthorize("hasRole('ROLE_USER')")
@RequestMapping(value = "/" + USER_URL, method = RequestMethod.GET) @RequestMapping(value = "/" + USER_URL, method = RequestMethod.GET)
public String requestUserCode(ModelMap model) { public String requestUserCode(@RequestParam(value = "user_code", required = false) String userCode, ModelMap model, HttpSession session) {
if (!config.isAllowCompleteDeviceCodeUri() || userCode == null) {
// if we don't allow the complete URI or we didn't get a user code on the way in,
// print out a page that asks the user to enter their user code // print out a page that asks the user to enter their user code
// user must be logged in // user must be logged in
return "requestUserCode"; return "requestUserCode";
} else {
// complete verification uri was used, we received user code directly
// skip requesting code page
// user must be logged in
return readUserCode(userCode, model, session);
}
} }
@PreAuthorize("hasRole('ROLE_USER')") @PreAuthorize("hasRole('ROLE_USER')")