github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

webfigner claims replacement works

pull/820/merge
Justin Richer 2015-07-03 16:32:27 -04:00
parent f3a777a2c8
commit c5a65e9cec
4 changed files with 120 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
uma-server-webapp/src/main/webapp/resources/js/policy.js
View File

@ -278,43 +278,13 @@ var PolicyListView = Backbone.View.extend({
app.navigate('user/policy', {trigger: true});
},
addPolicy:function(e) {
e.preventDefault();
// post to the webfinger helper and get the response back
var _self = this;
var email = $('#email', this.el).val();
var base = $('base').attr('href');
$.getJSON(base + '/api/emailsearch?' + $.param({'identifier': email}), function(data) {
var claim = new ClaimModel(data);
_self.model.add(claim, {'trigger': false});
_self.render();
}).error(function(jqXHR, textStatus, errorThrown) {
console.log("An error occurred when doing a webfinger lookup", errorThrown);
//Display an alert with an error message
$('#modalAlert div.modal-header').html($.t('policy.webfinger-error'));
$('#modalAlert div.modal-body').html($.t('policy.webfinger-error-description', {email: email}));
$("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
"backdrop" : "static",
"keyboard" : true,
"show" : true // ensure the modal is shown immediately
});
});
},
togglePlaceholder:function() {
if (this.model.length > 0) {
$('#policy-info', this.el).show();
$('#policy-table', this.el).show();
$('#policy-table-empty', this.el).hide();
} else {
$('#policy-info', this.el).hide();
$('#policy-table', this.el).hide();
$('#policy-table-empty', this.el).show();
}
@ -432,7 +402,9 @@ var PolicyFormView = Backbone.View.extend({
},
events:{
'click .btn-save': 'savePolicy'
'click .btn-share': 'addClaim',
'click .btn-save': 'savePolicy',
'click .btn-cancel': 'cancel'
},
load:function(callback) {
@ -459,6 +431,40 @@ var PolicyFormView = Backbone.View.extend({
});
},
addClaim:function(e) {
e.preventDefault();
// post to the webfinger helper and get the response back
var _self = this;
var email = $('#email', this.el).val();
var base = $('base').attr('href');
$.getJSON(base + '/api/emailsearch?' + $.param({'identifier': email}), function(data) {
_self.model.set({
claimsRequired: data
}, {trigger: false});
_self.render();
}).error(function(jqXHR, textStatus, errorThrown) {
console.log("An error occurred when doing a webfinger lookup", errorThrown);
//Display an alert with an error message
$('#modalAlert div.modal-header').html($.t('policy.webfinger-error'));
$('#modalAlert div.modal-body').html($.t('policy.webfinger-error-description', {email: email}));
$("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
"backdrop" : "static",
"keyboard" : true,
"show" : true // ensure the modal is shown immediately
});
});
},
savePolicy:function(e) {
e.preventDefault();
@ -499,6 +505,11 @@ var PolicyFormView = Backbone.View.extend({
},
cancel:function(e) {
e.preventDefault();
app.navigate('user/policy/' + this.options.rs.get('id'), {trigger: true});
},
render:function (eventName) {
var json = this.model.toJSON();
var rs = this.options.rs.toJSON();

12
uma-server-webapp/src/main/webapp/resources/template/policy.html
View File

@ -60,7 +60,7 @@
<td>
<div class="btn-group pull-right">
<button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="policy.policy-table.edit">Edit Policies</span></button> &nbsp;
<button class="btn btn-info btn-edit"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.sharing">Sharing Policies</span></button> &nbsp;
<button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.delete">Delete</span></button> &nbsp;
</div>
</td>
@ -69,10 +69,10 @@
<script type="text/html" id="tmpl-policy-table">
<div class="well well-small">
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
<button class="btn btn-small btn-cancel"><i class="icon-list"></i> <span data-i18n="policy.policy-table.return">Return to list</span></button>
</div>
<div class="alert alert-info" data-i18n="policy.policy-table.required-claims">
<div id="policy-info" class="alert alert-info" data-i18n="policy.policy-table.required-claims">
Users that you share this resource will with need to be able to present the following claims in order to access the resource.
</div>
@ -92,7 +92,7 @@
</table>
<div class="well well-small">
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
<button class="btn btn-small btn-cancel"><i class="icon-list"></i> <span data-i18n="policy.policy-table.return">Return to list</span></button>
</div>
</script>
@ -129,7 +129,7 @@
<td>
<div class="btn-group pull-right">
<button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="policy.policy-table.edit">Edit Policy</span></button> &nbsp;
<button class="btn btn-default btn-edit"><i class="icon-share"></i> <span data-i18n="policy.policy-table.edit">Edit Policy</span></button> &nbsp;
<button class="btn btn-danger btn-remove"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.remove">Remove</span></button> &nbsp;
</div>
</td>
@ -153,7 +153,7 @@
<form class="form-horizontal">
<fieldset>
<input type="text" id="email" placeholder="email address" data-i18n="[placeholder]policy.policy-table.email-address" />
<button id="add-email" class="btn btn-info"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.share-email">Share with email address</span></button>
<button class="btn btn-info btn-share"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.share-email">Share with email address</span></button>
</fieldset>
</form>
</div>

33
uma-server/src/main/java/org/mitre/uma/web/PolicyAPI.java
View File

@ -85,7 +85,7 @@ public class PolicyAPI {
}
/**
* List all the policies for the given resource set
* Get the indicated resource set
* @param rsid
* @param m
* @param auth
@ -114,6 +114,37 @@ public class PolicyAPI {
return JsonEntityView.VIEWNAME;
}
/**
* Delete the indicated resource set
* @param rsid
* @param m
* @param auth
* @return
*/
@RequestMapping(value = "/{rsid}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
public String deleteResourceSet(@PathVariable (value = "rsid") Long rsid, Model m, Authentication auth) {
ResourceSet rs = resourceSetService.getById(rsid);
if (rs == null) {
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
return HttpCodeView.VIEWNAME;
}
if (!rs.getOwner().equals(auth.getName())) {
logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
// authenticated user didn't match the owner of the resource set
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
return HttpCodeView.VIEWNAME;
}
resourceSetService.remove(rs);
m.addAttribute(HttpCodeView.CODE, HttpStatus.NO_CONTENT);
return HttpCodeView.VIEWNAME;
}
/**
* List all the policies for the given resource set
* @param rsid

61
uma-server/src/main/java/org/mitre/uma/web/UserClaimSearchHelper.java
View File

@ -72,31 +72,46 @@ public class UserClaimSearchHelper {
UserInfo localUser = userInfoService.getByEmailAddress(email);
if (localUser != null) {
Map<String, Object> entity = new HashMap<>();
entity.put("issuer", ImmutableSet.of(config.getIssuer()));
entity.put("name", "email");
entity.put("value", localUser.getEmail());
m.addAttribute(JsonEntityView.ENTITY, entity);
return JsonEntityView.VIEWNAME;
}
// otherwise do a webfinger lookup
IssuerServiceResponse resp = webfingerIssuerService.getIssuer(req);
if (resp != null && resp.getIssuer() != null) {
// we found an issuer, return that
Map<String, Object> entity = new HashMap<>();
entity.put("issuer", ImmutableSet.of(resp.getIssuer()));
entity.put("name", "email");
entity.put("value", email);
m.addAttribute(JsonEntityView.ENTITY, entity);
Map<String, Object> e = new HashMap<>();
e.put("issuer", ImmutableSet.of(config.getIssuer()));
e.put("name", "email");
e.put("value", localUser.getEmail());
Map<String, Object> ev = new HashMap<>();
ev.put("issuer", ImmutableSet.of(config.getIssuer()));
ev.put("name", "email_verified");
ev.put("value", localUser.getEmailVerified());
Map<String, Object> s = new HashMap<>();
s.put("issuer", ImmutableSet.of(config.getIssuer()));
s.put("name", "sub");
s.put("value", localUser.getSub());
m.addAttribute(JsonEntityView.ENTITY, ImmutableSet.of(e, ev, s));
return JsonEntityView.VIEWNAME;
} else {
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
return JsonErrorView.VIEWNAME;
// otherwise do a webfinger lookup
IssuerServiceResponse resp = webfingerIssuerService.getIssuer(req);
if (resp != null && resp.getIssuer() != null) {
// we found an issuer, return that
Map<String, Object> e = new HashMap<>();
e.put("issuer", ImmutableSet.of(resp.getIssuer()));
e.put("name", "email");
e.put("value", email);
Map<String, Object> ev = new HashMap<>();
ev.put("issuer", ImmutableSet.of(resp.getIssuer()));
ev.put("name", "email_verified");
ev.put("value", true);
m.addAttribute(JsonEntityView.ENTITY, ImmutableSet.of(e, ev));
return JsonEntityView.VIEWNAME;
} else {
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
return JsonErrorView.VIEWNAME;
}
}
}