webfigner claims replacement works
Justin Richer
parent
f3a777a2c8
commit
c5a65e9cec
|
|
@ -278,43 +278,13 @@ var PolicyListView = Backbone.View.extend({
|
||||||
app.navigate('user/policy', {trigger: true});
|
app.navigate('user/policy', {trigger: true});
|
||||||
},
|
},
|
||||||
|
|
||||||
addPolicy:function(e) {
|
|
||||||
e.preventDefault();
|
|
||||||
|
|
||||||
// post to the webfinger helper and get the response back
|
|
||||||
|
|
||||||
var _self = this;
|
|
||||||
|
|
||||||
var email = $('#email', this.el).val();
|
|
||||||
|
|
||||||
var base = $('base').attr('href');
|
|
||||||
$.getJSON(base + '/api/emailsearch?' + $.param({'identifier': email}), function(data) {
|
|
||||||
|
|
||||||
var claim = new ClaimModel(data);
|
|
||||||
_self.model.add(claim, {'trigger': false});
|
|
||||||
_self.render();
|
|
||||||
|
|
||||||
}).error(function(jqXHR, textStatus, errorThrown) {
|
|
||||||
console.log("An error occurred when doing a webfinger lookup", errorThrown);
|
|
||||||
|
|
||||||
//Display an alert with an error message
|
|
||||||
$('#modalAlert div.modal-header').html($.t('policy.webfinger-error'));
|
|
||||||
$('#modalAlert div.modal-body').html($.t('policy.webfinger-error-description', {email: email}));
|
|
||||||
|
|
||||||
$("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
|
|
||||||
"backdrop" : "static",
|
|
||||||
"keyboard" : true,
|
|
||||||
"show" : true // ensure the modal is shown immediately
|
|
||||||
});
|
|
||||||
});
|
|
||||||
|
|
||||||
},
|
|
||||||
|
|
||||||
togglePlaceholder:function() {
|
togglePlaceholder:function() {
|
||||||
if (this.model.length > 0) {
|
if (this.model.length > 0) {
|
||||||
|
$('#policy-info', this.el).show();
|
||||||
$('#policy-table', this.el).show();
|
$('#policy-table', this.el).show();
|
||||||
$('#policy-table-empty', this.el).hide();
|
$('#policy-table-empty', this.el).hide();
|
||||||
} else {
|
} else {
|
||||||
|
$('#policy-info', this.el).hide();
|
||||||
$('#policy-table', this.el).hide();
|
$('#policy-table', this.el).hide();
|
||||||
$('#policy-table-empty', this.el).show();
|
$('#policy-table-empty', this.el).show();
|
||||||
}
|
}
|
||||||
|
|
@ -432,7 +402,9 @@ var PolicyFormView = Backbone.View.extend({
|
||||||
},
|
},
|
||||||
|
|
||||||
events:{
|
events:{
|
||||||
'click .btn-save': 'savePolicy'
|
'click .btn-share': 'addClaim',
|
||||||
|
'click .btn-save': 'savePolicy',
|
||||||
|
'click .btn-cancel': 'cancel'
|
||||||
},
|
},
|
||||||
|
|
||||||
load:function(callback) {
|
load:function(callback) {
|
||||||
|
|
@ -459,6 +431,40 @@ var PolicyFormView = Backbone.View.extend({
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
|
||||||
|
addClaim:function(e) {
|
||||||
|
e.preventDefault();
|
||||||
|
|
||||||
|
// post to the webfinger helper and get the response back
|
||||||
|
|
||||||
|
var _self = this;
|
||||||
|
|
||||||
|
var email = $('#email', this.el).val();
|
||||||
|
|
||||||
|
var base = $('base').attr('href');
|
||||||
|
$.getJSON(base + '/api/emailsearch?' + $.param({'identifier': email}), function(data) {
|
||||||
|
|
||||||
|
_self.model.set({
|
||||||
|
claimsRequired: data
|
||||||
|
}, {trigger: false});
|
||||||
|
|
||||||
|
_self.render();
|
||||||
|
|
||||||
|
}).error(function(jqXHR, textStatus, errorThrown) {
|
||||||
|
console.log("An error occurred when doing a webfinger lookup", errorThrown);
|
||||||
|
|
||||||
|
//Display an alert with an error message
|
||||||
|
$('#modalAlert div.modal-header').html($.t('policy.webfinger-error'));
|
||||||
|
$('#modalAlert div.modal-body').html($.t('policy.webfinger-error-description', {email: email}));
|
||||||
|
|
||||||
|
$("#modalAlert").modal({ // wire up the actual modal functionality and show the dialog
|
||||||
|
"backdrop" : "static",
|
||||||
|
"keyboard" : true,
|
||||||
|
"show" : true // ensure the modal is shown immediately
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
},
|
||||||
|
|
||||||
savePolicy:function(e) {
|
savePolicy:function(e) {
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
|
|
||||||
|
|
@ -499,6 +505,11 @@ var PolicyFormView = Backbone.View.extend({
|
||||||
|
|
||||||
},
|
},
|
||||||
|
|
||||||
|
cancel:function(e) {
|
||||||
|
e.preventDefault();
|
||||||
|
app.navigate('user/policy/' + this.options.rs.get('id'), {trigger: true});
|
||||||
|
},
|
||||||
|
|
||||||
render:function (eventName) {
|
render:function (eventName) {
|
||||||
var json = this.model.toJSON();
|
var json = this.model.toJSON();
|
||||||
var rs = this.options.rs.toJSON();
|
var rs = this.options.rs.toJSON();
|
||||||
|
|
|
||||||
|
|
@ -60,7 +60,7 @@
|
||||||
|
|
||||||
<td>
|
<td>
|
||||||
<div class="btn-group pull-right">
|
<div class="btn-group pull-right">
|
||||||
<button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="policy.policy-table.edit">Edit Policies</span></button>
|
<button class="btn btn-info btn-edit"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.sharing">Sharing Policies</span></button>
|
||||||
<button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.delete">Delete</span></button>
|
<button class="btn btn-danger btn-delete"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.delete">Delete</span></button>
|
||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
|
|
@ -69,10 +69,10 @@
|
||||||
|
|
||||||
<script type="text/html" id="tmpl-policy-table">
|
<script type="text/html" id="tmpl-policy-table">
|
||||||
<div class="well well-small">
|
<div class="well well-small">
|
||||||
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
|
<button class="btn btn-small btn-cancel"><i class="icon-list"></i> <span data-i18n="policy.policy-table.return">Return to list</span></button>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div class="alert alert-info" data-i18n="policy.policy-table.required-claims">
|
<div id="policy-info" class="alert alert-info" data-i18n="policy.policy-table.required-claims">
|
||||||
Users that you share this resource will with need to be able to present the following claims in order to access the resource.
|
Users that you share this resource will with need to be able to present the following claims in order to access the resource.
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
|
|
@ -92,7 +92,7 @@
|
||||||
</table>
|
</table>
|
||||||
|
|
||||||
<div class="well well-small">
|
<div class="well well-small">
|
||||||
<button class="btn btn-small btn-cancel"><i class="icon-ban-circle"></i> <span data-i18n="common.cancel">Cancel</span></button>
|
<button class="btn btn-small btn-cancel"><i class="icon-list"></i> <span data-i18n="policy.policy-table.return">Return to list</span></button>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
@ -129,7 +129,7 @@
|
||||||
|
|
||||||
<td>
|
<td>
|
||||||
<div class="btn-group pull-right">
|
<div class="btn-group pull-right">
|
||||||
<button class="btn btn-edit"><i class="icon-edit"></i> <span data-i18n="policy.policy-table.edit">Edit Policy</span></button>
|
<button class="btn btn-default btn-edit"><i class="icon-share"></i> <span data-i18n="policy.policy-table.edit">Edit Policy</span></button>
|
||||||
<button class="btn btn-danger btn-remove"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.remove">Remove</span></button>
|
<button class="btn btn-danger btn-remove"><i class="icon-trash icon-white"></i> <span data-i18n="policy.policy-table.remove">Remove</span></button>
|
||||||
</div>
|
</div>
|
||||||
</td>
|
</td>
|
||||||
|
|
@ -153,7 +153,7 @@
|
||||||
<form class="form-horizontal">
|
<form class="form-horizontal">
|
||||||
<fieldset>
|
<fieldset>
|
||||||
<input type="text" id="email" placeholder="email address" data-i18n="[placeholder]policy.policy-table.email-address" />
|
<input type="text" id="email" placeholder="email address" data-i18n="[placeholder]policy.policy-table.email-address" />
|
||||||
<button id="add-email" class="btn btn-info"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.share-email">Share with email address</span></button>
|
<button class="btn btn-info btn-share"><i class="icon-share icon-white"></i> <span data-i18n="policy.policy-table.share-email">Share with email address</span></button>
|
||||||
</fieldset>
|
</fieldset>
|
||||||
</form>
|
</form>
|
||||||
</div>
|
</div>
|
||||||
|
|
|
||||||
|
|
@ -85,7 +85,7 @@ public class PolicyAPI {
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List all the policies for the given resource set
|
* Get the indicated resource set
|
||||||
* @param rsid
|
* @param rsid
|
||||||
* @param m
|
* @param m
|
||||||
* @param auth
|
* @param auth
|
||||||
|
|
@ -114,6 +114,37 @@ public class PolicyAPI {
|
||||||
return JsonEntityView.VIEWNAME;
|
return JsonEntityView.VIEWNAME;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Delete the indicated resource set
|
||||||
|
* @param rsid
|
||||||
|
* @param m
|
||||||
|
* @param auth
|
||||||
|
* @return
|
||||||
|
*/
|
||||||
|
@RequestMapping(value = "/{rsid}", method = RequestMethod.DELETE, produces = MimeTypeUtils.APPLICATION_JSON_VALUE)
|
||||||
|
public String deleteResourceSet(@PathVariable (value = "rsid") Long rsid, Model m, Authentication auth) {
|
||||||
|
|
||||||
|
ResourceSet rs = resourceSetService.getById(rsid);
|
||||||
|
|
||||||
|
if (rs == null) {
|
||||||
|
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
|
||||||
|
return HttpCodeView.VIEWNAME;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!rs.getOwner().equals(auth.getName())) {
|
||||||
|
logger.warn("Unauthorized resource set request from bad user; expected " + rs.getOwner() + " got " + auth.getName());
|
||||||
|
|
||||||
|
// authenticated user didn't match the owner of the resource set
|
||||||
|
m.addAttribute(HttpCodeView.CODE, HttpStatus.FORBIDDEN);
|
||||||
|
return HttpCodeView.VIEWNAME;
|
||||||
|
}
|
||||||
|
|
||||||
|
resourceSetService.remove(rs);
|
||||||
|
m.addAttribute(HttpCodeView.CODE, HttpStatus.NO_CONTENT);
|
||||||
|
return HttpCodeView.VIEWNAME;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* List all the policies for the given resource set
|
* List all the policies for the given resource set
|
||||||
* @param rsid
|
* @param rsid
|
||||||
|
|
|
||||||
|
|
@ -72,31 +72,46 @@ public class UserClaimSearchHelper {
|
||||||
UserInfo localUser = userInfoService.getByEmailAddress(email);
|
UserInfo localUser = userInfoService.getByEmailAddress(email);
|
||||||
|
|
||||||
if (localUser != null) {
|
if (localUser != null) {
|
||||||
Map<String, Object> entity = new HashMap<>();
|
Map<String, Object> e = new HashMap<>();
|
||||||
entity.put("issuer", ImmutableSet.of(config.getIssuer()));
|
e.put("issuer", ImmutableSet.of(config.getIssuer()));
|
||||||
entity.put("name", "email");
|
e.put("name", "email");
|
||||||
entity.put("value", localUser.getEmail());
|
e.put("value", localUser.getEmail());
|
||||||
|
|
||||||
m.addAttribute(JsonEntityView.ENTITY, entity);
|
Map<String, Object> ev = new HashMap<>();
|
||||||
return JsonEntityView.VIEWNAME;
|
ev.put("issuer", ImmutableSet.of(config.getIssuer()));
|
||||||
}
|
ev.put("name", "email_verified");
|
||||||
|
ev.put("value", localUser.getEmailVerified());
|
||||||
|
|
||||||
// otherwise do a webfinger lookup
|
Map<String, Object> s = new HashMap<>();
|
||||||
IssuerServiceResponse resp = webfingerIssuerService.getIssuer(req);
|
s.put("issuer", ImmutableSet.of(config.getIssuer()));
|
||||||
|
s.put("name", "sub");
|
||||||
if (resp != null && resp.getIssuer() != null) {
|
s.put("value", localUser.getSub());
|
||||||
// we found an issuer, return that
|
|
||||||
Map<String, Object> entity = new HashMap<>();
|
m.addAttribute(JsonEntityView.ENTITY, ImmutableSet.of(e, ev, s));
|
||||||
entity.put("issuer", ImmutableSet.of(resp.getIssuer()));
|
|
||||||
entity.put("name", "email");
|
|
||||||
entity.put("value", email);
|
|
||||||
|
|
||||||
m.addAttribute(JsonEntityView.ENTITY, entity);
|
|
||||||
return JsonEntityView.VIEWNAME;
|
return JsonEntityView.VIEWNAME;
|
||||||
} else {
|
} else {
|
||||||
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
|
|
||||||
return JsonErrorView.VIEWNAME;
|
// otherwise do a webfinger lookup
|
||||||
|
IssuerServiceResponse resp = webfingerIssuerService.getIssuer(req);
|
||||||
|
|
||||||
|
if (resp != null && resp.getIssuer() != null) {
|
||||||
|
// we found an issuer, return that
|
||||||
|
Map<String, Object> e = new HashMap<>();
|
||||||
|
e.put("issuer", ImmutableSet.of(resp.getIssuer()));
|
||||||
|
e.put("name", "email");
|
||||||
|
e.put("value", email);
|
||||||
|
|
||||||
|
Map<String, Object> ev = new HashMap<>();
|
||||||
|
ev.put("issuer", ImmutableSet.of(resp.getIssuer()));
|
||||||
|
ev.put("name", "email_verified");
|
||||||
|
ev.put("value", true);
|
||||||
|
|
||||||
|
m.addAttribute(JsonEntityView.ENTITY, ImmutableSet.of(e, ev));
|
||||||
|
return JsonEntityView.VIEWNAME;
|
||||||
|
} else {
|
||||||
|
m.addAttribute(HttpCodeView.CODE, HttpStatus.NOT_FOUND);
|
||||||
|
return JsonErrorView.VIEWNAME;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue