github
/
OpenID-Connect-Java-Spring-Server
mirror of https://github.com/mitreid-connect/OpenID-Connect-Java-Spring-Server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

feat: LS AAI design 

Added LS AAI design, dropped ELIXIR design. Extended client with
jurisdiction and accepted TOS

BREAKING CHANGE: requires database update (see migraiton script),
dropped ELIXIR theme
pull/1580/head
Dominik Frantisek Bucik 2022-03-12 15:36:23 +01:00
parent 631f08b8c4
commit cd1ce6fcc2
No known key found for this signature in database
GPG Key ID: 73F752BEC0709845
38 changed files with 941 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
perun-oidc-server-webapp/src/main/resources/db/hsql/v9.0.0.sql Normal file
View File

@ -0,0 +1,2 @@
ALTER TABLE client_details ADD accepted_tos BOOLEAN DEFAULT false;
ALTER TABLE client_details ADD jurisdiction VARCHAR(3) DEFAULT NULL;

2
perun-oidc-server-webapp/src/main/resources/db/mysql/v9.0.0.sql Normal file
View File

@ -0,0 +1,2 @@
ALTER TABLE client_details ADD accepted_tos BOOLEAN DEFAULT false;
ALTER TABLE client_details ADD jurisdiction VARCHAR(3) DEFAULT NULL;

2
perun-oidc-server-webapp/src/main/resources/db/psql/v9.0.0.sql Normal file
View File

@ -0,0 +1,2 @@
ALTER TABLE client_details ADD accepted_tos BOOLEAN DEFAULT false;
ALTER TABLE client_details ADD jurisdiction VARCHAR(3) DEFAULT NULL;

4
perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/footer.tag
View File

@ -1,7 +1,6 @@
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
<%@ taglib prefix="elixir" tagdir="/WEB-INF/tags/elixir" %>
<%@ taglib prefix="cesnet" tagdir="/WEB-INF/tags/cesnet" %>
<%@ taglib prefix="einfra" tagdir="/WEB-INF/tags/einfra" %>
<%@ taglib prefix="bbmri" tagdir="/WEB-INF/tags/bbmri" %>
@ -13,9 +12,6 @@
<%@ attribute name="theme" required="true" %>
<c:choose>
<c:when test="${theme eq 'elixir'}">
<elixir:footer baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
</c:when>
<c:when test="${theme eq 'cesnet'}">
<cesnet:footer baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
</c:when>

4
perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/common/header.tag
View File

@ -1,7 +1,6 @@
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
<%@ taglib prefix="elixir" tagdir="/WEB-INF/tags/elixir" %>
<%@ taglib prefix="cesnet" tagdir="/WEB-INF/tags/cesnet" %>
<%@ taglib prefix="einfra" tagdir="/WEB-INF/tags/einfra" %>
<%@ taglib prefix="bbmri" tagdir="/WEB-INF/tags/bbmri" %>
@ -15,9 +14,6 @@
<%@ attribute name="cssLinks" required="true" type="java.util.ArrayList<java.lang.String>" %>
<c:choose>
<c:when test="${theme eq 'elixir'}">
<elixir:header title="${title}" reqURL="${reqURL}" cssLinks="${cssLinks}" baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
</c:when>
<c:when test="${theme eq 'cesnet'}">
<cesnet:header title="${title}" reqURL="${reqURL}" cssLinks="${cssLinks}" baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
</c:when>

27
perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/footer.tag
View File

@ -1,27 +0,0 @@
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
<%@ attribute name="js" required="false"%>
<%@ attribute name="baseURL" required="true"%>
<%@ attribute name="samlResourcesURL" required="true"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="t" tagdir="/WEB-INF/tags/common" %>
<jsp:useBean id="date" class="java.util.Date" />
<div id="footer">
<div style="margin: 0 auto; max-width: 1000px;">
<div style="float: left;">
<img src="${samlResourcesURL}/module.php/elixir/res/img/logo_64.png" alt="ELIXIR Logo">
</div>
<div style="float: left;">
<p>ELIXIR, Welcome Trust Genome Campus, Hinxton, Cambridgeshire, CB10 1SD, UK&nbsp; &nbsp; +44&nbsp;(0)1223&nbsp;492-670&nbsp;&nbsp;
<a href="mailto:info@elixir-europe.org">info@elixir-europe.org</a>
</p>
<p>Copyright &copy; ELIXIR <fmt:formatDate value="${date}" pattern="yyyy" /> |
<a href="https://www.elixir-europe.org/legal/privacy">Privacy</a> |
<a href="https://www.elixir-europe.org/legal/cookies">Cookies</a> |
<a href="https://www.elixir-europe.org/legal/terms-of-use">Terms of use</a>
</p>
</div>
</div>
</div>

23
perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/elixir/header.tag
View File

@ -1,23 +0,0 @@
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="o" tagdir="/WEB-INF/tags/common" %>
<%@ attribute name="title" required="true" %>
<%@ attribute name="reqURL" required="true" %>
<%@ attribute name="baseURL" required="true" %>
<%@ attribute name="samlResourcesURL" required="true" %>
<%@ attribute name="cssLinks" required="true" type="java.util.ArrayList<java.lang.String>" %>
<c:set var="logoURL" value="${samlResourcesURL}/module.php/elixir/res/img/logo_256.png"/>
<o:headerInit title="${title}" reqURL="${reqURL}" baseURL="${baseURL}" samlResourcesURL="${samlResourcesURL}"/>
<link rel="icon" href="resources/images/elixir.ico" />
<link rel="stylesheet" type="text/css" href="${samlResourcesURL}/module.php/elixir/res/bootstrap/css/bootstrap.min.css" />
<link rel="stylesheet" type="text/css" href="${samlResourcesURL}/module.php/elixir/res/css/elixir.css" />
<o:headerCssLinks cssLinks="${cssLinks}"/>
</head>
<o:headerBody logoURL="${logoURL}"/>

21
perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/footer.tag Normal file
View File

@ -0,0 +1,21 @@
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
</div> <!-- ENDCARD_BODY -->
</div> <!-- ENDCARD -->
</div> <!-- ENDCOL -->
</div> <!-- ENDROW -->
<footer>
<div class="footer offset-1 col-10 offset-sm-1 col-sm-10 offset-md-2 col-md-8 offset-lg-3 col-lg-6 offset-xl-3 col-xl-6">
<div class="footer-contact">
<a class="contact-link" href="mailto:support@aai.lifescience-ri.eu">Contact us</a>
</div>
<div class="footer-policy">
<a class="footer-policy-link" href="https://lifescience-ri.eu/ls-login/ls-aai-aup.html">Privacy Policy</a>
</div>
</div>
</footer>
<script type="text/javascript" src="https://login.elixir-czech.org/elixir/res/js/jquery-3.5.1.min.js"></script>
<script type="text/javascript" src="https://login.elixir-czech.org/elixir/res/js/bootstrap.min.js"></script>
<script type="text/javascript" src="https://login.elixir-czech.org/elixir/res/js/cmservice.js"></script>
</body>
</html>

19
perun-oidc-server-webapp/src/main/webapp/WEB-INF/tags/lsaai/header.tag Normal file
View File

@ -0,0 +1,19 @@
<%@ tag pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<html>
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link href="https://login.elixir-czech.org/proxy/module.php/elixir/res/css/bootstrap.min.css" rel="stylesheet" type="text/css"/>
<link href="https://login.elixir-czech.org/proxy/module.php/elixir/res/css/eduteams.css" rel="stylesheet" type="text/css"/>
<link href="https://login.elixir-czech.org/proxy/module.php/elixir/res/css/cmservice.css" rel="stylesheet" type="text/css"/>
<script type="text/javascript" src="/proxy/resources/script.js"></script>
<title>SimpleSAMLphp</title>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap" rel="stylesheet">
<body>
<div class="row">
<div class="offset-1 col-10 offset-sm-1 col-sm-10 offset-md-2 col-md-8 offset-lg-3 col-lg-6 offset-xl-3 col-xl-6">
<div class="card">
<img class="card-img-top" src="https://login.elixir-czech.org/proxy/module.php/elixir/res/img/lsaai_logo.png" alt="Life Science Login logo">
<div class="card-body">

35
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/continue_direct.jsp
View File

@ -1,35 +0,0 @@
<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" trimDirectiveWhitespaces="true" %>
<%@ page import="java.util.ArrayList" %>
<%@ page import="java.util.List" %>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="t" tagdir="/WEB-INF/tags/common" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%
List<String> cssLinks = new ArrayList<>();
pageContext.setAttribute("cssLinks", cssLinks);
%>
<spring:message code="continue_direct_title" var="title"/>
<t:header title="${title}" reqURL="${reqURL}" baseURL="${baseURL}"
cssLinks="${cssLinks}" theme="${theme}"/>
<h1><spring:message code="continue_direct_header"/></h1>
</div> <%-- header --%>
<div id="content">
<div id="head">
<h1><spring:message code="continue_direct_heading"/></h1>
</div>
<p><spring:message code="continue_direct_text"/></p>
<hr/>
<br/>
<a href="${fn:escapeXml(target)}" class="btn btn-lg btn-primary btn-block"><spring:message code="continue_direct_btn"/></a>
</div>
</div><!-- wrap -->
<t:footer baseURL="${baseURL}" theme="${theme}"/>

149
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approve.jsp Normal file
View File

@ -0,0 +1,149 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"
import="cz.muni.ics.oidc.server.ga4gh.Ga4ghPassportAndVisaClaimSource"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<!-- block container -->
<div class="aas-message">
<p>
The service <strong><c:out value="${client.clientName}" /></strong> requires access to your personal data.
<c:if test="${not empty(client.policyUri)}">
Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service to learn more about its commitments to protect your data.
</c:if>
</p>
</div>
<c:if test="${empty(client.policyUri)}">
<div class="alert alert-warning" role="alert">
<h6>This service is missing a Privacy Policy document.</h6>
</div>
</c:if>
<c:if test="${getsOfflineAccess}">
<div class="alert alert-warning" role="alert">
<div><h6>This service requests continuous access to your personal data.</h6>
<p>
Normally when you close your browser the service stops fetching your personal data from Life Science Login.
However, in this case, fetching your personal data continues as it is required for the service to work.
</p>
</div>
</div>
</c:if>
<c:if test="${not client.acceptedTos}">
<div class="alert alert-warning" role="alert">
<h6>This service has not declared compliance with the <a target="_blank" href="https://lifescience-ri.eu/aai/terms-of-use">Terms of Use for service providers</a> that govern the service's use of Life Science Login.</h6>
</div>
</c:if>
<form name="confirmationForm" id="allow_consent_form" class="form-group"
action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/authorize" method="post">
<div id="accordion">
<div class="section">
<div class="card-header" id="headingOne">
<h5 class="mb-0">
<button class="btn btn-link" type="button" data-toggle="collapse" data-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">
User Information
</button>
</h5>
</div>
<c:if test="${not empty scopes}">
<c:forEach var="scope" items="${scopes}">
<c:set var="singleClaim" value="${fn:length(claims[scope.value]) eq 1}" />
<div class="card-body">
<div class="attribute-row">
<div class="attribute">
<div class="attribute-name form-check">
<input class="form-check-input" type="checkbox" name="scope_${ fn:escapeXml(scope.value) }" checked="checked"
id="scope_${fn:escapeXml(scope.value)}" value="${fn:escapeXml(scope.value)}">
<label class="form-check-label" for="scope_${fn:escapeXml(scope.value)}">
<spring:message code="${scope.value}"/>
</label>
</div>
</div>
<div class="attribute-values">
<c:forEach var="claim" items="${claims[scope.value]}">
<div class="attribute-choose">
<div class="attribute-value">
<c:if test="${claim.value.getClass().name eq 'java.util.ArrayList'}">
<c:forEach var="subValue" items="${claim.value}">
<div>
<c:choose>
<c:when test="${claim.key=='ga4gh_passport_v1'}">
<code><%= Ga4ghPassportAndVisaClaimSource.parseAndVerifyVisa(
(String) pageContext.findAttribute("subValue")).getPrettyString() %></code>
</c:when>
<c:otherwise>
<code>${subValue}</code>
</c:otherwise>
</c:choose>
</div>
</c:forEach>
</c:if>
<c:if test="${not(claim.value.getClass().name eq 'java.util.ArrayList')}">
<c:if test="${scope.value eq 'profile'
or scope.value eq 'email'
or scope.value eq 'phone'}">
<strong><spring:message code="${claim.key}"/>:${' '}</strong>
</c:if>
<code>${claim.value}</code>
</c:if>
</div>
</div>
</c:forEach>
</div>
</div>
</div>
</c:forEach>
</c:if>
</div>
</div>
<c:if test="${not empty jurisdiction}">
<div class="alert alert-danger" role="alert">
<h6>
This service is${' '}
<c:if test="${jurisdiction eq 'INT'}">provided by an international organization. </c:if>
<c:if test="${jurisdiction ne 'INT'}">in ${jurisdiction}</c:if>
</h6>
<p>
In order to access the requested services, the Life Science Login needs to transfer your personal data to a country outside EU/EEA.
We cannot guarantee that this country offers an adequately high level of personal data protection as EU/EEA countries.
<c:if test="${not empty(client.policyUri)}">
Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service provider to learn more about its commitments to protect your data.
</c:if>
</p>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="transfer" id="transfer" data-np-checked="1">
<label class="form-check-label" for="transfer">To continue, consent to the transfer of your personal data.</label>
</div>
</div>
</c:if>
<div class="outro">
<p>
For withdrawing consent, contact <a href="mailto:support@aai.lifescience-ri.eu">support@example.com</a>
</p>
</div>
<div class="footer-buttons">
<div class="remember">
<label>Remember:</label>
<div id="select-amount">
<select name="remember" id="month" class="btn btn-sm btn-secondary amount">
<option value="none">Just this time</option>
<option value="until-revoked">Forever</option>
</select>
</div>
</div>
<div class="consent-button">
<a id="abort" class="btn btn-danger" href="https://lifescience-ri.eu/index.php?id=409">Abort</a>
<input type="submit" class="btn btn-primary" value="Consent" id="submit" name="authorize"
<c:if test="${not empty jurisdiction}">disabled=""</c:if>
onclick="$('#user_oauth_approval').attr('value',true)">
</div>
</div>
<input id="user_oauth_approval" name="user_oauth_approval" value="true" type="hidden" />
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
<ls:footer />

153
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/approveDevice.jsp Normal file
View File

@ -0,0 +1,153 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"
import="cz.muni.ics.oidc.server.ga4gh.Ga4ghPassportAndVisaClaimSource"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<!-- block container -->
<div class="aas-message">
<p>
The service <strong><c:out value="${client.clientName}" /></strong> requires access to your personal data.
<c:if test="${not empty(client.policyUri)}">
Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service to learn more about its commitments to protect your data.
</c:if>
</p>
</div>
<c:if test="${empty(client.policyUri)}">
<div class="alert alert-warning" role="alert">
<h6>This service is missing a Privacy Policy document.</h6>
</div>
</c:if>
<c:if test="${getsOfflineAccess}">
<div class="alert alert-warning" role="alert">
<div><h6>This service requests continuous access to your personal data.</h6>
<p>
Normally when you close your browser the service stops fetching your personal data from Life Science Login.
However, in this case, fetching your personal data continues as it is required for the service to work.
</p>
</div>
</div>
</c:if>
<c:if test="${not client.acceptedTos}">
<div class="alert alert-warning" role="alert">
<h6>This service has not declared compliance with the <a target="_blank" href="https://lifescience-ri.eu/aai/terms-of-use">Terms of Use for service providers</a> that govern the service's use of Life Science Login.</h6>
</div>
</c:if>
<form name="confirmationForm" id="allow_consent_form" class="form-group"
action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/device/approved" method="post">
<div id="accordion">
<div class="section">
<div class="card-header" id="headingOne">
<h5 class="mb-0">
<button class="btn btn-link" type="button" data-toggle="collapse" data-target="#collapseOne" aria-expanded="true" aria-controls="collapseOne">
User Information
</button>
</h5>
</div>
<div id="collapseOne" class="collapse show" aria-labelledby="headingOne" data-parent="#accordion">
<c:if test="${not empty scopes}">
<c:forEach var="scope" items="${scopes}">
<c:set var="singleClaim" value="${fn:length(claims[scope.value]) eq 1}" />
<div class="card-body">
<div class="attribute-row">
<div class="attribute">
<div class="attribute-name form-check">
<input class="form-check-input" type="checkbox" name="scope_${ fn:escapeXml(scope.value) }" checked="checked"
id="scope_${fn:escapeXml(scope.value)}" value="${fn:escapeXml(scope.value)}">
<label class="form-check-label" for="scope_${fn:escapeXml(scope.value)}">
<spring:message code="${scope.value}"/>
</label>
</div>
</div>
<div class="attribute-values">
<c:forEach var="claim" items="${claims[scope.value]}">
<div class="attribute-choose">
<div class="attribute-value">
<c:if test="${claim.value.getClass().name eq 'java.util.ArrayList'}">
<c:forEach var="subValue" items="${claim.value}">
<div>
<c:choose>
<c:when test="${claim.key=='ga4gh_passport_v1'}">
<code><%= Ga4ghPassportAndVisaClaimSource.parseAndVerifyVisa(
(String) pageContext.findAttribute("subValue")).getPrettyString() %></code>
</c:when>
<c:otherwise>
<code>${subValue}</code>
</c:otherwise>
</c:choose>
</div>
</c:forEach>
</c:if>
<c:if test="${not(claim.value.getClass().name eq 'java.util.ArrayList')}">
<c:if test="${scope.value eq 'profile'
or scope.value eq 'email'
or scope.value eq 'phone'}">
<strong><spring:message code="${claim.key}"/>:${' '}</strong>
</c:if>
<code>${claim.value}</code>
</c:if>
</div>
</div>
</c:forEach>
</div>
</div>
</div>
</c:forEach>
</c:if>
</div>
</div>
</div>
<c:if test="${not empty jurisdiction}">
<div class="alert alert-danger" role="alert">
<h6>
This service is${' '}
<c:if test="${jurisdiction eq 'INT'}">provided by an international organization. </c:if>
<c:if test="${jurisdiction ne 'INT'}">in ${jurisdiction}</c:if>
</h6>
<p>
In order to access the requested services, the Life Science Login needs to transfer your personal data to a country outside EU/EEA.
We cannot guarantee that this country offers an adequately high level of personal data protection as EU/EEA countries.
<c:if test="${not empty(client.policyUri)}">
Please, read the <a target="_blank" href="<c:out value="${client.policyUri}" />">Privacy Policy</a> of the service provider to learn more about its commitments to protect your data.
</c:if>
</p>
<div class="form-check">
<input class="form-check-input" type="checkbox" name="transfer" id="transfer" data-np-checked="1">
<label class="form-check-label" for="transfer">To continue, consent to the transfer of your personal data.</label>
</div>
</div>
</c:if>
<div class="outro">
<p>
For withdrawing consent, contact
<a href="mailto:support@aai.lifescience-ri.eu">support@example.com</a>
</p>
</div>
<div class="footer-buttons">
<div class="remember">
<label>Remember:</label>
<div id="select-amount">
<select name="remember" id="month" class="btn btn-sm btn-secondary amount">
<option value="none">Just this time</option>
<option value="until-revoked">Forever</option>
</select>
</div>
</div>
<div class="consent-button">
<a id="abort" class="btn btn-danger" href="https://lifescience-ri.eu/index.php?id=409">Abort</a>
<input type="submit" class="btn btn-primary" value="Consent" id="submit" name="authorize"
<c:if test="${not empty jurisdiction}">disabled=""</c:if>
onclick="$('#user_oauth_approval').attr('value',true)">
</div>
</div>
<input id="user_oauth_approval" name="user_oauth_approval" value="true" type="hidden" />
<input type="hidden" name="user_code" value="${ dc.userCode }" />
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
<ls:footer />

26
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/aup.jsp Normal file
View File

@ -0,0 +1,26 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<h3><spring:message code="must_agree_aup"/></h3>
<form method="POST" action="">
<c:forEach var="aup" items="${newAups}">
<div>
<p style="font-size: 16px; padding: 0; margin: 0;"><spring:message code="org_vo"/>${" "}<strong>${aup.key}</strong></p>
<p><spring:message code="see_aup"/>${" "}${aup.value.version}${" "}
<a href="${aup.value.link}"><spring:message code="here"/></a></p>
</div>
</c:forEach>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
<div class="form-group">
<spring:message code="agree_aup" var="submit_value"/>
<input type="submit" value="${submit_value}" class="btn btn-lg btn-primary btn-block">
</div>
</form>
<ls:footer/>

23
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/isTestSpWarning.jsp Normal file
View File

@ -0,0 +1,23 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="is_test_sp_warning_header"/></h1>
</div>
<p><spring:message code="is_test_sp_warning_text"/></p>
<form method="GET" action="${action}">
<hr/>
<br/>
<input type="hidden" name="target" value="${fn:escapeXml(target)}">
<input type="hidden" name="accepted" value="true">
<spring:message code="is_test_sp_warning_continue" var="submit_value"/>
<input type="submit" name="continue" value="${submit_value}" class="btn btn-lg btn-primary btn-block">
</form>
<ls:footer />

23
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_failure.jsp Normal file
View File

@ -0,0 +1,23 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="login_failure_header"/></h1>
</div>
<div class="msg"><spring:message code="login_failure_msg"/></div>
<c:if test="${not empty('error_msg')}">
<div class="mgs">
<spring:message code="${error_msg}"/>
</div>
</c:if>
<div class="msg"><spring:message code="login_failure_contact_us"/>${" "}
<a href="mailto:${contactMail}">${contactMail}</a>.
</div>
<ls:footer />

15
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/login_success.jsp Normal file
View File

@ -0,0 +1,15 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="login_success_header"/></h1>
</div>
<div class="msg"><spring:message code="login_success_msg"/></div>
<ls:footer />

28
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout.jsp Normal file
View File

@ -0,0 +1,28 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<h1><spring:message code="logout.confirmation.header"/></h1>
<form action="${config.issuer}${config.issuer.endsWith('/') ? '' : '/'}endsession" method="POST">
<p><spring:message code="logout.confirmation.explanation"/></p>
<div class="row">
<div class="col-md-6 mb-4">
<spring:message code="logout.confirmation.submit" var="submit_value_approve"/>
<input name="approve" value="${submit_value_approve}"
type="submit" class="btn btn-lg btn-block btn-primary" />
</div>
<div class="col-md-6 mb-4">
<spring:message code="logout.confirmation.deny" var="submit_value_deny"/>
<input name="deny" value="${submit_value_deny}"
type="submit" class="btn btn-lg btn-block" />
</div>
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
</form>
<ls:footer/>

48
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logoutConfirmation.jsp Normal file
View File

@ -0,0 +1,48 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div class="well" style="text-align: center">
<h1><spring:message code="logout.confirmation.header"/></h1>
<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }endsession" method="POST">
<div class="row-fluid">
<div class="span12">
<spring:message code="logout.confirmation.submit" var="authorize_label"/>
<spring:message code="logout.confirmation.deny" var="deny_label"/>
<div>
<c:if test="${ not empty client }">
<!-- display some client information -->
<spring:message code="logout.confirmation.requested"/>&nbsp;
<c:choose>
<c:when test="${empty client.clientName}">
<em><c:out value="${client.clientId}" /></em>
</c:when>
<c:otherwise>
<em><c:out value="${client.clientName}" /></em>
</c:otherwise>
</c:choose>
</c:if>
</div>
<div>
<spring:message code="logout.confirmation.explanation" />
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<input name="approve" value="${authorize_label}" type="submit" class="btn btn-info btn-large" />
&nbsp;
<input name="deny" value="${deny_label}" type="submit" class="btn btn-large" />
</div>
</div>
</form>
</div>
<ls:footer />

15
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_denied.jsp Normal file
View File

@ -0,0 +1,15 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="logout_denied_header"/></h1>
</div>
<div class="msg"><spring:message code="logout_denied_msg"/></div>
<ls:footer/>

15
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/logout_success.jsp Normal file
View File

@ -0,0 +1,15 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="logout_success_header"/></h1>
</div>
<div class="msg"><spring:message code="logout_success_msg"/></div>
<ls:footer/>

54
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationForm.jsp Normal file
View File

@ -0,0 +1,54 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="registration_header1"/>
<c:choose>
<c:when test="${not empty client.clientName and not empty client.clientUri}">
&#32;<a href="${fn:escapeXml(client.clientUri)}">${fn:escapeXml(client.clientName)}</a>
</c:when>
<c:when test="${not empty client.clientName}">
&#32;${fn:escapeXml(client.clientName)}
</c:when>
</c:choose>
${" "}<spring:message code="registration_header2"/>
</h1>
</div>
<div class="msg"><spring:message code="registration_message"/></div>
<div class="list-group">
<form action="${action}" method="get">
<h4><spring:message code="registration_select_vo"/></h4>
<select id="selectVo" class="form-control" name="selectedVo" onchange="filter()" required>
<c:forEach var="voGroupPair" items="${groupsForRegistration}">
<option value="${fn:escapeXml(voGroupPair.key.shortName)}">
${fn:escapeXml(voGroupPair.key.name)}
</option>
</c:forEach>
</select>
<h4 class="selectGroup" style="display: none"><spring:message code="registration_select_group"/></h4>
<select class="selectGroup form-control" name="selectedGroup" class="form-control" style="display: none" required>
<c:forEach var="voGroupPair" items="${groupsForRegistration}">
<c:forEach var="group" items="${voGroupPair.value}">
<option class="groupOption" value="${fn:escapeXml(voGroupPair.key.shortName)}:${fn:escapeXml(group.name)}">
${fn:escapeXml(group.description)}
</option>
</c:forEach>
</c:forEach>
</select>
<spring:message code="registration_continue" var="submit_value"/>
<input type="submit" value="${submit_value}" class="btn btn-lg btn-primary btn-block">
</form>
</div>
<script type="text/javascript" src="resources/js/reg_form_select.js"></script>
<ls:footer/>

35
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/registrationFormContinue.jsp Normal file
View File

@ -0,0 +1,35 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div id="head">
<h1><spring:message code="go_to_registration_header1"/>
<c:choose>
<c:when test="${not empty client.clientName and not empty client.clientUri}">
${" "}<a href="${fn:escapeXml(client.uri)}">${fn:escapeXml(client.clientName)}</a>
</c:when>
<c:when test="${not empty client.clientName}">
${" "}${fn:escapeXml(client.clientName)}
</c:when>
</c:choose>
${" "}<spring:message code="go_to_registration_header2"/>
</h1>
</div>
<form method="GET" action="${action}">
<hr/>
<br/>
<input type="hidden" name="client_id" value="${fn:escapeXml(client_id)}" />
<input type="hidden" name="facility_id" value="${fn:escapeXml(facility_id)}" />
<input type="hidden" name="user_id" value="${fn:escapeXml(user_id)}" />
<spring:message code="go_to_registration_continue" var="submit_value"/>
<input type="submit" name="continueToRegistration" value="${submit_value}"
class="btn btn-lg btn-primary btn-block">
</form>
<ls:footer/>

55
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/requestUserCode.jsp Normal file
View File

@ -0,0 +1,55 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div class="well" style="text-align: center">
<h1><spring:message code="device.request_code.header"/></h1>
<c:if test="${ error != null }">
<c:choose>
<c:when test="${ error == 'noUserCode' }">
<div class="alert alert-error"><spring:message code="device.error.noUserCode"/></div>
</c:when>
<c:when test="${ error == 'expiredUserCode' }">
<div class="alert alert-error"><spring:message code="device.error.expiredUserCode"/></div>
</c:when>
<c:when test="${ error == 'userCodeAlreadyApproved' }">
<div class="alert alert-error"><spring:message code="device.error.userCodeAlreadyApproved"/></div>
</c:when>
<c:when test="${ error == 'userCodeMismatch' }">
<div class="alert alert-error"><spring:message code="device.error.userCodeMismatch"/></div>
</c:when>
<c:otherwise>
<div class="alert alert-error"><spring:message code="device.error.error"/></div>
</c:otherwise>
</c:choose>
</c:if>
<form action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/device" method="POST">
<div class="row-fluid">
<div class="span12">
<spring:message code="device.request_code.submit" var="authorize_label"/>
<div>
<div class="input-block-level input-xlarge">
<input type="text" name="user_code" placeholder="code" autocorrect="off"
autocapitalize="off" autocomplete="off" spellcheck="false" value="${user_code}" />
</div>
</div>
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<input name="approve" value="${authorize_label}" type="submit" class="btn btn-info btn-large" />
</div>
</div>
</form>
</div>
<ls:footer/>

33
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedDeviceApproved.jsp Normal file
View File

@ -0,0 +1,33 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<h1>
<c:if test="${ approved }"><p>&#x2714; <spring:message code="device_approved_approved"/></p></c:if>
<c:if test="${ not approved }"><p>&#x2717; <spring:message code="device_approved_rejected"/></p></c:if>
</h1>
<p class="mt-2">
<c:if test="${ approved }">
<spring:message code="device_approved_text_approved_start"/>${" "}
<c:if test="${empty client.clientName}"><em><c:out value="${client.clientId}" /></em></c:if>
<c:if test="${not empty client.clientName}"><em><c:out value="${client.clientName}" /></em></c:if>
${" "}<spring:message code="device_approved_text_approved_end"/>
</c:if>
<c:if test="${not approved}">
<spring:message code="device_approved_text_rejected_start"/>
<c:if test="${empty client.clientName}">
<em>${" "}<c:out value="${client.clientId}"/></em>
</c:if>
<c:if test="${not empty client.clientName}">
<em>${" "}<c:out value="${client.clientName}"/></em>
</c:if>
${". "}<spring:message code="device_approved_text_rejected_end"/>
</c:if>
</p>
<ls:footer />

61
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/themedRequestUserCode.jsp Normal file
View File

@ -0,0 +1,61 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header/>
<h1><spring:message code="request_code_header"/></h1>
<c:choose>
<c:when test="${ not empty error }">
<p class="alert alert-danger mt-2">
<c:choose>
<c:when test="${ error == 'noUserCode' }">
<spring:message code="user_code_empty_or_not_found"/>
</c:when>
<c:when test="${ error == 'expiredUserCode' }">
<spring:message code="user_code_expired"/>
</c:when>
<c:when test="${ error == 'userCodeAlreadyApproved' }">
<spring:message code="user_code_already_approved"/>
</c:when>
<c:when test="${ error == 'userCodeMismatch' }">
<spring:message code="user_code_mismatch"/>
</c:when>
<c:otherwise>
<spring:message code="user_code_error"/>
</c:otherwise>
</c:choose>
</p>
</c:when>
<c:otherwise>
<p class="mt-2"><spring:message code="user_code_info"/></p>
</c:otherwise>
</c:choose>
<form name="confirmationForm" class="mt-2" method="POST"
action="${ config.issuer }${ config.issuer.endsWith('/') ? '' : '/' }auth/device">
<div class="row-fluid">
<div class="span12">
<div>
<div class="input-block-level input-xlarge">
<spring:message code="code" var="code_placeholder"/>
<input type="text" name="user_code" placeholder="${code_placeholder}"
autocapitalize="off" autocomplete="off" spellcheck="false" value="${user_code}" />
</div>
</div>
</div>
</div>
<div class="row-fluid mt-2">
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}" />
<input type="hidden" name="acr" value="${acr}">
<spring:message code="user_code_submit" var="submit_value"/>
<input name="approve" value="${submit_value}" type="submit"
class="btn btn-success btn-block btn-large" />
</div>
</form>
<ls:footer/>

36
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved.jsp Normal file
View File

@ -0,0 +1,36 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div class="error_message" style="word-wrap: break-word;">
<c:forEach var="contactIter" items="${client.contacts}" end="0">
<c:set var="contact" value="${contactIter}" />
</c:forEach>
<c:if test="${empty contact}">
<c:set var="contact" value="${contactMail}"/>
</c:if>
<h1><spring:message code="403_header"/></h1>
<p><spring:message code="403_text"/>${' '}${fn:escapeXml(client.clientName)}
<c:if test="${not empty client.clientUri}">
<br/>
<spring:message code="403_informationPage"/>${' '}
<a href="${fn:escapeXml(client.clientUri)}">
${fn:escapeXml(client.clientUri)}
</a>
</c:if>
</p>
<spring:message code="403_subject" var="subject"/>
<p><spring:message code="403_contactSupport"/>${' '}
<a href="mailto:${contact}?subject=${subject} ${fn:escapeXml(client.clientName)}">
${fn:escapeXml(contact)}
</a>
</p>
</div>
<ls:footer />

16
perun-oidc-server-webapp/src/main/webapp/WEB-INF/views/lsaai/unapproved_spec.jsp Normal file
View File

@ -0,0 +1,16 @@
<%@ page contentType="text/html; charset=utf-8" pageEncoding="utf-8"%>
<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core"%>
<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt"%>
<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %>
<%@ taglib prefix="ls" tagdir="/WEB-INF/tags/lsaai" %>
<ls:header />
<div class="error_message" style="word-wrap: break-word;">
<h1><spring:message code="${outHeader}"/></h1>
<p><spring:message code="${outMessage}"/></p>
<p><spring:message code="contact_p"/>${" "}<a href="mailto:${contactMail}">${contactMail}</a></p>
</div>
<ls:footer />

6
perun-oidc-server/src/main/java/cz/muni/ics/oauth2/model/ClientDetailsEntity.java
View File

@ -314,6 +314,12 @@ public class ClientDetailsEntity implements ClientDetails {
}
}
@Column(name = "accepted_tos")
private boolean acceptedTos;
@Column(name = "jurisdiction")
private String jurisdiction;
@Override
public String getClientId() {
return clientId;

25
perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/controller/OAuthConfirmationController.java
View File

@ -38,8 +38,11 @@ import cz.muni.ics.openid.connect.service.ScopeClaimTranslationService;
import cz.muni.ics.openid.connect.service.UserInfoService;
import cz.muni.ics.openid.connect.view.HttpCodeView;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.HashSet;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
@ -55,6 +58,7 @@ import org.springframework.security.oauth2.common.exceptions.OAuth2Exception;
import org.springframework.security.oauth2.provider.AuthorizationRequest;
import org.springframework.security.oauth2.provider.endpoint.RedirectResolver;
import org.springframework.stereotype.Controller;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttributes;
@ -88,6 +92,11 @@ public class OAuthConfirmationController {
public static final String APPROVE = "approve";
public static final String REMEMBER_ENABLED = "rememberEnabled";
public static final String LSAAI = "lsaai";
public static final Set<String> euEaa = Set.of("AT", "BE", "BG", "HR", "CY", "CZ", "DK", "EE", "FI", "FR", "DE",
"EL", "HU", "IE", "IT", "LV", "LT", "LU", "MT", "NL", "PT", "RO", "SK", "SI", "ES", "SE", "NO", "IS", "LI", "GB");
@Getter
@Setter
private ClientDetailsEntityService clientService;
@ -188,9 +197,25 @@ public class OAuthConfirmationController {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
model.put(PAGE, CONSENT);
if (perunOidcConfig.getTheme().equalsIgnoreCase(LSAAI)) {
model.put("getsOfflineAccess", authRequest.getScope().contains("offline_access"));
model.put("jurisdiction", getJurisdiction(client));
return "lsaai/approve";
}
return THEMED_APPROVE;
}
private String getJurisdiction(ClientDetailsEntity client) {
if (!StringUtils.hasText(client.getJurisdiction()) || euEaa.contains(client.getJurisdiction())) {
return "";
} else if (client.getJurisdiction().length() > 2) {
return "INT";
}
Locale l = new Locale("", client.getJurisdiction());
return l.getDisplayCountry() + " (" + l.getISO3Country() + ")";
}
private String sendRedirect(AuthorizationRequest authRequest, Map<String, Object> model, ClientDetailsEntity client) {
String url = redirectResolver.resolveRedirect(authRequest.getRedirectUri(), client);

25
perun-oidc-server/src/main/java/cz/muni/ics/oauth2/web/endpoint/DeviceEndpoint.java
View File

@ -38,6 +38,7 @@ import java.net.URISyntaxException;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
@ -125,6 +126,8 @@ public class DeviceEndpoint {
public static final String CHECK_USER_CODE_URL = "/auth/device/authorize";
public static final String DEVICE_APPROVED_URL = "/auth/device/approved";
public static final Set<String> euEaa = Set.of("AT", "BE", "BG", "HR", "CY", "CZ", "DK", "EE", "FI", "FR", "DE", "EL", "HU", "IE", "IT", "LV", "LT", "LU", "MT", "NL", "PT", "RO", "SK", "SI", "ES", "SE", "NO", "IS", "LI", "GB");
private final ClientDetailsEntityService clientService;
private final SystemScopeService scopeService;
private final DeviceCodeService deviceCodeService;
@ -403,6 +406,9 @@ public class DeviceEndpoint {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
model.put(PAGE, REQUEST_USER_CODE);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/" + THEMED_REQUEST_USER_CODE;
}
return THEMED_REQUEST_USER_CODE;
}
@ -413,6 +419,9 @@ public class DeviceEndpoint {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
model.put(PAGE, DEVICE_APPROVED);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/" + THEMED_DEVICE_APPROVED;
}
return THEMED_DEVICE_APPROVED;
}
@ -435,9 +444,25 @@ public class DeviceEndpoint {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
model.put(PAGE, APPROVE_DEVICE);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
model.put("getsOfflineAccess", dc.getScope().contains("offline_access"));
model.put("jurisdiction", getJurisdiction(client));
return "lsaai/" + APPROVE_DEVICE;
}
return THEMED_APPROVE_DEVICE;
}
private String getJurisdiction(ClientDetailsEntity client) {
if (!StringUtils.hasText(client.getJurisdiction()) || euEaa.contains(client.getJurisdiction())) {
return "";
} else if (client.getJurisdiction().length() > 2) {
return "INT";
}
Locale l = new Locale("", client.getJurisdiction());
return l.getDisplayCountry() + " (" + l.getISO3Country() + ")";
}
private String constructVerificationURI(String uri, Map<String, String> params) throws URISyntaxException {
if (params == null || params.isEmpty()) {
return uri;

3
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/AupController.java
View File

@ -71,6 +71,9 @@ public class AupController {
model.put(NEW_AUPS, newAups);
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/aup";
}
return "aup";
}

3
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/IsTestSpController.java
View File

@ -46,6 +46,9 @@ public class IsTestSpController {
model.put(TARGET, returnUrl);
model.put(ACTION, req.getRequestURL().toString());
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/isTestSpWarning";
}
return "isTestSpWarning";
}

6
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LoginController.java
View File

@ -40,6 +40,9 @@ public class LoginController {
@RequestMapping(value = MAPPING_SUCCESS)
public String loginSuccess(HttpServletRequest req, Map<String, Object> model) {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/login_success";
}
return "login_success";
}
@ -65,6 +68,9 @@ public class LoginController {
}
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/login_failure";
}
return "login_failure";
}

3
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/LogoutController.java
View File

@ -27,6 +27,9 @@ public class LogoutController {
@RequestMapping(value = MAPPING_SUCCESS)
public String logoutSuccess(HttpServletRequest req, Map<String, Object> model) {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/logout_success";
}
return "logout_success";
}

24
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedController.java
View File

@ -112,6 +112,9 @@ public class PerunUnapprovedController {
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
model.put("client", client);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved";
}
return "unapproved";
}
@ -127,6 +130,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}
@ -156,6 +162,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}
@ -180,6 +189,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}
@ -192,6 +204,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}
@ -204,6 +219,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}
@ -216,6 +234,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}
@ -228,6 +249,9 @@ public class PerunUnapprovedController {
model.put(OUT_CONTACT_P, CONTACT_LANG_PROP_KEY);
model.put(CONTACT_MAIL, perunOidcConfig.getEmailContact());
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/unapproved_spec";
}
return "unapproved_spec";
}

6
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/PerunUnapprovedRegistrationController.java
View File

@ -119,6 +119,9 @@ public class PerunUnapprovedRegistrationController {
model.put("groupsForRegistration", groupsForRegistration);
model.put("page", "regForm");
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/registrationForm";
}
return "registrationForm";
}
@ -150,6 +153,9 @@ public class PerunUnapprovedRegistrationController {
.replace(REGISTRATION_CONTINUE_MAPPING, REGISTRATION_FORM_MAPPING));
ControllerUtils.setPageOptions(model, request, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/registrationFormContinue";
}
return "registrationFormContinue";
}

3
perun-oidc-server/src/main/java/cz/muni/ics/oidc/web/controllers/RegistrationController.java
View File

@ -35,6 +35,9 @@ public class RegistrationController {
{
model.put(PARAM_TARGET, target);
ControllerUtils.setPageOptions(model, req, htmlClasses, perunOidcConfig);
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/continue_direct";
}
return "continue_direct";
}

6
perun-oidc-server/src/main/java/cz/muni/ics/openid/connect/web/endpoint/EndSessionEndpoint.java
View File

@ -146,6 +146,9 @@ public class EndSessionEndpoint {
ControllerUtils.setPageOptions(model, request, htmlClasses, perunOidcConfig);
// display the log out confirmation page
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/logout";
}
return "logout";
}
}
@ -187,6 +190,9 @@ public class EndSessionEndpoint {
log.trace("redirecting to logout SAML only");
return "redirect:" + getLogoutUrl(null);
} else {
if (perunOidcConfig.getTheme().equalsIgnoreCase("lsaai")) {
return "lsaai/logout_denied";
}
return "logout_denied";
}
}