Updating approval page to use oauth2 libs

2012-03-12 12:50:13 -04:00 · 2012-03-12 12:50:13 -04:00 · f3e53386f9
parent 663d7cce9f
commit f3e53386f9
1 changed files with 14 additions and 20 deletions
--- a/server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
+++ b/server/src/main/webapp/WEB-INF/views/oauth/approve.jsp
@ -1,25 +1,23 @@
 <%@ page import="org.springframework.security.core.AuthenticationException" %>
-<%@ page import="org.springframework.security.oauth2.provider.verification.BasicUserApprovalFilter" %>
+<%@ page import="org.springframework.security.oauth2.common.exceptions.UnapprovedClientAuthenticationException" %>
 <%@ page import="org.springframework.security.oauth2.provider.verification.VerificationCodeFilter" %>
 <%@ page import="org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter" %>
 <%@ taglib prefix="authz" uri="http://www.springframework.org/security/tags" %>
-<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core_rt" %>
+<%@ taglib prefix="c" uri="http://java.sun.com/jstl/core" %>
 <%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>
 <%@ taglib prefix="o" tagdir="/WEB-INF/tags" %>
 <o:header title="approve access"/>
 <o:topbar/>
 <div class="container">
    <div class="content">
-        <c:if test="${!empty sessionScope.SPRING_SECURITY_LAST_EXCEPTION}">
+        <% if (session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) != null && !(session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY) instanceof UnapprovedClientAuthenticationException)) { %>
-            <div class="alert-message error">
+        <div class="alert-message error">
-                <a href="#" class="close">&times;</a>
+            <a href="#" class="close">&times;</a>
-                <p><strong>Access could not be granted.</strong>
+            <p><strong>Access could not be granted.</strong>
-                    (<%= ((AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
+                (<%= ((AuthenticationException) session.getAttribute(AbstractAuthenticationProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY)).getMessage() %>
-                    )</p>
+                )</p>
-            </div>
+        </div>
-        </c:if>
+        <% } %>
        <c:remove scope="session" var="SPRING_SECURITY_LAST_EXCEPTION"/>
        <authz:authorize ifAllGranted="ROLE_USER">
@ -32,18 +30,14 @@
                <p>
                <form id="confirmationForm" name="confirmationForm"
-                      action="<%=request.getContextPath() + VerificationCodeFilter.DEFAULT_PROCESSING_URL%>"
+                      action="<%=request.getContextPath()%>/oauth/authorize" method="post">
-                      method="post">
+                    <input name="user_oauth_approval" value="true" type="hidden"/>
                    <input name="<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_REQUEST_PARAMETER%>"
                           value="<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_PARAMETER_VALUE%>" type="hidden"/>
                    <input name="authorize" value="Authorize" type="submit" class="btn success large"/>
                </form>
                &nbsp;
-                <form id="denialForm" name="denialForm"
+                <form id="denialForm" name="denialForm" action="<%=request.getContextPath()%>/oauth/authorize"
                      action="<%=request.getContextPath() + VerificationCodeFilter.DEFAULT_PROCESSING_URL%>"
                      method="post">
-                    <input name="<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_REQUEST_PARAMETER%>"
+                    <input name="user_oauth_approval" value="false" type="hidden"/>
                           value="not_<%=BasicUserApprovalFilter.DEFAULT_APPROVAL_PARAMETER_VALUE%>" type="hidden"/>
                    <input name="deny" value="Deny" type="submit" class="btn secondary large"/>
                </form>
                </p>