backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improved Authentication module code.

Browse Source 
Updated to match recent changes from cypress the OAuth Eiffel library.
This commit is contained in:
Jocelyn FIAT
2015-06-22 21:47:06 +02:00
parent 642b901856
commit 0fca03a4d1
9 changed files with 150 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
modules/auth/cms_authentication_constants.e
View File

@@ -9,5 +9,7 @@ class
feature -- Access feature -- Access
oauth_session: STRING = "EWF_ROC_OAUTH_TOKEN_" oauth_session: STRING = "EWF_ROC_OAUTH_TOKEN_"
-- Name of Cookie used to keep the session info.
-- FIXME: make this configurable.
end end

68
modules/auth/cms_authentication_email_service_parameters.e
View File

@@ -104,57 +104,48 @@ feature -- Access
contact_subject_password: IMMUTABLE_STRING_8 contact_subject_password: IMMUTABLE_STRING_8
contact_subject_oauth: IMMUTABLE_STRING_8 contact_subject_oauth: IMMUTABLE_STRING_8
account_activation: STRING account_activation: STRING
-- Account activation template email message. -- Account activation template email message.
local
p: PATH
do do
p := setup.environment.config_path.extended ("modules").extended ("login").extended("account_activation.html") Result := template_string ("account_activation.html", default_template_account_activation)
if attached read_template_file (p) as l_content then
Result := l_content
else
create Result.make_from_string (template_account_activation)
end
end end
account_re_activation: STRING account_re_activation: STRING
-- Account re_activation template email message. -- Account re_activation template email message.
local
p: PATH
do do
p := setup.environment.config_path.extended ("modules").extended ("login").extended("accunt_re_activation.html") Result := template_string ("accunt_re_activation.html", default_template_account_re_activation)
if attached read_template_file (p) as l_content then
Result := l_content
else
create Result.make_from_string (template_account_re_activation)
end
end end
account_password: STRING account_password: STRING
-- Account password template email message. -- Account password template email message.
local
p: PATH
do do
p := setup.environment.config_path.extended ("modules").extended ("login").extended("account_new_password.html") Result := template_string ("account_new_password.html", default_template_account_new_password)
if attached read_template_file (p) as l_content then
Result := l_content
else
create Result.make_from_string (template_account_new_password)
end
end end
account_welcome: STRING account_welcome: STRING
-- Account welcome template email message. -- Account welcome template email message.
do
Result := template_string ("account_welcome.html", default_template_account_welcome)
end
feature {NONE} -- Implementation: Template
template_path (a_name: READABLE_STRING_GENERAL): PATH
-- Location of template named `a_name'.
do
Result := setup.environment.config_path.extended ("modules").extended ("login").extended (a_name)
end
template_string (a_name: READABLE_STRING_GENERAL; a_default: STRING): STRING
-- Content of template named `a_name', or `a_default' if template is not found.
local local
p: PATH p: PATH
do do
p := setup.environment.config_path.extended ("modules").extended ("login").extended("account_welcome.html") p := template_path ("account_activation.html")
if attached read_template_file (p) as l_content then if attached read_template_file (p) as l_content then
Result := l_content Result := l_content
else else
create Result.make_from_string (template_account_welcome) create Result.make_from_string (a_default)
end end
end end
@@ -162,16 +153,17 @@ feature {NONE} -- Implementation
setup: CMS_SETUP setup: CMS_SETUP
read_template_file (a_path: PATH): detachable STRING read_template_file (a_path: PATH): detachable STRING
-- Read the content of the file at path `a_path'. -- Read the content of the file at path `a_path'.
local local
l_file: FILE l_file: FILE
n: INTEGER
do do
create {PLAIN_TEXT_FILE} l_file.make_with_path (a_path) create {PLAIN_TEXT_FILE} l_file.make_with_path (a_path)
if l_file.exists and then l_file.is_readable then if l_file.exists and then l_file.is_readable then
n := l_file.count
l_file.open_read l_file.open_read
l_file.read_stream (l_file.count) l_file.read_stream (n)
Result := l_file.last_string Result := l_file.last_string
l_file.close l_file.close
else else
@@ -182,7 +174,7 @@ feature {NONE} -- Implementation
feature {NONE} -- Message email feature {NONE} -- Message email
template_account_activation: STRING= "[ default_template_account_activation: STRING = "[
<!doctype html> <!doctype html>
<html lang="en"> <html lang="en">
<head> <head>
@@ -195,7 +187,7 @@ feature {NONE} -- Message email
<body> <body>
<p>Thank you for registering at <a href="...">ROC CMS</a></p> <p>Thank you for registering at <a href="...">ROC CMS</a></p>
<p>To complete your registration, please click on this link to activate your account:<p> <p>To complete your registration, please click on the following link to activate your account:<p>
<p><a href="$link">$link</a></p> <p><a href="$link">$link</a></p>
<p>Thank you for joining us.</p> <p>Thank you for joining us.</p>
@@ -204,7 +196,7 @@ feature {NONE} -- Message email
]" ]"
template_account_re_activation: STRING= "[ default_template_account_re_activation: STRING = "[
<!doctype html> <!doctype html>
<html lang="en"> <html lang="en">
<head> <head>
@@ -215,9 +207,9 @@ feature {NONE} -- Message email
</head> </head>
<body> <body>
<p>You have request a new activation token at<a href="...">ROC CMS</a></p> <p>You have requested a new activation token at <a href="...">ROC CMS</a></p>
<p>To complete your registration, please click on this link to activate your account:<p> <p>To complete your registration, please click on the following link to activate your account:<p>
<p><a href="$link">$link</a></p> <p><a href="$link">$link</a></p>
<p>Thank you for joining us.</p> <p>Thank you for joining us.</p>
@@ -227,7 +219,7 @@ feature {NONE} -- Message email
template_account_new_password: STRING= "[ default_template_account_new_password: STRING = "[
<!doctype html> <!doctype html>
<html lang="en"> <html lang="en">
<head> <head>
@@ -240,7 +232,7 @@ feature {NONE} -- Message email
<body> <body>
<p>You have required a new password at <a href="...">ROC CMS</a></p> <p>You have required a new password at <a href="...">ROC CMS</a></p>
<p>To complete your request, please click on this link to genereate a new password:<p> <p>To complete your request, please click on this link to generate a new password:<p>
<p><a href="$link">$link</a></p> <p><a href="$link">$link</a></p>
</body> </body>
@@ -248,7 +240,7 @@ feature {NONE} -- Message email
]" ]"
template_account_welcome: STRING= "[ default_template_account_welcome: STRING = "[
<!doctype html> <!doctype html>
<html lang="en"> <html lang="en">
<head> <head>

56
modules/auth/cms_authentication_module.e
View File

@@ -50,8 +50,8 @@ feature {NONE} -- Initialization
do do
name := "login" name := "login"
version := "1.0" version := "1.0"
description := "Eiffel login module" description := "Authentication module"
package := "login" package := "authentication"
create root_dir.make_current create root_dir.make_current
cache_duration := 0 cache_duration := 0
@@ -248,27 +248,27 @@ feature -- Hooks
do do
if if
a_block_id.is_case_insensitive_equal_general ("login") and then a_block_id.is_case_insensitive_equal_general ("login") and then
a_response.request.path_info.starts_with ("/account/roc-login") a_response.location.starts_with ("account/roc-login")
then then
get_block_view_login (a_block_id, a_response) get_block_view_login (a_block_id, a_response)
elseif elseif
a_block_id.is_case_insensitive_equal_general ("register") and then a_block_id.is_case_insensitive_equal_general ("register") and then
a_response.request.path_info.starts_with ("/account/roc-register") a_response.location.starts_with ("account/roc-register")
then then
get_block_view_register (a_block_id, a_response) get_block_view_register (a_block_id, a_response)
elseif elseif
a_block_id.is_case_insensitive_equal_general ("reactivate") and then a_block_id.is_case_insensitive_equal_general ("reactivate") and then
a_response.request.path_info.starts_with ("/account/reactivate") a_response.location.starts_with ("account/reactivate")
then then
get_block_view_reactivate (a_block_id, a_response) get_block_view_reactivate (a_block_id, a_response)
elseif elseif
a_block_id.is_case_insensitive_equal_general ("new_password") and then a_block_id.is_case_insensitive_equal_general ("new_password") and then
a_response.request.path_info.starts_with ("/account/new-password") a_response.location.starts_with ("account/new-password")
then then
get_block_view_new_password (a_block_id, a_response) get_block_view_new_password (a_block_id, a_response)
elseif elseif
a_block_id.is_case_insensitive_equal_general ("reset_password") and then a_block_id.is_case_insensitive_equal_general ("reset_password") and then
a_response.request.path_info.starts_with ("/account/reset-password") a_response.location.starts_with ("account/reset-password")
then then
get_block_view_reset_password (a_block_id, a_response) get_block_view_reset_password (a_block_id, a_response)
end end
@@ -306,8 +306,7 @@ feature -- Hooks
else else
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
r.set_status_code ({HTTP_CONSTANTS}.found) r.set_status_code ({HTTP_CONSTANTS}.found)
l_url := req.absolute_script_url ("") l_url := req.absolute_script_url ("/basic_auth_logoff")
l_url.append ("/basic_auth_logoff")
r.set_redirection (l_url) r.set_redirection (l_url)
r.execute r.execute
end end
@@ -321,7 +320,7 @@ feature -- Hooks
l_roles: LIST [CMS_USER_ROLE] l_roles: LIST [CMS_USER_ROLE]
l_exist: BOOLEAN l_exist: BOOLEAN
es: CMS_AUTHENTICATON_EMAIL_SERVICE es: CMS_AUTHENTICATON_EMAIL_SERVICE
l_link: STRING l_url: STRING
l_token: STRING l_token: STRING
do do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
@@ -359,15 +358,12 @@ feature -- Hooks
-- Create activation token -- Create activation token
l_token := new_token l_token := new_token
l_user_api.new_activation (l_token, u.id) l_user_api.new_activation (l_token, u.id)
create l_link.make_from_string (req.server_url) l_url := req.absolute_script_url ("/account/activate/" + l_token)
l_link.append ("/account/activate/")
l_link.append (l_token)
-- Send Email -- Send Email
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
write_debug_log (generator + ".handle register: send_contact_email") write_debug_log (generator + ".handle register: send_contact_email")
es.send_contact_email (l_email.value, l_link) es.send_contact_email (l_email.value, l_url)
else else
r.values.force (l_name.value, "name") r.values.force (l_name.value, "name")
@@ -401,8 +397,7 @@ feature -- Hooks
-- the token does not exist, or it was already used. -- the token does not exist, or it was already used.
r.set_status_code ({HTTP_CONSTANTS}.bad_request) r.set_status_code ({HTTP_CONSTANTS}.bad_request)
r.set_value ("Account not activated", "optional_content_type") r.set_value ("Account not activated", "optional_content_type")
r.set_main_content ("<p>The token <i>"+ l_token.value +"</i> is not valid <a href=%"/account/reactivate%">Reactivate Account</a></p>" ) r.set_main_content ("<p>The token <i>" + l_token.value +"</i> is not valid " + r.link ("Reactivate Account", "account/reactivate", Void) + "</p>")
end end
r.execute r.execute
else else
@@ -418,7 +413,7 @@ feature -- Hooks
es: CMS_AUTHENTICATON_EMAIL_SERVICE es: CMS_AUTHENTICATON_EMAIL_SERVICE
l_user_api: CMS_USER_API l_user_api: CMS_USER_API
l_token: STRING l_token: STRING
l_link: STRING l_url: STRING
do do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if req.is_post_request_method then if req.is_post_request_method then
@@ -434,14 +429,12 @@ feature -- Hooks
else else
l_token := new_token l_token := new_token
l_user_api.new_activation (l_token, l_user.id) l_user_api.new_activation (l_token, l_user.id)
create l_link.make_from_string (req.server_url) l_url := req.absolute_script_url ("/account/activate/" + l_token)
l_link.append ("/account/activate/")
l_link.append (l_token)
-- Send Email -- Send Email
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
write_debug_log (generator + ".handle register: send_contact_activation_email") write_debug_log (generator + ".handle register: send_contact_activation_email")
es.send_contact_activation_email (l_email.value, l_link) es.send_contact_activation_email (l_email.value, l_url)
end end
else else
r.values.force ("The email does not exist or !", "error_email") r.values.force ("The email does not exist or !", "error_email")
@@ -460,7 +453,7 @@ feature -- Hooks
es: CMS_AUTHENTICATON_EMAIL_SERVICE es: CMS_AUTHENTICATON_EMAIL_SERVICE
l_user_api: CMS_USER_API l_user_api: CMS_USER_API
l_token: STRING l_token: STRING
l_link: STRING l_url: STRING
do do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api) create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
if req.is_post_request_method then if req.is_post_request_method then
@@ -470,14 +463,12 @@ feature -- Hooks
-- User exist create a new token and send a new email. -- User exist create a new token and send a new email.
l_token := new_token l_token := new_token
l_user_api.new_password (l_token, l_user.id) l_user_api.new_password (l_token, l_user.id)
create l_link.make_from_string (req.server_url) l_url := req.absolute_script_url ("/account/reset-password?token=" + l_token)
l_link.append ("/account/reset-password?token=")
l_link.append (l_token)
-- Send Email -- Send Email
create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api)) create es.make (create {CMS_AUTHENTICATION_EMAIL_SERVICE_PARAMETERS}.make (api))
write_debug_log (generator + ".handle register: send_contact_password_email") write_debug_log (generator + ".handle register: send_contact_password_email")
es.send_contact_password_email (l_email.value, l_link) es.send_contact_password_email (l_email.value, l_url)
else else
r.values.force ("The email does not exist !", "error_email") r.values.force ("The email does not exist !", "error_email")
r.values.force (l_email.value, "email") r.values.force (l_email.value, "email")
@@ -499,7 +490,7 @@ feature -- Hooks
if attached {WSF_STRING} req.query_parameter ("token") as l_token then if attached {WSF_STRING} req.query_parameter ("token") as l_token then
r.values.force (l_token.value, "token") r.values.force (l_token.value, "token")
if l_user_api.user_by_password_token (l_token.value) = Void then if l_user_api.user_by_password_token (l_token.value) = Void then
r.values.force ("The token " + l_token.value + " is not valid, click <a href=%"/account/new-password%">here</a> to generate a new token.", "error_token") r.values.force ("The token " + l_token.value + " is not valid, " + r.link ("click here" , "account/new-password", Void) + " to generate a new token.", "error_token")
r.set_status_code ({HTTP_CONSTANTS}.bad_request) r.set_status_code ({HTTP_CONSTANTS}.bad_request)
end end
end end
@@ -773,9 +764,9 @@ feature -- OAuth2 Login with google.
if if
attached l_auth.user_email as l_email attached l_auth.user_email as l_email
then then
if attached {CMS_USER} l_user_api.user_by_email (l_email) as p_user then if attached l_user_api.user_by_email (l_email) as p_user then
-- User with email exist -- User with email exist
if attached {CMS_USER} a_user_oauth_api.user_oauth2_by_id (p_user.id, l_consumer.name) then if attached a_user_oauth_api.user_oauth2_by_id (p_user.id, l_consumer.name) then
-- Update oauth entry -- Update oauth entry
a_user_oauth_api.update_user_oauth2 (l_access_token.token, l_user_profile, p_user, l_consumer.name ) a_user_oauth_api.update_user_oauth2 (l_access_token.token, l_user_profile, p_user, l_consumer.name )
else else
@@ -813,9 +804,8 @@ feature -- OAuth2 Login with google.
write_debug_log (generator + ".handle register: send_contact_welcome_email") write_debug_log (generator + ".handle register: send_contact_welcome_email")
es.send_contact_welcome_email (l_email, "") es.send_contact_welcome_email (l_email, "")
end end
else
end end
r.set_redirection (req.absolute_script_url ("")) r.set_redirection (r.front_page_url)
r.execute r.execute
end end
@@ -844,8 +834,6 @@ feature {NONE} -- Token Generation
Result := l_token Result := l_token
end end
feature {NONE} -- Implementation: date and time feature {NONE} -- Implementation: date and time
http_date_format_to_date (s: READABLE_STRING_8): detachable DATE_TIME http_date_format_to_date (s: READABLE_STRING_8): detachable DATE_TIME

14
modules/auth/cms_oauth_20_api.e
View File

@@ -34,20 +34,20 @@ feature {CMS_MODULE} -- Access: User oauth storage.
feature -- Access: User Oauth20 feature -- Access: User Oauth20
user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by id `a_uid' for the consumer `a_consumer', if aby. -- Retrieve a user by id `a_uid' for the consumer `a_consumer', if any.
do do
Result := oauth_20_storage.user_oauth2_by_id (a_uid, a_consumer) Result := oauth_20_storage.user_oauth2_by_id (a_uid, a_consumer)
end end
user_oauth2_by_token (a_token: READABLE_STRING_32; a_consumer: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' for the consumer `a_consumer'. -- Retrieve a user by token `a_token' for the consumer `a_consumer'.
do do
Result := oauth_20_storage.user_oauth2_by_token (a_token, a_consumer) Result := oauth_20_storage.user_oauth2_by_token (a_token, a_consumer)
end end
user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_32 ): detachable CMS_USER user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' searching in all the registered consumers in the system. -- Retrieve user by token `a_token' searching in all the registered consumers in the system.
do do
Result := oauth_20_storage.user_oauth2_without_consumer_by_token (a_token) Result := oauth_20_storage.user_oauth2_without_consumer_by_token (a_token)
end end
@@ -75,7 +75,7 @@ feature -- Access: Consumers OAuth20
feature -- Change: User OAuth20 feature -- Change: User OAuth20
new_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_32) new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
-- Add a new user with oauth20 using the consumer `a_consumer'. -- Add a new user with oauth20 using the consumer `a_consumer'.
require require
has_id: a_user.has_id has_id: a_user.has_id
@@ -84,7 +84,7 @@ feature -- Change: User OAuth20
end end
update_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_32) update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Updaate user `a_user' with oauth2 for the consumer `a_consumer'. -- Updaate user `a_user' with oauth2 for the consumer `a_consumer'.
require require
has_id: a_user.has_id has_id: a_user.has_id

28
modules/auth/cms_oauth_20_consumer.e
View File

@@ -8,17 +8,23 @@ class
CMS_OAUTH_20_CONSUMER CMS_OAUTH_20_CONSUMER
inherit inherit
ANY ANY
redefine redefine
default_create default_create
end end
create create
default_create default_create,
make_with_id
feature {NONE} -- Initialization feature {NONE} -- Initialization
make_with_id (a_id: like id)
do
id := a_id
default_create
end
default_create default_create
do do
set_endpoint ("") set_endpoint ("")
@@ -34,29 +40,29 @@ feature {NONE} -- Initialization
feature -- Access feature -- Access
endpoint: READABLE_STRING_32 endpoint: READABLE_STRING_8
-- Url that receives the access token request. -- Url that receives the access token request.
authorize_url: READABLE_STRING_32 authorize_url: READABLE_STRING_8
-- --
extractor: READABLE_STRING_32 extractor: READABLE_STRING_8
-- text, json -- text, json
callback_name: READABLE_STRING_32 callback_name: READABLE_STRING_8
-- consumer callback name -- consumer callback name
protected_resource_url: READABLE_STRING_32 protected_resource_url: READABLE_STRING_8
-- consumer resource url -- consumer resource url
scope: READABLE_STRING_32 scope: READABLE_STRING_8
-- consumer scope -- consumer scope
api_key: READABLE_STRING_32 api_key: READABLE_STRING_8
-- consumer public key -- consumer public key
api_secret: READABLE_STRING_32 api_secret: READABLE_STRING_8
-- consumer secret. -- consumer secret.
name: READABLE_STRING_32 name: READABLE_STRING_32
@@ -65,8 +71,6 @@ feature -- Access
id: INTEGER_64 id: INTEGER_64
-- unique identifier. -- unique identifier.
feature -- Element change feature -- Element change
set_extractor (a_extractor: like extractor) set_extractor (a_extractor: like extractor)

10
modules/auth/filter/cms_oauth_20_filter.e
View File

@@ -32,27 +32,21 @@ feature -- Basic operations
execute (req: WSF_REQUEST; res: WSF_RESPONSE) execute (req: WSF_REQUEST; res: WSF_RESPONSE)
-- Execute the filter. -- Execute the filter.
local
do do
api.logger.put_debug (generator + ".execute ", Void) api.logger.put_debug (generator + ".execute ", Void)
-- if attached req.raw_header_data as l_raw_data then
-- api.logger.put_debug (generator + ".execute " + utf.escaped_utf_32_string_to_utf_8_string_8 (l_raw_data), Void)
-- end
-- A valid user -- A valid user
if if
attached {WSF_STRING} req.cookie ({CMS_AUTHENTICATION_CONSTANTS}.oauth_session) as l_roc_auth_session_token attached {WSF_STRING} req.cookie ({CMS_AUTHENTICATION_CONSTANTS}.oauth_session) as l_roc_auth_session_token
then then
if attached {CMS_USER} user_oauth_api.user_oauth2_without_consumer_by_token (l_roc_auth_session_token.value) as l_user then if attached user_oauth_api.user_oauth2_without_consumer_by_token (l_roc_auth_session_token.value) as l_user then
set_current_user (req, l_user) set_current_user (req, l_user)
execute_next (req, res)
else else
api.logger.put_error (generator + ".execute login_valid failed for: " + l_roc_auth_session_token.value , Void) api.logger.put_error (generator + ".execute login_valid failed for: " + l_roc_auth_session_token.value , Void)
execute_next (req, res)
end end
else else
api.logger.put_debug (generator + ".execute without authentication", Void) api.logger.put_debug (generator + ".execute without authentication", Void)
execute_next (req, res)
end end
execute_next (req, res)
end end
end end

12
modules/auth/persistence/cms_oauth_20_storage_i.e
View File

@@ -20,18 +20,18 @@ feature -- Error Handling
feature -- Access: Users feature -- Access: Users
user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by id `a_uid' for the consumer `a_consumer', if aby. -- Retrieve a user by id `a_uid' for the consumer `a_consumer', if aby.
deferred deferred
end end
user_oauth2_by_token (a_token: READABLE_STRING_32; a_consumer_table: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' for the consumer `a_consumer'. -- Retrieve a user by token `a_token' for the consumer `a_consumer'.
deferred deferred
end end
user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_32 ): detachable CMS_USER user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' searching in all the registered consumers in the system. -- Retrieve user by token `a_token' searching in all the registered consumers in the system.
deferred deferred
end end
@@ -53,12 +53,12 @@ feature -- Access: Consumers
feature -- Change: User Oauth2 feature -- Change: User Oauth2
new_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_32) new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Add a new user with oauth2 authentication. -- Add a new user with oauth2 authentication.
deferred deferred
end end
update_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_32 ) update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL )
-- Update user `a_user' with oauth2 authentication. -- Update user `a_user' with oauth2 authentication.
deferred deferred
end end

10
modules/auth/persistence/cms_oauth_20_storage_null.e
View File

@@ -22,17 +22,17 @@ feature -- Error handler
feature -- Access: Users feature -- Access: Users
user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-- CMS User with Oauth credential by id if any. -- CMS User with Oauth credential by id if any.
do do
end end
user_oauth2_by_token (a_token: READABLE_STRING_32; a_consumer_table: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-- -- CMS User with Oauth credential by access token `a_token' if any. -- -- CMS User with Oauth credential by access token `a_token' if any.
do do
end end
user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_32 ): detachable CMS_USER user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_GENERAL ): detachable CMS_USER
do do
end end
@@ -55,12 +55,12 @@ feature -- Access: Consumers
feature -- Change: User Oauth2 feature -- Change: User Oauth2
new_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_32) new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Add a new user with oauth2 authentication. -- Add a new user with oauth2 authentication.
do do
end end
update_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_32 ) update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL )
-- Update user `a_user' with oauth2 authentication. -- Update user `a_user' with oauth2 authentication.
do do
end end

86
modules/auth/persistence/cms_oauth_20_storage_sql.e
View File

@@ -22,8 +22,8 @@ create
feature -- Access User Outh feature -- Access User Outh
user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_32 ): detachable CMS_USER user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' searching in all the registered consumers in the system. -- Retrieve user by token `a_token' searching in all the registered consumers in the system.
local local
l_list: LIST [STRING] l_list: LIST [STRING]
do do
@@ -33,16 +33,14 @@ feature -- Access User Outh
from from
l_list.start l_list.start
until until
l_list.after or attached Result l_list.after or Result /= Void
loop loop
if attached {CMS_USER} user_oauth2_by_token (a_token, l_list.item) as l_user then Result := user_oauth2_by_token (a_token, l_list.item)
Result := l_user
end
l_list.forth l_list.forth
end end
end end
user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_id (a_uid: like {CMS_USER}.id; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
-- <Precursor> -- <Precursor>
local local
l_parameters: STRING_TABLE [detachable ANY] l_parameters: STRING_TABLE [detachable ANY]
@@ -53,7 +51,7 @@ feature -- Access User Outh
create l_parameters.make (1) create l_parameters.make (1)
l_parameters.put (a_uid, "uid") l_parameters.put (a_uid, "uid")
create l_string.make_from_string (select_user_oauth2_template_by_id) create l_string.make_from_string (select_user_oauth2_template_by_id)
l_string.replace_substring_all ("$table_name", sql_table_name (a_consumer)) l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
sql_query (l_string, l_parameters) sql_query (l_string, l_parameters)
if sql_rows_count = 1 then if sql_rows_count = 1 then
Result := fetch_user Result := fetch_user
@@ -62,7 +60,7 @@ feature -- Access User Outh
end end
end end
user_oauth2_by_token (a_token: READABLE_STRING_32; a_consumer: READABLE_STRING_32): detachable CMS_USER user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
-- <Precursor> -- <Precursor>
local local
l_parameters: STRING_TABLE [detachable ANY] l_parameters: STRING_TABLE [detachable ANY]
@@ -73,7 +71,7 @@ feature -- Access User Outh
create l_parameters.make (1) create l_parameters.make (1)
l_parameters.put (a_token, "token") l_parameters.put (a_token, "token")
create l_string.make_from_string (select_user_by_oauth2_template_token) create l_string.make_from_string (select_user_by_oauth2_template_token)
l_string.replace_substring_all ("$table_name", sql_table_name (a_consumer)) l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
sql_query (l_string, l_parameters) sql_query (l_string, l_parameters)
if sql_rows_count = 1 then if sql_rows_count = 1 then
Result := fetch_user Result := fetch_user
@@ -142,7 +140,7 @@ feature --Access: Consumers
feature -- Change: User OAuth feature -- Change: User OAuth
new_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_32) new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
-- Add a new user with oauth2 authentication. -- Add a new user with oauth2 authentication.
-- <Precursor>. -- <Precursor>.
local local
@@ -160,12 +158,12 @@ feature -- Change: User OAuth
l_parameters.put (create {DATE_TIME}.make_now_utc, "utc_date") l_parameters.put (create {DATE_TIME}.make_now_utc, "utc_date")
create l_string.make_from_string (sql_insert_oauth2_template) create l_string.make_from_string (sql_insert_oauth2_template)
l_string.replace_substring_all ("$table_name", sql_table_name (a_consumer)) l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
sql_change (l_string, l_parameters) sql_change (l_string, l_parameters)
sql_commit_transaction sql_commit_transaction
end end
update_user_oauth2 (a_token: READABLE_STRING_32; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_32 ) update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL )
-- Update user `a_user' with oauth2 authentication. -- Update user `a_user' with oauth2 authentication.
-- <Precursor> -- <Precursor>
local local
@@ -182,7 +180,7 @@ feature -- Change: User OAuth
l_parameters.put (a_user_profile, "profile") l_parameters.put (a_user_profile, "profile")
create l_string.make_from_string (sql_update_oauth2_template) create l_string.make_from_string (sql_update_oauth2_template)
l_string.replace_substring_all ("$table_name", sql_table_name (a_consumer)) l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
sql_change (l_string, l_parameters) sql_change (l_string, l_parameters)
sql_commit_transaction sql_commit_transaction
end end
@@ -192,39 +190,38 @@ feature {NONE} -- Implementation OAuth Consumer
fetch_consumer: detachable CMS_OAUTH_20_CONSUMER fetch_consumer: detachable CMS_OAUTH_20_CONSUMER
do do
if attached sql_read_integer_64 (1) as l_id then if attached sql_read_integer_64 (1) as l_id then
create Result create Result.make_with_id (l_id)
Result.set_id (l_id)
end if attached sql_read_string (2) as l_name then
if Result /= Void then
if attached sql_read_string_32 (2) as l_name then
Result.set_name (l_name) Result.set_name (l_name)
end end
if attached sql_read_string_32 (3) as l_api_secret then if attached sql_read_string (3) as l_api_secret then
Result.set_api_secret (l_api_secret) Result.set_api_secret (l_api_secret)
end end
if attached sql_read_string_32 (4) as l_api_key then if attached sql_read_string (4) as l_api_key then
Result.set_api_key (l_api_key) Result.set_api_key (l_api_key)
end end
if attached sql_read_string_32 (5) as l_scope then if attached sql_read_string (5) as l_scope then
Result.set_scope (l_scope) Result.set_scope (l_scope)
end end
if attached sql_read_string_32 (6) as l_resource_url then if attached sql_read_string (6) as l_resource_url then
Result.set_protected_resource_url (l_resource_url) Result.set_protected_resource_url (l_resource_url)
end end
if attached sql_read_string_32 (7) as l_callback_name then if attached sql_read_string (7) as l_callback_name then
Result.set_callback_name (l_callback_name) Result.set_callback_name (l_callback_name)
end end
if attached sql_read_string_32 (8) as l_extractor then if attached sql_read_string (8) as l_extractor then
Result.set_extractor (l_extractor) Result.set_extractor (l_extractor)
end end
if attached sql_read_string_32 (9) as l_authorize_url then if attached sql_read_string (9) as l_authorize_url then
Result.set_authorize_url (l_authorize_url) Result.set_authorize_url (l_authorize_url)
end end
if attached sql_read_string_32 (10) as l_endpoint then if attached sql_read_string (10) as l_endpoint then
Result.set_endpoint (l_endpoint) Result.set_endpoint (l_endpoint)
end end
end end
end end
feature {NONE} -- Implementation: User feature {NONE} -- Implementation: User
fetch_user: detachable CMS_USER fetch_user: detachable CMS_USER
@@ -232,7 +229,7 @@ feature {NONE} -- Implementation: User
l_id: INTEGER_64 l_id: INTEGER_64
l_name: detachable READABLE_STRING_32 l_name: detachable READABLE_STRING_32
do do
if attached sql_read_integer_32 (1) as i then if attached sql_read_integer_64 (1) as i then
l_id := i l_id := i
end end
if attached sql_read_string_32 (2) as s and then not s.is_whitespace then if attached sql_read_string_32 (2) as s and then not s.is_whitespace then
@@ -264,15 +261,36 @@ feature {NONE} -- Implementation: User
end end
end end
feature -- {NONE} User OAuth2 feature {NONE} -- User OAuth2
sql_table_name (a_consumer: READABLE_STRING_8): STRING_8 oauth2_sql_table_name (a_consumer: READABLE_STRING_GENERAL): STRING_8
local
i,n: INTEGER
do do
Result := Sql_table_prefix.twin create Result.make_from_string (Sql_oauth2_table_prefix)
Result.append (a_consumer) if a_consumer.is_valid_as_string_8 then
Result.append (a_consumer.to_string_8)
else
check only_ascii: False end
-- Replace non ascii char by '-'
from
i := 1
n := a_consumer.count
until
i > n
loop
if a_consumer [i].is_character_8 then
Result.append_code (a_consumer.code (i))
else
Result.append_character ('-')
end
i := i + 1
end
end
end end
Select_user_by_oauth2_template_token: STRING = "SELECT u.* FROM users as u JOIN $table_name as og ON og.uid = u.uid and og.access_token = :token;" Select_user_by_oauth2_template_token: STRING = "SELECT u.* FROM users as u JOIN $table_name as og ON og.uid = u.uid and og.access_token = :token;"
--| FIXME: replace the u.* by a list of field names, to avoid breaking `featch_user' if two fieds are swiped.
Select_user_oauth2_template_by_id: STRING = "SELECT u.* FROM users as u JOIN $table_name as og ON og.uid = u.uid and og.uid = :uid;" Select_user_oauth2_template_by_id: STRING = "SELECT u.* FROM users as u JOIN $table_name as og ON og.uid = u.uid and og.uid = :uid;"
@@ -282,9 +300,9 @@ feature -- {NONE} User OAuth2
Sql_oauth_consumers: STRING = "SELECT name FROM oauth2_consumers"; Sql_oauth_consumers: STRING = "SELECT name FROM oauth2_consumers";
Sql_table_prefix: STRING = "oauth2_" Sql_oauth2_table_prefix: STRING = "oauth2_"
feature -- {NONE} Consumer feature {NONE} -- Consumer
Sql_oauth_consumer_callback: STRING = "SELECT * FROM oauth2_consumers where callback_name =:name;" Sql_oauth_consumer_callback: STRING = "SELECT * FROM oauth2_consumers where callback_name =:name;"