backup/ROC
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed link for Oauth sign with.

Browse Source 
Added administration pages for OAuth20 module.
This commit is contained in:
Jocelyn Fiat
2017-06-08 22:16:12 +02:00
parent b814c91e91
commit 359344c9dd
16 changed files with 277 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
modules/oauth20/cms_oauth_20_api.e
View File

@@ -83,13 +83,13 @@ feature -- Access: Consumers OAuth20
Result := oauth_20_storage.oauth2_consumers
end
oauth_consumer_by_name (a_name: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by name `a_name', if any.
do
Result := oauth_20_storage.oauth_consumer_by_name (a_name)
end
oauth_consumer_by_callback (a_callback: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_callback (a_callback: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by callback `a_callback', if any.
do
Result := oauth_20_storage.oauth_consumer_by_callback (a_callback)
@@ -97,7 +97,12 @@ feature -- Access: Consumers OAuth20
feature -- Change: User OAuth20
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
save_oauth_consumer (a_cons: CMS_OAUTH_20_CONSUMER)
do
oauth_20_storage.save_oauth_consumer (a_cons)
end
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
-- Add a new user with oauth20 using the consumer `a_consumer'.
require
has_id: a_user.has_id
@@ -105,8 +110,7 @@ feature -- Change: User OAuth20
oauth_20_storage.new_user_oauth2 (a_token, a_user_profile, a_user, a_consumer)
end
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Update user `a_user' with oauth2 for the consumer `a_consumer'.
require
has_id: a_user.has_id
@@ -114,7 +118,6 @@ feature -- Change: User OAuth20
oauth_20_storage.update_user_oauth2 (a_token, a_user_profile, a_user, a_consumer_table)
end
remove_user_oauth2 (a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Remove user `a_user' with oauth2 for the consumer `a_consumer'.
require

13
modules/oauth20/cms_oauth_20_consumer.e
View File

@@ -38,8 +38,18 @@ feature {NONE} -- Initialization
set_name ("")
end
feature -- Status report
has_id: BOOLEAN
do
Result := id > 0
end
feature -- Access
id: INTEGER_64
-- unique identifier.
endpoint: READABLE_STRING_8
-- Url that receives the access token request.
@@ -68,9 +78,6 @@ feature -- Access
name: READABLE_STRING_32
-- consumer name.
id: INTEGER_64
-- unique identifier.
feature -- Element change
set_extractor (a_extractor: like extractor)

20
modules/oauth20/cms_oauth_20_module.e
View File

@@ -21,6 +21,8 @@ inherit
oauth20_api
end
CMS_ADMINISTRABLE
CMS_HOOK_BLOCK
SHARED_EXECUTION_ENVIRONMENT
@@ -50,6 +52,13 @@ feature -- Access
name: STRING = "oauth20"
feature {CMS_EXECUTION} -- Administration
administration: CMS_OAUTH_20_MODULE_ADMINISTRATION
do
create Result.make (Current)
end
feature {CMS_API} -- Module Initialization
initialize (a_api: CMS_API)
@@ -130,7 +139,7 @@ feature {CMS_API} -- Module management
end
end
feature {CMS_API} -- Access: API
feature {CMS_API, CMS_MODULE_ADMINISTRATION} -- Access: API
oauth20_api: detachable CMS_OAUTH_20_API
-- <Precursor>
@@ -280,7 +289,7 @@ feature -- Hooks
attached {WSF_STRING} req.cookie (a_oauth20_api.session_token) as l_cookie_token
then
-- Logout OAuth
create l_cookie.make (a_oauth20_api.session_token, l_cookie_token.value)
create l_cookie.make (a_oauth20_api.session_token, l_cookie_token.url_encoded_value)
l_cookie.set_path ("/")
l_cookie.set_max_age (-1)
res.add_cookie (l_cookie)
@@ -386,7 +395,8 @@ feature -- OAuth2 Login with Provider
l_cookie: WSF_COOKIE
es: CMS_AUTHENTICATION_EMAIL_SERVICE
do
if attached {WSF_STRING} req.path_parameter (oauth_callback_path_parameter) as l_callback and then
if
attached {WSF_STRING} req.path_parameter (oauth_callback_path_parameter) as l_callback and then
attached {CMS_OAUTH_20_CONSUMER} a_oauth_api.oauth_consumer_by_callback (l_callback.value) as l_consumer and then
attached {WSF_STRING} req.query_parameter (oauth_code_query_parameter) as l_code
then
@@ -411,7 +421,7 @@ feature -- OAuth2 Login with Provider
a_oauth_api.update_user_oauth2 (l_access_token.token, l_user_profile, p_user, l_consumer.name )
else
-- create a oauth entry
a_oauth_api.new_user_oauth2 (l_access_token.token, l_user_profile, p_user, l_consumer.name )
a_oauth_api.new_user_oauth2 (l_access_token.token, l_user_profile.to_string_32, p_user, l_consumer.name )
end
create l_cookie.make (a_oauth_api.session_token, l_access_token.token)
l_cookie.set_max_age (l_access_token.expires_in)
@@ -468,7 +478,7 @@ feature -- OAuth2 Login with Provider
attached {WSF_STRING} req.form_parameter ("email") as l_email and then
attached r.user as l_user
then
l_user.set_email (l_email.value)
l_user.set_email (api.utf_8_encoded (l_email.value))
a_oauth_api.new_user_oauth2 ("none", "none", l_user, l_consumer.value )
-- TODO send email?
end

178
modules/oauth20/cms_oauth_20_module_administration.e Normal file
View File

@@ -0,0 +1,178 @@
note
description: "Summary description for {CMS_OAUTH_20_MODULE_ADMINISTRATION}."
author: ""
date: "$Date$"
revision: "$Revision$"
class
CMS_OAUTH_20_MODULE_ADMINISTRATION
inherit
CMS_MODULE_ADMINISTRATION [CMS_OAUTH_20_MODULE]
redefine
setup_hooks,
permissions
end
CMS_HOOK_MENU_SYSTEM_ALTER
create
make
feature -- Access
permissions: LIST [READABLE_STRING_8]
-- List of permission ids, used by this module, and declared.
do
Result := Precursor
end
feature {NONE} -- Router/administration
setup_administration_router (a_router: WSF_ROUTER; a_api: CMS_API)
do
a_router.handle ("/oauth20/", create {WSF_URI_AGENT_HANDLER}.make (agent handle_admin_consumers (a_api, ?, ?)), a_router.methods_head_get_post)
a_router.handle ("/oauth20/{consumer}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_admin_consumer (a_api, ?, ?)), a_router.methods_head_get_post)
end
feature -- Handle
handle_admin_consumers (a_api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
s: STRING
do
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_api)
create s.make_empty
s.append ("<h1>Consumers</h1>")
if attached module.oauth20_api as l_oauth20_api then
s.append ("<ul>")
across
l_oauth20_api.oauth2_consumers as ic
loop
s.append ("<li>")
s.append ("<a href=%"" + a_api.url (a_api.administration_path ("oauth20/" + ic.item), Void) + "%">")
s.append (ic.item)
s.append ("</a>")
s.append ("</li>")
end
s.append ("</ul>")
end
r.set_main_content (s)
r.execute
end
handle_admin_consumer (a_api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
s: STRING
f: CMS_FORM
fset: WSF_FORM_FIELD_SET
tf: WSF_FORM_TEXT_INPUT
l_is_protect_predefined_fields: BOOLEAN
do
if attached {WSF_STRING} req.path_parameter ("consumer") as p_consumer then
if
attached module.oauth20_api as l_oauth20_api and then
attached l_oauth20_api.oauth_consumer_by_name (p_consumer.value) as cons
then
l_is_protect_predefined_fields := cons.has_id
create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, a_api)
r.add_to_primary_tabs (a_api.administration_link ("Consumers", "oauth20/"))
create s.make_empty
s.append ("<h1>Consumer %"" + a_api.html_encoded (cons.name) + "%"</h1>")
create f.make (req.percent_encoded_path_info, "consumer")
f.set_method_post
create tf.make_with_text ("name", cons.name)
tf.set_label ("Name"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
f.extend (tf)
create fset.make
fset.set_legend ("Enter expected data")
f.extend (fset)
create tf.make_with_text ("api_key", cons.api_key)
tf.set_label ("API key"); tf.set_size (70)
fset.extend (tf)
create tf.make_with_text ("api_secret", cons.api_secret)
tf.set_label ("API secret")
fset.extend (tf); tf.set_size (70)
fset.extend (create {WSF_FORM_SUBMIT_INPUT}.make_with_text ("op", "Submit"))
create fset.make
fset.set_legend ("Predefine settings (change with care)")
f.extend (fset)
create tf.make_with_text ("authorize_url", cons.authorize_url)
tf.set_label ("Authorize URL"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
fset.extend (tf)
create tf.make_with_text ("callback_name", cons.callback_name)
tf.set_label ("Callback Name"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
fset.extend (tf)
create tf.make_with_text ("endpoint", cons.endpoint)
tf.set_label ("Endpoint"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
fset.extend (tf)
create tf.make_with_text ("extractor", cons.extractor)
tf.set_label ("Extractor"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
fset.extend (tf)
create tf.make_with_text ("protected_resource_url", cons.protected_resource_url)
tf.set_label ("Protected Resource URL"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
fset.extend (tf)
create tf.make_with_text ("scope", cons.scope)
tf.set_label ("Scope"); tf.set_is_readonly (l_is_protect_predefined_fields); tf.set_size (70)
fset.extend (tf)
if req.is_get_head_request_method then
f.append_to_html (r.wsf_theme, s)
else
f.submit_actions.extend (agent (fd: WSF_FORM_DATA; i_cons: CMS_OAUTH_20_CONSUMER; i_oauth20_api: CMS_OAUTH_20_API; l_output: STRING)
do
if
attached fd.string_item ("api_key") as l_api_key and then
attached fd.string_item ("api_secret") as l_api_secret
then
i_cons.set_api_key (l_api_key)
i_cons.set_api_secret (l_api_secret)
i_oauth20_api.save_oauth_consumer (i_cons)
l_output.append ("<p>Consumer saved...</p>")
end
end(?, cons, l_oauth20_api, s)
);
f.process (r)
f.append_to_html (r.wsf_theme, s)
end
r.set_main_content (s)
else
create {NOT_FOUND_ERROR_CMS_RESPONSE} r.make (req, res, a_api)
end
else
create {BAD_REQUEST_ERROR_CMS_RESPONSE} r.make (req, res, a_api)
end
r.execute
end
feature -- Hook
setup_hooks (a_hooks: CMS_HOOK_CORE_MANAGER)
-- Module hooks configuration.
do
a_hooks.subscribe_to_menu_system_alter_hook (Current)
end
menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE)
-- Hook execution on collection of menu contained by `a_menu_system'
-- for related response `a_response'.
do
if a_response.is_authenticated then
a_menu_system.navigation_menu.extend (create {CMS_LOCAL_LINK}.make ("OAuth20", a_response.api.administration_path_location ("oauth20/")))
-- if a_response.has_permission (permission__manage_feed_aggregator) then
-- a_menu_system.management_menu.extend_into (a_response.api.administration_link ("Feeds (admin)", "feed_aggregator/"), "Admin", "admin")
-- end
end
end
end

13
modules/oauth20/cms_oauth_20_workflow.e
View File

@@ -38,15 +38,14 @@ feature {NONE} -- Initialization
feature -- Access
authorization_url: detachable READABLE_STRING_32
authorization_url: detachable READABLE_STRING_8
-- Obtain the Authorization URL.
do
-- Obtain the Authorization URL
write_debug_log (generator + ".authorization_url Fetching the Authorization URL..!")
if attached api_service.authorization_url (empty_token) as l_authorization_url then
write_debug_log (generator + ".authorization_url: Got the Authorization URL!")
write_debug_log (generator + ".authorization_url:" + l_authorization_url)
Result := l_authorization_url.as_string_32
Result := l_authorization_url
end
end
@@ -77,8 +76,8 @@ feature -- Access
end
end
user_email: detachable READABLE_STRING_32
-- Retrieve user email if any.
user_email: detachable READABLE_STRING_8
-- User email if any.
local
l_json: JSON_CONFIG
do
@@ -91,7 +90,7 @@ feature -- Access
then
Result := l_email.item
elseif attached {JSON_STRING} l_json.item ("email") as l_email then
Result := l_email.unescaped_string_32
Result := l_email.unescaped_string_8
end
end
end
@@ -101,7 +100,7 @@ feature -- Access
access_token: detachable OAUTH_TOKEN
-- JSON representing the access token.
user_profile: detachable READABLE_STRING_32
user_profile: detachable READABLE_STRING_8
-- JSON representing the user profiles.
feature {NONE} -- Implementation

1
modules/oauth20/oauth20-safe.ecf
View File

@@ -25,6 +25,7 @@
<library name="json" location="$ISE_LIBRARY\contrib\library\text\parser\json\library\json-safe.ecf" readonly="false"/>
<library name="time" location="$ISE_LIBRARY\library\time\time-safe.ecf"/>
<library name="wsf" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf\wsf-safe.ecf"/>
<library name="wsf_html" location="$ISE_LIBRARY\contrib\library\web\framework\ewf\wsf_html\wsf_html-safe.ecf"/>
<cluster name="src" location=".\" recursive="true"/>
</target>
</system>

13
modules/oauth20/persistence/cms_oauth_20_storage_i.e
View File

@@ -46,24 +46,29 @@ feature -- Access: Consumers
deferred
end
oauth_consumer_by_name (a_name: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by name `a_name', if any.
deferred
end
oauth_consumer_by_callback (a_callback: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_callback (a_callback: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by callback `a_callback', if any.
deferred
end
feature -- Change: User Oauth2
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
save_oauth_consumer (a_cons: CMS_OAUTH_20_CONSUMER)
-- Save consumer `a_cons`.
deferred
end
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Add a new user with oauth2 authentication.
deferred
end
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL )
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL )
-- Update user `a_user' with oauth2 authentication.
deferred
end

14
modules/oauth20/persistence/cms_oauth_20_storage_null.e
View File

@@ -37,7 +37,7 @@ feature -- Access: Users
do
end
user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_GENERAL ): detachable CMS_USER
user_oauth2_without_consumer_by_token (a_token: READABLE_STRING_GENERAL): detachable CMS_USER
do
end
@@ -48,24 +48,28 @@ feature -- Access: Consumers
create {ARRAYED_LIST [STRING]} Result.make (0)
end
oauth_consumer_by_name (a_name: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by name `a_name', if any.
do
end
oauth_consumer_by_callback (a_callback: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_callback (a_callback: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by callback `a_callback', if any.
do
end
feature -- Change: User Oauth2
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
save_oauth_consumer (a_cons: CMS_OAUTH_20_CONSUMER)
do
end
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
-- Add a new user with oauth2 authentication.
do
end
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL )
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL )
-- Update user `a_user' with oauth2 authentication.
do
end

41
modules/oauth20/persistence/cms_oauth_20_storage_sql.e
View File

@@ -148,7 +148,7 @@ feature --Access: Consumers
sql_finalize
end
oauth_consumer_by_name (a_name: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_name (a_name: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by name `a_name', if any.
local
l_parameters: STRING_TABLE [detachable ANY]
@@ -169,7 +169,7 @@ feature --Access: Consumers
sql_finalize
end
oauth_consumer_by_callback (a_callback: READABLE_STRING_8): detachable CMS_OAUTH_20_CONSUMER
oauth_consumer_by_callback (a_callback: READABLE_STRING_GENERAL): detachable CMS_OAUTH_20_CONSUMER
-- Retrieve a consumer by callback `a_callback', if any.
local
l_parameters: STRING_TABLE [detachable ANY]
@@ -192,7 +192,37 @@ feature --Access: Consumers
feature -- Change: User OAuth
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
save_oauth_consumer (a_cons: CMS_OAUTH_20_CONSUMER)
-- Save consumer `a_cons`.
local
l_parameters: STRING_TABLE [detachable ANY]
do
error_handler.reset
if a_cons.has_id then
create l_parameters.make (10)
l_parameters.put (a_cons.id, "cid")
else
create l_parameters.make (9)
end
l_parameters.put (a_cons.name, "name")
l_parameters.put (a_cons.api_secret, "api_secret")
l_parameters.put (a_cons.api_key, "api_key")
l_parameters.put (a_cons.scope, "scope")
l_parameters.put (a_cons.protected_resource_url, "protected_resource_url")
l_parameters.put (a_cons.callback_name, "callback_name")
l_parameters.put (a_cons.extractor, "extractor")
l_parameters.put (a_cons.authorize_url, "authorize_url")
l_parameters.put (a_cons.endpoint, "endpoint")
if a_cons.has_id then
sql_modify (sql_update_oauth2_consumers, l_parameters)
else
sql_insert (sql_insert_oauth2_consumers, l_parameters)
end
sql_finalize
end
new_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_GENERAL; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
-- Add a new user with oauth2 authentication.
-- <Precursor>.
local
@@ -210,7 +240,6 @@ feature -- Change: User OAuth
l_parameters.put (create {DATE_TIME}.make_now_utc, "utc_date")
l_parameters.put (a_user.email, "email")
create l_string.make_from_string (sql_insert_oauth2_template)
l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
sql_insert (l_string, l_parameters)
@@ -356,4 +385,8 @@ feature {NONE} -- Consumer
Sql_oauth_consumer_name: STRING = "SELECT * FROM oauth2_consumers where name =:name;"
sql_insert_oauth2_consumers: STRING = "INSERT INTO oauth2_consumers (name, api_secret, api_key, scope, protected_resource_url, callback_name, extractor, authorize_url, endpoint) VALUES (:name, :api_secret, :api_key, :scope, :protected_resource_url, :callback_name, :extractor, :authorize_url, :endpoint);"
sql_update_oauth2_consumers: STRING = "UPDATE oauth2_consumers SET name = :name, api_secret = :api_secret, api_key = :api_key, scope = :scope, protected_resource_url = :protected_resource_url, callback_name = :callback_name, extractor = :extractor, authorize_url = :authorize_url, endpoint = :endpoint WHERE cid = :cid;"
end

2
modules/oauth20/site/templates/block_login.tpl
View File

@@ -1,7 +1,7 @@
<div class="primary-tabs">
<div>
{foreach item="item" from="$oauth_consumers"}
<a href="{$site_url/}account/login-with-oauth/{$item/}">Login with {$item/}</a><br>
<a href="{$site_url/}account/auth/login-with-oauth/{$item/}">Login with {$item/}</a><br>
{/foreach}
</div>
</div>