diff --git a/examples/demo/site/modules/oauth20/scripts/oauth2_table.sql.tpl b/examples/demo/site/modules/oauth20/scripts/oauth2_table.sql.tpl
index 3471b1f..925a606 100644
--- a/examples/demo/site/modules/oauth20/scripts/oauth2_table.sql.tpl
+++ b/examples/demo/site/modules/oauth20/scripts/oauth2_table.sql.tpl
@@ -4,7 +4,10 @@ CREATE TABLE $table_name (
`access_token` TEXT NOT NULL,
`created` DATETIME NOT NULL,
`details` TEXT NOT NULL,
+ `email` TEXT NOT NULL,
CONSTRAINT `uid`
- UNIQUE(`uid`)
+ UNIQUE(`uid`),
+ CONSTRAINT `email`
+ UNIQUE(`email`)
);
diff --git a/modules/auth/cms_authentication_module.e b/modules/auth/cms_authentication_module.e
index edeb3ff..516fa19 100644
--- a/modules/auth/cms_authentication_module.e
+++ b/modules/auth/cms_authentication_module.e
@@ -104,7 +104,6 @@ feature -- Hooks configuration
do
end
-
menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE)
-- Hook execution on collection of menu contained by `a_menu_system'
-- for related response `a_response'.
@@ -145,8 +144,6 @@ feature -- Handler
r.execute
end
-
-
handle_login (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
@@ -172,8 +169,6 @@ feature -- Handler
r.execute
end
-
-
handle_register (api: CMS_API; req: WSF_REQUEST; res: WSF_RESPONSE)
local
r: CMS_RESPONSE
@@ -490,7 +485,6 @@ feature -- Handler
end
end
-
feature {NONE} -- Token Generation
new_token: STRING
diff --git a/modules/auth/site/templates/block_account_info.tpl b/modules/auth/site/templates/block_account_info.tpl
index 289ce5c..763d51c 100644
--- a/modules/auth/site/templates/block_account_info.tpl
+++ b/modules/auth/site/templates/block_account_info.tpl
@@ -24,6 +24,39 @@
diff --git a/modules/oauth20/cms_oauth_20_api.e b/modules/oauth20/cms_oauth_20_api.e
index 22de8a4..8952e2e 100644
--- a/modules/oauth20/cms_oauth_20_api.e
+++ b/modules/oauth20/cms_oauth_20_api.e
@@ -40,6 +40,12 @@ feature -- Access: User Oauth20
Result := oauth_20_storage.user_oauth2_by_id (a_uid, a_consumer)
end
+ user_oauth2_by_email (a_email: like {CMS_USER}.email; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
+ -- Retrieve a user by email `a_email' for the consumer `a_consumer', if any.
+ do
+ Result := oauth_20_storage.user_oauth2_by_email (a_email, a_consumer)
+ end
+
user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' for the consumer `a_consumer'.
do
@@ -85,11 +91,22 @@ feature -- Change: User OAuth20
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
- -- Updaate user `a_user' with oauth2 for the consumer `a_consumer'.
+ -- Update user `a_user' with oauth2 for the consumer `a_consumer'.
require
has_id: a_user.has_id
do
oauth_20_storage.update_user_oauth2 (a_token, a_user_profile, a_user, a_consumer_table)
end
+
+ remove_user_oauth2 (a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
+ -- Remove user `a_user' with oauth2 for the consumer `a_consumer'.
+ require
+ has_id: a_user.has_id
+ do
+ oauth_20_storage.remove_user_oauth2 (a_user, a_consumer_table)
+ end
+
+
+
end
diff --git a/modules/oauth20/cms_oauth_20_module.e b/modules/oauth20/cms_oauth_20_module.e
index 9f7b97a..579994c 100644
--- a/modules/oauth20/cms_oauth_20_module.e
+++ b/modules/oauth20/cms_oauth_20_module.e
@@ -182,6 +182,8 @@ feature -- Router
a_router.handle ("/account/roc-oauth-logout", create {WSF_URI_AGENT_HANDLER}.make (agent handle_logout (a_api, ?, ?)), a_router.methods_get_post)
a_router.handle ("/account/login-with-oauth/{callback}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_login_with_oauth (a_api,a_user_oauth_api, ?, ?)), a_router.methods_get_post)
a_router.handle ("/account/oauth-callback/{callback}", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_callback_oauth (a_api, a_user_oauth_api, ?, ?)), a_router.methods_get_post)
+ a_router.handle ("/account/oauth-associate", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_associate (a_api, a_user_oauth_api, ?, ?)), a_router.methods_post)
+ a_router.handle ("/account/oauth-un-associate", create {WSF_URI_TEMPLATE_AGENT_HANDLER}.make (agent handle_un_associate (a_api, a_user_oauth_api, ?, ?)), a_router.methods_post)
end
feature -- Hooks configuration
@@ -205,6 +207,10 @@ feature -- Hooks
then
a_value.force ("account/roc-oauth-logout", "auth_login_strategy")
end
+
+ if attached a_response.current_user (a_response.request) as u then
+ associate_account (u, a_value)
+ end
end
menu_system_alter (a_menu_system: CMS_MENU_SYSTEM; a_response: CMS_RESPONSE)
@@ -298,6 +304,28 @@ feature -- Hooks
end
end
+feature {NONE} -- Associate
+
+ associate_account (a_user: CMS_USER; a_value: CMS_VALUE_TABLE)
+ local
+ l_associated: LIST [STRING]
+ l_not_associated: LIST [STRING]
+ do
+ if attached user_oauth_api as l_oauth_api then
+ create {ARRAYED_LIST [STRING]}l_associated.make (1)
+ create {ARRAYED_LIST [STRING]}l_not_associated.make (1)
+ across l_oauth_api.oauth2_consumers as ic loop
+ if attached l_oauth_api.user_oauth2_by_id (a_user.id, ic.item) then
+ l_associated.force (ic.item)
+ else
+ l_not_associated.force (ic.item)
+ end
+ end
+ a_value.force (l_associated, "oauth_associated")
+ a_value.force (l_not_associated, "oauth_not_associated")
+ end
+ end
+
feature {NONE} -- Helpers
template_block (a_block_id: READABLE_STRING_8; a_response: CMS_RESPONSE): detachable CMS_SMARTY_TEMPLATE_BLOCK
@@ -406,7 +434,7 @@ feature -- OAuth2 Login with Provider
then
if attached l_user_api.user_by_email (l_email) as p_user then
-- User with email exist
- if attached a_user_oauth_api.user_oauth2_by_id (p_user.id, l_consumer.name) then
+ if attached a_user_oauth_api.user_oauth2_by_id (p_user.id, l_consumer.name) then
-- Update oauth entry
a_user_oauth_api.update_user_oauth2 (l_access_token.token, l_user_profile, p_user, l_consumer.name )
else
@@ -417,8 +445,13 @@ feature -- OAuth2 Login with Provider
l_cookie.set_max_age (l_access_token.expires_in)
l_cookie.set_path ("/")
res.add_cookie (l_cookie)
+ elseif attached a_user_oauth_api.user_oauth2_by_email (l_email, l_consumer.name) as p_user then
+ a_user_oauth_api.update_user_oauth2 (l_access_token.token, l_user_profile, p_user, l_consumer.name )
+ create l_cookie.make ({CMS_OAUTH_20_CONSTANTS}.oauth_session, l_access_token.token)
+ l_cookie.set_max_age (l_access_token.expires_in)
+ l_cookie.set_path ("/")
+ res.add_cookie (l_cookie)
else
-
create {ARRAYED_LIST [CMS_USER_ROLE]} l_roles.make (1)
l_roles.force (l_user_api.authenticated_user_role)
@@ -453,6 +486,47 @@ feature -- OAuth2 Login with Provider
end
+ handle_associate (api: CMS_API; a_oauth_api: CMS_OAUTH_20_API; req: WSF_REQUEST; res: WSF_RESPONSE)
+ local
+ r: CMS_RESPONSE
+ do
+ create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+ if req.is_post_request_method then
+ if
+ attached {WSF_STRING} req.form_parameter ("consumer") as l_consumer and then
+ attached {WSF_STRING} req.form_parameter ("email") as l_email and then
+ attached current_user (req) as l_user
+ then
+ l_user.set_email (l_email.value)
+ a_oauth_api.new_user_oauth2 ("none", "none", l_user, l_consumer.value )
+ -- TODO send email?
+ end
+ end
+ r.set_redirection (req.absolute_script_url ("/account"))
+ r.execute
+ end
+
+
+ handle_un_associate (api: CMS_API; a_oauth_api: CMS_OAUTH_20_API; req: WSF_REQUEST; res: WSF_RESPONSE)
+ local
+ r: CMS_RESPONSE
+ do
+ create {GENERIC_VIEW_CMS_RESPONSE} r.make (req, res, api)
+ if req.is_post_request_method then
+ if
+ attached {WSF_STRING} req.form_parameter ("consumer") as l_consumer and then
+ attached current_user (req) as l_user
+ then
+ a_oauth_api.remove_user_oauth2 (l_user, l_consumer.value)
+ -- TODO send email?
+ end
+ end
+ r.set_redirection (req.absolute_script_url ("/account"))
+ r.execute
+ end
+
+
+
feature {NONE} -- Token Generation
new_token: STRING
diff --git a/modules/oauth20/persistence/cms_oauth_20_storage_i.e b/modules/oauth20/persistence/cms_oauth_20_storage_i.e
index d3a65cb..d9fcf5e 100644
--- a/modules/oauth20/persistence/cms_oauth_20_storage_i.e
+++ b/modules/oauth20/persistence/cms_oauth_20_storage_i.e
@@ -25,6 +25,11 @@ feature -- Access: Users
deferred
end
+ user_oauth2_by_email (a_email: like {CMS_USER}.email; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
+ -- Retrieve a user by email `a_email' for the consumer `a_consumer', if any.
+ deferred
+ end
+
user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-- Retrieve a user by token `a_token' for the consumer `a_consumer'.
deferred
@@ -63,4 +68,11 @@ feature -- Change: User Oauth2
deferred
end
+ remove_user_oauth2 (a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
+ -- Remove user `a_user' with oauth2 for the consumer `a_consumer'.
+ require
+ has_id: a_user.has_id
+ deferred
+ end
+
end
diff --git a/modules/oauth20/persistence/cms_oauth_20_storage_null.e b/modules/oauth20/persistence/cms_oauth_20_storage_null.e
index 675b9be..8ddef02 100644
--- a/modules/oauth20/persistence/cms_oauth_20_storage_null.e
+++ b/modules/oauth20/persistence/cms_oauth_20_storage_null.e
@@ -27,6 +27,11 @@ feature -- Access: Users
do
end
+ user_oauth2_by_email (a_email: like {CMS_USER}.email; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
+ --
+ do
+ end
+
user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer_table: READABLE_STRING_GENERAL): detachable CMS_USER
-- -- CMS User with Oauth credential by access token `a_token' if any.
do
@@ -65,5 +70,11 @@ feature -- Change: User Oauth2
do
end
+ remove_user_oauth2 (a_user: CMS_USER; a_consumer_table: READABLE_STRING_GENERAL)
+ -- Remove user `a_user' with oauth2 for the consumer `a_consumer'.
+ do
+ end
+
+
end
diff --git a/modules/oauth20/persistence/cms_oauth_20_storage_sql.e b/modules/oauth20/persistence/cms_oauth_20_storage_sql.e
index deba68b..24f1273 100644
--- a/modules/oauth20/persistence/cms_oauth_20_storage_sql.e
+++ b/modules/oauth20/persistence/cms_oauth_20_storage_sql.e
@@ -60,6 +60,26 @@ feature -- Access User Outh
end
end
+ user_oauth2_by_email (a_email: like {CMS_USER}.email; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
+ --
+ local
+ l_parameters: STRING_TABLE [detachable ANY]
+ l_string: STRING
+ do
+ error_handler.reset
+ write_information_log (generator + ".user_oauth2_by_email")
+ create l_parameters.make (1)
+ l_parameters.put (a_email, "email")
+ create l_string.make_from_string (select_user_oauth2_template_by_email)
+ l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
+ sql_query (l_string, l_parameters)
+ if sql_rows_count = 1 then
+ Result := fetch_user
+ else
+ check no_more_than_one: sql_rows_count = 0 end
+ end
+ end
+
user_oauth2_by_token (a_token: READABLE_STRING_GENERAL; a_consumer: READABLE_STRING_GENERAL): detachable CMS_USER
--
local
@@ -156,6 +176,8 @@ feature -- Change: User OAuth
l_parameters.put (a_token, "token")
l_parameters.put (a_user_profile, "profile")
l_parameters.put (create {DATE_TIME}.make_now_utc, "utc_date")
+ l_parameters.put (a_user.email, "email")
+
create l_string.make_from_string (sql_insert_oauth2_template)
l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
@@ -164,7 +186,6 @@ feature -- Change: User OAuth
end
update_user_oauth2 (a_token: READABLE_STRING_GENERAL; a_user_profile: READABLE_STRING_32; a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL )
- -- Update user `a_user' with oauth2 authentication.
--
local
l_parameters: STRING_TABLE [detachable ANY]
@@ -185,6 +206,25 @@ feature -- Change: User OAuth
sql_commit_transaction
end
+ remove_user_oauth2 (a_user: CMS_USER; a_consumer: READABLE_STRING_GENERAL)
+ --
+ local
+ l_parameters: STRING_TABLE [detachable ANY]
+ l_string: STRING
+ do
+ error_handler.reset
+ sql_begin_transaction
+
+ write_information_log (generator + ".remove_user_oauth2")
+ create l_parameters.make (1)
+ l_parameters.put (a_user.id, "uid")
+
+ create l_string.make_from_string (sql_remove_oauth2_template)
+ l_string.replace_substring_all ("$table_name", oauth2_sql_table_name (a_consumer))
+ sql_change (l_string, l_parameters)
+ sql_commit_transaction
+ end
+
feature {NONE} -- Implementation OAuth Consumer
fetch_consumer: detachable CMS_OAUTH_20_CONSUMER
@@ -294,10 +334,14 @@ feature {NONE} -- User OAuth2
Select_user_oauth2_template_by_id: STRING = "SELECT u.* FROM users as u JOIN $table_name as og ON og.uid = u.uid and og.uid = :uid;"
- Sql_insert_oauth2_template: STRING = "INSERT INTO $table_name (uid, access_token, details, created) VALUES (:uid, :token, :profile, :utc_date);"
+ Select_user_oauth2_template_by_email: STRING = "SELECT u.* FROM users as u JOIN $table_name as og ON og.uid = u.uid and og.email = :email;"
+
+ Sql_insert_oauth2_template: STRING = "INSERT INTO $table_name (uid, access_token, details, created, email) VALUES (:uid, :token, :profile, :utc_date, :email);"
Sql_update_oauth2_template: STRING = "UPDATE $table_name SET access_token = :token, details = :profile WHERE uid =:uid;"
+ Sql_remove_oauth2_template: STRING = "DELETE FROM $table_name WHERE uid =:uid;"
+
Sql_oauth_consumers: STRING = "SELECT name FROM oauth2_consumers";
Sql_oauth2_table_prefix: STRING = "oauth2_"
diff --git a/modules/oauth20/site/scripts/oauth2_table.sql.tpl b/modules/oauth20/site/scripts/oauth2_table.sql.tpl
index 3471b1f..925a606 100644
--- a/modules/oauth20/site/scripts/oauth2_table.sql.tpl
+++ b/modules/oauth20/site/scripts/oauth2_table.sql.tpl
@@ -4,7 +4,10 @@ CREATE TABLE $table_name (
`access_token` TEXT NOT NULL,
`created` DATETIME NOT NULL,
`details` TEXT NOT NULL,
+ `email` TEXT NOT NULL,
CONSTRAINT `uid`
- UNIQUE(`uid`)
+ UNIQUE(`uid`),
+ CONSTRAINT `email`
+ UNIQUE(`email`)
);