From e1bd276b1d7a80ce5679180ec9de884e731c1d3d Mon Sep 17 00:00:00 2001
From: "michael.breu" <michael.breu@uibk.ac.at>
Date: Fri, 22 Jan 2021 12:02:19 +0100
Subject: [PATCH] =?UTF-8?q?Intermediate=20commit:=20Durchf=C3=BChrung=20mi?=
=?UTF-8?q?t=20Cookies?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
package-lock.json | 146 ++++++++++++++----
package.json | 2 +-
.../config/SecurityConfiguration.java | 117 +-------------
...nticationSuccessHandlerWithJWTSupport.java | 142 +++++++++++++++++
.../webapp/app/layouts/main/main.component.ts | 30 ++--
5 files changed, 268 insertions(+), 169 deletions(-)
create mode 100644 src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java
diff --git a/package-lock.json b/package-lock.json
index e5d603c1a..8c4a7e94e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -5599,14 +5599,13 @@
"dev": true
},
"css-selector-tokenizer": {
- "version": "0.7.2",
- "resolved": "https://registry.npmjs.org/css-selector-tokenizer/-/css-selector-tokenizer-0.7.2.tgz",
- "integrity": "sha512-yj856NGuAymN6r8bn8/Jl46pR+OC3eEvAhfGYDUe7YPtTPAYrSSw4oAniZ9Y8T5B92hjhwTBLUen0/vKPxf6pw==",
+ "version": "0.7.3",
+ "resolved": "https://registry.npmjs.org/css-selector-tokenizer/-/css-selector-tokenizer-0.7.3.tgz",
+ "integrity": "sha512-jWQv3oCEL5kMErj4wRnK/OPoBi0D+P1FR2cDCKYPaMeD2eW3/mttav8HT4hT1CKopiJI/psEULjkClhvJo4Lvg==",
"dev": true,
"requires": {
"cssesc": "^3.0.0",
- "fastparse": "^1.1.2",
- "regexpu-core": "^4.6.0"
+ "fastparse": "^1.1.2"
}
},
"css-tree": {
@@ -6572,12 +6571,23 @@
"dev": true
},
"encoding": {
- "version": "0.1.12",
- "resolved": "https://registry.npmjs.org/encoding/-/encoding-0.1.12.tgz",
- "integrity": "sha1-U4tm8+5izRq1HsMjgp0flIDHS+s=",
+ "version": "0.1.13",
+ "resolved": "https://registry.npmjs.org/encoding/-/encoding-0.1.13.tgz",
+ "integrity": "sha512-ETBauow1T35Y/WZMkio9jiM0Z5xjHHmJ4XmjZOq1l/dXz3lr2sRn87nJy20RupqSh1F2m3HHPSp8ShIPQJrJ3A==",
"dev": true,
"requires": {
- "iconv-lite": "~0.4.13"
+ "iconv-lite": "^0.6.2"
+ },
+ "dependencies": {
+ "iconv-lite": {
+ "version": "0.6.2",
+ "resolved": "https://registry.npmjs.org/iconv-lite/-/iconv-lite-0.6.2.tgz",
+ "integrity": "sha512-2y91h5OpQlolefMPmUlivelittSWy0rP+oYVpn6A7GwVHNE8AWzoYOBNmlwks3LobaJxgHCYZAnyNo2GgpNRNQ==",
+ "dev": true,
+ "requires": {
+ "safer-buffer": ">= 2.1.2 < 3.0.0"
+ }
+ }
}
},
"end-of-stream": {
@@ -8759,12 +8769,29 @@
"dev": true
},
"hosted-git-info": {
- "version": "3.0.4",
- "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.4.tgz",
- "integrity": "sha512-4oT62d2jwSDBbLLFLZE+1vPuQ1h8p9wjrJ8Mqx5TjsyWmBMV5B13eJqn8pvluqubLf3cJPTfiYCIwNwDNmzScQ==",
+ "version": "3.0.7",
+ "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-3.0.7.tgz",
+ "integrity": "sha512-fWqc0IcuXs+BmE9orLDyVykAG9GJtGLGuZAAqgcckPgv5xad4AcXGIv8galtQvlwutxSlaMcdw7BUtq2EIvqCQ==",
"dev": true,
"requires": {
- "lru-cache": "^5.1.1"
+ "lru-cache": "^6.0.0"
+ },
+ "dependencies": {
+ "lru-cache": {
+ "version": "6.0.0",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+ "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+ "dev": true,
+ "requires": {
+ "yallist": "^4.0.0"
+ }
+ },
+ "yallist": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
+ "dev": true
+ }
}
},
"hpack.js": {
@@ -15162,10 +15189,28 @@
"semver": "^7.1.1"
},
"dependencies": {
+ "lru-cache": {
+ "version": "6.0.0",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+ "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+ "dev": true,
+ "requires": {
+ "yallist": "^4.0.0"
+ }
+ },
"semver": {
- "version": "7.3.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.2.tgz",
- "integrity": "sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==",
+ "version": "7.3.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.4.tgz",
+ "integrity": "sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw==",
+ "dev": true,
+ "requires": {
+ "lru-cache": "^6.0.0"
+ }
+ },
+ "yallist": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
"dev": true
}
}
@@ -15187,10 +15232,28 @@
"validate-npm-package-name": "^3.0.0"
},
"dependencies": {
+ "lru-cache": {
+ "version": "6.0.0",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+ "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+ "dev": true,
+ "requires": {
+ "yallist": "^4.0.0"
+ }
+ },
"semver": {
- "version": "7.3.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.2.tgz",
- "integrity": "sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==",
+ "version": "7.3.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.4.tgz",
+ "integrity": "sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw==",
+ "dev": true,
+ "requires": {
+ "lru-cache": "^6.0.0"
+ }
+ },
+ "yallist": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
"dev": true
}
}
@@ -15226,10 +15289,28 @@
"semver": "^7.0.0"
},
"dependencies": {
+ "lru-cache": {
+ "version": "6.0.0",
+ "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+ "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+ "dev": true,
+ "requires": {
+ "yallist": "^4.0.0"
+ }
+ },
"semver": {
- "version": "7.3.2",
- "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.2.tgz",
- "integrity": "sha512-OrOb32TeeambH6UrhtShmF7CRDqhL6/5XpPNp2DuRH6+9QLw/orhp72j87v8Qa1ScDkvrrBNpZcDejAirJmfXQ==",
+ "version": "7.3.4",
+ "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.4.tgz",
+ "integrity": "sha512-tCfb2WLjqFAtXn4KEdxIhalnRtoKFN7nAwj0B3ZXCbQloV2tq5eDbcTmT68JJD3nRJq24/XgxtQKFIpQdtvmVw==",
+ "dev": true,
+ "requires": {
+ "lru-cache": "^6.0.0"
+ }
+ },
+ "yallist": {
+ "version": "4.0.0",
+ "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+ "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
"dev": true
}
}
@@ -15284,9 +15365,9 @@
}
},
"npm-registry-fetch": {
- "version": "4.0.5",
- "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.5.tgz",
- "integrity": "sha512-yQ0/U4fYpCCqmueB2g8sc+89ckQ3eXpmU4+Yi2j5o/r0WkKvE2+Y0tK3DEILAtn2UaQTkjTHxIXe2/CSdit+/Q==",
+ "version": "4.0.7",
+ "resolved": "https://registry.npmjs.org/npm-registry-fetch/-/npm-registry-fetch-4.0.7.tgz",
+ "integrity": "sha512-cny9v0+Mq6Tjz+e0erFAB+RYJ/AVGzkjnISiobqP8OWj9c9FLoZZu8/SPSKJWE17F1tk4018wfjV+ZbIbqC7fQ==",
"dev": true,
"requires": {
"JSONStream": "^1.3.4",
@@ -17571,14 +17652,13 @@
}
},
"read-package-json": {
- "version": "2.1.1",
- "resolved": "https://registry.npmjs.org/read-package-json/-/read-package-json-2.1.1.tgz",
- "integrity": "sha512-dAiqGtVc/q5doFz6096CcnXhpYk0ZN8dEKVkGLU0CsASt8SrgF6SF7OTKAYubfvFhWaqofl+Y8HK19GR8jwW+A==",
+ "version": "2.1.2",
+ "resolved": "https://registry.npmjs.org/read-package-json/-/read-package-json-2.1.2.tgz",
+ "integrity": "sha512-D1KmuLQr6ZSJS0tW8hf3WGpRlwszJOXZ3E8Yd/DNRaM5d+1wVRZdHlpGBLAuovjr28LbWvjpWkBHMxpRGGjzNA==",
"dev": true,
"requires": {
"glob": "^7.1.1",
- "graceful-fs": "^4.1.2",
- "json-parse-better-errors": "^1.0.1",
+ "json-parse-even-better-errors": "^2.3.0",
"normalize-package-data": "^2.0.0",
"npm-normalize-package-bin": "^1.0.0"
}
@@ -21387,9 +21467,9 @@
},
"dependencies": {
"debug": {
- "version": "3.2.6",
- "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.6.tgz",
- "integrity": "sha512-mel+jf7nrtEl5Pn1Qx46zARXKDpBbvzezse7p7LqINmdoIk8PYP5SySaxEmYv6TZ0JyEKA1hsCId6DIhgITtWQ==",
+ "version": "3.2.7",
+ "resolved": "https://registry.npmjs.org/debug/-/debug-3.2.7.tgz",
+ "integrity": "sha512-CFjzYYAi4ThfiQvizrFQevTTXHtnCqWfe7x1AhgEscTz6ZbLbfoLRLPugTQyBth6f8ZERVUSyWHFD/7Wu4t1XQ==",
"dev": true,
"requires": {
"ms": "^2.1.1"
diff --git a/package.json b/package.json
index d76785602..4b34bec7f 100644
--- a/package.json
+++ b/package.json
@@ -26,7 +26,7 @@
"bootstrap": "4.5.0",
"moment": "2.27.0",
"ng-jhipster": "0.14.0",
- "ngx-cookie-service": "3.0.4",
+ "ngx-cookie-service": "^3.0.4",
"ngx-infinite-scroll": "9.0.0",
"ngx-webstorage": "5.0.0",
"prismjs": "^1.20.0",
diff --git a/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java b/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
index 654405690..0046f38f8 100644
--- a/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
+++ b/src/main/java/at/ac/uibk/gitsearch/config/SecurityConfiguration.java
@@ -4,14 +4,10 @@ import static org.springframework.http.MediaType.APPLICATION_FORM_URLENCODED_VAL
import java.io.IOException;
import java.net.URI;
-import java.security.Principal;
-import java.util.Collection;
import java.util.Collections;
import javax.servlet.DispatcherType;
import javax.servlet.ServletException;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
@@ -34,10 +30,8 @@ import org.springframework.security.config.annotation.web.configuration.WebSecur
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
import org.springframework.security.oauth2.client.endpoint.DefaultAuthorizationCodeTokenResponseClient;
import org.springframework.security.oauth2.client.endpoint.OAuth2AccessTokenResponseClient;
import org.springframework.security.oauth2.client.endpoint.OAuth2AuthorizationCodeGrantRequest;
@@ -49,7 +43,6 @@ import org.springframework.security.oauth2.core.endpoint.OAuth2AuthorizationExch
import org.springframework.security.oauth2.core.endpoint.OAuth2ParameterNames;
import org.springframework.security.oauth2.core.endpoint.PkceParameterNames;
import org.springframework.security.oauth2.core.oidc.user.DefaultOidcUser;
-import org.springframework.security.oauth2.core.oidc.user.OidcUser;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.security.oauth2.jwt.JwtDecoder;
@@ -59,7 +52,6 @@ import org.springframework.security.oauth2.jwt.NimbusJwtDecoder;
import org.springframework.security.oauth2.server.resource.BearerTokenAuthenticationToken;
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationConverter;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
-import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
import org.springframework.security.web.csrf.CookieCsrfTokenRepository;
import org.springframework.security.web.csrf.CsrfFilter;
import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter;
@@ -73,6 +65,7 @@ import org.zalando.problem.spring.web.advice.security.SecurityProblemSupport;
import at.ac.uibk.gitsearch.security.AuthoritiesConstants;
import at.ac.uibk.gitsearch.security.jwt.JWTConfigurer;
import at.ac.uibk.gitsearch.security.jwt.TokenProvider;
+import at.ac.uibk.gitsearch.security.oauth2.SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport;
import io.github.jhipster.config.JHipsterProperties;
@EnableWebSecurity
@@ -343,113 +336,5 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
return successHandler;
}
- /**
- * allows for a redirect with a fragment that encodes a short lived JWT-Token
- * @author Michael Breu
- *
- */
- public static class SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport extends SavedRequestAwareAuthenticationSuccessHandler {
-
- protected TokenProvider tokenProvider;
-
-
- public SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport(TokenProvider tokenProvider) {
- super();
- this.tokenProvider = tokenProvider;
- }
-
-
- @Override
- protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response,
- Authentication authentication) {
- String plainTargetUrl = super.determineTargetUrl(request, response, authentication);
-
- Authentication authenticationForToken = authentication;
- if (authentication instanceof OAuth2AuthenticationToken) {
- OAuth2AuthenticationToken oAuthA = (OAuth2AuthenticationToken) authentication;
- String mail = ((OidcUser) ((OAuth2AuthenticationToken) authentication).getPrincipal()).getEmail();
- String idToken = oAuthA.getPrincipal().getAttribute("idToken");
- authenticationForToken = new SimpleAuthentication(new SimplePrincipal(mail), authentication.getAuthorities());
- authenticationForToken.setAuthenticated(authentication.isAuthenticated());
- }
- String token = tokenProvider.createToken(authenticationForToken, 200000L); // 200 secs (for Debugging)
- return plainTargetUrl + "#requestToken=" + token;
- }
-
-
-
- }
-
- public static class SimplePrincipal implements Principal {
-
- protected String name;
-
-
- public SimplePrincipal(String name) {
- super();
- this.name = name;
- }
-
- @Override
- public String getName() {
- return name;
- }
-
- }
-
- public static class SimpleAuthentication implements Authentication {
-
- /**
- *
- */
- private static final long serialVersionUID = -791646857551363545L;
-
- private Principal principal;
-
- Collection<? extends GrantedAuthority> authorities;
-
- public SimpleAuthentication(Principal principal, Collection<? extends GrantedAuthority> authorities) {
- super();
- this.principal = principal;
- this.authorities = authorities;
- }
-
- @Override
- public String getName() {
- return principal.getName();
- }
-
- @Override
- public Collection<? extends GrantedAuthority> getAuthorities() {
- return authorities;
- }
-
- @Override
- public Object getCredentials() {
- return null;
- }
-
- @Override
- public Object getDetails() {
- return null;
- }
-
- @Override
- public Object getPrincipal() {
- return principal;
- }
-
- private boolean authenticated = false;
- @Override
- public boolean isAuthenticated() {
- return authenticated;
- }
-
- @Override
- public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
- authenticated = isAuthenticated;
- }
-
- }
}
diff --git a/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java b/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java
new file mode 100644
index 000000000..5debd577b
--- /dev/null
+++ b/src/main/java/at/ac/uibk/gitsearch/security/oauth2/SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport.java
@@ -0,0 +1,142 @@
+package at.ac.uibk.gitsearch.security.oauth2;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Collection;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.oauth2.client.authentication.OAuth2AuthenticationToken;
+import org.springframework.security.oauth2.core.oidc.user.OidcUser;
+import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;
+
+import at.ac.uibk.gitsearch.security.jwt.TokenProvider;
+
+/**
+ * allows for a redirect and adds a short-lived cookie that encodes a short lived JWT-Token
+ * @author Michael Breu
+ *
+ */
+public class SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport extends SavedRequestAwareAuthenticationSuccessHandler {
+
+ protected TokenProvider tokenProvider;
+
+
+ public SavedRequestAwareAuthenticationSuccessHandlerWithJWTSupport(TokenProvider tokenProvider) {
+ super();
+ this.tokenProvider = tokenProvider;
+ }
+
+
+ private static int REQUEST_TOKEN_LIVETIME = 200; // seconds
+ @Override
+ public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
+ Authentication authentication) throws ServletException, IOException {
+ Authentication authenticationForToken = authentication;
+ if (authentication instanceof OAuth2AuthenticationToken) {
+ OAuth2AuthenticationToken oAuthA = (OAuth2AuthenticationToken) authentication;
+ String mail = ((OidcUser) ((OAuth2AuthenticationToken) authentication).getPrincipal()).getEmail();
+ String idToken = oAuthA.getPrincipal().getAttribute("idToken");
+ authenticationForToken = new SimpleAuthentication(new SimplePrincipal(mail), authentication.getAuthorities());
+ authenticationForToken.setAuthenticated(authentication.isAuthenticated());
+ }
+ String token = tokenProvider.createToken(authenticationForToken, REQUEST_TOKEN_LIVETIME *1000L); // 200 secs (for Debugging)
+
+ Cookie tempTokenCookie = new Cookie("tempRequestToken", token);
+ tempTokenCookie.setMaxAge(REQUEST_TOKEN_LIVETIME);
+ tempTokenCookie.setPath("/");
+
+ response.addCookie(tempTokenCookie);
+
+ super.onAuthenticationSuccess(request, response, authentication);
+ }
+
+
+
+ @Override
+ protected String determineTargetUrl(HttpServletRequest request, HttpServletResponse response,
+ Authentication authentication) {
+ String plainTargetUrl = super.determineTargetUrl(request, response, authentication);
+
+ return plainTargetUrl;
+ }
+
+
+ public static class SimplePrincipal implements Principal {
+
+ protected String name;
+
+
+ public SimplePrincipal(String name) {
+ super();
+ this.name = name;
+ }
+
+ @Override
+ public String getName() {
+ return name;
+ }
+
+ }
+
+ public static class SimpleAuthentication implements Authentication {
+
+ /**
+ *
+ */
+ private static final long serialVersionUID = -791646857551363545L;
+
+ private Principal principal;
+
+ Collection<? extends GrantedAuthority> authorities;
+
+ public SimpleAuthentication(Principal principal, Collection<? extends GrantedAuthority> authorities) {
+ super();
+ this.principal = principal;
+ this.authorities = authorities;
+ }
+
+ @Override
+ public String getName() {
+ return principal.getName();
+ }
+
+ @Override
+ public Collection<? extends GrantedAuthority> getAuthorities() {
+ return authorities;
+ }
+
+ @Override
+ public Object getCredentials() {
+ return null;
+ }
+
+ @Override
+ public Object getDetails() {
+ return null;
+ }
+
+ @Override
+ public Object getPrincipal() {
+ return principal;
+ }
+
+ private boolean authenticated = false;
+ @Override
+ public boolean isAuthenticated() {
+ return authenticated;
+ }
+
+ @Override
+ public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
+ authenticated = isAuthenticated;
+ }
+
+ }
+
+}
\ No newline at end of file
diff --git a/src/main/webapp/app/layouts/main/main.component.ts b/src/main/webapp/app/layouts/main/main.component.ts
index f3e0be547..d60c28c17 100644
--- a/src/main/webapp/app/layouts/main/main.component.ts
+++ b/src/main/webapp/app/layouts/main/main.component.ts
@@ -5,6 +5,8 @@ import { TranslateService, LangChangeEvent } from '@ngx-translate/core';
import { AccountService } from 'app/core/auth/account.service';
import { AuthServerProvider } from 'app/core/auth/auth-jwt.service';
+import { CookieService } from 'ngx-cookie-service';
+import { AlertErrorComponent } from 'app/shared/alert/alert-error.component';
@Component({
selector: 'jhi-main',
@@ -19,12 +21,15 @@ export class MainComponent implements OnInit {
private router: Router,
private translateService: TranslateService,
rootRenderer: RendererFactory2,
- private authServerProvider: AuthServerProvider
+ private authServerProvider: AuthServerProvider,
+ private cookieService: CookieService,
+// private alertErrorComponent: AlertErrorComponent
) {
this.renderer = rootRenderer.createRenderer(document.querySelector('html'), null);
}
ngOnInit(): void {
+ this.checkRequestToken();
// try to log in automatically
this.accountService.identity().subscribe();
@@ -43,35 +48,22 @@ export class MainComponent implements OnInit {
this.renderer.setAttribute(document.querySelector('html'), 'lang', langChangeEvent.lang);
});
- this.routeEvent(this.router);
}
- private routeEvent(router: Router):void {
- router.events.subscribe(e => {
- if(e instanceof NavigationEnd){
- this.checkRequestToken();
- }
- });
-}
private checkRequestToken(): void {
- const fr = this.router.parseUrl(this.router.url).fragment;
-
- if(fr) {
- const regexp = /requestToken=(\w+)/;
- if(regexp.test(fr)) {
- const token = fr.replace(regexp, "$1");
- if(token && token.length> 20)
- this.authServerProvider.refreshToken(token)
+ const tokenCookie = this.cookieService.get("tempRequestToken");
+ if(tokenCookie) {
+ if(tokenCookie.length> 20)
+ this.authServerProvider.refreshToken(tokenCookie)
.subscribe(
() => {
this.accountService.identity(true).subscribe();
this.router.navigate(['']);
},
() => {
- const xxx = "abc";
+// this.alertErrorComponent.addErrorAlert('OAuth2 authentication failed', 'Authentication failed');
}
); }
- }
}
--
GitLab