You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by a_...@apache.org on 2013/08/13 07:47:34 UTC
svn commit: r1513355 - in
/openmeetings/trunk/singlewebapp/src/org/apache/openmeetings:
installation/ImportInitvalues.java web/pages/auth/SignInPage.java
Author: a_horuzhenko
Date: Tue Aug 13 05:47:34 2013
New Revision: 1513355
URL: http://svn.apache.org/r1513355
Log:
[OPENMEETINGS-740] Login via OAuth2: fixes and improvements.
Modified:
openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java
openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java
Modified: openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java
URL: http://svn.apache.org/viewvc/openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java?rev=1513355&r1=1513354&r2=1513355&view=diff
==============================================================================
--- openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java (original)
+++ openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java Tue Aug 13 05:47:34 2013
@@ -1017,6 +1017,23 @@ public class ImportInitvalues {
googleServer.setFirstnameParamName("given_name");
googleServer.setLastnameParamName("family_name");
oauthDao.update(googleServer, null);
+
+ // Facebook
+ OAuthServer facebookServer = new OAuthServer();
+ facebookServer.setName("Facebook");
+ facebookServer.setEnabled(false);
+ facebookServer.setClientId("<put your client_id>");
+ facebookServer.setClientSecret("<put your client_secret>");
+ facebookServer.setRequestKeyUrl("https://www.facebook.com/dialog/oauth?client_id={$client_id}&redirect_uri={$redirect_uri}&scope=email");
+ facebookServer.setRequestTokenUrl("https://graph.facebook.com/oauth/access_token");
+ facebookServer.setRequestTokenMethod(RequestMethod.POST);
+ facebookServer.setRequestTokenAttributes("client_id={$client_id}&redirect_uri={$redirect_uri}&client_secret={$client_secret}&code={$code}");
+ facebookServer.setRequestInfoUrl("https://graph.facebook.com/me?access_token={$access_token}&fields=username,first_name,last_name,email");
+ facebookServer.setLoginParamName("username");
+ facebookServer.setEmailParamName("email");
+ facebookServer.setFirstnameParamName("first_name");
+ facebookServer.setLastnameParamName("last_name");
+ oauthDao.update(facebookServer, null);
}
// ------------------------------------------------------------------------------
Modified: openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java
URL: http://svn.apache.org/viewvc/openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java?rev=1513355&r1=1513354&r2=1513355&view=diff
==============================================================================
--- openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java (original)
+++ openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java Tue Aug 13 05:47:34 2013
@@ -53,7 +53,6 @@ import org.apache.openmeetings.data.user
import org.apache.openmeetings.data.user.dao.UsersDao;
import org.apache.openmeetings.persistence.beans.user.User;
import org.apache.openmeetings.persistence.beans.user.oauth.OAuthServer;
-import org.apache.openmeetings.utils.crypt.ManageCryptStyle;
import org.apache.openmeetings.web.app.Application;
import org.apache.openmeetings.web.app.WebSession;
import org.apache.openmeetings.web.pages.BaseInitedPage;
@@ -106,7 +105,7 @@ public class SignInPage extends BaseInit
log.debug("OAuthInfo=" + authInfo);
Map<String, String> authParams = getAuthParams(authInfo.accessToken, code, server);
if (authParams != null) {
- loginViaOAuth2(authParams);
+ loginViaOAuth2(authParams, serverId);
}
} else { // redirect to get code
String redirectUrl = prepareUrlParams(server.getRequestKeyUrl(), server.getClientId(),
@@ -259,7 +258,14 @@ public class SignInPage extends BaseInit
result.expiresIn = jsonResult.getLong("expires_in");
}
} catch (JSONException e) {
- log.error("Couldn't parse json response " + sourceJson.toString(), e);
+ // try to parse as canonical
+ Map<String, String> parsedMap = parseCanonicalResponse(sourceJson.toString());
+ result.accessToken = parsedMap.get("access_token");
+ result.refreshToken = parsedMap.get("refresh_token");
+ result.tokenType = parsedMap.get("token_type");
+ try {
+ result.expiresIn = Long.valueOf(parsedMap.get("expires_in"));
+ } catch (NumberFormatException nfe) {}
}
// access token must be specified
if (result.accessToken == null) {
@@ -269,6 +275,18 @@ public class SignInPage extends BaseInit
return result;
}
+ private Map<String, String> parseCanonicalResponse(String response) {
+ String[] parts = response.split("&");
+ Map<String, String> result = new HashMap<String, String>();
+ for (String part: parts) {
+ String pair[] = part.split("=");
+ if (pair.length > 1) {
+ result.put(pair[0], pair[1]);
+ }
+ }
+ return result;
+ }
+
private Map<String, String> getAuthParams(String token, String code, OAuthServer server) throws IOException {
// get attributes names
String loginAttributeName = server.getLoginParamName();
@@ -284,18 +302,18 @@ public class SignInPage extends BaseInit
prepareConnection(connection);
BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String inputLine = null;
- StringBuilder sourceJson = new StringBuilder();
+ StringBuilder sourceResponse = new StringBuilder();
while ((inputLine = in.readLine()) != null) {
- if (sourceJson.length() > 0) {
- sourceJson.append("\n");
+ if (sourceResponse.length() > 0) {
+ sourceResponse.append("\n");
}
- sourceJson.append(inputLine);
+ sourceResponse.append(inputLine);
}
in.close();
// parse json result
Map<String, String> result = new HashMap<String, String>();
try {
- JSONObject parsedJson = new JSONObject(sourceJson.toString());
+ JSONObject parsedJson = new JSONObject(sourceResponse.toString());
result.put("login", parsedJson.getString(loginAttributeName));
result.put("email", parsedJson.getString(emailAttributeName));
if (parsedJson.has(firstname)) {
@@ -305,17 +323,24 @@ public class SignInPage extends BaseInit
result.put("lastname", parsedJson.getString(lastname));
}
} catch (JSONException e) {
- log.error("Couldn't parse json response:\n" + sourceJson.toString(), e);
- return null;
+ // try to parse response as canonical
+ Map<String, String> parsedMap = parseCanonicalResponse(sourceResponse.toString());
+ result.put("login", parsedMap.get(loginAttributeName));
+ result.put("email", parsedMap.get(emailAttributeName));
+ if (parsedMap.containsKey(firstname)) {
+ result.put("firstname", parsedMap.get(firstname));
+ }
+ if (parsedMap.containsKey(lastname)) {
+ result.put("lastname", parsedMap.get(lastname));
+ }
}
return result;
}
- private void loginViaOAuth2(Map<String, String> params) throws IOException, NoSuchAlgorithmException {
+ private void loginViaOAuth2(Map<String, String> params, long serverId) throws IOException, NoSuchAlgorithmException {
UsersDao userDao = getBean(UsersDao.class);
UserManager userManager = getBean(UserManager.class);
ConfigurationDao configurationDao = getBean(ConfigurationDao.class);
- ManageCryptStyle manageCryptStyle = getBean(ManageCryptStyle.class);
String login = params.get("login");
String email = params.get("email");
String lastname = params.get("lastname");
@@ -334,11 +359,21 @@ public class SignInPage extends BaseInit
if (user == null) {
Integer defaultlangId = Integer.valueOf(configurationDao.getConfValue("default_lang_id", String.class, "1"));
String defaultTimezone = configurationDao.getConfValue("default.timezone", String.class, "");
- userManager.registerUserNoEmail(login, pass, lastname, firstname, email, null, null,
+ Long res = userManager.registerUserNoEmail(login, pass, lastname, firstname, email, null, null,
null, null, null, 0, null, defaultlangId, null, false, true, defaultTimezone);
- } else { // just change password
- user.updatePassword(manageCryptStyle, configurationDao, pass);
+ if (res == null || res < 0) {
+ throw new RuntimeException("Couldn't register new oauth user");
+ }
+ user = userDao.get(res);
+ user.setExternalUserType("oauth2." + serverId);
userDao.update(user, null);
+ } else { // just change password
+ // check user type before changing password, it must be match oauthServerId
+ if (!("oauth2." + serverId).equals(user.getExternalUserType())) {
+ log.error("User already registered!");
+ return;
+ }
+ user = userDao.update(user, pass, -1);
}
if (WebSession.get().signIn(login, pass, null)) {