You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openmeetings.apache.org by a_...@apache.org on 2013/08/13 07:47:34 UTC

svn commit: r1513355 - in /openmeetings/trunk/singlewebapp/src/org/apache/openmeetings: installation/ImportInitvalues.java web/pages/auth/SignInPage.java

Author: a_horuzhenko
Date: Tue Aug 13 05:47:34 2013
New Revision: 1513355

URL: http://svn.apache.org/r1513355
Log:
[OPENMEETINGS-740] Login via OAuth2: fixes and improvements.

Modified:
    openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java
    openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java

Modified: openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java
URL: http://svn.apache.org/viewvc/openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java?rev=1513355&r1=1513354&r2=1513355&view=diff
==============================================================================
--- openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java (original)
+++ openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/installation/ImportInitvalues.java Tue Aug 13 05:47:34 2013
@@ -1017,6 +1017,23 @@ public class ImportInitvalues {
 		googleServer.setFirstnameParamName("given_name");
 		googleServer.setLastnameParamName("family_name");
 		oauthDao.update(googleServer, null);
+		
+		// Facebook
+		OAuthServer facebookServer = new OAuthServer();
+		facebookServer.setName("Facebook");
+		facebookServer.setEnabled(false);
+		facebookServer.setClientId("<put your client_id>");
+		facebookServer.setClientSecret("<put your client_secret>");
+		facebookServer.setRequestKeyUrl("https://www.facebook.com/dialog/oauth?client_id={$client_id}&redirect_uri={$redirect_uri}&scope=email");
+		facebookServer.setRequestTokenUrl("https://graph.facebook.com/oauth/access_token");
+		facebookServer.setRequestTokenMethod(RequestMethod.POST);
+		facebookServer.setRequestTokenAttributes("client_id={$client_id}&redirect_uri={$redirect_uri}&client_secret={$client_secret}&code={$code}");
+		facebookServer.setRequestInfoUrl("https://graph.facebook.com/me?access_token={$access_token}&fields=username,first_name,last_name,email");
+		facebookServer.setLoginParamName("username");
+		facebookServer.setEmailParamName("email");
+		facebookServer.setFirstnameParamName("first_name");
+		facebookServer.setLastnameParamName("last_name");
+		oauthDao.update(facebookServer, null);
 	}
 	
 	// ------------------------------------------------------------------------------

Modified: openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java
URL: http://svn.apache.org/viewvc/openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java?rev=1513355&r1=1513354&r2=1513355&view=diff
==============================================================================
--- openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java (original)
+++ openmeetings/trunk/singlewebapp/src/org/apache/openmeetings/web/pages/auth/SignInPage.java Tue Aug 13 05:47:34 2013
@@ -53,7 +53,6 @@ import org.apache.openmeetings.data.user
 import org.apache.openmeetings.data.user.dao.UsersDao;
 import org.apache.openmeetings.persistence.beans.user.User;
 import org.apache.openmeetings.persistence.beans.user.oauth.OAuthServer;
-import org.apache.openmeetings.utils.crypt.ManageCryptStyle;
 import org.apache.openmeetings.web.app.Application;
 import org.apache.openmeetings.web.app.WebSession;
 import org.apache.openmeetings.web.pages.BaseInitedPage;
@@ -106,7 +105,7 @@ public class SignInPage extends BaseInit
 					 	log.debug("OAuthInfo=" + authInfo);
 					 	Map<String, String> authParams = getAuthParams(authInfo.accessToken, code, server);
 					 	if (authParams != null) {
-					 		loginViaOAuth2(authParams);
+					 		loginViaOAuth2(authParams, serverId);
 					 	}
 					} else { // redirect to get code
 						String redirectUrl = prepareUrlParams(server.getRequestKeyUrl(), server.getClientId(), 
@@ -259,7 +258,14 @@ public class SignInPage extends BaseInit
 				result.expiresIn = jsonResult.getLong("expires_in");
 			}
 		} catch (JSONException e) {
-			log.error("Couldn't parse json response " + sourceJson.toString(), e);
+			// try to parse as canonical
+			Map<String, String> parsedMap = parseCanonicalResponse(sourceJson.toString());
+			result.accessToken = parsedMap.get("access_token");
+			result.refreshToken = parsedMap.get("refresh_token");
+			result.tokenType = parsedMap.get("token_type");
+			try {
+				result.expiresIn = Long.valueOf(parsedMap.get("expires_in"));
+			} catch (NumberFormatException nfe) {}
 		}
 		// access token must be specified
 		if (result.accessToken == null) {
@@ -269,6 +275,18 @@ public class SignInPage extends BaseInit
 		return result;
 	}
 	
+	private Map<String, String> parseCanonicalResponse(String response) {
+		String[] parts = response.split("&");
+		Map<String, String> result = new HashMap<String, String>();
+		for (String part: parts) {
+			String pair[] = part.split("=");
+			if (pair.length > 1) {
+				result.put(pair[0], pair[1]);
+			}
+		}
+		return result;
+	}
+	
 	private Map<String, String> getAuthParams(String token, String code, OAuthServer server) throws IOException {
 		// get attributes names
 		String loginAttributeName = server.getLoginParamName();
@@ -284,18 +302,18 @@ public class SignInPage extends BaseInit
 		prepareConnection(connection);
 		BufferedReader in = new BufferedReader(new InputStreamReader(connection.getInputStream()));
 		String inputLine = null;
-		StringBuilder sourceJson = new StringBuilder();
+		StringBuilder sourceResponse = new StringBuilder();
 		while ((inputLine = in.readLine()) != null) {
-			if (sourceJson.length() > 0) {
-				sourceJson.append("\n");
+			if (sourceResponse.length() > 0) {
+				sourceResponse.append("\n");
 			}
-			sourceJson.append(inputLine);
+			sourceResponse.append(inputLine);
 		}
         in.close();
         // parse json result
         Map<String, String> result = new HashMap<String, String>();
         try {
-			JSONObject parsedJson = new JSONObject(sourceJson.toString());
+			JSONObject parsedJson = new JSONObject(sourceResponse.toString());
 			result.put("login", parsedJson.getString(loginAttributeName));
 			result.put("email", parsedJson.getString(emailAttributeName));
 			if (parsedJson.has(firstname)) {
@@ -305,17 +323,24 @@ public class SignInPage extends BaseInit
 				result.put("lastname", parsedJson.getString(lastname));
 			}
 		} catch (JSONException e) {
-			log.error("Couldn't parse json response:\n" + sourceJson.toString(), e);
-			return null;
+			// try to parse response as canonical
+			Map<String, String> parsedMap = parseCanonicalResponse(sourceResponse.toString());
+			result.put("login", parsedMap.get(loginAttributeName));
+			result.put("email", parsedMap.get(emailAttributeName));
+			if (parsedMap.containsKey(firstname)) {
+				result.put("firstname", parsedMap.get(firstname));
+			}
+			if (parsedMap.containsKey(lastname)) {
+				result.put("lastname", parsedMap.get(lastname));
+			}
 		}
 		return result;
 	}
 	
-	private void loginViaOAuth2(Map<String, String> params) throws IOException, NoSuchAlgorithmException {
+	private void loginViaOAuth2(Map<String, String> params, long serverId) throws IOException, NoSuchAlgorithmException {
 		UsersDao userDao = getBean(UsersDao.class);
 		UserManager userManager = getBean(UserManager.class); 
 		ConfigurationDao configurationDao = getBean(ConfigurationDao.class);
-		ManageCryptStyle manageCryptStyle = getBean(ManageCryptStyle.class);
 		String login = params.get("login");
 		String email = params.get("email");
 		String lastname = params.get("lastname");
@@ -334,11 +359,21 @@ public class SignInPage extends BaseInit
 		if (user == null) {
 			Integer defaultlangId = Integer.valueOf(configurationDao.getConfValue("default_lang_id", String.class, "1"));
 			String defaultTimezone = configurationDao.getConfValue("default.timezone", String.class, "");		
-			userManager.registerUserNoEmail(login, pass, lastname, firstname, email, null, null, 
+			Long res = userManager.registerUserNoEmail(login, pass, lastname, firstname, email, null, null, 
 					null, null, null, 0, null, defaultlangId, null, false, true, defaultTimezone);
-		} else { // just change password
-			user.updatePassword(manageCryptStyle, configurationDao, pass);
+			if (res == null || res < 0) {
+				throw new RuntimeException("Couldn't register new oauth user");
+			}
+			user = userDao.get(res);
+			user.setExternalUserType("oauth2." + serverId);
 			userDao.update(user, null);
+		} else { // just change password
+			// check user type before changing password, it must be match oauthServerId
+			if (!("oauth2." + serverId).equals(user.getExternalUserType())) {
+				log.error("User already registered!");
+				return;
+			}
+			user = userDao.update(user, pass, -1);
 		}
 		
 		if (WebSession.get().signIn(login, pass, null)) {