You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2017/03/24 15:24:49 UTC
cxf-fediz git commit: FEDIZ-195: propagate URI fragment on auth
Repository: cxf-fediz
Updated Branches:
refs/heads/master 4fee9ae12 -> 3c0a4c56d
FEDIZ-195: propagate URI fragment on auth
Updated OIDC and IDP JSP pages to propagate
URI fragment on form POST.
Signed-off-by: Colm O hEigeartaigh <co...@apache.org>
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/3c0a4c56
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/3c0a4c56
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/3c0a4c56
Branch: refs/heads/master
Commit: 3c0a4c56dd92d92e9cc76a5e7e896097db1c8f84
Parents: 4fee9ae
Author: gonzalad <ad...@yahoo.fr>
Authored: Thu Mar 23 18:58:39 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Mar 24 15:10:47 2017 +0000
----------------------------------------------------------------------
.../WEB-INF/views/samlsigninresponseform.jsp | 41 ++++++++++++++----
.../main/webapp/WEB-INF/views/signinform.jsp | 31 +++++++++++++-
.../webapp/WEB-INF/views/signinresponseform.jsp | 45 +++++++++++++++-----
.../WEB-INF/views/oAuthAuthorizationData.jsp | 24 ++++++++++-
4 files changed, 120 insertions(+), 21 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3c0a4c56/services/idp/src/main/webapp/WEB-INF/views/samlsigninresponseform.jsp
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/views/samlsigninresponseform.jsp b/services/idp/src/main/webapp/WEB-INF/views/samlsigninresponseform.jsp
index 3e7dc36..fdb4eec 100644
--- a/services/idp/src/main/webapp/WEB-INF/views/samlsigninresponseform.jsp
+++ b/services/idp/src/main/webapp/WEB-INF/views/samlsigninresponseform.jsp
@@ -6,15 +6,40 @@
<head>
<title>IDP SignIn Response Form</title>
</head>
-<body>
- <form:form method="POST" id="samlsigninresponseform" name="samlsigninresponseform" action="${samlAction}" htmlEscape="true">
+<body onload='documentLoaded()'>
+ <form:form method="POST" id="samlsigninresponseform" name="samlsigninresponseform" action="${samlAction}" htmlEscape="true">
<input type="hidden" name="SAMLResponse" value="${samlResponse}" /><br />
<input type="hidden" name="RelayState" value="${relayState}" /><br />
- <noscript>
- <p>Script is disabled. Click Submit to continue.</p>
- <input type="submit" name="_eventId_submit" value="Submit" /><br />
- </noscript>
- </form:form>
- <script language="javascript">window.setTimeout('document.forms[0].submit()',0);</script>
+ <noscript>
+ <p>Script is disabled. Click Submit to continue.</p>
+ <input type="submit" name="_eventId_submit" value="Submit" /><br />
+ </noscript>
+ </form:form>
+ <script language="javascript">
+ /**
+ * Prepares the form for submission by appending any URI
+ * fragment (hash) to the form action in order to propagate it
+ * through the re-direct
+ * @param form The login form object.
+ * @returns the form.
+ */
+ function propagateUriFragment(form) {
+ // Extract the fragment from the browser's current location.
+ var hash = decodeURIComponent(self.document.location.hash);
+
+ // The fragment value may not contain a leading # symbol
+ if (hash && hash.indexOf("#") === -1) {
+ hash = "#" + hash;
+ }
+
+ // Append the fragment to the current action so that it persists to the redirected URL.
+ form.action = form.action + hash;
+ return form;
+ }
+ function documentLoaded() {
+ propagateUriFragment(document.forms[0]);
+ window.setTimeout('document.forms[0].submit()',0);
+ }
+ </script>
</body>
</html>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3c0a4c56/services/idp/src/main/webapp/WEB-INF/views/signinform.jsp
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/views/signinform.jsp b/services/idp/src/main/webapp/WEB-INF/views/signinform.jsp
index bcd7916..37785e0 100644
--- a/services/idp/src/main/webapp/WEB-INF/views/signinform.jsp
+++ b/services/idp/src/main/webapp/WEB-INF/views/signinform.jsp
@@ -43,7 +43,7 @@
}
</style>
</head>
- <body onload='document.signinform.username.focus();'>
+ <body onload='documentLoaded()'>
<img src="<c:url value='/images/apache-logo.png' />" alt="Apache Logo" style="margin:5px auto">
<c:if test="${param.error != null}">
@@ -56,7 +56,7 @@
<h1>Fediz IDP Login</h1>
- <form:form method="POST" id="signinform" name="signinform" action="login.do" >
+ <form:form method="POST" id="signinform" name="signinform" action="login.do">
<div id="login_form">
<label for="username">UserId</label>
<input type="text" id="username" name="username" placeholder="username" />
@@ -69,4 +69,31 @@
</div>
</form:form>
</body>
+ <script language="javascript">
+ function documentLoaded() {
+ var form = document.signinform;
+ form.username.focus();
+ propagateUriFragment(form);
+ }
+ /**
+ * Prepares the form for submission by appending any URI
+ * fragment (hash) to the form action in order to propagate it
+ * through the re-direct
+ * @param form The login form object.
+ * @returns the form.
+ */
+ function propagateUriFragment(form) {
+ // Extract the fragment from the browser's current location.
+ var hash = decodeURIComponent(self.document.location.hash);
+
+ // The fragment value may not contain a leading # symbol
+ if (hash && hash.indexOf("#") === -1) {
+ hash = "#" + hash;
+ }
+
+ // Append the fragment to the current action so that it persists to the redirected URL.
+ form.action = form.action + hash;
+ return form;
+ }
+ </script>
</html>
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3c0a4c56/services/idp/src/main/webapp/WEB-INF/views/signinresponseform.jsp
----------------------------------------------------------------------
diff --git a/services/idp/src/main/webapp/WEB-INF/views/signinresponseform.jsp b/services/idp/src/main/webapp/WEB-INF/views/signinresponseform.jsp
index 7a98789..afa703e 100644
--- a/services/idp/src/main/webapp/WEB-INF/views/signinresponseform.jsp
+++ b/services/idp/src/main/webapp/WEB-INF/views/signinresponseform.jsp
@@ -6,20 +6,45 @@
<head>
<title>IDP SignIn Response Form</title>
</head>
-<body>
- <form:form method="POST" id="signinresponseform" name="signinresponseform" action="${fedAction}" htmlEscape="true">
+<body onload='documentLoaded()'>
+ <form:form method="POST" id="signinresponseform" name="signinresponseform" action="${fedAction}" htmlEscape="true">
<input type="hidden" name="wa" value="wsignin1.0" /><br />
<input type="hidden" name="wresult" value="${fedWResult}" /><br />
<% String wctx = (String)request.getAttribute("fedWCtx");
if (wctx != null && !wctx.isEmpty()) { %>
- <input type="hidden" name="wctx" value="${fedWCtx}" /><br />
- <% } %>
+ <input type="hidden" name="wctx" value="${fedWCtx}" /><br />
+ <% } %>
<input type="hidden" name="wtrealm" value="${fedWTrealm}" /><br />
- <noscript>
- <p>Script is disabled. Click Submit to continue.</p>
- <input type="submit" name="_eventId_submit" value="Submit" /><br />
- </noscript>
- </form:form>
- <script language="javascript">window.setTimeout('document.forms[0].submit()',0);</script>
+ <noscript>
+ <p>Script is disabled. Click Submit to continue.</p>
+ <input type="submit" name="_eventId_submit" value="Submit" /><br />
+ </noscript>
+ </form:form>
+ <script language="javascript">
+ /**
+ * Prepares the form for submission by appending any URI
+ * fragment (hash) to the form action in order to propagate it
+ * through the re-direct
+ * @param form The login form object.
+ * @returns the form.
+ */
+ function propagateUriFragment(form) {
+ // Extract the fragment from the browser's current location.
+ var hash = decodeURIComponent(self.document.location.hash);
+
+ // The fragment value may not contain a leading # symbol
+ if (hash && hash.indexOf("#") === -1) {
+ hash = "#" + hash;
+ }
+
+ // Append the fragment to the current action so that it persists to the redirected URL.
+ form.action = form.action + hash;
+ return form;
+ }
+ function documentLoaded() {
+ propagateUriFragment(document.forms[0]);
+ window.setTimeout('document.forms[0].submit()',0);
+ }
+ </script>
</body>
</html>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/3c0a4c56/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
----------------------------------------------------------------------
diff --git a/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp b/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
index e498248..5218bea 100644
--- a/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
+++ b/services/oidc/src/main/webapp/WEB-INF/views/oAuthAuthorizationData.jsp
@@ -24,7 +24,7 @@
<tr align="center">
<td>
- <form action="<%= data.getReplyTo() %>" method="POST">
+ <form action="<%= data.getReplyTo() %>" method="POST" onsubmit="prepareSubmit(this)">
<input type="hidden" name="client_id"
value="<%= data.getClientId() %>"/>
@@ -131,4 +131,26 @@
</table>
</body>
+<script language="javascript">
+ /**
+ * Prepares the form for submission by appending any URI
+ * fragment (hash) to the form action in order to propagate it
+ * through the re-direct
+ * @param form The login form object.
+ * @returns true to allow the form to be submitted.
+ */
+ function prepareSubmit(form) {
+ // Extract the fragment from the browser's current location.
+ var hash = decodeURIComponent(self.document.location.hash);
+
+ // The fragment value may not contain a leading # symbol
+ if (hash && hash.indexOf("#") === -1) {
+ hash = "#" + hash;
+ }
+
+ // Append the fragment to the current action so that it persists to the redirected URL.
+ form.action = form.action + hash;
+ return true;
+ }
+</script>
</html>