This is an automated email from the ASF dual-hosted git repository. solomax pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/openmeetings.git
The following commit(s) were added to refs/heads/master by this push: new cc11dc1 [OPENMEETINGS-1979] login via VK should work cc11dc1 is described below commit cc11dc160f518601f19a833cd5bc44912a14e4bc Author: Maxim Solodovnik <solomax...@gmail.com> AuthorDate: Tue Jan 15 12:08:16 2019 +0700 [OPENMEETINGS-1979] login via VK should work --- .../installation/ImportInitvalues.java | 2 +- .../openmeetings/web/pages/auth/SignInPage.java | 108 ++++++++++++--------- 2 files changed, 62 insertions(+), 48 deletions(-) diff --git a/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java b/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java index 628a047..0e19001 100644 --- a/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java +++ b/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java @@ -531,7 +531,7 @@ public class ImportInitvalues { .setRequestTokenUrl("https://oauth.vk.com/access_token") .setRequestTokenMethod(RequestTokenMethod.POST) .setRequestTokenAttributes("client_id={$client_id}&client_secret={$client_secret}&code={$code}&redirect_uri={$redirect_uri}") - .setRequestInfoUrl("https://api.vk.com/method/users.get?user_ids=&access_token={$access_token}&fields=id,first_name,last_name,email&name_case=nom") + .setRequestInfoUrl("https://api.vk.com/method/users.get?&v=5.92&user_ids={$user_id}&access_token={$access_token}&fields=id,first_name,last_name,email&name_case=nom") .setRequestInfoMethod(RequestInfoMethod.GET) .addMapping(PARAM_LOGIN, "uid") .addMapping(PARAM_EMAIL, EMAIL_PARAM) diff --git a/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java b/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java index dcd9102..44693ae 100644 --- a/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java +++ b/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java @@ -34,6 +34,9 @@ import java.net.URLEncoder; import java.security.NoSuchAlgorithmException; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; +import java.util.HashMap; +import java.util.Map; +import java.util.Map.Entry; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.SSLContext; @@ -104,7 +107,7 @@ public class SignInPage extends BaseInitedPage { return; } log.debug("OAuthInfo={}", authInfo); - OAuthUser user = getAuthParams(authInfo.accessToken, code, server); + OAuthUser user = getAuthParams(authInfo, code, server); loginViaOAuth2(user, serverId); } else { // redirect to get code showAuth(server); @@ -159,33 +162,30 @@ public class SignInPage extends BaseInitedPage { } // ============= OAuth2 methods ============= + private static Map<String, String> getInitParams(final OAuthServer s) { + Map<String, String> params = new HashMap<>(); + params.put("{$client_id}", s.getClientId()); + params.put("{$redirect_uri}", getRedirectUri(s)); + return params; + } + public static void showAuth(final OAuthServer s) { - String authUrl = prepareUrlParams(s.getRequestKeyUrl(), s.getClientId(), getRedirectUri(s), null, null, null); + String authUrl = prepareUrl(s.getRequestKeyUrl(), getInitParams(s)); log.debug("redirectUrl={}", authUrl); throw new RedirectToUrlException(authUrl); } - public static String prepareUrlParams(String urlTemplate, String clientId, String redirectUri, String secret, String token, String code) { + private static String prepareUrl(String urlTemplate, Map<String, String> params) { String result = urlTemplate; - if (clientId != null) { - result = result.replace("{$client_id}", clientId); - } - if (secret != null) { - result = result.replace("{$client_secret}", secret); - } - if (token != null) { - result = result.replace("{$access_token}", token); - } - if (redirectUri != null) { - try { - result = result.replace("{$redirect_uri}", URLEncoder.encode(redirectUri, UTF_8.name())); - } catch (UnsupportedEncodingException e) { - log.error("Unexpected exception while encoding URI", e); + for (Entry<String, String> e : params.entrySet()) { + if (e.getValue() != null) { + try { + result = result.replace(e.getKey(), URLEncoder.encode(e.getValue(), UTF_8.name())); + } catch (UnsupportedEncodingException err) { + log.error("Unexpected exception while encoding URI param {}", e, err); + } } } - if (code != null) { - result = result.replace("{$code}", code); - } return result; } @@ -233,12 +233,25 @@ public class SignInPage extends BaseInitedPage { } } + private static Map<String, String> getParams(final OAuthServer s, String code, AuthInfo authInfo) { + Map<String, String> params = getInitParams(s); + params.put("{$client_id}", s.getClientId()); + params.put("{$client_secret}", s.getClientSecret()); + if (authInfo != null) { + params.put("{$access_token}", authInfo.accessToken); + params.put("{$user_id}", authInfo.userId); + } + if (code != null) { + params.put("{$code}", code); + } + return params; + } + private AuthInfo getToken(String code, OAuthServer server) throws IOException { String requestTokenBaseUrl = server.getRequestTokenUrl(); // build url params to request auth token String requestTokenParams = server.getRequestTokenAttributes(); - requestTokenParams = prepareUrlParams(requestTokenParams, server.getClientId(), getRedirectUri(server) - , server.getClientSecret(), null, code); + requestTokenParams = prepareUrl(requestTokenParams, getParams(server, code, null)); // request auth token HttpURLConnection connection = (HttpURLConnection) new URL(requestTokenBaseUrl).openConnection(); prepareConnection(connection); @@ -254,20 +267,7 @@ public class SignInPage extends BaseInitedPage { paramsOutputStream.flush(); String sourceResponse = IOUtils.toString(connection.getInputStream(), UTF_8); // parse json result - AuthInfo result = new AuthInfo(); - JSONObject json = new JSONObject(sourceResponse); - if (json.has("access_token")) { - result.accessToken = json.getString("access_token"); - } - if (json.has("refresh_token")) { - result.refreshToken = json.getString("refresh_token"); - } - if (json.has("token_type")) { - result.tokenType = json.getString("token_type"); - } - if (json.has("expires_in")) { - result.expiresIn = json.getLong("expires_in"); - } + AuthInfo result = new AuthInfo(sourceResponse); // access token must be specified if (result.accessToken == null) { log.error("Response doesn't contain access_token field:\n {}", sourceResponse); @@ -276,15 +276,14 @@ public class SignInPage extends BaseInitedPage { return result; } - private OAuthUser getAuthParams(String token, String code, OAuthServer server) throws IOException { + private OAuthUser getAuthParams(AuthInfo authInfo, String code, OAuthServer server) throws IOException { // prepare url String requestInfoUrl = server.getRequestInfoUrl(); - requestInfoUrl = prepareUrlParams(requestInfoUrl, server.getClientId(), getRedirectUri(server) - , server.getClientSecret(), token, code); + requestInfoUrl = prepareUrl(requestInfoUrl, getParams(server, code, authInfo)); // send request HttpURLConnection connection = (HttpURLConnection) new URL(requestInfoUrl).openConnection(); if (server.getRequestInfoMethod() == RequestInfoMethod.HEADER) { - connection.setRequestProperty("Authorization", String.format("bearer %s", token)); + connection.setRequestProperty("Authorization", String.format("bearer %s", authInfo.accessToken)); } else { connection.setRequestMethod(server.getRequestInfoMethod().name()); } @@ -306,16 +305,31 @@ public class SignInPage extends BaseInitedPage { } private static class AuthInfo { - String accessToken; - String refreshToken; - String tokenType; - long expiresIn; + final String accessToken; + final String refreshToken; + final String tokenType; + final String userId; + final long expiresIn; + + AuthInfo(String jsonStr) { + log.debug("AuthInfo={}", jsonStr); + JSONObject json = new JSONObject(jsonStr); + accessToken = json.optString("access_token"); + refreshToken = json.optString("refresh_token"); + tokenType = json.optString("token_type"); + userId = json.optString("user_id"); + expiresIn = json.optLong("expires_in"); + } @Override public String toString() { - return "AuthInfo [accessToken=" + accessToken + ", refreshToken=" - + refreshToken + ", tokenType=" + tokenType - + ", expiresIn=" + expiresIn + "]"; + return new StringBuilder() + .append("AuthInfo [accessToken=").append(accessToken) + .append(", refreshToken=").append(refreshToken) + .append(", tokenType=").append(tokenType) + .append(", userId=").append(userId) + .append(", expiresIn=").append(expiresIn) + .append("]").toString(); } } }