[openmeetings] branch master updated: [OPENMEETINGS-1979] login via VK should work

Mon, 14 Jan 2019 21:12:33 -0800 

This is an automated email from the ASF dual-hosted git repository.

solomax pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openmeetings.git


The following commit(s) were added to refs/heads/master by this push:
     new cc11dc1  [OPENMEETINGS-1979] login via VK should work
cc11dc1 is described below

commit cc11dc160f518601f19a833cd5bc44912a14e4bc
Author: Maxim Solodovnik <solomax...@gmail.com>
AuthorDate: Tue Jan 15 12:08:16 2019 +0700

    [OPENMEETINGS-1979] login via VK should work
---
 .../installation/ImportInitvalues.java             |   2 +-
 .../openmeetings/web/pages/auth/SignInPage.java    | 108 ++++++++++++---------
 2 files changed, 62 insertions(+), 48 deletions(-)

diff --git 
a/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
 
b/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
index 628a047..0e19001 100644
--- 
a/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
+++ 
b/openmeetings-install/src/main/java/org/apache/openmeetings/installation/ImportInitvalues.java
@@ -531,7 +531,7 @@ public class ImportInitvalues {
                                
.setRequestTokenUrl("https://oauth.vk.com/access_token";)
                                .setRequestTokenMethod(RequestTokenMethod.POST)
                                
.setRequestTokenAttributes("client_id={$client_id}&client_secret={$client_secret}&code={$code}&redirect_uri={$redirect_uri}")
-                               
.setRequestInfoUrl("https://api.vk.com/method/users.get?user_ids=&access_token={$access_token}&fields=id,first_name,last_name,email&name_case=nom";)
+                               
.setRequestInfoUrl("https://api.vk.com/method/users.get?&v=5.92&user_ids={$user_id}&access_token={$access_token}&fields=id,first_name,last_name,email&name_case=nom";)
                                .setRequestInfoMethod(RequestInfoMethod.GET)
                                .addMapping(PARAM_LOGIN, "uid")
                                .addMapping(PARAM_EMAIL, EMAIL_PARAM)
diff --git 
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java
 
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java
index dcd9102..44693ae 100644
--- 
a/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java
+++ 
b/openmeetings-web/src/main/java/org/apache/openmeetings/web/pages/auth/SignInPage.java
@@ -34,6 +34,9 @@ import java.net.URLEncoder;
 import java.security.NoSuchAlgorithmException;
 import java.security.cert.CertificateException;
 import java.security.cert.X509Certificate;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Map.Entry;
 
 import javax.net.ssl.HttpsURLConnection;
 import javax.net.ssl.SSLContext;
@@ -104,7 +107,7 @@ public class SignInPage extends BaseInitedPage {
                                                return;
                                        }
                                        log.debug("OAuthInfo={}", authInfo);
-                                       OAuthUser user = 
getAuthParams(authInfo.accessToken, code, server);
+                                       OAuthUser user = 
getAuthParams(authInfo, code, server);
                                        loginViaOAuth2(user, serverId);
                                } else { // redirect to get code
                                        showAuth(server);
@@ -159,33 +162,30 @@ public class SignInPage extends BaseInitedPage {
        }
 
        // ============= OAuth2 methods =============
+       private static Map<String, String> getInitParams(final OAuthServer s) {
+               Map<String, String> params = new HashMap<>();
+               params.put("{$client_id}", s.getClientId());
+               params.put("{$redirect_uri}", getRedirectUri(s));
+               return params;
+       }
+
        public static void showAuth(final OAuthServer s) {
-               String authUrl = prepareUrlParams(s.getRequestKeyUrl(), 
s.getClientId(), getRedirectUri(s), null, null, null);
+               String authUrl = prepareUrl(s.getRequestKeyUrl(), 
getInitParams(s));
                log.debug("redirectUrl={}", authUrl);
                throw new RedirectToUrlException(authUrl);
        }
 
-       public static String prepareUrlParams(String urlTemplate, String 
clientId, String redirectUri, String secret, String token, String code) {
+       private static String prepareUrl(String urlTemplate, Map<String, 
String> params) {
                String result = urlTemplate;
-               if (clientId != null) {
-                       result = result.replace("{$client_id}", clientId);
-               }
-               if (secret != null) {
-                       result = result.replace("{$client_secret}", secret);
-               }
-               if (token != null) {
-                       result = result.replace("{$access_token}", token);
-               }
-               if (redirectUri != null) {
-                       try {
-                               result = result.replace("{$redirect_uri}", 
URLEncoder.encode(redirectUri, UTF_8.name()));
-                       } catch (UnsupportedEncodingException e) {
-                               log.error("Unexpected exception while encoding 
URI", e);
+               for (Entry<String, String> e : params.entrySet()) {
+                       if (e.getValue() != null) {
+                               try {
+                                       result = result.replace(e.getKey(), 
URLEncoder.encode(e.getValue(), UTF_8.name()));
+                               } catch (UnsupportedEncodingException err) {
+                                       log.error("Unexpected exception while 
encoding URI param {}", e, err);
+                               }
                        }
                }
-               if (code != null) {
-                       result = result.replace("{$code}", code);
-               }
                return result;
        }
 
@@ -233,12 +233,25 @@ public class SignInPage extends BaseInitedPage {
                }
        }
 
+       private static Map<String, String> getParams(final OAuthServer s, 
String code, AuthInfo authInfo) {
+               Map<String, String> params = getInitParams(s);
+               params.put("{$client_id}", s.getClientId());
+               params.put("{$client_secret}", s.getClientSecret());
+               if (authInfo != null) {
+                       params.put("{$access_token}", authInfo.accessToken);
+                       params.put("{$user_id}", authInfo.userId);
+               }
+               if (code != null) {
+                       params.put("{$code}", code);
+               }
+               return params;
+       }
+
        private AuthInfo getToken(String code, OAuthServer server) throws 
IOException {
                String requestTokenBaseUrl = server.getRequestTokenUrl();
                // build url params to request auth token
                String requestTokenParams = server.getRequestTokenAttributes();
-               requestTokenParams = prepareUrlParams(requestTokenParams, 
server.getClientId(), getRedirectUri(server)
-                               , server.getClientSecret(), null, code);
+               requestTokenParams = prepareUrl(requestTokenParams, 
getParams(server, code, null));
                // request auth token
                HttpURLConnection connection = (HttpURLConnection) new 
URL(requestTokenBaseUrl).openConnection();
                prepareConnection(connection);
@@ -254,20 +267,7 @@ public class SignInPage extends BaseInitedPage {
                paramsOutputStream.flush();
                String sourceResponse = 
IOUtils.toString(connection.getInputStream(), UTF_8);
                // parse json result
-               AuthInfo result = new AuthInfo();
-               JSONObject json = new JSONObject(sourceResponse);
-               if (json.has("access_token")) {
-                       result.accessToken = json.getString("access_token");
-               }
-               if (json.has("refresh_token")) {
-                       result.refreshToken = json.getString("refresh_token");
-               }
-               if (json.has("token_type")) {
-                       result.tokenType = json.getString("token_type");
-               }
-               if (json.has("expires_in")) {
-                       result.expiresIn = json.getLong("expires_in");
-               }
+               AuthInfo result = new AuthInfo(sourceResponse);
                // access token must be specified
                if (result.accessToken == null) {
                        log.error("Response doesn't contain access_token 
field:\n {}", sourceResponse);
@@ -276,15 +276,14 @@ public class SignInPage extends BaseInitedPage {
                return result;
        }
 
-       private OAuthUser getAuthParams(String token, String code, OAuthServer 
server) throws IOException {
+       private OAuthUser getAuthParams(AuthInfo authInfo, String code, 
OAuthServer server) throws IOException {
                // prepare url
                String requestInfoUrl = server.getRequestInfoUrl();
-               requestInfoUrl = prepareUrlParams(requestInfoUrl, 
server.getClientId(), getRedirectUri(server)
-                               , server.getClientSecret(), token, code);
+               requestInfoUrl = prepareUrl(requestInfoUrl, getParams(server, 
code, authInfo));
                // send request
                HttpURLConnection connection = (HttpURLConnection) new 
URL(requestInfoUrl).openConnection();
                if (server.getRequestInfoMethod() == RequestInfoMethod.HEADER) {
-                       connection.setRequestProperty("Authorization", 
String.format("bearer %s", token));
+                       connection.setRequestProperty("Authorization", 
String.format("bearer %s", authInfo.accessToken));
                } else {
                        
connection.setRequestMethod(server.getRequestInfoMethod().name());
                }
@@ -306,16 +305,31 @@ public class SignInPage extends BaseInitedPage {
        }
 
        private static class AuthInfo {
-               String accessToken;
-               String refreshToken;
-               String tokenType;
-               long expiresIn;
+               final String accessToken;
+               final String refreshToken;
+               final String tokenType;
+               final String userId;
+               final long expiresIn;
+
+               AuthInfo(String jsonStr) {
+                       log.debug("AuthInfo={}", jsonStr);
+                       JSONObject json = new JSONObject(jsonStr);
+                       accessToken = json.optString("access_token");
+                       refreshToken = json.optString("refresh_token");
+                       tokenType = json.optString("token_type");
+                       userId = json.optString("user_id");
+                       expiresIn = json.optLong("expires_in");
+               }
 
                @Override
                public String toString() {
-                       return "AuthInfo [accessToken=" + accessToken + ", 
refreshToken="
-                                       + refreshToken + ", tokenType=" + 
tokenType
-                                       + ", expiresIn=" + expiresIn + "]";
+                       return new StringBuilder()
+                               .append("AuthInfo 
[accessToken=").append(accessToken)
+                               .append(", refreshToken=").append(refreshToken)
+                               .append(", tokenType=").append(tokenType)
+                               .append(", userId=").append(userId)
+                               .append(", expiresIn=").append(expiresIn)
+                               .append("]").toString();
                }
        }
 }

Reply via email to