-
Notifications
You must be signed in to change notification settings - Fork 4
Story/cite 217 - It should be possible to create personal access tokens #301
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
base: develop
Are you sure you want to change the base?
Changes from 24 commits
23822fe
17dbe63
6f89887
57f6eea
befbf1d
ba2c4d1
8beb5a3
78d74b9
d0b037d
24c6348
8d4de31
abe4e3d
5c320f3
0086228
163a27c
a4047a1
4a248d6
5e4088d
7c617b4
a122954
0f0f5fe
c7d70e0
d648041
27d7271
ec9d301
51f7b94
8096355
14630b3
bbdde80
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,9 +1,13 @@ | ||
| package edu.asu.diging.citesphere.core.repository.oauth; | ||
|
|
||
| import java.util.List; | ||
|
|
||
| import org.springframework.data.domain.Page; | ||
| import org.springframework.data.domain.Pageable; | ||
| import org.springframework.data.jpa.repository.JpaRepository; | ||
|
|
||
| import edu.asu.diging.citesphere.core.model.oauth.impl.OAuthClient; | ||
|
|
||
| public interface OAuthClientRepository extends JpaRepository<OAuthClient, String> { | ||
|
|
||
| Page<OAuthClient> findByIsUserAccessTokenAndCreatedByUsername(boolean isUserAccessToken, String createdByUsername, Pageable pageable); | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| package edu.asu.diging.citesphere.core.service.oauth; | ||
|
|
||
| import java.util.List; | ||
|
|
||
| import edu.asu.diging.citesphere.core.model.oauth.IOAuthClient; | ||
| import edu.asu.diging.citesphere.core.model.oauth.IUserAccessToken; | ||
|
|
||
| public class UserAccessTokenResultPage { | ||
| private long totalPages; | ||
| private List<IOAuthClient> accessTokenList; | ||
|
|
||
| public long getTotalPages() { | ||
| return totalPages; | ||
| } | ||
|
|
||
| public void setTotalPages(long totalPages) { | ||
| this.totalPages = totalPages; | ||
| } | ||
|
|
||
| public List<IOAuthClient> getClientList() { | ||
| return accessTokenList; | ||
| } | ||
|
|
||
| public void setClientList(List<IOAuthClient> accessTokenList) { | ||
| this.accessTokenList = accessTokenList; | ||
| } | ||
| } |
|
Member
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. all of the code related to personal access tokens should be in its own manager class not mixed in with the oauth clients. Also, I think we want only one OAuthClient (for the user) and then create multiple access token for the client, rather than multiple oauthclients. Or is there a reason to have one client per token? and then finally, I think I would consider creating a subclass for oauthclient for personal access tokens, rather than a boolean flag. but is that flag really needed? it looks like it's only used once, and with a separate manager class, it might not be necessary? |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,20 @@ | ||
| package edu.asu.diging.citesphere.web.admin.forms; | ||
|
|
||
| public class UserAccessTokenForm { | ||
| private String name; | ||
| private String redirectUrl; | ||
|
|
||
| public String getName() { | ||
| return name; | ||
| } | ||
| public void setName(String name) { | ||
| this.name = name; | ||
| } | ||
|
|
||
| public String getRedirectUrl() { | ||
| return redirectUrl; | ||
| } | ||
| public void setRedirectUrl(String callbackUrl) { | ||
| this.redirectUrl = callbackUrl; | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,26 @@ | ||
| package edu.asu.diging.citesphere.web.admin.userOAuth; | ||
|
|
||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.stereotype.Controller; | ||
| import org.springframework.ui.Model; | ||
| import org.springframework.web.bind.annotation.PathVariable; | ||
| import org.springframework.web.bind.annotation.RequestMapping; | ||
| import org.springframework.web.bind.annotation.RequestMethod; | ||
|
|
||
| import edu.asu.diging.citesphere.core.model.oauth.IOAuthClient; | ||
| import edu.asu.diging.citesphere.core.service.oauth.IOAuthClientManager; | ||
|
|
||
| @Controller | ||
| public class AccessTokenDetailsController { | ||
|
|
||
| @Autowired | ||
| private IOAuthClientManager clientManager; | ||
|
|
||
| @RequestMapping(value="/admin/user/auth/accessTokens/{accessTokenId}", method=RequestMethod.GET) | ||
| public String showAppDetails(Model model, @PathVariable("accessTokenId") String accessTokenId) { | ||
| IOAuthClient details = (IOAuthClient) clientManager.loadClientByClientId(accessTokenId); | ||
| model.addAttribute("clientName", details.getName()); | ||
| model.addAttribute("clientId", details.getClientId()); | ||
| return "admin/user/auth/details"; | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| package edu.asu.diging.citesphere.web.admin.userOAuth; | ||
|
|
||
| import java.security.Principal; | ||
|
|
||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.stereotype.Controller; | ||
| import org.springframework.ui.Model; | ||
| import org.springframework.validation.BindingResult; | ||
| import org.springframework.validation.annotation.Validated; | ||
| import org.springframework.web.bind.annotation.RequestMapping; | ||
| import org.springframework.web.bind.annotation.RequestMethod; | ||
| import org.springframework.web.servlet.mvc.support.RedirectAttributes; | ||
|
|
||
| import edu.asu.diging.citesphere.core.service.oauth.IOAuthClientManager; | ||
| import edu.asu.diging.citesphere.core.service.oauth.OAuthCredentials; | ||
| import edu.asu.diging.citesphere.core.user.IUserManager; | ||
| import edu.asu.diging.citesphere.user.IUser; | ||
| import edu.asu.diging.citesphere.web.admin.forms.UserAccessTokenForm; | ||
|
|
||
| @Controller | ||
| public class AddUserAccessTokenController { | ||
|
|
||
| @Autowired | ||
| private IUserManager userManager; | ||
|
|
||
| @Autowired | ||
| private IOAuthClientManager clientManager; | ||
|
|
||
| @RequestMapping(value="/admin/user/auth/accessTokens/add", method=RequestMethod.GET) | ||
| public String show(Model model) { | ||
| model.addAttribute("userAccessTokenForm", new UserAccessTokenForm()); | ||
| return "admin/user/auth/add"; | ||
| } | ||
|
|
||
| @RequestMapping(value="/admin/user/auth/accessTokens/add", method=RequestMethod.POST) | ||
| public String add(@Validated UserAccessTokenForm userAccessTokenForm, Model model, BindingResult errors, RedirectAttributes redirectAttrs, Principal principal) { | ||
| IUser user = userManager.findByUsername(principal.getName()); | ||
| OAuthCredentials creds = clientManager.createUserAccessToken(userAccessTokenForm.getName(), user); | ||
| redirectAttrs.addFlashAttribute("clientId", creds.getClientId()); | ||
| redirectAttrs.addFlashAttribute("secret", creds.getSecret()); | ||
| return "redirect:/admin/user/auth/accessTokens/" + creds.getClientId(); | ||
| } | ||
| } |
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| package edu.asu.diging.citesphere.web.admin.userOAuth; | ||
|
|
||
| import org.springframework.beans.factory.annotation.Autowired; | ||
| import org.springframework.http.HttpStatus; | ||
| import org.springframework.http.ResponseEntity; | ||
| import org.springframework.stereotype.Controller; | ||
| import org.springframework.web.bind.annotation.PathVariable; | ||
| import org.springframework.web.bind.annotation.RequestMapping; | ||
| import org.springframework.web.bind.annotation.RequestMethod; | ||
|
|
||
| import edu.asu.diging.citesphere.core.service.oauth.IOAuthClientManager; | ||
|
|
||
| @Controller | ||
| public class DeleteAccessTokenController { | ||
|
|
||
| @Autowired | ||
| private IOAuthClientManager clientManager; | ||
|
|
||
| @RequestMapping(value = "/admin/user/auth/accessTokens/{accessTokenId}", method = RequestMethod.DELETE) | ||
| public ResponseEntity<String> deleteApp(@PathVariable("accessTokenId") String accessTokenId) { | ||
| clientManager.deleteClient(accessTokenId); | ||
| return new ResponseEntity<>(HttpStatus.OK); | ||
| } | ||
| } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
indentation