com.fujieid.jap.ids.endpoint.ApprovalEndpoint Maven / Gradle / Ivy
Show all versions of jap-ids Show documentation
/*
* Copyright (c) 2020-2040, 北京符节科技有限公司 ([email protected] & https://www.fujieid.com).
*
* Licensed under the GNU LESSER GENERAL PUBLIC LICENSE 3.0;
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.gnu.org/licenses/lgpl.html
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.fujieid.jap.ids.endpoint;
import com.fujieid.jap.http.JapHttpRequest;
import com.fujieid.jap.http.JapHttpResponse;
import com.fujieid.jap.ids.JapIds;
import com.fujieid.jap.ids.model.ClientDetail;
import com.fujieid.jap.ids.model.IdsRequestParam;
import com.fujieid.jap.ids.model.IdsResponse;
import com.fujieid.jap.ids.model.IdsScope;
import com.fujieid.jap.ids.provider.IdsRequestParamProvider;
import com.fujieid.jap.ids.provider.IdsScopeProvider;
import com.fujieid.jap.ids.util.EndpointUtil;
import com.fujieid.jap.ids.util.OauthUtil;
import com.fujieid.jap.ids.util.ObjectUtils;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.util.*;
/**
* Confirm authorization endpoint
*
* @author yadong.zhang (yadong.zhang0415(a)gmail.com)
* @version 1.0.0
* @since 1.0.0
*/
public class ApprovalEndpoint extends AbstractEndpoint {
/**
* The default authorization confirmation page pops up
*
* @param request current HTTP request
* @param response current HTTP response
* @throws IOException IOException
*/
public void showConfirmPage(JapHttpRequest request, JapHttpResponse response) throws IOException {
final String approvalContent = createConfirmPageHtml(request);
response.setContentType("text/html;charset=UTF-8");
response.setContentLength(approvalContent.getBytes(StandardCharsets.UTF_8).length);
response.write(approvalContent);
}
/**
* Obtain authorization information when you jump to the authorization confirmation page after successful login
*
* @param request HttpServletRequest
* @return IdsResponse
*/
public IdsResponse> getAuthClientInfo(JapHttpRequest request) {
IdsRequestParam param = IdsRequestParamProvider.parseRequest(request);
ClientDetail clientDetail = JapIds.getContext().getClientDetailService().getByClientId(param.getClientId());
OauthUtil.validClientDetail(clientDetail);
List> scopeInfo = getScopeInfo(param);
Map result = new HashMap<>(5);
result.put("appInfo", clientDetail);
result.put("scopes", scopeInfo);
result.put("params", param);
return new IdsResponse>().data(result);
}
/**
* Generate the html of the authorization confirmation page
*
* @param request current HTTP request
* @return Confirm the html of the authorization page
*/
private String createConfirmPageHtml(JapHttpRequest request) {
IdsRequestParam param = IdsRequestParamProvider.parseRequest(request);
String clientId = param.getClientId();
ClientDetail clientDetail = JapIds.getContext().getClientDetailService().getByClientId(clientId);
OauthUtil.validClientDetail(clientDetail);
StringBuilder builder = new StringBuilder();
String html = "\n"
+ "\n"
+ " \n"
+ " \n"
+ " \n"
+ " \n"
+ " \n"
+ " OAuth Approval \n"
+ " \n"
+ " \n";
builder.append(html).append("OAuth Approval
");
builder.append("Do you authorize \"").append(clientDetail.getAppName()).append("");
builder.append(" (").append(clientId).append(")");
builder.append("\" to access your protected resources?
");
builder.append("";
if (param.getScope() != null) {
builder.append(createScopes(param, request));
builder.append(authorizeInputTemplate);
} else {
builder.append(authorizeInputTemplate);
builder.append("");
}
builder.append("");
return builder.toString();
}
/**
* Generate the scope list of the authorization confirmation page
*
* @param param Parameters of the current HTTP request
* @param request current HTTP request
* @return the scope list of the authorization confirmation page
*/
private String createScopes(IdsRequestParam param, JapHttpRequest request) {
StringBuilder builder = new StringBuilder("");
List> scopeInfo = getScopeInfo(param);
for (Map scope : scopeInfo) {
String approved = (Boolean) scope.get("selected") ? " checked" : "";
String denied = (Boolean) scope.get("selected") ? "" : " checked";
builder.append("- ");
builder.append("")
.append(scope.get("code")).append(" - ").append(scope.get("description"))
.append(" ");
builder.append(denied).append("
");
}
builder.append("
");
return builder.toString();
}
/**
* Reorganize scope information
*
* @param param Parameters of the current HTTP request
* @return List
*/
private List> getScopeInfo(IdsRequestParam param) {
ClientDetail clientDetail = JapIds.getContext().getClientDetailService().getByClientId(param.getClientId());
Set userAuthorizedScopes = OauthUtil.validateScope(param.getScope(), clientDetail.getScopes());
Set supportedScopes = OauthUtil.convertStrToList(clientDetail.getScopes());
List scopeList = IdsScopeProvider.getScopeByCodes(supportedScopes);
List> scopeInfo = new LinkedList<>();
Map scopeItem = null;
for (IdsScope idsScope : scopeList) {
scopeItem = new HashMap<>(5);
scopeItem.put("code", idsScope.getCode());
scopeItem.put("description", idsScope.getDescription());
scopeItem.put("selected", userAuthorizedScopes.contains(idsScope.getCode()));
scopeInfo.add(scopeItem);
}
return scopeInfo;
}
}