-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathServiceController.java
69 lines (59 loc) · 3.12 KB
/
ServiceController.java
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
package com.webfleet.oauth.controller;
import com.webfleet.oauth.common.Constants;
import com.webfleet.oauth.common.KnownUrls;
import com.webfleet.oauth.common.RandomKey;
import com.webfleet.oauth.service.TokenStoreService;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.SessionAttribute;
import java.security.Principal;
import static com.webfleet.oauth.common.Constants.HAS_REFRESH_TOKEN;
@Controller
@RequestMapping(KnownUrls.SERVICE)
public class ServiceController extends AbstractMenuController {
private final TokenStoreService tokenStoreService;
private final String authserver;
private final String clientId;
private final String scopes;
private final String redirectUri;
public ServiceController(final TokenStoreService tokenStoreService,
@Value("${webfleet.authserver}") final String authserver,
@Value("${webfleet.clientid}") final String clientId,
@Value("${webfleet.scopes}") final String scopes,
@Value("${webfleet.redirecturi}") final String redirectUri) {
super(KnownUrls.HOME, KnownUrls.CONSUME);
this.tokenStoreService = tokenStoreService;
this.authserver = authserver;
this.clientId = clientId;
this.scopes = scopes;
this.redirectUri = redirectUri;
}
@RequestMapping
public String service(
Model model,
@SessionAttribute("random") RandomKey random, // Used it for later verification
Principal principal) {
final String refreshToken = tokenStoreService.getRefreshToken(principal.getName());
model.addAttribute(HAS_REFRESH_TOKEN, refreshToken != null);
model.addAttribute("refresh_token", truncate(refreshToken));
model.addAttribute("authorizeUrl", buildRedirectString(random));
addMenu(model);
return KnownUrls.View.SERVICE.viewName();
}
private String truncate(final String refreshToken) {
return refreshToken != null && refreshToken.length() > 10 ? refreshToken.substring(0, 10) + "..." : "";
}
private String buildRedirectString(final RandomKey randomKey) {
StringBuilder builder = new StringBuilder();
// If we don't have a token yet ask the user to authenticate and authorize us
builder.append(authserver).append(Constants.AUTHORIZATION_URL)
.append("?response_type=code") // authorization flow (authorization code flow)
.append("&client_id=").append(clientId) // our 3rdparty client
.append("&redirect_uri=").append(redirectUri) // callback url where code from authserver is received
.append("&scope=").append(scopes) // scope we are requesting authorization for this oauth client
.append("&state=").append(randomKey.getKey()); // verification code that will be returned by authserver in the callback
return builder.toString();
}
}