SRSoftware/Umbrella
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Wiki Activity

implemented oidc management

Browse Source
This commit is contained in:
Stephan Richter
2025-07-03 20:32:20 +02:00
parent 695714f4eb
commit e53beb9848
6 changed files with 56 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
frontend/src/App.svelte
View File

@@ -33,7 +33,8 @@
<Menu /> <Menu />
<Route path="/user" component={User} /> <Route path="/user" component={User} />
<Route path="/user/:user_id/edit" component={UserEdit} /> <Route path="/user/:user_id/edit" component={UserEdit} />
<Route path="/user/oidc/:serviceName" component={EditService} /> <Route path="/user/oidc/add" component={EditService} />
<Route path="/user/oidc/edit/:serviceName" component={EditService} />
<Route> <Route>
<p>Page not found</p> <p>Page not found</p>
</Route> </Route>

10
frontend/src/routes/user/ConnectedServices.svelte
View File

@@ -11,10 +11,8 @@
let resp = await fetch(url,{credentials:'include'}); let resp = await fetch(url,{credentials:'include'});
if (resp.ok){ if (resp.ok){
const arr = await resp.json(); const arr = await resp.json();
for (let entry of arr){ while (connections.length) connections.pop();
connections.push(entry) for (let entry of arr) connections.push(entry);
console.log(entry);
}
} }
} }
@@ -22,13 +20,13 @@
async function unlink(connection){ async function unlink(connection){
const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/connected`; const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/connected`;
const resp = fetch(url,{ const resp = await fetch(url,{
method: 'DELETE', method: 'DELETE',
credentials: 'include', credentials: 'include',
body: JSON.stringify(connection) body: JSON.stringify(connection)
}); });
if (resp.ok){ if (resp.ok){
alert('succeeded'); loadConnections();
} else { } else {
alert('failed'); alert('failed');
} }

6
frontend/src/routes/user/EditService.svelte
View File

@@ -11,7 +11,7 @@
let disabled = $state(false); let disabled = $state(false);
onMount(async () => { onMount(async () => {
const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/service/${serviceName}`; const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/${serviceName}`;
const resp = await fetch(url,{credentials:'include'}); const resp = await fetch(url,{credentials:'include'});
if (resp.ok){ if (resp.ok){
const json = await resp.json(); const json = await resp.json();
@@ -24,7 +24,7 @@
async function update(){ async function update(){
caption = t('user.data_sent'); caption = t('user.data_sent');
const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/service/${serviceName}`; const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/${serviceName}`;
const resp = await fetch(url,{ const resp = await fetch(url,{
credentials: 'include', credentials: 'include',
method: 'PATCH', method: 'PATCH',
@@ -42,7 +42,7 @@
<fieldset> <fieldset>
<legend>{t('user.edit_service',serviceName)}</legend> <legend>{t('user.edit_service',serviceName)}</legend>
{#if service.name} {#if service.name || !serviceName}
<table> <table>
<tbody> <tbody>
<tr> <tr>

40
frontend/src/routes/user/LoginServices.svelte
View File

@@ -8,22 +8,48 @@
let services = $state([]); let services = $state([]);
onMount(async () => { async function loadButtons(){
const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/buttons`; const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/buttons`;
const resp = await fetch(url,{credentials:'include'}); const resp = await fetch(url,{credentials:'include'});
if (resp.ok){ if (resp.ok){
const json = await resp.json(); const json = await resp.json();
while (services.length) services.pop();
for (let service of json) services.push(service); for (let service of json) services.push(service);
} }
}); }
onMount(loadButtons);
async function connect(service){
const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/redirect/${service}`;
const resp = await fetch(url,{credentials:'include'});
if (resp.ok){
var json = await resp.json();
if (json.authorization_endpoint) {
var endpoint = json.authorization_endpoint;
delete json.authorization_endpoint;
location.href = endpoint + '?' + new URLSearchParams(json);
}
}
}
async function drop(service){
const url = `${location.protocol}//${location.host.replace('5173','8080')}/api/user/oidc/${service}`;
const resp = await fetch(url,{
credentials: 'include',
method: 'DELETE'
});
if (resp.ok) loadButtons();
}
</script> </script>
<fieldset tabindex="0"> <fieldset tabindex="0">
<legend> <legend>
{t('user.login_services')} {t('user.login_services')}
<button>{t('user.add_login_service')}</button> {#if user.permissions.includes('MANAGE_LOGIN_SERVICES')}
</legend> <button onclick={() => router.navigate('/user/oidc/add')}>{t('user.add_login_service')}</button>
{/if}
</legend>
<table> <table>
<thead> <thead>
<tr> <tr>
@@ -36,10 +62,10 @@
<tr> <tr>
<td>{service}</td> <td>{service}</td>
<td> <td>
<button>{t('user.connect_service')}</button> <button onclick={() => connect(service)}>{t('user.connect_service')}</button>
{#if user.permissions.includes('MANAGE_LOGIN_SERVICES')} {#if user.permissions.includes('MANAGE_LOGIN_SERVICES')}
<button onclick={() => router.navigate(`/user/oidc/${service}`)}>{t('user.edit')}</button> <button onclick={() => router.navigate(`/user/oidc/edit/${service}`)}>{t('user.edit')}</button>
<button>{t('user.delete')}</button> <button onclick={() => drop(service)}>{t('user.delete')}</button>
{/if} {/if}
</td> </td>
</tr> </tr>

1
translations/src/main/resources/de.json
View File

@@ -59,6 +59,7 @@
"old_password": "altes Passwort", "old_password": "altes Passwort",
"password": "Passwort", "password": "Passwort",
"permissions": "Berechtigungen", "permissions": "Berechtigungen",
"processing_code": "Code wird verarbeitet…",
"repeat_new_password": "Wiederholung", "repeat_new_password": "Wiederholung",
"saved": "gespeichert", "saved": "gespeichert",
"save_service": "Service speichern", "save_service": "Service speichern",

15
user/src/main/java/de/srsoftware/umbrella/user/UserModule.java
View File

@@ -91,10 +91,21 @@ public class UserModule extends PathHandler {
var head = path.pop(); var head = path.pop();
return switch (head){ return switch (head){
case CONNECTED -> deleteServiceConnection(ex,user); case CONNECTED -> deleteServiceConnection(ex,user);
case null, default -> super.doGet(path,ex); case null -> super.doGet(path,ex);
default -> deleteService(ex,user,head);
}; };
} }
private boolean deleteService(HttpExchange ex, UmbrellaUser user, String serviceName) throws IOException {
if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(MANAGE_LOGIN_SERVICES))) return sendEmptyResponse(HTTP_UNAUTHORIZED,ex);
try {
logins.delete(serviceName);
return sendEmptyResponse(HTTP_OK,ex);
} catch (UmbrellaException e) {
return sendContent(ex,e.statusCode(),e.getMessage());
}
}
private boolean deleteServiceConnection(HttpExchange ex, UmbrellaUser user) throws IOException { private boolean deleteServiceConnection(HttpExchange ex, UmbrellaUser user) throws IOException {
if (user == null) return sendContent(ex,HTTP_SERVER_ERROR,"Expected user object to be of type DbUser"); if (user == null) return sendContent(ex,HTTP_SERVER_ERROR,"Expected user object to be of type DbUser");
JSONObject json; JSONObject json;
@@ -110,7 +121,7 @@ public class UserModule extends PathHandler {
try { try {
logins.unlink(ForeignLogin.of(serviceId,foreignId,user.id())); logins.unlink(ForeignLogin.of(serviceId,foreignId,user.id()));
return sendEmptyResponse(OK,ex); return sendEmptyResponse(HTTP_OK,ex);
} catch (UmbrellaException e) { } catch (UmbrellaException e) {
return send(ex,e); return send(ex,e);
} }