implemented password reset link and sending via mail

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
2024-08-09 02:03:01 +02:00
parent 31afced7f7
commit 95d47e3d63
12 changed files with 137 additions and 45 deletions
--- a/de.srsoftware.oidc.web/src/main/java/de/srsoftware/oidc/web/StaticPages.java
+++ b/de.srsoftware.oidc.web/src/main/java/de/srsoftware/oidc/web/StaticPages.java
@@ -6,6 +6,7 @@ import static java.util.Optional.empty;

 import com.sun.net.httpserver.HttpExchange;
 import de.srsoftware.http.PathHandler;
+import de.srsoftware.oidc.api.ResourceLoader;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.net.MalformedURLException;
@@ -14,9 +15,8 @@ import java.nio.file.Files;
 import java.nio.file.Path;
 import java.util.Optional;

-public class StaticPages extends PathHandler {
-	private static final String DEFAULT_LANGUAGE = "en";
-	private static final String FAVICON          = "favicon.ico";
+public class StaticPages extends PathHandler implements ResourceLoader {
+	private static final String FAVICON = "favicon.ico";
 	private final Optional<Path> base;
 	private ClassLoader          loader;

@@ -25,22 +25,21 @@ public class StaticPages extends PathHandler {
 		base = basePath;
 	}

-	private record Response(String contentType, byte[] content) {
-	}
+
 	private static final String INDEX = "en/index.html";

 	@Override
 	public boolean doGet(String relativePath, HttpExchange ex) throws IOException {
-		String lang = language(ex).orElse(DEFAULT_LANGUAGE);
+		String lang = language(ex);
 		if (relativePath.startsWith("/")) relativePath = relativePath.substring(1);
 		if (relativePath.isBlank()) {
 			relativePath = ex.getRequestURI().toString().endsWith(FAVICON) ? FAVICON : INDEX;
 		}
 		try {
-			Response response = loadFile(lang, relativePath).orElseThrow(() -> new FileNotFoundException());
-			ex.getResponseHeaders().add(CONTENT_TYPE, response.contentType);
+			Resource resource = loadFile(lang, relativePath).orElseThrow(() -> new FileNotFoundException());
+			ex.getResponseHeaders().add(CONTENT_TYPE, resource.contentType());
 			LOG.log(DEBUG, "Loaded {0} for language {1}…success.", relativePath, lang);
-			return sendContent(ex, response.content);
+			return sendContent(ex, resource.content());
 		} catch (FileNotFoundException fnf) {
 			LOG.log(WARNING, "Loaded {0} for language {1}…failed.", relativePath, lang);
 			return notFound(ex);
@@ -67,14 +66,14 @@ public class StaticPages extends PathHandler {
 		return resource;
 	}

-	private Optional<Response> loadFile(String language, String path) {
+	public Optional<Resource> loadFile(String language, String path) {
 		try {
 			var resource = base.map(b -> getLocalUrl(b, language, path)).orElseGet(() -> getResource(language, path));
 			if (resource == null) return empty();
 			var connection	= resource.openConnection();
 			var contentType = connection.getContentType();
 			try (var in = connection.getInputStream()) {
-				return Optional.of(new Response(contentType, in.readAllBytes()));
+				return Optional.of(new Resource(contentType, in.readAllBytes()));
 			}
 		} catch (IOException e) {
 			throw new RuntimeException(e);
--- a/de.srsoftware.oidc.web/src/main/resources/email.template/scratch.txt
+++ b/de.srsoftware.oidc.web/src/main/resources/email.template/scratch.txt
@@ -0,0 +1,12 @@
+Password reset link for {service}
+Dear {displayname},
+
+Someone – probably you – requested to reset you password on {service}.
+
+If that was you, please open the following link in your browser:
+
+{link}
+
+If you *did not request* to reset you password, simply ignore this mail.
+
+Best wishes, you OIDC admin.
--- a/de.srsoftware.oidc.web/src/main/resources/en/authorization.html
+++ b/de.srsoftware.oidc.web/src/main/resources/en/authorization.html
@@ -22,6 +22,6 @@
        <button type="button" onclick="denyAutorization()">No</button>
    </div>
    <div id="error" class="error" style="display: none"></div>
-    <div id="missing_scopes" class="error" style="display: none">Authorization response contained neither list of <em>unauthorized scopes</em> nor list of <em>authorized scopes</em>! This is a server problem.</div>
+    <div id="missing_scopes" class="error" style="display: none">Authorization resource contained neither list of <em>unauthorized scopes</em> nor list of <em>authorized scopes</em>! This is a server problem.</div>
 </body>
 </html>
--- a/de.srsoftware.oidc.web/src/main/resources/en/reset_password.template.txt
+++ b/de.srsoftware.oidc.web/src/main/resources/en/reset_password.template.txt
@@ -0,0 +1,12 @@
+Password reset link for {service}
+Dear {displayname},
+
+Someone – probably you – requested to reset you password on {service}.
+
+If that was you, please open the following link in your browser:
+
+{link}
+
+If you *did not request* to reset you password, simply ignore this mail.
+
+Best wishes, you OIDC admin.
--- a/de.srsoftware.oidc.web/src/main/resources/en/todo.html
+++ b/de.srsoftware.oidc.web/src/main/resources/en/todo.html
@@ -16,6 +16,11 @@
                <li><a href="users.html">Users: send password reset link</a></li>
                <li><a href="login.html">Login: send password reset link</a></li>
                <li><a href="login.html">Login: "remember me" option</a></li>
+                <li>at_hash in ID Token</li>
+                <li>drop outdated sessions</li>
+                <li>invalidate tokens</li>
+                <li>implement token refresh</li>
+                <li>handle https correctly in PathHandler.hostname</li>
            </ul>
        </div>
    </body>