StephanRichter
/
LightOidc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

working on authorization flow

sqlite
Stephan Richter 4 months ago
parent
bb480b0b51
commit
a277be5091
9 changed files with 58 additions and 23 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 6
      de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Client.java
  2. 3
      de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java
  3. 10
      de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/PathHandler.java
  4. 4
      de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
  5. 38
      de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/Backend.java
  6. 4
      de.srsoftware.oidc.web/src/main/java/de/srsoftware/oidc/web/Forward.java
  7. 2
      de.srsoftware.oidc.web/src/main/resources/en/authorization.html
  8. 12
      de.srsoftware.oidc.web/src/main/resources/en/authorization.js
  9. 2
      de.srsoftware.oidc.web/src/main/resources/en/user.js

6
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Client.java
Unescape View File

@ -5,9 +5,15 @@ import static de.srsoftware.oidc.api.Constants.*; @@ -5,9 +5,15 @@ import static de.srsoftware.oidc.api.Constants.*;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
public record Client(String id, String name, String secret, Set<String> redirectUris) {
public Map<String, Object> map() {
return Map.of(CLIENT_ID, id, NAME, name, SECRET, secret, REDIRECT_URIS, redirectUris);
}
public String generateCode() {
System.err.printf("%s.generateCode() not implemented!", getClass().getSimpleName());
return UUID.randomUUID().toString();
}
}

3
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java
Unescape View File

@ -2,9 +2,12 @@ @@ -2,9 +2,12 @@
package de.srsoftware.oidc.api;
public class Constants {
public
static final String CODE = "code";
public static final String CLIENT_ID = "client_id";
public static final String NAME = "name";
public static final String REDIRECT_URI = "redirect_uri";
public static final String REDIRECT_URIS = "redirect_uris";
public static final String SECRET = "secret";
public static final String STATE = "state";
}

10
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/PathHandler.java
Unescape View File

@ -1,8 +1,7 @@ @@ -1,8 +1,7 @@
/* © SRSoftware 2024 */
package de.srsoftware.oidc.api;
import static java.net.HttpURLConnection.HTTP_BAD_REQUEST;
import static java.net.HttpURLConnection.HTTP_OK;
import static java.net.HttpURLConnection.*;
import static java.nio.charset.StandardCharsets.UTF_8;
import com.sun.net.httpserver.HttpExchange;
@ -11,6 +10,7 @@ import com.sun.net.httpserver.HttpServer; @@ -11,6 +10,7 @@ import com.sun.net.httpserver.HttpServer;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import java.util.Optional;
import java.util.stream.Stream;
import org.json.JSONObject;
@ -120,6 +120,7 @@ public abstract class PathHandler implements HttpHandler { @@ -120,6 +120,7 @@ public abstract class PathHandler implements HttpHandler {
}
public static boolean sendContent(HttpExchange ex, Object o) throws IOException {
if (o instanceof Map map) o = new JSONObject(map);
if (o instanceof JSONObject) ex.getResponseHeaders().add(CONTENT_TYPE, JSON);
return sendContent(ex, HTTP_OK, o.toString().getBytes(UTF_8));
}
@ -131,4 +132,9 @@ public abstract class PathHandler implements HttpHandler { @@ -131,4 +132,9 @@ public abstract class PathHandler implements HttpHandler {
public static boolean sendError(HttpExchange ex, Object o) throws IOException {
return sendContent(ex, HTTP_BAD_REQUEST, o.toString().getBytes(UTF_8));
}
public static boolean sendRedirect(HttpExchange ex, String url) throws IOException {
ex.getResponseHeaders().add("Location", url);
return sendEmptyResponse(HTTP_MOVED_TEMP, ex);
}
}

4
de.srsoftware.oidc.app/src/main/java/de/srsoftware/oidc/app/Application.java
Unescape View File

@ -49,11 +49,11 @@ public class Application { @@ -49,11 +49,11 @@ public class Application {
var tokens = new ArrayList<>(List.of(args));
var map = new HashMap<String, Object>();
while (!tokens.isEmpty()) {
var token = tokens.removeFirst();
var token = tokens.remove(0);
switch (token) {
case "--base":
if (tokens.isEmpty()) throw new IllegalArgumentException("--path option requires second argument!");
map.put(BASE_PATH, Path.of(tokens.removeFirst()));
map.put(BASE_PATH, Path.of(tokens.remove(0)));
break;
default:
System.err.printf("Unknown option: %s\n", token);

38
de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/Backend.java
Unescape View File

@ -39,11 +39,16 @@ public class Backend extends PathHandler { @@ -39,11 +39,16 @@ public class Backend extends PathHandler {
}
private boolean authorize(HttpExchange ex, Session session) throws IOException {
var json = json(ex);
var clientId = json.getString(CLIENT_ID);
var json = json(ex);
var clientId = json.getString(CLIENT_ID);
var optClient = clients.getClient(clientId);
if (optClient.isEmpty()) return sendEmptyResponse(HTTP_NOT_FOUND, ex);
var client = optClient.get();
var redirect = json.getString(REDIRECT_URI);
System.out.println(json);
return sendEmptyResponse(HTTP_NOT_FOUND, ex);
if (!client.redirectUris().contains(redirect)) return sendEmptyResponse(HTTP_BAD_REQUEST, ex);
var state = json.getString(STATE);
var code = client.generateCode();
return sendContent(ex, Map.of(CODE,code,REDIRECT_URI,redirect,STATE,state));
}
private boolean clients(HttpExchange ex, Session session) throws IOException {
@ -117,6 +122,8 @@ public class Backend extends PathHandler { @@ -117,6 +122,8 @@ public class Backend extends PathHandler {
switch (path) {
case "/login":
return doLogin(ex);
case "/token":
return provideToken(ex);
}
var optSession = getSession(ex);
if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
@ -164,17 +171,23 @@ public class Backend extends PathHandler { @@ -164,17 +171,23 @@ public class Backend extends PathHandler {
return sendEmptyResponse(HTTP_OK, ex);
}
private boolean openidConfig(HttpExchange ex) throws IOException {
JSONObject json = new JSONObject();
json.put("authorization_endpoint", hostname(ex) + "/web/authorization.html");
return sendContent(ex, json);
private boolean provideToken(HttpExchange ex) throws IOException {
System.err.printf("%s.provideToken(ex) not implemented!\n",getClass().getSimpleName());
var json = json(ex);
System.err.println(json);
return sendEmptyResponse(HTTP_NOT_FOUND,ex);
}
private boolean openidConfig(HttpExchange ex) throws IOException {
return sendContent(ex, Map.of(
"token_endpoint",hostname(ex)+"/api/token",
"authorization_endpoint", hostname(ex) + "/web/authorization.html")
);
}
private boolean sendUserAndCookie(HttpExchange ex, Session session) throws IOException {
new SessionToken(session.id()).addTo(ex);
return sendContent(ex, new JSONObject(session.user().map(false)));
return sendContent(ex, session.user().map(false));
}
private boolean updatePassword(HttpExchange ex, Session session) throws IOException {
@ -193,7 +206,7 @@ public class Backend extends PathHandler { @@ -193,7 +206,7 @@ public class Backend extends PathHandler {
return sendError(ex, "password mismatch");
}
users.updatePassword(user, newPass1);
return sendContent(ex, new JSONObject(user.map(false)));
return sendContent(ex, user.map(false));
}
private boolean updateUser(HttpExchange ex, Session session) throws IOException {
@ -206,7 +219,6 @@ public class Backend extends PathHandler { @@ -206,7 +219,6 @@ public class Backend extends PathHandler {
user.username(json.getString(USERNAME));
user.email(json.getString(EMAIL));
users.save(user);
JSONObject response = new JSONObject(user.map(false));
return sendContent(ex, response);
return sendContent(ex, user.map(false));
}
}

4
de.srsoftware.oidc.web/src/main/java/de/srsoftware/oidc/web/Forward.java
Unescape View File

@ -16,8 +16,6 @@ public class Forward extends PathHandler { @@ -16,8 +16,6 @@ public class Forward extends PathHandler {
@Override
public boolean doGet(String path, HttpExchange ex) throws IOException {
System.out.printf("Forwarding (%d) %s to %s…\n", CODE, path, toPath);
ex.getResponseHeaders().add("Location", toPath);
ex.sendResponseHeaders(CODE, 0);
return true;
return sendRedirect(ex,toPath);
}
}

2
de.srsoftware.oidc.web/src/main/resources/en/authorization.html
Unescape View File

@ -5,8 +5,10 @@ @@ -5,8 +5,10 @@
<script src="common.js"></script>
<script src="user.js"></script>
<script src="authorization.js"></script>
<link rel="stylesheet" href="style.css" />
</head>
<body>
<nav></nav>
<h1>Authorization!</h1>
Not implemented, yet!
</body>

12
de.srsoftware.oidc.web/src/main/resources/en/authorization.js
Unescape View File

@ -1,11 +1,19 @@ @@ -1,11 +1,19 @@
var params = new URLSearchParams(window.location.search)
var json = Object.fromEntries(params);
async function handleResponse(response){
if (response.ok){
var json = await response.json();
console.log(json);
redirect(json.redirect_uri+'?code='+json.code+'&state='+json.state);
return;
}
}
fetch(api+"/authorize",{
method: 'POST',
body: JSON.stringify(json),
headers: {
'Content-Type': 'application/json'
}
})
}).then(handleResponse);

2
de.srsoftware.oidc.web/src/main/resources/en/user.js
Unescape View File

@ -1,7 +1,7 @@ @@ -1,7 +1,7 @@
var user = null;
async function handleUser(response){
if (response.status == UNAUTHORIZED) {
redirect('login.html?return_to='+encodeURI(window.location.href));
redirect('login.html?return_to='+encodeURIComponent(window.location.href));
return;
}
if (response.ok){

Write Preview
Loading…
Cancel
Save