working on oidc auth

src/main/java/de/srsoftware/widerhall/web/Index.java

@@ -0,0 +1,43 @@
+package de.srsoftware.widerhall.web;
+
+import de.srsoftware.tools.Tag;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class Index extends HttpServlet {
+
+    private static final Logger LOG = LoggerFactory.getLogger(Index.class);
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        resp.setContentType("text/html");
+        resp.setStatus(HttpServletResponse.SC_OK);
+        String auth = req.getHeader("Authorization");
+        if (auth == null) {
+            resp.sendRedirect("login");
+            return;
+        }
+        LOG.debug("Authorization: {}",auth);
+
+        resp.getWriter().println(page(auth));
+
+    }
+
+    private Tag head() {
+        return new Tag("meta")
+                .attr("charset","utf-8")
+                .addTo(new Tag("head"));
+
+    }
+
+    private Tag page(String auth) {
+        var body = new Tag("body").content(auth);
+        return body.addTo(head().addTo(new Tag("html")));
+    }
+}

src/main/java/de/srsoftware/widerhall/web/Login.java

@@ -0,0 +1,127 @@
+package de.srsoftware.widerhall.web;
+
+import de.srsoftware.widerhall.Configuration;
+import de.srsoftware.widerhall.web.tags.Page;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.net.ssl.HttpsURLConnection;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.BufferedReader;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.net.URLEncoder;
+import java.nio.charset.StandardCharsets;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+public class Login extends HttpServlet {
+
+    private static final Logger LOG = LoggerFactory.getLogger(Login.class);
+    private final Configuration config;
+
+    public Login(){
+        this.config = Configuration.instance();
+        LOG.debug("Creating new instance of Login.class");
+    }
+
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        var error = req.getParameter("error");
+        if (error != null){
+            var description = req.getParameter("error_description");
+            sendError(resp,error+": "+description);
+            return;
+        }
+        LOG.debug("params: {}",req.getParameterMap());
+        var code = req.getParameter("code");
+        if (code != null){
+            getTokenFor(code,resp);
+            resp.getWriter().println(new Page("rceived code: "+code));
+            return;
+        }
+        resp.sendRedirect(loginUrl());
+    }
+
+    private static String urlEncode(Map<String, Object> data) {
+        String params = data.entrySet()
+                .stream()
+                .map(entry -> encode(entry.getKey()) + "=" + encode(entry.getValue()))
+                .collect(Collectors.joining("&"));
+        return params;
+    }
+
+    private static String encode(Object value) {
+        return URLEncoder.encode(value.toString(),StandardCharsets.UTF_8);
+    }
+
+    private void getTokenFor(String code, HttpServletResponse resp) throws IOException {
+        var url = config.tokenUrl();
+        LOG.debug("Sending 'POST' request to URL '{}'",url);
+        HttpsURLConnection httpClient = (HttpsURLConnection) url.openConnection();
+
+        //add reuqest header
+        httpClient.setRequestMethod("POST");
+        httpClient.setRequestProperty( "Content-Type", "application/x-www-form-urlencoded");
+        httpClient.setRequestProperty( "Accept", "*/*" );
+        //httpClient.setRequestProperty("User-Agent", "Mozilla/5.0");
+        //httpClient.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
+
+        String urlParameters = urlEncode(Map.of(
+                "code",code,
+                "client_id",config.clientId(),
+                "client_secret",config.clientSecret(),
+                "grant_type","authorization_code"));
+
+        LOG.debug("Posting parameters '{}'",urlParameters);
+
+        // Send post request
+        httpClient.setDoOutput(true);
+        httpClient.setDoInput(true);
+        try (DataOutputStream wr = new DataOutputStream(httpClient.getOutputStream())) {
+            wr.writeBytes(urlParameters);
+            wr.flush();
+        }
+
+        int responseCode = httpClient.getResponseCode();
+        LOG.debug("Response Code: {}",responseCode);
+
+        try (BufferedReader in = new BufferedReader(new InputStreamReader(httpClient.getInputStream()))) {
+
+            String line;
+            StringBuilder response = new StringBuilder();
+
+            while ((line = in.readLine()) != null) {
+                response.append(line);
+            }
+
+            //print result
+            //System.out.println(response.toString());
+            resp.getWriter().println(response);
+
+        }
+    }
+
+    private void sendError(HttpServletResponse resp, String error) throws IOException {
+        LOG.debug("error: {}",error);
+        resp.sendError(HttpServletResponse.SC_BAD_REQUEST,error);
+    }
+
+    private String loginUrl() {
+        return config.loginUrl()+"?"+urlEncode(Map.of(
+                "response_type","code",
+                "client_id",config.clientId(),
+                "state",123456,
+                "redirect_uri",redirectUri(),
+                "scope","openid"
+        ));
+    }
+
+    private String redirectUri() {
+        int port = config.serverPort();
+        return config.baseUrl()+(port == 80 ? "" : ":"+port)+"/login";
+    }
+}

src/main/java/de/srsoftware/widerhall/web/Rest.java

@@ -0,0 +1,21 @@
+package de.srsoftware.widerhall.web;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+public class Rest extends HttpServlet {
+
+    private static final Logger LOG = LoggerFactory.getLogger(Rest.class);
+    @Override
+    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
+        String method = req.getMethod();
+        LOG.debug("GET {}"+method);
+
+    }
+}

src/main/java/de/srsoftware/widerhall/web/tags/Header.java

@@ -0,0 +1,10 @@
+package de.srsoftware.widerhall.web.tags;
+
+import de.srsoftware.tools.Tag;
+
+public class Header extends Tag {
+    public Header() {
+        super("head");
+        new Tag("meta").attr("charset","utf-8").addTo(this);
+    }
+}

src/main/java/de/srsoftware/widerhall/web/tags/Page.java

@@ -0,0 +1,11 @@
+package de.srsoftware.widerhall.web.tags;
+
+import de.srsoftware.tools.Tag;
+
+public class Page extends Tag {
+    public Page(String content) {
+        super("html");
+        new Header().addTo(this);
+        new Tag("body").content(content).addTo(this);
+    }
+}