简柏林 / thingskit · Commits

Commit 7565afca3a478928f52ad10d4f4774af4a742dc0

Authored by Igor Kulikov
1 parent 45e49144

Several OAuth2 improvements

Inline Side-by-side
Showing 9 changed files with 134 additions and 68 deletions
... ... @@ -10,6 +10,7 @@
10 10 "mapperConfig": {
11 11 "type": "GITHUB",
12 12 "basic": {
  13 + "firstNameAttributeKey": "name",
13 14 "tenantNameStrategy": "DOMAIN"
14 15 }
15 16 },
... ...
... ... @@ -16,6 +16,7 @@
16 16 package org.thingsboard.server.controller;
17 17
18 18 import lombok.extern.slf4j.Slf4j;
  19 +import org.springframework.beans.factory.annotation.Autowired;
19 20 import org.springframework.http.HttpStatus;
20 21 import org.springframework.security.access.prepost.PreAuthorize;
21 22 import org.springframework.web.bind.annotation.*;
... ... @@ -23,6 +24,7 @@ import org.thingsboard.server.common.data.exception.ThingsboardException;
23 24 import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
24 25 import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
25 26 import org.thingsboard.server.common.data.oauth2.SchemeType;
  27 +import org.thingsboard.server.dao.oauth2.OAuth2Configuration;
26 28 import org.thingsboard.server.queue.util.TbCoreComponent;
27 29 import org.thingsboard.server.service.security.permission.Operation;
28 30 import org.thingsboard.server.service.security.permission.Resource;
... ... @@ -36,6 +38,10 @@ import java.util.List;
36 38 @RequestMapping("/api")
37 39 @Slf4j
38 40 public class OAuth2Controller extends BaseController {
  41 +
  42 + @Autowired
  43 + private OAuth2Configuration oAuth2Configuration;
  44 +
39 45 @RequestMapping(value = "/noauth/oauth2Clients", method = RequestMethod.POST)
40 46 @ResponseBody
41 47 public List<OAuth2ClientInfo> getOAuth2Clients(HttpServletRequest request) throws ThingsboardException {
... ... @@ -70,4 +76,16 @@ public class OAuth2Controller extends BaseController {
70 76 throw handleException(e);
71 77 }
72 78 }
  79 +
  80 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
  81 + @RequestMapping(value = "/oauth2/loginProcessingUrl", method = RequestMethod.GET)
  82 + @ResponseBody
  83 + public String getLoginProcessingUrl() throws ThingsboardException {
  84 + try {
  85 + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION_INFO, Operation.READ);
  86 + return "\"" + oAuth2Configuration.getLoginProcessingUrl() + "\"";
  87 + } catch (Exception e) {
  88 + throw handleException(e);
  89 + }
  90 + }
73 91 }
... ...
... ... @@ -27,6 +27,6 @@ import java.util.Set;
27 27 @NoArgsConstructor
28 28 @AllArgsConstructor
29 29 public class OAuth2ClientsDomainParams {
30   - private Set<DomainInfo> domainInfos;
31   - private Set<ClientRegistrationDto> clientRegistrations;
32   -}
\ No newline at end of file
  30 + private List<DomainInfo> domainInfos;
  31 + private List<ClientRegistrationDto> clientRegistrations;
  32 +}
... ...
... ... @@ -16,6 +16,8 @@
16 16 package org.thingsboard.server.common.data.oauth2;
17 17
18 18 import lombok.*;
  19 +
  20 +import java.util.List;
19 21 import java.util.Set;
20 22
21 23 @EqualsAndHashCode
... ... @@ -26,5 +28,5 @@ import java.util.Set;
26 28 @AllArgsConstructor
27 29 public class OAuth2ClientsParams {
28 30 private boolean enabled;
29   - private Set<OAuth2ClientsDomainParams> domainsParams;
30   -}
\ No newline at end of file
  31 + private List<OAuth2ClientsDomainParams> domainsParams;
  32 +}
... ...
... ... @@ -32,19 +32,19 @@ public class OAuth2Utils {
32 32 }
33 33
34 34 public static OAuth2ClientsParams toOAuth2Params(List<ExtendedOAuth2ClientRegistrationInfo> extendedOAuth2ClientRegistrationInfos) {
35   - Map<OAuth2ClientRegistrationInfoId, Set<DomainInfo>> domainsByInfoId = new HashMap<>();
36   - Map<OAuth2ClientRegistrationInfoId, OAuth2ClientRegistrationInfo> infoById = new HashMap<>();
  35 + Map<OAuth2ClientRegistrationInfoId, List<DomainInfo>> domainsByInfoId = new LinkedHashMap<>();
  36 + Map<OAuth2ClientRegistrationInfoId, OAuth2ClientRegistrationInfo> infoById = new LinkedHashMap<>();
37 37 for (ExtendedOAuth2ClientRegistrationInfo extendedClientRegistrationInfo : extendedOAuth2ClientRegistrationInfos) {
38 38 String domainName = extendedClientRegistrationInfo.getDomainName();
39 39 SchemeType domainScheme = extendedClientRegistrationInfo.getDomainScheme();
40   - domainsByInfoId.computeIfAbsent(extendedClientRegistrationInfo.getId(), key -> new HashSet<>())
  40 + domainsByInfoId.computeIfAbsent(extendedClientRegistrationInfo.getId(), key -> new ArrayList<>())
41 41 .add(new DomainInfo(domainScheme, domainName));
42 42 infoById.put(extendedClientRegistrationInfo.getId(), extendedClientRegistrationInfo);
43 43 }
44   - Map<Set<DomainInfo>, OAuth2ClientsDomainParams> domainParamsMap = new HashMap<>();
  44 + Map<List<DomainInfo>, OAuth2ClientsDomainParams> domainParamsMap = new HashMap<>();
45 45 domainsByInfoId.forEach((clientRegistrationInfoId, domainInfos) -> {
46 46 domainParamsMap.computeIfAbsent(domainInfos,
47   - key -> new OAuth2ClientsDomainParams(key, new HashSet<>())
  47 + key -> new OAuth2ClientsDomainParams(key, new ArrayList<>())
48 48 )
49 49 .getClientRegistrations()
50 50 .add(toClientRegistrationDto(infoById.get(clientRegistrationInfoId)));
... ... @@ -52,7 +52,7 @@ public class OAuth2Utils {
52 52 boolean enabled = extendedOAuth2ClientRegistrationInfos.stream()
53 53 .map(OAuth2ClientRegistrationInfo::isEnabled)
54 54 .findFirst().orElse(false);
55   - return new OAuth2ClientsParams(enabled, new HashSet<>(domainParamsMap.values()));
  55 + return new OAuth2ClientsParams(enabled, new ArrayList<>(domainParamsMap.values()));
56 56 }
57 57
58 58 public static ClientRegistrationDto toClientRegistrationDto(OAuth2ClientRegistrationInfo oAuth2ClientRegistrationInfo) {
... ...
... ... @@ -15,6 +15,7 @@
15 15 */
16 16 package org.thingsboard.server.dao.service;
17 17
  18 +import com.google.common.collect.Lists;
18 19 import com.google.common.collect.Sets;
19 20 import org.junit.After;
20 21 import org.junit.Assert;
... ... @@ -29,7 +30,7 @@ import java.util.*;
29 30 import java.util.stream.Collectors;
30 31
31 32 public class BaseOAuth2ServiceTest extends AbstractServiceTest {
32   - private static final OAuth2ClientsParams EMPTY_PARAMS = new OAuth2ClientsParams(false, new HashSet<>());
  33 + private static final OAuth2ClientsParams EMPTY_PARAMS = new OAuth2ClientsParams(false, new ArrayList<>());
33 34
34 35 @Autowired
35 36 protected OAuth2Service oAuth2Service;
... ... @@ -48,14 +49,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
48 49
49 50 @Test(expected = DataValidationException.class)
50 51 public void testSaveHttpAndMixedDomainsTogether() {
51   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  52 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
52 53 OAuth2ClientsDomainParams.builder()
53   - .domainInfos(Sets.newHashSet(
  54 + .domainInfos(Lists.newArrayList(
54 55 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
55 56 DomainInfo.builder().name("first-domain").scheme(SchemeType.MIXED).build(),
56 57 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
57 58 ))
58   - .clientRegistrations(Sets.newHashSet(
  59 + .clientRegistrations(Lists.newArrayList(
59 60 validClientRegistrationDto(),
60 61 validClientRegistrationDto(),
61 62 validClientRegistrationDto()
... ... @@ -67,14 +68,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
67 68
68 69 @Test(expected = DataValidationException.class)
69 70 public void testSaveHttpsAndMixedDomainsTogether() {
70   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  71 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
71 72 OAuth2ClientsDomainParams.builder()
72   - .domainInfos(Sets.newHashSet(
  73 + .domainInfos(Lists.newArrayList(
73 74 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTPS).build(),
74 75 DomainInfo.builder().name("first-domain").scheme(SchemeType.MIXED).build(),
75 76 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
76 77 ))
77   - .clientRegistrations(Sets.newHashSet(
  78 + .clientRegistrations(Lists.newArrayList(
78 79 validClientRegistrationDto(),
79 80 validClientRegistrationDto(),
80 81 validClientRegistrationDto()
... ... @@ -131,20 +132,20 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
131 132 Assert.assertNotNull(foundClientsParams);
132 133 Assert.assertEquals(clientsParams, foundClientsParams);
133 134
134   - OAuth2ClientsParams newClientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  135 + OAuth2ClientsParams newClientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
135 136 OAuth2ClientsDomainParams.builder()
136   - .domainInfos(Sets.newHashSet(
  137 + .domainInfos(Lists.newArrayList(
137 138 DomainInfo.builder().name("another-domain").scheme(SchemeType.HTTPS).build()
138 139 ))
139   - .clientRegistrations(Sets.newHashSet(
  140 + .clientRegistrations(Lists.newArrayList(
140 141 validClientRegistrationDto()
141 142 ))
142 143 .build(),
143 144 OAuth2ClientsDomainParams.builder()
144   - .domainInfos(Sets.newHashSet(
  145 + .domainInfos(Lists.newArrayList(
145 146 DomainInfo.builder().name("test-domain").scheme(SchemeType.MIXED).build()
146 147 ))
147   - .clientRegistrations(Sets.newHashSet(
  148 + .clientRegistrations(Lists.newArrayList(
148 149 validClientRegistrationDto()
149 150 ))
150 151 .build()
... ... @@ -157,22 +158,22 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
157 158
158 159 @Test
159 160 public void testGetOAuth2Clients() {
160   - Set<ClientRegistrationDto> firstGroup = Sets.newHashSet(
  161 + List<ClientRegistrationDto> firstGroup = Lists.newArrayList(
161 162 validClientRegistrationDto(),
162 163 validClientRegistrationDto(),
163 164 validClientRegistrationDto(),
164 165 validClientRegistrationDto()
165 166 );
166   - Set<ClientRegistrationDto> secondGroup = Sets.newHashSet(
  167 + List<ClientRegistrationDto> secondGroup = Lists.newArrayList(
167 168 validClientRegistrationDto(),
168 169 validClientRegistrationDto()
169 170 );
170   - Set<ClientRegistrationDto> thirdGroup = Sets.newHashSet(
  171 + List<ClientRegistrationDto> thirdGroup = Lists.newArrayList(
171 172 validClientRegistrationDto()
172 173 );
173   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  174 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
174 175 OAuth2ClientsDomainParams.builder()
175   - .domainInfos(Sets.newHashSet(
  176 + .domainInfos(Lists.newArrayList(
176 177 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
177 178 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
178 179 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
... ... @@ -180,14 +181,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
180 181 .clientRegistrations(firstGroup)
181 182 .build(),
182 183 OAuth2ClientsDomainParams.builder()
183   - .domainInfos(Sets.newHashSet(
  184 + .domainInfos(Lists.newArrayList(
184 185 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTP).build(),
185 186 DomainInfo.builder().name("fourth-domain").scheme(SchemeType.MIXED).build()
186 187 ))
187 188 .clientRegistrations(secondGroup)
188 189 .build(),
189 190 OAuth2ClientsDomainParams.builder()
190   - .domainInfos(Sets.newHashSet(
  191 + .domainInfos(Lists.newArrayList(
191 192 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTPS).build(),
192 193 DomainInfo.builder().name("fifth-domain").scheme(SchemeType.HTTP).build()
193 194 ))
... ... @@ -285,15 +286,15 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
285 286
286 287 @Test
287 288 public void testGetOAuth2ClientsForHttpAndHttps() {
288   - Set<ClientRegistrationDto> firstGroup = Sets.newHashSet(
  289 + List<ClientRegistrationDto> firstGroup = Lists.newArrayList(
289 290 validClientRegistrationDto(),
290 291 validClientRegistrationDto(),
291 292 validClientRegistrationDto(),
292 293 validClientRegistrationDto()
293 294 );
294   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  295 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
295 296 OAuth2ClientsDomainParams.builder()
296   - .domainInfos(Sets.newHashSet(
  297 + .domainInfos(Lists.newArrayList(
297 298 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
298 299 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
299 300 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTPS).build()
... ... @@ -335,25 +336,25 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
335 336
336 337 @Test
337 338 public void testGetDisabledOAuth2Clients() {
338   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  339 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
339 340 OAuth2ClientsDomainParams.builder()
340   - .domainInfos(Sets.newHashSet(
  341 + .domainInfos(Lists.newArrayList(
341 342 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
342 343 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
343 344 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
344 345 ))
345   - .clientRegistrations(Sets.newHashSet(
  346 + .clientRegistrations(Lists.newArrayList(
346 347 validClientRegistrationDto(),
347 348 validClientRegistrationDto(),
348 349 validClientRegistrationDto()
349 350 ))
350 351 .build(),
351 352 OAuth2ClientsDomainParams.builder()
352   - .domainInfos(Sets.newHashSet(
  353 + .domainInfos(Lists.newArrayList(
353 354 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTP).build(),
354 355 DomainInfo.builder().name("fourth-domain").scheme(SchemeType.MIXED).build()
355 356 ))
356   - .clientRegistrations(Sets.newHashSet(
  357 + .clientRegistrations(Lists.newArrayList(
357 358 validClientRegistrationDto(),
358 359 validClientRegistrationDto()
359 360 ))
... ... @@ -374,35 +375,35 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
374 375
375 376 @Test
376 377 public void testFindAllClientRegistrationInfos() {
377   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  378 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
378 379 OAuth2ClientsDomainParams.builder()
379   - .domainInfos(Sets.newHashSet(
  380 + .domainInfos(Lists.newArrayList(
380 381 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
381 382 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
382 383 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
383 384 ))
384   - .clientRegistrations(Sets.newHashSet(
  385 + .clientRegistrations(Lists.newArrayList(
385 386 validClientRegistrationDto(),
386 387 validClientRegistrationDto(),
387 388 validClientRegistrationDto()
388 389 ))
389 390 .build(),
390 391 OAuth2ClientsDomainParams.builder()
391   - .domainInfos(Sets.newHashSet(
  392 + .domainInfos(Lists.newArrayList(
392 393 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTP).build(),
393 394 DomainInfo.builder().name("fourth-domain").scheme(SchemeType.MIXED).build()
394 395 ))
395   - .clientRegistrations(Sets.newHashSet(
  396 + .clientRegistrations(Lists.newArrayList(
396 397 validClientRegistrationDto(),
397 398 validClientRegistrationDto()
398 399 ))
399 400 .build(),
400 401 OAuth2ClientsDomainParams.builder()
401   - .domainInfos(Sets.newHashSet(
  402 + .domainInfos(Lists.newArrayList(
402 403 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTPS).build(),
403 404 DomainInfo.builder().name("fifth-domain").scheme(SchemeType.HTTP).build()
404 405 ))
405   - .clientRegistrations(Sets.newHashSet(
  406 + .clientRegistrations(Lists.newArrayList(
406 407 validClientRegistrationDto()
407 408 ))
408 409 .build()
... ... @@ -423,35 +424,35 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
423 424
424 425 @Test
425 426 public void testFindClientRegistrationById() {
426   - OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Sets.newHashSet(
  427 + OAuth2ClientsParams clientsParams = new OAuth2ClientsParams(true, Lists.newArrayList(
427 428 OAuth2ClientsDomainParams.builder()
428   - .domainInfos(Sets.newHashSet(
  429 + .domainInfos(Lists.newArrayList(
429 430 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
430 431 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
431 432 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
432 433 ))
433   - .clientRegistrations(Sets.newHashSet(
  434 + .clientRegistrations(Lists.newArrayList(
434 435 validClientRegistrationDto(),
435 436 validClientRegistrationDto(),
436 437 validClientRegistrationDto()
437 438 ))
438 439 .build(),
439 440 OAuth2ClientsDomainParams.builder()
440   - .domainInfos(Sets.newHashSet(
  441 + .domainInfos(Lists.newArrayList(
441 442 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTP).build(),
442 443 DomainInfo.builder().name("fourth-domain").scheme(SchemeType.MIXED).build()
443 444 ))
444   - .clientRegistrations(Sets.newHashSet(
  445 + .clientRegistrations(Lists.newArrayList(
445 446 validClientRegistrationDto(),
446 447 validClientRegistrationDto()
447 448 ))
448 449 .build(),
449 450 OAuth2ClientsDomainParams.builder()
450   - .domainInfos(Sets.newHashSet(
  451 + .domainInfos(Lists.newArrayList(
451 452 DomainInfo.builder().name("second-domain").scheme(SchemeType.HTTPS).build(),
452 453 DomainInfo.builder().name("fifth-domain").scheme(SchemeType.HTTP).build()
453 454 ))
454   - .clientRegistrations(Sets.newHashSet(
  455 + .clientRegistrations(Lists.newArrayList(
455 456 validClientRegistrationDto()
456 457 ))
457 458 .build()
... ... @@ -466,14 +467,14 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
466 467 }
467 468
468 469 private OAuth2ClientsParams createDefaultClientsParams() {
469   - return new OAuth2ClientsParams(true, Sets.newHashSet(
  470 + return new OAuth2ClientsParams(true, Lists.newArrayList(
470 471 OAuth2ClientsDomainParams.builder()
471   - .domainInfos(Sets.newHashSet(
  472 + .domainInfos(Lists.newArrayList(
472 473 DomainInfo.builder().name("first-domain").scheme(SchemeType.HTTP).build(),
473 474 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
474 475 DomainInfo.builder().name("third-domain").scheme(SchemeType.HTTPS).build()
475 476 ))
476   - .clientRegistrations(Sets.newHashSet(
  477 + .clientRegistrations(Lists.newArrayList(
477 478 validClientRegistrationDto(),
478 479 validClientRegistrationDto(),
479 480 validClientRegistrationDto(),
... ... @@ -481,11 +482,11 @@ public class BaseOAuth2ServiceTest extends AbstractServiceTest {
481 482 ))
482 483 .build(),
483 484 OAuth2ClientsDomainParams.builder()
484   - .domainInfos(Sets.newHashSet(
  485 + .domainInfos(Lists.newArrayList(
485 486 DomainInfo.builder().name("second-domain").scheme(SchemeType.MIXED).build(),
486 487 DomainInfo.builder().name("fourth-domain").scheme(SchemeType.MIXED).build()
487 488 ))
488   - .clientRegistrations(Sets.newHashSet(
  489 + .clientRegistrations(Lists.newArrayList(
489 490 validClientRegistrationDto(),
490 491 validClientRegistrationDto()
491 492 ))
... ...
... ... @@ -41,4 +41,8 @@ export class OAuth2Service {
41 41 return this.http.post<OAuth2ClientsParams>('/api/oauth2/config', OAuth2Setting,
42 42 defaultHttpOptionsFromConfig(config));
43 43 }
  44 +
  45 + public getLoginProcessingUrl(config?: RequestConfig): Observable<string> {
  46 + return this.http.get<string>(`/api/oauth2/loginProcessingUrl`, defaultHttpOptionsFromConfig(config));
  47 + }
44 48 }
... ...
... ... @@ -14,8 +14,8 @@
14 14 /// limitations under the License.
15 15 ///
16 16
17   -import { NgModule } from '@angular/core';
18   -import { RouterModule, Routes } from '@angular/router';
  17 +import { Injectable, NgModule } from '@angular/core';
  18 +import { Resolve, RouterModule, Routes } from '@angular/router';
19 19
20 20 import { MailServerComponent } from '@modules/home/pages/admin/mail-server.component';
21 21 import { ConfirmOnExitGuard } from '@core/guards/confirm-on-exit.guard';
... ... @@ -23,6 +23,25 @@ import { Authority } from '@shared/models/authority.enum';
23 23 import { GeneralSettingsComponent } from '@modules/home/pages/admin/general-settings.component';
24 24 import { SecuritySettingsComponent } from '@modules/home/pages/admin/security-settings.component';
25 25 import { OAuth2SettingsComponent } from '@home/pages/admin/oauth2-settings.component';
  26 +import { User } from '@shared/models/user.model';
  27 +import { Store } from '@ngrx/store';
  28 +import { AppState } from '@core/core.state';
  29 +import { UserService } from '@core/http/user.service';
  30 +import { Observable } from 'rxjs';
  31 +import { getCurrentAuthUser } from '@core/auth/auth.selectors';
  32 +import { OAuth2Service } from '@core/http/oauth2.service';
  33 +import { UserProfileResolver } from '@home/pages/profile/profile-routing.module';
  34 +
  35 +@Injectable()
  36 +export class OAuth2LoginProcessingUrlResolver implements Resolve<string> {
  37 +
  38 + constructor(private oauth2Service: OAuth2Service) {
  39 + }
  40 +
  41 + resolve(): Observable<string> {
  42 + return this.oauth2Service.getLoginProcessingUrl();
  43 + }
  44 +}
26 45
27 46 const routes: Routes = [
28 47 {
... ... @@ -90,6 +109,9 @@ const routes: Routes = [
90 109 label: 'admin.oauth2.oauth2',
91 110 icon: 'security'
92 111 }
  112 + },
  113 + resolve: {
  114 + loginProcessingUrl: OAuth2LoginProcessingUrlResolver
93 115 }
94 116 }
95 117 ]
... ... @@ -98,6 +120,9 @@ const routes: Routes = [
98 120
99 121 @NgModule({
100 122 imports: [RouterModule.forChild(routes)],
101   - exports: [RouterModule]
  123 + exports: [RouterModule],
  124 + providers: [
  125 + OAuth2LoginProcessingUrlResolver
  126 + ]
102 127 })
103 128 export class AdminRoutingModule { }
... ...
... ... @@ -43,6 +43,7 @@ import { DialogService } from '@core/services/dialog.service';
43 43 import { TranslateService } from '@ngx-translate/core';
44 44 import { isDefined, isDefinedAndNotNull } from '@core/utils';
45 45 import { OAuth2Service } from '@core/http/oauth2.service';
  46 +import { ActivatedRoute } from '@angular/router';
46 47
47 48 @Component({
48 49 selector: 'tb-oauth2-settings',
... ... @@ -87,7 +88,10 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
87 88
88 89 templateProvider = ['Custom'];
89 90
  91 + private loginProcessingUrl: string = this.route.snapshot.data.loginProcessingUrl;
  92 +
90 93 constructor(protected store: Store<AppState>,
  94 + private route: ActivatedRoute,
91 95 private oauth2Service: OAuth2Service,
92 96 private fb: FormBuilder,
93 97 private dialogService: DialogService,
... ... @@ -130,7 +134,7 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
130 134 return this.oauth2SettingsForm.get('domainsParams') as FormArray;
131 135 }
132 136
133   - private formBasicGroup(mapperConfigBasic?: MapperConfigBasic): FormGroup {
  137 + private formBasicGroup(type: MapperConfigType, mapperConfigBasic?: MapperConfigBasic): FormGroup {
134 138 let tenantNamePattern;
135 139 if (mapperConfigBasic?.tenantNamePattern) {
136 140 tenantNamePattern = mapperConfigBasic.tenantNamePattern;
... ... @@ -138,16 +142,20 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
138 142 tenantNamePattern = {value: null, disabled: true};
139 143 }
140 144 const basicGroup = this.fb.group({
141   - emailAttributeKey: [mapperConfigBasic?.emailAttributeKey ? mapperConfigBasic.emailAttributeKey : 'email', Validators.required],
142 145 firstNameAttributeKey: [mapperConfigBasic?.firstNameAttributeKey ? mapperConfigBasic.firstNameAttributeKey : ''],
143 146 lastNameAttributeKey: [mapperConfigBasic?.lastNameAttributeKey ? mapperConfigBasic.lastNameAttributeKey : ''],
144 147 tenantNameStrategy: [mapperConfigBasic?.tenantNameStrategy ? mapperConfigBasic.tenantNameStrategy : TenantNameStrategy.DOMAIN],
145 148 tenantNamePattern: [tenantNamePattern, Validators.required],
146 149 customerNamePattern: [mapperConfigBasic?.customerNamePattern ? mapperConfigBasic.customerNamePattern : null],
147 150 defaultDashboardName: [mapperConfigBasic?.defaultDashboardName ? mapperConfigBasic.defaultDashboardName : null],
148   - alwaysFullScreen: [mapperConfigBasic?.alwaysFullScreen ? mapperConfigBasic.alwaysFullScreen : false]
  151 + alwaysFullScreen: [isDefinedAndNotNull(mapperConfigBasic?.alwaysFullScreen) ? mapperConfigBasic.alwaysFullScreen : false]
149 152 });
150 153
  154 + if (MapperConfigType.GITHUB !== type) {
  155 + basicGroup.addControl('emailAttributeKey',
  156 + this.fb.control( mapperConfigBasic?.emailAttributeKey ? mapperConfigBasic.emailAttributeKey : 'email', Validators.required));
  157 + }
  158 +
151 159 this.subscriptions.push(basicGroup.get('tenantNameStrategy').valueChanges.subscribe((domain) => {
152 160 if (domain === 'CUSTOM') {
153 161 basicGroup.get('tenantNamePattern').enable();
... ... @@ -279,9 +287,12 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
279 287 clientRegistration?.userNameAttributeName ? clientRegistration.userNameAttributeName : 'email', Validators.required],
280 288 mapperConfig: this.fb.group({
281 289 allowUserCreation: [
282   - clientRegistration?.mapperConfig?.allowUserCreation ? clientRegistration.mapperConfig.allowUserCreation : true
  290 + isDefinedAndNotNull(clientRegistration?.mapperConfig?.allowUserCreation) ?
  291 + clientRegistration.mapperConfig.allowUserCreation : true
  292 + ],
  293 + activateUser: [
  294 + isDefinedAndNotNull(clientRegistration?.mapperConfig?.activateUser) ? clientRegistration.mapperConfig.activateUser : false
283 295 ],
284   - activateUser: [clientRegistration?.mapperConfig?.activateUser ? clientRegistration.mapperConfig.activateUser : false],
285 296 type: [
286 297 clientRegistration?.mapperConfig?.type ? clientRegistration.mapperConfig.type : MapperConfigType.BASIC, Validators.required
287 298 ]
... ... @@ -308,7 +319,7 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
308 319 return clientRegistrationFormGroup;
309 320 }
310 321
311   - private validateScope (control: AbstractControl): ValidationErrors | null {
  322 + private validateScope(control: AbstractControl): ValidationErrors | null {
312 323 const scope: string[] = control.value;
313 324 if (!scope || !scope.length) {
314 325 return {
... ... @@ -347,7 +358,11 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
347 358 mapperConfig.addControl('custom', this.formCustomGroup(predefinedValue?.custom));
348 359 } else {
349 360 mapperConfig.removeControl('custom');
350   - mapperConfig.addControl('basic', this.formBasicGroup(predefinedValue?.basic));
  361 + if (mapperConfig.get('basic')) {
  362 + mapperConfig.setControl('basic', this.formBasicGroup(type, predefinedValue?.basic));
  363 + } else {
  364 + mapperConfig.addControl('basic', this.formBasicGroup(type, predefinedValue?.basic));
  365 + }
351 366 }
352 367 }
353 368
... ... @@ -490,7 +505,7 @@ export class OAuth2SettingsComponent extends PageComponent implements OnInit, Ha
490 505 } else {
491 506 protocol = domainInfo.scheme === DomainSchema.MIXED ? DomainSchema.HTTPS.toLowerCase() : domainInfo.scheme.toLowerCase();
492 507 }
493   - return `${protocol}://${domainInfo.name}/login/oauth2/code/`;
  508 + return `${protocol}://${domainInfo.name}${this.loginProcessingUrl}`;
494 509 }
495 510 return '';
496 511 }
... ...