简柏林 / thingskit · Commits

Commit 79cd0c273eda51029749e9f7783cd03763a3a068

Authored by viktor
1 parent 6a2bc5a9

Implemented OAuth2Controller

Inline Side-by-side
Showing 4 changed files with 77 additions and 21 deletions
... ... @@ -84,9 +84,6 @@ public class AuthController extends BaseController {
84 84 @Autowired
85 85 private AuditLogService auditLogService;
86 86
87   - @Autowired
88   - private OAuth2Service oauth2Service;
89   -
90 87 @PreAuthorize("isAuthenticated()")
91 88 @RequestMapping(value = "/auth/user", method = RequestMethod.GET)
92 89 public @ResponseBody User getUser() throws ThingsboardException {
... ... @@ -336,15 +333,4 @@ public class AuthController extends BaseController {
336 333 throw handleException(e);
337 334 }
338 335 }
339   -
340   - // TODO ask why POST
341   - @RequestMapping(value = "/noauth/oauth2Clients", method = RequestMethod.POST)
342   - @ResponseBody
343   - public List<OAuth2ClientInfo> getOAuth2Clients(HttpServletRequest request) throws ThingsboardException {
344   - try {
345   - return oauth2Service.getOAuth2Clients(request.getServerName());
346   - } catch (Exception e) {
347   - throw handleException(e);
348   - }
349   - }
350 336 }
... ...
... ... @@ -17,12 +17,23 @@ package org.thingsboard.server.controller;
17 17
18 18 import lombok.extern.slf4j.Slf4j;
19 19 import org.springframework.beans.factory.annotation.Autowired;
  20 +import org.springframework.http.HttpStatus;
20 21 import org.springframework.security.access.prepost.PreAuthorize;
21 22 import org.springframework.web.bind.annotation.*;
22 23 import org.thingsboard.server.common.data.exception.ThingsboardException;
  24 +import org.thingsboard.server.common.data.id.EntityId;
  25 +import org.thingsboard.server.common.data.id.TenantId;
  26 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
23 27 import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
  28 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
  29 +import org.thingsboard.server.common.data.security.Authority;
24 30 import org.thingsboard.server.dao.oauth2.OAuth2Service;
25 31 import org.thingsboard.server.queue.util.TbCoreComponent;
  32 +import org.thingsboard.server.service.security.permission.Operation;
  33 +import org.thingsboard.server.service.security.permission.Resource;
  34 +
  35 +import javax.servlet.http.HttpServletRequest;
  36 +import java.util.List;
26 37
27 38 @RestController
28 39 @TbCoreComponent
... ... @@ -34,14 +45,68 @@ public class OAuth2Controller extends BaseController {
34 45 @Autowired
35 46 private OAuth2Service oauth2Service;
36 47
37   - @PreAuthorize("hasAnyAuthority('SYS_ADMIN')")
38   - @RequestMapping(value = "/oauth2/config/{" + REGISTRATION_ID + "}", method = RequestMethod.GET)
  48 + // TODO ask why POST
  49 + @RequestMapping(value = "/noauth/oauth2Clients", method = RequestMethod.POST)
  50 + @ResponseBody
  51 + public List<OAuth2ClientInfo> getOAuth2Clients(HttpServletRequest request) throws ThingsboardException {
  52 + try {
  53 + return oauth2Service.getOAuth2Clients(request.getServerName());
  54 + } catch (Exception e) {
  55 + throw handleException(e);
  56 + }
  57 + }
  58 +
  59 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
  60 + @RequestMapping(value = "/oauth2/currentOAuth2Configuration", method = RequestMethod.GET, produces = "application/json")
  61 + @ResponseBody
  62 + public OAuth2ClientsParams getCurrentOAuth2ClientsParams() throws ThingsboardException {
  63 + try {
  64 + Authority authority = getCurrentUser().getAuthority();
  65 + checkOAuth2ConfigPermissions(Operation.READ);
  66 + OAuth2ClientsParams oAuth2ClientsParams = null;
  67 + if (Authority.SYS_ADMIN.equals(authority)) {
  68 + oAuth2ClientsParams = oauth2Service.getSystemOAuth2ClientsParams(TenantId.SYS_TENANT_ID);
  69 + } else if (Authority.TENANT_ADMIN.equals(authority)) {
  70 + oAuth2ClientsParams = oauth2Service.getTenantOAuth2ClientsParams(getCurrentUser().getTenantId());
  71 + }
  72 + return oAuth2ClientsParams;
  73 + } catch (Exception e) {
  74 + throw handleException(e);
  75 + }
  76 + }
  77 +
  78 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
  79 + @RequestMapping(value = "/oauth2/oAuth2Configuration", method = RequestMethod.POST)
  80 + @ResponseStatus(value = HttpStatus.OK)
  81 + public OAuth2ClientsParams saveLoginWhiteLabelParams(@RequestBody OAuth2ClientsParams oAuth2ClientsParams) throws ThingsboardException {
  82 + try {
  83 + Authority authority = getCurrentUser().getAuthority();
  84 + checkOAuth2ConfigPermissions(Operation.WRITE);
  85 + OAuth2ClientsParams savedOAuth2ClientsParams = null;
  86 + if (Authority.SYS_ADMIN.equals(authority)) {
  87 + savedOAuth2ClientsParams = oauth2Service.saveSystemOAuth2ClientsParams(oAuth2ClientsParams);
  88 + } else if (Authority.TENANT_ADMIN.equals(authority)) {
  89 + savedOAuth2ClientsParams = oauth2Service.saveTenantOAuth2ClientsParams(getCurrentUser().getTenantId(), oAuth2ClientsParams);
  90 + }
  91 + return savedOAuth2ClientsParams;
  92 + } catch (Exception e) {
  93 + throw handleException(e);
  94 + }
  95 + }
  96 +
  97 + @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
  98 + @RequestMapping(value = "/oauth2/isOAuth2ConfigurationAllowed", method = RequestMethod.GET)
39 99 @ResponseBody
40   - public OAuth2ClientRegistration getClientRegistrationById(@PathVariable(REGISTRATION_ID) String registrationId) throws ThingsboardException {
  100 + public Boolean isOAuth2ConfigurationAllowed() throws ThingsboardException {
41 101 try {
42   - return oauth2Service.getClientRegistration(registrationId);
  102 + return oauth2Service.isOAuth2ClientRegistrationAllowed(getTenantId());
43 103 } catch (Exception e) {
44 104 throw handleException(e);
45 105 }
46 106 }
  107 +
  108 +
  109 + private void checkOAuth2ConfigPermissions(Operation operation) throws ThingsboardException {
  110 + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation);
  111 + }
47 112 }
... ...
... ... @@ -31,7 +31,9 @@ public enum Resource {
31 31 RULE_CHAIN(EntityType.RULE_CHAIN),
32 32 USER(EntityType.USER),
33 33 WIDGETS_BUNDLE(EntityType.WIDGETS_BUNDLE),
34   - WIDGET_TYPE(EntityType.WIDGET_TYPE);
  34 + WIDGET_TYPE(EntityType.WIDGET_TYPE),
  35 + OAUTH2_CONFIGURATION(),
  36 + ;
35 37
36 38 private final EntityType entityType;
37 39
... ...
... ... @@ -75,14 +75,17 @@ public class OAuth2ServiceImpl implements OAuth2Service {
75 75
76 76 private final Map<String, OAuth2ClientRegistration> clientRegistrationsByRegistrationId = new ConcurrentHashMap<>();
77 77
  78 +
  79 + // TODO add field that invalidates cache in case write to cache fails after successful saving in DB
78 80 @PostConstruct
79 81 public void init(){
80   -
  82 + OAuth2ClientsParams systemOAuth2ClientsParams = getSystemOAuth2ClientsParams(TenantId.SYS_TENANT_ID);
  83 + // TODO get all attributes with key OAUTH2_CLIENT_REGISTRATIONS_PARAMS and put into the map
81 84 }
82 85
83 86 @Override
84 87 public OAuth2ClientRegistration getClientRegistration(String registrationId) {
85   - return null;
  88 + return clientRegistrationsByRegistrationId.get(registrationId);
86 89 }
87 90
88 91 @Override
... ...