简柏林 / thingskit · Commits

Commit 79cd0c273eda51029749e9f7783cd03763a3a068

Authored by viktor
1 parent 6a2bc5a9

Implemented OAuth2Controller

Inline Side-by-side
Showing 4 changed files with 77 additions and 21 deletions
@@ -84,9 +84,6 @@ public class AuthController extends BaseController { @@ -84,9 +84,6 @@ public class AuthController extends BaseController {
84 @Autowired 84 @Autowired
85 private AuditLogService auditLogService; 85 private AuditLogService auditLogService;
86 86
87 - @Autowired  
88 - private OAuth2Service oauth2Service;  
89 -  
90 @PreAuthorize("isAuthenticated()") 87 @PreAuthorize("isAuthenticated()")
91 @RequestMapping(value = "/auth/user", method = RequestMethod.GET) 88 @RequestMapping(value = "/auth/user", method = RequestMethod.GET)
92 public @ResponseBody User getUser() throws ThingsboardException { 89 public @ResponseBody User getUser() throws ThingsboardException {
@@ -336,15 +333,4 @@ public class AuthController extends BaseController { @@ -336,15 +333,4 @@ public class AuthController extends BaseController {
336 throw handleException(e); 333 throw handleException(e);
337 } 334 }
338 } 335 }
339 -  
340 - // TODO ask why POST  
341 - @RequestMapping(value = "/noauth/oauth2Clients", method = RequestMethod.POST)  
342 - @ResponseBody  
343 - public List<OAuth2ClientInfo> getOAuth2Clients(HttpServletRequest request) throws ThingsboardException {  
344 - try {  
345 - return oauth2Service.getOAuth2Clients(request.getServerName());  
346 - } catch (Exception e) {  
347 - throw handleException(e);  
348 - }  
349 - }  
350 } 336 }
@@ -17,12 +17,23 @@ package org.thingsboard.server.controller; @@ -17,12 +17,23 @@ package org.thingsboard.server.controller;
17 17
18 import lombok.extern.slf4j.Slf4j; 18 import lombok.extern.slf4j.Slf4j;
19 import org.springframework.beans.factory.annotation.Autowired; 19 import org.springframework.beans.factory.annotation.Autowired;
  20 +import org.springframework.http.HttpStatus;
20 import org.springframework.security.access.prepost.PreAuthorize; 21 import org.springframework.security.access.prepost.PreAuthorize;
21 import org.springframework.web.bind.annotation.*; 22 import org.springframework.web.bind.annotation.*;
22 import org.thingsboard.server.common.data.exception.ThingsboardException; 23 import org.thingsboard.server.common.data.exception.ThingsboardException;
  24 +import org.thingsboard.server.common.data.id.EntityId;
  25 +import org.thingsboard.server.common.data.id.TenantId;
  26 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientInfo;
23 import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration; 27 import org.thingsboard.server.common.data.oauth2.OAuth2ClientRegistration;
  28 +import org.thingsboard.server.common.data.oauth2.OAuth2ClientsParams;
  29 +import org.thingsboard.server.common.data.security.Authority;
24 import org.thingsboard.server.dao.oauth2.OAuth2Service; 30 import org.thingsboard.server.dao.oauth2.OAuth2Service;
25 import org.thingsboard.server.queue.util.TbCoreComponent; 31 import org.thingsboard.server.queue.util.TbCoreComponent;
  32 +import org.thingsboard.server.service.security.permission.Operation;
  33 +import org.thingsboard.server.service.security.permission.Resource;
  34 +
  35 +import javax.servlet.http.HttpServletRequest;
  36 +import java.util.List;
26 37
27 @RestController 38 @RestController
28 @TbCoreComponent 39 @TbCoreComponent
@@ -34,14 +45,68 @@ public class OAuth2Controller extends BaseController { @@ -34,14 +45,68 @@ public class OAuth2Controller extends BaseController {
34 @Autowired 45 @Autowired
35 private OAuth2Service oauth2Service; 46 private OAuth2Service oauth2Service;
36 47
37 - @PreAuthorize("hasAnyAuthority('SYS_ADMIN')")  
38 - @RequestMapping(value = "/oauth2/config/{" + REGISTRATION_ID + "}", method = RequestMethod.GET) 48 + // TODO ask why POST
  49 + @RequestMapping(value = "/noauth/oauth2Clients", method = RequestMethod.POST)
  50 + @ResponseBody
  51 + public List<OAuth2ClientInfo> getOAuth2Clients(HttpServletRequest request) throws ThingsboardException {
  52 + try {
  53 + return oauth2Service.getOAuth2Clients(request.getServerName());
  54 + } catch (Exception e) {
  55 + throw handleException(e);
  56 + }
  57 + }
  58 +
  59 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
  60 + @RequestMapping(value = "/oauth2/currentOAuth2Configuration", method = RequestMethod.GET, produces = "application/json")
  61 + @ResponseBody
  62 + public OAuth2ClientsParams getCurrentOAuth2ClientsParams() throws ThingsboardException {
  63 + try {
  64 + Authority authority = getCurrentUser().getAuthority();
  65 + checkOAuth2ConfigPermissions(Operation.READ);
  66 + OAuth2ClientsParams oAuth2ClientsParams = null;
  67 + if (Authority.SYS_ADMIN.equals(authority)) {
  68 + oAuth2ClientsParams = oauth2Service.getSystemOAuth2ClientsParams(TenantId.SYS_TENANT_ID);
  69 + } else if (Authority.TENANT_ADMIN.equals(authority)) {
  70 + oAuth2ClientsParams = oauth2Service.getTenantOAuth2ClientsParams(getCurrentUser().getTenantId());
  71 + }
  72 + return oAuth2ClientsParams;
  73 + } catch (Exception e) {
  74 + throw handleException(e);
  75 + }
  76 + }
  77 +
  78 + @PreAuthorize("hasAnyAuthority('SYS_ADMIN', 'TENANT_ADMIN')")
  79 + @RequestMapping(value = "/oauth2/oAuth2Configuration", method = RequestMethod.POST)
  80 + @ResponseStatus(value = HttpStatus.OK)
  81 + public OAuth2ClientsParams saveLoginWhiteLabelParams(@RequestBody OAuth2ClientsParams oAuth2ClientsParams) throws ThingsboardException {
  82 + try {
  83 + Authority authority = getCurrentUser().getAuthority();
  84 + checkOAuth2ConfigPermissions(Operation.WRITE);
  85 + OAuth2ClientsParams savedOAuth2ClientsParams = null;
  86 + if (Authority.SYS_ADMIN.equals(authority)) {
  87 + savedOAuth2ClientsParams = oauth2Service.saveSystemOAuth2ClientsParams(oAuth2ClientsParams);
  88 + } else if (Authority.TENANT_ADMIN.equals(authority)) {
  89 + savedOAuth2ClientsParams = oauth2Service.saveTenantOAuth2ClientsParams(getCurrentUser().getTenantId(), oAuth2ClientsParams);
  90 + }
  91 + return savedOAuth2ClientsParams;
  92 + } catch (Exception e) {
  93 + throw handleException(e);
  94 + }
  95 + }
  96 +
  97 + @PreAuthorize("hasAnyAuthority('TENANT_ADMIN')")
  98 + @RequestMapping(value = "/oauth2/isOAuth2ConfigurationAllowed", method = RequestMethod.GET)
39 @ResponseBody 99 @ResponseBody
40 - public OAuth2ClientRegistration getClientRegistrationById(@PathVariable(REGISTRATION_ID) String registrationId) throws ThingsboardException { 100 + public Boolean isOAuth2ConfigurationAllowed() throws ThingsboardException {
41 try { 101 try {
42 - return oauth2Service.getClientRegistration(registrationId); 102 + return oauth2Service.isOAuth2ClientRegistrationAllowed(getTenantId());
43 } catch (Exception e) { 103 } catch (Exception e) {
44 throw handleException(e); 104 throw handleException(e);
45 } 105 }
46 } 106 }
  107 +
  108 +
  109 + private void checkOAuth2ConfigPermissions(Operation operation) throws ThingsboardException {
  110 + accessControlService.checkPermission(getCurrentUser(), Resource.OAUTH2_CONFIGURATION, operation);
  111 + }
47 } 112 }
@@ -31,7 +31,9 @@ public enum Resource { @@ -31,7 +31,9 @@ public enum Resource {
31 RULE_CHAIN(EntityType.RULE_CHAIN), 31 RULE_CHAIN(EntityType.RULE_CHAIN),
32 USER(EntityType.USER), 32 USER(EntityType.USER),
33 WIDGETS_BUNDLE(EntityType.WIDGETS_BUNDLE), 33 WIDGETS_BUNDLE(EntityType.WIDGETS_BUNDLE),
34 - WIDGET_TYPE(EntityType.WIDGET_TYPE); 34 + WIDGET_TYPE(EntityType.WIDGET_TYPE),
  35 + OAUTH2_CONFIGURATION(),
  36 + ;
35 37
36 private final EntityType entityType; 38 private final EntityType entityType;
37 39
@@ -75,14 +75,17 @@ public class OAuth2ServiceImpl implements OAuth2Service { @@ -75,14 +75,17 @@ public class OAuth2ServiceImpl implements OAuth2Service {
75 75
76 private final Map<String, OAuth2ClientRegistration> clientRegistrationsByRegistrationId = new ConcurrentHashMap<>(); 76 private final Map<String, OAuth2ClientRegistration> clientRegistrationsByRegistrationId = new ConcurrentHashMap<>();
77 77
  78 +
  79 + // TODO add field that invalidates cache in case write to cache fails after successful saving in DB
78 @PostConstruct 80 @PostConstruct
79 public void init(){ 81 public void init(){
80 - 82 + OAuth2ClientsParams systemOAuth2ClientsParams = getSystemOAuth2ClientsParams(TenantId.SYS_TENANT_ID);
  83 + // TODO get all attributes with key OAUTH2_CLIENT_REGISTRATIONS_PARAMS and put into the map
81 } 84 }
82 85
83 @Override 86 @Override
84 public OAuth2ClientRegistration getClientRegistration(String registrationId) { 87 public OAuth2ClientRegistration getClientRegistration(String registrationId) {
85 - return null; 88 + return clientRegistrationsByRegistrationId.get(registrationId);
86 } 89 }
87 90
88 @Override 91 @Override