Implement support for user consent #4
@ -19,6 +19,7 @@ import org.springframework.web.bind.annotation.ModelAttribute;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.util.UriComponentsBuilder;
|
||||
import se.su.dsv.oauth2.shibboleth.ShibbolethAuthenticationDetails;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Set;
|
||||
@ -43,6 +44,7 @@ public class ConsentController {
|
||||
|
||||
@GetMapping("/oauth2/consent")
|
||||
public String showConsentForm(
|
||||
Authentication authentication,
|
||||
Model model,
|
||||
UriComponentsBuilder uriComponentsBuilder,
|
||||
@RequestParam("scope") String scopeString,
|
||||
@ -68,9 +70,25 @@ public class ConsentController {
|
||||
model.addAttribute("clientId", clientId);
|
||||
model.addAttribute("state", state);
|
||||
|
||||
PersonalInformation personalInformation = getPersonalInformation(authentication);
|
||||
model.addAttribute("personalInformation", personalInformation);
|
||||
|
||||
return "consent";
|
||||
}
|
||||
|
||||
private PersonalInformation getPersonalInformation(Authentication authentication) {
|
||||
if (authentication.getDetails() instanceof ShibbolethAuthenticationDetails details) {
|
||||
return new PersonalInformation(
|
||||
details.givenName(),
|
||||
details.familyName(),
|
||||
details.displayName(),
|
||||
details.emailAddress());
|
||||
}
|
||||
else {
|
||||
return new PersonalInformation(null, null, null, null);
|
||||
}
|
||||
}
|
||||
|
||||
@PostMapping("/oauth2/consent")
|
||||
public String denyConsent(@RequestParam("state") String state) {
|
||||
OAuth2Authorization authorization = authorizationService.findByToken(
|
||||
|
||||
@ -0,0 +1,9 @@
|
||||
package se.su.dsv.oauth2.web.oauth2;
|
||||
|
||||
public record PersonalInformation(
|
||||
String givenName,
|
||||
String familyName,
|
||||
String displayName,
|
||||
String email)
|
||||
{
|
||||
}
|
||||
@ -1,5 +1,6 @@
|
||||
@import org.springframework.security.core.Authentication
|
||||
@import org.springframework.security.web.csrf.CsrfToken
|
||||
@import se.su.dsv.oauth2.web.oauth2.PersonalInformation
|
||||
@import java.util.Set
|
||||
|
||||
@param String clientId
|
||||
@ -10,6 +11,7 @@
|
||||
@param Authentication currentUser
|
||||
@param Set<String> scopes
|
||||
@param CsrfToken csrfToken
|
||||
@param PersonalInformation personalInformation
|
||||
|
||||
@template.base(title = "Consent", content = @`
|
||||
<h1>Consent</h1>
|
||||
@ -33,7 +35,7 @@
|
||||
</li>
|
||||
@for (var scope : scopes)
|
||||
<li class="list-group-item">
|
||||
@template.consent_scope(scope = scope)
|
||||
@template.consent_scope(scope = scope, personalInformation = personalInformation)
|
||||
</li>
|
||||
@endfor
|
||||
</ul>
|
||||
|
||||
@ -1,24 +1,26 @@
|
||||
@import se.su.dsv.oauth2.web.oauth2.PersonalInformation
|
||||
@import java.util.Objects
|
||||
|
||||
@param String scope
|
||||
@param PersonalInformation personalInformation
|
||||
|
||||
<label class="d-flex gap-3">
|
||||
<input class="form-check-input flex-shrink-0" type="checkbox" name="scope" value="${scope}" id="scope_${scope}" checked aria-label="${scope}">
|
||||
@if (Objects.equals("profile", scope))
|
||||
<dl>
|
||||
<dt>Given name</dt>
|
||||
<dd>...</dd>
|
||||
<dd>${personalInformation.givenName()}</dd>
|
||||
|
||||
<dt>Family name</dt>
|
||||
<dd>...</dd>
|
||||
<dd>${personalInformation.familyName()}</dd>
|
||||
|
||||
<dt>Display name</dt>
|
||||
<dd>...</dd>
|
||||
<dd>${personalInformation.displayName()}</dd>
|
||||
</dl>
|
||||
@elseif (Objects.equals("email", scope))
|
||||
<dl>
|
||||
<dt>E-mail address</dt>
|
||||
<dd>...</dd>
|
||||
<dd>${personalInformation.email()}</dd>
|
||||
</dl>
|
||||
@elseif (Objects.equals("offline_access", scope))
|
||||
<div>Maintain access after you leave the application</div>
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user