artin/OBP-API
1
0
Fork 0
mirror of https://github.com/OpenBankProject/OBP-API.git synced 2026-02-06 19:16:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

OpenID Connect - refactor code

Browse Source
This commit is contained in:
Marko Milić 2020-04-30 09:38:01 +02:00
parent 8bc356f13f
commit acf8207f67
2 changed files with 37 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

49
obp-api/src/main/scala/code/api/openidconnect.scala
View File

@ -30,7 +30,7 @@ import java.net.HttpURLConnection
import java.util.Date
import code.api.util.APIUtil._
import code.api.util.{APIUtil, JwtUtil}
import code.api.util.{APIUtil, ErrorMessages, JwtUtil}
import code.consumer.Consumers
import code.model.Consumer
import code.model.dataAccess.AuthUser
@ -87,13 +87,12 @@ object OpenIdConnect extends OBPRestHelper with MdcLoggable {
serve {
case Req("my" :: "logins" :: "openid-connect" :: Nil, _, PostRequest | GetRequest) => {
var httpCode = 500
var message = "unknown"
var message = ErrorMessages.UnknownError
var authorizationUser: Option[AuthUser] = None
for {
code <- S.params("code")
state <- S.param("state")
} yield {
// Get the token
message=code
exchangeAuthorizationCodeForTokens(code) match {
case Full((idToken, accessToken, tokenType)) =>
saveUser(idToken) match {
@ -105,22 +104,38 @@ object OpenIdConnect extends OBPRestHelper with MdcLoggable {
}
} yield {
val consumer: Box[Consumer] = saveConsumer(idToken, user.userId)
saveAuthorizationToken(accessToken, accessToken, user.userPrimaryKey.value, consumer)
httpCode = 200
message= String.format("oauth_token=%s&oauth_token_secret=%s", accessToken, accessToken)
val headers = ("Content-type" -> "application/x-www-form-urlencoded") :: Nil
AuthUser.logUserIn(authUser, () => {
S.notice(S.?("logged.in"))
//This redirect to homePage, it is from scala code, no open redirect issue.
S.redirectTo(AuthUser.homePage)
})
saveAuthorizationToken(accessToken, accessToken, user.userPrimaryKey.value, consumer) match {
case true =>
httpCode = 200
message= String.format("oauth_token=%s&oauth_token_secret=%s", accessToken, accessToken)
authorizationUser = Some(authUser)
case false =>
httpCode = 400
message = ErrorMessages.CannotSaveOpenIDConnectToken
authorizationUser = Some(authUser)
}
}
case _ => message=String.format("Could not find user with token %s", accessToken)
case _ =>
httpCode = 400
message = ErrorMessages.CannotSaveOpenIDConnectUser
}
case _ => message=String.format("Could not get token for code %s", code)
case _ =>
httpCode = 400
message = ErrorMessages.CannotExchangeAuthorizationCodeForTokens
}
}
errorJsonResponse(message, httpCode)
(httpCode, authorizationUser) match {
case (200, Some(user)) =>
AuthUser.logUserIn(user, () => {
S.notice(S.?("logged.in"))
//This redirect to homePage, it is from scala code, no open redirect issue.
S.redirectTo(AuthUser.homePage)
})
case _ =>
errorJsonResponse(message, httpCode)
}
}
}
@ -242,7 +257,7 @@ object OpenIdConnect extends OBPRestHelper with MdcLoggable {
method: String,
connectTimeout: Int = 2000,
readTimeout: Int = 10000
) = {
): String = {
var content:String = ""
import java.net.URL
try {

5
obp-api/src/main/scala/code/api/util/ErrorMessages.scala
View File

@ -183,6 +183,11 @@ object ErrorMessages {
val X509CannotGetCertificate = "OBP-20306: PEM Encoded Certificate cannot be found at request header."
val X509ActionIsNotAllowed = "OBP-20307: PEM Encoded Certificate does not provide the proper role for the action has been taken."
val X509ThereAreNoPsd2Roles = "OBP-20308: PEM Encoded Certificate does not contain PSD2 roles."
// OpenID Connect
val CannotExchangeAuthorizationCodeForTokens = "OBP-20400: Cannot exchange authorization code for tokens."
val CannotSaveOpenIDConnectUser = "OBP-20401: Cannot get/save OpenID Connect user."
val CannotSaveOpenIDConnectToken = "OBP-20402: Cannot save OpenID Connect token."
// Resource related messages (OBP-30XXX)
val BankNotFound = "OBP-30001: Bank not found. Please specify a valid value for BANK_ID."