diff --git a/app/scripts/modules/configurations.js b/app/scripts/modules/configurations.js index 267ab5c5..ba03c5da 100644 --- a/app/scripts/modules/configurations.js +++ b/app/scripts/modules/configurations.js @@ -2,4 +2,6 @@ angular.module('configurations', []) .constant('API_VERSION', '/mifosng-provider/api/v1') .constant('IDLE_DURATION', 30 * 60) .constant('WARN_DURATION', 10) - .constant('KEEPALIVE_INTERVAL', 15 * 60); + .constant('KEEPALIVE_INTERVAL', 15 * 60) + .constant('SECURITY', 'basicauth'); +// Use SECURITY constant as 'oauth' to enable Oauth2 on community app diff --git a/app/scripts/services/AuthenticationService.js b/app/scripts/services/AuthenticationService.js index 68f55d3c..48fadb9b 100644 --- a/app/scripts/services/AuthenticationService.js +++ b/app/scripts/services/AuthenticationService.js @@ -1,6 +1,6 @@ (function (module) { mifosX.services = _.extend(module, { - AuthenticationService: function (scope, httpService, localStorageService) { + AuthenticationService: function (scope, httpService, SECURITY, localStorageService,timeout, webStorage) { var onSuccess = function (data) { scope.$broadcast("UserAuthenticationSuccessEvent", data); localStorageService.addToLocalStorage('userData', data); @@ -12,15 +12,54 @@ var apiVer = '/mifosng-provider/api/v1'; - this.authenticateWithUsernamePassword = function (credentials) { - scope.$broadcast("UserAuthenticationStartEvent"); - httpService.post(apiVer + "/authentication?username=" + credentials.username + "&password=" + credentials.password) + var getUserDetails = function(data){ + + localStorageService.addToLocalStorage('tokendetails', data); + setTimer(data.expires_in); + httpService.get( apiVer + "/userdetails?access_token=" + data.access_token) .success(onSuccess) .error(onFailure); + + } + + var updateAccessDetails = function(data){ + var sessionData = webStorage.get('sessionData'); + sessionData.authenticationKey = data.access_token; + webStorage.add("sessionData",sessionData); + localStorageService.addToLocalStorage('tokendetails', data); + var userDate = localStorageService.getFromLocalStorage("userData"); + userDate.accessToken = data.access_token; + localStorageService.addToLocalStorage('userData', userDate); + httpService.setAuthorization(data.access_token); + setTimer(data.expires_in); + } + + var setTimer = function(time){ + timeout(getAccessToken, time * 1000); + } + + var getAccessToken = function(){ + var refreshToken = localStorageService.getFromLocalStorage("tokendetails").refresh_token; + httpService.cancelAuthorization(); + httpService.post( "/mifosng-provider/api/oauth/token?&client_id=community-app&grant_type=refresh_token&client_secret=123&refresh_token=" + refreshToken) + .success(updateAccessDetails); + } + + this.authenticateWithUsernamePassword = function (credentials) { + scope.$broadcast("UserAuthenticationStartEvent"); + if(SECURITY === 'oauth'){ + httpService.post( "/mifosng-provider/api/oauth/token?username=" + credentials.username + "&password=" + credentials.password +"&client_id=community-app&grant_type=password&client_secret=123") + .success(getUserDetails) + .error(onFailure); + } else { + httpService.post(apiVer + "/authentication?username=" + credentials.username + "&password=" + credentials.password) + .success(onSuccess) + .error(onFailure); + } }; } }); - mifosX.ng.services.service('AuthenticationService', ['$rootScope', 'HttpService', 'localStorageService', mifosX.services.AuthenticationService]).run(function ($log) { + mifosX.ng.services.service('AuthenticationService', ['$rootScope', 'HttpService', 'SECURITY', 'localStorageService','$timeout','webStorage', mifosX.services.AuthenticationService]).run(function ($log) { $log.info("AuthenticationService initialized"); }); }(mifosX.services || {})); diff --git a/app/scripts/services/HttpServiceProvider.js b/app/scripts/services/HttpServiceProvider.js index bd4a81c6..58c9e4ef 100644 --- a/app/scripts/services/HttpServiceProvider.js +++ b/app/scripts/services/HttpServiceProvider.js @@ -39,8 +39,12 @@ return http(config); }; }); - this.setAuthorization = function (key) { - http.defaults.headers.common.Authorization = "Basic " + key; + this.setAuthorization = function (key, isOauth) { + if(isOauth){ + http.defaults.headers.common.Authorization = "bearer " + key; + } else { + http.defaults.headers.common.Authorization = "Basic " + key; + } }; this.cancelAuthorization = function () { @@ -54,6 +58,6 @@ mifosX.ng.services.config(function ($provide) { $provide.provider('HttpService', mifosX.services.HttpServiceProvider); }).run(function ($log) { - $log.info("HttpService initialized"); - }); + $log.info("HttpService initialized"); + }); }(mifosX.services || {})); diff --git a/app/scripts/services/SessionManager.js b/app/scripts/services/SessionManager.js index d3069b4e..c67bc42d 100644 --- a/app/scripts/services/SessionManager.js +++ b/app/scripts/services/SessionManager.js @@ -1,14 +1,28 @@ (function (module) { mifosX.services = _.extend(module, { - SessionManager: function (webStorage, httpService, resourceFactory) { + SessionManager: function (webStorage, httpService, SECURITY, resourceFactory, localStorageService) { var EMPTY_SESSION = {}; this.get = function (data) { + var isOauth = SECURITY === 'oauth'; + var accessToken = null; + if(isOauth){ + accessToken = localStorageService.getFromLocalStorage("tokendetails").access_token; + } if (data.shouldRenewPassword) { - httpService.setAuthorization(data.base64EncodedAuthenticationKey); - } else{ - webStorage.add("sessionData", {userId: data.userId, authenticationKey: data.base64EncodedAuthenticationKey, userPermissions: data.permissions}); - httpService.setAuthorization(data.base64EncodedAuthenticationKey); + if(isOauth){ + httpService.setAuthorization(data.accessToken); + } else { + httpService.setAuthorization(data.base64EncodedAuthenticationKey); + } + } else { + if(isOauth){ + webStorage.add("sessionData", {userId: data.userId, authenticationKey: data.accessToken, userPermissions: data.permissions}); + httpService.setAuthorization(data.accessToken, true); + } else { + webStorage.add("sessionData", {userId: data.userId, authenticationKey: data.base64EncodedAuthenticationKey, userPermissions: data.permissions}); + httpService.setAuthorization(data.base64EncodedAuthenticationKey, false); + } return {user: new mifosX.models.LoggedInUser(data)}; }; } @@ -22,7 +36,8 @@ this.restore = function (handler) { var sessionData = webStorage.get('sessionData'); if (sessionData !== null) { - httpService.setAuthorization(sessionData.authenticationKey); + var isOauth = SECURITY === 'oauth'; + httpService.setAuthorization(sessionData.authenticationKey, isOauth); resourceFactory.userResource.get({userId: sessionData.userId}, function (userData) { userData.userPermissions = sessionData.userPermissions; handler({user: new mifosX.models.LoggedInUser(userData)}); @@ -36,7 +51,9 @@ mifosX.ng.services.service('SessionManager', [ 'webStorage', 'HttpService', + 'SECURITY', 'ResourceFactory', + 'localStorageService', mifosX.services.SessionManager ]).run(function ($log) { $log.info("SessionManager initialized"); diff --git a/test/spec/services/AuthenticationServiceSpec.js b/test/spec/services/AuthenticationServiceSpec.js index 56525ec0..4403f9ce 100644 --- a/test/spec/services/AuthenticationServiceSpec.js +++ b/test/spec/services/AuthenticationServiceSpec.js @@ -14,7 +14,7 @@ describe("AuthenticationService", function () { }); }); - new mifosX.services.AuthenticationService(scope, httpService, localStorageService).authenticateWithUsernamePassword({ + new mifosX.services.AuthenticationService(scope, httpService, 'basicauth', localStorageService).authenticateWithUsernamePassword({ username: "test_username", password: "test_password" }); diff --git a/test/spec/services/SessionManagerSpec.js b/test/spec/services/SessionManagerSpec.js index 78e5cb9e..a9baca7a 100644 --- a/test/spec/services/SessionManagerSpec.js +++ b/test/spec/services/SessionManagerSpec.js @@ -10,7 +10,7 @@ describe("SessionManager", function () { }}; userConstructor = spyOn(mifosX.models, 'LoggedInUser').andReturn({id: "test_user"}); - this.sessionManager = new mifosX.services.SessionManager(webStorage, httpService, resourceFactory); + this.sessionManager = new mifosX.services.SessionManager(webStorage, httpService, 'basicauth', resourceFactory); }); describe("Session restore", function () { @@ -26,7 +26,7 @@ describe("SessionManager", function () { }); it("should set the http authorization", function () { - expect(httpService.setAuthorization).toHaveBeenCalledWith("test_key"); + expect(httpService.setAuthorization).toHaveBeenCalledWith("test_key", false); }); it("should retrieve the current user", function () { expect(resourceFactory.userResource.get).toHaveBeenCalledWith({userId: "test_user"}, jasmine.any(Function)) @@ -59,7 +59,7 @@ describe("SessionManager", function () { }); it("should set the http authorization", function () { - expect(httpService.setAuthorization).toHaveBeenCalledWith("test_key"); + expect(httpService.setAuthorization).toHaveBeenCalledWith("test_key", false); }); it("should store the session data", function () { expect(webStorage.add).toHaveBeenCalledWith("sessionData", {userId: "test_user", authenticationKey: "test_key"});