Implements: blueprint oauth2-openid-refresh-tokens-administration
[smarcet] - #5036 - Refresh Tokens Administration Change-Id: I64c4bcd61b4287c5405b0644bc8c6a089dd171e1
This commit is contained in:
smarcet
parent
5ac8ac455a
commit
cb72f4b83a
@ -118,7 +118,7 @@ class UserController extends BaseController
|
||||
{
|
||||
try {
|
||||
$max_login_attempts_2_show_captcha = $this->server_configuration_service->getConfigValue("MaxFailed.LoginAttempts.2ShowCaptcha");
|
||||
$data = Input::all();
|
||||
$data = Input::all();
|
||||
$login_attempts = intval(Input::get('login_attempts'));
|
||||
// Build the validation constraint set.
|
||||
$rules = array(
|
||||
@ -276,30 +276,30 @@ class UserController extends BaseController
|
||||
foreach ($selected_scopes as $scope) {
|
||||
array_push($aux_scopes, $scope->id);
|
||||
}
|
||||
$scopes = $this->scope_service->getAvailableScopes();
|
||||
$scopes = $this->scope_service->getAvailableScopes();
|
||||
|
||||
$access_tokens = $this->token_service->getAccessTokenByClient($client->client_id);
|
||||
$access_tokens = $this->token_service->getAccessTokenByClient($client->client_id);
|
||||
|
||||
foreach($access_tokens as $token){
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ',$token->scope));
|
||||
$token->setFriendlyScopes(implode(',',$friendly_scopes));
|
||||
foreach ($access_tokens as $token) {
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ', $token->scope));
|
||||
$token->setFriendlyScopes(implode(',', $friendly_scopes));
|
||||
}
|
||||
|
||||
$refresh_tokens = $this->token_service->getRefreshTokenByClient($client->client_id);
|
||||
|
||||
foreach($refresh_tokens as $token){
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ',$token->scope));
|
||||
$token->setFriendlyScopes(implode(',',$friendly_scopes));
|
||||
foreach ($refresh_tokens as $token) {
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ', $token->scope));
|
||||
$token->setFriendlyScopes(implode(',', $friendly_scopes));
|
||||
}
|
||||
|
||||
return View::make("oauth2.profile.edit-client",
|
||||
array(
|
||||
'client' => $client,
|
||||
'allowed_uris' => $allowed_uris,
|
||||
'allowed_uris' => $allowed_uris,
|
||||
'selected_scopes' => $aux_scopes,
|
||||
'scopes' => $scopes,
|
||||
'access_tokens' => $access_tokens,
|
||||
'refresh_tokens' => $refresh_tokens,
|
||||
'scopes' => $scopes,
|
||||
'access_tokens' => $access_tokens,
|
||||
'refresh_tokens' => $refresh_tokens,
|
||||
));
|
||||
}
|
||||
|
||||
@ -560,26 +560,52 @@ class UserController extends BaseController
|
||||
}
|
||||
|
||||
return $res ? Response::json(array('status' => 'OK')) : Response::json(array('status' => 'ERROR'));
|
||||
}
|
||||
catch (Exception $ex) {
|
||||
} catch (Exception $ex) {
|
||||
Log::error($ex);
|
||||
return Response::json(array('status' => 'ERROR'));
|
||||
}
|
||||
}
|
||||
|
||||
public function getAccessTokens($client_id){
|
||||
|
||||
$access_tokens = $this->token_service->getAccessTokenByClient($client_id);
|
||||
$res = array();
|
||||
foreach($access_tokens as $token){
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ',$token->scope));
|
||||
array_push($res,array(
|
||||
'value' => $token->value,
|
||||
'scope' => implode(',',$friendly_scopes),
|
||||
'lifetime' => $token->getRemainingLifetime(),
|
||||
'issued' => $token->created_at->format('Y-m-d H:i:s')
|
||||
));
|
||||
public function getAccessTokens($client_id)
|
||||
{
|
||||
try {
|
||||
$access_tokens = $this->token_service->getAccessTokenByClient($client_id);
|
||||
$res = array();
|
||||
foreach ($access_tokens as $token) {
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ', $token->scope));
|
||||
array_push($res, array(
|
||||
'value' => $token->value,
|
||||
'scope' => implode(',', $friendly_scopes),
|
||||
'lifetime' => $token->getRemainingLifetime(),
|
||||
'issued' => $token->created_at->format('Y-m-d H:i:s')
|
||||
));
|
||||
}
|
||||
return Response::json(array('status' => 'OK', 'access_tokens' => $res));
|
||||
} catch (Exception $ex) {
|
||||
Log::error($ex);
|
||||
return Response::json(array('status' => 'ERROR'));
|
||||
}
|
||||
}
|
||||
|
||||
public function getRefreshTokens($client_id)
|
||||
{
|
||||
|
||||
try {
|
||||
$refresh_tokens = $this->token_service->getRefreshTokenByClient($client_id);
|
||||
$res = array();
|
||||
foreach ($refresh_tokens as $token) {
|
||||
$friendly_scopes = $this->scope_service->getFriendlyScopesByName(explode(' ', $token->scope));
|
||||
array_push($res, array(
|
||||
'value' => $token->value,
|
||||
'scope' => implode(',', $friendly_scopes),
|
||||
'lifetime' => $token->getRemainingLifetime(),
|
||||
'issued' => $token->created_at->format('Y-m-d H:i:s')
|
||||
));
|
||||
}
|
||||
return Response::json(array('status' => 'OK', 'refresh_tokens' => $res));
|
||||
} catch (Exception $ex) {
|
||||
Log::error($ex);
|
||||
return Response::json(array('status' => 'ERROR'));
|
||||
}
|
||||
return Response::json(array('status' => 'OK','access_tokens'=>$res));
|
||||
}
|
||||
}
|
||||
|
||||
@ -62,6 +62,7 @@ Route::group(array("before" => array("ssl", "auth")), function () {
|
||||
Route::post('/accounts/user/profile/clients/token/rotate/refresh_token/{id}','UserController@postRotateRefreshTokenPolicy');
|
||||
Route::get('/accounts/user/profile/clients/token/revoke/{value}/{hint}','UserController@getRevokeToken');
|
||||
Route::get('/accounts/user/profile/clients/token/access_tokens/{client_id}','UserController@getAccessTokens');
|
||||
Route::get('/accounts/user/profile/clients/token/refresh_tokens/{client_id}','UserController@getRefreshTokens');
|
||||
});
|
||||
|
||||
|
||||
|
||||
@ -11,10 +11,7 @@
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<table id='table-access-tokens' class="table table-hover table-condensed"
|
||||
@if (!count($access_tokens))
|
||||
style='display:none';
|
||||
@endif
|
||||
<table id='table-access-tokens' class="table table-hover table-condensed">
|
||||
<thead>
|
||||
<tr>
|
||||
<th><i class="icon-info-sign accordion-toggle" title="Time is on UTC"></i> Issued</th>
|
||||
@ -45,27 +42,24 @@
|
||||
<strong>There are not any Refresh Tokens granted for this application</strong>
|
||||
</div>
|
||||
</div>
|
||||
<table id='table-refresh-tokens' class="table table-hover table-condensed"
|
||||
@if (!count($refresh_tokens))
|
||||
style='display:none';
|
||||
@endif
|
||||
<table id='table-refresh-tokens' class="table table-hover table-condensed">
|
||||
<thead>
|
||||
<tr>
|
||||
<th><i class="icon-info-sign accordion-toggle" title="Time is on UTC"></i> Issued</th>
|
||||
<th>Scopes</th>
|
||||
<th><i class="icon-info-sign accordion-toggle" title="Time is on UTC"></i> Remaining Lifetime</th>
|
||||
<th><i class="icon-info-sign accordion-toggle" title="Lifetime is on seconds"></i> Remaining Lifetime</th>
|
||||
<th> </th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tbody id="body-refresh-tokens">
|
||||
@foreach ($refresh_tokens as $refresh_token)
|
||||
<tr id="{{ $refresh_token->value }}">
|
||||
<td>{{ $refresh_token->created_at }}</td>
|
||||
<td>{{ $refresh_token->getFriendlyScopes() }}</td>
|
||||
@if($refresh_token->getRemainingLifetime()===0)
|
||||
<td>Not Expire</td>
|
||||
<td>Not Expire</td>
|
||||
@else
|
||||
<td>{{ $refresh_token->getRemainingLifetime() }}</td>
|
||||
<td>{{ $refresh_token->getRemainingLifetime() }}</td>
|
||||
@endif
|
||||
<td>{{ HTML::link(URL::action("UserController@getRevokeToken",array("value"=>$refresh_token->value,'hint'=>'refresh-token')),'Revoke',array('class'=>'btn revoke-token revoke-refresh-token','title'=>'Revoke Refresh Token','data-value'=>$refresh_token->value,'data-hint'=>'refresh-token')) }}</td>
|
||||
</tr>
|
||||
@ -78,7 +72,7 @@
|
||||
@parent
|
||||
<script type="application/javascript">
|
||||
|
||||
function refreshAccessTokenList(){
|
||||
function updateAccessTokenList(){
|
||||
//reload access tokens
|
||||
$.ajax(
|
||||
{
|
||||
@ -127,16 +121,79 @@
|
||||
});
|
||||
}
|
||||
|
||||
function updateRefreshTokenList(){
|
||||
//reload access tokens
|
||||
$.ajax(
|
||||
{
|
||||
type: "GET",
|
||||
url:'{{ URL::action("UserController@getRefreshTokens",array("client_id"=>$client->client_id))}}' ,
|
||||
dataType: "json",
|
||||
timeout:60000,
|
||||
success: function (data,textStatus,jqXHR) {
|
||||
//load data...
|
||||
if(data.status==='OK'){
|
||||
if(data.refresh_tokens.length===0){
|
||||
$('#table-refresh-tokens').hide();
|
||||
$('#info-refresh-tokens').show();
|
||||
}
|
||||
else{
|
||||
$('#info-refresh-tokens').hide();
|
||||
$('#table-refresh-tokens').show();
|
||||
var template = $('<tbody><tr><td class="issued"></td><td class="scope"></td><td class="lifetime"></td><td><a title="Revoke Refresh Token" class="btn revoke-token revoke-refresh-token" data-hint="refresh-token">Revoke</a></td></tr></tbody>');
|
||||
var directives = {
|
||||
'tr':{
|
||||
'token<-context':{
|
||||
'@id' :'token.value',
|
||||
'td.issued' :'token.issued',
|
||||
'td.scope' :'token.scope',
|
||||
'td.lifetime':function(arg){
|
||||
var token_lifetime = arg.item.lifetime;
|
||||
return token_lifetime===0?'Not Expire':token_lifetime;
|
||||
},
|
||||
'a@href':function(arg){
|
||||
var token_value = arg.item.value;
|
||||
var href = '{{ URL::action("UserController@getRevokeToken",array("value"=>-1,"hint"=>"refresh-token")) }}';
|
||||
return href.replace('-1',token_value);
|
||||
},
|
||||
'a@data-value' :'token.value'
|
||||
}
|
||||
}
|
||||
};
|
||||
var html = template.render(data.refresh_tokens, directives);
|
||||
$('#body-refresh-tokens').html(html.html());
|
||||
updateAccessTokenList();
|
||||
}
|
||||
}
|
||||
else{
|
||||
alert('There was an error!');
|
||||
}
|
||||
},
|
||||
error: function (jqXHR, textStatus, errorThrown) {
|
||||
alert( "Request failed: " + textStatus );
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
$(document).ready(function() {
|
||||
|
||||
if($('#table-access-tokens').length===0)
|
||||
if($('#table-access-tokens tr').length===1){
|
||||
$('#info-access-tokens').show();
|
||||
$('#table-access-tokens').hide();
|
||||
}
|
||||
|
||||
if($('#table-refresh-tokens').length===0)
|
||||
if($('#table-refresh-tokens tr').length===1){
|
||||
$('#info-refresh-tokens').show();
|
||||
$('#table-refresh-tokens').hide();
|
||||
}
|
||||
|
||||
$("body").on('click','.refresh-refresh-tokens',function(event){
|
||||
updateRefreshTokenList();
|
||||
event.preventDefault();
|
||||
return false;
|
||||
});
|
||||
|
||||
$("body").on('click','.refresh-access-tokens',function(event){
|
||||
refreshAccessTokenList();
|
||||
updateAccessTokenList();
|
||||
event.preventDefault();
|
||||
return false;
|
||||
});
|
||||
@ -165,11 +222,11 @@
|
||||
row.remove();
|
||||
var row_qty = $('#'+table_id+' tr').length;
|
||||
if(row_qty===1){ //only we have the header ...
|
||||
$('#'+table_id).remove();
|
||||
$('#'+table_id).hide();
|
||||
$('#'+info_id).show();
|
||||
}
|
||||
if(hint=='refresh-token'){
|
||||
refreshAccessTokenList();
|
||||
updateAccessTokenList();
|
||||
}
|
||||
}
|
||||
else{
|
||||
|
||||
@ -1,13 +1,14 @@
|
||||
{
|
||||
"name": "laravel/laravel",
|
||||
"description": "The Laravel Framework.",
|
||||
"keywords": ["framework", "laravel"],
|
||||
"name": "openstackid",
|
||||
"description": "OpenstackId Idp",
|
||||
"keywords": ["openstackid", "openstack","openid","oauth2"],
|
||||
"license": "MIT",
|
||||
"require": {
|
||||
"laravel/framework": "4.0.*",
|
||||
"php": ">=5.4.0",
|
||||
"laravel/framework": "4.0.*",
|
||||
"phpunit/phpunit": "3.7.*",
|
||||
"zendframework/zend-crypt":"2.2.*",
|
||||
"greggilbert/recaptcha": "dev-master"
|
||||
"greggilbert/recaptcha": "1.0.*"
|
||||
},
|
||||
"autoload": {
|
||||
"classmap": [
|
||||
@ -40,5 +41,6 @@
|
||||
"config": {
|
||||
"preferred-install": "dist"
|
||||
},
|
||||
"minimum-stability": "dev"
|
||||
"prefer-stable": true,
|
||||
"minimum-stability": "stable"
|
||||
}
|
||||
|
||||
27
readme.md
27
readme.md
@ -1,21 +1,16 @@
|
||||
## Laravel PHP Framework
|
||||
# OpenstackId Idp
|
||||
|
||||
[](https://packagist.org/packages/laravel/framework) [](https://packagist.org/packages/laravel/framework) [](https://travis-ci.org/laravel/framework)
|
||||
## Prerequisites
|
||||
|
||||
Laravel is a web application framework with expressive, elegant syntax. We believe development must be an enjoyable, creative experience to be truly fulfilling. Laravel attempts to take the pain out of development by easing common tasks used in the majority of web projects, such as authentication, routing, sessions, and caching.
|
||||
* LAMP environment
|
||||
* PHP >= 5.4.0
|
||||
* composer (https://getcomposer.org/)
|
||||
|
||||
Laravel aims to make the development process a pleasing one for the developer without sacrificing application functionality. Happy developers make the best code. To this end, we've attempted to combine the very best of what we have seen in other web frameworks, including frameworks implemented in other languages, such as Ruby on Rails, ASP.NET MVC, and Sinatra.
|
||||
## Install
|
||||
|
||||
Laravel is accessible, yet powerful, providing powerful tools needed for large, robust applications. A superb inversion of control container, expressive migration system, and tightly integrated unit testing support give you the tools you need to build any application with which you are tasked.
|
||||
run following commands on root folder
|
||||
* curl -s https://getcomposer.org/installer | php
|
||||
* php composer.phar install --prefer-dist
|
||||
* php artisan migrate --env=YOUR_ENVIRONMENT
|
||||
* php artisan db:seed --env=YOUR_ENVIRONMENT
|
||||
|
||||
## Official Documentation
|
||||
|
||||
Documentation for the entire framework can be found on the [Laravel website](http://laravel.com/docs).
|
||||
|
||||
### Contributing To Laravel
|
||||
|
||||
**All issues and pull requests should be filed on the [laravel/framework](http://github.com/laravel/framework) repository.**
|
||||
|
||||
### License
|
||||
|
||||
The Laravel framework is open-sourced software licensed under the [MIT license](http://opensource.org/licenses/MIT)
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user