attributes verification

Evolveum · Jan 10, 2023 · 81c02ad · 81c02ad
1 parent ec75929
commit 81c02ad
Show file tree

Hide file tree

Showing 2 changed files with 61 additions and 6 deletions.
diff --git a/...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.html b/...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.html
@@ -16,12 +16,13 @@ <h4>
             <wicket:message key="PageAttributeVerification.attributeVerificationLabel"/>
         </h4>
         <div wicket:id="csrfField"/>
-        <div wicket:id="attributes">
+        <input type="hidden" wicket:id="verified"/>
+        <div wicket:id="attributes" class="d-flex flex-row my-2">
             <label wicket:id="attributeName"></label>
             <input type="text" class="form-control form-control-sm" wicket:id="attributeValue"/>
         </div>
         <div class="pull-right">
-            <a class="btn btn-default" wicket:id="back" wicket:message="value:PageBase.button.back">
+            <a class="btn btn-default" wicket:id="back"><wicket:message key="PageBase.button.back"/>
             </a>
             <a class="btn btn-primary" wicket:id="submit" wicket:message="value:PageBase.button.send">
             </a>

diff --git a/...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.java b/...ui/src/main/java/com/evolveum/midpoint/gui/impl/page/login/PageAttributeVerification.java
@@ -12,9 +12,9 @@
 import com.evolveum.midpoint.authentication.api.config.ModuleAuthentication;
 import com.evolveum.midpoint.authentication.api.util.AuthUtil;
 import com.evolveum.midpoint.authentication.api.util.AuthenticationModuleNameConstants;
+import com.evolveum.midpoint.prism.PrismProperty;
 import com.evolveum.midpoint.prism.query.ObjectQuery;
 import com.evolveum.midpoint.security.api.MidPointPrincipal;
-import com.evolveum.midpoint.web.component.AjaxButton;
 import com.evolveum.midpoint.web.component.AjaxSubmitButton;
 import com.evolveum.midpoint.web.component.form.MidpointForm;
 import com.evolveum.midpoint.web.component.prism.DynamicFormPanel;
@@ -27,21 +27,23 @@
 import com.evolveum.prism.xml.ns._public.types_3.ItemPathType;
 
 import org.apache.commons.lang3.StringUtils;
+import org.apache.wicket.AttributeModifier;
+import org.apache.wicket.Component;
 import org.apache.wicket.RestartResponseException;
 import org.apache.wicket.ajax.AjaxRequestTarget;
 import org.apache.wicket.ajax.form.AjaxFormComponentUpdatingBehavior;
 import org.apache.wicket.markup.html.WebMarkupContainer;
 import org.apache.wicket.markup.html.basic.Label;
+import org.apache.wicket.markup.html.form.HiddenField;
 import org.apache.wicket.markup.html.form.RequiredTextField;
 import org.apache.wicket.markup.html.list.ListItem;
 import org.apache.wicket.markup.html.list.ListView;
+import org.apache.wicket.model.IModel;
 import org.apache.wicket.model.LoadableDetachableModel;
 import org.apache.wicket.model.Model;
-import org.apache.wicket.model.PropertyModel;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
 
-import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.List;
 
@@ -53,6 +55,7 @@ public class PageAttributeVerification extends PageAuthenticationBase {
 
 
     private static final String ID_MAIN_FORM = "mainForm";
+    private static final String ID_VERIFIED = "verified";
     private static final String ID_ATTRIBUTES = "attributes";
     private static final String ID_ATTRIBUTE_NAME = "attributeName";
     private static final String ID_ATTRIBUTE_VALUE = "attributeValue";
@@ -63,6 +66,7 @@ public class PageAttributeVerification extends PageAuthenticationBase {
     LoadableDetachableModel<List<ItemPathType>> attributesPathModel;
     private LoadableDetachableModel<UserType> userModel;
     private HashMap<ItemPathType, String> attributeValuesMap = new HashMap<>();
+    IModel<Boolean> verificationModel = Model.of(false);
 
     public PageAttributeVerification() {
     }
@@ -131,11 +135,16 @@ private AttributeVerificationAuthenticationModuleType getModuleByIdentifier(Stri
     @Override
     protected void initCustomLayout() {
         MidpointForm<?> form = new MidpointForm<>(ID_MAIN_FORM);
+        form.add(AttributeModifier.replace("action", (IModel<String>) this::getUrlProcessingLogin));
         add(form);
 
         WebMarkupContainer csrfField = SecurityUtils.createHiddenInputForCsrf(ID_CSRF_FIELD);
         form.add(csrfField);
 
+        HiddenField<Boolean> verified = new HiddenField<>(ID_VERIFIED, verificationModel);
+        verified.setOutputMarkupId(true);
+        form.add(verified);
+
         initAttributesLayout(form);
 
         initButtons(form);
@@ -182,7 +191,8 @@ private void initButtons(MidpointForm form) {
 
             @Override
             protected void onSubmit(AjaxRequestTarget target) {
-//                verifyAttributes(target);
+                verifyAttributes(target);
+                target.add(getVerifiedField());
             }
 
             @Override
@@ -195,6 +205,32 @@ protected void onError(AjaxRequestTarget target) {
         form.add(createBackButton(ID_BACK_BUTTON));
     }
 
+    private void verifyAttributes(AjaxRequestTarget target) {
+        for (ItemPathType itemPathType : attributesPathModel.getObject()) {
+            if (!attributeValueMatches(itemPathType)) {
+                return;
+            }
+        }
+        verificationModel.setObject(true);
+    }
+
+    private boolean attributeValueMatches(ItemPathType path) {
+        if (!attributeValuesMap.containsKey(path)) {
+            return false;
+        }
+        UserType user = userModel.getObject();
+
+        PrismProperty<?> property = user.asPrismObject().findProperty(path.getItemPath());
+        if (property == null) {
+            return false;
+        }
+        return attributeValuesMap.get(path).equals(property.getRealValue().toString());
+    }
+
+    private Component getVerifiedField() {
+        return  get(ID_MAIN_FORM).get(ID_VERIFIED);
+    }
+
     @Override
     protected ObjectQuery createStaticFormQuery() {
         String username = "";
@@ -207,4 +243,22 @@ protected DynamicFormPanel<UserType> getDynamicForm() {
         return null;
     }
 
+    private String getUrlProcessingLogin() {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        if (authentication instanceof MidpointAuthentication) {
+            MidpointAuthentication mpAuthentication = (MidpointAuthentication) authentication;
+            ModuleAuthentication moduleAuthentication = mpAuthentication.getProcessingModuleAuthentication();
+            if (moduleAuthentication != null
+                    && AuthenticationModuleNameConstants.ATTRIBUTE_VERIFICATION.equals(moduleAuthentication.getModuleTypeName())){
+                String prefix = moduleAuthentication.getPrefix();
+                return AuthUtil.stripSlashes(prefix) + "/spring_security_login";
+            }
+        }
+
+        String key = "web.security.flexAuth.unsupported.auth.type";
+        error(getString(key));
+        return "/midpoint/spring_security_login";
+    }
+
+
 }