minor cosmetic cleanup of the oauth signup patch (#9111)

IQSS · Nov 1, 2022 · 3cfa3fc · 3cfa3fc
1 parent 25521d8
commit 3cfa3fc
Show file tree

Hide file tree

Showing 5 changed files with 21 additions and 12 deletions.
diff --git a/.../java/edu/harvard/iq/dataverse/authorization/providers/oauth2/OAuth2LoginBackingBean.java b/.../java/edu/harvard/iq/dataverse/authorization/providers/oauth2/OAuth2LoginBackingBean.java
@@ -5,6 +5,7 @@
 import edu.harvard.iq.dataverse.authorization.AuthenticationServiceBean;
 import edu.harvard.iq.dataverse.authorization.UserRecordIdentifier;
 import edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser;
+import edu.harvard.iq.dataverse.util.BundleUtil;
 import edu.harvard.iq.dataverse.util.ClockUtil;
 import edu.harvard.iq.dataverse.util.StringUtil;
 import java.io.BufferedReader;
@@ -28,8 +29,8 @@
 
 import static edu.harvard.iq.dataverse.util.StringUtil.toOption;
 import edu.harvard.iq.dataverse.util.SystemConfig;
+import java.text.MessageFormat;
 import java.util.ArrayList;
-import java.util.Collections;
 import org.omnifaces.util.Faces;
 
 /**
@@ -102,21 +103,23 @@ public void exchangeCodeForToken() throws IOException {
                 oauthUser = idp.getUserRecord(code.get(), systemConfig.getOAuth2CallbackUrl());
 
                 // Throw an error if this authentication method is disabled:
+                // (it's not clear if it's possible at all, for somebody to get here with 
+                // the provider really disabled; but, shouldn't hurt either).
                 if (isProviderDisabled(idp.getId())) {
                     disabled = true; 
-                    throw new OAuth2Exception(-1, "", "This authentication method ("+idp.getId()+") is currently disabled. Please log in using one of the supported methods.");
+                    throw new OAuth2Exception(-1, "", MessageFormat.format(BundleUtil.getStringFromBundle("oauth2.callback.error.providerDisabled"), idp.getId()));
                 }
 
                 UserRecordIdentifier idtf = oauthUser.getUserRecordIdentifier();
                 AuthenticatedUser dvUser = authenticationSvc.lookupUser(idtf);
 
                 if (dvUser == null) {
-                    // need to create the user - unless signups are disabled 
+                    // Need to create a new user - unless signups are disabled 
                     // for this authentication method; in which case, throw 
                     // an error:
                     if (systemConfig.isSignupDisabledForRemoteAuthProvider(idp.getId())) {
                         signUpDisabled = true; 
-                        throw new OAuth2Exception(-1, "", "Sorry, signup for new accounts using "+idp.getId()+" authentication is currently disabled."); 
+                        throw new OAuth2Exception(-1, "", MessageFormat.format(BundleUtil.getStringFromBundle("oauth2.callback.error.signupDisabledForProvider"), idp.getId())); 
                     } else {
                         newAccountPage.setNewUser(oauthUser);
                         Faces.redirect("/oauth2/firstLogin.xhtml");

diff --git a/src/main/java/edu/harvard/iq/dataverse/settings/SettingsServiceBean.java b/src/main/java/edu/harvard/iq/dataverse/settings/SettingsServiceBean.java
@@ -675,8 +675,8 @@ public Long getValueForCompoundKeyAsLong(Key key, String param){
 
     /**
      * Same, but with Booleans 
-     * (returns null if not set; the calling method will decide what that shouldall
-     * default to)
+     * (returns null if not set; up to the calling method to decide what that should
+     * default to in each specific case)
      * Example:
      * :AllowRemoteAuthSignUp	{"default":"true","google":"false"}
      */

diff --git a/src/main/java/edu/harvard/iq/dataverse/util/SystemConfig.java b/src/main/java/edu/harvard/iq/dataverse/util/SystemConfig.java
@@ -1232,7 +1232,7 @@ public Map<String, String[]> getCurationLabels() {
     public boolean isSignupDisabledForRemoteAuthProvider(String providerId) {
         Boolean ret =  settingsService.getValueForCompoundKeyAsBoolean(SettingsServiceBean.Key.AllowRemoteAuthSignUp, providerId);
 
-        // we default to false if it's null, i.e. if not present: 
+        // we default to false - i.e., "not disabled" if the setting is not present: 
         if (ret == null) {
             return false; 
         }

diff --git a/src/main/java/propertyFiles/Bundle.properties b/src/main/java/propertyFiles/Bundle.properties
@@ -473,6 +473,8 @@ oauth2.convertAccount.failedDeactivated=Your existing account cannot be converte
 # oauth2/callback.xhtml
 oauth2.callback.page.title=OAuth Callback
 oauth2.callback.message=<strong>Authentication Error</strong> - Dataverse could not authenticate your login with the provider that you selected. Please make sure you authorize your account to connect with Dataverse. For more details about the information being requested, see the <a href="{0}/{1}/user/account.html#remote-authentication" title="Remote Authentication - Dataverse User Guide" target="_blank">User Guide</a>.
+oauth2.callback.error.providerDisabled=This authentication method ({0}) is currently disabled. Please log in using one of the supported methods.
+oauth2.callback.error.signupDisabledForProvider=Sorry, signup for new accounts using {0} authentication is currently disabled.
 
 # deactivated user accounts
 deactivated.error=Sorry, your account has been deactivated.

diff --git a/src/main/webapp/oauth2/callback.xhtml b/src/main/webapp/oauth2/callback.xhtml
@@ -21,14 +21,18 @@
             <ui:define name="body">
 	    <div class="alert alert-danger" role="alert" style="margin-top:3em;">
 		    <p>
-                        <h:outputFormat value="#{bundle['oauth2.callback.message']}" escape="false" rendered="#{(!OAuth2Page.disabled) and (!OAuth2Page.signUpDisabled)}">
+                            <!-- This first, generic error message from the bundle should be displayed when something went wrong, 
+                                 but we are not sure what exactly has happened. There is no need to show it however when we know
+                                 exactly what it is, such as when new signups are disabled for this authentication method. Then the 
+                                 second error message provided by the page, below, will be specific enough. Hence the rendering rules: -->
+                            <h:outputFormat value="#{bundle['oauth2.callback.message']}" escape="false" rendered="#{(!OAuth2Page.disabled) and (!OAuth2Page.signUpDisabled)}">
                                     <f:param value="#{systemConfig.guidesBaseUrl}"/>
                                     <f:param value="#{systemConfig.guidesVersion}"/>
 				    </h:outputFormat>
-				    </p>
-				    <p>
-				    <h:outputText value="#{OAuth2Page.error.message}"/>
-				    </p>
+                    </p>
+                    <p>
+                            <h:outputText value="#{OAuth2Page.error.message}"/>
+                    </p>
                     <h:outputFormat value="#{bundle['error.support.message']}" escape="false">
                             <o:param>
                                 <p:commandLink value="#{settingsWrapper.supportTeamName}" oncomplete="PF('contactForm').show()" update=":contactDialog" actionListener="#{sendFeedbackDialog.initUserInput}">