Create page for password entry for idp discovery

[#117269381] https://www.pivotaltracker.com/story/show/117269381

Signed-off-by: Madhura Bhave <mbhave@pivotal.io>

server/src/main/java/org/cloudfoundry/identity/uaa/login/LoginInfoEndpoint.java

@@ -34,6 +34,7 @@
 import org.cloudfoundry.identity.uaa.util.UaaStringUtils;
 import org.cloudfoundry.identity.uaa.zone.IdentityZone;
 import org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration;
+import org.cloudfoundry.identity.uaa.zone.IdentityZoneConfigurationValidator;
 import org.cloudfoundry.identity.uaa.zone.IdentityZoneHolder;
 import org.springframework.core.io.support.PropertiesLoaderUtils;
 import org.springframework.dao.EmptyResultDataAccessException;
@@ -52,6 +53,7 @@
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.ResponseBody;
 import org.springframework.web.bind.annotation.ResponseStatus;
 
@@ -467,6 +469,17 @@ public String extractUrlFromString(String s) {
         return null;
     }
 
+    @RequestMapping(value = "/login/password", method = RequestMethod.POST)
+    public String discoverIdentityProvider(@RequestParam String email, Model model) {
+        model.addAttribute("email", email);
+        String forgotPasswordLink;
+        if ((forgotPasswordLink = getSelfServiceLinks().get(FORGOT_PASSWORD_LINK)) != null)
+        {
+            model.addAttribute(FORGOT_PASSWORD_LINK, forgotPasswordLink);
+        }
+        return "idp_discovery/password";
+    }
+
     @RequestMapping(value = "/autologin", method = RequestMethod.POST)
     @ResponseBody
     public AutologinResponse generateAutologinCode(@RequestBody AutologinRequest request,
@@ -580,12 +593,7 @@ public String generatePasscode(Map<String, Object> model, Principal principal)
     }
 
     protected Map<String, ?> getLinksInfo() {
-        IdentityZone zone = IdentityZoneHolder.get();
-        IdentityProvider<UaaIdentityProviderDefinition> uaaIdp = providerProvisioning.retrieveByOrigin(OriginKeys.UAA, IdentityZoneHolder.get().getId());
-        boolean disableInternalUserManagement = (uaaIdp.getConfig()!=null) ? uaaIdp.getConfig().isDisableInternalUserManagement() : false;
-        boolean selfServiceLinksEnabled = (zone.getConfig()!=null) ? zone.getConfig().getLinks().getSelfService().isSelfServiceLinksEnabled() : true;
-        String signup = zone.getConfig()!=null ? zone.getConfig().getLinks().getSelfService().getSignup() : null;
-        String passwd = zone.getConfig()!=null ? zone.getConfig().getLinks().getSelfService().getPasswd() : null;
+
         Map<String, Object> model = new HashMap<>();
         model.put(OriginKeys.UAA, addSubdomainToUrl(getUaaBaseUrl()));
         if (getBaseUrl().contains("localhost:")) {
@@ -595,23 +603,36 @@ public String generatePasscode(Map<String, Object> model, Principal principal)
         } else {
             model.put("login", addSubdomainToUrl(getUaaBaseUrl().replaceAll(OriginKeys.UAA, "login")));
         }
+        model.putAll(getSelfServiceLinks());
+        return model;
+    }
+
+    private Map<String,String> getSelfServiceLinks() {
+        Map<String, String> selfServiceLinks = new HashMap<>();
+        IdentityZone zone = IdentityZoneHolder.get();
+        IdentityProvider<UaaIdentityProviderDefinition> uaaIdp = providerProvisioning.retrieveByOrigin(OriginKeys.UAA, IdentityZoneHolder.get().getId());
+        boolean disableInternalUserManagement = (uaaIdp.getConfig()!=null) ? uaaIdp.getConfig().isDisableInternalUserManagement() : false;
+        boolean selfServiceLinksEnabled = (zone.getConfig()!=null) ? zone.getConfig().getLinks().getSelfService().isSelfServiceLinksEnabled() : true;
+        String signup = zone.getConfig()!=null ? zone.getConfig().getLinks().getSelfService().getSignup() : null;
+        String passwd = zone.getConfig()!=null ? zone.getConfig().getLinks().getSelfService().getPasswd() : null;
+
         if (selfServiceLinksEnabled && !disableInternalUserManagement) {
-            model.put(CREATE_ACCOUNT_LINK, "/create_account");
-            model.put("register", "/create_account");
-            model.put(FORGOT_PASSWORD_LINK, "/forgot_password");
-            model.put("passwd", "/forgot_password");
+            selfServiceLinks.put(CREATE_ACCOUNT_LINK, "/create_account");
+            selfServiceLinks.put("register", "/create_account");
+            selfServiceLinks.put(FORGOT_PASSWORD_LINK, "/forgot_password");
+            selfServiceLinks.put("passwd", "/forgot_password");
             if(IdentityZoneHolder.isUaa()) {
                 if (hasText(signup)) {
-                    model.put(CREATE_ACCOUNT_LINK, signup);
-                    model.put("register", signup);
+                    selfServiceLinks.put(CREATE_ACCOUNT_LINK, signup);
+                    selfServiceLinks.put("register", signup);
                 }
                 if (hasText(passwd)) {
-                    model.put(FORGOT_PASSWORD_LINK, passwd);
-                    model.put("passwd", passwd);
+                    selfServiceLinks.put(FORGOT_PASSWORD_LINK, passwd);
+                    selfServiceLinks.put("passwd", passwd);
                 }
             }
         }
-        return model;
+        return selfServiceLinks;
     }
 
     public void setUaaBaseUrl(String baseUrl) {

server/src/main/resources/templates/web/idp_discovery/password.html

@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout" layout:decorator="layouts/pivotal-ui-main">
+<div layout:fragment="page-content">
+    <h4 id="email" th:text="${email}" class="txt-c pbxxl ptxl">
+        Email
+    </h4>
+    <form action="/login.do" th:action="@{/login.do}" method="post" role="form" _lpchecked="1">
+        <div class="form-group password_field">
+            <label class="control-label" for="password">Password</label>
+            <input class="form-control" id="password" name="password" type="password"/>
+            <div class="help-block has-error" style="display: none;">
+                Please enter your password
+            </div>
+        </div>
+        <div class="form-group">
+            <input class="btn btn-highlight btn-block btn-lg" name="commit" type="submit" value="Sign in"/>
+        </div>
+    </form>
+    <div class="addl-actions txt-c mbxl mtxxl clearfix">
+        <div class="action pull-left">
+            <a href="/login" th:href="@{/login}"><span class="fa fa-icon fa-chevron-left small"></span>
+                Back
+            </a></div>
+        <div class="action pull-right">
+            <a th:unless="${forgotPasswordLink == null}" href="/forgot_password" th:href="@{${forgotPasswordLink}}" class="link-lowlight">Reset password</a>
+        </div>
+    </div>
+</div>
+</html>

uaa/src/main/webapp/WEB-INF/spring-servlet.xml

@@ -89,6 +89,7 @@
     <sec:http name="secFilterOpen15" pattern="/saml_error" security="none" />
     <sec:http name="secFilterOpen16" pattern="/favicon.ico" security="none" />
     <sec:http name="secFilterOpen17" pattern="/oauth_error" security="none" />
+    <sec:http name="secFilterOpen18" pattern="/login/password" security="none" />
 
     <bean id="xFrameOptionsFilter" class="org.cloudfoundry.identity.uaa.security.web.XFrameOptionsFilter" />
     <bean id="oauth2TokenParseFilter" class="java.lang.Class" factory-method="forName">