Skip to content

Commit

Permalink
Use client name from additional information for display on approvals
Browse files Browse the repository at this point in the history 
page when available.

[#90546444] https://www.pivotaltracker.com/story/show/90546444

Signed-off-by: Bokuk Seo <bkseo74@gmail.com>
  • Loading branch information
@rdgallagher
rdgallagher committed Mar 24, 2015
1 parent 1a5a88e commit d9243b2
Show file tree
Hide file tree
Showing 4 changed files with 32 additions and 8 deletions.
1 change: 1 addition & 0 deletions common/src/main/java/org/cloudfoundry/identity/uaa/client/ClientConstants.java
View file
Expand Up @@ -16,4 +16,5 @@ public class ClientConstants {
public static final String ALLOWED_PROVIDERS = "allowedproviders";
public static final String AUTO_APPROVE = "autoapprove";
public static final String CREATED_WITH = "createdwith";
public static final String CLIENT_NAME = "name";
}
11 changes: 7 additions & 4 deletions common/src/main/java/org/cloudfoundry/identity/uaa/oauth/AccessController.java
View file
Expand Up @@ -103,18 +103,21 @@ public String confirm(Map<String, Object> model, final HttpServletRequest reques
// response.sendError(HttpServletResponse.SC_BAD_REQUEST);
}
else {
ClientDetails client = clientDetailsService.loadClientByClientId(clientAuthRequest.getClientId());
String clientId = clientAuthRequest.getClientId();
ClientDetails client = clientDetailsService.loadClientByClientId(clientId);
// TODO: Need to fix the copy constructor to copy additionalInfo
BaseClientDetails modifiableClient = new BaseClientDetails(client);
modifiableClient.setClientSecret(null);
model.put("auth_request", clientAuthRequest);
model.put("client", modifiableClient); // TODO: remove this once it
// has gone from jsp pages
model.put("client_id", clientAuthRequest.getClientId());
model.put("redirect_uri", getRedirectUri(modifiableClient, clientAuthRequest));

// Find the auto approved scopes for this clients
Map<String, Object> additionalInfo = client.getAdditionalInformation();
String clientDisplayName = (String) additionalInfo.get(ClientConstants.CLIENT_NAME);
model.put("client_display_name", (clientDisplayName != null)? clientDisplayName : clientId);

// Find the auto approved scopes for this clients
Object autoApproved = additionalInfo.get(ClientConstants.AUTO_APPROVE);
Set<String> autoApprovedScopes = new HashSet<String>();
if (autoApproved instanceof Collection<?>) {
Expand All @@ -128,7 +131,7 @@ else if (autoApproved instanceof Boolean && (Boolean) autoApproved || "true".equ

List<Approval> filteredApprovals = new ArrayList<Approval>();
// Remove auto approved scopes
List<Approval> approvals = approvalStore.getApprovals(Origin.getUserId((Authentication)principal), clientAuthRequest.getClientId());
List<Approval> approvals = approvalStore.getApprovals(Origin.getUserId((Authentication)principal), clientId);
for (Approval approval : approvals) {
if (!(autoApprovedScopes.contains(approval.getScope()))) {
filteredApprovals.add(approval);
Expand Down
20 changes: 20 additions & 0 deletions common/src/test/java/org/cloudfoundry/identity/uaa/oauth/AccessControllerTests.java
View file
Expand Up @@ -18,6 +18,7 @@
import java.util.Map;

import org.cloudfoundry.identity.uaa.authentication.UaaAuthenticationTestFactory;
import org.cloudfoundry.identity.uaa.client.ClientConstants;
import org.cloudfoundry.identity.uaa.oauth.approval.ApprovalStore;
import org.junit.Test;
import org.mockito.Mockito;
Expand Down Expand Up @@ -68,4 +69,23 @@ public void testSchemePreserved() throws Exception {
assertEquals("/oauth/authorize", options.get("path"));
}

@Test
public void testClientDisplayName() throws Exception {
InMemoryClientDetailsService clientDetailsService = new InMemoryClientDetailsService();
BaseClientDetails client = new BaseClientDetails();
client.addAdditionalInformation(ClientConstants.CLIENT_NAME, "The Client Name");
clientDetailsService.setClientDetailsStore(Collections.singletonMap("client-id", client));
controller.setClientDetailsService(clientDetailsService);

controller.setApprovalStore(Mockito.mock(ApprovalStore.class));

Authentication auth = UaaAuthenticationTestFactory.getAuthentication("foo@bar.com", "Foo Bar", "foo@bar.com");

ModelMap model = new ModelMap();
model.put("authorizationRequest", new AuthorizationRequest("client-id", null));

controller.confirm(model, new MockHttpServletRequest(), auth, new SimpleSessionStatus());

assertEquals("The Client Name", model.get("client_display_name"));
}
}
8 changes: 4 additions & 4 deletions login/src/main/resources/templates/web/access_confirmation.html
View file
Expand Up @@ -14,13 +14,13 @@
<div class="panel">
<h1>Application Authorization</h1>
<form id="application_authorization" action="/oauth/authorize" th:action="@{/oauth/authorize}" method="POST" class="panel-content">
<h2 th:text="${client_id}">Cloudbees</h2>
<h2 th:text="${client_display_name}">Cloudbees</h2>
<a class="application-link"
href="https://cloudfoundry.cloudbees.com/authenticate"
th:href="${redirect_uri}"
th:text="${redirect_uri}">https://cloudfoundry.cloudbees.com/authenticate</a>
<p>
<th:block th:text="${client_id}">Cloudbees</th:block> has requested permission to
<th:block th:text="${client_display_name}">Cloudbees</th:block> has requested permission to
access your Pivotal account. If you do not recognize this application or
its URL, you should click deny. The application will not see your password.
</p>
Expand Down Expand Up @@ -53,7 +53,7 @@ <h2 th:text="${client_id}">Cloudbees</h2>
<p>
You can change your approval of permissions or revoke access for this application
at any time from account settings. By approving access, you agree to
<th:block th:text="${client_id}">Cloudbees</th:block>'s terms of service and privacy policy.
<th:block th:text="${client_display_name}">Cloudbees</th:block>'s terms of service and privacy policy.
</p>
<div class="actions">
<button id="deny"
Expand All @@ -73,4 +73,4 @@ <h2 th:text="${client_id}">Cloudbees</h2>
</div>
</div>
</body>
</html>
</html>

0 comments on commit d9243b2

Please sign in to comment.