#12: yay! OAuth support made generic! \o/

grails · Jan 15, 2014 · d1c9ce4 · d1c9ce4
1 parent a8646ba
commit d1c9ce4
Show file tree

Hide file tree

Showing 9 changed files with 133 additions and 156 deletions.
diff --git a/SpringSecurityRestGrailsPlugin.groovy b/SpringSecurityRestGrailsPlugin.groovy
@@ -67,8 +67,6 @@ class SpringSecurityRestGrailsPlugin {
         ///*
         SpringSecurityUtils.registerFilter 'restTokenValidationFilter', SecurityFilterPosition.ANONYMOUS_FILTER.order + 1
         SpringSecurityUtils.registerFilter 'restLogoutFilter', SecurityFilterPosition.LOGOUT_FILTER.order - 1
-        SpringSecurityUtils.registerFilter 'oauthFilter', SecurityFilterPosition.OPENID_FILTER.order - 2
-        SpringSecurityUtils.registerFilter 'oauthTokenFilter', SecurityFilterPosition.OPENID_FILTER.order - 1
         SpringSecurityUtils.registerProvider 'restAuthenticationProvider'
 
         /* authenticationProcessingFilter */
@@ -169,16 +167,6 @@ class SpringSecurityRestGrailsPlugin {
             tokenStorageService = ref('tokenStorageService')
         }
 
-        /* oauthFilter */
-        oauthFilter(OauthFilter)
-
-        /* oauthTokenFilter */
-        oauthTokenFilter(OauthTokenFilter) {
-            tokenGenerator = ref('tokenGenerator')
-            tokenStorageService = ref('tokenStorageService')
-            userDetailsService = ref('userDetailsService')
-        }
-
         //*/
 
         if (printStatusMessages) {

diff --git a/grails-app/conf/BuildConfig.groovy b/grails-app/conf/BuildConfig.groovy
@@ -20,7 +20,6 @@ grails.project.dependency.resolution = {
 
         compile 'net.spy:spymemcached:2.10.3'
         compile 'com.google.guava:guava-io:r03'
-        compile 'org.scribe:scribe:1.3.5'
         compile 'org.pac4j:pac4j-oauth:1.4.1'
     }
 

diff --git a/grails-app/conf/RestOauthUrlMappings.groovy b/grails-app/conf/RestOauthUrlMappings.groovy
@@ -0,0 +1,8 @@
+class RestOauthUrlMappings {
+
+    static mappings = {
+
+        name oauth: "/oauth/${action}/${provider}"(controller: 'oauth')
+
+    }
+}
diff --git a/grails-app/controllers/com/odobo/grails/plugin/springsecurity/rest/OauthController.groovy b/grails-app/controllers/com/odobo/grails/plugin/springsecurity/rest/OauthController.groovy
@@ -0,0 +1,30 @@
+package com.odobo.grails.plugin.springsecurity.rest
+
+import grails.plugin.springsecurity.annotation.Secured
+import org.pac4j.core.context.J2EContext
+import org.pac4j.core.context.WebContext
+import org.pac4j.oauth.client.BaseOAuth20Client
+
+@Secured(['permitAll'])
+class OauthController {
+
+    def oauthService
+    def grailsApplication
+
+    def authenticate(String provider) {
+        BaseOAuth20Client client = oauthService.getClient(provider)
+        WebContext context = new J2EContext(request, response)
+        redirect url: client.getRedirectionUrl(context)
+    }
+
+
+    def callback(String provider) {
+        BaseOAuth20Client client = oauthService.getClient(provider)
+        WebContext context = new J2EContext(request, response)
+        String tokenValue = oauthService.storeAuthentication(provider, context)
+        redirect url: grailsApplication.config.grails.plugin.springsecurity.rest.oauth.frontendCallbackUrl.call(tokenValue)
+    }
+
+
+
+}
diff --git a/grails-app/services/com/odobo/grails/plugin/springsecurity/rest/OauthService.groovy b/grails-app/services/com/odobo/grails/plugin/springsecurity/rest/OauthService.groovy
@@ -0,0 +1,55 @@
+package com.odobo.grails.plugin.springsecurity.rest
+
+import com.odobo.grails.plugin.springsecurity.rest.token.generation.TokenGenerator
+import com.odobo.grails.plugin.springsecurity.rest.token.storage.TokenStorageService
+import org.codehaus.groovy.grails.commons.GrailsApplication
+import org.codehaus.groovy.grails.web.mapping.LinkGenerator
+import org.pac4j.core.context.WebContext
+import org.pac4j.oauth.client.BaseOAuth20Client
+import org.pac4j.oauth.credentials.OAuthCredentials
+import org.pac4j.oauth.profile.OAuth20Profile
+import org.springframework.security.core.Authentication
+import org.springframework.security.core.context.SecurityContextHolder
+import org.springframework.security.core.userdetails.UserDetails
+import org.springframework.security.core.userdetails.UserDetailsService
+
+class OauthService {
+
+    TokenGenerator tokenGenerator
+    TokenStorageService tokenStorageService
+    UserDetailsService userDetailsService
+    GrailsApplication grailsApplication
+    LinkGenerator grailsLinkGenerator
+
+
+    private BaseOAuth20Client<OAuth20Profile> getClient(String provider) {
+        def providerConfig = grailsApplication.config.grails.plugin.springsecurity.rest.oauth."${provider}"
+        def ClientClass = providerConfig.client
+
+        BaseOAuth20Client<OAuth20Profile> client = ClientClass.newInstance(providerConfig.key, providerConfig.secret)
+        client.callbackUrl = grailsLinkGenerator.link controller: 'oauth', action: 'callback', params: [provider: provider], mapping: 'oauth', absolute: true
+        client.scope = providerConfig.scope
+        return client
+    }
+
+    String storeAuthentication(String provider, WebContext context) {
+        BaseOAuth20Client<OAuth20Profile> client = getClient(provider)
+        OAuthCredentials credentials = client.getCredentials context
+        OAuth20Profile profile = client.getUserProfile credentials
+
+        log.debug "User's ID: ${profile.id}"
+
+        String tokenValue = tokenGenerator.generateToken()
+        log.debug "Generated token: ${tokenValue}"
+
+        UserDetails userDetails = userDetailsService.loadUserByUsername profile.id
+
+        tokenStorageService.storeToken(tokenValue, userDetails)
+
+        Authentication authenticationResult = new RestAuthenticationToken(userDetails, userDetails.password, userDetails.authorities, tokenValue)
+
+        SecurityContextHolder.context.setAuthentication(authenticationResult)
+
+        return tokenValue
+    }
+}
diff --git a/src/groovy/com/odobo/grails/plugin/springsecurity/rest/oauth/OauthFilter.groovy b/src/groovy/com/odobo/grails/plugin/springsecurity/rest/oauth/OauthFilter.groovy
diff --git a/src/groovy/com/odobo/grails/plugin/springsecurity/rest/oauth/OauthTokenFilter.groovy b/src/groovy/com/odobo/grails/plugin/springsecurity/rest/oauth/OauthTokenFilter.groovy
diff --git a/test/unit/com/odobo/grails/plugin/springsecurity/rest/OauthControllerSpec.groovy b/test/unit/com/odobo/grails/plugin/springsecurity/rest/OauthControllerSpec.groovy
@@ -0,0 +1,20 @@
+package com.odobo.grails.plugin.springsecurity.rest
+
+import grails.test.mixin.TestFor
+import spock.lang.Specification
+
+/**
+ * See the API for {@link grails.test.mixin.web.ControllerUnitTestMixin} for usage instructions
+ */
+@TestFor(OauthController)
+class OauthControllerSpec extends Specification {
+
+    def setup() {
+    }
+
+    def cleanup() {
+    }
+
+    void "test something"() {
+    }
+}
diff --git a/test/unit/com/odobo/grails/plugin/springsecurity/rest/OauthServiceSpec.groovy b/test/unit/com/odobo/grails/plugin/springsecurity/rest/OauthServiceSpec.groovy
@@ -0,0 +1,20 @@
+package com.odobo.grails.plugin.springsecurity.rest
+
+import grails.test.mixin.TestFor
+import spock.lang.Specification
+
+/**
+ * See the API for {@link grails.test.mixin.services.ServiceUnitTestMixin} for usage instructions
+ */
+@TestFor(OauthService)
+class OauthServiceSpec extends Specification {
+
+    def setup() {
+    }
+
+    def cleanup() {
+    }
+
+    void "test something"() {
+    }
+}