From e6915bad204c28e3812d38d104d3bc15571cea25 Mon Sep 17 00:00:00 2001 From: Steve Hu Date: Thu, 23 Apr 2020 20:06:48 -0400 Subject: [PATCH] fixes #266 use fake account to return error message so that code service can return login error --- .../oauth/auth/LightPortalAuthenticator.java | 36 +++++++++++-- .../code/handler/Oauth2CodePostHandler.java | 52 +++++++++++-------- login-view/deploy-local.sh | 4 +- login-view/src/components/Login.js | 11 ++-- 4 files changed, 70 insertions(+), 33 deletions(-) diff --git a/authhub/src/main/java/com/networknt/oauth/auth/LightPortalAuthenticator.java b/authhub/src/main/java/com/networknt/oauth/auth/LightPortalAuthenticator.java index 82b31e68..dabf86ff 100644 --- a/authhub/src/main/java/com/networknt/oauth/auth/LightPortalAuthenticator.java +++ b/authhub/src/main/java/com/networknt/oauth/auth/LightPortalAuthenticator.java @@ -110,7 +110,6 @@ public Account authenticate(String id, Credential credential) { if(statusCode == 200) { Map map = JsonMapper.string2Map(body); // {"roles":"user","id":"stevehu@gmail.com"} - String roles = (String)map.get("roles"); Account account = new Account() { private Set roles = splitRoles((String)map.get("roles")); private final Principal principal = () -> id; @@ -125,12 +124,43 @@ public Set getRoles() { } }; return account; + } else { + // create a dummy account to return the error the the StatelessAuthHandler in light-spa-4j + Map map = JsonMapper.string2Map(body); + Account account = new Account() { + private final Principal principal = () -> "error"; + @Override + public Principal getPrincipal() { + return principal; + } + + @Override + public Set getRoles() { + Set roles = new HashSet<>(); + roles.add((String)map.get("description")); + return roles; + } + }; + return account; } } catch (Exception e) { logger.error("Exception:", e); - return null; + Account account = new Account() { + private final Principal principal = () -> "error"; + @Override + public Principal getPrincipal() { + return principal; + } + + @Override + public Set getRoles() { + Set roles = new HashSet<>(); + roles.add(e.getMessage()); + return roles; + } + }; + return account; } - return null; } public Set splitRoles(String roles) { diff --git a/code/src/main/java/com/networknt/oauth/code/handler/Oauth2CodePostHandler.java b/code/src/main/java/com/networknt/oauth/code/handler/Oauth2CodePostHandler.java index aeb503c3..c8927939 100644 --- a/code/src/main/java/com/networknt/oauth/code/handler/Oauth2CodePostHandler.java +++ b/code/src/main/java/com/networknt/oauth/code/handler/Oauth2CodePostHandler.java @@ -53,32 +53,38 @@ public void handleRequest(HttpServerExchange exchange) throws Exception { final SecurityContext context = exchange.getSecurityContext(); String userId = context.getAuthenticatedAccount().getPrincipal().getName(); if(logger.isDebugEnabled()) logger.debug("userId = " + userId); - Set roles = context.getAuthenticatedAccount().getRoles(); - Map codeMap = new HashMap<>(); - codeMap.put("userId", userId); - if(roles != null && !roles.isEmpty()) { - codeMap.put("roles", String.join(" ", roles)); - } - // generate auth code - String code = Util.getUUID(); - if(redirectUri == null) { - redirectUri = client.getRedirectUri(); + if("error".equals(userId)) { + exchange.setStatusCode(StatusCodes.BAD_REQUEST); + exchange.getResponseSender().send(context.getAuthenticatedAccount().getRoles().iterator().next()); + processAudit(exchange); } else { - codeMap.put("redirectUri", redirectUri); - } - if(remember != null) codeMap.put("remember", remember); // pass the remember checkbox value to the token service - CacheStartupHookProvider.hz.getMap("codes").set(code, codeMap); + Set roles = context.getAuthenticatedAccount().getRoles(); + Map codeMap = new HashMap<>(); + codeMap.put("userId", userId); + if(roles != null && !roles.isEmpty()) { + codeMap.put("roles", String.join(" ", roles)); + } + // generate auth code + String code = Util.getUUID(); + if(redirectUri == null) { + redirectUri = client.getRedirectUri(); + } else { + codeMap.put("redirectUri", redirectUri); + } + if(remember != null) codeMap.put("remember", remember); // pass the remember checkbox value to the token service + CacheStartupHookProvider.hz.getMap("codes").set(code, codeMap); - redirectUri = redirectUri + "?code=" + code; - if(state != null) { - redirectUri = redirectUri + "&state=" + state; + redirectUri = redirectUri + "?code=" + code; + if(state != null) { + redirectUri = redirectUri + "&state=" + state; + } + if(logger.isDebugEnabled()) logger.debug("redirectUri = " + redirectUri); + // now redirect here. + exchange.setStatusCode(StatusCodes.FOUND); + exchange.getResponseHeaders().put(Headers.LOCATION, redirectUri); + exchange.endExchange(); + processAudit(exchange); } - if(logger.isDebugEnabled()) logger.debug("redirectUri = " + redirectUri); - // now redirect here. - exchange.setStatusCode(StatusCodes.FOUND); - exchange.getResponseHeaders().put(Headers.LOCATION, redirectUri); - exchange.endExchange(); - processAudit(exchange); } } } diff --git a/login-view/deploy-local.sh b/login-view/deploy-local.sh index 24233dfc..63ab897f 100755 --- a/login-view/deploy-local.sh +++ b/login-view/deploy-local.sh @@ -2,6 +2,6 @@ echo "Build the view in in test mode" yarn build echo "Build completed in build folder, start copying to local folder" -rm -rf /home/steve/networknt/light-config-test/light-router/local-portal/signin/build -cp -r ./build /home/steve/networknt/light-config-test/light-router/local-portal/signin +rm -rf /home/steve/light-chain/light-config-test/light-router/local-direct/signin/build +cp -r ./build /home/steve/light-chain/light-config-test/light-router/local-direct/signin echo "Copied!" diff --git a/login-view/src/components/Login.js b/login-view/src/components/Login.js index 49956240..8106b76e 100644 --- a/login-view/src/components/Login.js +++ b/login-view/src/components/Login.js @@ -145,11 +145,10 @@ function Login() { body: formData }) .then(response => { - if (response.ok) { - return response.json(); - } else { - throw Error(response.statusText); + if (!response.ok) { + throw response; } + return response.json(); }) .then(json => { //console.log(json); @@ -158,7 +157,8 @@ function Login() { setScopes(json.scopes); }) .catch(error => { - console.log("error=", error); + error.text().then(errorMessage => { + console.log("error=", errorMessage); const data = { email: username, password: password @@ -173,6 +173,7 @@ function Login() { const url = '/portal/query?cmd=' + encodeURIComponent(JSON.stringify(cmd)); const message = 'Login Failed! Click here to identify root cause.' setError(message.replace('link', url)); + }) }); };