YES:OAuth2server up&running

Signed-off-by: Luca Fulchir <luca@fulchir.it>
parent 2eadb8f9
......@@ -246,17 +246,47 @@ scope (earlyreturn) {
if (answer != issued_token)
throw(wrong_token);
createSecureToken@SecurityUtils(void)(issued_verifier);
test.sid = "issued_verifier";
test.var = issued_verifier;
store@Store(test)();
output.code = 302;
output.headers[0].name = "Location";
output.headers[0].value = callback + "?oauth_token=" + answer +
pairs.search = "username";
pairSearch@HTTP(pairs)(answer);
if (!answer.found) {
output.code = 200;
output.body =
"<html>
<head>
<title>Jolie OAuth1 auth page test</title>
</head>
<body>
<form action=\"/authenticate\" method=\"GET\">
User: <input type=\"text\" name=\"username\"><br>
Pass: <input type=\"password\" name=\"password\"><br>
<input type=\"hidden\" name=\"oauth_token\" value=\""+issued_token+"\">
<input type=\"submit\" value=\"Authenticate\">
</form>
</body>
</html>
"
} else {
username = answer;
pairs.search = "password";
pairSearch@HTTP(pairs)(password);
if (!answer.found)
throw(wrong_token);
if (username != "OAuthuser" || password != "OAuthpass")
throw(wrong_token);
createSecureToken@SecurityUtils(void)(issued_verifier);
test.sid = "issued_verifier";
test.var = issued_verifier;
store@Store(test)();
output.code = 302;
output.headers[0].name = "Location";
output.headers[0].value = callback + "?oauth_token=" +
issued_token +
"&oauth_verifier=" + issued_verifier +
"&uid=101"
"&uid=101" // added for dropbox test
}
}
}]{nullProcess}
......
......@@ -25,14 +25,16 @@ main
{
ERR="Error";
// data needed for the connection: where to connect, how and who we are
data.location_authorize = "https://accounts.google.com/o/oauth2/auth";
data.location_access = "https://accounts.google.com/o/oauth2/token";
data.location_authorize = "http://localhost:8000/authorize";
//data.location_authorize = "https://accounts.google.com/o/oauth2/auth";
data.location_access = "http://localhost:8000/token";
//data.location_access = "https://accounts.google.com/o/oauth2/token";
data.method = "GET";
data.client_id = "393076792151.apps.googleusercontent.com";
data.client_secret = "26H4P4_MJ8lBqXxNb-4dAqTL";
data.redirect_uri = "http://localhost:8055/code";
data.scope = "https://www.googleapis.com/auth/plus.me";
// send the message
acgAuth@OAuth2 (data) (referr);
println@Console ("auth this app with " + referr)();
......@@ -48,7 +50,7 @@ main
out = ERR
} else {
if (!is_defined(codeRequest.code)) {
println@Console("We got a redirect, no code included")();
println@Console("We got a redirect,no code included")();
out = ERR
} else if (is_defined(data.state)) {
if (!is_defined(codeRequest.state)) {
......@@ -78,8 +80,10 @@ main
println@Console("expires_in:" + answer.expires_in)();
if (is_defined(answer.refresh_token)) {
println@Console("refresh_token:" + answer.refresh_token)()
};
}
/*
* NOT implemented in server demo.
* but you can try it on google, just change the initial demo pages.
println@Console("Now refreshing the token:")();
refresh@OAuth2(answer)(refresh_answer);
println@Console("token:" + refresh_answer.access_token)();
......@@ -87,6 +91,7 @@ main
if (is_defined(refresh_answer.refresh_token)) {
println@Console("refresh_token:" + refresh_answer.refresh_token)()
}
*/
}
}
......@@ -7,6 +7,7 @@ include "security_utils.iol"
include "jolie/net/OAuth/OAuth2Data.iol"
include "../utils/HTTPTypes.iol"
include "../utils/HTTP.iol"
include "store.iol"
execution{concurrent}
......@@ -37,7 +38,7 @@ scope (errorHTTP) {
srv.port = int(8000);
srv.host = "127.0.0.1";
srv.operation = "OAuth2Callback"; // Jolie method to call
srv.resource = "/"; // This Jolie service
srv.resource = "/OAuth2Server"; // This Jolie service
initialize@HTTP(srv)();
......@@ -48,16 +49,13 @@ scope (errorHTTP) {
page = "/authorize";
page.operation = "OAuth2Authorize";
page.resource = "/";
addPage@HTTP(page)(asd);
addPage@HTTP(page)();
page = "/token";
page.operation = "OAuth2Token";
addPage@HTTP(page)(asd);
addPage@HTTP(page)();
//finally start our HTTP server:
start@HTTP("OAuth2")();
// instead of a database we'll relay on this variable
issued_code=""
start@HTTP("OAuth2")()
}
}
......@@ -78,32 +76,24 @@ scope (earlyreturn) {
install (errreturn =>
output.code = int(500);
undef(output.headers);
undef(output.body),
output.body = "err 500",
wrong_code =>
output.code = int(401); //unauthorized
undef(output.headers);
undef(output.body),
output.body = "err 401",
wrong_header =>
output.code = int(400); //wrong parameters
undef(output.headers);
undef(output.body),
output.body = "err 400",
missing_parameters =>
output.code = int(400); //wrong parameters
undef(output.headers);
undef(output.body)
output.body = "err 400"
);
if (input.page != "/authorize") {
throw(errreturn)
};
search.pair << input.headers;
search.search = "Authentication";
pairSearch@HTTP (search) (answer);
if (!answer.found) {
throw(errreturn)
};
undef(answer.found);
//check that the required parameters are present:
search.pair << input.query;
search.search = "response_type";
......@@ -113,7 +103,7 @@ scope (earlyreturn) {
response_type = answer;
search.search = "client_id";
pairSearch@HTTP (search) (answer);
if (!answer.found)
if (!answer.found|| answer != "393076792151.apps.googleusercontent.com")
throw(missing_parameters);
client_id = answer;
// by RFC is optional, but we can require it
......@@ -121,7 +111,9 @@ scope (earlyreturn) {
pairSearch@HTTP (search) (answer);
if (!answer.found)
throw(missing_parameters);
last_callback = answer;
answer.encoding = "UTF-8";
undef(answer.found);
URLdecode@HTTP(answer)(last_callback);
search.search = "scope";
pairSearch@HTTP (search) (answer);
if (!answer.found) {
......@@ -135,7 +127,6 @@ scope (earlyreturn) {
state = answer
};
search.search = "username";
pairSearch@HTTP (search) (answer);
if (!answer.found) {
......@@ -152,18 +143,18 @@ scope (earlyreturn) {
<title>Jolie OAuth2 auth page test</title>
</head>
<body>
<form action=\"/authorize?response_type=" + response_type +
"&client_id=" + client_id + "&redirect_uri="+last_callback+"&scope="+authscope;
if (is_defined(state)) {
output.body = output.body + "&state=" + state
};
output.body = output.body +
"\" method=\"GET\">
<form action=\"/authorize\" method=\"GET\">
User: <input type=\"text\" name=\"username\"><br>
Pass: <input type=\"password\" name=\"password\"><br>
<input type=\"submit\" value=\"Authenticate\">
<input type=\"hidden\" name=\"response_type\" value=\""+response_type+"\">
<input type=\"hidden\" name=\"client_id\" value=\""+client_id+"\">
<input type=\"hidden\" name=\"redirect_uri\" value=\""+last_callback+"\">
<input type=\"hidden\" name=\"scope\" value=\""+authscope+"\">";
if (is_defined(state))
output.body = output.body +
" <input type=\"hidden\" name=\"state\" value=\""+state+"\">";
output.body = output.body +
" <input type=\"submit\" value=\"Authenticate\">
</form>
</body>
</html>
......@@ -181,8 +172,12 @@ scope (earlyreturn) {
// everything ok. generate new tokens
createSecureToken@SecurityUtils(void)(issued_code);
st.var = issued_code;
st.sid = "issued_code";
store@Store(st)();
// finally communicate the data
output.code = "302";
output.code = 302;
output.headers[0].name = "Location";
output.headers[0].value= last_callback + "?code=" + issued_code;
if (is_defined(state)) {
......@@ -194,6 +189,7 @@ scope (earlyreturn) {
}]{nullProcess}
[OAuth2Token (input) (output) {
scope (earlyreturn) {
install (errreturn =>
output.code = int(500);
undef(output.headers);
......@@ -207,32 +203,35 @@ scope (earlyreturn) {
undef(output.headers);
undef(output.body)
);
scope (earlyreturn) {
if (input.page != "/access") {
if (input.page != "/token") {
throw(errreturn)
};
parse_www_form@HTTP(input.body)(pairs);
parse_www_form@HTTP(input.body)(pair);
get.sid = "issued_code";
get@Store(get)(issued_code);
pair.search = "code";
pairSearch@HTTP (pairs) (answer);
pairSearch@HTTP (pair) (answer);
if (!answer.found || answer != issued_code)
throw(wrong_code);
pair.search = "grant_type";
pairSearch@HTTP (pairs) (answer);
pairSearch@HTTP (pair) (answer);
if (!answer.found || answer != "authorization_code")
throw(wrong_header);
pair.search = "redirect_uri";
pairSearch@HTTP (pairs) (answer);
pairSearch@HTTP (pair) (answer);
if (!answer.found)
throw(wrong_header);
pair.search = "client_id";
pairSearch@HTTP (pairs) (answer);
if (!answer.found || answer != "ourClientId")
pairSearch@HTTP (pair) (answer);
if (!answer.found|| answer != "393076792151.apps.googleusercontent.com")
throw(wrong_header);
pair.search = "client_secret";
pairSearch@HTTP (pairs) (answer);
if (!answer.found || answer != "ourClientSecret")
pairSearch@HTTP (pair) (answer);
if (!answer.found || answer != "26H4P4_MJ8lBqXxNb-4dAqTL")
throw(wrong_code);
......@@ -241,6 +240,7 @@ scope (earlyreturn) {
// finally communicate the data
// these are the final user-authorized tokens.
// you should generate them at random and add them to your database
output.code = 200;
output.headers[0].name="Content-Type";
output.headers[0].value="application/json";
output.body ="{
......
......@@ -258,7 +258,7 @@ public static Value parse_www_form (String data) throws FaultException
Value tmp = Value.create();
tmp.getFirstChild("name").setValue(pair.getName());
tmp.getFirstChild("value").setValue(pair.getValue());
result.getNewChild("pair").add(tmp);
result.getNewChild("pair").deepCopy(tmp);
}
return result;
} catch (Exception e) {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment