This implements following fixes/improvements; * Adding an intermediate for user to accept consents. * Fixing issue of not redirected to the consent.do * Authentication failure pagemerge-requests/1/head
parent
f265ddc736
commit
583b17d405
@ -0,0 +1,73 @@
|
||||
{{!
|
||||
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
|
||||
WSO2 Inc. licenses this file to you under the Apache License,
|
||||
Version 2.0 (the "License"); you may not use this file except
|
||||
in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
}}
|
||||
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
|
||||
{{unit "cdmf.unit.ui.title" pageTitle="Consent Page"}}
|
||||
|
||||
{{#zone "content"}}
|
||||
<div class="row">
|
||||
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
|
||||
|
||||
<p class="page-sub-title">User Consents</p>
|
||||
<hr/>
|
||||
<div class="alert alert-warning" style="padding-right: 15px;">
|
||||
<i class="icon fw fw-warning"></i> <b>{{appName}}</b> application requests access to your profile information
|
||||
</div>
|
||||
|
||||
<div class="panel-body">
|
||||
<form id="consentForm" method="POST" action="/commonauth">
|
||||
<p>By selecting following attributes I agree to share them with the above service provider.</p>
|
||||
<div class="wr-input-control">
|
||||
<label class="wr-input-control checkbox">
|
||||
<input type="checkbox" name="consent_select_all" id="consent_select_all"/>
|
||||
<span class="helper" title="Select All">Select All</span>
|
||||
</label>
|
||||
</div>
|
||||
<div class="wr-input-control">
|
||||
{{#each mandatoryClaims}}
|
||||
<label class="wr-input-control checkbox">
|
||||
<input class="mandatory-claim" type="checkbox" name="consent_{{claimId}}"
|
||||
id="consent_{{claimId}}" required/>
|
||||
<span class="helper" title="{{displayName}}">{{displayName}}
|
||||
<span class="required font-medium"></span></span>
|
||||
</label>
|
||||
{{/each}}
|
||||
</div>
|
||||
<div class="wr-input-control">
|
||||
{{#each requestedClaims}}
|
||||
<label class="wr-input-control checkbox">
|
||||
<input class="mandatory-claim" type="checkbox" name="consent_{{claimId}}"
|
||||
id="consent_{{claimId}}"/>
|
||||
<span class="helper" title="{{displayName}}">{{displayName}}</span>
|
||||
</label>
|
||||
{{/each}}
|
||||
</div>
|
||||
<p class="small">Mandatory claims are marked with an asterisk ( * )</p>
|
||||
<div class="wr-input-control wr-btn-grp">
|
||||
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
|
||||
<input type="hidden" name="consent" id="consent" value="deny"/>
|
||||
<button class="btn btn-primary" onclick="approved()">Approve</button>
|
||||
<button class="btn btn-default" onclick="deny()">Deny</button>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{/zone}}
|
||||
{{#zone "bottomJs"}}
|
||||
{{js "js/script.js"}}
|
||||
{{/zone}}
|
@ -0,0 +1,38 @@
|
||||
function onRequest(context) {
|
||||
var Encode = Packages.org.owasp.encoder.Encode;
|
||||
var viewModel = {};
|
||||
viewModel.appName = Encode.forHtml(request.getParameter("sp"));
|
||||
var mandatoryClaims = [];
|
||||
var requestedClaims = [];
|
||||
|
||||
var mandatoryClaimsList, requestedClaimsList;
|
||||
var i, j, partOne, partTwo;
|
||||
if (request.getParameter("mandatoryClaims")) {
|
||||
mandatoryClaimsList = request.getParameter("mandatoryClaims").split(",");
|
||||
for (j = 0; j < mandatoryClaimsList.length; j++) {
|
||||
var mandatoryClaimsStr = mandatoryClaimsList[j];
|
||||
i = mandatoryClaimsStr.indexOf('_');
|
||||
partOne = mandatoryClaimsStr.slice(0, i);
|
||||
partTwo = mandatoryClaimsStr.slice(i + 1, mandatoryClaimsStr.length);
|
||||
mandatoryClaims.push(
|
||||
{"claimId": Encode.forHtmlAttribute(partOne), "displayName": Encode.forHtmlAttribute(partTwo)}
|
||||
);
|
||||
}
|
||||
}
|
||||
if (request.getParameter("requestedClaims")) {
|
||||
requestedClaimsList = request.getParameter("requestedClaims").split(",");
|
||||
for (j = 0; j < requestedClaimsList.length; j++) {
|
||||
var requestedClaimsStr = requestedClaimsList[j];
|
||||
i = requestedClaimsStr.indexOf('_');
|
||||
partOne = requestedClaimsStr.slice(0, i);
|
||||
partTwo = requestedClaimsStr.slice(i + 1, requestedClaimsStr.length);
|
||||
requestedClaims.push(
|
||||
{"claimId": Encode.forHtmlAttribute(partOne), "displayName": Encode.forHtmlAttribute(partTwo)}
|
||||
);
|
||||
}
|
||||
}
|
||||
viewModel.mandatoryClaims = mandatoryClaims;
|
||||
viewModel.requestedClaims = requestedClaims;
|
||||
viewModel.sessionDataKey = Encode.forHtmlAttribute(request.getParameter("sessionDataKey"));
|
||||
return viewModel;
|
||||
}
|
@ -0,0 +1,6 @@
|
||||
{
|
||||
"version": "1.0.0",
|
||||
"layout": "uuf.layout.sign-in",
|
||||
"uri": "/consent.do",
|
||||
"isAnonymous": true
|
||||
}
|
@ -0,0 +1,35 @@
|
||||
function approved() {
|
||||
var mandatoryClaimCBs = $(".mandatory-claim");
|
||||
var checkedMandatoryClaimCBs = $(".mandatory-claim:checked");
|
||||
|
||||
if (checkedMandatoryClaimCBs.length == mandatoryClaimCBs.length) {
|
||||
document.getElementById('consent').value = "approve";
|
||||
document.getElementById("consentForm").submit();
|
||||
} else {
|
||||
$("#modal_claim_validation").modal();
|
||||
}
|
||||
}
|
||||
|
||||
function deny() {
|
||||
document.getElementById('consent').value = "deny";
|
||||
document.getElementById("consentForm").submit();
|
||||
}
|
||||
|
||||
$(document).ready(function () {
|
||||
$("#consent_select_all").click(function () {
|
||||
if (this.checked) {
|
||||
$('.checkbox input:checkbox').each(function () {
|
||||
$(this).prop("checked", true);
|
||||
});
|
||||
} else {
|
||||
$('.checkbox :checkbox').each(function () {
|
||||
$(this).prop("checked", false);
|
||||
});
|
||||
}
|
||||
});
|
||||
$(".checkbox input").click(function (e) {
|
||||
if (e.target.id !== 'consent_select_all') {
|
||||
$("#consent_select_all").prop("checked", false);
|
||||
}
|
||||
});
|
||||
});
|
@ -0,0 +1,71 @@
|
||||
{{!
|
||||
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
|
||||
WSO2 Inc. licenses this file to you under the Apache License,
|
||||
Version 2.0 (the "License"); you may not use this file except
|
||||
in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
}}
|
||||
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
|
||||
{{unit "cdmf.unit.ui.title" pageTitle="Login"}}
|
||||
|
||||
{{#zone "content"}}
|
||||
<div class="row">
|
||||
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
|
||||
|
||||
<p class="page-sub-title">Login</p>
|
||||
<hr/>
|
||||
{{#if message}}
|
||||
<div class="alert alert-danger" style="padding-right: 15px;">
|
||||
<i class="icon fw fw-warning"></i> {{message}}!
|
||||
</div>
|
||||
{{/if}}
|
||||
|
||||
<div class="panel-body">
|
||||
<form id="signInForm" method="POST" action="{{loginActionUrl}}">
|
||||
<div class="form-group">
|
||||
<label for="username">Username *</label>
|
||||
<input type="text" name="username" class="form-control" placeholder="Enter your username"
|
||||
autofocus="autofocus" required="required"/>
|
||||
</div>
|
||||
<div class="form-group">
|
||||
<label for="password">Password *</label>
|
||||
<input type="password" name="password" class="form-control" autocomplete="off"
|
||||
placeholder="Enter your password" required="required"/>
|
||||
</div>
|
||||
{{#if sessionDataKey}}
|
||||
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
|
||||
{{/if}}
|
||||
{{#if referer}}
|
||||
<input type="hidden" name="referer" value="{{referer}}"/>
|
||||
{{/if}}
|
||||
|
||||
<div class="alert alert-warning" style="border-radius:5px"><p class="doc-link">
|
||||
This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies. For more information, refer <a href="{{@unit.publicUri}}/privacy-policies/cookie-policy" style="color:#ffffff;"
|
||||
target="_blank"><u>cookie policy</u></a> and
|
||||
<a href="{{@unit.publicUri}}/privacy-policies/privacy-policy" style="color:#ffffff;"
|
||||
target="_blank"><u>privacy policy</u></a></p>
|
||||
</div>
|
||||
|
||||
<div class="wr-input-control wr-btn-grp">
|
||||
<button class="wr-btn btn-download-agent">
|
||||
Log in
|
||||
</button>
|
||||
<div id="register-link-wrapper" style="float: right; padding-top: 10px;">
|
||||
<a href="{{@app.context}}/register" class="pull-right create-account">Create an account</a>
|
||||
</div>
|
||||
</div>
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{/zone}}
|
@ -0,0 +1,32 @@
|
||||
function onRequest(context) {
|
||||
var authModuleConfigs = context.app.conf["authModule"];
|
||||
var sessionDataKey = request.getParameter("sessionDataKey");
|
||||
var authFailure = request.getParameter("authFailure");
|
||||
|
||||
//if sso enabled and sessionDataKey is empty redirect
|
||||
var ssoConfigs = authModuleConfigs["sso"];
|
||||
if (ssoConfigs && (ssoConfigs["enabled"].toString() == "true") && !sessionDataKey) {
|
||||
// SSO is enabled in Auth module.
|
||||
var redirectUri = context.app.context + "/uuf/login";
|
||||
var queryString = request.getQueryString();
|
||||
if (queryString && (queryString.length > 0)) {
|
||||
redirectUri = redirectUri + "?" + queryString;
|
||||
}
|
||||
response.sendRedirect(encodeURI(redirectUri));
|
||||
exit();
|
||||
}
|
||||
|
||||
var viewModel = {};
|
||||
var loginActionUrl = context.app.context + "/uuf/login";
|
||||
if (sessionDataKey) {
|
||||
loginActionUrl = "/commonauth";
|
||||
}
|
||||
|
||||
if (authFailure) {
|
||||
viewModel.message = "Login failed! Please recheck the username and password and try again.";
|
||||
}
|
||||
|
||||
viewModel.sessionDataKey = sessionDataKey;
|
||||
viewModel.loginActionUrl = loginActionUrl;
|
||||
return viewModel;
|
||||
}
|
@ -0,0 +1,6 @@
|
||||
{
|
||||
"version": "1.0.0",
|
||||
"layout": "uuf.layout.sign-in",
|
||||
"uri": "/login.do",
|
||||
"isAnonymous": true
|
||||
}
|
@ -0,0 +1,32 @@
|
||||
{{!
|
||||
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||
|
||||
WSO2 Inc. licenses this file to you under the Apache License,
|
||||
Version 2.0 (the "License"); you may not use this file except
|
||||
in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing,
|
||||
software distributed under the License is distributed on an
|
||||
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||
KIND, either express or implied. See the License for the
|
||||
specific language governing permissions and limitations
|
||||
under the License.
|
||||
}}
|
||||
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
|
||||
{{unit "cdmf.unit.ui.title" pageTitle="Authentication Failed!"}}
|
||||
|
||||
{{#zone "content"}}
|
||||
<div class="row">
|
||||
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
|
||||
|
||||
<p class="page-sub-title">{{stat}}</p>
|
||||
<hr/>
|
||||
<div class="alert alert-danger" style="padding-right: 15px;">
|
||||
<i class="icon fw fw-warning"></i> {{statusMessage}}
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{{/zone}}
|
@ -0,0 +1,17 @@
|
||||
function onRequest(context) {
|
||||
var Encode = Packages.org.owasp.encoder.Encode;
|
||||
session.invalidate();
|
||||
var viewModel = {};
|
||||
|
||||
var stat = request.getParameter("status");
|
||||
var statusMessage = request.getParameter("statusMsg");
|
||||
|
||||
if (!stat || !statusMessage) {
|
||||
stat = "Authentication Error!";
|
||||
statusMessage = "Something went wrong during the authentication process.Please try signing in again.";
|
||||
}
|
||||
|
||||
viewModel.stat = Encode.forHtmlContent(stat);
|
||||
viewModel.statusMessage = Encode.forHtmlContent(statusMessage);
|
||||
return viewModel;
|
||||
}
|
@ -0,0 +1,6 @@
|
||||
{
|
||||
"version": "1.0.0",
|
||||
"layout": "uuf.layout.sign-in",
|
||||
"uri": "/retry.do",
|
||||
"isAnonymous": true
|
||||
}
|
@ -1,32 +1,3 @@
|
||||
function onRequest(context) {
|
||||
var authModuleConfigs = context.app.conf["authModule"];
|
||||
var sessionDataKey = request.getParameter("sessionDataKey");
|
||||
var authFailure = request.getParameter("authFailure");
|
||||
|
||||
//if sso enabled and sessionDataKey is empty redirect
|
||||
var ssoConfigs = authModuleConfigs["sso"];
|
||||
if (ssoConfigs && (ssoConfigs["enabled"].toString() == "true") && !sessionDataKey) {
|
||||
// SSO is enabled in Auth module.
|
||||
var redirectUri = context.app.context + "/uuf/login";
|
||||
var queryString = request.getQueryString();
|
||||
if (queryString && (queryString.length > 0)) {
|
||||
redirectUri = redirectUri + "?" + queryString;
|
||||
}
|
||||
response.sendRedirect(encodeURI(redirectUri));
|
||||
exit();
|
||||
}
|
||||
|
||||
var viewModel = {};
|
||||
var loginActionUrl = context.app.context + "/uuf/login";
|
||||
if (sessionDataKey) {
|
||||
loginActionUrl = "/commonauth";
|
||||
}
|
||||
|
||||
if (authFailure) {
|
||||
viewModel.message = "Login failed! Please recheck the username and password and try again.";
|
||||
}
|
||||
|
||||
viewModel.sessionDataKey = sessionDataKey;
|
||||
viewModel.loginActionUrl = loginActionUrl;
|
||||
return viewModel;
|
||||
response.sendRedirect(context.app.context + "/uuf/login");
|
||||
}
|
Loading…
Reference in new issue