Add login.do, retry.do and consent.do

This implements following fixes/improvements;
* Adding an intermediate for user to accept consents.
* Fixing issue of not redirected to the consent.do
* Authentication failure page
4.x.x
Rasika Perera 7 years ago
parent f265ddc736
commit 583b17d405

@ -4,7 +4,7 @@
"debuggingEnabled": false,
"permissionRoot": "/",
"portalURL": "https://${server.ip}:9445",
"loginPage": "cdmf.page.sign-in",
"loginPage": "cdmf.page.sign-in.login-do",
"adminServicesUrl": "https://${server.ip}:${server.https_port}/admin/services/",
"authModule": {
"enabled": true,
@ -15,12 +15,12 @@
},
"onFail": {
"script": "/app/modules/login.js",
"page": "cdmf.page.sign-in"
"page": "cdmf.page.sign-in.login-do"
}
},
"logout": {
"onSuccess": {
"page": "cdmf.page.sign-in"
"page": "cdmf.page.sign-in.login-do"
},
"onFail": {
"page": "cdmf.page.dashboard"

@ -0,0 +1,73 @@
{{!
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
WSO2 Inc. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}}
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
{{unit "cdmf.unit.ui.title" pageTitle="Consent Page"}}
{{#zone "content"}}
<div class="row">
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
<p class="page-sub-title">User Consents</p>
<hr/>
<div class="alert alert-warning" style="padding-right: 15px;">
<i class="icon fw fw-warning"></i> <b>{{appName}}</b> application requests access to your profile information
</div>
<div class="panel-body">
<form id="consentForm" method="POST" action="/commonauth">
<p>By selecting following attributes I agree to share them with the above service provider.</p>
<div class="wr-input-control">
<label class="wr-input-control checkbox">
<input type="checkbox" name="consent_select_all" id="consent_select_all"/>
<span class="helper" title="Select All">Select All</span>
</label>
</div>
<div class="wr-input-control">
{{#each mandatoryClaims}}
<label class="wr-input-control checkbox">
<input class="mandatory-claim" type="checkbox" name="consent_{{claimId}}"
id="consent_{{claimId}}" required/>
<span class="helper" title="{{displayName}}">{{displayName}}
<span class="required font-medium"></span></span>
</label>
{{/each}}
</div>
<div class="wr-input-control">
{{#each requestedClaims}}
<label class="wr-input-control checkbox">
<input class="mandatory-claim" type="checkbox" name="consent_{{claimId}}"
id="consent_{{claimId}}"/>
<span class="helper" title="{{displayName}}">{{displayName}}</span>
</label>
{{/each}}
</div>
<p class="small">Mandatory claims are marked with an asterisk ( * )</p>
<div class="wr-input-control wr-btn-grp">
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
<input type="hidden" name="consent" id="consent" value="deny"/>
<button class="btn btn-primary" onclick="approved()">Approve</button>
<button class="btn btn-default" onclick="deny()">Deny</button>
</div>
</form>
</div>
</div>
</div>
{{/zone}}
{{#zone "bottomJs"}}
{{js "js/script.js"}}
{{/zone}}

@ -0,0 +1,38 @@
function onRequest(context) {
var Encode = Packages.org.owasp.encoder.Encode;
var viewModel = {};
viewModel.appName = Encode.forHtml(request.getParameter("sp"));
var mandatoryClaims = [];
var requestedClaims = [];
var mandatoryClaimsList, requestedClaimsList;
var i, j, partOne, partTwo;
if (request.getParameter("mandatoryClaims")) {
mandatoryClaimsList = request.getParameter("mandatoryClaims").split(",");
for (j = 0; j < mandatoryClaimsList.length; j++) {
var mandatoryClaimsStr = mandatoryClaimsList[j];
i = mandatoryClaimsStr.indexOf('_');
partOne = mandatoryClaimsStr.slice(0, i);
partTwo = mandatoryClaimsStr.slice(i + 1, mandatoryClaimsStr.length);
mandatoryClaims.push(
{"claimId": Encode.forHtmlAttribute(partOne), "displayName": Encode.forHtmlAttribute(partTwo)}
);
}
}
if (request.getParameter("requestedClaims")) {
requestedClaimsList = request.getParameter("requestedClaims").split(",");
for (j = 0; j < requestedClaimsList.length; j++) {
var requestedClaimsStr = requestedClaimsList[j];
i = requestedClaimsStr.indexOf('_');
partOne = requestedClaimsStr.slice(0, i);
partTwo = requestedClaimsStr.slice(i + 1, requestedClaimsStr.length);
requestedClaims.push(
{"claimId": Encode.forHtmlAttribute(partOne), "displayName": Encode.forHtmlAttribute(partTwo)}
);
}
}
viewModel.mandatoryClaims = mandatoryClaims;
viewModel.requestedClaims = requestedClaims;
viewModel.sessionDataKey = Encode.forHtmlAttribute(request.getParameter("sessionDataKey"));
return viewModel;
}

@ -0,0 +1,6 @@
{
"version": "1.0.0",
"layout": "uuf.layout.sign-in",
"uri": "/consent.do",
"isAnonymous": true
}

@ -0,0 +1,35 @@
function approved() {
var mandatoryClaimCBs = $(".mandatory-claim");
var checkedMandatoryClaimCBs = $(".mandatory-claim:checked");
if (checkedMandatoryClaimCBs.length == mandatoryClaimCBs.length) {
document.getElementById('consent').value = "approve";
document.getElementById("consentForm").submit();
} else {
$("#modal_claim_validation").modal();
}
}
function deny() {
document.getElementById('consent').value = "deny";
document.getElementById("consentForm").submit();
}
$(document).ready(function () {
$("#consent_select_all").click(function () {
if (this.checked) {
$('.checkbox input:checkbox').each(function () {
$(this).prop("checked", true);
});
} else {
$('.checkbox :checkbox').each(function () {
$(this).prop("checked", false);
});
}
});
$(".checkbox input").click(function (e) {
if (e.target.id !== 'consent_select_all') {
$("#consent_select_all").prop("checked", false);
}
});
});

@ -0,0 +1,71 @@
{{!
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
WSO2 Inc. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}}
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
{{unit "cdmf.unit.ui.title" pageTitle="Login"}}
{{#zone "content"}}
<div class="row">
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
<p class="page-sub-title">Login</p>
<hr/>
{{#if message}}
<div class="alert alert-danger" style="padding-right: 15px;">
<i class="icon fw fw-warning"></i> {{message}}!
</div>
{{/if}}
<div class="panel-body">
<form id="signInForm" method="POST" action="{{loginActionUrl}}">
<div class="form-group">
<label for="username">Username *</label>
<input type="text" name="username" class="form-control" placeholder="Enter your username"
autofocus="autofocus" required="required"/>
</div>
<div class="form-group">
<label for="password">Password *</label>
<input type="password" name="password" class="form-control" autocomplete="off"
placeholder="Enter your password" required="required"/>
</div>
{{#if sessionDataKey}}
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
{{/if}}
{{#if referer}}
<input type="hidden" name="referer" value="{{referer}}"/>
{{/if}}
<div class="alert alert-warning" style="border-radius:5px"><p class="doc-link">
This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies. For more information, refer <a href="{{@unit.publicUri}}/privacy-policies/cookie-policy" style="color:#ffffff;"
target="_blank"><u>cookie policy</u></a> and
<a href="{{@unit.publicUri}}/privacy-policies/privacy-policy" style="color:#ffffff;"
target="_blank"><u>privacy policy</u></a></p>
</div>
<div class="wr-input-control wr-btn-grp">
<button class="wr-btn btn-download-agent">
Log in
</button>
<div id="register-link-wrapper" style="float: right; padding-top: 10px;">
<a href="{{@app.context}}/register" class="pull-right create-account">Create an account</a>
</div>
</div>
</form>
</div>
</div>
</div>
{{/zone}}

@ -0,0 +1,32 @@
function onRequest(context) {
var authModuleConfigs = context.app.conf["authModule"];
var sessionDataKey = request.getParameter("sessionDataKey");
var authFailure = request.getParameter("authFailure");
//if sso enabled and sessionDataKey is empty redirect
var ssoConfigs = authModuleConfigs["sso"];
if (ssoConfigs && (ssoConfigs["enabled"].toString() == "true") && !sessionDataKey) {
// SSO is enabled in Auth module.
var redirectUri = context.app.context + "/uuf/login";
var queryString = request.getQueryString();
if (queryString && (queryString.length > 0)) {
redirectUri = redirectUri + "?" + queryString;
}
response.sendRedirect(encodeURI(redirectUri));
exit();
}
var viewModel = {};
var loginActionUrl = context.app.context + "/uuf/login";
if (sessionDataKey) {
loginActionUrl = "/commonauth";
}
if (authFailure) {
viewModel.message = "Login failed! Please recheck the username and password and try again.";
}
viewModel.sessionDataKey = sessionDataKey;
viewModel.loginActionUrl = loginActionUrl;
return viewModel;
}

@ -0,0 +1,6 @@
{
"version": "1.0.0",
"layout": "uuf.layout.sign-in",
"uri": "/login.do",
"isAnonymous": true
}

@ -0,0 +1,32 @@
{{!
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
WSO2 Inc. licenses this file to you under the Apache License,
Version 2.0 (the "License"); you may not use this file except
in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing,
software distributed under the License is distributed on an
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
KIND, either express or implied. See the License for the
specific language governing permissions and limitations
under the License.
}}
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
{{unit "cdmf.unit.ui.title" pageTitle="Authentication Failed!"}}
{{#zone "content"}}
<div class="row">
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
<p class="page-sub-title">{{stat}}</p>
<hr/>
<div class="alert alert-danger" style="padding-right: 15px;">
<i class="icon fw fw-warning"></i> {{statusMessage}}
</div>
</div>
</div>
{{/zone}}

@ -0,0 +1,17 @@
function onRequest(context) {
var Encode = Packages.org.owasp.encoder.Encode;
session.invalidate();
var viewModel = {};
var stat = request.getParameter("status");
var statusMessage = request.getParameter("statusMsg");
if (!stat || !statusMessage) {
stat = "Authentication Error!";
statusMessage = "Something went wrong during the authentication process.Please try signing in again.";
}
viewModel.stat = Encode.forHtmlContent(stat);
viewModel.statusMessage = Encode.forHtmlContent(statusMessage);
return viewModel;
}

@ -0,0 +1,6 @@
{
"version": "1.0.0",
"layout": "uuf.layout.sign-in",
"uri": "/retry.do",
"isAnonymous": true
}

@ -19,53 +19,5 @@
{{unit "cdmf.unit.ui.title" pageTitle="Login"}}
{{#zone "content"}}
<div class="row">
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
<p class="page-sub-title">Login</p>
<hr/>
{{#if message}}
<div class="alert alert-danger" style="padding-right: 15px;">
<i class="icon fw fw-warning"></i> {{message}}!
</div>
{{/if}}
<div class="panel-body">
<form id="signInForm" method="POST" action="{{loginActionUrl}}">
<div class="form-group">
<label for="username">Username *</label>
<input type="text" name="username" class="form-control" placeholder="Enter your username"
autofocus="autofocus" required="required"/>
</div>
<div class="form-group">
<label for="password">Password *</label>
<input type="password" name="password" class="form-control" autocomplete="off"
placeholder="Enter your password" required="required"/>
</div>
{{#if sessionDataKey}}
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
{{/if}}
{{#if referer}}
<input type="hidden" name="referer" value="{{referer}}"/>
{{/if}}
<div class="alert alert-warning" style="border-radius:5px"><p class="doc-link">
This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies. For more information, refer <a href="{{@unit.publicUri}}/privacy-policies/cookie-policy" style="color:#ffffff;"
target="_blank"><u>cookie policy</u></a> and
<a href="{{@unit.publicUri}}/privacy-policies/privacy-policy" style="color:#ffffff;"
target="_blank"><u>privacy policy</u></a></p>
</div>
<div class="wr-input-control wr-btn-grp">
<button class="wr-btn btn-download-agent">
Log in
</button>
<div id="register-link-wrapper" style="float: right; padding-top: 10px;">
<a href="{{@app.context}}/register" class="pull-right create-account">Create an account</a>
</div>
</div>
</form>
</div>
</div>
</div>
Redirecting, Please wait...
{{/zone}}

@ -1,32 +1,3 @@
function onRequest(context) {
var authModuleConfigs = context.app.conf["authModule"];
var sessionDataKey = request.getParameter("sessionDataKey");
var authFailure = request.getParameter("authFailure");
//if sso enabled and sessionDataKey is empty redirect
var ssoConfigs = authModuleConfigs["sso"];
if (ssoConfigs && (ssoConfigs["enabled"].toString() == "true") && !sessionDataKey) {
// SSO is enabled in Auth module.
var redirectUri = context.app.context + "/uuf/login";
var queryString = request.getQueryString();
if (queryString && (queryString.length > 0)) {
redirectUri = redirectUri + "?" + queryString;
}
response.sendRedirect(encodeURI(redirectUri));
exit();
}
var viewModel = {};
var loginActionUrl = context.app.context + "/uuf/login";
if (sessionDataKey) {
loginActionUrl = "/commonauth";
}
if (authFailure) {
viewModel.message = "Login failed! Please recheck the username and password and try again.";
}
viewModel.sessionDataKey = sessionDataKey;
viewModel.loginActionUrl = loginActionUrl;
return viewModel;
response.sendRedirect(context.app.context + "/uuf/login");
}
Loading…
Cancel
Save