forked from community/device-mgt-core
This implements following fixes/improvements; * Adding an intermediate for user to accept consents. * Fixing issue of not redirected to the consent.do * Authentication failure pagerevert-70aa11f8
parent
f265ddc736
commit
583b17d405
@ -0,0 +1,73 @@
|
|||||||
|
{{!
|
||||||
|
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
|
||||||
|
WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
Version 2.0 (the "License"); you may not use this file except
|
||||||
|
in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing,
|
||||||
|
software distributed under the License is distributed on an
|
||||||
|
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
KIND, either express or implied. See the License for the
|
||||||
|
specific language governing permissions and limitations
|
||||||
|
under the License.
|
||||||
|
}}
|
||||||
|
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
|
||||||
|
{{unit "cdmf.unit.ui.title" pageTitle="Consent Page"}}
|
||||||
|
|
||||||
|
{{#zone "content"}}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
|
||||||
|
|
||||||
|
<p class="page-sub-title">User Consents</p>
|
||||||
|
<hr/>
|
||||||
|
<div class="alert alert-warning" style="padding-right: 15px;">
|
||||||
|
<i class="icon fw fw-warning"></i> <b>{{appName}}</b> application requests access to your profile information
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="panel-body">
|
||||||
|
<form id="consentForm" method="POST" action="/commonauth">
|
||||||
|
<p>By selecting following attributes I agree to share them with the above service provider.</p>
|
||||||
|
<div class="wr-input-control">
|
||||||
|
<label class="wr-input-control checkbox">
|
||||||
|
<input type="checkbox" name="consent_select_all" id="consent_select_all"/>
|
||||||
|
<span class="helper" title="Select All">Select All</span>
|
||||||
|
</label>
|
||||||
|
</div>
|
||||||
|
<div class="wr-input-control">
|
||||||
|
{{#each mandatoryClaims}}
|
||||||
|
<label class="wr-input-control checkbox">
|
||||||
|
<input class="mandatory-claim" type="checkbox" name="consent_{{claimId}}"
|
||||||
|
id="consent_{{claimId}}" required/>
|
||||||
|
<span class="helper" title="{{displayName}}">{{displayName}}
|
||||||
|
<span class="required font-medium"></span></span>
|
||||||
|
</label>
|
||||||
|
{{/each}}
|
||||||
|
</div>
|
||||||
|
<div class="wr-input-control">
|
||||||
|
{{#each requestedClaims}}
|
||||||
|
<label class="wr-input-control checkbox">
|
||||||
|
<input class="mandatory-claim" type="checkbox" name="consent_{{claimId}}"
|
||||||
|
id="consent_{{claimId}}"/>
|
||||||
|
<span class="helper" title="{{displayName}}">{{displayName}}</span>
|
||||||
|
</label>
|
||||||
|
{{/each}}
|
||||||
|
</div>
|
||||||
|
<p class="small">Mandatory claims are marked with an asterisk ( * )</p>
|
||||||
|
<div class="wr-input-control wr-btn-grp">
|
||||||
|
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
|
||||||
|
<input type="hidden" name="consent" id="consent" value="deny"/>
|
||||||
|
<button class="btn btn-primary" onclick="approved()">Approve</button>
|
||||||
|
<button class="btn btn-default" onclick="deny()">Deny</button>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{{/zone}}
|
||||||
|
{{#zone "bottomJs"}}
|
||||||
|
{{js "js/script.js"}}
|
||||||
|
{{/zone}}
|
@ -0,0 +1,38 @@
|
|||||||
|
function onRequest(context) {
|
||||||
|
var Encode = Packages.org.owasp.encoder.Encode;
|
||||||
|
var viewModel = {};
|
||||||
|
viewModel.appName = Encode.forHtml(request.getParameter("sp"));
|
||||||
|
var mandatoryClaims = [];
|
||||||
|
var requestedClaims = [];
|
||||||
|
|
||||||
|
var mandatoryClaimsList, requestedClaimsList;
|
||||||
|
var i, j, partOne, partTwo;
|
||||||
|
if (request.getParameter("mandatoryClaims")) {
|
||||||
|
mandatoryClaimsList = request.getParameter("mandatoryClaims").split(",");
|
||||||
|
for (j = 0; j < mandatoryClaimsList.length; j++) {
|
||||||
|
var mandatoryClaimsStr = mandatoryClaimsList[j];
|
||||||
|
i = mandatoryClaimsStr.indexOf('_');
|
||||||
|
partOne = mandatoryClaimsStr.slice(0, i);
|
||||||
|
partTwo = mandatoryClaimsStr.slice(i + 1, mandatoryClaimsStr.length);
|
||||||
|
mandatoryClaims.push(
|
||||||
|
{"claimId": Encode.forHtmlAttribute(partOne), "displayName": Encode.forHtmlAttribute(partTwo)}
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (request.getParameter("requestedClaims")) {
|
||||||
|
requestedClaimsList = request.getParameter("requestedClaims").split(",");
|
||||||
|
for (j = 0; j < requestedClaimsList.length; j++) {
|
||||||
|
var requestedClaimsStr = requestedClaimsList[j];
|
||||||
|
i = requestedClaimsStr.indexOf('_');
|
||||||
|
partOne = requestedClaimsStr.slice(0, i);
|
||||||
|
partTwo = requestedClaimsStr.slice(i + 1, requestedClaimsStr.length);
|
||||||
|
requestedClaims.push(
|
||||||
|
{"claimId": Encode.forHtmlAttribute(partOne), "displayName": Encode.forHtmlAttribute(partTwo)}
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
viewModel.mandatoryClaims = mandatoryClaims;
|
||||||
|
viewModel.requestedClaims = requestedClaims;
|
||||||
|
viewModel.sessionDataKey = Encode.forHtmlAttribute(request.getParameter("sessionDataKey"));
|
||||||
|
return viewModel;
|
||||||
|
}
|
@ -0,0 +1,6 @@
|
|||||||
|
{
|
||||||
|
"version": "1.0.0",
|
||||||
|
"layout": "uuf.layout.sign-in",
|
||||||
|
"uri": "/consent.do",
|
||||||
|
"isAnonymous": true
|
||||||
|
}
|
@ -0,0 +1,35 @@
|
|||||||
|
function approved() {
|
||||||
|
var mandatoryClaimCBs = $(".mandatory-claim");
|
||||||
|
var checkedMandatoryClaimCBs = $(".mandatory-claim:checked");
|
||||||
|
|
||||||
|
if (checkedMandatoryClaimCBs.length == mandatoryClaimCBs.length) {
|
||||||
|
document.getElementById('consent').value = "approve";
|
||||||
|
document.getElementById("consentForm").submit();
|
||||||
|
} else {
|
||||||
|
$("#modal_claim_validation").modal();
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function deny() {
|
||||||
|
document.getElementById('consent').value = "deny";
|
||||||
|
document.getElementById("consentForm").submit();
|
||||||
|
}
|
||||||
|
|
||||||
|
$(document).ready(function () {
|
||||||
|
$("#consent_select_all").click(function () {
|
||||||
|
if (this.checked) {
|
||||||
|
$('.checkbox input:checkbox').each(function () {
|
||||||
|
$(this).prop("checked", true);
|
||||||
|
});
|
||||||
|
} else {
|
||||||
|
$('.checkbox :checkbox').each(function () {
|
||||||
|
$(this).prop("checked", false);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
});
|
||||||
|
$(".checkbox input").click(function (e) {
|
||||||
|
if (e.target.id !== 'consent_select_all') {
|
||||||
|
$("#consent_select_all").prop("checked", false);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
});
|
@ -0,0 +1,71 @@
|
|||||||
|
{{!
|
||||||
|
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
|
||||||
|
WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
Version 2.0 (the "License"); you may not use this file except
|
||||||
|
in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing,
|
||||||
|
software distributed under the License is distributed on an
|
||||||
|
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
KIND, either express or implied. See the License for the
|
||||||
|
specific language governing permissions and limitations
|
||||||
|
under the License.
|
||||||
|
}}
|
||||||
|
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
|
||||||
|
{{unit "cdmf.unit.ui.title" pageTitle="Login"}}
|
||||||
|
|
||||||
|
{{#zone "content"}}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
|
||||||
|
|
||||||
|
<p class="page-sub-title">Login</p>
|
||||||
|
<hr/>
|
||||||
|
{{#if message}}
|
||||||
|
<div class="alert alert-danger" style="padding-right: 15px;">
|
||||||
|
<i class="icon fw fw-warning"></i> {{message}}!
|
||||||
|
</div>
|
||||||
|
{{/if}}
|
||||||
|
|
||||||
|
<div class="panel-body">
|
||||||
|
<form id="signInForm" method="POST" action="{{loginActionUrl}}">
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="username">Username *</label>
|
||||||
|
<input type="text" name="username" class="form-control" placeholder="Enter your username"
|
||||||
|
autofocus="autofocus" required="required"/>
|
||||||
|
</div>
|
||||||
|
<div class="form-group">
|
||||||
|
<label for="password">Password *</label>
|
||||||
|
<input type="password" name="password" class="form-control" autocomplete="off"
|
||||||
|
placeholder="Enter your password" required="required"/>
|
||||||
|
</div>
|
||||||
|
{{#if sessionDataKey}}
|
||||||
|
<input type="hidden" name="sessionDataKey" value="{{sessionDataKey}}"/>
|
||||||
|
{{/if}}
|
||||||
|
{{#if referer}}
|
||||||
|
<input type="hidden" name="referer" value="{{referer}}"/>
|
||||||
|
{{/if}}
|
||||||
|
|
||||||
|
<div class="alert alert-warning" style="border-radius:5px"><p class="doc-link">
|
||||||
|
This site uses cookies. By logging in to the site, you are agreeing on the usage of cookies. For more information, refer <a href="{{@unit.publicUri}}/privacy-policies/cookie-policy" style="color:#ffffff;"
|
||||||
|
target="_blank"><u>cookie policy</u></a> and
|
||||||
|
<a href="{{@unit.publicUri}}/privacy-policies/privacy-policy" style="color:#ffffff;"
|
||||||
|
target="_blank"><u>privacy policy</u></a></p>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="wr-input-control wr-btn-grp">
|
||||||
|
<button class="wr-btn btn-download-agent">
|
||||||
|
Log in
|
||||||
|
</button>
|
||||||
|
<div id="register-link-wrapper" style="float: right; padding-top: 10px;">
|
||||||
|
<a href="{{@app.context}}/register" class="pull-right create-account">Create an account</a>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{{/zone}}
|
@ -0,0 +1,32 @@
|
|||||||
|
function onRequest(context) {
|
||||||
|
var authModuleConfigs = context.app.conf["authModule"];
|
||||||
|
var sessionDataKey = request.getParameter("sessionDataKey");
|
||||||
|
var authFailure = request.getParameter("authFailure");
|
||||||
|
|
||||||
|
//if sso enabled and sessionDataKey is empty redirect
|
||||||
|
var ssoConfigs = authModuleConfigs["sso"];
|
||||||
|
if (ssoConfigs && (ssoConfigs["enabled"].toString() == "true") && !sessionDataKey) {
|
||||||
|
// SSO is enabled in Auth module.
|
||||||
|
var redirectUri = context.app.context + "/uuf/login";
|
||||||
|
var queryString = request.getQueryString();
|
||||||
|
if (queryString && (queryString.length > 0)) {
|
||||||
|
redirectUri = redirectUri + "?" + queryString;
|
||||||
|
}
|
||||||
|
response.sendRedirect(encodeURI(redirectUri));
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
|
||||||
|
var viewModel = {};
|
||||||
|
var loginActionUrl = context.app.context + "/uuf/login";
|
||||||
|
if (sessionDataKey) {
|
||||||
|
loginActionUrl = "/commonauth";
|
||||||
|
}
|
||||||
|
|
||||||
|
if (authFailure) {
|
||||||
|
viewModel.message = "Login failed! Please recheck the username and password and try again.";
|
||||||
|
}
|
||||||
|
|
||||||
|
viewModel.sessionDataKey = sessionDataKey;
|
||||||
|
viewModel.loginActionUrl = loginActionUrl;
|
||||||
|
return viewModel;
|
||||||
|
}
|
@ -0,0 +1,6 @@
|
|||||||
|
{
|
||||||
|
"version": "1.0.0",
|
||||||
|
"layout": "uuf.layout.sign-in",
|
||||||
|
"uri": "/login.do",
|
||||||
|
"isAnonymous": true
|
||||||
|
}
|
@ -0,0 +1,32 @@
|
|||||||
|
{{!
|
||||||
|
Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
|
||||||
|
|
||||||
|
WSO2 Inc. licenses this file to you under the Apache License,
|
||||||
|
Version 2.0 (the "License"); you may not use this file except
|
||||||
|
in compliance with the License.
|
||||||
|
You may obtain a copy of the License at
|
||||||
|
|
||||||
|
http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
|
||||||
|
Unless required by applicable law or agreed to in writing,
|
||||||
|
software distributed under the License is distributed on an
|
||||||
|
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
||||||
|
KIND, either express or implied. See the License for the
|
||||||
|
specific language governing permissions and limitations
|
||||||
|
under the License.
|
||||||
|
}}
|
||||||
|
{{#zone "title"}}{{! to override parent page title }}{{/zone}}
|
||||||
|
{{unit "cdmf.unit.ui.title" pageTitle="Authentication Failed!"}}
|
||||||
|
|
||||||
|
{{#zone "content"}}
|
||||||
|
<div class="row">
|
||||||
|
<div class="col-xs-12 col-sm-6 col-md-6 col-lg-4 col-sm-offset-3 col-md-offset-3 col-lg-offset-4">
|
||||||
|
|
||||||
|
<p class="page-sub-title">{{stat}}</p>
|
||||||
|
<hr/>
|
||||||
|
<div class="alert alert-danger" style="padding-right: 15px;">
|
||||||
|
<i class="icon fw fw-warning"></i> {{statusMessage}}
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
{{/zone}}
|
@ -0,0 +1,17 @@
|
|||||||
|
function onRequest(context) {
|
||||||
|
var Encode = Packages.org.owasp.encoder.Encode;
|
||||||
|
session.invalidate();
|
||||||
|
var viewModel = {};
|
||||||
|
|
||||||
|
var stat = request.getParameter("status");
|
||||||
|
var statusMessage = request.getParameter("statusMsg");
|
||||||
|
|
||||||
|
if (!stat || !statusMessage) {
|
||||||
|
stat = "Authentication Error!";
|
||||||
|
statusMessage = "Something went wrong during the authentication process.Please try signing in again.";
|
||||||
|
}
|
||||||
|
|
||||||
|
viewModel.stat = Encode.forHtmlContent(stat);
|
||||||
|
viewModel.statusMessage = Encode.forHtmlContent(statusMessage);
|
||||||
|
return viewModel;
|
||||||
|
}
|
@ -0,0 +1,6 @@
|
|||||||
|
{
|
||||||
|
"version": "1.0.0",
|
||||||
|
"layout": "uuf.layout.sign-in",
|
||||||
|
"uri": "/retry.do",
|
||||||
|
"isAnonymous": true
|
||||||
|
}
|
@ -1,32 +1,3 @@
|
|||||||
function onRequest(context) {
|
function onRequest(context) {
|
||||||
var authModuleConfigs = context.app.conf["authModule"];
|
response.sendRedirect(context.app.context + "/uuf/login");
|
||||||
var sessionDataKey = request.getParameter("sessionDataKey");
|
|
||||||
var authFailure = request.getParameter("authFailure");
|
|
||||||
|
|
||||||
//if sso enabled and sessionDataKey is empty redirect
|
|
||||||
var ssoConfigs = authModuleConfigs["sso"];
|
|
||||||
if (ssoConfigs && (ssoConfigs["enabled"].toString() == "true") && !sessionDataKey) {
|
|
||||||
// SSO is enabled in Auth module.
|
|
||||||
var redirectUri = context.app.context + "/uuf/login";
|
|
||||||
var queryString = request.getQueryString();
|
|
||||||
if (queryString && (queryString.length > 0)) {
|
|
||||||
redirectUri = redirectUri + "?" + queryString;
|
|
||||||
}
|
|
||||||
response.sendRedirect(encodeURI(redirectUri));
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
var viewModel = {};
|
|
||||||
var loginActionUrl = context.app.context + "/uuf/login";
|
|
||||||
if (sessionDataKey) {
|
|
||||||
loginActionUrl = "/commonauth";
|
|
||||||
}
|
|
||||||
|
|
||||||
if (authFailure) {
|
|
||||||
viewModel.message = "Login failed! Please recheck the username and password and try again.";
|
|
||||||
}
|
|
||||||
|
|
||||||
viewModel.sessionDataKey = sessionDataKey;
|
|
||||||
viewModel.loginActionUrl = loginActionUrl;
|
|
||||||
return viewModel;
|
|
||||||
}
|
}
|
Loading…
Reference in new issue