inteligr8/alfresco-ng2-components
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-ng2-components.git synced 2025-07-24 17:32:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix login oauth cookie problem (#3508)

Browse Source 
* fix login don't check the cookie in oauth2

* fix test

* check boolean storage
This commit is contained in:
Eugenio Romano
2018-06-20 12:08:35 +01:00
committed by GitHub
parent 061a2e5567
commit ebbf4c30a0
6 changed files with 46 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
docs/core/login.component.md
View File

@@ -27,6 +27,8 @@ Authenticates to Alfresco Content Services and Alfresco Process Services.
- [Customizing validation rules](#customizing-validation-rules)
- [Call an external identity provider to fetch the auth token](#call-an-external-identity-provider-to-fetch-the-auth-token)
- [Controlling form submit execution behaviour](#controlling-form-submit-execution-behaviour)
- [SSO login](#sso-login)
- [Implicit Flow](#implicit-flow)
- [See Also](#see-also)
@@ -50,7 +52,7 @@ Authenticates to Alfresco Content Services and Alfresco Process Services.
| fieldsValidation | `any` | | Custom validation rules for the login form. |
| logoImageUrl | `string` | "./assets/images/alfresco-logo.svg" | Path to a custom logo image. |
| needHelpLink | `string` | "" | Sets the URL of the NEED HELP link in the footer. |
| providers | `string` | | Possible valid values are ECM, BPM or ALL. By default, this component will log in only to ECM. If you want to log in in both systems then use ALL. |
| providers | `string` | | **Deprecated:** 3.0.0 |
| registerLink | `string` | "" | Sets the URL of the REGISTER link in the footer. |
| showLoginActions | `boolean` | true | Should the extra actions (`Need Help`, `Register`, etc) be shown? |
| showRememberMe | `boolean` | true | Should the `Remember me` checkbox be shown? When selected, this option will remember the logged-in user after the browser is closed to avoid logging in repeatedly. |
@@ -275,7 +277,7 @@ export class MyCustomLogin {
### Implicit Flow
If the 'app.config.json' or you used the host-setting component to use the SSO Oauth the login component will show only a button to login:
If the 'app.config.json' or you used the host-setting component to use the SSO Oauth the [login component](../core/login.component.md) will show only a button to login:
```JSON
"authType" :"OAUTH",
@@ -289,7 +291,7 @@ If the 'app.config.json' or you used the host-setting component to use the SSO O
"redirectUri": "/",
"redirectUriLogout": "/logout"
},
```
```
![Login component](../docassets/images/sso-login.png)

16
lib/core/login/components/login.component.ts
View File

@@ -25,6 +25,7 @@ import { AuthenticationService } from '../../services/authentication.service';
import { LogService } from '../../services/log.service';
import { TranslationService } from '../../services/translation.service';
import { UserPreferencesService } from '../../services/user-preferences.service';
import { SettingsService } from '../../services/settings.service';
import { LoginErrorEvent } from '../models/login-error.event';
import { LoginSubmitEvent } from '../models/login-submit.event';
@@ -86,9 +87,8 @@ export class LoginComponent implements OnInit {
@Input()
copyrightText: string = '\u00A9 2016 Alfresco Software, Inc. All Rights Reserved.';
/** Possible valid values are ECM, BPM or ALL.
* deprecated in 2.4.0 use the providers property in the the app.config.json
* @deprecated 2.4.0
/** @deprecated 3.0.0 Possible valid values are ECM, BPM or ALL.
* deprecated in 3.0.0 use the providers property in the the app.config.json
*/
@Input()
providers: string;
@@ -97,7 +97,7 @@ export class LoginComponent implements OnInit {
@Input()
fieldsValidation: any;
/** Prevents the CSRF Token from being submitted. Only valid for Alfresco Process Services. */
/** @depreated 3.0.0 Prevents the CSRF Token from being submitted. Only valid for Alfresco Process Services. */
@Input()
disableCsrf: boolean;
@@ -147,7 +147,8 @@ export class LoginComponent implements OnInit {
private elementRef: ElementRef,
private router: Router,
private appConfig: AppConfigService,
private userPreferences: UserPreferencesService
private userPreferences: UserPreferencesService,
private settingsService: SettingsService
) {
this.initFormError();
this.initFormFieldsMessages();
@@ -176,9 +177,8 @@ export class LoginComponent implements OnInit {
* @param event
*/
onSubmit(values: any) {
if (this.disableCsrf !== null && this.disableCsrf !== undefined) {
this.appConfig.get<boolean>(AppConfigValues.DISABLECSRF);
}
this.settingsService.setProviders(this.providers);
this.settingsService.csrfDisabled = this.disableCsrf;
this.disableError();
const args = new LoginSubmitEvent({

22
lib/core/services/alfresco-api.service.ts
View File

@@ -104,7 +104,9 @@ export class AlfrescoApiService {
return this.getInstance().core.groupsApi;
}
constructor(protected appConfig: AppConfigService, protected storage: StorageService) {}
constructor(protected appConfig: AppConfigService,
protected storage: StorageService) {
}
async load() {
await this.appConfig.load().then(() => {
@@ -124,13 +126,13 @@ export class AlfrescoApiService {
}
const config = {
provider: this.appConfig.get<string>(AppConfigValues.PROVIDERS),
provider: this.getProvider(),
hostEcm: this.appConfig.get<string>(AppConfigValues.ECMHOST),
hostBpm: this.appConfig.get<string>(AppConfigValues.BPMHOST),
authType: this.appConfig.get<string>(AppConfigValues.AUTHTYPE, 'BASIC'),
contextRootBpm: this.appConfig.get<string>(AppConfigValues.CONTEXTROOTBPM),
contextRoot: this.appConfig.get<string>(AppConfigValues.CONTEXTROOTECM),
disableCsrf: this.storage.getItem('DISABLE_CSRF') === 'true',
disableCsrf: this.getDisableCSRF(),
oauth2: oauth
};
@@ -140,4 +142,18 @@ export class AlfrescoApiService {
this.alfrescoApi = <AlfrescoApi> new alfrescoApi(config);
}
}
// @deprecated 3.0.0 get only from app config
private getDisableCSRF(): boolean {
if (this.storage.getItem(AppConfigValues.DISABLECSRF) === 'true') {
return true;
} else {
return this.appConfig.get<boolean>(AppConfigValues.DISABLECSRF);
}
}
// @deprecated 3.0.0 get only from app config
private getProvider() {
return this.storage.getItem(AppConfigValues.PROVIDERS) || this.appConfig.get<string>(AppConfigValues.PROVIDERS);
}
}

3
lib/core/services/authentication.service.spec.ts
View File

@@ -128,6 +128,7 @@ describe('AuthenticationService', () => {
it('should require remember me set for ECM check', () => {
spyOn(cookie, 'isEnabled').and.returnValue(true);
spyOn(authService, 'isRememberMeSet').and.returnValue(false);
spyOn(authService, 'isOauth').and.returnValue(false);
spyOn(apiService, 'getInstance').and.callThrough();
expect(authService.isEcmLoggedIn()).toBeFalsy();
@@ -137,6 +138,7 @@ describe('AuthenticationService', () => {
it('should not require cookie service enabled for ECM check', () => {
spyOn(cookie, 'isEnabled').and.returnValue(false);
spyOn(authService, 'isRememberMeSet').and.returnValue(false);
spyOn(authService, 'isOauth').and.returnValue(false);
spyOn(apiService, 'getInstance').and.callThrough();
expect(authService.isEcmLoggedIn()).toBeFalsy();
@@ -230,6 +232,7 @@ describe('AuthenticationService', () => {
it('should require remember me set for BPM check', () => {
spyOn(cookie, 'isEnabled').and.returnValue(true);
spyOn(authService, 'isRememberMeSet').and.returnValue(false);
spyOn(authService, 'isOauth').and.returnValue(false);
spyOn(apiService, 'getInstance').and.callThrough();
expect(authService.isBpmLoggedIn()).toBeFalsy();

4
lib/core/services/authentication.service.ts
View File

@@ -164,7 +164,7 @@ export class AuthenticationService {
* @returns True if logged in, false otherwise
*/
isEcmLoggedIn(): boolean {
if (this.cookie.isEnabled() && !this.isRememberMeSet()) {
if (!this.isOauth() && this.cookie.isEnabled() && !this.isRememberMeSet()) {
return false;
}
return this.alfrescoApi.getInstance().isEcmLoggedIn();
@@ -175,7 +175,7 @@ export class AuthenticationService {
* @returns True if logged in, false otherwise
*/
isBpmLoggedIn(): boolean {
if (this.cookie.isEnabled() && !this.isRememberMeSet()) {
if (!this.isOauth() && this.cookie.isEnabled() && !this.isRememberMeSet()) {
return false;
}
return this.alfrescoApi.getInstance().isBpmLoggedIn();

10
lib/core/services/settings.service.ts
View File

@@ -18,12 +18,14 @@
import { Injectable } from '@angular/core';
import { AppConfigService, AppConfigValues } from '../app-config/app-config.service';
import { LogService } from './log.service';
import { StorageService } from './storage.service';
@Injectable()
export class SettingsService {
constructor(private appConfig: AppConfigService,
private logService: LogService) {
private logService: LogService,
private storage: StorageService) {
}
/** @deprecated in 1.6.0 */
@@ -35,6 +37,9 @@ export class SettingsService {
/** @deprecated in 1.7.0 */
public set csrfDisabled(csrfDisabled: boolean) {
this.logService.log(`SettingsService.csrfDisabled is deprecated. Use UserPreferencesService.disableCSRF instead.`);
if (csrfDisabled !== null && csrfDisabled !== undefined) {
this.storage.setItem(AppConfigValues.DISABLECSRF, csrfDisabled.toString());
}
}
/** @deprecated in 1.6.0 */
@@ -62,11 +67,12 @@ export class SettingsService {
/** @deprecated in 1.7.0 */
public getProviders(): string {
this.logService.log(`SettingsService.getProviders is deprecated. Use UserPreferencesService.authType instead.`);
return this.appConfig.get<string>(AppConfigValues.PROVIDERS);
return this.storage.getItem(AppConfigValues.PROVIDERS) || this.appConfig.get<string>(AppConfigValues.PROVIDERS);
}
/** @deprecated in 1.7.0 */
public setProviders(providers: string) {
this.logService.log(`SettingsService.aetProviders is deprecated. Use the app-config.json`);
this.storage.setItem(AppConfigValues.PROVIDERS, providers);
}
}