Fetch client information before request grant
Change-Id: I101d2750bce4f28397f225b4d68cffd88f5ed1fb
diff --git a/Changes b/Changes
index f4cad8f..06c6869 100755
--- a/Changes
+++ b/Changes
@@ -4,6 +4,7 @@
- Mark public clients as slightly more insecure. (diewald)
- Reintroduce email handle support. (fixes #165; diewald)
- Support plugin declarations on registration. (diewald)
+ - Fetch client information before grant request. (diewald)
0.44 2022-02-31
- Fixed autosecrets migration. (diewald)
diff --git a/lib/Kalamar/Plugin/Auth.pm b/lib/Kalamar/Plugin/Auth.pm
index db28491..941e716 100644
--- a/lib/Kalamar/Plugin/Auth.pm
+++ b/lib/Kalamar/Plugin/Auth.pm
@@ -111,6 +111,7 @@
-long => '<span class="client-name"><%= $client_name %></span> möchte Zugriffsrechte',
short => 'Zugriffsrechte erteilen'
},
+ oauthGrantPublicWarn => 'Achtung - dies ist ein öffentlicher Client!',
createdAt => 'Erstellt am <time datetime="<%= stash("date") %>"><%= stash("date") %></date>.',
expiresIn => 'Läuft in <%= stash("seconds") %> Sekunden ab.',
fileSizeExceeded => 'Dateigröße überschritten'
@@ -166,6 +167,7 @@
-long => '<span class="client-name"><%= $client_name %></span> wants to have access',
short => 'Grant access'
},
+ oauthGrantPublicWarn => 'Warning - this is a public client!',
createdAt => 'Created at <time datetime="<%= stash("date") %>"><%= stash("date") %></date>.',
expiresIn => 'Expires in <%= stash("seconds") %> seconds.',
fileSizeExceeded => 'File size exceeded',
@@ -1093,23 +1095,46 @@
$c->stash($_, $v->param($_));
};
- # Get auth token
- my $auth_token = $c->auth->token;
+ # Wait for async result
+ $c->render_later;
- # TODO: Fetch client information from Server
- $c->stash(name => $v->param('client_id'));
- # my $redirect_uri_server = $c->url_for('index')->to_abs;
- $c->stash(type => 'CONFIDENTIAL');
+ my $client_id = $v->param('client_id');
- $c->stash(redirect_uri_server => $c->stash('redirect_uri'));
+ my $client_information = $c->auth->client_list_p->then(
+ sub {
+ my $clients = shift;
+ foreach (@$clients) {
+ if ($_->{client_id} eq $client_id) {
+ $c->stash(client_name => $_->{'client_name'});
+ $c->stash(client_type => $_->{'client_type'});
+ $c->stash(client_desc => $_->{'client_description'});
+ $c->stash(client_url => $_->{'client_url'});
+ $c->stash(redirect_uri_server => $_->{'client_redirect_uri'});
+ last;
+ };
+ };
+ }
+ )->catch(
+ sub {
+ $c->stash(client_type => 'PUBLIC');
+ $c->stash(client_name => $v->param('client_id'));
+ return;
+ }
+ )->finally(
+ sub {
- # User is not logged in - log in before!
- unless ($auth_token) {
- return $c->render(template => 'auth/login');
- };
+ # Get auth token
+ my $auth_token = $c->auth->token;
- # Grant authorization
- return $c->render(template => 'auth/grant_scope');
+ # User is not logged in - log in before!
+ unless ($auth_token) {
+ return $c->render(template => 'auth/login');
+ };
+
+ # Grant authorization
+ return $c->render(template => 'auth/grant_scope');
+ }
+ );
}
)->name('oauth-grant-scope');
diff --git a/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep b/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep
index 15b21f9..c2c4a2f 100644
--- a/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep
+++ b/lib/Kalamar/Plugin/Auth/templates/auth/grant_scope.html.ep
@@ -2,12 +2,25 @@
%= page_title
-<p><%== loc('Auth_oauthGrantScope', client_name => stash('name')) %></p>
+<p><%== loc('Auth_oauthGrantScope', client_name => stash('client_name')) %></p>
+
+<ul class="client-list">
+ <li class="client">
+ % if (stash('client_desc')) {
+ <p class="client-desc"><%= stash 'client_desc' %></p>
+ % };
+ % if (stash('client_url')) {
+ <p class="client-url"><a href="<%= stash('client_url') %>"><%= stash('client_url') %></a></p>
+ % };
+ % if (stash('client_type') eq 'PUBLIC') {
+ <blockquote class="warning"><%= loc 'oauthGrantPublicWarn' %></blockquote>
+ % };
+ </li>
+</ul>
%= form_for 'oauth-grant-scope-post', id => 'grant-scope', class => 'form-table', begin
%= csrf_field
%= hidden_field 'client_id' => stash('client_id')
- %= hidden_field 'name' => stash('name')
%= hidden_field 'state' => stash('state')
%= hidden_field 'redirect_uri' => stash('redirect_uri')
%= hidden_field 'redirect_uri_server' => stash('redirect_uri_server')
@@ -21,5 +34,5 @@
% };
<input type="submit" class="form-submit" value="<%= loc 'Auth_oauthGrantScope_short' %>" />
- %= link_to loc('abort') => stash('redirect_uri_server') => {} => (class => 'form-button button-abort form-submit')
+ %= link_to loc('abort') => (stash('redirect_uri_server') // stash('redirect_uri')) => {} => (class => 'form-button button-abort form-submit')
% end
diff --git a/lib/Kalamar/Plugin/Auth/templates/auth/login.html.ep b/lib/Kalamar/Plugin/Auth/templates/auth/login.html.ep
index 4801e29..eb41be7 100644
--- a/lib/Kalamar/Plugin/Auth/templates/auth/login.html.ep
+++ b/lib/Kalamar/Plugin/Auth/templates/auth/login.html.ep
@@ -1,6 +1,6 @@
% layout 'main', login_active => 1;
<div class="intro">
- <p><%== loc('Auth_oauthGrantScope', client_name => stash('name')) %></p>
+ <p><%== loc('Auth_oauthGrantScope', client_name => stash('client_name')) %></p>
<p><%== loc('Auth_loginPlease') %></p>
</div>
diff --git a/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep b/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep
index 66dee42..731c153 100644
--- a/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep
+++ b/lib/Kalamar/Plugin/Auth/templates/partial/auth/login.html.ep
@@ -14,7 +14,7 @@
%= hidden_field fwd => $c->url_with
% if (stash('client_id')) {
%= hidden_field 'client_id' => stash('client_id')
- %= hidden_field 'name' => stash('name')
+ %= hidden_field 'client_name' => stash('client_name')
%= hidden_field 'state' => stash('state')
%= hidden_field 'scope' => stash('scope')
%= hidden_field 'redirect_uri' => stash('redirect_uri')
diff --git a/t/plugin/auth-oauth.t b/t/plugin/auth-oauth.t
index 478c164..80afe05 100644
--- a/t/plugin/auth-oauth.t
+++ b/t/plugin/auth-oauth.t
@@ -787,6 +787,15 @@
->tx->res->dom->at('input[name=csrf_token]')->attr('value')
;
+$fake_backend_app->add_client({
+ "client_id" => 'xyz',
+ "client_name" => 'New added client',
+ "client_description" => 'This is a new client',
+ "client_url" => 'http://example.com',
+ "client_type" => 'CONFIDENTIAL'
+# "client_redirect_uri" => $redirect_uri
+});
+
$fwd = $t->get_ok(Mojo::URL->new('/settings/oauth/authorize')->query({
client_id => 'xyz',
state => 'abcde',
@@ -796,9 +805,8 @@
->status_is(200)
->attr_is('input[name=client_id]','value','xyz')
->attr_is('input[name=state]','value','abcde')
- ->attr_is('input[name=name]','value','xyz')
->attr_like('input[name=fwd]','value',qr!test\.com!)
- ->text_is('span.client-name','xyz')
+ ->text_is('span.client-name','New added client')
->text_is('div.intro p:nth-child(2)', 'Please log in!')
->tx->res->dom->at('input[name=fwd]')->attr('value')
;
@@ -822,10 +830,9 @@
->status_is(200)
->attr_is('input[name=client_id]','value','xyz')
->attr_is('input[name=state]','value','abcde')
- ->attr_is('input[name=name]','value','xyz')
->text_is('ul#scopes li:nth-child(1)','search')
->text_is('ul#scopes li:nth-child(2)','match')
- ->text_is('span.client-name','xyz')
+ ->text_is('span.client-name','New added client')
->attr_is('a.form-button','href','http://test.com/')
->attr_is('a.embedded-link', 'href', '/doc/korap/kalamar')
;
@@ -839,10 +846,9 @@
->status_is(200)
->attr_is('input[name=client_id]','value','xyz')
->attr_is('input[name=state]','value','abcde')
- ->attr_is('input[name=name]','value','xyz')
->text_is('ul#scopes li:nth-child(1)','search')
->text_is('ul#scopes li:nth-child(2)','match')
- ->text_is('span.client-name','xyz')
+ ->text_is('span.client-name','New added client')
->attr_is('a.form-button','href','http://test.com/')
->attr_is('a.embedded-link', 'href', '/doc/korap/kalamar')
;
diff --git a/t/server/mock.pl b/t/server/mock.pl
index 8064208..1f32a39 100644
--- a/t/server/mock.pl
+++ b/t/server/mock.pl
@@ -67,6 +67,15 @@
return $c->app->defaults('auth_' . $auth);
};
+
+helper 'add_client' => sub {
+ my $c = shift;
+ my $client = shift;
+ my $list = $c->app->defaults('oauth.client_list');
+ push @$list, $client;
+};
+
+
# Load fixture responses
helper 'load_response' => sub {
my $c = shift;