ohadr / authentication-flows Goto Github PK
View Code? Open in Web Editor NEWoAuth2 sample: auth-server, resource server and client. "Authentication-Flows" is also a sub-module here.
oAuth2 sample: auth-server, resource server and client. "Authentication-Flows" is also a sub-module here.
related to support Google AppEngine ! #26
AuthenticationPolicy.getAuthenticationPolicy() - 'passwordLifeInDays' was 0 (in 1.5.0-RELEASE).
in GAEAuthenticationAccountRepositoryImpl.java
the methods throws this exception; TODO: make sure that the callers catch this exception
currently, i do only authentication, without any authorization. fix that!
in AuthenticationSuccessHandler, there is a wrong redirect.
if the link that the user got to his email was changed, an exception is shown on the browser:
HTTP Status 500 - Request processing failed; nested exception is com.ohadr.crypto.exception.CryptoException: Failed to decrypt URL content adEQ3R5utnfWr2kugM2xQ29u.rm448.ujJZtIspKvbJ
AuthenticationFlowsException.java should be mvoed from 'web' to 'core'
trying to work with 'MockAuthenticationPolicyRepositoryImpl' - the is a mixture in the order of the fileds, so values are incorrect. e.g. 'password needs at least 30 characters'
related to #35 .
the login-fail-handler is good for REST as well, since if no "redirect-uri" is defined, the parent class (SimpleUrlAuthenticationFailureHandler) does not redirect, but sends 401 instead.
However, if account is locked, i have a special treatment here, that DOES redirect. and this is a bug . So there is a need in a flag that indicates whether this is REST call, and if it is, when account is locked, instead of redirection it will return 423 (LOCKED).
"Password was set successfully to user email" instead of the username.
for example, when calling "createAccount", a RESTful does not redirect to another page. Redirecting is MVC behavior; but there are clients (AngularJS) that perform their own MVC architecture, so the auth-flows should support that hence identify REST calls (different URL?) and not redirect, but only return value.
add classes for GAE repo, and Mail Sender to auth-flows. so GAE-apps can use auth-flows package without implementing their own implementations for the above classes.
before uploading to Repository
lower grade is better.
the content of email (account created, forgot password, etc) - read from file, and let it be configurabile, so apps can have their own text.
2 cases: (1) after successful login, when password has expired.
(2) a link "change password" was clicked in the 'hosting' application.
after reverting #44
related to : OhadR/oAuth2-sample#2
similar to #43
JdbcAuthenticationAccountRepositoryImpl.loadUserByUsername(): be Spring-compatible, and use UsernameNotFoundException, and never return null.
need to change also AbstractAuthenticationAccountRepository, to catch this exception.
set new password flow: UAC should return View, and redirect, and not setting response on the HttpResponse Writer.
same as for other flows in UAC.
CreateAccountEndpoint.java should be moved from package 'web' to 'endpoints'
allow applications to overload the behavior of endpoint . for example: "create account". there is an app that allows only account from domain "nice.com". let this app overload the functionality.
/setNewPassword
java.util.NoSuchElementException: No entity was found matching the key: User("[email protected]")
at com.ohadr.dictionary.gae.GAEAuthenticationAccountRepositoryImpl.changePassword(GAEAuthenticationAccountRepositoryImpl.java:200)
at com.ohadr.auth_flows.core.AuthenticationFlowsProcessorImpl.setPassword(AuthenticationFlowsProcessorImpl.java:270)
at com.ohadr.auth_flows.web.UserActionController.setNewPassword(UserActionController.java:431)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
common-crypto does not work on GAE. because class DefaultCryptoProvider tries to store the key-store, and GAE does not allow that, jar fails to load.
NOTE and TODO: if i implement this method correctly, then when creds expired the login will fail (bcoz Spring calls this method and then throws CredsExpiredEception). in my flows (not sure it is the right thing), the login is successful and in the successHandler I check if password has expired.
restoreEndpoint calls directly the repo object. support the layers model, and let the RestoreEP call the FlowsProcessor (that will be held in the CommonEndpoint) that will delegate the call to the repo.
the secured resource: instead of print "Hello, world" to the browser in /secured/test, show a page with logout/change-password.
/forgotPasswordPage
java.lang.IllegalArgumentException: name cannot be null or empty
the target HTML should be a param. currently it is hard ocded to
LOGIN_FORMS_DIR +"/" + "AccountActivated.htm"
when i wanna run in REST mode, i want the HTML page to be in a different dir (with the controller) so i need it to be parameterized.
'AuthenticationFailureHandler' is doing similar thing - with a param (defaultTargetUrl)
MySQL works fine, but GAE' datastore does not. so the framework should support all cases and take care of this issue - convert all usernames to lowercase
description: 2 users, A@A and a@a should not be allowed.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.