diff --git a/src/main/de/devloop/mavor/AuthenticatedServlet.java b/src/main/de/devloop/mavor/AuthenticatedServlet.java deleted file mode 100644 index a9cf26e..0000000 --- a/src/main/de/devloop/mavor/AuthenticatedServlet.java +++ /dev/null @@ -1,26 +0,0 @@ -package de.devloop.mavor; - -import java.io.IOException; - -import jakarta.servlet.ServletException; -import jakarta.servlet.http.HttpServlet; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; - -public class AuthenticatedServlet extends HttpServlet { - protected Session session; - - @Override - protected final void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - session = new Session(req.getSession(true)); - if (!session.isAuthenticated()) { - resp.sendRedirect("/mavor/authenticate"); - } else { - doAuthenticatedGet(req, resp); - } - } - - protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - // nooooothing - } -} diff --git a/src/main/de/devloop/mavor/Session.java b/src/main/de/devloop/mavor/Session.java deleted file mode 100644 index 603307f..0000000 --- a/src/main/de/devloop/mavor/Session.java +++ /dev/null @@ -1,57 +0,0 @@ -package de.devloop.mavor; - -import jakarta.servlet.http.HttpSession; - -public class Session { - private HttpSession session; - - private static final String ATTRIBUTE_USERNAME = "username"; - private static final String ATTRIBUTE_OAUTH_STATE = "oauth.state"; - private static final String ATTRIBUTE_OAUTH_TOKEN = "oauth.token"; - - public Session(HttpSession session) { - this.session = session; - } - - private String getSafeString(String parameter) { - Object value = session.getAttribute(parameter); - - if (value != null) { - return value.toString(); - } else { - return null; - } - } - - public Boolean isAuthenticated() { - return getUsername() != null; - } - - public String getUsername() { - return getSafeString(ATTRIBUTE_USERNAME); - } - - public void setUsername(String username) { - session.setAttribute(ATTRIBUTE_USERNAME, username); - } - - public void setOAuthState(String state) { - session.setAttribute(ATTRIBUTE_OAUTH_STATE, state); - } - - public String getOAuthState() { - return getSafeString(ATTRIBUTE_OAUTH_STATE); - } - - public void clearOAuthState() { - session.removeAttribute(ATTRIBUTE_OAUTH_STATE); - } - - public void setOAuthToken(String token) { - session.setAttribute(ATTRIBUTE_OAUTH_TOKEN, token); - } - - public String getOAuthToken() { - return getSafeString(ATTRIBUTE_OAUTH_TOKEN); - } -} diff --git a/src/main/de/devloop/mavor/servlet/Main.java b/src/main/de/devloop/mavor/servlet/Main.java deleted file mode 100644 index 07aedf1..0000000 --- a/src/main/de/devloop/mavor/servlet/Main.java +++ /dev/null @@ -1,22 +0,0 @@ -package de.devloop.mavor.servlet; - -import java.io.IOException; - -import de.devloop.mavor.AuthenticatedServlet; -import jakarta.servlet.RequestDispatcher; -import jakarta.servlet.ServletException; -import jakarta.servlet.annotation.WebServlet; -import jakarta.servlet.http.HttpServletRequest; -import jakarta.servlet.http.HttpServletResponse; - -@WebServlet("") -public class Main extends AuthenticatedServlet { - - @Override - protected void doAuthenticatedGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { - req.setAttribute("username", session.getUsername()); - RequestDispatcher view = req.getRequestDispatcher("/main.jsp"); - - view.forward(req, resp); - } -} diff --git a/src/main/de/devloop/openid/AuthenticationUrl.java b/src/main/de/devloop/openid/AuthenticationUrl.java deleted file mode 100644 index 438440c..0000000 --- a/src/main/de/devloop/openid/AuthenticationUrl.java +++ /dev/null @@ -1,19 +0,0 @@ -package de.devloop.openid; - -public class AuthenticationUrl { - private String url; - private String state; - - public AuthenticationUrl(String url, String state) { - this.url = url; - this.state = state; - } - - public String getUrl() { - return url; - } - - public String getState() { - return state; - } -} diff --git a/src/main/de/devloop/openid/OpenID.java b/src/main/de/devloop/openid/OpenID.java deleted file mode 100644 index f002030..0000000 --- a/src/main/de/devloop/openid/OpenID.java +++ /dev/null @@ -1,102 +0,0 @@ -package de.devloop.openid; - -import java.io.IOException; -import java.net.URI; -import java.net.URISyntaxException; -import java.net.URLEncoder; -import java.net.http.HttpClient; -import java.net.http.HttpRequest; -import java.net.http.HttpRequest.BodyPublishers; -import java.net.http.HttpResponse; -import java.net.http.HttpResponse.BodyHandlers; -import java.nio.charset.StandardCharsets; -import java.util.HashMap; -import java.util.Map; -import java.util.UUID; - -import com.google.gson.Gson; - -public class OpenID { - private static final String CLIENT_ID = "vP9xF2s1yy2n6sR05jV6dguyMeOvIxCg1GarV71O"; - private static final String CLIENT_SECRET = "PrwGSMcucxYPkOdrb23jddWqyn31vphrxCUu9MGdLTCUnbk0OJI5oWCvO0khVhcnJNDbJaKWxNMxaC4bJ92jy8bDjtG6oaWG37qhuLRPMh5DKluZxsCMmCvQ8f9ZQckZ"; - - private static final String REDIRECT_URL = "http://localhost:8080/mavor/authenticate"; - - private static final String OAUTH_AUTH_URL = "https://auth.devloop.de/application/o/authorize/"; - private static final String OAUTH_TOKEN_URL = "https://auth.devloop.de/application/o/token/"; - private static final String OAUTH_USERINFO_URL = "https://auth.devloop.de/application/o/userinfo/"; - - public AuthenticationUrl getAuthenticationUrl() { - String state = UUID.randomUUID().toString(); - String url = String.format("%s?response_type=code&client_id=%s&redirect_uri=%s&state=%s&scope=openid email", OAUTH_AUTH_URL, CLIENT_ID, REDIRECT_URL, state); - return new AuthenticationUrl(url, state); - } - - private URI getUriObject(String url) throws OpenIdRequestException { - try { - return new URI(url); - } catch (URISyntaxException e) { - throw new OpenIdRequestException(String.format("Invalid URL: '%s'", url), e); - } - } - - public Token requestToken(String code) throws OpenIdRequestException { - URI tokenUrl = getUriObject(OAUTH_TOKEN_URL); - HashMap tokenParameter = new HashMap<>(); - tokenParameter.put("grant_type", "authorization_code"); - tokenParameter.put("client_id", CLIENT_ID); - tokenParameter.put("client_secret", CLIENT_SECRET); - tokenParameter.put("code", code); - tokenParameter.put("redirect_uri", REDIRECT_URL); - - HttpRequest tokenRequest = HttpRequest.newBuilder() - .uri(tokenUrl) - .header("Content-Type", "application/x-www-form-urlencoded") - .header("Accept", "application/json") - .POST(BodyPublishers.ofString(getFormDataAsString(tokenParameter))) - .build(); - HttpClient tokenClient = HttpClient.newHttpClient(); - HttpResponse tokenResponse; - try { - tokenResponse = tokenClient.send(tokenRequest, BodyHandlers.ofString()); - } catch (IOException | InterruptedException e) { - throw new OpenIdRequestException("Requesting access token failed", e); - } - - Gson gson = new Gson(); - return gson.fromJson(tokenResponse.body(), Token.class); - } - - public UserInfo requestUserInfo(Token token) throws OpenIdRequestException { - URI userInfoUrl = getUriObject(OAUTH_USERINFO_URL); - HttpRequest userInfoRequest = HttpRequest.newBuilder() - .uri(userInfoUrl) - .header("Accept", "application/json") - .header("Authorization", "Bearer " + token.getAccessToken()) - .GET() - .build(); - HttpClient userInfoClient = HttpClient.newHttpClient(); - HttpResponse userInfoResponse; - try { - userInfoResponse = userInfoClient.send(userInfoRequest, BodyHandlers.ofString()); - } catch (IOException | InterruptedException e) { - throw new OpenIdRequestException("Requesting user info failed", e); - } - - Gson gson = new Gson(); - return gson.fromJson(userInfoResponse.body(), UserInfo.class); - } - - private String getFormDataAsString(Map formData) { - StringBuilder formBodyBuilder = new StringBuilder(); - for (Map.Entry singleEntry : formData.entrySet()) { - if (formBodyBuilder.length() > 0) { - formBodyBuilder.append("&"); - } - formBodyBuilder.append(URLEncoder.encode(singleEntry.getKey(), StandardCharsets.UTF_8)); - formBodyBuilder.append("="); - formBodyBuilder.append(URLEncoder.encode(singleEntry.getValue(), StandardCharsets.UTF_8)); - } - return formBodyBuilder.toString(); - } -} diff --git a/src/main/de/devloop/openid/OpenIdRequestException.java b/src/main/de/devloop/openid/OpenIdRequestException.java deleted file mode 100644 index cc41032..0000000 --- a/src/main/de/devloop/openid/OpenIdRequestException.java +++ /dev/null @@ -1,7 +0,0 @@ -package de.devloop.openid; - -public class OpenIdRequestException extends Exception { - public OpenIdRequestException(String message, Throwable cause) { - super(message, cause); - } -} diff --git a/src/main/de/devloop/openid/Token.java b/src/main/de/devloop/openid/Token.java deleted file mode 100644 index 2254ad9..0000000 --- a/src/main/de/devloop/openid/Token.java +++ /dev/null @@ -1,18 +0,0 @@ -package de.devloop.openid; - -import com.google.gson.annotations.SerializedName; - -public class Token { - - @SerializedName("access_token") - private String accessToken; - - public String getAccessToken() { - return accessToken; - } - - public void setAccessToken(String accessToken) { - this.accessToken = accessToken; - } - -} diff --git a/src/main/de/devloop/openid/UserInfo.java b/src/main/de/devloop/openid/UserInfo.java deleted file mode 100644 index f34bf1f..0000000 --- a/src/main/de/devloop/openid/UserInfo.java +++ /dev/null @@ -1,15 +0,0 @@ -package de.devloop.openid; - -public class UserInfo { - - private String email; - - public String getEmail() { - return email; - } - - public void setEmail(String email) { - this.email = email; - } - -}