Minor refactor for oauth.:wq
parent
2592d338bb
commit
16180f4c6d
|
@ -62,9 +62,9 @@ Test coverage report of unit and integration test can be found in wisemapping-op
|
||||||
## Google authorization
|
## Google authorization
|
||||||
|
|
||||||
You must configure the following wisemapping properties (app.properties) in order to get google authorization working
|
You must configure the following wisemapping properties (app.properties) in order to get google authorization working
|
||||||
* `google.oauth2.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
|
* `security.oauth2.google.callbackUrl`: url where google will redirect after user authentication, tipically {frontendBaseUrl}/c/registration-google. Also, this url must be defined in google app configuration
|
||||||
* `google.oauth2.clientId`: client id from google app
|
* `security.oauth2.google.clientId`: client id from google app
|
||||||
* `google.oauth2.clientSecret`: client secret from google app
|
* `security.oauth2.google.clientSecret`: client secret from google app
|
||||||
|
|
||||||
You must create a Google Application in [Google Cloud](https://console.cloud.google.com) and complete all the information required by Google. Here are the most important properties.
|
You must create a Google Application in [Google Cloud](https://console.cloud.google.com) and complete all the information required by Google. Here are the most important properties.
|
||||||
|
|
||||||
|
|
|
@ -54,7 +54,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
|
||||||
@Value("${security.type}")
|
@Value("${security.type}")
|
||||||
private String securityType;
|
private String securityType;
|
||||||
|
|
||||||
@Value("${google.oauth2.url}")
|
@Value("${security.oauth2.google.url}")
|
||||||
private String googleOauth2Url;
|
private String googleOauth2Url;
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
|
@ -67,7 +67,7 @@ public class RequestPropertiesInterceptor implements HandlerInterceptor {
|
||||||
request.setAttribute("google.recaptcha2.enabled", recaptcha2Enabled);
|
request.setAttribute("google.recaptcha2.enabled", recaptcha2Enabled);
|
||||||
request.setAttribute("google.recaptcha2.siteKey", recaptcha2SiteKey);
|
request.setAttribute("google.recaptcha2.siteKey", recaptcha2SiteKey);
|
||||||
|
|
||||||
request.setAttribute("google.oauth2.url", googleOauth2Url);
|
request.setAttribute("security.oauth2.google.url", googleOauth2Url);
|
||||||
|
|
||||||
request.setAttribute("site.homepage", siteHomepage);
|
request.setAttribute("site.homepage", siteHomepage);
|
||||||
request.setAttribute("site.static.js.url", siteStaticUrl);
|
request.setAttribute("site.static.js.url", siteStaticUrl);
|
||||||
|
|
|
@ -134,22 +134,28 @@ security.ldap.auth.attribute=mail
|
||||||
security.ldap.lastName.attribute=sn
|
security.ldap.lastName.attribute=sn
|
||||||
security.ldap.firstName.attribute=givenName
|
security.ldap.firstName.attribute=givenName
|
||||||
|
|
||||||
|
#######################################################################################
|
||||||
|
# Google OAuth Authentication
|
||||||
|
#######################################################################################
|
||||||
|
|
||||||
|
# Redirect to this url, this url must be configured in the google app {baseurl}/c/registration-google
|
||||||
|
security.oauth2.google.callbackUrl=https://wisemapping.com/c/registration-google
|
||||||
|
# Google service for finish registration process, ie. exchange temporal code for user token
|
||||||
|
security.oauth2.google.confirmUrl=https://oauth2.googleapis.com/token
|
||||||
|
# Google service for get user data (name, email, etc)
|
||||||
|
security.oauth2.google.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
|
||||||
|
# Url for starting auth process with google
|
||||||
|
security.oauth2.google.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${security.oauth2.google.callbackUrl}&prompt=consent&response_type=code&client_id=${security.oauth2.google.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true
|
||||||
|
|
||||||
|
# Configure the following settings ...
|
||||||
|
# OAuth Client id
|
||||||
|
#security.oauth2.google.clientId=
|
||||||
|
# OAuth Client secret
|
||||||
|
#security.oauth2.google.clientSecret=
|
||||||
|
|
||||||
|
#######################################################################################
|
||||||
# User Account filtering policies
|
# User Account filtering policies
|
||||||
|
#######################################################################################
|
||||||
|
|
||||||
# Coma separated list of domains and emails ban
|
# Coma separated list of domains and emails ban
|
||||||
#accounts.exclusion.domain=
|
#accounts.exclusion.domain=
|
||||||
|
|
||||||
# google will redirect to this url, this url must be configured in the google app
|
|
||||||
# {baseurl}/c/registration-google
|
|
||||||
google.oauth2.callbackUrl=https://wisemapping.com/c/registration-google
|
|
||||||
# google app client id
|
|
||||||
google.oauth2.clientId=
|
|
||||||
# google app client secret
|
|
||||||
google.oauth2.clientSecret=
|
|
||||||
# google service for finish registration process, ie. exchange temporal code for user token
|
|
||||||
google.oauth2.confirmUrl=https://oauth2.googleapis.com/token
|
|
||||||
# google service for get user data (name, email, etc)
|
|
||||||
google.oauth2.userinfoUrl=https://www.googleapis.com/oauth2/v3/userinfo
|
|
||||||
# url for starting auth process with google
|
|
||||||
google.oauth2.url=https://accounts.google.com/o/oauth2/v2/auth?redirect_uri=${google.oauth2.callbackUrl}&prompt=consent&response_type=code&client_id=${google.oauth2.clientId}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%20https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email&access_type=offline&state=wisemapping&include_granted_scopes=true
|
|
||||||
|
|
||||||
|
|
|
@ -23,11 +23,11 @@
|
||||||
|
|
||||||
<bean id="googleService" class="com.wisemapping.service.google.GoogleService">
|
<bean id="googleService" class="com.wisemapping.service.google.GoogleService">
|
||||||
<property name="httpInvoker" ref="httpInvoker"/>
|
<property name="httpInvoker" ref="httpInvoker"/>
|
||||||
<property name="optinConfirmUrl" value="${google.oauth2.confirmUrl}"/>
|
<property name="optinConfirmUrl" value="${security.oauth2.google.confirmUrl}"/>
|
||||||
<property name="accountBasicDataUrl" value="${google.oauth2.userinfoUrl}"/>
|
<property name="accountBasicDataUrl" value="${security.oauth2.google.userinfoUrl}"/>
|
||||||
<property name="clientId" value="${google.oauth2.clientId}"/>
|
<property name="clientId" value="${security.oauth2.google.clientId}"/>
|
||||||
<property name="clientSecret" value="${google.oauth2.clientSecret}"/>
|
<property name="clientSecret" value="${security.oauth2.google.clientSecret}"/>
|
||||||
<property name="callbackUrl" value="${google.oauth2.callbackUrl}"/>
|
<property name="callbackUrl" value="${security.oauth2.google.callbackUrl}"/>
|
||||||
</bean>
|
</bean>
|
||||||
|
|
||||||
<bean id="userServiceTarget" class="com.wisemapping.service.UserServiceImpl">
|
<bean id="userServiceTarget" class="com.wisemapping.service.UserServiceImpl">
|
||||||
|
|
|
@ -20,7 +20,7 @@
|
||||||
clientType: 'rest',
|
clientType: 'rest',
|
||||||
recaptcha2Enabled: ${requestScope['google.recaptcha2.enabled']},
|
recaptcha2Enabled: ${requestScope['google.recaptcha2.enabled']},
|
||||||
recaptcha2SiteKey: '${requestScope['google.recaptcha2.siteKey']}',
|
recaptcha2SiteKey: '${requestScope['google.recaptcha2.siteKey']}',
|
||||||
googleOauth2Url: '${requestScope['google.oauth2.url']}'
|
googleOauth2Url: '${requestScope['security.oauth2.google.url']}'
|
||||||
};
|
};
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
Loading…
Reference in New Issue