Implemented simple oauth2 based authentication with a http basic auth protected token endpoint

parent e05cc83c
......@@ -61,6 +61,8 @@
<!-- build:js({app,.tmp}) scripts/main.js -->
<script src="scripts/archivingPortalClient.js"></script>
<script src="scripts/services.js"></script>
<script src="scripts/service/LoginService.js"></script>
<script src="scripts/service/NationService.js"></script>
<script src="scripts/directives.js"></script>
<script src="scripts/controller/MainController.js"></script>
<script src="scripts/controller/ArchivingController.js"></script>
......
......@@ -5,8 +5,8 @@
<div>
<form class="well form-inline">
<h3>Login</h3>
<input ng-model="login.username" type="text" val="username" placeholder="Username">
<input ng-model="login.password" type="password" val="password" placeholder="Password">
<button type="submit" class="btn" ng-click="login()">Log in</button>
<input ng-model="login.username" type="text" placeholder="Username">
<input ng-model="login.password" type="password" placeholder="Password">
<button type="submit" class="btn" ng-click="doLogin()">Log in</button>
</form>
</div>
......@@ -9,7 +9,8 @@ var archivingPortalClient = angular.module('archivingPortalClient',
'ngResource',
'ngRoute',
'archivingPortalClient.directives',
'archivingPortalClient.nationServices'
'archivingPortalClient.nationService',
'archivingPortalClient.loginService'
]);
......@@ -31,26 +32,37 @@ archivingPortalClient.config(['$routeProvider', function ($routeProvider) {
});
$routeProvider.otherwise({
redirectTo: '404.html'
redirectTo: '404.htmlg'
});
}]);
archivingPortalClient.run(['$rootScope', '$injector', function($rootScope, $injector) {
$injector.get("$http").defaults.transformRequest = function(data, headersGetter) {
archivingPortalClient.run(function ($rootScope) {
$rootScope.portalApiUrl = "http://localhost:8080/";
});
headersGetter()['Authorization'] = "Bearer ACCESS_TOKEN";//+$rootScope.ACCESS_TOKEN;
/**
* Oauth Section***
*
* This section deals with the Oauth2 stuff we are using to
* authenticate users to the service.
*/
/**
* Intercept all requests.
* All requests will have their header modified with the Oauth2 access_token if
* one is available in the $rootScope. Note that this scope resets if you refresh.
*/
archivingPortalClient.run(['$rootScope', '$injector', function($rootScope, $injector) {
$injector.get("$http").defaults.transformRequest = function(data, headersGetter) {
if ($rootScope.access_token) headersGetter()['Authorization'] = "Bearer "+$rootScope.access_token;
if (data) {
return angular.toJson(data);
}
};
}]);
archivingPortalClient.run(function ($rootScope) {
$rootScope.portalApiUrl = "http://localhost:8080/";
});
/**
* Html5 mode:
*
......
'use strict';
var MainController = function($scope, $log, $http, RequestToken, TokenService, $rootScope) {
var MainController = function($scope, $log, $http, LoginService, $rootScope) {
//$rootScope.ACCESS_TOKEN = "27a05bcf-b731-493d-8cc3-987e52d99080";
//$log.info($rootScope.ACCESS_TOKEN);
$scope.login = {};
//$log.info($http.get('http://localhost:8080/nation/list'));
//$log.info($http.get('http://localhost:8080/user'));
$scope.doLogin = function() {
//var token = RequestToken.save();
//
//$log.info(token);
if($rootScope.access_token != null) {
$log.info("IM A NOOB!");
}
//var token = TokenService();
//$scope.login = {};
//
//$scope.login = function() {
// $log.info("Hello");
// var loginString = 'password='+$scope.login.password+'&username='+$scope.login.username+'&grant_type=password&scope=write&client_secret=123456&client_id=html5-archivingportal';
//
//
//
// var key = window.btoa('html5-archivingportal:123456');
//$log.info(key);
//
// $http.post(
// 'http://localhost:8080/oauth/token'
// , "grant_type=password"
// , {headers: {'Authorization': 'Basic ' + key}}
// )
//}
LoginService.save({username: $scope.login.username, password: $scope.login.password}, function(data) {
$rootScope.access_token = data.access_token;
$log.info(data.access_token);
});
}
};
'use strict';
var loginService = angular.module('archivingPortalClient.loginService', ['ngResource']);
/**
* Logs a user in using basic authentication to request access to the
* oauth2 token endpoint.
*/
loginService.factory('LoginService', function ($resource, $http) {
$http.defaults.headers.common['Authorization'] = 'Basic aHRtbDUtYXJjaGl2aW5ncG9ydGFsOjEyMzQ1Ng==';
return $resource(apiUrl+'oauth/token', {}, {
save: {
params:{
password:'@password',
username:'@username',
grant_type:'password',
scope:'write',
client_secret:'123456',
client_id:'html5-archivingportal'
}
}
});
});
'use strict';
var nationService = angular.module('archivingPortalClient.nationService', ['ngResource']);
var apiUrl = 'http://localhost:8080/';
var nationAll = 'nation/list';
nationService.factory('Nations', ['$resource',
function($resource) {
return $resource(apiUrl+nationAll, {}, [{
query:{
//params can go here if we got any.
}
}]);
}
]);
var schemaServices = angular.module('archivingPortalClient.nationServices', ['ngResource']);
var apiUrl = 'http://localhost:8080/';
var nationAll = 'nation/list';
schemaServices.factory('Nations', ['$resource',
function($resource) {
return $resource(apiUrl+nationAll, {}, [{
query:{
//params can go here if we got any.
}
}]);
}
]);
// password=password&username=admin&grant_type=password&scope=write&client_secret=123456&client_id=html5-archivingportal
/**
* This method doesnt send the user name when logging in.
*/
schemaServices.factory('RequestToken', ['$resource',
function($resource) {
return $resource(apiUrl+"oauth/token", {}, [{
save: {
headers: {'Authorization': 'Basic aHRtbDUtYXJjaGl2aW5ncG9ydGFsOjEyMzQ1Ng=='},
method: 'POST',
params:{
password:'password',
username:'admin',
grant_type:'password',
scope:'write',
client_secret:'123456',
client_id:'html5-archivingportal'
}
}
}]);
}]);
schemaServices.factory('TokenService', function ($resource, $http, $log) {
//var consumerKey = encodeURIComponent('<your consumer key>')
//var consumerSecret = encodeURIComponent('<your consumer secret>')
//var credentials = bota(consumerKey + ':' + consumerSecret)
// Twitters OAuth service endpoint
var oauthEndpoint = $http.post(
'http://localhost:8080/oauth2/token',
'password=password&username=admin&grant_type=password&scope=write&client_secret=123456&client_id=html5-archivingportal',
{user: {'Authorization': 'Basic aHRtbDUtYXJjaGl2aW5ncG9ydGFsOjEyMzQ1Ng==', 'Content-Type': 'application/json;charset=UTF-8'}}
);
$log.info(oauthEndpoint);
oauthEndpoint.success(function (response) {
//$log.info(response);
// a successful response will return
// the "bearer" token which is registered
// to the $httpProvider
//$httpProvider.defaults.headers.common['Authorization'] = "Bearer " + response.access_token
$log.info(response);
}).error(function (response) {
// error handling to some meaningful extent
//$log.error(response);
});
return oauthEndpoint;
});
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment