Commit c3b2dc87 authored by Yadd's avatar Yadd
Browse files

Ajax to remove OIDC consent (#826)

parent 9910a0aa
......@@ -129,7 +129,7 @@
.\" ========================================================================
.\"
.IX Title "llng-fastcgi-server 1"
.TH llng-fastcgi-server 1 "2017-09-05" "perl v5.26.0" "User Contributed Perl Documentation"
.TH llng-fastcgi-server 1 "2017-09-18" "perl v5.26.0" "User Contributed Perl Documentation"
.\" For nroff, turn off justification. Always turn off hyphenation; it makes
.\" way too many mistakes in technical documents.
.if n .ad l
......
......@@ -6,6 +6,7 @@ our $VERSION = '2.0.0';
package Lemonldap::NG::Portal::Main;
use strict;
use Mouse;
has skinRules => ( is => 'rw' );
......@@ -468,9 +469,16 @@ sub mkOidcConsent {
. '<tbody><tr>';
# TODO: add JS to remove consent
$tmp .= "<tr><td>$_</td></tr>"
foreach ( split /,/, $session->{_oidcConnectedRP} );
$tmp .= '</tbody></table>';
if ( $session->{_oidcConnectedRP} ) {
$tmp .=
qq'<tr><td>$_ <a class="oidcConsent" partner="$_">remove</a></td></tr>'
foreach ( split /,/, $session->{_oidcConnectedRP} );
$tmp .= qq'</tbody></table><script type="application/init">
{
"oidcConsents":"$session->{_oidcConnectedRP}"
}
</script>';
}
return $tmp;
}
......
......@@ -88,6 +88,17 @@ has exportedAttr => (
}
);
has ott => (
is => 'rw',
lazy => 1,
default => sub {
my $ott =
$_[0]->{p}->loadModule('Lemonldap::NG::Portal::Lib::OneTimeToken');
$ott->timeout( $_[0]->conf->{formTimeout} );
return $ott;
}
);
# INITIALIZATION
sub init {
......@@ -294,6 +305,11 @@ sub mysession {
{ result => $req->userData->{ $self->conf->{whatToTrace} } } );
}
if ( defined $req->param('gettoken') ) {
return $self->p->sendJSONresponse( $req,
{ token => $self->ott->createToken() } );
}
# Verify authorizationfor arg
elsif ( my $url = $req->param('authorizationfor') ) {
......@@ -338,14 +354,26 @@ sub updateMySession {
my ( $self, $req ) = @_;
my $res = 0;
my $mKeys = [];
if ( $req->param('sessionType') eq 'persistent' ) {
foreach my $key (qw(_appsListOrder)) {
if ( my $v = $req->param($key) ) {
$res++;
push @$mKeys, $key;
$self->p->updatePersistentSession( $req, { $key => $v } );
if ( my $token = $req->param('token') ) {
if ( $self->ott->getToken($token) ) {
if ( $req->param('sessionType') eq 'persistent' ) {
foreach my $key (qw(_appsListOrder _oidcConnectedRP)) {
my $v = $req->param($key);
if ( defined $v ) {
$res++;
push @$mKeys, $key;
$self->p->updatePersistentSession( $req,
{ $key => $v } );
}
}
}
}
else {
$self->logger->error('Update session request with invalid token');
}
}
else {
$self->logger->error('Update session request without token');
}
unless ($res) {
return $self->p->sendError( $req, 'Modification refused', 403 );
......
......@@ -49,12 +49,28 @@ setSelector = "#appslist"
# function that writes the list order to session
setOrder = ->
setKey '_appsListOrder', $(setSelector).sortable("toArray").join()
removeOidcConsent = (partner) ->
r = new RegExp partner, 'g'
datas['oidcConsents'] = datas['oidcConsents'].replace(r,'').replace(',+',',')
setKey '_oidcConnectedRP', datas['oidcConsents']
$(this).text()
setKey = (key,val) ->
$.ajax
type: "PUT"
url: datas['scriptname'] + '/mysession/persistent'
data:
_appsListOrder: $(setSelector).sortable("toArray").join()
type: "GET"
url: datas['scriptname'] + '/mysession/?gettoken'
dataType: 'json'
success: (data) ->
d =
token: data.token
d[key] = val
$.ajax
type: "PUT"
url: datas['scriptname'] + '/mysession/persistent'
dataType: 'json'
data: d
# function that restores the list order from session
restoreOrder = ->
......@@ -250,3 +266,5 @@ $(document).ready ->
s = new Date($(this).attr("val")*1000)
$(this).text s.toLocaleString()
$('.oidcConsent').on 'click', () ->
removeOidcConsent $(this).attr 'partner'
......@@ -5,7 +5,7 @@ LemonLDAP::NG Portal jQuery scripts
*/
(function() {
var datas, getCookie, getValues, isHiddenFormValueSet, ping, restoreOrder, setCookie, setOrder, setSelector, translate, translatePage, translationFields,
var datas, getCookie, getValues, isHiddenFormValueSet, ping, removeOidcConsent, restoreOrder, setCookie, setKey, setOrder, setSelector, translate, translatePage, translationFields,
indexOf = [].indexOf || function(item) { for (var i = 0, l = this.length; i < l; i++) { if (i in this && this[i] === item) return i; } return -1; };
translationFields = {};
......@@ -71,13 +71,35 @@ LemonLDAP::NG Portal jQuery scripts
setSelector = "#appslist";
setOrder = function() {
return setKey('_appsListOrder', $(setSelector).sortable("toArray").join());
};
removeOidcConsent = function(partner) {
var r;
r = new RegExp(partner, 'g');
datas['oidcConsents'] = datas['oidcConsents'].replace(r, '').replace(',+', ',');
setKey('_oidcConnectedRP', datas['oidcConsents']);
return $(this).text();
};
setKey = function(key, val) {
return $.ajax({
type: "PUT",
url: datas['scriptname'] + '/mysession/persistent',
data: {
_appsListOrder: $(setSelector).sortable("toArray").join()
},
dataType: 'json'
type: "GET",
url: datas['scriptname'] + '/mysession/?gettoken',
dataType: 'json',
success: function(data) {
var d;
d = {
token: data.token
};
d[key] = val;
return $.ajax({
type: "PUT",
url: datas['scriptname'] + '/mysession/persistent',
dataType: 'json',
data: d
});
}
});
};
......@@ -261,11 +283,14 @@ LemonLDAP::NG Portal jQuery scripts
if (datas['pingInterval'] && datas['pingInterval'] > 0) {
window.setTimeout(ping, datas['pingInterval']);
}
return $(".localeDate").each(function() {
$(".localeDate").each(function() {
var s;
s = new Date($(this).attr("val") * 1000);
return $(this).text(s.toLocaleString());
});
return $('.oidcConsent').on('click', function() {
return removeOidcConsent($(this).attr('partner'));
});
});
}).call(this);
(function(){var e,g,d,a,k,j,m,i,f,b,l,c,h=[].indexOf||function(p){for(var o=0,n=this.length;o<n;o++){if(o in this&&this[o]===p){return o}}return -1};c={};l=function(n){return $.getJSON(window.staticPrefix+"languages/"+n+".json",function(o){c=o;$("[trspan]").each(function(){var s,t,q,p,r;s=$(this).attr("trspan").split(",");p=b(s.shift());for(t=0,q=s.length;t<q;t++){r=s[t];p=p.replace(/%[sd]/,r)}return $(this).text(p)});$("[trmsg]").each(function(){return $(this).text(b("PE"+($(this).attr("trmsg"))))});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",b($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var p;p=new Date($(this).attr("localtime")*1000);return $(this).text(p.toLocaleString())})})};b=function(n){if(c[n]){return c[n]}else{return n}};window.translate=b;d=function(){var n;n={};$("script[type='application/init']").each(function(){var s,p,o,r,q;try{q=JSON.parse($(this).text());r=[];for(o in q){r.push(n[o]=q[o])}return r}catch(p){s=p;console.log("Parsing error",s);return console.log("JSON",$(this).text())}});return n};f="#appslist";i=function(){return $.ajax({type:"PUT",url:e.scriptname+"/mysession/persistent",data:{_appsListOrder:$(f).sortable("toArray").join()},dataType:"json"})};j=function(){var p,o,s,A,n,x,q,t,r,w,y,u,z;w=$(f);if(!((w!=null)&&e.appslistorder)){return null}p=e.appslistorder.split(",");x=w.sortable("toArray");y=[];for(s=0,t=x.length;s<t;s++){z=x[s];y[z]=z}for(q=0,r=p.length;q<r;q++){n=p[q];if(y[n]){A=y[n];o=$(f+".ui-sortable").children("#"+A);u=$(f+".ui-sortable").children("#"+n);o.remove();$(f+".ui-sortable").filter(":first").append(u)}}return 1};a=function(n){return $("#lmhidden_"+n).length};k=function(){return $.ajax({type:"POST",url:e.scriptname,data:{ping:1},dataType:"json",success:function(n){if((n.result!=null)&&n.result===1){return setTimeout(k,e.pingInterval)}else{return location.reload(true)}},error:function(n,o,p){return location.reload(true)}})};window.ping=k;g=function(q){var t,o,r,n,p,s;p=q+"=";o=decodeURIComponent(document.cookie).split(";");s=new RegExp("^ *"+q+"=");for(r=0,n=o.length;r<n;r++){t=o[r];if(t.match(s)){t=t.replace(s,"");return t}}return""};m=function(n,p,o){var q;q=new Date();q.setTime(q.getTime()+o*86400000);return document.cookie=n+"="+p+"; expires="+(q.toUTCString())+"; path=/"};e={};$(document).ready(function(){var E,D,F,C,G,B,I,y,x,w,H,u,t,s,z,A,q,p,o,n,r,v;e=d();window.datas=e;if(e.antiframe&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:0.5,revert:true,items:"> div.category",update:function(){return i()}});j();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-(new Date().getTimezoneOffset()/60));q=$("#menu").tabs({active:0});A=$('#menu a[href="#'+e.displaytab+'"]').parent().index();if(A<0){A=0}q.tabs("option","active",A);F=$("#authMenu").tabs({active:0});if(e.choicetab){F.tabs("option","active",$('#authMenu a[href="#'+e.choicetab+'"]').parent().index())}if(e.login){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(e.newwindow){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){E=$("form.login").attr("action");p=$("form.login").attr("method");C="";if(E.indexOf("?")!==-1){E.substring(0,E.indexOf("?"))+"?"}else{C=E+"?"}$("form.login input[type=hidden]").each(function(J){return C+="&"+$(this).attr("name")+"="+$(this).val()});s=$("p.removeOther a").attr("href")+"&method="+p+"&url="+btoa(C);$("p.removeOther a").attr("href",s)}I=g("llnglanguage");if(!I){if(navigator){x=[];w=[];n=[navigator.language];if(navigator.languages){n=navigator.languages}r=window.availableLanguages;for(G=0,H=r.length;G<H;G++){D=r[G];y+='<img class="langicon" src="'+window.staticPrefix+"common/"+D+'.png" title="'+D+'" alt="['+D+']"> ';for(B=0,u=n.length;B<u;B++){o=n[B];if(D===o){x.push(D)}else{if(D.substring(0,1)===o.substring(0,1)){w.push(D)}}}}I=x[0]?x[0]:w[0]?w[0]:window.availableLanguages[0]}else{I=window.availableLanguages[0]}}else{if(h.call(window.availableLanguages,I)<0){I=window.availableLanguages[0]}}m("llnglanguage",I);l(I);y="";v=window.availableLanguages;for(z=0,t=v.length;z<t;z++){D=v[z];y+='<img class="langicon" src="'+window.staticPrefix+"common/"+D+'.png" title="'+D+'" alt="['+D+']"> '}$("#languages").html(y);$(".langicon").on("click",function(){I=$(this).attr("title");m("llnglanguage",I);return l(I)});if(e.pingInterval&&e.pingInterval>0){window.setTimeout(k,e.pingInterval)}return $(".localeDate").each(function(){var J;J=new Date($(this).attr("val")*1000);return $(this).text(J.toLocaleString())})})}).call(this);
\ No newline at end of file
(function(){var f,i,e,b,m,h,l,o,a,k,g,c,n,d,j=[].indexOf||function(r){for(var q=0,p=this.length;q<p;q++){if(q in this&&this[q]===r){return q}}return -1};d={};n=function(p){return $.getJSON(window.staticPrefix+"languages/"+p+".json",function(q){d=q;$("[trspan]").each(function(){var u,w,s,r,t;u=$(this).attr("trspan").split(",");r=c(u.shift());for(w=0,s=u.length;w<s;w++){t=u[w];r=r.replace(/%[sd]/,t)}return $(this).text(r)});$("[trmsg]").each(function(){return $(this).text(c("PE"+($(this).attr("trmsg"))))});$("[trplaceholder]").each(function(){return $(this).attr("placeholder",c($(this).attr("trplaceholder")))});return $("[localtime]").each(function(){var r;r=new Date($(this).attr("localtime")*1000);return $(this).text(r.toLocaleString())})})};c=function(p){if(d[p]){return d[p]}else{return p}};window.translate=c;e=function(){var p;p={};$("script[type='application/init']").each(function(){var u,r,q,t,s;try{s=JSON.parse($(this).text());t=[];for(q in s){t.push(p[q]=s[q])}return t}catch(r){u=r;console.log("Parsing error",u);return console.log("JSON",$(this).text())}});return p};g="#appslist";k=function(){return a("_appsListOrder",$(g).sortable("toArray").join())};h=function(q){var p;p=new RegExp(q,"g");f.oidcConsents=f.oidcConsents.replace(p,"").replace(",+",",");a("_oidcConnectedRP",f.oidcConsents);return $(this).text()};a=function(p,q){return $.ajax({type:"GET",url:f.scriptname+"/mysession/?gettoken",dataType:"json",success:function(r){var s;s={token:r.token};s[p]=q;return $.ajax({type:"PUT",url:f.scriptname+"/mysession/persistent",dataType:"json",data:s})}})};l=function(){var r,q,u,C,p,z,s,w,t,y,A,x,B;y=$(g);if(!((y!=null)&&f.appslistorder)){return null}r=f.appslistorder.split(",");z=y.sortable("toArray");A=[];for(u=0,w=z.length;u<w;u++){B=z[u];A[B]=B}for(s=0,t=r.length;s<t;s++){p=r[s];if(A[p]){C=A[p];q=$(g+".ui-sortable").children("#"+C);x=$(g+".ui-sortable").children("#"+p);q.remove();$(g+".ui-sortable").filter(":first").append(x)}}return 1};b=function(p){return $("#lmhidden_"+p).length};m=function(){return $.ajax({type:"POST",url:f.scriptname,data:{ping:1},dataType:"json",success:function(p){if((p.result!=null)&&p.result===1){return setTimeout(m,f.pingInterval)}else{return location.reload(true)}},error:function(p,q,r){return location.reload(true)}})};window.ping=m;i=function(s){var v,q,t,p,r,u;r=s+"=";q=decodeURIComponent(document.cookie).split(";");u=new RegExp("^ *"+s+"=");for(t=0,p=q.length;t<p;t++){v=q[t];if(v.match(u)){v=v.replace(u,"");return v}}return""};o=function(p,r,q){var s;s=new Date();s.setTime(s.getTime()+q*86400000);return document.cookie=p+"="+r+"; expires="+(s.toUTCString())+"; path=/"};f={};$(document).ready(function(){var G,F,H,E,I,D,K,A,z,y,J,w,v,u,B,C,s,r,q,p,t,x;f=e();window.datas=f;if(f.antiframe&&top!==self){top.location.href=location.href}$("#appslist").sortable({axis:"y",cursor:"move",opacity:0.5,revert:true,items:"> div.category",update:function(){return k()}});l();$("div.message").fadeIn("slow");$("input[name=timezone]").val(-(new Date().getTimezoneOffset()/60));s=$("#menu").tabs({active:0});C=$('#menu a[href="#'+f.displaytab+'"]').parent().index();if(C<0){C=0}s.tabs("option","active",C);H=$("#authMenu").tabs({active:0});if(f.choicetab){H.tabs("option","active",$('#authMenu a[href="#'+f.choicetab+'"]').parent().index())}if(f.login){$("input[type=password]:first").focus()}else{$("input[type!=hidden]:first").focus()}if(f.newwindow){$("#appslist a").attr("target","_blank")}if($("p.removeOther").length){G=$("form.login").attr("action");r=$("form.login").attr("method");E="";if(G.indexOf("?")!==-1){G.substring(0,G.indexOf("?"))+"?"}else{E=G+"?"}$("form.login input[type=hidden]").each(function(L){return E+="&"+$(this).attr("name")+"="+$(this).val()});u=$("p.removeOther a").attr("href")+"&method="+r+"&url="+btoa(E);$("p.removeOther a").attr("href",u)}K=i("llnglanguage");if(!K){if(navigator){z=[];y=[];p=[navigator.language];if(navigator.languages){p=navigator.languages}t=window.availableLanguages;for(I=0,J=t.length;I<J;I++){F=t[I];A+='<img class="langicon" src="'+window.staticPrefix+"common/"+F+'.png" title="'+F+'" alt="['+F+']"> ';for(D=0,w=p.length;D<w;D++){q=p[D];if(F===q){z.push(F)}else{if(F.substring(0,1)===q.substring(0,1)){y.push(F)}}}}K=z[0]?z[0]:y[0]?y[0]:window.availableLanguages[0]}else{K=window.availableLanguages[0]}}else{if(j.call(window.availableLanguages,K)<0){K=window.availableLanguages[0]}}o("llnglanguage",K);n(K);A="";x=window.availableLanguages;for(B=0,v=x.length;B<v;B++){F=x[B];A+='<img class="langicon" src="'+window.staticPrefix+"common/"+F+'.png" title="'+F+'" alt="['+F+']"> '}$("#languages").html(A);$(".langicon").on("click",function(){K=$(this).attr("title");o("llnglanguage",K);return n(K)});if(f.pingInterval&&f.pingInterval>0){window.setTimeout(m,f.pingInterval)}$(".localeDate").each(function(){var L;L=new Date($(this).attr("val")*1000);return $(this).text(L.toLocaleString())});return $(".oidcConsent").on("click",function(){return h($(this).attr("partner"))})})}).call(this);
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment