airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From scnakand...@apache.org
Subject [1/2] airavata-php-gateway git commit: considering the less priviledged user case
Date Wed, 28 Jun 2017 21:27:35 GMT
Repository: airavata-php-gateway
Updated Branches:
  refs/heads/develop 7c3d19a8c -> 5d9bb195e


considering the less priviledged user case


Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/b1dcbdfa
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/b1dcbdfa
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/b1dcbdfa

Branch: refs/heads/develop
Commit: b1dcbdfa0ccebb213d44e6a1277943a6c47a10b3
Parents: a3cd053
Author: scnakandala <supun.nakandala@gmail.com>
Authored: Wed Jun 28 17:27:29 2017 -0400
Committer: scnakandala <supun.nakandala@gmail.com>
Committed: Wed Jun 28 17:27:29 2017 -0400

----------------------------------------------------------------------
 app/controllers/AccountController.php | 35 +++++++++++++++++-------------
 app/routes.php                        |  2 ++
 2 files changed, 22 insertions(+), 15 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/b1dcbdfa/app/controllers/AccountController.php
----------------------------------------------------------------------
diff --git a/app/controllers/AccountController.php b/app/controllers/AccountController.php
index 726d2a6..97b5042 100644
--- a/app/controllers/AccountController.php
+++ b/app/controllers/AccountController.php
@@ -170,16 +170,12 @@ class AccountController extends BaseController
             Session::put("gateway_id", Config::get('pga_config.airavata')['gateway-id']);
 
             if(Session::has("admin") || Session::has("admin-read-only") || Session::has("authorized-user")){
-                return $this->initializeWithAiravata($username, $userEmail, $firstName,
$lastName, $accessToken, $refreshToken, $expirationTime);
+                return $this->initializeWithAiravata($username, $userEmail, $firstName,
$lastName, $accessToken,
+                    $refreshToken, $expirationTime);
             }
 
-            if(Session::has("admin") || Session::has("admin-read-only")){
-                return Redirect::to("admin/dashboard". "?status=ok&code=".$accessToken
. "&username=".$username
-                    . "&refresh_code=" . $refreshToken . "&valid_time=" . $expirationTime);
-            }else{
-                return Redirect::to("account/dashboard". "?status=ok&code=".$accessToken
. "&username=".$username
-                    . "&refresh_code=" . $refreshToken . "&valid_time=" . $expirationTime);
-            }
+            return Redirect::to("account/dashboard" . "?status=less_privileged&code=".$accessToken
. "&username=".$username
+                . "&refresh_code=" . $refreshToken . "&valid_time=" . $expirationTime);
         }
 
     }
@@ -246,13 +242,9 @@ class AccountController extends BaseController
             return $this->initializeWithAiravata($username, $userEmail, $firstName, $lastName,
$accessToken, $refreshToken, $expirationTime);
         }
 
-        if(Session::has("admin") || Session::has("admin-read-only")){
-            return Redirect::to("admin/dashboard" . "?status=ok&code=" . $accessToken
. "&username=".$username
-                . "&refresh_code=" . $refreshToken . "&valid_time=" . $expirationTime);
-        }else{
-            return Redirect::to("account/dashboard" . "?status=ok&code=".$accessToken
. "&username=".$username
-                . "&refresh_code=" . $refreshToken . "&valid_time=" . $expirationTime);
-        }
+        return Redirect::to("account/dashboard" . "?status=less_privileged&code=".$accessToken
. "&username=".$username
+            . "&refresh_code=" . $refreshToken . "&valid_time=" . $expirationTime);
+
     }
 
     private function hasAnyRoles($roles) {
@@ -495,6 +487,19 @@ class AccountController extends BaseController
         }
     }
 
+    public function getRefreshedTokenForDesktop(){
+        $refreshToken = Input::get('refresh_code');
+        $response = Keycloak::getRefreshedOAuthToken($refreshToken);
+        if(isset($response->access_token)){
+            $accessToken = $response->access_token;
+            $refreshToken = $response->refresh_token;
+            $expirationTime = $response->expires_in; // 5 minutes safe margin
+            var_dump(array('status'=>'ok', 'code'=>$accessToken, 'refresh_code'=>$refreshToken,
'valid_time'=>$expirationTime));
+        }else{
+            var_dump(array('status'=>'failed'));
+        }
+    }
+
     public function logout()
     {
        Session::flush();

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/b1dcbdfa/app/routes.php
----------------------------------------------------------------------
diff --git a/app/routes.php b/app/routes.php
index 2c142f3..6fa808b 100755
--- a/app/routes.php
+++ b/app/routes.php
@@ -24,6 +24,8 @@ Route::post("login", "AccountController@loginSubmit");
 
 Route::get("login-desktop", "AccountController@loginDesktopView");
 
+Route::get("refreshed-token-desktop", "AccountController@getRefreshedTokenForDesktop");
+
 Route::get("account/dashboard", "AccountController@dashboard");
 
 Route::get("callback-url", "AccountController@oauthCallback");


Mime
View raw message