airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From machris...@apache.org
Subject [35/50] [abbrv] airavata-php-gateway git commit: AIRAVATA-2342 Detecting UPDATE_PASSWORD required action when login fails
Date Fri, 16 Jun 2017 20:36:38 GMT
AIRAVATA-2342 Detecting UPDATE_PASSWORD required action when login fails


Project: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/repo
Commit: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/commit/1a395671
Tree: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/tree/1a395671
Diff: http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/diff/1a395671

Branch: refs/heads/develop
Commit: 1a3956711af99fd9ad8d8c9e9496e7c7b1ca3c91
Parents: 8154eac
Author: Marcus Christie <machrist@iu.edu>
Authored: Thu May 11 10:49:21 2017 -0400
Committer: Marcus Christie <machrist@iu.edu>
Committed: Thu May 11 10:49:21 2017 -0400

----------------------------------------------------------------------
 app/controllers/AccountController.php |  6 +++++-
 app/libraries/Keycloak/Keycloak.php   | 16 ++++++++++++++++
 app/views/account/login.blade.php     |  8 +++++---
 3 files changed, 26 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/1a395671/app/controllers/AccountController.php
----------------------------------------------------------------------
diff --git a/app/controllers/AccountController.php b/app/controllers/AccountController.php
index 4b7f7da..8e54d42 100644
--- a/app/controllers/AccountController.php
+++ b/app/controllers/AccountController.php
@@ -112,7 +112,11 @@ class AccountController extends BaseController
             $password = $_POST['password'];
             $response = Keycloak::authenticate($username, $password);
             if(!isset($response->access_token)){
-                return Redirect::to("login")->with("invalid-credentials", true);
+                if (Keycloak::isUpdatePasswordRequired($username)) {
+                    return Redirect::to("login")->with("update-password-required", true);
+                } else {
+                    return Redirect::to("login")->with("invalid-credentials", true);
+                }
             }
 
             $accessToken = $response->access_token;

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/1a395671/app/libraries/Keycloak/Keycloak.php
----------------------------------------------------------------------
diff --git a/app/libraries/Keycloak/Keycloak.php b/app/libraries/Keycloak/Keycloak.php
index d6846a7..dfa8f0c 100644
--- a/app/libraries/Keycloak/Keycloak.php
+++ b/app/libraries/Keycloak/Keycloak.php
@@ -381,6 +381,22 @@ class Keycloak {
         }
     }
 
+    // TODO: move this to IamAdminServices
+    public function isUpdatePasswordRequired($username) {
+
+        try{
+            $users = $this->users->getUsers($this->realm, $username);
+            if ($users != null && count($users) == 1) {
+                return in_array("UPDATE_PASSWORD", $users[0]->requiredActions);
+            } else {
+                return false;
+            }
+        }catch (Exception $ex){
+            // Username does not exists
+            return false;
+        }
+    }
+
     public function getAdminAuthzToken() {
 
         $access_token = KeycloakUtil::getAPIAccessToken($this->base_endpoint_url, $this->realm,
$this->admin_username, $this->admin_password, $this->verify_peer);

http://git-wip-us.apache.org/repos/asf/airavata-php-gateway/blob/1a395671/app/views/account/login.blade.php
----------------------------------------------------------------------
diff --git a/app/views/account/login.blade.php b/app/views/account/login.blade.php
index 7ef30cc..bfbb152 100755
--- a/app/views/account/login.blade.php
+++ b/app/views/account/login.blade.php
@@ -20,9 +20,11 @@
         @if( Session::has("invalid-credentials") )
         {{ CommonUtilities::print_error_message('Invalid username or password. Please try
again.') }}
         @endif
-        <?php
-        Session::forget("invalid-credentials");
-        ?>
+        @if( Session::has("update-password-required") )
+        <div class="alert alert-danger">
+            Your password has expired. Please <a href="{{URL::to('/') }}/forgot-password">reset
your password</a>.
+        </div>
+        @endif
 
         <div class="form-group">
             <label class="sr-only" for="username">Username</label>


Mime
View raw message