TSK-624 logout bug

2018-08-29 17:33:25 +02:00 · 2018-08-29 17:33:25 +02:00 · 033797acf0
parent f29926bfa3
commit 033797acf0
10 changed files with 69 additions and 31 deletions
--- a/rest/taskana-rest-spring-example/pom.xml
+++ b/rest/taskana-rest-spring-example/pom.xml
@ -116,6 +116,10 @@
 			<artifactId>spring-restdocs-mockmvc</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-thymeleaf</artifactId>
+		</dependency>
 	</dependencies>
 	<build>
 		<plugins>
--- a/rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/controllers/LoginController.java
+++ b/rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/controllers/LoginController.java
@ -0,0 +1,24 @@
+package pro.taskana.rest.controllers;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.springframework.core.Ordered;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+
+@Controller
+public class LoginController implements WebMvcConfigurer {
+
+    @Override
+    public void addViewControllers(ViewControllerRegistry registry) {
+        registry.addViewController("/login").setViewName("login");
+        registry.setOrder(Ordered.HIGHEST_PRECEDENCE);
+    }
+
+
+
+}
--- a/rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/controllers/ViewController.java
+++ b/rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/controllers/ViewController.java
@ -5,8 +5,9 @@ import org.springframework.web.bind.annotation.RequestMapping;

@Controller
 public class ViewController {
-  @RequestMapping({ "/administration*/**", "/workplace*/**", "/monitor*/**" , "/no-role*/**"})
-  public String index() {
-    return "forward:/index.html";
-  }
+
+    @RequestMapping({"/administration*/**", "/workplace*/**", "/monitor*/**", "/no-role*/**"})
+    public String index() {
+        return "forward:/index.html";
+    }
 }
--- a/rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/security/WebSecurityConfig.java
+++ b/rest/taskana-rest-spring-example/src/main/java/pro/taskana/rest/security/WebSecurityConfig.java
@ -12,16 +12,14 @@ import org.springframework.security.authentication.jaas.JaasAuthenticationProvid
 import org.springframework.security.authentication.jaas.JaasNameCallbackHandler;
 import org.springframework.security.authentication.jaas.JaasPasswordCallbackHandler;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
-import org.springframework.security.config.annotation.web.builders.WebSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.web.jaasapi.JaasApiIntegrationFilter;
+import org.springframework.security.web.util.matcher.AntPathRequestMatcher;
 import org.springframework.web.cors.CorsConfiguration;
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 import org.springframework.web.filter.CorsFilter;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;

@ -39,40 +37,29 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    protected void configure(HttpSecurity http) throws Exception {

        http.csrf().disable()
+            .httpBasic()
+            .and()
            .authenticationProvider(jaasAuthProvider())
            .authorizeRequests()
-            .antMatchers(HttpMethod.GET, "/docs/**")
-            .permitAll()
-            .antMatchers(HttpMethod.GET, "/**")
-            .authenticated()
-            .and()
-            .httpBasic()
+            .antMatchers(HttpMethod.GET, "/docs/**").permitAll()
            .and()
            .addFilter(new JaasApiIntegrationFilter());

        if (devMode) {
            http.headers().frameOptions().sameOrigin()
                .and().authorizeRequests().antMatchers("/h2-console/**").permitAll();
-            return;
+        } else {
+            AddLoginPageConfiguration(http);
        }

-        http
-                .authorizeRequests()
-                .anyRequest().authenticated()
-                .and()
-                .formLogin()
-                .permitAll()
-                .and()
-                .logout()
-                .permitAll();
    }

    @Bean
    public JaasAuthenticationProvider jaasAuthProvider() {
        JaasAuthenticationProvider authenticationProvider = new JaasAuthenticationProvider();
-        authenticationProvider.setAuthorityGranters(new AuthorityGranter[]{new SampleRoleGranter()});
-        authenticationProvider.setCallbackHandlers(new JaasAuthenticationCallbackHandler[]{
-                new JaasNameCallbackHandler(), new JaasPasswordCallbackHandler()});
+        authenticationProvider.setAuthorityGranters(new AuthorityGranter[] {new SampleRoleGranter()});
+        authenticationProvider.setCallbackHandlers(new JaasAuthenticationCallbackHandler[] {
+            new JaasNameCallbackHandler(), new JaasPasswordCallbackHandler()});
        authenticationProvider.setLoginContextName("taskana");
        authenticationProvider.setLoginConfig(new ClassPathResource("pss_jaas.config"));
        return authenticationProvider;
@ -103,4 +90,17 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
        bean.setOrder(0);
        return bean;
    }
+
+    private void AddLoginPageConfiguration(HttpSecurity http) throws Exception {
+        http
+            .authorizeRequests()
+            .anyRequest().fullyAuthenticated()
+            .and()
+            .formLogin().loginPage("/login").failureUrl("/login?error")
+            .permitAll()
+            .and()
+            .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
+            .logoutSuccessUrl("/login").deleteCookies("JSESSIONID")
+            .invalidateHttpSession(true);
+    }
 }
--- a/rest/taskana-rest-spring-example/src/main/resources/templates/customlogin.html
+++ b/rest/taskana-rest-spring-example/src/main/resources/templates/customlogin.html
--- a/web/src/app/components/nav-bar/nav-bar.component.html
+++ b/web/src/app/components/nav-bar/nav-bar.component.html
@ -36,7 +36,7 @@
      <ul class="nav">
        <svg-icon class="logo white visible-xs" src="./assets/icons/logo.svg"></svg-icon>
        <h2 class="navbar-brand no-margin logo visible-xs"> {{title}}</h2>
-        <button type="button" class="btn btn-default logout navbar-toggle logout show pull-right" data-toggle="tooltip" title="Logout" (click)="logout()" aria-expanded="true"
+        <button type="button" class="btn btn-default logout navbar-toggle show pull-right" data-toggle="tooltip" title="Logout" (click)="logout()" aria-expanded="true"
          aria-controls="logout">
          <span class="glyphicon glyphicon-share white"></span>
        </button>
--- a/web/src/app/components/nav-bar/nav-bar.component.scss
+++ b/web/src/app/components/nav-bar/nav-bar.component.scss
@ -15,7 +15,6 @@ $unselected-text: #9d9d9d;
    font-size: 20px;
    &.logout{
        font-size: 20px;
-        padding: 12px 12px 0 0;
    }
    
 }
--- a/web/src/app/components/nav-bar/nav-bar.component.ts
+++ b/web/src/app/components/nav-bar/nav-bar.component.ts
@ -81,6 +81,8 @@ export class NavBarComponent implements OnInit, OnDestroy {


  logout() {
+    this.taskanaEngineService.logout().subscribe(() => {
+    })
    this.window.nativeWindow.location.href = environment.taskanaRestUrl + '/logout';
  }

--- a/web/src/app/services/startup-service/startup.service.ts
+++ b/web/src/app/services/startup-service/startup.service.ts
@ -7,6 +7,7 @@ import { TitlesService } from 'app/services/titles/titles.service';
 import { CustomFieldsService } from 'app/services/custom-fields/custom-fields.service';
 import { TaskanaEngineService } from 'app/services/taskana-engine/taskana-engine.service';
 import { map } from 'rxjs/operators';
+import { WindowRefService } from 'app/services/window/window.service';

@Injectable()
 export class StartupService {
@ -17,7 +18,8 @@ export class StartupService {
        private titlesService: TitlesService,
        private customFieldsService: CustomFieldsService,
        private taskanaEngineService: TaskanaEngineService,
-        private injector: Injector) { }
+        private injector: Injector,
+        private window: WindowRefService) { }

    load(): Promise<any> {
        return this.loadEnvironment();
@ -29,7 +31,7 @@ export class StartupService {
        ).then(
            () => this.taskanaEngineService.getUserInformation()
        ).catch(error => {
-            this.router.navigate(['no-role']);
+            this.window.nativeWindow.location.href = environment.taskanaRestUrl + '/login';
        });
    }

--- a/web/src/app/services/taskana-engine/taskana-engine.service.ts
+++ b/web/src/app/services/taskana-engine/taskana-engine.service.ts
@ -35,7 +35,13 @@ export class TaskanaEngineService {
  }

  getVersion(): Observable<VersionModel> {
-      return this.httpClient.get<VersionModel>(`${environment.taskanaRestUrl}/v1/version`);
+    return this.httpClient.get<VersionModel>(`${environment.taskanaRestUrl}/v1/version`);
+  }
+
+  logout(): Observable<string> {
+    return this.httpClient
+      .post<string>(`${environment.taskanaRestUrl}/logout`, '');
+
  }

  private findRole(roles2Find: Array<string>) {