Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Display authorization details in authentication web application #7117

Merged
merged 12 commits into from
Jan 24, 2025
Merged

Display authorization details in authentication web application #7117

Show file tree
Hide file tree
Changes from 3 commits
Commits
Show all changes
12 commits
Select commit Hold shift + click to select a range
3eca2d1
Add support for rich authorization requests
VimukthiRajapaksha Nov 13, 2024
2c6fa52
Merge remote-tracking branch 'origin/master' into master_rar
VimukthiRajapaksha Nov 13, 2024
230e379
Add rich authorization requests i18n
VimukthiRajapaksha Nov 13, 2024
85f8d79
Merge remote-tracking branch 'origin/master' into master_rar
VimukthiRajapaksha Jan 9, 2025
905db18
Merge remote-tracking branch 'origin/master' into master_rar
VimukthiRajapaksha Jan 22, 2025
5e0ea07
Bump framework and oauth versions to latest
VimukthiRajapaksha Jan 24, 2025
1c92eed
Merge remote-tracking branch 'origin/master' into master_rar
VimukthiRajapaksha Jan 24, 2025
aadc5e4
Update year of the license headers
VimukthiRajapaksha Jan 24, 2025
a54ea18
Add RAR language properties
VimukthiRajapaksha Jan 24, 2025
0cd18da
Use i18n method from localize.jsp
VimukthiRajapaksha Jan 24, 2025
8bb552a
Add changeset
VimukthiRajapaksha Jan 24, 2025
ef66c33
Catch JSONException and ignore the error for invalid JSON payloads
VimukthiRajapaksha Jan 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions ...es/org/wso2/carbon/identity/application/authentication/endpoint/i18n/Resources.properties
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -192,6 +192,7 @@ under.construction=This page is under construction
by.selecting.following.attributes=By selecting the following attributes you agree to share them with
select.all=Select All
requested.scopes=Obtain permission for
requested.authorization-details=Gain consent for
VimukthiRajapaksha marked this conversation as resolved.
Show resolved Hide resolved
requested.attributes=Know some of your details
please.select.approve.always=Please select either "Approve Once" or "Approve Always" to provide consent to requested scopes to continue
ok=Ok
Expand Down
56 changes: 55 additions & 1 deletion identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_authz.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<%--
~
~ Copyright (c) 2023, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
~ Copyright (c) 2023-2024, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
~
~ This software is the property of WSO2 LLC. and its suppliers, if any.
~ Dissemination of any information or reproduction of any material contained
Expand All @@ -10,6 +10,7 @@
--%>

<%@ page import="org.apache.commons.collections.CollectionUtils" %>
<%@ page import="org.apache.commons.collections.MapUtils" %>
<%@ page import="org.apache.commons.lang.StringUtils" %>
<%@ page import="org.owasp.encoder.Encode" %>
<%@ page import="org.wso2.carbon.identity.application.authentication.endpoint.util.Constants" %>
Expand Down Expand Up @@ -62,6 +63,20 @@
}

boolean displayScopes = Boolean.parseBoolean(getServletContext().getInitParameter("displayScopes"));

final String authorizationDetailsParam = request.getParameter("authorization_details");
final Map<String, String> authorizationDetailsToBeDisplayed = new HashMap<>();
if (StringUtils.isNotBlank(authorizationDetailsParam)) {
final JSONArray authorizationDetails = new JSONArray(authorizationDetailsParam);
pavinduLakshan marked this conversation as resolved.
Show resolved Hide resolved
for (int index = 0; index < authorizationDetails.length(); index++) {
JSONObject authorizationDetail = authorizationDetails.getJSONObject(index);

// Check if consent description is not empty, otherwise use type.
final String description = authorizationDetail.optString("_description", authorizationDetail.getString("type"));
final String authorizationDetailId = "authorization_detail_id_" + authorizationDetail.getString("_id");
authorizationDetailsToBeDisplayed.put(authorizationDetailId, description);
}
}
%>

<%-- Data for the layout from the page --%>
Expand Down Expand Up @@ -233,6 +248,45 @@
}
%>

<%
if (MapUtils.isNotEmpty(authorizationDetailsToBeDisplayed)) {
%>
<div style="text-align: left;">
<div class="claim-list ui list">
<div class="item mt-2">
<i aria-hidden="true" class="circle tiny icon primary consent-item-bullet" id="Authorization Details Types"></i>
<div class="content mt-2">
<div class="header light-font">
<%=AuthenticationEndpointUtil.i18n(resourceBundle, "requested.authorization-details")%>
VimukthiRajapaksha marked this conversation as resolved.
Show resolved Hide resolved
</div>
</div>
<div class="content light-font">
<div class="border-gray margin-bottom-double">
<div class="claim-list">
<%
for (Map.Entry<String, String> authorizationDetailEntry : authorizationDetailsToBeDisplayed.entrySet()) {
%>
<div class="mt-1 pl-2">
<div class="ui checkbox" style="display: flex">
<input type="checkbox" class="hidden" name="<%=authorizationDetailEntry.getKey()%>" id="<%=authorizationDetailEntry.getKey()%>" />
<label id="<%=authorizationDetailEntry.getKey()%>" for="<%=authorizationDetailEntry.getKey()%>">
<%=Encode.forHtml(authorizationDetailEntry.getValue())%>
</label>
</div>
</div>
<%
}
%>
</div>
</div>
</div>
</div>
</div>
</div>
<%
}
%>

<div class="ui divider hidden"></div>

<div class="field mt-4 text-center login-portal-app-des-font">
Expand Down
55 changes: 53 additions & 2 deletions identity-apps-core/apps/authentication-portal/src/main/webapp/oauth2_consent.jsp
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
<%--
~
~ Copyright (c) 2021, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
~ Copyright (c) 2021-2024, WSO2 LLC. (https://www.wso2.com). All Rights Reserved.
~
~ This software is the property of WSO2 LLC. and its suppliers, if any.
~ Dissemination of any information or reproduction of any material contained
Expand All @@ -10,6 +10,7 @@
--%>

<%@ page import="org.apache.commons.collections.CollectionUtils" %>
<%@ page import="org.apache.commons.collections.MapUtils" %>
<%@ page import="org.apache.commons.lang.ArrayUtils" %>
<%@ page import="org.apache.commons.lang.StringUtils" %>
<%@ page import="org.owasp.encoder.Encode" %>
Expand Down Expand Up @@ -169,6 +170,20 @@
scopesSize = openIdScopes.size();
}
int claimSize = requestedClaimList.length + mandatoryClaimList.length;

final String authorizationDetailsParam = request.getParameter("authorization_details");
pavinduLakshan marked this conversation as resolved.
Show resolved Hide resolved
final Map<String, String> authorizationDetailsToBeDisplayed = new HashMap<>();
if (StringUtils.isNotBlank(authorizationDetailsParam)) {
org.json.JSONArray authorizationDetails = new JSONArray(authorizationDetailsParam);
for (int index = 0; index < authorizationDetails.length(); index++) {
JSONObject authorizationDetail = authorizationDetails.getJSONObject(index);

// Check if consent description is not empty, otherwise use type.
final String description = authorizationDetail.optString("_description", authorizationDetail.getString("type"));
final String authorizationDetailId = "authorization_detail_id_" + authorizationDetail.getString("_id");
authorizationDetailsToBeDisplayed.put(authorizationDetailId, description);
}
}
%>

<!doctype html>
Expand Down Expand Up @@ -204,7 +219,7 @@
<% } %>
<%
if (!(ArrayUtils.isNotEmpty(mandatoryClaimList) || ArrayUtils.isNotEmpty(requestedClaimList) || CollectionUtils.isNotEmpty(openIdScopes)
|| CollectionUtils.isNotEmpty(scopesWithMetadata))){
|| CollectionUtils.isNotEmpty(scopesWithMetadata) || MapUtils.isNotEmpty(authorizationDetailsToBeDisplayed))) {
%>
<form action="<%=oauth2AuthorizeURL%>" method="post" id="profile2" name="oauth2_authz">
<input type="hidden" name="<%=Constants.SESSION_DATA_KEY_CONSENT%>"
Expand Down Expand Up @@ -392,6 +407,42 @@
}
}
%>

<%
if (MapUtils.isNotEmpty(authorizationDetailsToBeDisplayed)) {
%>
<div class="item">
<i aria-hidden="true" class="circle tiny icon primary consent-item-bullet" id="Grant access"></i>
<div class="content mt-2 pl-1 consentItem">
<div class="header light-font">
<%=AuthenticationEndpointUtil.i18n(resourceBundle, "requested.authorization-details")%>
</div>
</div>
<div class="content light-font">
<div class="border-gray margin-bottom-double">
<div class="claim-list">
<%
for (Map.Entry<String, String> authorizationDetailEntry : authorizationDetailsToBeDisplayed.entrySet()) {
%>
<div class="mt-1 pl-2">
<div class="ui checkbox" style="display: flex">
<input type="checkbox" class="hidden" name="<%=authorizationDetailEntry.getKey()%>" id="<%=authorizationDetailEntry.getKey()%>" />
<label id="<%=authorizationDetailEntry.getKey()%>" for="<%=authorizationDetailEntry.getKey()%>">
<%=Encode.forHtml(authorizationDetailEntry.getValue())%>
</label>
</div>
</div>
<%
}
%>
</div>
</div>
</div>
</div>
<%
}
%>

</div>
</div>
<div class="ui divider hidden"></div>
Expand Down
Loading