handle OAuth access token retrieval

2025-04-21 18:44:00 +02:00 · 2015-05-14 12:22:23 -07:00 · 2015-05-14 12:22:23 -07:00 · 4de006f9b9
commit 4de006f9b9
parent fabe19a92c
5 changed files with 88 additions and 41 deletions
--- a/domain-server/resources/web/js/settings.js
+++ b/domain-server/resources/web/js/settings.js
@ -129,23 +129,26 @@ $(document).ready(function(){

    resizeFn();
    $(window).resize(resizeFn);
-  })
+  });
+
+  // check if we have a new access token to post to the domain-server
+  checkForNewAccessToken();

  $('#settings-form').on('click', '.' + Settings.ADD_ROW_BUTTON_CLASS, function(){
    addTableRow(this);
-  })
+  });

  $('#settings-form').on('click', '.' + Settings.DEL_ROW_BUTTON_CLASS, function(){
    deleteTableRow(this);
-  })
+  });

  $('#settings-form').on('click', '.' + Settings.MOVE_UP_BUTTON_CLASS, function(){
    moveTableRow(this, true);
-  })
+  });

  $('#settings-form').on('click', '.' + Settings.MOVE_DOWN_BUTTON_CLASS, function(){
    moveTableRow(this, false);
-  })
+  });

  $('#settings-form').on('keypress', 'table input', function(e){
    if (e.keyCode == 13) {
@ -211,6 +214,40 @@ $(document).ready(function(){
  reloadSettings();
 });

+function urlFragment() {
+  var fragmentString = location.hash.substr(1);
+  var fragment = {};
+  var fragmentItemStrings = fragmentString.split('&');
+  for (var i in fragmentItemStrings) {
+    var fragmentItem = fragmentItemStrings[i].split('=');
+    if (fragmentItem.length !== 2) {
+      continue;
+    }
+    fragment[fragmentItem[0]] = fragmentItem[1];
+  }
+
+  return fragment;
+}
+
+function postSettings(jsonSettings) {
+  // POST the form JSON to the domain-server settings.json endpoint so the settings are saved
+  $.ajax('/settings.json', {
+    data: JSON.stringify(jsonSettings),
+    contentType: 'application/json',
+    type: 'POST'
+  }).done(function(data){
+    if (data.status == "success") {
+      showRestartModal();
+    } else {
+      showErrorMessage("Error", SETTINGS_ERROR_MESSAGE)
+      reloadSettings();
+    }
+  }).fail(function(){
+    showErrorMessage("Error", SETTINGS_ERROR_MESSAGE)
+    reloadSettings();
+  });
+}
+
 function setupHFAccountButton() {
  // figure out how we should handle the HF connect button
  var accessToken = Settings.data.values.metaverse.access_token;
@ -241,7 +278,7 @@ function setupHFAccountButton() {
    // will need to generate an access token the old fashioned way
    buttonSetting.href = "https://metaverse.highfidelity.com/oauth/authorize?" +
      "client_id=38e572ed35bc4d34c41fbf1fb4d00071bb7328b3d0ba06d1fba64aa3f44e71e4" +
-      "&redirect_uri=http%3A%2F%2Flocalhost%3A40100%2Foauth&response_type=token&scope=domains"
+      "&redirect_uri=http%3A%2F%2Flocalhost%3A40100%2Fsettings%2F&response_type=token&scope=domains"
  }

  // use the existing getFormGroup helper to ask for a button
@ -256,6 +293,31 @@ function setupHFAccountButton() {
  $('#metaverse .panel-body').prepend(buttonGroup);
 }

+function postNewAccessToken(access_token) {
+  var newAccessToken = {
+      "metaverse": {
+        "access_token": access_token
+      }
+    };
+
+    postSettings(newAccessToken);
+}
+
+function checkForNewAccessToken() {
+  // check the fragment for an access token
+  var fragment = urlFragment();
+  var access_token = fragment['access_token'];
+
+  if (typeof access_token !== 'undefined') {
+    // clear the fragment before we refresh
+    window.location.hash = "";
+
+    // we have an access token - send that up to the domain-server
+    postNewAccessToken(access_token);
+  }
+}
+
+
 function disonnectHighFidelityAccount() {
  // the user clicked on the disconnect account btn - give them a sweet alert to make sure this is what they want to do
  swal({
@ -268,32 +330,10 @@ function disonnectHighFidelityAccount() {
    closeOnConfirm: false
  }, function(){
    // we need to post to settings to clear the access-token
-    // setup that object
-
-    var clearAccessToken = {
-      "metaverse": {
-        "access_token": ""
-      }
-    };
+    postNewAccessToken("");

+    // close the sweet-alert
    swal.close();
-
-    // POST the form JSON to the domain-server settings.json endpoint so the settings are saved
-    $.ajax('/settings.json', {
-      data: JSON.stringify(clearAccessToken),
-      contentType: 'application/json',
-      type: 'POST'
-    }).done(function(data){
-      if (data.status == "success") {
-        showRestartModal();
-      } else {
-        showErrorMessage("Error", SETTINGS_ERROR_MESSAGE)
-        reloadSettings();
-      }
-    }).fail(function(){
-      showErrorMessage("Error", SETTINGS_ERROR_MESSAGE)
-      reloadSettings();
-    });
  });
 }

--- a/domain-server/src/DomainServer.cpp
+++ b/domain-server/src/DomainServer.cpp
@ -279,13 +279,15 @@ void DomainServer::setupNodeListAndAssignments(const QUuid& sessionUUID) {
 }

 bool DomainServer::didSetupAccountManagerWithAccessToken() {
-    AccountManager& accountManager = AccountManager::getInstance();
-
-    if (accountManager.hasValidAccessToken()) {
+    if (AccountManager::getInstance().hasValidAccessToken()) {
        // we already gave the account manager a valid access token
        return true;
    }

+    return resetAccountManagerAccessToken();
+}
+
+bool DomainServer::resetAccountManagerAccessToken() {
    if (!_oauthProviderURL.isEmpty()) {
        // check for an access-token in our settings, can optionally be overidden by env value
        const QString ACCESS_TOKEN_KEY_PATH = "metaverse.access_token";
@ -310,7 +312,7 @@ bool DomainServer::didSetupAccountManagerWithAccessToken() {
        }

        // give this access token to the AccountManager
-        accountManager.setAccessTokenForCurrentAuthURL(accessToken);
+        AccountManager::getInstance().setAccessTokenForCurrentAuthURL(accessToken);

        return true;

@ -1509,12 +1511,15 @@ QString pathForAssignmentScript(const QUuid& assignmentUUID) {
    return newPath;
 }

+const QString URI_OAUTH = "/oauth";
+
 bool DomainServer::handleHTTPRequest(HTTPConnection* connection, const QUrl& url, bool skipSubHandler) {
    const QString JSON_MIME_TYPE = "application/json";

    const QString URI_ASSIGNMENT = "/assignment";
    const QString URI_ASSIGNMENT_SCRIPTS = URI_ASSIGNMENT + "/scripts";
    const QString URI_NODES = "/nodes";
+    const QString URI_SETTINGS = "/settings";

    const QString UUID_REGEX_STRING = "[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}";

@ -1792,7 +1797,6 @@ bool DomainServer::handleHTTPRequest(HTTPConnection* connection, const QUrl& url
 const QString HIFI_SESSION_COOKIE_KEY = "DS_WEB_SESSION_UUID";

 bool DomainServer::handleHTTPSRequest(HTTPSConnection* connection, const QUrl &url, bool skipSubHandler) {
-    const QString URI_OAUTH = "/oauth";
    qDebug() << "HTTPS request received at" << url.toString();
    if (url.path() == URI_OAUTH) {

--- a/domain-server/src/DomainServer.h
+++ b/domain-server/src/DomainServer.h
@ -72,9 +72,11 @@ private:
    void setupNodeListAndAssignments(const QUuid& sessionUUID = QUuid::createUuid());
    bool optionallySetupOAuth();
    bool optionallyReadX509KeyAndCertificate();
-    bool didSetupAccountManagerWithAccessToken();
    bool optionallySetupAssignmentPayment();

+    bool didSetupAccountManagerWithAccessToken();
+    bool resetAccountManagerAccessToken();
+
    void setupAutomaticNetworking();
    void sendHeartbeatToDataServer(const QString& networkAddress);
    void processICEPingReply(const QByteArray& packet, const HifiSockAddr& senderSockAddr);
--- a/domain-server/src/DomainServerSettingsManager.cpp
+++ b/domain-server/src/DomainServerSettingsManager.cpp
@ -101,10 +101,8 @@ QVariant DomainServerSettingsManager::valueOrDefaultValueForKeyPath(const QStrin
    return QVariant();
 }

-const QString SETTINGS_PATH = "/settings.json";
-
 bool DomainServerSettingsManager::handlePublicHTTPRequest(HTTPConnection* connection, const QUrl &url) {
-    if (connection->requestOperation() == QNetworkAccessManager::GetOperation && url.path() == SETTINGS_PATH) {
+    if (connection->requestOperation() == QNetworkAccessManager::GetOperation && url.path() == SETTINGS_PATH_JSON) {
        // this is a GET operation for our settings

        // check if there is a query parameter for settings affecting a particular type of assignment
@ -127,7 +125,7 @@ bool DomainServerSettingsManager::handlePublicHTTPRequest(HTTPConnection* connec
 }

 bool DomainServerSettingsManager::handleAuthenticatedHTTPRequest(HTTPConnection *connection, const QUrl &url) {
-    if (connection->requestOperation() == QNetworkAccessManager::PostOperation && url.path() == SETTINGS_PATH) {
+    if (connection->requestOperation() == QNetworkAccessManager::PostOperation && url.path() == SETTINGS_PATH_JSON) {
        // this is a POST operation to change one or more settings
        QJsonDocument postedDocument = QJsonDocument::fromJson(connection->requestContent());
        QJsonObject postedObject = postedDocument.object();
@ -149,7 +147,7 @@ bool DomainServerSettingsManager::handleAuthenticatedHTTPRequest(HTTPConnection
        QTimer::singleShot(DOMAIN_SERVER_RESTART_TIMER_MSECS, qApp, SLOT(restart()));

        return true;
-    } else if (connection->requestOperation() == QNetworkAccessManager::GetOperation && url.path() == SETTINGS_PATH) {
+    } else if (connection->requestOperation() == QNetworkAccessManager::GetOperation && url.path() == SETTINGS_PATH_JSON) {
        // setup a JSON Object with descriptions and non-omitted settings
        const QString SETTINGS_RESPONSE_DESCRIPTION_KEY = "descriptions";
        const QString SETTINGS_RESPONSE_VALUE_KEY = "values";
--- a/domain-server/src/DomainServerSettingsManager.h
+++ b/domain-server/src/DomainServerSettingsManager.h
@ -20,6 +20,9 @@

 const QString SETTINGS_PATHS_KEY = "paths";

+const QString SETTINGS_PATH = "/settings";
+const QString SETTINGS_PATH_JSON = SETTINGS_PATH + ".json";
+
 class DomainServerSettingsManager : public QObject {
    Q_OBJECT
 public: