Redmine:16027 ([NetKit] Enhancement of authenticationPage and authenticationErrorPage)

Author: yannicktrinh

Project/Sources/Classes/OAuth2Authorization.4dm

@@ -19,7 +19,7 @@ Function getResponse($request : 4D.IncomingMessage) : 4D.OutgoingMessage
 
             // If the response contains a redirect URL, we send a 302 Temporary Redirect
             If ((Value type($response.redirectURL)=Is text) && (Length($response.redirectURL)>0))
-                $outgoingResponse.setStatus(302)  // Temporary redirect
+                $outgoingResponse.setStatus($response.status)
                 $outgoingResponse.setHeader("Location"; String($response.redirectURL))
             Else 
                 $outgoingResponse.setStatus($response.status)

Project/Sources/Classes/OAuth2Provider.4dm

@@ -9,8 +9,8 @@ property clientSecret : Text  // The application secret that you created in the
 property token : Object  // Any valid existing token
 property tokenExpiration : Text
 property timeout : Integer
-property authenticationPage : 4D.File
-property authenticationErrorPage : 4D.File
+property authenticationPage : Variant
+property authenticationErrorPage : Variant
 property accessType : Text
 property loginHint : Text
 property prompt : Text
@@ -125,15 +125,21 @@ Class constructor($inParams : Object)
 	is received correctly in signed in mode
 	If not present the default page is used
 */
-		This.authenticationPage:=cs.Tools.me.retainFileObject($inParams.authenticationPage)
-		
+		If (cs.Tools.me.isValidURL(String($inParams.authenticationPage)))
+			This.authenticationPage:=String($inParams.authenticationPage)
+		Else 
+			This.authenticationPage:=cs.Tools.me.retainFileObject($inParams.authenticationPage)
+		End if 
 /*
 	Path of the web page to display in the webbrowser when the authentication server
 	returns an error in signed in mode
 	If not present the default page is used
 */
-		This.authenticationErrorPage:=cs.Tools.me.retainFileObject($inParams.authenticationErrorPage)
-		
+		If (cs.Tools.me.isValidURL(String($inParams.authenticationErrorPage)))
+			This.authenticationErrorPage:=String($inParams.authenticationErrorPage)
+		Else 
+			This.authenticationErrorPage:=cs.Tools.me.retainFileObject($inParams.authenticationErrorPage)
+		End if 
 /*
 	Indicates whether your application can refresh access tokens when the user is not
 	present at the browser. Valid parameter values are online, which is the default
@@ -489,7 +495,7 @@ Function _getToken_SignedIn($bUseRefreshToken : Boolean) : Object
 			$options.port:=cs.Tools.me.getPortFromURL(This.redirectURI)
 			$options.enableDebugLog:=This.enableDebugLog
 			$options.useTLS:=(Position("https"; This.redirectURI)=1)
-			If ((This.authenticationPage#Null) || (This.authenticationErrorPage#Null))
+			If ((Value type(This.authenticationPage)=Is object) || (Value type(This.authenticationErrorPage)=Is object))
 				var $file : Object:=(This.authenticationPage#Null) ? This.authenticationPage : This.authenticationErrorPage
 				If (OB Instance of($file; 4D.File))
 					$options.webFolder:=$file.parent

Project/Sources/Classes/Tools.4dm

@@ -358,6 +358,16 @@ Function isValidEmail($inEmail : Text) : Boolean
 	// ----------------------------------------------------
 
 
+Function isValidURL($inURL : Text) : Boolean
+	
+	var $URL : cs.URL:=cs.URL.new($inURL)
+	
+	return (((Length($URL.scheme)>0) && ($URL.scheme="http@")) && (Length($URL.host)>0))
+	
+	
+	// ----------------------------------------------------
+	
+	
 Function quoteString($inString : Text) : Text
 
 	var $result : Text:=$inString

Project/Sources/Methods/_authorize.4dm

@@ -3,21 +3,23 @@
 
 var $redirectURI : Text
 var $URL : Text:=$inOptions.redirectURI
-var $customResponseFile; $customErrorFile : 4D.File
+var $authenticationPage; $authenticationErrorPage : Variant
 var $state : Text:=String($inOptions.state)
-var $responseFile : 4D.File:=Folder(fk resources folder).file("responseTemplate.html")
 
 If (OB Is defined(Storage.requests; $state))
     $redirectURI:=String(Storage.requests[$state].redirectURI)
     If (Length($redirectURI)>0)
         $redirectURI:=cs.Tools.me.getPathFromURL($redirectURI)+"@"
     End if 
-    $customResponseFile:=(Value type(Storage.requests[$state].authenticationPage)#Is undefined) ? Storage.requests[$state].authenticationPage : Null
-    $customErrorFile:=(Value type(Storage.requests[$state].authenticationErrorPage)#Is undefined) ? Storage.requests[$state].authenticationErrorPage : Null
+    $authenticationPage:=(Value type(Storage.requests[$state].authenticationPage)#Is undefined) ? Storage.requests[$state].authenticationPage : Null
+    $authenticationErrorPage:=(Value type(Storage.requests[$state].authenticationErrorPage)#Is undefined) ? Storage.requests[$state].authenticationErrorPage : Null
 End if 
 
 If ($URL=$redirectURI)
 
+    var $responseFile : 4D.File:=Null
+    var $responseRedirectURI : Text:=""
+    var $customPageObject : Object:=Null
     var $pageTitle; $pageMessage; $pageDetails : Text
 
     If (OB Is defined(Storage.requests; $state))
@@ -45,24 +47,57 @@ If ($URL=$redirectURI)
         End if 
         $pageDetails:=Localized string("OAuth2_Response_Details")
 
-        $responseFile:=($customErrorFile#Null) ? $customErrorFile : $responseFile
+        If (Value type($authenticationErrorPage)=Is text)
+            $responseRedirectURI:=String($authenticationErrorPage)
+        Else 
+            $customPageObject:=($authenticationErrorPage#Null) ? $authenticationErrorPage : Folder(fk resources folder).file("responseTemplate.html")
+            If (OB Instance of($customPageObject; 4D.File))
+                $responseFile:=$customPageObject
+            End if 
+        End if 
     Else 
 
         $pageTitle:=Localized string("OAuth2_Response_Title")
         $pageMessage:=Localized string("OAuth2_Response_Message")
         $pageDetails:=Localized string("OAuth2_Response_Details")
 
-        $responseFile:=($customResponseFile#Null) ? $customResponseFile : $responseFile
+        If (Value type($authenticationPage)=Is text)
+            $responseRedirectURI:=String($authenticationPage)
+        Else 
+            $customPageObject:=($authenticationPage#Null) ? $authenticationPage : Folder(fk resources folder).file("responseTemplate.html")
+            If (OB Instance of($customPageObject; 4D.File))
+                $responseFile:=$customPageObject
+            End if 
+        End if 
     End if 
 
-    var $responseFileContent : Text:=$responseFile.getText()
-    var $outResponseBody : Text:=""
-    
-    PROCESS 4D TAGS($responseFileContent; $outResponseBody; $pageTitle; $pageMessage; $pageDetails)
-    
-    $outResponse.status:=200
-    $outResponse.body:=$outResponseBody
-    $outResponse.contentType:="text/html; charset=UTF-8"
+    // If $responseFile is a 4D.File, we process it as a template
+    Case of 
+        : ((Value type($responseRedirectURI)=Is text) && Length($responseRedirectURI)>0)
+            // If we have a redirect URI, we just send a redirect to that URI
+            $outResponse.status:=302  // Temporary redirect
+            $outResponse.redirectURL:=String($responseRedirectURI)
+            
+        : (OB Instance of($responseFile; 4D.File))
+            If ($responseFile=Null)
+                $responseFile:=Folder(fk resources folder).file("responseTemplate.html")
+            End if 
+            
+            var $responseFileContent : Text:=$responseFile.getText()
+            var $outResponseBody : Text:=""
+            
+            PROCESS 4D TAGS($responseFileContent; $outResponseBody; $pageTitle; $pageMessage; $pageDetails)
+            
+            $outResponse.status:=200
+            $outResponse.body:=$outResponseBody
+            $outResponse.contentType:="text/html; charset=UTF-8"
+        Else 
+            
+            // If we don't have a redirect URI or a response file, we just send a 500 Internal Server Error response
+            $outResponse.status:=500
+            $outResponse.body:=cs.Tools.me.buildPageFromTemplate($pageTitle; "500 Internal Server Error"; $pageMessage)
+            $outResponse.contentType:="text/html; charset=UTF-8"
+    End case 
 
     return True