Commit 592e3968 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Rework oauth2 feature

* improve UI
* add authorization
* add separate page for oauth applications
Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent 7fe8d41d
table {
&.table {
tr {
td, th {
padding: 8px 10px;
line-height: 20px;
vertical-align: middle;
}
th {
font-weight: normal;
font-size: 15px;
border-bottom: 1px solid #CCC !important;
}
td {
border-color: #F1F1F1 !important;
border-bottom: 1px solid;
}
}
}
}
...@@ -17,19 +17,6 @@ ...@@ -17,19 +17,6 @@
@include border-radius(0); @include border-radius(0);
tr { tr {
td, th {
padding: 8px 10px;
line-height: 20px;
}
th {
font-weight: normal;
font-size: 15px;
border-bottom: 1px solid #CCC !important;
}
td {
border-color: #F1F1F1 !important;
border-bottom: 1px solid;
}
&:hover { &:hover {
td { td {
background: $hover; background: $hover;
......
...@@ -3,7 +3,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController ...@@ -3,7 +3,7 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
layout "profile" layout "profile"
def index def index
@applications = current_user.oauth_applications head :forbidden and return
end end
def create def create
...@@ -28,4 +28,14 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController ...@@ -28,4 +28,14 @@ class Oauth::ApplicationsController < Doorkeeper::ApplicationsController
redirect_to profile_account_url redirect_to profile_account_url
end end
private
def set_application
@application = current_user.oauth_applications.find(params[:id])
end
rescue_from ActiveRecord::RecordNotFound do |exception|
render "errors/not_found", layout: "errors", status: 404
end
end end
...@@ -55,4 +55,3 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController ...@@ -55,4 +55,3 @@ class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController
@strategy ||= server.authorization_request(pre_auth.response_type) @strategy ||= server.authorization_request(pre_auth.response_type)
end end
end end
...@@ -3,6 +3,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio ...@@ -3,6 +3,6 @@ class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicatio
def destroy def destroy
Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner) Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner)
redirect_to profile_account_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy]) redirect_to applications_profile_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy])
end end
end end
...@@ -3,7 +3,5 @@ class Profiles::AccountsController < ApplicationController ...@@ -3,7 +3,5 @@ class Profiles::AccountsController < ApplicationController
def show def show
@user = current_user @user = current_user
@applications = current_user.oauth_applications
@authorized_applications = Doorkeeper::Application.authorized_for(current_user)
end end
end end
...@@ -13,6 +13,11 @@ class ProfilesController < ApplicationController ...@@ -13,6 +13,11 @@ class ProfilesController < ApplicationController
def design def design
end end
def applications
@applications = current_user.oauth_applications
@authorized_tokens = current_user.oauth_authorized_tokens
end
def update def update
user_params.except!(:email) if @user.ldap_user? user_params.except!(:email) if @user.ldap_user?
......
...@@ -565,4 +565,8 @@ class User < ActiveRecord::Base ...@@ -565,4 +565,8 @@ class User < ActiveRecord::Base
namespaces += masters_groups namespaces += masters_groups
end end
end end
def oauth_authorized_tokens
Doorkeeper::AccessToken.where(resource_owner_id: self.id, revoked_at: nil)
end
end end
...@@ -19,7 +19,6 @@ ...@@ -19,7 +19,6 @@
Use Use
%code= Doorkeeper.configuration.native_redirect_uri %code= Doorkeeper.configuration.native_redirect_uri
for local tests for local tests
.form-group .form-actions
.col-sm-offset-2.col-sm-10 = f.submit 'Submit', class: "btn btn-primary wide"
= f.submit 'Submit', class: "btn btn-primary wide" = link_to "Cancel", applications_profile_path, class: "btn btn-default"
= link_to "Cancel", profile_account_path, :class => "btn btn-default"
\ No newline at end of file
%h3.page-title %h3.page-title
Application: #{@application.name} Application: #{@application.name}
.row
.col-md-8
%h4 Application Id: %table.table
%p %tr
%td
Application Id
%td
%code#application_id= @application.uid %code#application_id= @application.uid
%h4 Secret: %tr
%p %td
Secret:
%td
%code#secret= @application.secret %code#secret= @application.secret
%h4 Callback urls:
%table %tr
%td
Callback url
%td
- @application.redirect_uri.split.each do |uri| - @application.redirect_uri.split.each do |uri|
%tr %div
%td %span.monospace= uri
%code= uri .form-actions
%td = link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary wide pull-left'
= link_to 'Authorize', oauth_authorization_path(client_id: @application.uid, redirect_uri: uri, response_type: 'code'), class: 'btn btn-success', target: '_blank' = render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger prepend-left-10'
.prepend-top-20
%p= link_to 'Edit', edit_oauth_application_path(@application), class: 'btn btn-primary wide pull-left'
%p= render 'delete_form', application: @application, submit_btn_css: 'btn btn-danger prepend-left-10'
\ No newline at end of file
...@@ -3,10 +3,14 @@ ...@@ -3,10 +3,14 @@
= link_to profile_path, title: "Profile" do = link_to profile_path, title: "Profile" do
%i.fa.fa-user %i.fa.fa-user
Profile Profile
= nav_link(controller: [:accounts, :applications]) do = nav_link(controller: [:accounts]) do
= link_to profile_account_path do = link_to profile_account_path do
%i.fa.fa-gear %i.fa.fa-gear
Account Account
= nav_link(path: ['profiles#applications', 'applications#edit', 'applications#show', 'applications#new']) do
= link_to applications_profile_path do
%i.fa.fa-cloud
Applications
= nav_link(controller: :emails) do = nav_link(controller: :emails) do
= link_to profile_emails_path do = link_to profile_emails_path do
%i.fa.fa-envelope-o %i.fa.fa-envelope-o
......
...@@ -75,38 +75,4 @@ ...@@ -75,38 +75,4 @@
The following groups will be abandoned. You should transfer or remove them: The following groups will be abandoned. You should transfer or remove them:
%strong #{current_user.solo_owned_groups.map(&:name).join(', ')} %strong #{current_user.solo_owned_groups.map(&:name).join(', ')}
= link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove" = link_to 'Delete account', user_registration_path, data: { confirm: "REMOVE #{current_user.name}? Are you sure?" }, method: :delete, class: "btn btn-remove"
%h3.page-title
OAuth2
%fieldset.oauth-applications
%legend Your applications
%p= link_to 'New Application', new_oauth_application_path, class: 'btn btn-success'
%table.table.table-striped
%thead
%tr
%th Name
%th Callback URL
%th
%th
%tbody
- @applications.each do |application|
%tr{:id => "application_#{application.id}"}
%td= link_to application.name, oauth_application_path(application)
%td= application.redirect_uri
%td= link_to 'Edit', edit_oauth_application_path(application), class: 'btn btn-link btn-small'
%td= render 'doorkeeper/applications/delete_form', application: application
%fieldset.oauth-authorized-applications
%legend Your authorized applications
%table.table.table-striped
%thead
%tr
%th Name
%th Created At
%th
%tbody
- @authorized_applications.each do |application|
%tr{:id => "application_#{application.id}"}
%td= link_to application.name, oauth_application_path(application)
%td= application.created_at.strftime('%Y-%m-%d %H:%M:%S')
%td= render 'doorkeeper/authorized_applications/delete_form', application: application
%h3.page-title
OAuth2
%fieldset.oauth-applications
%legend Your applications
%p= link_to 'New Application', new_oauth_application_path, class: 'btn btn-success'
- if @applications.any?
%table.table.table-striped
%thead
%tr
%th Name
%th Callback URL
%th Clients
%th
%th
%tbody
- @applications.each do |application|
%tr{:id => "application_#{application.id}"}
%td= link_to application.name, oauth_application_path(application)
%td
- application.redirect_uri.split.each do |uri|
%div= uri
%td= application.access_tokens.count
%td= link_to 'Edit', edit_oauth_application_path(application), class: 'btn btn-link btn-small'
%td= render 'doorkeeper/applications/delete_form', application: application
%fieldset.oauth-authorized-applications.prepend-top-20
%legend Authorized applications
%table.table.table-striped
%thead
%tr
%th Name
%th Authorized At
%th Scope
%th
%tbody
- @authorized_tokens.each do |token|
- application = token.application
%tr{:id => "application_#{application.id}"}
%td= application.name
%td= token.created_at
%td= token.scopes
%td= render 'doorkeeper/authorized_applications/delete_form', application: application
...@@ -118,6 +118,7 @@ Gitlab::Application.routes.draw do ...@@ -118,6 +118,7 @@ Gitlab::Application.routes.draw do
member do member do
get :history get :history
get :design get :design
get :applications
put :reset_private_token put :reset_private_token
put :update_username put :update_username
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment