/**
* Verify.
*
* @param token the token
* @return the result
*/
public static Result verify(final String token) {
Logger.debug("Account verify");
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final TokenAction ta = tokenIsValid(token, Type.EMAIL_VERIFICATION);
if (ta == null) {
return badRequest(no_token_or_invalid.render());
}
final String email = ta.targetUser.email;
// final User verifiedUser = ta.targetUser;
// if(session().containsKey("acctType") && StringUtils.equals("event",
// session().get("acctType"))) {
// verifiedUser.addRoles(SecurityRole.EVENT_ADMIN);
// } else {
// verifiedUser.addRoles(SecurityRole.PFP_ADMIN);
// }
User.verify(ta.targetUser);
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.verify_email.success", email));
if (ControllerUtil.getLocalUser(session()) != null) {
return redirect(routes.Application.index());
} else {
return redirect(routes.Signup.login());
}
}
@SubjectPresent
public Result doMerge() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
// this is the currently logged in user
final AuthUser aUser = PlayAuthenticate.getUser(session());
// this is the user that was selected for a login
final AuthUser bUser = PlayAuthenticate.getMergeUser(session());
if (bUser == null) {
// user to merge with could not be found, silently redirect to login
return redirect(routes.Application.index());
}
final Form<Accept> filledForm = ACCEPT_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
// User did not select whether to merge or not merge
return badRequest((Content) ask_merge.render("Merge Form"));
} else {
// User made a choice :)
final boolean merge = filledForm.get().accept;
if (merge) {
flash(
Application.FLASH_MESSAGE_KEY, Messages.get("playauthenticate.accounts.merge.success"));
}
return PlayAuthenticate.merge(ctx(), merge);
}
}
@Override
public Object authenticate(final Context context, final Object payload) throws AuthException {
final Request request = context.request();
final String uri = request.uri();
if (Logger.isDebugEnabled()) {
Logger.debug("Returned with URL: '" + uri + "'");
}
final Configuration c = getConfiguration();
final ConsumerKey key =
new ConsumerKey(
c.getString(SettingKeys.CONSUMER_KEY), c.getString(SettingKeys.CONSUMER_SECRET));
final String requestTokenURL = c.getString(SettingKeys.REQUEST_TOKEN_URL);
final String accessTokenURL = c.getString(SettingKeys.ACCESS_TOKEN_URL);
final String authorizationURL = c.getString(SettingKeys.AUTHORIZATION_URL);
final ServiceInfo info =
new ServiceInfo(requestTokenURL, accessTokenURL, authorizationURL, key);
final OAuth service = new OAuth(info, true);
checkError(request);
if (uri.contains(Constants.OAUTH_VERIFIER)) {
final RequestToken rtoken =
(RequestToken) PlayAuthenticate.removeFromCache(context.session(), CACHE_TOKEN);
final String verifier = Authenticate.getQueryString(request, Constants.OAUTH_VERIFIER);
final Either<OAuthException, RequestToken> retrieveAccessToken =
service.retrieveAccessToken(rtoken, verifier);
if (retrieveAccessToken.isLeft()) {
throw new AuthException(retrieveAccessToken.left().get().getLocalizedMessage());
} else {
final I i = buildInfo(retrieveAccessToken.right().get());
return transform(i);
}
} else {
final String callbackURL = getRedirectUrl(request);
final Either<OAuthException, RequestToken> reponse =
service.retrieveRequestToken(callbackURL);
if (reponse.isLeft()) {
// Exception happened
throw new AuthException(reponse.left().get().getLocalizedMessage());
} else {
// All good, we have the request token
final RequestToken rtoken = reponse.right().get();
final String token = rtoken.token();
final String redirectUrl = service.redirectUrl(token);
PlayAuthenticate.storeInCache(context.session(), CACHE_TOKEN, rtoken);
return redirectUrl;
}
}
}
/**
* Forgot password.
*
* @param email the email
* @return the result
*/
public static Result forgotPassword(final String email) {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
Form<EmailUserIdentity> form = FORGOT_PASSWORD_FORM;
if ((email != null) && !email.trim().isEmpty()) {
form = FORGOT_PASSWORD_FORM.fill(new EmailUserIdentity(email));
}
return ok(password_forgot.render(form));
}
/**
* Do forgot password.
*
* @return the result
*/
public static Result doForgotPassword() {
Logger.debug("Account doForgotPassword");
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<EmailUserIdentity> filledForm = FORGOT_PASSWORD_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
// User did not fill in his/her email
return badRequest(password_forgot.render(filledForm));
} else {
// The email address given *BY AN UNKNWON PERSON* to the form - we
// should find out if we actually have a user with this email
// address and whether password login is enabled for him/her. Also
// only send if the email address of the user has been verified.
final String email = filledForm.get().email;
final User user = User.findByEmail(email);
if (user == null) {
// We don't want to expose whether a given email address is signed
// up, so just say an email has been sent, even though it might not
// be true - that's protecting our user privacy.
flash(
ControllerUtil.FLASH_WARNING_KEY,
"Your email address doesn't match our records. Please try again.");
} else {
// We don't want to expose whether a given email address is signed
// up, so just say an email has been sent, even though it might not
// be true - that's protecting our user privacy.
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.reset_password.message.instructions_sent", email));
// yep, we have a user with this email that is active - we do
// not know if the user owning that account has requested this
// reset, though.
final EmailAuthProvider provider = EmailAuthProvider.getProvider();
// User exists
if (user.emailValidated) {
provider.sendPasswordResetMailing(user, ctx());
// In case you actually want to let (the unknown person)
// know whether a user was found/an email was sent, use,
// change the flash message
} else {
// We need to change the message here, otherwise the user
// does not understand whats going on - we should not verify
// with the password reset, as a "bad" user could then sign
// up with a fake email via OAuth and get it verified by an
// a unsuspecting user that clicks the link.
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.reset_password.message.email_not_verified"));
// You might want to re-send the verification email here...
provider.sendVerifyEmailMailingAfterSignup(user, ctx());
}
}
return redirect(routes.Signup.login());
}
}
/**
* Reset password.
*
* @param token the token
* @return the result
*/
public static Result resetPassword(final String token) {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final TokenAction ta = tokenIsValid(token, Type.PASSWORD_RESET);
if (ta == null) {
return badRequest(no_token_or_invalid.render());
}
return ok(password_reset.render(PASSWORD_RESET_FORM.fill(new PasswordReset(token))));
}
public Result doLogin() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<MyLogin> filledForm = MyUsernamePasswordAuthProvider.LOGIN_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
// User did not fill everything properly
return badRequest(login.render(filledForm));
} else {
return UsernamePasswordAuthProvider.handleLogin(ctx());
}
}
protected void checkError(Request request) throws AuthException {
final String error = Authenticate.getQueryString(request, Constants.OAUTH_PROBLEM);
if (error != null) {
if (error.equals(Constants.OAUTH_ACCESS_DENIED)) {
throw new AccessDeniedException(getKey());
} else {
throw new AuthException(error);
}
}
}
/**
* Change password.
*
* @return the result
*/
@SubjectPresent
public static Result changePassword() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final User u = ControllerUtil.getLocalUser(session());
if (!u.emailValidated) {
return ok(unverified.render());
} else {
return ok(password_change.render(PASSWORD_CHANGE_FORM));
}
}
/**
* Ask link.
*
* @return the result
*/
@SubjectPresent
public static Result askLink() {
Logger.debug("Account askLink");
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final AuthUser u = PlayAuthenticate.getLinkUser(session());
if (u == null) {
// account to link could not be found, silently redirect to login
return redirect(routes.Application.index());
}
return ok(ask_link.render(ACCEPT_FORM, u));
}
/**
* Do login.
*
* @return the result
*/
public static Result doLogin() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<EmailUserLogin> filledForm = EmailAuthProvider.LOGIN_FORM.bindFromRequest();
Logger.debug("Signup doLogin - {}", ToStringBuilder.reflectionToString(filledForm));
if (filledForm.hasErrors()) {
flash(
ControllerUtil.FLASH_DANGER_KEY,
"Unable to login. Please check the Login Form and try again.");
// User did not fill everything properly
return badRequest(login.render(filledForm));
} else {
// Everything was filled
return EmailAuthProvider.handleLogin(ctx());
}
}
public Result doSignup() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<MySignup> filledForm = MyUsernamePasswordAuthProvider.SIGNUP_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
// User did not fill everything properly
return badRequest(signup.render(filledForm));
} else {
// Everything was filled
// do something with your part of the form before handling the user
// signup
return UsernamePasswordAuthProvider.handleSignup(ctx());
}
}
/**
* Do change password.
*
* @return the result
*/
@SubjectPresent
public static Result doChangePassword() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<Account.PasswordChange> filledForm = PASSWORD_CHANGE_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
// User did not select whether to link or not link
return badRequest(password_change.render(filledForm));
} else {
final User user = ControllerUtil.getLocalUser(session());
final String newPassword = filledForm.get().password;
user.changePassword(new EmailAuthUser(newPassword), true);
flash(
ControllerUtil.FLASH_INFO_KEY, Messages.get("playauthenticate.change_password.success"));
return redirect(routes.Application.profile());
}
}
@SubjectPresent
public Result askMerge() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
// this is the currently logged in user
final AuthUser aUser = PlayAuthenticate.getUser(session());
// this is the user that was selected for a login
final AuthUser bUser = PlayAuthenticate.getMergeUser(session());
if (bUser == null) {
// user to merge with could not be found, silently redirect to login
return redirect(routes.Application.index());
}
// You could also get the local user object here via
// User.findByAuthUserIdentity(newUser)
return ok((Content) ask_merge.render("Merge accept form"));
}
/**
* Do reset password.
*
* @return the result
*/
public static Result doResetPassword() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<PasswordReset> filledForm = PASSWORD_RESET_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
return badRequest(password_reset.render(filledForm));
} else {
final String token = filledForm.get().token;
final String newPassword = filledForm.get().password;
final TokenAction ta = tokenIsValid(token, Type.PASSWORD_RESET);
if (ta == null) {
return badRequest(no_token_or_invalid.render());
}
final User u = ta.targetUser;
try {
// Pass true for the second parameter if you want to
// automatically create a password and the exception never to
// happen
u.resetPassword(new EmailAuthUser(newPassword), false);
} catch (final RuntimeException re) {
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.reset_password.message.no_password_account"));
}
final boolean login = EmailAuthProvider.getProvider().isLoginAfterPasswordReset();
if (login) {
// automatically log in
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.reset_password.message.success.auto_login"));
// return PlayAuthenticate.loginAndRedirect(ctx(),
// new EmailAuthUser(u.email));
return redirect(routes.Signup.login());
} else {
// send the user to the login page
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.reset_password.message.success.manual_login"));
}
return redirect(routes.Signup.login());
}
}
/**
* Do signup.
*
* @return the result
*/
public static Result doSignup() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final Form<EmailUserSignup> filledForm = EmailAuthProvider.SIGNUP_FORM.bindFromRequest();
if (StringUtils.isNotEmpty(filledForm.data().get("mail"))
|| StringUtils.isNotEmpty(filledForm.data().get("mobile"))) {
filledForm.reject(
"Form submission has errors, please contact us if you are receiving this error.");
}
if (filledForm.hasErrors()) {
// User did not fill everything properly
return badRequest(signup.render(filledForm));
} else {
// Everything was filled
// do something with your part of the form before handling the user
// signup
Logger.debug(
"About to handle signup in Application {}",
ToStringBuilder.reflectionToString(filledForm));
return EmailAuthProvider.handleSignup(ctx());
}
}
/**
* Verify email.
*
* @return the result
*/
@SubjectPresent
public static Result verifyEmailById(Long userId) {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final User user = User.findById(userId);
if (user.emailValidated) {
// E-Mail has been validated already
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.verify_email.error.already_validated"));
} else if ((user.email != null) && !user.email.trim().isEmpty()) {
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.verify_email.message.instructions_sent", user.email));
EmailAuthProvider.getProvider().sendVerifyEmailMailingAfterSignup(user, ctx());
} else {
flash(
ControllerUtil.FLASH_INFO_KEY,
Messages.get("playauthenticate.verify_email.error.set_email_first", user.email));
}
return redirect(routes.Application.profile());
}
/**
* Do link.
*
* @return the result
*/
@SubjectPresent
public static Result doLink() {
Logger.debug("Account doLink");
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
final AuthUser u = PlayAuthenticate.getLinkUser(session());
if (u == null) {
// account to link could not be found, silently redirect to login
return redirect(routes.Application.index());
}
final Form<Accept> filledForm = ACCEPT_FORM.bindFromRequest();
if (filledForm.hasErrors()) {
// User did not select whether to link or not link
return badRequest(ask_link.render(filledForm, u));
} else {
// User made a choice :)
final boolean link = filledForm.get().accept;
if (link) {
flash(
ControllerUtil.FLASH_INFO_KEY, Messages.get("playauthenticate.accounts.link.success"));
}
return PlayAuthenticate.link(ctx(), link);
}
}
/**
* Link.
*
* @return the result
*/
@SubjectPresent
public static Result link() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
return ok(link.render());
}
/**
* Exists.
*
* @return the result
*/
public static Result exists() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
return ok(exists.render());
}
/**
* O auth denied.
*
* @param getProviderKey the get provider key
* @return the result
*/
public static Result oAuthDenied(final String getProviderKey) {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
return ok(oAuthDenied.render(getProviderKey));
}
/**
* Unverified.
*
* @return the result
*/
public static Result unverified() {
com.feth.play.module.pa.controllers.Authenticate.noCache(response());
return ok(unverified.render());
}
