Version 1.3 Mx 6.8.1

README.md

@@ -13,13 +13,13 @@
     <td bgcolor="#DDD"> Type</td><td>Module</td>
 </tr>
 <tr> 
-    <td bgcolor="#DDD"> Latest version</td><td>1.2</td>
+    <td bgcolor="#DDD"> Latest version</td><td>1.3</td>
 </tr>
 <tr> 
-    <td bgcolor="#DDD"> Package name</td><td>OAuthModule_v1.2.mpk</td>
+    <td bgcolor="#DDD"> Package name</td><td>OAuthModule_v1.3.mpk</td>
 </tr>
 <tr> 
-    <td bgcolor="#DDD"> Released</td><td>10-03-2014</td>
+    <td bgcolor="#DDD"> Released</td><td>28-09-2016</td>
 </tr>
 </table>
 
@@ -118,13 +118,14 @@ For Google e.g. http://myfirstapp.mendixcloud.com/callback/google
 12. The next setup step for your OAuth module is:  navigate to https://(yourapp)/admin.html and login with your Admin account
 13. Synchronize your Model Reflection module and make sure that the data for the OAuthModule is created
 14. Select the OAuth Config menu item and select the microflow ResolveUserByEmail
-15. And you're done!
+15. To allow your user to return to a logout page, implement the sign out button as found in the #implementation Oauth_Layout
+16. Don't forget to set your requesthandlers in the cloud ('signin/','callback/' and 'logout/')
+17. And you're done!
 
 
-16. Wait, what if security requirements are more strict? Perform step 17
-17. Delete the admin.html from your theme folder to make sure that OAuth is the only login option, and redeploy your app
-18. Don't forget to set your requesthandlers in the cloud ('signin/' and 'callback/')
-19. Done!
+18. Wait, what if security requirements are more strict? Perform step 17
+19. Delete the admin.html from your theme folder to make sure that OAuth is the only login option, and redeploy your app
+20. Done!
 
 If you want to use another OAuth provider than those that come with the module read the Add_OAuth_Provider_v1.2.pdf file on github.
 To implement your own resolve user logic either adapt the microflow ResolveUserByEmail or create your own microflow and link this in the OAuth config.

javasource/oauthmodule/actions/JA_LogoutHandler.java

@@ -0,0 +1,43 @@
+package oauthmodule.actions;
+
+import java.io.BufferedReader;
+import java.io.FileReader;
+import java.io.IOException;
+import java.io.OutputStream;
+
+import org.apache.commons.io.IOUtils;
+
+import com.mendix.core.Core;
+import com.mendix.externalinterface.connector.RequestHandler;
+import com.mendix.m2ee.api.IMxRuntimeRequest;
+import com.mendix.m2ee.api.IMxRuntimeResponse;
+import com.mendix.systemwideinterfaces.core.ISession;
+
+public class JA_LogoutHandler extends RequestHandler {
+
+	@Override
+	public void processRequest(IMxRuntimeRequest request, IMxRuntimeResponse response, String path) throws Exception
+	{
+		final String LOGOUTPAGELOCATION = "/Oauth/logout.html";
+		ISession session = getSessionFromRequest(request);
+		if (session != null){
+			Core.logout(session);
+			}
+		StringBuilder stringBuilder = new StringBuilder();
+		try (BufferedReader br = new BufferedReader(new FileReader(Core.getConfiguration().getResourcesPath()+LOGOUTPAGELOCATION)))
+		{
+			String sCurrentLine;
+			while ((sCurrentLine = br.readLine()) != null) {
+				stringBuilder.append(sCurrentLine);
+			}   
+			String logoutPage = stringBuilder.toString();
+			OutputStream outputStream = response.getOutputStream();
+			IOUtils.write(logoutPage, outputStream);
+			IOUtils.closeQuietly(outputStream);
+		} catch (IOException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+	}
+
+}

javasource/oauthmodule/actions/JA_SiginCallBackRH.java

@@ -1,4 +1,4 @@
-// This file was generated by Mendix Business Modeler.
+// This file was generated by Mendix Modeler.
 //
 // WARNING: Only the following code will be retained when actions are regenerated:
 // - the import list
@@ -15,9 +15,6 @@
 import com.mendix.systemwideinterfaces.core.IContext;
 import com.mendix.webui.CustomJavaAction;
 
-/**
- * 
- */
 public class JA_SiginCallBackRH extends CustomJavaAction<Boolean>
 {
 	private String contextpath;

javasource/oauthmodule/actions/JA_SiginRH.java

@@ -1,4 +1,4 @@
-// This file was generated by Mendix Business Modeler.
+// This file was generated by Mendix Modeler.
 //
 // WARNING: Only the following code will be retained when actions are regenerated:
 // - the import list
@@ -15,9 +15,6 @@
 import com.mendix.systemwideinterfaces.core.IContext;
 import com.mendix.webui.CustomJavaAction;
 
-/**
- * 
- */
 public class JA_SiginRH extends CustomJavaAction<Boolean>
 {
 	private String contextpath;

javasource/oauthmodule/actions/JA_StartLogoutHandler.java

@@ -0,0 +1,44 @@
+// This file was generated by Mendix Modeler.
+//
+// WARNING: Only the following code will be retained when actions are regenerated:
+// - the import list
+// - the code between BEGIN USER CODE and END USER CODE
+// - the code between BEGIN EXTRA CODE and END EXTRA CODE
+// Other code you write will be lost the next time you deploy the project.
+// Special characters, e.g., é, ö, à, etc. are supported in comments.
+
+package oauthmodule.actions;
+
+import com.mendix.core.Core;
+import com.mendix.systemwideinterfaces.core.IContext;
+import com.mendix.webui.CustomJavaAction;
+
+public class JA_StartLogoutHandler extends CustomJavaAction<Boolean>
+{
+	public JA_StartLogoutHandler(IContext context)
+	{
+		super(context);
+	}
+
+	@Override
+	public Boolean executeAction() throws Exception
+	{
+		// BEGIN USER CODE
+		Core.addRequestHandler("logout/", new JA_LogoutHandler());
+		Core.getLogger("OAuthSignout").info("Registered logout requesthandler for 'logout/'");		
+		return true;
+		// END USER CODE
+	}
+
+	/**
+	 * Returns a string representation of this action
+	 */
+	@Override
+	public String toString()
+	{
+		return "JA_StartLogoutHandler";
+	}
+
+	// BEGIN EXTRA CODE
+	// END EXTRA CODE
+}

javasource/oauthmodule/actions/custom/LoginHelper.java

@@ -1,10 +1,7 @@
 package oauthmodule.actions.custom;
 
 import javax.servlet.http.HttpServletResponse;
-
-import org.apache.commons.lang.StringUtils;
-
-
+import org.apache.commons.lang3.StringUtils;
 
 import com.mendix.core.Core;
 import com.mendix.core.CoreException;
@@ -41,6 +38,12 @@ class LoginHelper {
      * @param context
      * @param user
      */
+
+    /*
+     * 28-09-2016
+     * Added option to reuse sessions for when the app is being used with anonymous users
+     * Thanks to Arjen Lammers for pointing this out
+     */
     protected static void createSession(IMxRuntimeRequest request, IMxRuntimeResponse response, IContext context, IUser user) {
         String cookie = request.getCookie(XAS_SESSION_ID);
         if (cookie == null || cookie.isEmpty()) {
@@ -55,16 +58,14 @@ protected static void createSession(IMxRuntimeRequest request, IMxRuntimeRespons
                 break;
             }
         }
-        if (session == null) {
-        	Core.getLogger("OauthLogin").debug("No active session found, initializing new session");
-            try {
-                session = Core.initializeSession(user, null);
-            } catch (CoreException e) {
-            	Core.getLogger("OauthLogin").error("Failed to initialize new Mendix session " + e);
-                response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
-                throw new RuntimeException("Single Sign On unable to create new session");
-            }
-        }
+
+        try {
+        	            session = Core.initializeSession(user, session != null ? session.getId().toString() : null);
+        	        } catch (CoreException e) {
+        	        	Core.getLogger("OauthLogin").error("Failed to initialize new Mendix session " + e);
+        	            response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+        	             throw new RuntimeException("Single Sign On unable to create new session");
+        	          }
 
         // no existing session found, perform login using the provided username
         Core.getLogger("OauthLogin").debug("Setting Mendix runtime cookies (XASSESSIONID, XASID and originURI)");

javasource/oauthmodule/actions/custom/OauthCallback.java

@@ -16,7 +16,7 @@
 
 import mxmodelreflection.proxies.Microflows;
 
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.json.simple.JSONObject;
 import org.json.simple.parser.JSONParser;
 import org.json.simple.parser.ParseException;

javasource/oauthmodule/actions/custom/OauthSigninMultiIdP.java

@@ -12,7 +12,7 @@
 
 import oauthmodule.proxies.constants.Constants;
 
-import org.apache.commons.lang.StringUtils;
+import org.apache.commons.lang3.StringUtils;
 
 import com.mendix.core.Core;
 import com.mendix.externalinterface.connector.RequestHandler;

javasource/oauthmodule/actions/custom/doc/allclasses-frame.html

@@ -0,0 +1,32 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- NewPage -->
+<html lang="nl">
+<head>
+<!-- Generated by javadoc (version 1.7.0_25) on Thu Oct 02 14:56:54 CEST 2014 -->
+<title>All Classes</title>
+<meta name="date" content="2014-10-02">
+<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
+</head>
+<body>
+<h1 class="bar">All Classes</h1>
+<div class="indexContainer">
+<ul>
+<li><a href="oauthmodule/actions/custom/ErrorHandler.html" title="class in oauthmodule.actions.custom" target="classFrame">ErrorHandler</a></li>
+<li><a href="oauthmodule/actions/custom/ExecuteHttpRequest.html" title="class in oauthmodule.actions.custom" target="classFrame">ExecuteHttpRequest</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessCodeFacebook.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessCodeFacebook</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessCodeGoogle.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessCodeGoogle</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessCodeLinkedin.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessCodeLinkedin</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessToken.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessToken</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessTokenFacebook.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessTokenFacebook</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessTokenGoogle.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessTokenGoogle</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessTokenLinkedin.html" title="class in oauthmodule.actions.custom" target="classFrame">GetAccessTokenLinkedin</a></li>
+<li><a href="oauthmodule/actions/custom/GetHttpRequest.html" title="class in oauthmodule.actions.custom" target="classFrame">GetHttpRequest</a></li>
+<li><a href="oauthmodule/actions/custom/LoginHelper.html" title="class in oauthmodule.actions.custom" target="classFrame">LoginHelper</a></li>
+<li><a href="oauthmodule/actions/custom/LogRecordHandler.html" title="class in oauthmodule.actions.custom" target="classFrame">LogRecordHandler</a></li>
+<li><a href="oauthmodule/actions/custom/OauthCallback.html" title="class in oauthmodule.actions.custom" target="classFrame">OauthCallback</a></li>
+<li><a href="oauthmodule/actions/custom/OauthSigninMultiIdP.html" title="class in oauthmodule.actions.custom" target="classFrame">OauthSigninMultiIdP</a></li>
+<li><a href="oauthmodule/actions/custom/PostHttpRequest.html" title="class in oauthmodule.actions.custom" target="classFrame">PostHttpRequest</a></li>
+</ul>
+</div>
+</body>
+</html>

javasource/oauthmodule/actions/custom/doc/allclasses-noframe.html

@@ -0,0 +1,32 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<!-- NewPage -->
+<html lang="nl">
+<head>
+<!-- Generated by javadoc (version 1.7.0_25) on Thu Oct 02 14:56:54 CEST 2014 -->
+<title>All Classes</title>
+<meta name="date" content="2014-10-02">
+<link rel="stylesheet" type="text/css" href="stylesheet.css" title="Style">
+</head>
+<body>
+<h1 class="bar">All Classes</h1>
+<div class="indexContainer">
+<ul>
+<li><a href="oauthmodule/actions/custom/ErrorHandler.html" title="class in oauthmodule.actions.custom">ErrorHandler</a></li>
+<li><a href="oauthmodule/actions/custom/ExecuteHttpRequest.html" title="class in oauthmodule.actions.custom">ExecuteHttpRequest</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessCodeFacebook.html" title="class in oauthmodule.actions.custom">GetAccessCodeFacebook</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessCodeGoogle.html" title="class in oauthmodule.actions.custom">GetAccessCodeGoogle</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessCodeLinkedin.html" title="class in oauthmodule.actions.custom">GetAccessCodeLinkedin</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessToken.html" title="class in oauthmodule.actions.custom">GetAccessToken</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessTokenFacebook.html" title="class in oauthmodule.actions.custom">GetAccessTokenFacebook</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessTokenGoogle.html" title="class in oauthmodule.actions.custom">GetAccessTokenGoogle</a></li>
+<li><a href="oauthmodule/actions/custom/GetAccessTokenLinkedin.html" title="class in oauthmodule.actions.custom">GetAccessTokenLinkedin</a></li>
+<li><a href="oauthmodule/actions/custom/GetHttpRequest.html" title="class in oauthmodule.actions.custom">GetHttpRequest</a></li>
+<li><a href="oauthmodule/actions/custom/LoginHelper.html" title="class in oauthmodule.actions.custom">LoginHelper</a></li>
+<li><a href="oauthmodule/actions/custom/LogRecordHandler.html" title="class in oauthmodule.actions.custom">LogRecordHandler</a></li>
+<li><a href="oauthmodule/actions/custom/OauthCallback.html" title="class in oauthmodule.actions.custom">OauthCallback</a></li>
+<li><a href="oauthmodule/actions/custom/OauthSigninMultiIdP.html" title="class in oauthmodule.actions.custom">OauthSigninMultiIdP</a></li>
+<li><a href="oauthmodule/actions/custom/PostHttpRequest.html" title="class in oauthmodule.actions.custom">PostHttpRequest</a></li>
+</ul>
+</div>
+</body>
+</html>