OAuth authentication for Mastodon and ActivityPub C2S

author: Vitaly Takmazov 2023-01-04 03:38:19 +0300
committer: Vitaly Takmazov 2023-01-04 05:46:16 +0300
commit: c471503ede9aad91193ff6f93966196e6aff15d6 (patch)
tree: 8c70c8f58b140465be651cd019f26eadd476711f /src/main/java/com/juick/www/controllers
parent: 086d9a7625bfc5a386f5b1028d364fb546c2fa9d (diff)
5 files changed, 25 insertions, 36 deletions
diff --git a/src/main/java/com/juick/www/controllers/Help.java b/src/main/java/com/juick/www/controllers/Help.java
index ae1dafbe..ae7ba9d1 100644
--- a/src/main/java/com/juick/www/controllers/Help.java
+++ b/src/main/java/com/juick/www/controllers/Help.java
@@ -20,13 +20,13 @@ package com.juick.www.controllers;
 import com.juick.model.User;
 import com.juick.util.HttpNotFoundException;
 import com.juick.service.HelpService;
-import com.juick.service.security.annotation.Visitor;
 import com.juick.www.WebApp;
 import org.commonmark.parser.Parser;
 import org.commonmark.renderer.html.HtmlRenderer;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PathVariable;
 
 import javax.inject.Inject;
@@ -49,7 +49,7 @@ public class Help {
 
     @GetMapping({"/help/", "/help", "/help/{langOrPage}", "/help/{lang}/{page}"})
     public String showHelp(
-            @Visitor User visitor,
+            @ModelAttribute User visitor,
             Locale locale,
             @PathVariable(required = false, name = "lang") String lang,
             @PathVariable(required = false, name = "page") String page,
diff --git a/src/main/java/com/juick/www/controllers/Settings.java b/src/main/java/com/juick/www/controllers/Settings.java
index b990bf41..4d7deece 100644
--- a/src/main/java/com/juick/www/controllers/Settings.java
+++ b/src/main/java/com/juick/www/controllers/Settings.java
@@ -35,7 +35,6 @@ import com.juick.service.TagService;
 import com.juick.service.TelegramService;
 import com.juick.service.UserService;
 import com.juick.service.activities.UpdateUserEvent;
-import com.juick.service.security.annotation.Visitor;
 import com.juick.util.HttpBadRequestException;
 import com.juick.util.HttpUtils;
 import com.juick.www.WebApp;
@@ -58,6 +57,7 @@ import org.springframework.context.ApplicationEventPublisher;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.multipart.MultipartFile;
@@ -89,7 +89,7 @@ public class Settings {
 
     @GetMapping("/settings")
     protected String doGet(
-            @Visitor User visitor,
+            @ModelAttribute User visitor,
             Locale locale,
             @RequestParam(required = false, defaultValue = "main") String page,
             @RequestParam(required = false) String code, ModelMap model) throws IOException {
@@ -126,7 +126,7 @@ public class Settings {
 
     @PostMapping("/settings")
     protected String doPost(
-            @Visitor User visitor,
+            @ModelAttribute User visitor,
             HttpServletRequest request, HttpServletResponse response,
             @RequestParam(required = false) MultipartFile avatar,
             ModelMap model)
@@ -272,7 +272,7 @@ public class Settings {
     }
     @PostMapping("/settings/unsubscribe")
     public String unsubscribeOneClick(
-            @Visitor User user,
+            @ModelAttribute User user,
             @RequestParam(name = "List-Unsubscribe") String unsubscribe,
             ModelMap model) {
         if (!user.isAnonymous()) {
diff --git a/src/main/java/com/juick/www/controllers/SignUp.java b/src/main/java/com/juick/www/controllers/SignUp.java
index 9fc04dd5..8318dabd 100644
--- a/src/main/java/com/juick/www/controllers/SignUp.java
+++ b/src/main/java/com/juick/www/controllers/SignUp.java
@@ -23,13 +23,13 @@ import com.juick.util.UsernameTakenException;
 import com.juick.www.WebApp;
 import com.juick.service.EmailService;
 import com.juick.service.UserService;
-import com.juick.service.security.annotation.Visitor;
 import com.juick.service.security.entities.JuickUser;
 import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.ModelAttribute;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 
@@ -52,7 +52,7 @@ public class SignUp {
 
     @GetMapping("/signup")
     protected String doGet(
-            @Visitor User visitor,
+            @ModelAttribute User visitor,
             @RequestParam String type, @RequestParam String hash, ModelMap model) {
         if (hash.length() > 36 || !type.matches("^[a-zA-Z0-9\\-]+$")
                 || !hash.matches("^[a-zA-Z0-9\\-]+$")) {
@@ -91,7 +91,7 @@ public class SignUp {
 
     @PostMapping("/signup")
     protected String doPost(
-            @Visitor User visitor,
+            @ModelAttribute User visitor,
             @RequestParam String type,
             @RequestParam String hash,
             @RequestParam String action,
diff --git a/src/main/java/com/juick/www/controllers/Site.java b/src/main/java/com/juick/www/controllers/Site.java
index f45fe8f2..e8acc650 100644
--- a/src/main/java/com/juick/www/controllers/Site.java
+++ b/src/main/java/com/juick/www/controllers/Site.java
@@ -30,7 +30,6 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpSession;
 
 import com.juick.service.*;
-import com.juick.service.security.annotation.Visitor;
 import com.juick.util.MessageUtils;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.commons.lang3.tuple.Pair;
@@ -43,12 +42,7 @@ import org.springframework.security.core.AuthenticationException;
 import org.springframework.security.web.WebAttributes;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PathVariable;
-import org.springframework.web.bind.annotation.RequestHeader;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.*;
 
 import javax.inject.Inject;
 import java.net.URLEncoder;
@@ -99,7 +93,7 @@ public class Site {
     }
 
     @GetMapping("/login")
-    public String getloginForm(@Visitor User visitor,
+    public String getloginForm(@ModelAttribute User visitor,
             @RequestParam(name = "retpath", required = false, defaultValue = "/") String retPath,
             HttpSession session,
             ModelMap model) {
@@ -125,7 +119,7 @@ public class Site {
     }
 
     @GetMapping("/")
-    protected String doGet(@Visitor User visitor, Locale locale, @RequestParam(required = false) String tag,
+    protected String doGet(@ModelAttribute User visitor, Locale locale, @RequestParam(required = false) String tag,
             @RequestParam(name = "show", required = false) String paramShow,
             @RequestParam(name = "search", required = false) String paramSearch,
             @RequestParam(name = "before", required = false, defaultValue = "0") Integer paramBefore,
@@ -217,7 +211,7 @@ public class Site {
     }
 
     @GetMapping(path = "/{uname}/", headers = "Connection!=Upgrade")
-    protected String doGetBlog(@Visitor User visitor, @RequestParam(required = false, name = "show") String paramShow,
+    protected String doGetBlog(@ModelAttribute User visitor, @RequestParam(required = false, name = "show") String paramShow,
             @RequestParam(required = false, name = "tag") String paramTagStr,
             @RequestParam(required = false, name = "search") String paramSearch,
             @RequestParam(required = false, name = "page", defaultValue = "0") Integer page, @PathVariable String uname,
@@ -324,7 +318,7 @@ public class Site {
     }
 
     @GetMapping("/{uname}/tags")
-    protected String doGetTags(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+    protected String doGetTags(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
         User user = userService.getUserByName(uname);
         if (visitor.isBanned()) {
             throw new HttpNotFoundException();
@@ -344,7 +338,7 @@ public class Site {
     }
 
     @GetMapping("/{uname}/friends")
-    protected String doGetFriends(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+    protected String doGetFriends(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
         User user = userService.getUserByName(uname);
         if (visitor.isBanned()) {
             throw new HttpNotFoundException();
@@ -360,7 +354,7 @@ public class Site {
     }
 
     @GetMapping("/{uname}/readers")
-    protected String doGetReaders(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+    protected String doGetReaders(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
         User user = userService.getUserByName(uname);
         visitor.setAvatar(webApp.getAvatarWebPath(visitor));
         model.addAttribute("title", "Читатели " + user.getName());
@@ -373,7 +367,7 @@ public class Site {
     }
 
     @GetMapping("/{uname}/bl")
-    protected String doGetBL(@Visitor User visitor, @PathVariable String uname, ModelMap model) {
+    protected String doGetBL(@ModelAttribute User visitor, @PathVariable String uname, ModelMap model) {
         User user = userService.getUserByName(uname);
         if (visitor.getUid() != user.getUid()) {
             throw new HttpForbiddenException();
@@ -389,7 +383,7 @@ public class Site {
     }
 
     @GetMapping("/tag/{tagName}")
-    protected String tagAction(@Visitor User visitor, HttpServletRequest request, @PathVariable String tagName,
+    protected String tagAction(@ModelAttribute User visitor, HttpServletRequest request, @PathVariable String tagName,
             @RequestParam(required = false, defaultValue = "0") int before, ModelMap model) {
         visitor.setAvatar(webApp.getAvatarWebPath(visitor));
         String paramTagStr = StringEscapeUtils.unescapeHtml4(tagName);
@@ -452,7 +446,7 @@ public class Site {
     }
 
     @GetMapping("/pm/inbox")
-    protected String doGetInbox(@Visitor User visitor, ModelMap model) {
+    protected String doGetInbox(@ModelAttribute User visitor, ModelMap model) {
         visitor.setAvatar(webApp.getAvatarWebPath(visitor));
         String title = "PM: Inbox";
         List<Message> msgs = chatService.getInbox(visitor.getUid());
@@ -466,7 +460,7 @@ public class Site {
     }
 
     @GetMapping("/pm/sent")
-    protected String doGetSent(@Visitor User visitor, @RequestParam(required = false) String uname, ModelMap model) {
+    protected String doGetSent(@ModelAttribute User visitor, @RequestParam(required = false) String uname, ModelMap model) {
         visitor.setAvatar(webApp.getAvatarWebPath(visitor));
         String title = "PM: Sent";
         List<Message> msgs = chatService.getOutbox(visitor.getUid());
@@ -485,7 +479,7 @@ public class Site {
 
     @GetMapping(value = "/{uname}/{mid}", produces = { MediaType.TEXT_HTML_VALUE, Context.ACTIVITY_MEDIA_TYPE,
             Context.LD_JSON_MEDIA_TYPE })
-    protected String threadAction(@Visitor User visitor, ModelMap model, @PathVariable String uname,
+    protected String threadAction(@ModelAttribute User visitor, ModelMap model, @PathVariable String uname,
             @PathVariable int mid,
             @RequestHeader(name = HttpHeaders.ACCEPT, required = false) String acceptHeader,
             @CookieValue(name = "sape_cookie", required = false, defaultValue = StringUtils.EMPTY) String sapeCookie) {
@@ -589,7 +583,7 @@ public class Site {
     }
 
     @GetMapping("/post")
-    protected String postAction(@Visitor User visitor, @RequestParam(required = false) String body, ModelMap model) {
+    protected String postAction(@ModelAttribute User visitor, @RequestParam(required = false) String body, ModelMap model) {
         fillUserModel(model, visitor, visitor);
         visitor.setAvatar(webApp.getAvatarWebPath(visitor));
         model.addAttribute("title", "Написать");
diff --git a/src/main/java/com/juick/www/controllers/SocialLogin.java b/src/main/java/com/juick/www/controllers/SocialLogin.java
index c9611543..24bf97f6 100644
--- a/src/main/java/com/juick/www/controllers/SocialLogin.java
+++ b/src/main/java/com/juick/www/controllers/SocialLogin.java
@@ -27,7 +27,6 @@ import com.juick.model.ext.vk.UsersResponse;
 import com.juick.service.EmailService;
 import com.juick.service.TelegramService;
 import com.juick.service.UserService;
-import com.juick.service.security.annotation.Visitor;
 import com.juick.util.HttpBadRequestException;
 
 import jakarta.annotation.PostConstruct;
@@ -46,11 +45,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.CookieValue;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestHeader;
-import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.*;
 import org.springframework.web.util.UriComponentsBuilder;
 
 import javax.inject.Inject;
@@ -191,8 +186,8 @@ public class SocialLogin {
     }
 
     @GetMapping("/_twitter")
-    protected void doTwitterLogin(@Visitor com.juick.model.User user, HttpServletRequest request,
-            HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
+    protected void doTwitterLogin(@ModelAttribute com.juick.model.User user, HttpServletRequest request,
+                                  HttpServletResponse response) throws IOException, ExecutionException, InterruptedException {
         String hash = StringUtils.EMPTY, request_token = StringUtils.EMPTY, request_token_secret = StringUtils.EMPTY;
         String verifier = request.getParameter("oauth_verifier");
         Cookie[] cookies = request.getCookies();
author	Vitaly Takmazov	2023-01-04 03:38:19 +0300
committer	Vitaly Takmazov	2023-01-04 05:46:16 +0300
commit	c471503ede9aad91193ff6f93966196e6aff15d6 (patch)
tree	8c70c8f58b140465be651cd019f26eadd476711f /src/main/java/com/juick/www/controllers
parent	086d9a7625bfc5a386f5b1028d364fb546c2fa9d (diff)