clean up
diff --git a/app/controllers/GatewayRequestUpdateController.php b/app/controllers/GatewayRequestUpdateController.php
index f75019e..cbedd06 100644
--- a/app/controllers/GatewayRequestUpdateController.php
+++ b/app/controllers/GatewayRequestUpdateController.php
@@ -41,7 +41,7 @@
return Redirect::back()->withErrors($validator);
}
else {
- $returnVal = AdminUtilities::user_update_gateway(Input::get("internal-gateway-id"), Input::all());
+ $returnVal = AdminUtilities::user_update_gateway(Input::get("gateway-id"), Input::all());
if ($returnVal == 1) {
$email = Config::get('pga_config.portal')['admin-emails'];
diff --git a/app/libraries/AdminUtilities.php b/app/libraries/AdminUtilities.php
index c9a4e2a..9fcdf8e 100644
--- a/app/libraries/AdminUtilities.php
+++ b/app/libraries/AdminUtilities.php
@@ -39,16 +39,17 @@
$gateway->requesterUsername = Session::get('username');
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::APPROVED;
-
-
$logoutURI = $gateway->gatewayURL;
+ if(!(AdminUtilities::endsWith($logoutURI,"/"))) {
+ $logoutURI = $logoutURI."/";
+ }
$redirectURI = $logoutURI."auth/callback*";
$gateway->redirectURLs = array($logoutURI,$redirectURI);
$gateway->scope = "openid profile email org.cilogon.userinfo" ;
try {
- Log::info("Gateway #####".$gateway);
- // TenantProfileService::addGateway(Session::get('authz-token'), $gateway);
+
+ TenantProfileService::addGateway(Session::get('authz-token'), $gateway);
return 1;
}
catch (Exception $ex) {
@@ -79,15 +80,12 @@
$gateway->gatewayPublicAbstract = $inputs["public-project-description"];
$gateway->requesterUsername = Session::get('username');
-
- Log::info("Check request #####".$gateway);
- // try {
- // TenantProfileService::addGateway(Session::get('authz-token'), $gateway);
+ try {
+ TenantProfileService::addGateway(Session::get('authz-token'), $gateway);
return 1;
- // }
- // catch (Exception $ex) {
- // return -1;
- // }
+ } catch (Exception $ex) {
+ return -1;
+ }
}
public static function request_gateway( $inputs)
@@ -117,16 +115,20 @@
$logoutURI = $gateway->gatewayURL;
+ if(!(AdminUtilities::endsWith($logoutURI,"/"))) {
+ $logoutURI = $logoutURI."/";
+ }
+ $redirectURI = $logoutURI."auth/callback*";
+ $gateway->redirectURLs = array($logoutURI,$redirectURI);
+ $gateway->scope = "openid profile email org.cilogon.userinfo" ;
+
+ $logoutURI = $gateway->gatewayURL;
$redirectURI = $logoutURI."auth/callback*";
$gateway->redirectURLs = array($logoutURI,$redirectURI);
$gateway->scope = "openid profile email org.cilogon.userinfo" ;
- Log::info ("Request_Gateway ".$gateway);
-
- return 1;
-
- // return TenantProfileService::addGateway(Session::get('authz-token'), $gateway);
+ return TenantProfileService::addGateway(Session::get('authz-token'), $gateway);
}
public static function get_gateway_approval_statuses()
@@ -151,16 +153,23 @@
$gateway->reviewProposalDescription = $gatewayData["project-details"];
$gateway->gatewayPublicAbstract = $gatewayData["public-project-description"];
- Log::info("user_update_gateway ".$gateway);
+ $logoutURI = $gateway->gatewayURL;
+ if(!(AdminUtilities::endsWith($logoutURI,"/"))) {
+ $logoutURI = $logoutURI."/";
+ }
+ $redirectURI = $logoutURI."auth/callback*";
+ $gateway->redirectURLs = array($logoutURI,$redirectURI);
+ $gateway->scope = "openid profile email org.cilogon.userinfo" ;
- // if( TenantProfileService::updateGateway( Session::get('authz-token'), $gateway) ){
+
+ if( TenantProfileService::updateGateway( Session::get('authz-token'), $gateway) ){
return 1;
- // }
- // else{
+ }
+ else{
//Need to find a better way for this.
// retun echo "Tenant Name is already in use";
- // return -1;
- // }
+ return -1;
+ }
}
public static function update_gateway( $gatewayId, $gatewayData){
@@ -190,7 +199,15 @@
return -1;
}
}
- // $gateway = IamAdminServices::setUpGateway( Session::get('authz-token'), $gateway);
+ $logoutURI = $gateway->gatewayURL;
+ if(!(AdminUtilities::endsWith($logoutURI,"/"))) {
+ $logoutURI = $logoutURI."/";
+ }
+ $redirectURI = $logoutURI."auth/callback*";
+ $gateway->redirectURLs = array($logoutURI,$redirectURI);
+ $gateway->scope = "openid profile email org.cilogon.userinfo" ;
+
+ $gateway = IamAdminServices::setUpGateway( Session::get('authz-token'), $gateway);
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::CREATED;
}
elseif( isset( $gatewayData["approveRequest"])){
@@ -201,6 +218,7 @@
$gateway->gatewayAdminEmail = $gatewayData["gatewayAdminEmail"];
$gateway->identityServerUserName = $gatewayData["identityServerUserName"];
if (!empty($gatewayData["gatewayAdminPassword"])) {
+ Log::info("Gateway password ".gatewayData["gatewayAdminPassword"]);
$token = AdminUtilities::create_pwd_token([
"username" => $gatewayData["identityServerUserName"],
"password" => $gatewayData["gatewayAdminPassword"],
@@ -211,6 +229,15 @@
$gateway->reviewProposalDescription = $gatewayData["reviewProposalDescription"];
$gateway->gatewayPublicAbstract = $gatewayData["gatewayPublicAbstract"];
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::APPROVED;
+
+ $logoutURI = $gateway->gatewayURL;
+ $logoutURI = $gateway->gatewayURL;
+ if(!(AdminUtilities::endsWith($logoutURI,"/"))) {
+ $logoutURI = $logoutURI."/";
+ }
+ $redirectURI = $logoutURI."auth/callback*";
+ $gateway->redirectURLs = array($logoutURI,$redirectURI);
+ $gateway->scope = "openid profile email org.cilogon.userinfo" ;
}
elseif( isset( $gatewayData["denyRequest"])){
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::DENIED;
@@ -233,6 +260,13 @@
$gateway->reviewProposalDescription = $gatewayData["reviewProposalDescription"];
$gateway->gatewayPublicAbstract = $gatewayData["gatewayPublicAbstract"];
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::APPROVED;
+ $logoutURI = $gateway->gatewayURL;
+ if(!(AdminUtilities::endsWith($logoutURI,"/"))) {
+ $logoutURI = $logoutURI."/";
+ }
+ $redirectURI = $logoutURI."auth/callback*";
+ $gateway->redirectURLs = array($logoutURI,$redirectURI);
+ $gateway->scope = "openid profile email org.cilogon.userinfo" ;
}
elseif( isset( $gatewayData["deployGateway"])){
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::DEPLOYED;
@@ -241,15 +275,15 @@
$gateway->gatewayApprovalStatus = GatewayApprovalStatus::DEACTIVATED;
}
- Log.info("Calling update gateway".$gateway);
- // if( TenantProfileService::updateGateway( Session::get('authz-token'), $gateway) ){
+
+ if( TenantProfileService::updateGateway( Session::get('authz-token'), $gateway) ){
return 1;
-// }
-// else{
-// //Need to find a better way for this.
-// // retun echo "Tenant Name is already in use";
-// return -1;
-// }
+ }
+ else{
+ //Need to find a better way for this.
+ // retun echo "Tenant Name is already in use";
+ return -1;
+ }
}
public static function add_tenant( $gateway){
@@ -346,6 +380,7 @@
$username = $inputs['username'];
$password = $inputs['password'];
$description = $inputs['description'];
+ Log::info(array($username, $password, $description));
return $newToken = Airavata::registerPwdCredential( Session::get('authz-token'),
$username, $password, $description);
@@ -427,4 +462,10 @@
return true;
}
+
+
+ public static function endsWith($haystack, $needle) {
+ return substr_compare($haystack, $needle, -strlen($needle)) === 0;
+ }
+
}
diff --git a/app/libraries/Keycloak/Keycloak.php b/app/libraries/Keycloak/Keycloak.php
index c1d3e6a..2aeff01 100644
--- a/app/libraries/Keycloak/Keycloak.php
+++ b/app/libraries/Keycloak/Keycloak.php
@@ -133,7 +133,7 @@
public function getOAuthToken($code)
{
- Log::info("Calling getOAuthToken ", array($code));
+
$config = KeycloakUtil::getOpenIDConnectDiscoveryConfiguration($this->openid_connect_discovery_url, $this->client_id, $this->client_secret);
$token_endpoint = $config->token_endpoint;
@@ -179,8 +179,6 @@
public function getUserProfileFromOAuthToken($token)
{
- Log::info("Calling getUserProfileFromOAuthToken");
-
$config = KeycloakUtil::getOpenIDConnectDiscoveryConfiguration($this->openid_connect_discovery_url, $this->client_id, $this->client_secret);
$userinfo_endpoint = $config->userinfo_endpoint;
@@ -203,7 +201,6 @@
//Parse JSON return object.
$userinfo = json_decode($response);
- Log::info("Keycloak userinfo", array($userinfo));
$username = $userinfo->preferred_username;
$firstname = $userinfo->given_name;
$lastname = $userinfo->family_name;
@@ -226,7 +223,6 @@
*/
public function getRefreshedOAuthToken($refresh_token)
{
- Log::info("Calling getRefreshedOAuthToken");
$config = KeycloakUtil::getOpenIDConnectDiscoveryConfiguration($this->openid_connect_discovery_url, $this->client_id, $this->client_secret);
$token_endpoint = $config->token_endpoint;
@@ -274,7 +270,6 @@
*/
public function getOAuthLogoutUrl($redirect_uri)
{
- Log::info("Calling getOAuthLogoutUrl");
$config = KeycloakUtil::getOpenIDConnectDiscoveryConfiguration($this->openid_connect_discovery_url, $this->client_id, $this->client_secret);
$logout_endpoint = $config->end_session_endpoint;
return $logout_endpoint . '?redirect_uri=' . rawurlencode($redirect_uri);
@@ -287,7 +282,6 @@
*/
public function listUsers()
{
- Log::info("Calling listUsers");
$users = $this->users->getUsers($this->realm);
$usernames = [];
foreach ($users as $user) {
@@ -306,7 +300,6 @@
*/
public function searchUsers($phrase)
{
- Log::info("Calling searchUsers");
$users = $this->users->searchUsers($this->realm, $phrase);
$usernames = [];
foreach ($users as $user) {
@@ -324,7 +317,7 @@
public function getAllRoles()
{
try {
- Log::info("Calling getAllRoles");
+
$roles = $this->roles->getRoles($this->realm);
$role_names = [];
foreach ($roles as $role) {
@@ -345,7 +338,7 @@
public function getUserRoles($username)
{
try {
- Log::info("Calling getUserRoles");
+
// get userid from username
// Get the user's realm roles, then convert to an array of just names
$roles = $this->role_mapper->getRealmRoleMappingsForUser($username);
@@ -371,7 +364,7 @@
{
// Log::debug("updateUserRoles", array($user_id, $roles));
try {
- Log::info("Calling updateUserRoles");
+
// get userid from username
// Get all of the roles into an array keyed by role name
$all_roles = $this->roles->getRoles($this->realm);
@@ -408,7 +401,7 @@
*/
public function getUserProfile($username)
{
- Log::info("Calling getUserProfile");
+
$user = $this->users->getUserByUsername($this->realm, $username);
if ($user != null) {
$result = [];
@@ -431,7 +424,7 @@
public function usernameExists($username)
{
try {
- Log::info("Calling usernameExists");
+
$user = $this->users->getUserByUsername($this->realm, $username);
return $user != null;
} catch (Exception $ex) {
@@ -445,7 +438,7 @@
{
try {
- Log::info("Calling isUpdatePasswordRequired");
+
$user = $this->users->getUserByUsername($this->realm, $username);
if ($user != null) {
return in_array("UPDATE_PASSWORD", $user->requiredActions);
@@ -460,7 +453,7 @@
public function getAdminAuthzToken()
{
- Log::info("Calling getAdminAuthzToken");
+
$access_token = KeycloakUtil::getAPIAccessToken($this->openid_connect_discovery_url, $this->custos_credentials_uri,
$this->admin_username, $this->admin_password, $this->verify_peer, $this->cafile_path,
$this->client_id, $this->client_secret);