Stirling-PDF/src/main/java/stirling/software/SPDF/controller/web/AccountWebController.java

package stirling.software.SPDF.controller.web;

import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Optional;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.oauth2.core.user.OAuth2User;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;

import io.swagger.v3.oas.annotations.tags.Tag;

import jakarta.servlet.http.HttpServletRequest;
import stirling.software.SPDF.model.ApplicationProperties;
import stirling.software.SPDF.model.Authority;
import stirling.software.SPDF.model.Role;
import stirling.software.SPDF.model.User;
import stirling.software.SPDF.repository.UserRepository;

@Controller
@Tag(name = "Account Security", description = "Account Security APIs")
public class AccountWebController {

    @Autowired ApplicationProperties applicationProperties;

    @GetMapping("/login")
    public String login(HttpServletRequest request, Model model, Authentication authentication) {
        if (authentication != null && authentication.isAuthenticated()) {
            return "redirect:/";
        }

        model.addAttribute(
                "oAuth2Enabled", applicationProperties.getSecurity().getOAUTH2().getEnabled());

        model.addAttribute("currentPage", "login");

        if (request.getParameter("error") != null) {

            model.addAttribute("error", request.getParameter("error"));
        }
        if (request.getParameter("logout") != null) {

            model.addAttribute("logoutMessage", "You have been logged out.");
        }

        return "login";
    }

    @Autowired
    private UserRepository userRepository; // Assuming you have a repository for user operations

    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping("/addUsers")
    public String showAddUserForm(Model model, Authentication authentication) {
        List<User> allUsers = userRepository.findAll();
        Iterator<User> iterator = allUsers.iterator();
        Map<String, String> roleDetails = Role.getAllRoleDetails();

        while (iterator.hasNext()) {
            User user = iterator.next();
            if (user != null) {
                for (Authority authority : user.getAuthorities()) {
                    if (authority.getAuthority().equals(Role.INTERNAL_API_USER.getRoleId())) {
                        iterator.remove();
                        roleDetails.remove(Role.INTERNAL_API_USER.getRoleId());
                        break; // Break out of the inner loop once the user is removed
                    }
                }
            }
        }

        model.addAttribute("users", allUsers);
        model.addAttribute("currentUsername", authentication.getName());
        model.addAttribute("roleDetails", roleDetails);
        return "addUsers";
    }

    @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
    @GetMapping("/account")
    public String account(HttpServletRequest request, Model model, Authentication authentication) {
        if (authentication == null || !authentication.isAuthenticated()) {
            return "redirect:/";
        }
        if (authentication != null && authentication.isAuthenticated()) {
            Object principal = authentication.getPrincipal();
            String username = null;

            if (principal instanceof UserDetails) {
                // Cast the principal object to UserDetails
                UserDetails userDetails = (UserDetails) principal;

                // Retrieve username and other attributes
                username = userDetails.getUsername();

                // Add oAuth2 Login attributes to the model
                model.addAttribute("oAuth2Login", false);
            }
            if (principal instanceof OAuth2User) {
                // Cast the principal object to OAuth2User
                OAuth2User userDetails = (OAuth2User) principal;

                // Retrieve username and other attributes
                username = userDetails.getAttribute("email");

                // Add oAuth2 Login attributes to the model
                model.addAttribute("oAuth2Login", true);
            }
            if (username != null) {
                // Fetch user details from the database
                Optional<User> user =
                        userRepository.findByUsernameIgnoreCase(
                                username); // Assuming findByUsername method exists
                if (!user.isPresent()) {
                    // Handle error appropriately
                    return "redirect:/error"; // Example redirection in case of error
                }

                // Convert settings map to JSON string
                ObjectMapper objectMapper = new ObjectMapper();
                String settingsJson;
                try {
                    settingsJson = objectMapper.writeValueAsString(user.get().getSettings());
                } catch (JsonProcessingException e) {
                    // Handle JSON conversion error
                    e.printStackTrace();
                    return "redirect:/error"; // Example redirection in case of error
                }

                // Add attributes to the model
                model.addAttribute("username", username);
                model.addAttribute("role", user.get().getRolesAsString());
                model.addAttribute("settings", settingsJson);
                model.addAttribute("changeCredsFlag", user.get().isFirstLogin());
                model.addAttribute("currentPage", "account");
            }
        } else {
            return "redirect:/";
        }
        return "account";
    }

    @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")
    @GetMapping("/change-creds")
    public String changeCreds(
            HttpServletRequest request, Model model, Authentication authentication) {
        if (authentication == null || !authentication.isAuthenticated()) {
            return "redirect:/";
        }
        if (authentication != null && authentication.isAuthenticated()) {
            Object principal = authentication.getPrincipal();

            if (principal instanceof UserDetails) {
                // Cast the principal object to UserDetails
                UserDetails userDetails = (UserDetails) principal;

                // Retrieve username and other attributes
                String username = userDetails.getUsername();

                // Fetch user details from the database
                Optional<User> user =
                        userRepository.findByUsernameIgnoreCase(
                                username); // Assuming findByUsername method exists
                if (!user.isPresent()) {
                    // Handle error appropriately
                    return "redirect:/error"; // Example redirection in case of error
                }
                // Add attributes to the model
                model.addAttribute("username", username);
            }
        } else {
            return "redirect:/";
        }
        return "change-creds";
    }
}
test 2023-08-27 11:59:08 +01:00			`package stirling.software.SPDF.controller.web;`
formatting 2023-12-30 19:11:27 +00:00
Role stuff 2023-12-25 12:58:49 +00:00			`import java.util.Iterator;`
test 2023-08-27 11:59:08 +01:00			`import java.util.List;`
Show the user roles as real names (#867) * Show the user roles as real names * Add error message * Update Role.java * default Language without translation * Update messages_el_GR.properties 2024-03-06 23:14:02 +01:00			`import java.util.Map;`
test 2023-08-27 11:59:08 +01:00			`import java.util.Optional;`

			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.security.access.prepost.PreAuthorize;`
			`import org.springframework.security.core.Authentication;`
			`import org.springframework.security.core.userdetails.UserDetails;`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`import org.springframework.security.oauth2.core.user.OAuth2User;`
test 2023-08-27 11:59:08 +01:00			`import org.springframework.stereotype.Controller;`
			`import org.springframework.ui.Model;`
			`import org.springframework.web.bind.annotation.GetMapping;`

			`import com.fasterxml.jackson.core.JsonProcessingException;`
			`import com.fasterxml.jackson.databind.ObjectMapper;`

			`import io.swagger.v3.oas.annotations.tags.Tag;`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`import jakarta.servlet.http.HttpServletRequest;`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`import stirling.software.SPDF.model.ApplicationProperties;`
Role stuff 2023-12-25 12:58:49 +00:00			`import stirling.software.SPDF.model.Authority;`
			`import stirling.software.SPDF.model.Role;`
test 2023-08-27 11:59:08 +01:00			`import stirling.software.SPDF.model.User;`
			`import stirling.software.SPDF.repository.UserRepository;`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`@Controller`
			`@Tag(name = "Account Security", description = "Account Security APIs")`
			`public class AccountWebController {`

Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`@Autowired ApplicationProperties applicationProperties;`

test 2023-08-27 11:59:08 +01:00			`@GetMapping("/login")`
			`public String login(HttpServletRequest request, Model model, Authentication authentication) {`
			`if (authentication != null && authentication.isAuthenticated()) {`
			`return "redirect:/";`
formatting 2023-12-30 19:11:27 +00:00			`}`

introduces custom settings file (#1158) * Introducing a custom settings file * formats * chnages * Update README.md 2024-05-03 20:43:48 +01:00			`model.addAttribute(`
			`"oAuth2Enabled", applicationProperties.getSecurity().getOAUTH2().getEnabled());`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00
HTML, CSS, JS and JAVA corrections (#810) * CSS corrections * HTML corrections * JS corrections * JAVA corrections * remove tab * CSS corrections 2 * JS corrections 2 * back to the roots * max-linie 127 * add slash hr\|br * return bootstrap-icons.css * return bootstrap-icons.min.css * return bootstrap.min.css * Update bootstrap-icons.css * Update bootstrap-icons.min.css * Update bootstrap-icons.min.css * Update bootstrap.min.css * CSS corrections * HTML corrections * JS corrections * JAVA corrections * remove tab * CSS corrections 2 * JS corrections 2 * back to the roots * max-linie 127 * add slash hr\|br * return bootstrap-icons.css * Update bootstrap-icons.css * Bootstrap CSS * Update prism.css 2024-02-16 22:49:06 +01:00			`model.addAttribute("currentPage", "login");`

test 2023-08-27 11:59:08 +01:00			`if (request.getParameter("error") != null) {`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`model.addAttribute("error", request.getParameter("error"));`
formatting 2023-12-30 19:11:27 +00:00			`}`
test 2023-08-27 11:59:08 +01:00			`if (request.getParameter("logout") != null) {`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`model.addAttribute("logoutMessage", "You have been logged out.");`
formatting 2023-12-30 19:11:27 +00:00			`}`

test 2023-08-27 11:59:08 +01:00			`return "login";`
formatting 2023-12-30 19:11:27 +00:00			`}`

test 2023-08-27 11:59:08 +01:00			`@Autowired`
			`private UserRepository userRepository; // Assuming you have a repository for user operations`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`@PreAuthorize("hasRole('ROLE_ADMIN')")`
			`@GetMapping("/addUsers")`
redact allow colors, bug fixes 2023-08-30 22:52:38 +01:00			`public String showAddUserForm(Model model, Authentication authentication) {`
Role stuff 2023-12-25 12:58:49 +00:00			`List<User> allUsers = userRepository.findAll();`
			`Iterator<User> iterator = allUsers.iterator();`
Show the user roles as real names (#867) * Show the user roles as real names * Add error message * Update Role.java * default Language without translation * Update messages_el_GR.properties 2024-03-06 23:14:02 +01:00			`Map<String, String> roleDetails = Role.getAllRoleDetails();`
formatting 2023-12-30 19:11:27 +00:00
Role stuff 2023-12-25 12:58:49 +00:00			`while (iterator.hasNext()) {`
			`User user = iterator.next();`
			`if (user != null) {`
			`for (Authority authority : user.getAuthorities()) {`
			`if (authority.getAuthority().equals(Role.INTERNAL_API_USER.getRoleId())) {`
			`iterator.remove();`
Show the user roles as real names (#867) * Show the user roles as real names * Add error message * Update Role.java * default Language without translation * Update messages_el_GR.properties 2024-03-06 23:14:02 +01:00			`roleDetails.remove(Role.INTERNAL_API_USER.getRoleId());`
Role stuff 2023-12-25 12:58:49 +00:00			`break; // Break out of the inner loop once the user is removed`
formatting 2023-12-30 19:11:27 +00:00			`}`
			`}`
			`}`
			`}`

test 2023-08-27 11:59:08 +01:00			`model.addAttribute("users", allUsers);`
redact allow colors, bug fixes 2023-08-30 22:52:38 +01:00			`model.addAttribute("currentUsername", authentication.getName());`
Show the user roles as real names (#867) * Show the user roles as real names * Add error message * Update Role.java * default Language without translation * Update messages_el_GR.properties 2024-03-06 23:14:02 +01:00			`model.addAttribute("roleDetails", roleDetails);`
test 2023-08-27 11:59:08 +01:00			`return "addUsers";`
formatting 2023-12-30 19:11:27 +00:00			`}`

Add Demo user 2023-12-27 22:56:51 +00:00			`@PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")`
test 2023-08-27 11:59:08 +01:00			`@GetMapping("/account")`
			`public String account(HttpServletRequest request, Model model, Authentication authentication) {`
			`if (authentication == null \|\| !authentication.isAuthenticated()) {`
			`return "redirect:/";`
formatting 2023-12-30 19:11:27 +00:00			`}`
test 2023-08-27 11:59:08 +01:00			`if (authentication != null && authentication.isAuthenticated()) {`
			`Object principal = authentication.getPrincipal();`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`String username = null;`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`if (principal instanceof UserDetails) {`
			`// Cast the principal object to UserDetails`
			`UserDetails userDetails = (UserDetails) principal;`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`// Retrieve username and other attributes`
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`username = userDetails.getUsername();`

			`// Add oAuth2 Login attributes to the model`
			`model.addAttribute("oAuth2Login", false);`
			`}`
			`if (principal instanceof OAuth2User) {`
			`// Cast the principal object to OAuth2User`
			`OAuth2User userDetails = (OAuth2User) principal;`
formatting 2023-12-30 19:11:27 +00:00
Add OAUTH2 OIDC login support (#1140) * Somewhat working * Change Autocreate logic * Add OAuth Error Message if Auto create Disabled * Display OAUTH2 username(email) in Account Settings * Disable Change user/pass for Oauth2 user * Hide SSO Button if SSO login Disabled * Remove some spaces and comments * Add OAUTH2 Login example docker-compose file * Add Some Comments * Hide Printing of Client secret * Remove OAUTH2 Beans and replace with applicationProperties * Add conditional annotation to Bean Creation * Update settings.yml.template Add OAUTH2 enabling template. * Update messages_en_GB.properties 2024-04-29 15:01:22 -06:00			`// Retrieve username and other attributes`
			`username = userDetails.getAttribute("email");`

			`// Add oAuth2 Login attributes to the model`
			`model.addAttribute("oAuth2Login", true);`
			`}`
			`if (username != null) {`
test 2023-08-27 11:59:08 +01:00			`// Fetch user details from the database`
			`Optional<User> user =`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`userRepository.findByUsernameIgnoreCase(`
test 2023-08-27 11:59:08 +01:00			`username); // Assuming findByUsername method exists`
			`if (!user.isPresent()) {`
			`// Handle error appropriately`
			`return "redirect:/error"; // Example redirection in case of error`
formatting 2023-12-30 19:11:27 +00:00			`}`

test 2023-08-27 11:59:08 +01:00			`// Convert settings map to JSON string`
			`ObjectMapper objectMapper = new ObjectMapper();`
			`String settingsJson;`
formatting 2023-12-30 19:11:27 +00:00			`try {`
test 2023-08-27 11:59:08 +01:00			`settingsJson = objectMapper.writeValueAsString(user.get().getSettings());`
			`} catch (JsonProcessingException e) {`
			`// Handle JSON conversion error`
			`e.printStackTrace();`
			`return "redirect:/error"; // Example redirection in case of error`
formatting 2023-12-30 19:11:27 +00:00			`}`

test 2023-08-27 11:59:08 +01:00			`// Add attributes to the model`
			`model.addAttribute("username", username);`
			`model.addAttribute("role", user.get().getRolesAsString());`
			`model.addAttribute("settings", settingsJson);`
cred change start 2023-09-03 16:40:40 +01:00			`model.addAttribute("changeCredsFlag", user.get().isFirstLogin());`
HTML, CSS, JS and JAVA corrections (#810) * CSS corrections * HTML corrections * JS corrections * JAVA corrections * remove tab * CSS corrections 2 * JS corrections 2 * back to the roots * max-linie 127 * add slash hr\|br * return bootstrap-icons.css * return bootstrap-icons.min.css * return bootstrap.min.css * Update bootstrap-icons.css * Update bootstrap-icons.min.css * Update bootstrap-icons.min.css * Update bootstrap.min.css * CSS corrections * HTML corrections * JS corrections * JAVA corrections * remove tab * CSS corrections 2 * JS corrections 2 * back to the roots * max-linie 127 * add slash hr\|br * return bootstrap-icons.css * Update bootstrap-icons.css * Bootstrap CSS * Update prism.css 2024-02-16 22:49:06 +01:00			`model.addAttribute("currentPage", "account");`
formatting 2023-12-30 19:11:27 +00:00			`}`
			`} else {`
test 2023-08-27 11:59:08 +01:00			`return "redirect:/";`
			`}`
			`return "account";`
			`}`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`@PreAuthorize("!hasAuthority('ROLE_DEMO_USER')")`
			`@GetMapping("/change-creds")`
Role stuff 2023-12-25 12:58:49 +00:00			`public String changeCreds(`
test 2023-08-27 11:59:08 +01:00			`HttpServletRequest request, Model model, Authentication authentication) {`
			`if (authentication == null \|\| !authentication.isAuthenticated()) {`
			`return "redirect:/";`
			`}`
			`if (authentication != null && authentication.isAuthenticated()) {`
			`Object principal = authentication.getPrincipal();`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`if (principal instanceof UserDetails) {`
			`// Cast the principal object to UserDetails`
			`UserDetails userDetails = (UserDetails) principal;`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`// Retrieve username and other attributes`
			`String username = userDetails.getUsername();`
formatting 2023-12-30 19:11:27 +00:00
test 2023-08-27 11:59:08 +01:00			`// Fetch user details from the database`
			`Optional<User> user =`
Fix: Resolve Username Case Sensitivity Issue in Login Flow (#1070) * Fix: Username changing The only situation where the username must be unique is when changing the username. * Update UserController.java 2024-04-14 23:07:03 +02:00			`userRepository.findByUsernameIgnoreCase(`
test 2023-08-27 11:59:08 +01:00			`username); // Assuming findByUsername method exists`
			`if (!user.isPresent()) {`
			`// Handle error appropriately`
			`return "redirect:/error"; // Example redirection in case of error`
			`}`
			`// Add attributes to the model`
			`model.addAttribute("username", username);`
			`}`
			`} else {`
cred change start 2023-09-03 16:40:40 +01:00			`return "redirect:/";`
			`}`
			`return "change-creds";`
			`}`
test 2023-08-27 11:59:08 +01:00			`}`