From fee75204bdab12fe4b0e21ddc156815fabf674ee Mon Sep 17 00:00:00 2001 From: Michael Jumper Date: Sun, 30 Nov 2014 03:31:46 -0800 Subject: [PATCH] GUAC-932: Remove use of localStorageUtility where possible. Use cookies for auth data. --- .../src/main/webapp/app/auth/authModule.js | 2 +- .../app/auth/service/authenticationService.js | 21 ++++++++++++------- .../main/webapp/app/client/clientModule.js | 2 +- .../app/client/directives/guacClient.js | 14 ++++++------- .../webapp/app/connection/connectionModule.js | 2 +- .../app/connection/service/connectionDAO.js | 16 +++++++------- .../connectionGroup/connectionGroupModule.js | 2 +- .../service/connectionGroupDAO.js | 16 +++++++------- .../webapp/app/permission/permissionModule.js | 2 +- .../app/permission/services/permissionDAO.js | 12 +++++------ .../main/webapp/app/user/services/userDAO.js | 14 ++++++------- .../src/main/webapp/app/user/userModule.js | 2 +- 12 files changed, 55 insertions(+), 50 deletions(-) diff --git a/guacamole/src/main/webapp/app/auth/authModule.js b/guacamole/src/main/webapp/app/auth/authModule.js index 112d34cb0..f3f565798 100644 --- a/guacamole/src/main/webapp/app/auth/authModule.js +++ b/guacamole/src/main/webapp/app/auth/authModule.js @@ -23,4 +23,4 @@ /** * The module for authentication and management of tokens. */ -angular.module('auth', ['util']); +angular.module('auth', ['ngCookies']); diff --git a/guacamole/src/main/webapp/app/auth/service/authenticationService.js b/guacamole/src/main/webapp/app/auth/service/authenticationService.js index 2c2162289..4430e7913 100644 --- a/guacamole/src/main/webapp/app/auth/service/authenticationService.js +++ b/guacamole/src/main/webapp/app/auth/service/authenticationService.js @@ -23,12 +23,13 @@ /** * A service for authenticating a user against the REST API. */ -angular.module('auth').factory('authenticationService', ['$http', '$injector', - function authenticationService($http, $injector) { +angular.module('auth').factory('authenticationService', ['$http', '$cookieStore', + function authenticationService($http, $cookieStore) { - var localStorageUtility = $injector.get("localStorageUtility"); var service = {}; - + + var AUTH_COOKIE_ID = "GUAC_AUTH"; + /** * Makes a request to authenticate a user using the token REST API endpoint, * returning a promise that can be used for processing the results of the call. @@ -49,8 +50,10 @@ angular.module('auth').factory('authenticationService', ['$http', '$injector', password: password }) }).success(function success(data, status, headers, config) { - localStorageUtility.set('authToken', data.authToken); - localStorageUtility.set('userID', data.userID); + $cookieStore.put(AUTH_COOKIE_ID, { + authToken : data.authToken, + userID : data.userID + }); }); }; @@ -73,7 +76,8 @@ angular.module('auth').factory('authenticationService', ['$http', '$injector', * @returns {String} The user ID of the current user. */ service.getCurrentUserID = function getCurrentUserID() { - return localStorageUtility.get('userID'); + var authData = $cookieStore.get(AUTH_COOKIE_ID); + return authData && authData.userID; }; /** @@ -83,7 +87,8 @@ angular.module('auth').factory('authenticationService', ['$http', '$injector', * @returns {String} The auth token associated with the current user. */ service.getCurrentToken = function getCurrentToken() { - return localStorageUtility.get('authToken'); + var authData = $cookieStore.get(AUTH_COOKIE_ID); + return authData && authData.authToken; }; return service; diff --git a/guacamole/src/main/webapp/app/client/clientModule.js b/guacamole/src/main/webapp/app/client/clientModule.js index dd27a21c1..19efc3ff9 100644 --- a/guacamole/src/main/webapp/app/client/clientModule.js +++ b/guacamole/src/main/webapp/app/client/clientModule.js @@ -23,4 +23,4 @@ /** * The module for code used to connect to a connection or balancing group. */ -angular.module('client', []); +angular.module('client', ['auth']); diff --git a/guacamole/src/main/webapp/app/client/directives/guacClient.js b/guacamole/src/main/webapp/app/client/directives/guacClient.js index 20b1114c6..59cbb7de1 100644 --- a/guacamole/src/main/webapp/app/client/directives/guacClient.js +++ b/guacamole/src/main/webapp/app/client/directives/guacClient.js @@ -122,12 +122,12 @@ angular.module('client').directive('guacClient', [function guacClient() { */ var touchPad = new Guacamole.Mouse.Touchpad(displayContainer); - var $window = $injector.get('$window'), - guacAudio = $injector.get('guacAudio'), - guacVideo = $injector.get('guacVideo'), - guacTunnelFactory = $injector.get('guacTunnelFactory'), - guacClientFactory = $injector.get('guacClientFactory'), - localStorageUtility = $injector.get('localStorageUtility'); + var $window = $injector.get('$window'), + guacAudio = $injector.get('guacAudio'), + guacVideo = $injector.get('guacVideo'), + guacTunnelFactory = $injector.get('guacTunnelFactory'), + guacClientFactory = $injector.get('guacClientFactory'), + authenticationService = $injector.get('authenticationService'); /** * Updates the scale of the attached Guacamole.Client based on current window @@ -175,7 +175,7 @@ angular.module('client').directive('guacClient', [function guacClient() { // Build base connect string var connectString = "id=" + encodeURIComponent($scope.id) - + "&authToken=" + encodeURIComponent(localStorageUtility.get('authToken')) + + "&authToken=" + encodeURIComponent(authenticationService.getCurrentToken()) + "&width=" + Math.floor(optimal_width) + "&height=" + Math.floor(optimal_height) + "&dpi=" + Math.floor(optimal_dpi) diff --git a/guacamole/src/main/webapp/app/connection/connectionModule.js b/guacamole/src/main/webapp/app/connection/connectionModule.js index 4b195de4e..7f3b0ab88 100644 --- a/guacamole/src/main/webapp/app/connection/connectionModule.js +++ b/guacamole/src/main/webapp/app/connection/connectionModule.js @@ -23,4 +23,4 @@ /** * The module for code relating to connections. */ -angular.module('connection', ['util']); +angular.module('connection', ['auth']); diff --git a/guacamole/src/main/webapp/app/connection/service/connectionDAO.js b/guacamole/src/main/webapp/app/connection/service/connectionDAO.js index 774ad88c6..94797b964 100644 --- a/guacamole/src/main/webapp/app/connection/service/connectionDAO.js +++ b/guacamole/src/main/webapp/app/connection/service/connectionDAO.js @@ -23,8 +23,8 @@ /** * The DAO for connection operations agains the REST API. */ -angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUtility', - function connectionDAO($http, localStorageUtility) { +angular.module('connection').factory('connectionDAO', ['$http', 'authenticationService', + function connectionDAO($http, authenticationService) { var service = {}; @@ -36,7 +36,7 @@ angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUti * @returns {promise} A promise for the HTTP call. */ service.getConnection = function getConnection(id) { - return $http.get("api/connection/" + id + "?token=" + localStorageUtility.get('authToken')); + return $http.get("api/connection/" + id + "?token=" + authenticationService.getCurrentToken()); }; /** @@ -55,7 +55,7 @@ angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUti if(parentID !== undefined) parentIDParam = "&parentID=" + parentID; - return $http.get("api/connection?token=" + localStorageUtility.get('authToken') + parentIDParam); + return $http.get("api/connection?token=" + authenticationService.getCurrentToken() + parentIDParam); }; /** @@ -74,7 +74,7 @@ angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUti // This is a new connection if(!connectionToSave.identifier) { - return $http.post("api/connection/?token=" + localStorageUtility.get('authToken'), connectionToSave).success( + return $http.post("api/connection/?token=" + authenticationService.getCurrentToken(), connectionToSave).success( function setConnectionID(connectionID){ // Set the identifier on the new connection connection.identifier = connectionID; @@ -83,7 +83,7 @@ angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUti } else { return $http.post( "api/connection/" + connectionToSave.identifier + - "?token=" + localStorageUtility.get('authToken'), + "?token=" + authenticationService.getCurrentToken(), connectionToSave); } }; @@ -100,7 +100,7 @@ angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUti return $http.put( "api/connection/" + connection.identifier + - "?token=" + localStorageUtility.get('authToken') + + "?token=" + authenticationService.getCurrentToken() + "&parentID=" + connection.parentIdentifier, connection); @@ -117,7 +117,7 @@ angular.module('connection').factory('connectionDAO', ['$http', 'localStorageUti service.deleteConnection = function deleteConnection(connection) { return $http['delete']( "api/connection/" + connection.identifier + - "?token=" + localStorageUtility.get('authToken')); + "?token=" + authenticationService.getCurrentToken()); }; return service; diff --git a/guacamole/src/main/webapp/app/connectionGroup/connectionGroupModule.js b/guacamole/src/main/webapp/app/connectionGroup/connectionGroupModule.js index eff95131d..eab2c54a4 100644 --- a/guacamole/src/main/webapp/app/connectionGroup/connectionGroupModule.js +++ b/guacamole/src/main/webapp/app/connectionGroup/connectionGroupModule.js @@ -23,4 +23,4 @@ /** * The module for code relating to connection groups. */ -angular.module('connectionGroup', ['util', 'connection']); +angular.module('connectionGroup', ['auth', 'util', 'connection']); diff --git a/guacamole/src/main/webapp/app/connectionGroup/service/connectionGroupDAO.js b/guacamole/src/main/webapp/app/connectionGroup/service/connectionGroupDAO.js index 4ce767ee5..c2cceecb6 100644 --- a/guacamole/src/main/webapp/app/connectionGroup/service/connectionGroupDAO.js +++ b/guacamole/src/main/webapp/app/connectionGroup/service/connectionGroupDAO.js @@ -23,8 +23,8 @@ /** * The DAO for connection group operations agains the REST API. */ -angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'localStorageUtility', - function connectionGrouDAO($http, localStorageUtility) { +angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'authenticationService', + function connectionGrouDAO($http, authenticationService) { /** * The ID of the root connection group. @@ -49,7 +49,7 @@ angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'local if(parentID !== undefined) parentIDParam = "&parentID=" + parentID; - return $http.get("api/connectionGroup?token=" + localStorageUtility.get('authToken') + parentIDParam); + return $http.get("api/connectionGroup?token=" + authenticationService.getCurrentToken() + parentIDParam); }; /** @@ -67,7 +67,7 @@ angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'local // Use the root connection group ID if no ID is passed in connectionGroupID = connectionGroupID || ROOT_CONNECTION_GROUP_ID; - return $http.get("api/connectionGroup/" + connectionGroupID + "?token=" + localStorageUtility.get('authToken')); + return $http.get("api/connectionGroup/" + connectionGroupID + "?token=" + authenticationService.getCurrentToken()); }; /** @@ -81,7 +81,7 @@ angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'local service.saveConnectionGroup = function saveConnectionGroup(connectionGroup) { // This is a new connection group if(!connectionGroup.identifier) { - return $http.post("api/connectionGroup/?token=" + localStorageUtility.get('authToken'), connectionGroup).success( + return $http.post("api/connectionGroup/?token=" + authenticationService.getCurrentToken(), connectionGroup).success( function setConnectionGroupID(connectionGroupID){ // Set the identifier on the new connection connectionGroup.identifier = connectionGroupID; @@ -90,7 +90,7 @@ angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'local } else { return $http.post( "api/connectionGroup/" + connectionGroup.identifier + - "?token=" + localStorageUtility.get('authToken'), + "?token=" + authenticationService.getCurrentToken(), connectionGroup); } }; @@ -107,7 +107,7 @@ angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'local return $http.put( "api/connectionGroup/" + connectionGroup.identifier + - "?token=" + localStorageUtility.get('authToken') + + "?token=" + authenticationService.getCurrentToken() + "&parentID=" + connectionGroup.parentIdentifier, connectionGroup); }; @@ -123,7 +123,7 @@ angular.module('connectionGroup').factory('connectionGroupDAO', ['$http', 'local service.deleteConnectionGroup = function deleteConnectionGroup(connectionGroup) { return $http['delete']( "api/connectionGroup/" + connectionGroup.identifier + - "?token=" + localStorageUtility.get('authToken')); + "?token=" + authenticationService.getCurrentToken()); }; return service; diff --git a/guacamole/src/main/webapp/app/permission/permissionModule.js b/guacamole/src/main/webapp/app/permission/permissionModule.js index e6afa2826..524f058f5 100644 --- a/guacamole/src/main/webapp/app/permission/permissionModule.js +++ b/guacamole/src/main/webapp/app/permission/permissionModule.js @@ -23,4 +23,4 @@ /** * A module for code relating to permissions. */ -angular.module('permission', []); +angular.module('permission', ['auth']); diff --git a/guacamole/src/main/webapp/app/permission/services/permissionDAO.js b/guacamole/src/main/webapp/app/permission/services/permissionDAO.js index 5a51c61bf..b26e66683 100644 --- a/guacamole/src/main/webapp/app/permission/services/permissionDAO.js +++ b/guacamole/src/main/webapp/app/permission/services/permissionDAO.js @@ -23,8 +23,8 @@ /** * The DAO for permission operations agains the REST API. */ -angular.module('permission').factory('permissionDAO', ['$http', 'localStorageUtility', - function permissionDAO($http, localStorageUtility) { +angular.module('permission').factory('permissionDAO', ['$http', 'authenticationService', + function permissionDAO($http, authenticationService) { var service = {}; @@ -37,7 +37,7 @@ angular.module('permission').factory('permissionDAO', ['$http', 'localStorageUti * @returns {promise} A promise for the HTTP call. */ service.getPermissions = function getPermissions(userID) { - return $http.get("api/permission/" + userID + "/?token=" + localStorageUtility.get('authToken')); + return $http.get("api/permission/" + userID + "/?token=" + authenticationService.getCurrentToken()); }; /** @@ -50,7 +50,7 @@ angular.module('permission').factory('permissionDAO', ['$http', 'localStorageUti * @returns {promise} A promise for the HTTP call. */ service.addPermission = function addPermission(userID, permission) { - return $http.post("api/permission/" + userID + "/?token=" + localStorageUtility.get('authToken'), permission); + return $http.post("api/permission/" + userID + "/?token=" + authenticationService.getCurrentToken(), permission); }; @@ -65,7 +65,7 @@ angular.module('permission').factory('permissionDAO', ['$http', 'localStorageUti * @returns {promise} A promise for the HTTP call. */ service.removePermission = function removePermission(userID, permission) { - return $http.post("api/permission/remove/" + userID + "/?token=" + localStorageUtility.get('authToken'), permission); + return $http.post("api/permission/remove/" + userID + "/?token=" + authenticationService.getCurrentToken(), permission); }; @@ -103,7 +103,7 @@ angular.module('permission').factory('permissionDAO', ['$http', 'localStorageUti // Make the HTTP call return $http({ method : 'PATCH', - url : "api/permission/?token=" + localStorageUtility.get('authToken'), + url : "api/permission/?token=" + authenticationService.getCurrentToken(), data : permissionPatch }); } diff --git a/guacamole/src/main/webapp/app/user/services/userDAO.js b/guacamole/src/main/webapp/app/user/services/userDAO.js index 99ffd12b8..c8ba6f376 100644 --- a/guacamole/src/main/webapp/app/user/services/userDAO.js +++ b/guacamole/src/main/webapp/app/user/services/userDAO.js @@ -23,8 +23,8 @@ /** * The DAO for connection operations agains the REST API. */ -angular.module('user').factory('userDAO', ['$http', 'localStorageUtility', - function userDAO($http, localStorageUtility) { +angular.module('user').factory('userDAO', ['$http', 'authenticationService', + function userDAO($http, authenticationService) { var service = {}; @@ -35,7 +35,7 @@ angular.module('user').factory('userDAO', ['$http', 'localStorageUtility', * @returns {promise} A promise for the HTTP call. */ service.getUsers = function getUsers() { - return $http.get("api/user?token=" + localStorageUtility.get('authToken')); + return $http.get("api/user?token=" + authenticationService.getCurrentToken()); }; /** @@ -47,7 +47,7 @@ angular.module('user').factory('userDAO', ['$http', 'localStorageUtility', * @returns {promise} A promise for the HTTP call. */ service.getUser = function getUser(userID) { - return $http.get("api/user/" + userID + "/?token=" + localStorageUtility.get('authToken')); + return $http.get("api/user/" + userID + "/?token=" + authenticationService.getCurrentToken()); }; /** @@ -61,7 +61,7 @@ angular.module('user').factory('userDAO', ['$http', 'localStorageUtility', service.deleteUser = function deleteUser(user) { return $http['delete']( "api/user/" + user.username + - "?token=" + localStorageUtility.get('authToken')); + "?token=" + authenticationService.getCurrentToken()); }; @@ -76,7 +76,7 @@ angular.module('user').factory('userDAO', ['$http', 'localStorageUtility', service.createUser = function createUser(user) { return $http.post( "api/user/" - + "?token=" + localStorageUtility.get('authToken'), + + "?token=" + authenticationService.getCurrentToken(), user ); } @@ -92,7 +92,7 @@ angular.module('user').factory('userDAO', ['$http', 'localStorageUtility', service.saveUser = function saveUser(user) { return $http.post( "api/user/" + user.username + - "?token=" + localStorageUtility.get('authToken'), + "?token=" + authenticationService.getCurrentToken(), user); }; diff --git a/guacamole/src/main/webapp/app/user/userModule.js b/guacamole/src/main/webapp/app/user/userModule.js index 4e3a5f602..abfef1c13 100644 --- a/guacamole/src/main/webapp/app/user/userModule.js +++ b/guacamole/src/main/webapp/app/user/userModule.js @@ -23,4 +23,4 @@ /** * A module for code relating to users. */ -angular.module('user', []); +angular.module('user', ['auth']);