Adding oauth processing to retrieve the logged in user information.

2025-11-01 11:17:51 +00:00 · 2021-07-19 09:06:38 -07:00
parent 734ce263ee
commit f823dd4d2f
4 changed files with 24 additions and 4 deletions
--- a/2
+++ b/2
@@ -1 +1 @@
-7
+8
--- a/src/RESTAPI_oauth2Handler.cpp
+++ b/src/RESTAPI_oauth2Handler.cpp
@@ -23,6 +23,7 @@ namespace uCentral {
 			return;

 		try {
+            ParseParameters(Request);
 			if (Request.getMethod() == Poco::Net::HTTPServerRequest::HTTP_POST) {
 				// Extract the info for login...
 				Poco::JSON::Parser parser;
@@ -32,7 +33,6 @@ namespace uCentral {
 				auto password = GetS(uCentral::RESTAPI::Protocol::PASSWORD, Obj);
 				auto newPassword = GetS(uCentral::RESTAPI::Protocol::NEWPASSWORD, Obj);

-                ParseParameters(Request);
                if(GetBoolParameter("requirements",false)) {
                    Poco::JSON::Object  Answer;
                    Answer.set("passwordPattern",AuthService()->PasswordValidationExpression());
@@ -86,8 +86,21 @@ namespace uCentral {
 				} else {
 					NotFound(Request, Response);
 				}
+			} else if (Request.getMethod() == Poco::Net::HTTPServerRequest::HTTP_GET) {
+                if (!IsAuthorized(Request, Response)) {
+                    UnAuthorized(Request, Response, "Not authorized.");
+                    return;
+                }
+                bool GetMe = GetBoolParameter("me",false);
+                if(GetMe) {
+                    Poco::JSON::Object Me;
+                    UserInfo_.userinfo.to_json(Me);
+                    ReturnObject(Request, Me, Response);
+                    return;
+                }
+                BadRequest(Request, Response);
 			} else {
-				BadRequest(Request, Response, "Unsupported HTTP method.");
+                BadRequest(Request, Response, "Unsupported HTTP method.");
 			}
 			return;
 		} catch (const Poco::Exception &E) {
--- a/src/RESTAPI_oauth2Handler.h
+++ b/src/RESTAPI_oauth2Handler.h
@@ -18,6 +18,7 @@ namespace uCentral {
 			: RESTAPIHandler(bindings, L,
 							 std::vector<std::string>{Poco::Net::HTTPRequest::HTTP_POST,
 													  Poco::Net::HTTPRequest::HTTP_DELETE,
+                                                      Poco::Net::HTTPRequest::HTTP_GET,
 													  Poco::Net::HTTPRequest::HTTP_OPTIONS},
 													  Internal) {}
 		void handleRequest(Poco::Net::HTTPServerRequest &request,
--- a/test_scripts/curl/cli
+++ b/test_scripts/curl/cli
@@ -118,6 +118,12 @@ logout() {
  rm -rf token.json
 }

+me() {
+    curl  ${FLAGS} -X GET -H "Content-Type: application/json" \
+    -H "Authorization: Bearer ${token}" \
+    "https://${UCENTRALSEC}/api/v1/oauth2?me=true"
+}
+
 listendpoints() {
    curl  ${FLAGS} -X GET "https://${UCENTRALSEC}/api/v1/systemEndpoints" \
        -H "accept: application/json" \
@@ -241,6 +247,7 @@ case "$1" in
    "deleteuser") login; deleteuser "$2" ; logout;;
    "getuser") login; getuser "$2" ; logout;;
    "listusers") login; listusers ; logout ;;
+    "me") login; me ; logout ;;
    "listendpoints") login; listendpoints ; logout ;;
    "testlogin") testlogin "$2" "$3" "$4";;
    "emailtest") emailtest "$2";;
@@ -250,7 +257,6 @@ case "$1" in
    "getavatar") login; getavatar "$2"; logout;;
    "deleteavatar") login; deleteavatar "$2"; logout;;
    "help") login; help  ; logout ;;
-
    *) help ;;
 esac