I need to change the behaviour of the login-page of OpenStack. I am working on an alternatively way to authenticate an user. I use no more name and password. It works on command line but I have to use it also in the graphically part (horizon).
I should change the action performed when I click the LogIn button, but I can not find where is the implementation of that action: which is the function called by Horizon to authenticate an user?
My aim is to call my new keystone functions to get the token, but I can not find which horizon's function calls keystone.
[UPDATED QUESTION]
the *../horizon/views/auth_forms.py* defines how the login page is defined. Where does its class Login is called? I need to modify the code that starts the login page creation
Horizon instantiates an entire class set for keystone interaction.
checkout horizon/openstack_dashboard/api/keystone.py
it mostly uses the python-keystoneclient api set.
You may want to also check out http://docs.openstack.org/developer/horizon/topics/customizing.html
I tried to modify some files like: horizon/openstack_auth/view.py where Login is called.
Related
I'm writing a licence validation part for my application and want to redirect the user to a renewal page if and only if their licence has expired.
I am using FlowRouter and Blaze.
All my authenticated routes are in a group:
let authenticated = FlowRouter.group({
triggersEnter: [checkAuthenticated, checkSubscription]
});
I then check if the subscription is valid like so:
const checkSubscription = function(context){
let path = FlowRouter.current().path;
if (!Meteor.userId()){
return;
}
const sub = new Subscription();
if (sub.isInvalid() && path !=="/manage-practice/subscription"){
FlowRouter.go("/manage-practice/subscription");
}
};
My class subscription uses a collection that I can only load once a user has logged in. My problem is that the router usually triggers this redirection before this data has been loaded.
Is there a best practice approach to solve this?
Redirect with Triggers
I'm not sure about this being 'best practice' but one approach is to use the Flow Router redirect functionality on your login event.
You can see examples at: https://atmospherejs.com/kadira/flow-router#redirecting-with-triggers and https://github.com/meteor-useraccounts/flow-routing.
The initial login path (using Accounts.onLogin();) could be to a generic 'loading...' template while you evaluate the user's collection. On a callback you can then use the custom redirect function to either redirect to the requested page in your app, or redirect the user to your '/manage-practice/subscription' path.
FlowRouter.wait()
I have to confess I wasn't previously familiar with this second option, but I've just come across FlowRouter.wait(). This can be useful to delay the default routing process until some other evaluation is complete. I suspect this might only be relevant if a user logs directly into a page within your authenticated routing group.
Documentation: https://atmospherejs.com/kadira/flow-router#flowrouter-wait-and-flowrouter-initialize
I want to integrate Google's Oauth2 in my symfony-1.4 CRM. I have successfully implemented this, I have extended sfGuardAuth in my own module, and now mysfGuardAuth is being used for siging and signout. Is there where I handle Google's Oauth2 with 2 extra actions:
executeCkeckGoogleAccess();
executeOauth();
The problem is to checkout if Google's token is still a valid one, I have to redirect in each action of everymodule to the action checkGoogleAccess in mysfGuardAuth module.
What I want is to check this in an implicit way in the same place where symfony, or sfGuard or whatever checks for the right perms or credentials before executing or not executing the requested action.
I only want to write the code once.
Thank you.
After some research this is how sfGuard checks everything.
When you make a request to a module action, before the action is executed, a new sfContext is dispached.
The sfContext gets the user that extends sfGuardUser and has some methods that are executed. There is where perms, session status and everithing else is checked
The user must be configured in apps/yourApp/lib
By default is apps/yourApp/lib/myUser which extends sfGuardUser. The most apropiate way to achieve this is to create a new user class like: apps/yourApp/lib/yourAppUser which extends aswell sfGuardUser, and there extend the methods initialize and/or shutdown with the functionality you want.
By this way I have achieved to get Google's Oauth2 working in my app.
I hope this is usefull for more people.
UPDATE
All described above is true, but if you want to check something always before an action execution you must use filters instead of whats described before.
Filters are executed before each action, so there you can checkout whatever you need having access to the current context, and set up new attributes for the user. In my case I wanna check if the requested action needs a google token, if true, then Another filter will check if the user has alraedy a valid token, in that case, nothing happens, otherwise, the user is redirected to the module/action which handles google token requests.
Comunication between diferent filters, actions and requests are handled via user attributes.
the user is an object of the clas myOwnUser which extends sfGuardSecurityUser, there the function signOut is extended in order to delete all attributes saved in "myOwnNamespace"
I am using DotNetOpenAuth.AspNet for Facebook authentication. And everything works well.
However, I have to change app permissions so when a user logins I should request status_update permission. I've changed Permissions in Facebook app configuration, but I didn't get updated Login Window in my application.
Also I tried to handle OAuthWebSecurity.RegisterFacebookClient method call with passing extra data scope attribute, but without any access.
Does someone know how to request additional Facebook permissions using DotNetOpenAuth.AspNet?
EDIT:
When I try to do post I got this error:
(OAuthException - #200) (#200) The user hasn't authorized the application to perform this action
And this is what I get when I try to login to my app:
There is no status_update permission.
Thanks.
At this point you can't. Deep in the innards of DotNetOpenAuth.AspNet there is a class called FacebookClient. Within class is a method which is called "GetServiceLoginUrl".
This method in version 4.3.0 hardcodes the scope to "email".
If you go to the Nuget prerelease repository however, and get the prelease version 4.3.1 from there, the FacebookClient class comes with an additional parameter in the constructor - scope. You can add the permissions in there, and it will add them to the request url.
The pre-release package source is http://teamcity.dotnetopenauth.net:82/guestAuth/app/nuget/v1/FeedService.svc/
new FacebookClient(appId, secret, new[] {"email","manage_pages"});
and you should be good to go.
I'm coding an ASP.NET website that works with facebook.
To make my own life easier, I've decided to work with the facebook C# SDK.
At this point, I've already obtained a valid access token, thus I've authorised correctly.
(I have done this through server-side C# code, not via the JavaScript SDK)
I now want to store this access token in the current FacebookWebContext, so that I can use it through the whole website.
However, when I try to write the value in FacebookWebContext.Current.AccessToken, I get the following error:
Property or indexer FacebookWebContext.Current.AccessToken cannot be assigned to -- it is read only
Now, I could try to create a new FacebookWebContext, and set this one as the current one, but the constructor doesn't accept an access token.
How do I put my access token in the current facebook web context?
It should already have the value when you do : FacebookWebContext.Current.AccessToken
Is it empty?
I'm new to Spring MVC and trying out a simple project.It will contain a simple adding, viewing, updating and deleting user work flows. It will have login page and once authenticated the user will be taken to a welcome screen which will have links to add, view, update and delete users. Clicking on any of the links will take to individual pages where the user can do the specific tasks. What I'm doing here is, I'm using a MultiActionController to group together all requests related to User work flow. So the request from "Add User" link will handled by the addUser method in the UserController which will redirect the user to the "Add User" page, and the user can then fill in the details and save the new user. Now here is where I'm getting confused. Where should I put the save process of the new user, should I put that in new method inside UserController, or use the same "addUser" method. What is the best way to handle this kind of scenario.
I hope I was able to clear my question.
did you try to check the Petclinic example which is in the Spring distribution? There you can find all the CRUD operation examples and much more...
Based on your example I suggest that you implement a "goto action page" method and a "perform action" mthod in your UserController. For the AddUser operation, the "goto action page" method might be AddUserPage() which performs any necessary initialization and setup required for the "add user" page then forwards the request to the "add user" web page and the "perform action" method might be AddUser() in which you implement the action of adding a user to your website.
For a "Delete User" action, you might have a "DeleteUserPage" and a "DeleteUser". etc.
The idea here being that you need a method in the MultiActonController to send the user to the correct page and another method to implement the desired action. The name of the methods is not important, but I suggest that you name them consistantly (for instance, xxxPage() sends the user to the xxx activity page and xxx() implements the xxx activity).