From 34d8414fdb3d0ebd35098c4a515b1c516aba79df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Krzysztof=20Marsza=C5=82ek?= <marszalekk@gmail.com>
Date: Fri, 22 Nov 2019 10:32:38 +0100
Subject: [PATCH] #28 Add configurable redirect uri

---
 Dockerfile                                            |  2 ++
 docker/indigo-slam.sh                                 |  2 ++
 .../cyfronet/indigo/security/ClientApplication.java   | 11 ++++++++++-
 src/main/resources/auth.properties                    |  5 ++++-
 4 files changed, 18 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e7da3ae..8b474aa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,6 +6,8 @@ ENV IAM_URL 'https://iam-test.indigo-datacloud.eu'
 ENV IAM_AUTHORIZE_URL 'https://iam-test.indigo-datacloud.eu/authorize'
 ENV IAM_CLIENT_ID '53b937c5-fd53-4626-9400-8b21838d7de2'
 ENV IAM_CLIENT_SECRET 'fcqrPQYZtR-CETMdvxrNoQAKtDw-Qy8hb0ItHd4cX6IJpi6f7124YDYV8SAuL99KfkWMQchQalBP2fJAlhRB7Q'
+ENV SET_CURRENT_URI 'True'
+ENV AUTH_RETURN_POINT ''
 ENV CMDB_URL 'http://indigo.cloud.plgrid.pl'
 ENV ONEDATA_URL 'https://onedata.org'
 ENV MYSQL_ADDRESS 'mysql'
diff --git a/docker/indigo-slam.sh b/docker/indigo-slam.sh
index 10c81e3..5752576 100755
--- a/docker/indigo-slam.sh
+++ b/docker/indigo-slam.sh
@@ -16,6 +16,8 @@ java -Dserver.address=0.0.0.0 \
      -Dunity.server.authorize=$IAM_AUTHORIZE_URL \
      -Dunity.server.clientId=$IAM_CLIENT_ID \
      -Dunity.server.clientSecret=$IAM_CLIENT_SECRET \
+     -Dauth.setCurrentUri=$SET_CURRENT_URI \
+     -Dauth.returnPoint.iam=$AUTH_RETURN_POINT \
      -Dcmdb.url=$CMDB_URL \
      -Donedata.url=$ONEDATA_URL \
      -Dadmin.emails=$PROVIDER_EMAIL \
diff --git a/src/main/java/pl/cyfronet/indigo/security/ClientApplication.java b/src/main/java/pl/cyfronet/indigo/security/ClientApplication.java
index 8f0e165..be739c6 100644
--- a/src/main/java/pl/cyfronet/indigo/security/ClientApplication.java
+++ b/src/main/java/pl/cyfronet/indigo/security/ClientApplication.java
@@ -35,6 +35,12 @@ public class ClientApplication {
     @Value("${unity.server.clientSecret}")
     private String clientSecret;
 
+    @Value("${auth.returnPoint.iam}")
+    private String preEstablishedRedirectUri;
+
+    @Value("${auth.setCurrentUri:true}")
+    private boolean useCurrentUri;
+
     @Value("#{'${unity.scopes}'.split(',')}")
     private List<String> scopesList;
 
@@ -49,7 +55,10 @@ public OAuth2ProtectedResourceDetails resource() {
         resource.setClientSecret(clientSecret);
         resource.setUserAuthorizationUri(authorize);
         resource.setAccessTokenUri(token);
-        resource.setUseCurrentUri(true);
+        resource.setUseCurrentUri(useCurrentUri);
+        if (!useCurrentUri) {
+            resource.setPreEstablishedRedirectUri(preEstablishedRedirectUri);
+        }
         resource.setScope(scopesList);
         return resource;
     }
diff --git a/src/main/resources/auth.properties b/src/main/resources/auth.properties
index bc57759..394d142 100644
--- a/src/main/resources/auth.properties
+++ b/src/main/resources/auth.properties
@@ -12,4 +12,7 @@ unity.server.userInfoAction=/userinfo
 unity.entryPointUnityUrl=/auth
 unity.entryPointAuthUrl=/auth
 unity.unauthorizedAction=/unauthorized
-
+#this variable is overloaded in docker (see docker/indigo-slam.sh
+auth.returnPoint.iam=https://localhost:8443/auth
+#this variable is overloaded in docker (see docker/indigo-slam.sh
+auth.setCurrentUri=false
\ No newline at end of file