github-mirrors/oauth-playground-server
1
0
Fork 0
mirror of https://github.com/ysoftdevs/oauth-playground-server.git synced 2026-01-11 14:30:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

webauthn - add a stealthy link from regular login page

Browse Source
This commit is contained in:
Dusan Jakub
2023-09-27 10:48:46 +02:00
parent cb58273bdd
commit c802bea639
3 changed files with 25 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/main/java/com/ysoft/geecon/OAuthResource.java
View File

@@ -79,6 +79,16 @@ public class OAuthResource {
return Templates.loginPasswordless(params.getLoginHint(), sessionId, "");
}
@POST
@Path("passwordless")
@Produces(MediaType.TEXT_HTML)
@Blocking
public TemplateInstance postPasswordless(@FormParam("sessionId") String sessionId) {
AuthorizationSession session = sessionsRepo.getSession(sessionId).orElseThrow(
() -> new OAuthUserVisibleException(ErrorResponse.Error.access_denied, "Invalid session"));
return Templates.loginPasswordless(session.params().getLoginHint(), sessionId, "");
}
@POST
@Path("passwordless/register")
@Produces(MediaType.TEXT_HTML)

6
src/main/resources/templates/OAuthResource/login.html
View File

@@ -37,6 +37,12 @@
<li class="collection-item">bob / Password1</li>
<li class="collection-item">user / user</li>
</ul>
<form action="/auth/passwordless" method="post" class="right-align">
<input type="hidden" name="sessionId" value="{sessionId}">
<small>Pst, you can try
<button type="submit" class="link-button">passwordless login</button>
.</small>
</form>
</div>
</div>
</div>

9
src/main/resources/templates/base.html
View File

@@ -40,6 +40,15 @@
background-color: #0056b3
}
.link-button {
background: none;
border: none;
color: #1a0dab;
text-decoration: underline;
cursor: pointer;
padding: 0;
}
.collection {
border: none;
}