JAVA-1132: Added clients-SPA-legacy, also renamed underlying modules to

suffix -legacy

Author: sampadawagde

clients-SPA-legacy/clients-js-only-react-legacy/.gitignore

@@ -0,0 +1,25 @@
+/target/
+!.mvn/wrapper/maven-wrapper.jar
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+/build/

clients-SPA-legacy/clients-js-only-react-legacy/pom.xml

@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>clients-js-only-react-legacy</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>clients-js-only-react-legacy</name>
+    <description>Demo project for Spring Boot</description>
+    
+	<parent>
+		<groupId>com.baeldung</groupId>
+		<artifactId>spring-security-oauth</artifactId>
+		<version>1.0.0-SNAPSHOT</version>
+		<relativePath>../../</relativePath>
+	</parent>
+
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>

clients-SPA-legacy/clients-js-only-react-legacy/src/main/java/com/baeldung/clientjsonlyreact/ClientJsOnlyReactApplication.java

@@ -0,0 +1,13 @@
+package com.baeldung.clientjsonlyreact;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class ClientJsOnlyReactApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(ClientJsOnlyReactApplication.class, args);
+    }
+
+}

clients-SPA-legacy/clients-js-only-react-legacy/src/main/resources/application.properties

@@ -0,0 +1,128 @@
+function generate_code_challenge(verifier) {
+  return base64_urlencode(sha256bin(verifier));
+}
+
+generateCodeChallenge = async (codeVerifier) =>  {
+  const strBuffer = new TextEncoder('utf-8').encode(codeVerifier);
+  const hashBuffer = await window.crypto.subtle.digest('SHA-256', strBuffer);
+  return Array.from(new Uint8Array(hashBuffer));
+}
+
+function sha256bin(ascii) {
+  return hex2bin(sha256(ascii));
+}
+
+function hex2bin(s) {
+
+  var ret = []
+  var i = 0
+  var l
+
+  s += ''
+
+  for (l = s.length; i < l; i += 2) {
+    var c = parseInt(s.substr(i, 1), 16)
+    var k = parseInt(s.substr(i + 1, 1), 16)
+    if (isNaN(c) || isNaN(k)) return false
+    ret.push((c << 4) | k)
+  }
+
+  return String.fromCharCode.apply(String, ret)
+}
+
+var sha256 = function sha256(ascii) {
+  function rightRotate(value, amount) {
+    return (value>>>amount) | (value<<(32 - amount));
+  };
+  
+  var mathPow = Math.pow;
+  var maxWord = mathPow(2, 32);
+  var lengthProperty = 'length';
+  var i, j; // Used as a counter across the whole file
+  var result = '';
+
+  var words = [];
+  var asciiBitLength = ascii[lengthProperty]*8;
+  
+  //* caching results is optional - remove/add slash from front of this line to toggle
+  // Initial hash value: first 32 bits of the fractional parts of the square roots of the first 8 primes
+  // (we actually calculate the first 64, but extra values are just ignored)
+  var hash = sha256.h = sha256.h || [];
+  // Round constants: first 32 bits of the fractional parts of the cube roots of the first 64 primes
+  var k = sha256.k = sha256.k || [];
+  var primeCounter = k[lengthProperty];
+  /*/
+  var hash = [], k = [];
+  var primeCounter = 0;
+  //*/
+
+  var isComposite = {};
+  for (var candidate = 2; primeCounter < 64; candidate++) {
+    if (!isComposite[candidate]) {
+      for (i = 0; i < 313; i += candidate) {
+        isComposite[i] = candidate;
+      }
+      hash[primeCounter] = (mathPow(candidate, .5)*maxWord)|0;
+      k[primeCounter++] = (mathPow(candidate, 1/3)*maxWord)|0;
+    }
+  }
+  
+  ascii += '\x80'; // Append '1' bit (plus zero padding)
+  while (ascii[lengthProperty]%64 - 56) ascii += '\x00'; // More zero padding
+  for (i = 0; i < ascii[lengthProperty]; i++) {
+    j = ascii.charCodeAt(i);
+    if (j>>8) return; // ASCII check: only accept characters in range 0-255
+    words[i>>2] |= j << ((3 - i)%4)*8;
+  }
+  words[words[lengthProperty]] = ((asciiBitLength/maxWord)|0);
+  words[words[lengthProperty]] = (asciiBitLength)
+  
+  // process each chunk
+  for (j = 0; j < words[lengthProperty];) {
+    var w = words.slice(j, j += 16); // The message is expanded into 64 words as part of the iteration
+    var oldHash = hash;
+    // This is now the "working hash", often labelled as variables a...g
+    // (we have to truncate as well, otherwise extra entries at the end accumulate
+    hash = hash.slice(0, 8);
+    
+    for (i = 0; i < 64; i++) {
+      var i2 = i + j;
+      // Expand the message into 64 words
+      // Used below if 
+      var w15 = w[i - 15], w2 = w[i - 2];
+
+      // Iterate
+      var a = hash[0], e = hash[4];
+      var temp1 = hash[7]
+        + (rightRotate(e, 6) ^ rightRotate(e, 11) ^ rightRotate(e, 25)) // S1
+        + ((e&hash[5])^((~e)&hash[6])) // ch
+        + k[i]
+        // Expand the message schedule if needed
+        + (w[i] = (i < 16) ? w[i] : (
+            w[i - 16]
+            + (rightRotate(w15, 7) ^ rightRotate(w15, 18) ^ (w15>>>3)) // s0
+            + w[i - 7]
+            + (rightRotate(w2, 17) ^ rightRotate(w2, 19) ^ (w2>>>10)) // s1
+          )|0
+        );
+      // This is only used once, so *could* be moved below, but it only saves 4 bytes and makes things unreadble
+      var temp2 = (rightRotate(a, 2) ^ rightRotate(a, 13) ^ rightRotate(a, 22)) // S0
+        + ((a&hash[1])^(a&hash[2])^(hash[1]&hash[2])); // maj
+      
+      hash = [(temp1 + temp2)|0].concat(hash); // We don't bother trimming off the extra ones, they're harmless as long as we're truncating when we do the slice()
+      hash[4] = (hash[4] + temp1)|0;
+    }
+    
+    for (i = 0; i < 8; i++) {
+      hash[i] = (hash[i] + oldHash[i])|0;
+    }
+  }
+  
+  for (i = 0; i < 8; i++) {
+    for (j = 3; j + 1; j--) {
+      var b = (hash[i]>>(j*8))&255;
+      result += ((b < 16) ? 0 : '') + b.toString(16);
+    }
+  }
+  return result;
+};

clients-SPA-legacy/clients-js-only-react-legacy/src/main/resources/static/common/images/default-profile.png

@@ -0,0 +1,3 @@
+function generate_code_verifier() {
+  return random_string(48);
+}

clients-SPA-legacy/clients-js-only-react-legacy/src/main/resources/static/common/js/code_challenge_functions.js

@@ -0,0 +1,35 @@
+function base64_urlencode(str) {
+  return btoa(str)
+            .replace(/\+/g, '-')
+            .replace(/\//g, '_')
+            .replace(/=/g, '');
+}
+
+function generate_state() {
+  return random_string(48);
+}
+
+function random_string(len) {
+  var arr = new Uint8Array(len);
+  window.crypto.getRandomValues(arr);
+  var str = base64_urlencode(dec2bin(arr));
+  return str.substring(0, len);
+}
+
+function dec2hex(dec) {
+  return ('0' + dec.toString(16)).substr(-2)
+}
+
+function dec2bin(arr) {
+  return hex2bin(Array.from(arr, dec2hex).join(''));
+}
+
+function getParameterByName(name, url) {
+  if (!url) url = window.location.href;
+  name = name.replace(/[\[\]]/g, '\\$&');
+  var regex = new RegExp('[?&]' + name + '(=([^&#]*)|&|#|$)'),
+      results = regex.exec(url);
+  if (!results) return null;
+  if (!results[2]) return '';
+  return decodeURIComponent(results[2].replace(/\+/g, ' '));
+}

clients-SPA-legacy/clients-js-only-react-legacy/src/main/resources/static/common/js/code_verifier_functions.js

@@ -0,0 +1,9 @@
+// Spiner indicating something is being processed
+const Spinner = ({ spinnerText }) => (
+  <div className="spinner-container">
+    <p className="spinner-text">{spinnerText || 'Waiting...'}</p>
+    <div className="spinner-icon"></div>
+  </div>
+)
+
+window.Spinner = Spinner;

clients-SPA-legacy/clients-js-only-react-legacy/src/main/resources/static/common/js/common_functions.js

@@ -0,0 +1,25 @@
+const AUTH0_APP_DOMAIN = 'https://bael-jsonly-pkce.auth0.com';
+const PROVIDER_CONFIGS = {
+  AUTH0: {
+    AUTH_URL: AUTH0_APP_DOMAIN + "/authorize",
+    CLIENT_ID: "R7L3XpkJrwcGEkuxrUdSpGAA9NgX9ouQ",
+    CONFIGURED_REDIRECT_URIS:{
+      STEP_BY_STEP: "http://localhost:8080/pkce-stepbystep/popup_code_handler.html",
+      REAL_CASE: "http://localhost:8080/pkce-realcase/popup_code_handler.html",
+      SIMPLE: "http://localhost:8080/pkce-simple/callback.html"
+    },
+    TOKEN_URI: AUTH0_APP_DOMAIN + "/oauth/token",
+    SCOPES: 'openid profile email',
+    AUDIENCE: "pkceclient.baeldung.com",
+    PROFILE_URL: AUTH0_APP_DOMAIN + "/userinfo",
+    PROFILE_FIELDS: {
+      NAME: "nickname",
+      EMAIL: "email",
+      PICTURE: "picture"
+    },
+    // Renew Token Period for in seconds:
+    RENEW_TOKEN_PERIOD: 60
+  }
+}
+
+window.PROVIDER_CONFIGS = PROVIDER_CONFIGS;

clients-SPA-legacy/clients-js-only-react-legacy/src/main/resources/static/common/js/components/spinner.js

@@ -0,0 +1,74 @@
+<!DOCTYPE html>
+<html>
+
+  <head>
+    <title>Landing Page - Baeldung's JS-only SPA Oauth Client</title>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width">
+
+    <!-- Styles -->
+    <link rel="stylesheet" href="/landing-page.css">
+    <link href="https://fonts.googleapis.com/css?family=Raleway" rel="stylesheet">
+  </head>
+
+  <body>
+
+    <div id="landing-page-container">
+      <div class="header-container">
+        <div class="title">
+          <h1>
+            Welcome to the JS-only SPA OAuth Clients using Auth Code with PKCE!
+          </h1>
+        </div>
+        <div class="description">
+          We present here three examples of Single Page Applications:
+        </div>
+      </div>
+      <div class="examples-container">
+        <a id="simple" href="/pkce-simple/index.html">
+          <div class="example">
+            <div class="title">
+              <h2>The Article's Example SPA</h2>
+            </div>
+            <div class="description">
+              <p>If we're looking for the application that we built together following the article's steps,
+                this is our option.</p>
+              <p>It has nothing but the most fundamental elements to access secured resources using the
+                OAuth2 Auth Code with PKCE Flow</p>
+            </div>
+          </div>
+        </a>
+        <a id="step-by-step" href="/pkce-stepbystep/index.html">
+          <div class="example">
+            <div class="title">
+              <h2>The Step-By-Step SPA</h2>
+            </div>
+            <div class="description">
+              <p>We should pick this App if we want to see how the Auth Code with PKCE Flow is carried out in an interactive way.</p>
+              <p>
+                We'll see in the UI and in the browser console what happens behind the scenes when we request an
+                access token.
+              </p>
+            </div>
+          </div>
+        </a>
+        <a id="real-case" href="/pkce-realcase/index.html">
+          <div class="example">
+            <div class="title">
+              <h2>The Real-Case SPA</h2>
+            </div>
+            <div class="description">
+              <p>
+                In this Application we simulate how a real application would work, making use of our custom Resource Server
+                with protected endpoints. </p>
+              <p>
+                Remember to read The
+                Readme file for more details.</p>
+            </div>
+          </div>
+        </a>
+      </div>
+    </div>
+  </body>
+
+</html>