pink-gorilla
diff --git a/‎demo/deps.edn
+2-2 b/‎demo/deps.edn
+2-2
diff --git a/‎demo/resources/demo-services.edn
-1 b/‎demo/resources/demo-services.edn
-1
diff --git a/‎demo/resources/dev-services.edn
-31 b/‎demo/resources/dev-services.edn
-31
diff --git a/‎demo/resources/test-services.edn
-43 b/‎demo/resources/test-services.edn
-43
diff --git a/‎demo/src/demo/page/oauth2.cljs
+2-6 b/‎demo/src/demo/page/oauth2.cljs
+2-6
diff --git a/‎demo/src/demo/repl/identity/login.clj
+15 b/‎demo/src/demo/repl/identity/login.clj
+15
diff --git a/‎deps.edn
+3-7 b/‎deps.edn
+3-7
diff --git a/‎resources/ext/oauth2.edn
+1-2 b/‎resources/ext/oauth2.edn
+1-2
diff --git a/‎src/token/identity/dialog.cljs
+12-16 b/‎src/token/identity/dialog.cljs
+12-16
diff --git a/‎src/token/identity/local.clj
+20-26 b/‎src/token/identity/local.clj
+20-26
diff --git a/‎src/token/identity/local.cljs
+6-7 b/‎src/token/identity/local.cljs
+6-7
@@ -3,7 +3,7 @@
          "target/webly"]
 
  :deps {org.clojure/clojure    {:mvn/version "1.11.3"}
-        org.pinkgorilla/webly {:mvn/version "0.7.693"}
+        org.pinkgorilla/webly {:mvn/version "0.8.707"}
         org.pinkgorilla/ui-tailwind {:mvn/version "0.1.8"}
         org.pinkgorilla/oauth2 {:local/root "../" :deps/manifest :deps}
         nrepl/nrepl {:mvn/version "1.2.0"}}
@@ -13,7 +13,7 @@
                                :profile "npm-install"}}
 
            :npm-install {:exec-args {:profile "npm-install"}}
-           :compile {:exec-args {:profile "compile2"}}
+           :compile {:exec-args {:profile "compile"}}
            :release {:exec-args {:profile "release"}}
            :release-adv {:exec-args {:profile "release-adv"}}
            :static {:exec-args {:profile "static"}}
 
@@ -34,7 +34,6 @@
   :oauth2 {:start (token.oauth2.service/start-oauth2-service
                    {:clj (clip/ref :clj-service)
                     :providers (:oauth2 (:token (deref (clip/ref :config))))
-                    ;:providers {:google {:client-id "" :client-secret ""}}
                     :store-path ".webly/tokenstore"
                     :store-role nil ; #{}
                     })}
 
@@ -23,12 +23,8 @@
 
 (defn user-details []
   (fn []
-    (let [{:keys [user token provider] :as edn} @user-a]
-      [block2 "user details:"
-       [:p "edn: " (pr-str edn)]
-       [:p "user: " user]
-       [:p "provider: " provider]
-       [:p "token: " token]])))
+      [block2 "user details (for debugging): "
+       [:p (pr-str @user-a)]]))
 
 (def provider-scopes 
   {:github [;https://docs.github.com/en/developers/apps/scopes-for-oauth-apps
 
@@ -0,0 +1,15 @@
+(ns repl.identity.login
+  (:require
+   [modular.system]
+   [token.identity.local :refer [get-token verify-token]]))
+
+
+(def this (modular.system/system :oauth2))
+
+(get-token this "bongo" "11111")
+(get-token this "demo" "11111")
+(get-token this "demo" "1234")
+
+(verify-token this "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiZGVtbyJ9.mWO7pjUFhFpEDeQT_3OjM1YCZ1TN8LNZiA_3xF-NkBI")
+
+(verify-token this "eyJhbGciOiJIUzI1NiJ9.eyJ1c2xyIjoiZGVtbyJ9.mWO7pjUFhFpEDeQT_3OjM1YCZ1TN8LNZiA_3xF-NkBI")
@@ -25,8 +25,8 @@
   ;ring-oauth2/ring-oauth2 {:mvn/version "0.1.5"}
   ; clj-oauth/clj-oauth {:mvn/version "1.5.2"}; copied over from REST
   ; pink-gorilla dependencies
-  org.pinkgorilla/modular {:mvn/version "0.2.56"} ; for edn saving (with time formats encoding added)
-  org.pinkgorilla/clj-service {:mvn/version "0.3.20"} ; brings permission + websocket
+  org.pinkgorilla/modular {:mvn/version "0.2.61"} ; for edn saving (with time formats encoding added)
+  org.pinkgorilla/clj-service {:mvn/version "0.4.21"} ; brings permission + websocket
   }
 
  :aliases
@@ -39,13 +39,9 @@
   ; github ci  
   :build {:deps {io.github.clojure/tools.build {:git/tag "v0.6.1" :git/sha "515b334"}
                  io.github.slipset/deps-deploy {:git/sha "b4359c5d67ca002d9ed0c4b41b710d7e5a82e3bf"}
-                 io.github.seancorfield/build-clj {:git/tag "v0.5.4" :git/sha "bc9c0cc"}
-                  ;rewrite-clj/rewrite-clj {:mvn/version "1.0.699-alpha"}
-                 babashka/fs {:mvn/version "0.0.5"}}
+                 io.github.seancorfield/build-clj {:git/tag "v0.5.4" :git/sha "bc9c0cc"}}
           :ns-default build}
 
-
-
 ;
   }}
 
 
@@ -3,8 +3,7 @@
  :lazy false
  :cljs-namespace [token.oauth2.store.ui
                   token.identity.user
-                  token.identity.ui
-                  ]
+                  token.identity.ui]
  :cljs-ns-bindings {; make sure the namespaces in sci and cljs are identical
                     token.oauth2.store.ui {'provider-status-grid token.oauth2.store.ui/provider-status-grid} 
                     token.identity.user {'get-user token.identity.user/get-user
 
@@ -30,29 +30,27 @@
   (let [scope (get-identity-scope provider)
         r-p (oauth2/get-auth-token {:provider provider
                                     :scope scope
-                                     ;:width
-                                     ;:height 
-                                    })]
+                                    :width 500
+                                    :height 800
+                                    :title (str "login via " provider)})]
     (-> r-p
         (p/then (fn [token]
                   (println "login oauth2 token success! token: " token)
                   (show-notification :info [:span.bg-blue-300.inline "logged in successfully"] 1000)
                   (let [user-p (oidc/login provider token)]
-                    (-> user-p 
-                       (p/then (fn [login-result]
-                                 (println "oauth2 login success: " login-result)))    
-                       (p/catch (fn [login-err]
-                                  (println "oauth2 login error: " login-err))))
-                       ;(user/set-user! usermap)
-                    )
-                  (dialog-close)))
+                    (-> user-p
+                        (p/then (fn [usermap]
+                                  (println "oauth2 login success: " usermap)
+                                  (user/set-user! usermap)
+                                  (dialog-close)))
+                        (p/catch (fn [login-err]
+                                   (println "oauth2 login error: " login-err)
+                                   (dialog-close)))))))
         (p/catch (fn [err]
                    (println "login local error: " err)
                    (show-notification :error [:span.bg-red-300.inline "login error!"] 1000)
                    (dialog-close))))))
 
-
-
 (defn- login-ui []
   (let [username (r/atom "")
         password (r/atom "")
@@ -96,11 +94,9 @@
 
 (defn show-login-dialog []
   (dialog-show
-   [:div [login-ui]]
+   [login-ui]
    :medium))
 
-
-
 #_(rf/reg-event-fx
    :oauth2/login-oauth-success
    (fn [{:keys [db]} [_ provider token]]
 
@@ -10,7 +10,6 @@
    [clj-service.executor :refer [*user* *session*]]
    [clj-service.core :refer [expose-functions]]))
 
-
 (defn start-local-identity [{:keys [permission clj secret] :as this}]
   (info "starting local-identity service..")
   (assert (and secret (string? secret)) "local-identity  service needs :secret (a string)")
@@ -30,11 +29,8 @@
   (-> (hash/blake2b-128 pwd)
       (codecs/bytes->hex)))
 
-(defn create-claim [{:keys [secret] :as this} user-id]
-  (let [claim  {:type :local
-                :provider :local
-                :user user-id}
-        token (jwt/sign claim secret)]
+(defn create-claim [{:keys [secret] :as this} claim]
+  (let [token (jwt/sign claim secret)]
     (assoc claim :token token)))
 
 (defn get-token [{:keys [permission] :as this} user-name user-password]
@@ -53,7 +49,11 @@
        :error-message (str "Bad password for  [" user-name "].")}
      ; succes
       :else
-      (create-claim this (:id user)))))
+      (create-claim this {:type :local
+                          :provider :local
+                          :user (:id user)
+                          :roles (:roles user)
+                          :email (:email user)}))))
 
 (defn verify-token [{:keys [secret] :as this} token]
   (println "verifying token: " token)
@@ -66,9 +66,9 @@
 
 (defn login
   [{:keys [permission secret] :as this} token]
-  (println "login/local: token: " token " session: " *session*)
+  (info "login/local: token: " token " session: " *session*)
   (let [{:keys [user error] :as r} (verify-token this token)]
-    (println "login/local: result: " r)
+    (info "login/local: result: " r)
     (when user
       (set-user! permission  *session* user))
     r))
@@ -79,32 +79,26 @@
   (pwd-hash "7890")
   (pwd-hash "")
 
-  (get-token "bongo" "11111")
-  (get-token "demo" "11111")
-  (get-token "demo" "1234")
-
-  (verify-token "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiZGVtbyJ9.mWO7pjUFhFpEDeQT_3OjM1YCZ1TN8LNZiA_3xF-NkBI")
-
-  (verify-token "eyJhbGciOiJIUzI1NiJ9.eyJ1c2xyIjoiZGVtbyJ9.mWO7pjUFhFpEDeQT_3OjM1YCZ1TN8LNZiA_3xF-NkBI")
-
-  (clj-jwt/str->jwt "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiZGVtbyJ9.mWO7pjUFhFpEDeQT_3OjM1YCZ1TN8LNZiA_3xF-NkBI")
+;  (clj-jwt/str->jwt "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyIjoiZGVtbyJ9.mWO7pjUFhFpEDeQT_3OjM1YCZ1TN8LNZiA_3xF-NkBI")
 
   ; jwks_uri
   ; https://accounts.google.com/.well-known/openid-configuration
 
-  (clj-jwt/unsign
-   "https://www.googleapis.com/oauth2/v3/certs"
-
+ ; (clj-jwt/unsign
+ ;  "https://www.googleapis.com/oauth2/v3/certs"
    ;id-token
-   "eyJhbGciOiJSUzI1NiIsImtpZCI6ImQwMWMxYWJlMjQ5MjY5ZjcyZWY3Y2EyNjEzYTg2YzlmMDVlNTk1NjciLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI4Nzc3MTk3NDczLWQ4cWp1MWsyZTJvMWhrbGZvdWh0MXYwbTM2aW1nYnJ2LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiYXVkIjoiODc3NzE5NzQ3My1kOHFqdTFrMmUybzFoa2xmb3VodDF2MG0zNmltZ2Jydi5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsInN1YiI6IjExNzIzMjc5NzY1NjI4MDM5MDg2MSIsImVtYWlsIjoiaG9lcnRsZWhuZXJAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJsOGltUkRtUktfNmdGS0RqNmZWWVlRIiwibm9uY2UiOiIwLjMyMzAxNDQ1MTgzNDgwODgiLCJuYW1lIjoiRmxvcmlhbiBIb2VydGxlaG5lciIsInBpY3R1cmUiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY29udGVudC5jb20vYS9BQVRYQUp4RlRUSGNLZDVGNGVZU2JOcUNUXzZzT2pzdm9YZEVuU29ZTDJDVWEzND1zOTYtYyIsImdpdmVuX25hbWUiOiJGbG9yaWFuIiwiZmFtaWx5X25hbWUiOiJIb2VydGxlaG5lciIsImxvY2FsZSI6ImVuIiwiaWF0IjoxNjQxNTY0OTk0LCJleHAiOjE2NDE1Njg1OTR9.r_yRMMXXyn75-wSucS3OaLbmBA4viX-Pr9_WVxcbbOFuqDAInXYTLHGr9Z0h1hg_IvY_iTM4HSpHUUNv2x82igz4BI7J8q2ZwI4EwTP16i5K5qMAaQ8op4Pk7YrIpFiuH6Ki7zn3eN-Rx1WlORDiPkyYgCQjDr5XSM94EpygiEk2cTFNP0NK0T7XF80CiliWDqkDTuE3sVPWBLab4x0FVfO5M0dLbL70V0Ede2Unb9WbO566xmZv3hqpER0sVHYc1DcNDRetcIVu9RlCccBE18xqTL8tXnsfGWoCO-POilY-1iPEwCj_SLW8u6Rj0ehYHTK96_hHOnBpxuyL8KPGzg"
+;   "eyJhbGciOiJSUzI1NiIsImtpZCI6ImQwMWMxYWJlMjQ5MjY5ZjcyZWY3Y2EyNjEzYTg2YzlmMDVlNTk1NjciLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJodHRwczovL2FjY291bnRzLmdvb2dsZS5jb20iLCJhenAiOiI4Nzc3MTk3NDczLWQ4cWp1MWsyZTJvMWhrbGZvdWh0MXYwbTM2aW1nYnJ2LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiYXVkIjoiODc3NzE5NzQ3My1kOHFqdTFrMmUybzFoa2xmb3VodDF2MG0zNmltZ2Jydi5hcHBzLmdvb2dsZXVzZXJjb250ZW50LmNvbSIsInN1YiI6IjExNzIzMjc5NzY1NjI4MDM5MDg2MSIsImVtYWlsIjoiaG9lcnRsZWhuZXJAZ21haWwuY29tIiwiZW1haWxfdmVyaWZpZWQiOnRydWUsImF0X2hhc2giOiJsOGltUkRtUktfNmdGS0RqNmZWWVlRIiwibm9uY2UiOiIwLjMyMzAxNDQ1MTgzNDgwODgiLCJuYW1lIjoiRmxvcmlhbiBIb2VydGxlaG5lciIsInBpY3R1cmUiOiJodHRwczovL2xoMy5nb29nbGV1c2VyY29udGVudC5jb20vYS9BQVRYQUp4RlRUSGNLZDVGNGVZU2JOcUNUXzZzT2pzdm9YZEVuU29ZTDJDVWEzND1zOTYtYyIsImdpdmVuX25hbWUiOiJGbG9yaWFuIiwiZmFtaWx5X25hbWUiOiJIb2VydGxlaG5lciIsImxvY2FsZSI6ImVuIiwiaWF0IjoxNjQxNTY0OTk0LCJleHAiOjE2NDE1Njg1OTR9.r_yRMMXXyn75-wSucS3OaLbmBA4viX-Pr9_WVxcbbOFuqDAInXYTLHGr9Z0h1hg_IvY_iTM4HSpHUUNv2x82igz4BI7J8q2ZwI4EwTP16i5K5qMAaQ8op4Pk7YrIpFiuH6Ki7zn3eN-Rx1WlORDiPkyYgCQjDr5XSM94EpygiEk2cTFNP0NK0T7XF80CiliWDqkDTuE3sVPWBLab4x0FVfO5M0dLbL70V0Ede2Unb9WbO566xmZv3hqpER0sVHYc1DcNDRetcIVu9RlCccBE18xqTL8tXnsfGWoCO-POilY-1iPEwCj_SLW8u6Rj0ehYHTK96_hHOnBpxuyL8KPGzg"
 
    ;"1//05HkiJ3mkxEaeCgYIARAAGAUSNwF-L9IrN6ze8eRTdHMXGkTfRe1tQyjUGHAYWyHwmauFf8ZuWPiWTkS4baZCExUWDqzqwzeqdQg"
    ;"ya29.a0ARrdaM93BFZ3FkKkCEPn3acy9INGwmywONA8_TIFgD5YSfx83Tnn6ojGYbJR3rvEv2rZ2htF5SzaVRXvcv2z9pktxavf5Vp9544qr9UbbVTNFQGjZ-vgshyS43oBU15wzmAfki4TBLD2oJypE8PYOpvyWWJi"
-   )
+;   )
 ; xero
 ; https://identity.xero.com/.well-known/openid-configuration
-  (clj-jwt/unsign
-   "https://identity.xero.com/.well-known/openid-configuration/jwks"
-   "eyJhbGciOiJSUzI1NiIsImtpZCI6IjFDQUY4RTY2NzcyRDZEQzAyOEQ2NzI2RkQwMjYxNTgxNTcwRUZDMTkiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJISy1PWm5jdGJjQW8xbkp2MENZVmdWY09fQmsifQ.eyJuYmYiOjE2NDE1NjcwOTksImV4cCI6MTY0MTU2ODg5OSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS54ZXJvLmNvbSIsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkueGVyby5jb20vcmVzb3VyY2VzIiwiY2xpZW50X2lkIjoiMUQ0RTUxQzMyNDA1NDUxQ0JCQTMyQzExMjkwOUE3QjgiLCJzdWIiOiJkODZhNTIyMThiODk1MDFiODE0ZmIyMDY1YjU5NzNlMSIsImF1dGhfdGltZSI6MTY0MTU2NjQ3OSwieGVyb191c2VyaWQiOiIzYzczNjBjMC02MTk1LTQ2MmQtYjkxMy03NmNlOWM2NmNiYjgiLCJnbG9iYWxfc2Vzc2lvbl9pZCI6IjZjYjZhZjRkNTQ4ZDQ3NDZhZTZjMTNjNWJjOThlOWFmIiwianRpIjoiZTM2Y2NkYzdlMjViOGVlMDFhM2U3YzBkNDAwZDk2OWIiLCJhdXRoZW50aWNhdGlvbl9ldmVudF9pZCI6IjA4ZTg2ZTdiLTZkMjctNDQxMS05MTFiLTY0YjJmMWQ1NzhjMCIsInNjb3BlIjpbImVtYWlsIiwicHJvZmlsZSIsIm9wZW5pZCIsImFjY291bnRpbmcucmVwb3J0cy5yZWFkIiwiYWNjb3VudGluZy5zZXR0aW5ncyIsImFjY291bnRpbmcuYXR0YWNobWVudHMiLCJhY2NvdW50aW5nLnRyYW5zYWN0aW9ucyIsImFjY291bnRpbmcuam91cm5hbHMucmVhZCIsImFjY291bnRpbmcudHJhbnNhY3Rpb25zLnJlYWQiLCJhY2NvdW50aW5nLmNvbnRhY3RzIiwib2ZmbGluZV9hY2Nlc3MiXX0.t9c33xsXXqAfxC8JOyTRPG8b-QrLzqkxIItenXyul3kaSulzue281jed1wFyIpBefDq_xNUfFt4SfrMMyplOxThjQMyYktweyftijfMfnHwa4ZlGJaArdNOFNNzm2XOhdlyjFsVpWrAsMdhb8U9LyZjtagePE90VWyF47N3733tsDj9IBMKOUTg0HVEzyHqR0b-yRXE7KraM9KB3A_-CmuKBjT9JfExfFD8K17vS5T94cHW36EAy1UwWS2NZcFai_nh838Yi4sT1x7HCC3rOJlH8-S-GdmgPXpY5enrJ3nvwhca9bSXQKrnxktubDZeKVV3M1Mfhp5Gr-44Jkzu5Ww"))
+ ; (clj-jwt/unsign
+  ; "https://identity.xero.com/.well-known/openid-configuration/jwks"
+   ;"eyJhbGciOiJSUzI1NiIsImtpZCI6IjFDQUY4RTY2NzcyRDZEQzAyOEQ2NzI2RkQwMjYxNTgxNTcwRUZDMTkiLCJ0eXAiOiJKV1QiLCJ4NXQiOiJISy1PWm5jdGJjQW8xbkp2MENZVmdWY09fQmsifQ.eyJuYmYiOjE2NDE1NjcwOTksImV4cCI6MTY0MTU2ODg5OSwiaXNzIjoiaHR0cHM6Ly9pZGVudGl0eS54ZXJvLmNvbSIsImF1ZCI6Imh0dHBzOi8vaWRlbnRpdHkueGVyby5jb20vcmVzb3VyY2VzIiwiY2xpZW50X2lkIjoiMUQ0RTUxQzMyNDA1NDUxQ0JCQTMyQzExMjkwOUE3QjgiLCJzdWIiOiJkODZhNTIyMThiODk1MDFiODE0ZmIyMDY1YjU5NzNlMSIsImF1dGhfdGltZSI6MTY0MTU2NjQ3OSwieGVyb191c2VyaWQiOiIzYzczNjBjMC02MTk1LTQ2MmQtYjkxMy03NmNlOWM2NmNiYjgiLCJnbG9iYWxfc2Vzc2lvbl9pZCI6IjZjYjZhZjRkNTQ4ZDQ3NDZhZTZjMTNjNWJjOThlOWFmIiwianRpIjoiZTM2Y2NkYzdlMjViOGVlMDFhM2U3YzBkNDAwZDk2OWIiLCJhdXRoZW50aWNhdGlvbl9ldmVudF9pZCI6IjA4ZTg2ZTdiLTZkMjctNDQxMS05MTFiLTY0YjJmMWQ1NzhjMCIsInNjb3BlIjpbImVtYWlsIiwicHJvZmlsZSIsIm9wZW5pZCIsImFjY291bnRpbmcucmVwb3J0cy5yZWFkIiwiYWNjb3VudGluZy5zZXR0aW5ncyIsImFjY291bnRpbmcuYXR0YWNobWVudHMiLCJhY2NvdW50aW5nLnRyYW5zYWN0aW9ucyIsImFjY291bnRpbmcuam91cm5hbHMucmVhZCIsImFjY291bnRpbmcudHJhbnNhY3Rpb25zLnJlYWQiLCJhY2NvdW50aW5nLmNvbnRhY3RzIiwib2ZmbGluZV9hY2Nlc3MiXX0.t9c33xsXXqAfxC8JOyTRPG8b-QrLzqkxIItenXyul3kaSulzue281jed1wFyIpBefDq_xNUfFt4SfrMMyplOxThjQMyYktweyftijfMfnHwa4ZlGJaArdNOFNNzm2XOhdlyjFsVpWrAsMdhb8U9LyZjtagePE90VWyF47N3733tsDj9IBMKOUTg0HVEzyHqR0b-yRXE7KraM9KB3A_-CmuKBjT9JfExfFD8K17vS5T94cHW36EAy1UwWS2NZcFai_nh838Yi4sT1x7HCC3rOJlH8-S-GdmgPXpY5enrJ3nvwhca9bSXQKrnxktubDZeKVV3M1Mfhp5Gr-44Jkzu5Ww")
+   
+ ; 
+  )
 
 
@@ -1,23 +1,22 @@
 (ns token.identity.local
-  (:require 
-    [promesa.core :as p]
-    [goldly.service.core :refer [clj]]))
+  (:require
+   [promesa.core :as p]
+   [goldly.service.core :refer [clj]]))
 
-(defn get-token 
+(defn get-token
   "returns a promise with the token or an error"
   [user password]
   (println "local get-token user: " user "password: " password)
   (let [r-p (p/deferred)
         data-p (clj 'token.identity.local/get-token user password)]
     (-> data-p
         (p/then (fn [{:keys [error error-message] :as token}]
-                  (if error 
+                  (if error
                     (p/reject! r-p error-message)
                     (p/resolve! r-p token))))
         (p/catch (fn [err]
                    (println "get-token error: " err)
-                   (p/reject! r-p err)
-                   )))
+                   (p/reject! r-p err))))
     r-p))
 
 (defn login