WaveMaker Docs

WaveMaker Docs

  • Get started
  • Widgets
  • Mobile
  • How-to
  • Enterprise
  • Releases
  • Blog
  • Sign-in

›Security

How-to-documents

  • How-to Wiki
  • WaveMaker Best Practices

App solution

  • Creating a Registration Page
  • Support for Password Encryption
  • Error Handling in WaveMaker App
  • Leaving Page with Unsaved Changes
  • Micro frontend using iframes
  • Enabling PWA

UI design

  • Passing Parameters to Pages
  • Passing Parameters to Partial Page
  • Accessing Script
  • Use Static Variable to pass data between pages
  • Customise Login Page
  • Incorporating Additional Icons
  • Change Icon Color on Condition
  • Change Icon for the Global Spinner
  • Changing Default Favicon
  • Changing App Logo
  • Changing Page Title
  • Customise App Style
  • How to use Conditional Class Property
  • How to use Conditional Style Property
  • Customize an Existing Theme
  • Adjust Left Navigation Width
  • Customizing Theme
  • Enable SPA
  • Choose Widget Template and Layout
  • Widget Template and Icons
  • Custom Template for Widgets
  • Apply Custom Data Formatter

Nav & Dropdown

  • Dynamic Menu based on User Role
  • Restricting Menu Items based on the User Role
  • Localization for Dropdown Menu

Localization

  • Localization in WaveMaker Apps
  • Setting Language and Date Format
  • Localization Using Select Locale
  • Localization of Error Messages

Security

  • SAML Integration - OneLogin
  • SAML Integration - ADFS
  • OpenID Integration - Azure AD
  • Custom Security using Google OAuth Prefab
  • Multiple Security Provider Implementation
  • Customizing Post Authentication Handlers
  • Configuring Content-Security-Policy
  • Configuring MTLS

Databases

  • Queries with Dynamic Where Clause
  • Connect To Azure SQL Server
  • Recommended JDBC Driver Versions for Databases
  • How to fetch more than the default number(100) of records from database?
  • How To: One-to-Many Relationship
  • Working with Temporals
  • Connect To AWS Redshift Database
  • Connect To SAP Hana Cloud Database
  • Transactional History of Entity
  • Row-Level Security using DB Event Listeners
  • Validations using CRUD Listeners
  • Custom Logic DB Event Listeners
  • Connect to MySQL database using SSL
  • How to Switch MariaDB to MySQL Connector

Web services

  • Using App Environment Properties
  • Consuming an Existing WaveMaker API
  • Using POST method to send data to a REST API
  • Request-Response Processing for REST Services
  • How to Intercept Request and Response of all API Calls in One Place
  • WebSocket Usage - Chatroom App
  • UI for API Server-side Pagination
  • Working with API with different pagination formats

Java services

  • Sending Email using WaveMaker Connector
  • Implementing Forgot Password feature using Java Service
  • Accessing REST APIs from Java Service
  • Scheduling a Java Service
  • Integrating JUnit Tests for WaveMaker Application
  • ORM Artifacts
  • Pre-Post Processing for Database Service APIs
  • Accessing Logged-in User Details using Java Service
  • Design a workflow in Camunda BPM and integrate into a WaveMaker app
  • Integrate Azure File Storage
  • Insert Data from Excel into Database
  • Integrate Amazon S3 into WaveMaker App
  • Integrate Twilio Connector
  • Integrate OTP (One-Time Passcode) Verification with WaveMaker App

Variables

  • Using Filter Conditions on Variable
  • Using Live Variable APIs
  • Using Notification Actions
  • Using Navigation Action
  • Using Variables for Queries and Procedure
  • Using Service Variable in a Form
  • Using Filter Criteria for a Data and Live Widgets
  • Using Filter Criteria for a Database CRUD Variable

JavaScript

  • Using JavaScript in Binding
  • Using JavaScript from External URL
  • Using JavaScript to loop a command
  • Using function for evaluating conditions

Developer options

  • Synchronizing WaveMaker Apps with IDEs
  • Synchronizing Java Services Controller
  • Integrating Amazon Cognito for User Authentication
  • Integrating Sample Jasper Report in WaveMaker Application
  • How to generate PDF File using Jasper Reports
  • Upgrading an App from WaveMaker 9.x to WaveMaker 10.0
  • App Migration from WaveMaker 9x to 10x
  • Setup Fusion Reactor for Debugging Issues

Deployment

  • SSL Termination in LoadBalancer

Mobile App Solutions

  • Notify users about new update

Mobile gesture

  • Setting Swipe Gestures on a List Widget
  • Working with Pull to Refresh

Mobile widgets

  • Using Search Widget within the Navbar

Mobile UI design

  • Setting Splashscreen Images and App Icons
  • Using Cordova Plugins
  • Designing Tablet Views in Mobile Project
  • Sliding left navigation for Mobile App
  • Mobile App using Bar code
  • Custom Date Picker in Mobile

Cards

  • Capturing Card Items

DataTable

  • Customising Data Table Row Action
  • How to Configure Row Expansion in a Data Table
  • Using Widgets to represent Data Table Columns
  • View Master-Detail Data Records using Data Table
  • Add Master-Detail records using Data Table
  • Export Data from Data Table
  • Export Data from Data Table - 2
  • Setting Blob Filename
  • Dynamic Data Tables
  • Customize Dynamic Datatable
  • Data Table Column bound to Query
  • Combining Columns in Data Table
  • Custom Styling Data Table Columns & Rows
  • Formatting Data Table Columns
  • Concurrency and Record Locking in WaveMaker
  • Edit DataTable records bound to Query API

List

  • Creating an Employee List grouped by City
  • Creating an Employee List grouped by Birth Month and City
  • OnRender Event
  • Including a Data Table within a List
  • Building an Editable List
  • Building Cascading Lists
  • Accessing List Items
  • Localization of Data Table Column Headings

Forms

  • Using Live Form
  • How Tos: Form
  • Building Tabbed Live Form
  • How Tos: Live Form
  • Linking Live Form with another Widget for Input
  • Handling Related Fields in a Live Form
  • How to Get Validation Messages from a Form
  • Adding Master-Detail records in the same transaction
  • Submit Parent and Child Records in a Single Transaction
  • Submit Parent and Child Records in a Single Transaction using Form and Data Table
  • Using Cascading Select & Autocomplete for Live Form Fields
  • Using Cascading Select within Live Form
  • Using cascading Filter to populate Live Form
  • Using Wizard for Master-Detail Live Form
  • Copy to Clipboard
  • Create a form with multiple wizard steps
  • Smart Forms: Conditional Flows for form Widget

Calendar

  • How Tos: Calendar
  • Calendar Usage - Create an Event
  • Calender Usage - Google Calendar Integration

CheckboxSet

  • CheckboxSet to Filter List data

FileUpload

  • FileUpload - Basic Usage
  • File Upload Widget Operations
  • Upload File & Save in Database
  • File Upload & Blob Data
  • File Upload - Custom Directory
  • Accessing File Upload from Java Code
  • Upload Files from Live Form & Form

Radioset

  • Radioset to Filter a List

Rating

  • Building Rating Widget using Static Data
  • Building Rating Widget using Static Variable
  • Build Rating Widget using Model Variable
  • Building an Interactive Rating Widget

Select

  • Configuring Select Widget from a Static List of Values
  • Configuring Select Widget from a Static Variable
  • Configuring Select Widget from a Variable
  • Configuring Select Widget using Display and Data Fields
  • Configuring Select Widget from Database Fields
  • Configuring Cascading Select
  • Selection Widgets - Use Case

Progress Circle

  • Using Progress Circle Widget

Charts

  • Working with Charts
  • Display User Selection in another Widget
  • Handling Dynamic Data
  • Custom Data

Richtext Editor

  • Adding Custom Fonts to Richtext Editor

Live filter

  • Applying Live Filter to a Data Table or a Chart
  • Building a Multiple Selection Live Filter
  • Building a Range Live Filter

Container

  • Setting partial page content for Accordion within a List
  • Setting partial page content for Panel within a List using JavaScript
  • How Tos: Wizard
  • Dynamic Tabs and Accordions

Tree

  • Tree using Static Variable
  • Tree using Java Service
  • Tree using Dynamic Tree

Prefabs

  • Creating Partials in a Prefab
  • Create Prefab using Third Party UI Widgets
  • Create a Simple Prefab
  • Create Prefab Using D3 & NVD3 Charts
  • Create Prefab Using D3 Library DataMaps
  • Create Prefab using JQuery Plugin
  • Create Prefab using Angular Module
  • Create Prefab using Angular, React Components
  • Azure OAuth Prefab Integration

Team Poral Configure Vcs

  • Configure Azure Repos In CodeRepository
Edit

Multiple Security Provider Implementation


The document provides an overview for implementing authentication for the application created in Studio using the Database as the security provider as well as using Google Oauth integration.

App settings to configure in Google Developer Console

  1. Login into the Google Developer Console https://console.developers.google.com/
  2. Create a project in the google developer account.
  3. From the API Manager left nav, select the Credentials option and navigate to the “OAuth Consent screen” tab. Provide Product Name and save the settings.
  4. Navigate to the Credentials tab, and create “oAuth client ID” credentials for the project.
  5. Choose the Application type as Web application. Enter the Authorized JavaScript Origin and Authorized Redirect URIs. An example of a sample redirect URI is as below:
https://www.wavemakeronline.com/run-[container-name]/[project-name]/prefabs/GoogleOAuth/oAuthHandler/callback
note

In the above URL change the container name and your project name accordingly.

  1. Click on Create. A client ID and client secret is issued for the specific client/user. Note down the client ID and secret as it will be used in the Studio application for further development purpose.

Configurations to be made in the Studio application

  1. Create a new application in Studio.
  2. Add Database to your app by Connect to Database to import Sample hrdb. You can choose to import any DB of your choice, ensure that there exists a table with Username/Role details.
  3. Create New page in the application to place the Google OAuth prefab for login.(lets call the page as GoogleLogin for reference in later points) NOTE: For the sake of convenience we have shown the use case with a different page for Google Login. You can implement these steps using the default Login page provided by WaveMaker.
  4. Drag and drop the Google OAuth prefab in this newly created page. For the prefab, specify the Secret, Scope, Appid, Page parameters. Please note that the Scope is with reference to the google API being utilised for ex: email. The Page parameter is the name of the page in which the googleOAuth prefab is placed i.e., the current page itself (GoogleLogin page)
  5. Open the Login page of the application and add a button widget below the Login button.
  6. Provide “Login Using Google” as the caption of the button widget. For the onClick event of the button widget, choose the Navigation variable for the page in which the google oAuth prefab is placed i.e., GoogleLogin page in the sample scenario.
  7. In the GoogleLogin page, create a page level Login action with the access token received from the googleOAuth prefab as input to the variable by binding it to the password field.
  8. For the on Load event of the google OAuth prefab, choose JavaScript as operation. In the function generated in the script tab of the page, place the code snippet below:
Page.<GoogleOAuth_prefab_name>Load = function(widget) {
    angular.$watch('accesstoken', function(newVal) {
            if (newVal) {
                    Page.Variables.<login_variable_page_level_name>.invoke();
                }
        });
    };
  1. Open the File Explorer and locate pom.xml file and add the below dependency for the spring social google in the dependencies tag.
<dependency>
        <groupId>org.springframework.social</groupId>
        <artifactId>spring-social-google</artifactId>
        <version>1.0.0.RELEASE</version>
</dependency>
  1. Create a query which retrieves the user details based on the logged in user name. This query will be later on autowired and used in the Java Service for authenticating the user if DB as security provider is used.
  2. Create a Java Service named MyAuthenticationManager.
  3. Add the following import statements:
import javax.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import com.wavemaker.runtime.security.SecurityService;
import com.wavemaker.runtime.service.annotations.ExposeToClient;
import com.wavemaker.runtime.service.annotations.HideFromClient;
import javax.servlet.http.HttpServletRequest;
import com.wavemaker.runtime.security.SecurityService;
import com.wavemaker.runtime.service.annotations.ExposeToClient;
import com.wavemaker.runtime.service.annotations.HideFromClient;
import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.List;
import java.util.Map;
import com.wavemaker.runtime.security.WMCustomAuthenticationManager;
import com.wavemaker.runtime.security.WMUser;
import org.springframework.social.google.api.Google;
import org.springframework.social.google.api.impl.GoogleTemplate;
import org.springframework.social.google.api.plus.Person;
import com.wavemaker.runtime.security.AuthRequestContext;
import org.springframework.data.domain.Page;
import com.hrdb.service.HrdbQueryExecutorService;
  1. The class definition is as follows:
//implementing the custom authentication Manager Class
    @ExposeToClient
public class MyAuthenticationManager implements WMCustomAuthenticationManager {

private static final Logger logger = LoggerFactory.getLogger(MyAuthenticationManager.class);

    @Autowired
    private SecurityService securityService;

//autowiring the entity query executor for retrieving the logged in user details
    @Autowired
    private HrdbQueryExecutorService hrdbQueryExecutorService;

    // overridding the authenticate method of custom authentication manager class
    @Override
    public WMUser authenticate(AuthRequestContext authRequestContext) {
        HttpServletRequest httpServletRequest = authRequestContext.getHttpServletRequest();

//setting the logged in user object to null initially
        WMUser user = null;

//checking for the security provider type i.e., whether it is OAuth or DB provider
        String securityProvider = httpServletRequest.getParameter("j_username");

//logic for the OAuth as the security provider
        if ("OAUTH".equals(securityProvider)) {
//obtaining the token from Prefab
            String token = httpServletRequest.getParameter("j_password"); 
            if (token == null) {
                return null;
            }
            logger.info(" --------- Token is "+token);
            try {
        //passing the token to Google
                Google google = new GoogleTemplate(token); 
                Person person = google.plusOperations().getGoogleProfile();
                logger.info("----------------- -- - --- -----------"+ person.getDisplayName());
//creating the WMUSer i.e., logged in user object
                user = new WMUser(token, person.getDisplayName(), Arrays.asList("user"));             } catch (Exception e) {
                logger.error("Failed to authenticate", e);
                throw e;
            }
        } else {
//logic for the DB as security provider
            String username = httpServletRequest.getParameter("j_username");
            String providedPassword = httpServletRequest.getParameter("j_password");
//references the query created to obtain logged in user details           
    List<Object> userObjects = hrdbQueryExecutorService.executeGetUserByName(null, username).getContent();
            if (userObjects == null || userObjects.size() != 1 ) {
                return null;
            }
            Map userObject = (Map) userObjects.iterator().next();
            String actualPassword = (String) userObject.get("PASSWORD");
            if (providedPassword.equals(actualPassword)) {
                user = new WMUser(username, username, Arrays.asList("user"));
            }
        }
// returning the logged in user object
        return user;
    }

}
  1. Open Security Dialog and choose the Security Provider as custom. Provide the Class Name property as the package name of the MyAuthenticationManager java service created above. Save the settings.
  2. Run the Application.
    1. The login page appears, Login using the Login Page - admin/admin; you will see the Employee Data
    2. Logout and Login using Google Button; Google Login Page shows up
Last updated on 7/15/2020 by Swetha Kundaram
← Custom Security using Google OAuth PrefabCustomizing Post Authentication Handlers →
  • App settings to configure in Google Developer Console
  • Configurations to be made in the Studio application
WaveMaker
  • PRICING
  • PARTNERS
  • CUSTOMERS
  • ABOUT US
  • CONTACT US
Terms of Use | Copyright © 2013-2023 WaveMaker, Inc. All rights reserved.