001/* 002 * (C) Copyright 2014-2017 Nuxeo (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Arnaud Kervern 018 */ 019package org.nuxeo.ecm.platform.oauth2.clients; 020 021import java.io.Serializable; 022import java.util.Collections; 023import java.util.List; 024import java.util.Map; 025import java.util.stream.Collectors; 026 027import org.apache.commons.logging.Log; 028import org.apache.commons.logging.LogFactory; 029import org.nuxeo.ecm.core.api.DocumentModel; 030import org.nuxeo.ecm.core.api.DocumentModelList; 031import org.nuxeo.ecm.core.api.NuxeoException; 032import org.nuxeo.ecm.directory.DirectoryException; 033import org.nuxeo.ecm.directory.Session; 034import org.nuxeo.ecm.directory.api.DirectoryService; 035import org.nuxeo.runtime.api.Framework; 036import org.nuxeo.runtime.model.DefaultComponent; 037 038/** 039 * OAuth2 Client service 040 * 041 * @since 9.2 042 */ 043public class OAuth2ClientServiceImpl extends DefaultComponent implements OAuth2ClientService { 044 045 private static final Log log = LogFactory.getLog(OAuth2ClientServiceImpl.class); 046 047 @Override 048 public boolean hasClient(String clientId) { 049 OAuth2Client client = getClient(clientId); 050 return client != null && client.isEnabled(); 051 } 052 053 @Override 054 public boolean isValidClient(String clientId, String clientSecret) { 055 OAuth2Client client = getClient(clientId); 056 return client != null && client.isValidWith(clientId, clientSecret); 057 } 058 059 @Override 060 public OAuth2Client getClient(String clientId) { 061 DocumentModel doc = getClientModel(clientId); 062 if (doc == null) { 063 return null; 064 } 065 return OAuth2Client.fromDocumentModel(doc); 066 } 067 068 @Override 069 public List<OAuth2Client> getClients() { 070 return queryClients().stream().map(OAuth2Client::fromDocumentModel).collect(Collectors.toList()); 071 } 072 073 protected DocumentModel getClientModel(String clientId) { 074 DirectoryService service = Framework.getService(DirectoryService.class); 075 return Framework.doPrivileged(() -> { 076 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 077 Map<String, Serializable> filter = Collections.singletonMap("clientId", clientId); 078 DocumentModelList docs = session.query(filter); 079 if (docs.size() == 1) { 080 return docs.get(0); 081 } else if (docs.size() > 1) { 082 throw new NuxeoException( 083 String.format("More than one client registered for the '%s' id", clientId)); 084 } 085 } 086 return null; 087 }); 088 } 089 090 protected List<DocumentModel> queryClients() { 091 DirectoryService service = Framework.getService(DirectoryService.class); 092 return Framework.doPrivileged(() -> { 093 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 094 return session.query(Collections.emptyMap()); 095 } catch (DirectoryException e) { 096 throw new NuxeoException("Error while fetching client directory", e); 097 } 098 }); 099 } 100}