Source code

001/*
002 * (C) Copyright 2012 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Antoine Taillefer
018 */
019
020package org.nuxeo.ecm.tokenauth.webapp;
021
022import java.io.Serializable;
023import java.util.Map;
024
025import org.jboss.seam.ScopeType;
026import org.jboss.seam.annotations.In;
027import org.jboss.seam.annotations.Name;
028import org.jboss.seam.annotations.Scope;
029import org.jboss.seam.faces.FacesMessages;
030import org.jboss.seam.international.StatusMessage;
031import org.nuxeo.ecm.core.api.DocumentModel;
032import org.nuxeo.ecm.core.api.DocumentModelList;
033import org.nuxeo.ecm.core.api.NuxeoPrincipal;
034import org.nuxeo.ecm.core.api.PropertyException;
035import org.nuxeo.ecm.tokenauth.service.TokenAuthenticationService;
036import org.nuxeo.runtime.api.Framework;
037
038/**
039 * Manages user's authentication token bindings.
040 *
041 * @author Antoine Taillefer (ataillefer@nuxeo.com)
042 * @since 5.7
043 */
044@Name("tokenAuthenticationActions")
045@Scope(ScopeType.CONVERSATION)
046public class TokenAuthenticationActionsBean implements Serializable {
047
048    private static final long serialVersionUID = 1L;
049
050    @In(create = true)
051    private transient NuxeoPrincipal currentNuxeoPrincipal;
052
053    @In(create = true, required = false)
054    protected transient FacesMessages facesMessages;
055
056    @In(create = true)
057    protected Map<String, String> messages;
058
059    protected DocumentModelList currentUserAuthTokenBindings;
060
061    public DocumentModelList getCurrentUserAuthTokenBindings() {
062
063        if (currentUserAuthTokenBindings == null) {
064            TokenAuthenticationService tokenAuthenticationService = Framework.getService(TokenAuthenticationService.class);
065            currentUserAuthTokenBindings = tokenAuthenticationService.getTokenBindings(currentNuxeoPrincipal.getName());
066        }
067        return currentUserAuthTokenBindings;
068    }
069
070    public void deleteAuthTokenBinding(String tokenId) {
071
072        TokenAuthenticationService tokenAuthenticationService = Framework.getService(TokenAuthenticationService.class);
073        tokenAuthenticationService.revokeToken(tokenId);
074
075        reset();
076        facesMessages.add(StatusMessage.Severity.INFO, messages.get("label.tokenauth.revoked"));
077    }
078
079    public void deleteAllTokenBindings() throws PropertyException {
080        reset();
081        TokenAuthenticationService tokenAuthenticationService = Framework.getService(TokenAuthenticationService.class);
082        for (DocumentModel tokenBinding : getCurrentUserAuthTokenBindings()) {
083            String tokenId = (String) tokenBinding.getPropertyValue("authtoken:token");
084            tokenAuthenticationService.revokeToken(tokenId);
085
086        }
087        reset();
088        facesMessages.add(StatusMessage.Severity.INFO, messages.get("label.tokenauth.revoked"));
089    }
090
091    public void refreshAuthTokenBindings() {
092        reset();
093    }
094
095    protected void reset() {
096        currentUserAuthTokenBindings = null;
097    }
098
099}