001/* 002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 */ 019 020package org.nuxeo.ecm.platform.oauth.providers; 021 022import java.io.Serializable; 023import java.util.ArrayList; 024import java.util.Collections; 025import java.util.HashMap; 026import java.util.HashSet; 027import java.util.List; 028import java.util.Map; 029import java.util.Random; 030import java.util.Set; 031 032import org.apache.commons.logging.Log; 033import org.apache.commons.logging.LogFactory; 034import org.nuxeo.ecm.core.api.DocumentModel; 035import org.nuxeo.ecm.core.api.DocumentModelList; 036import org.nuxeo.ecm.core.api.PropertyException; 037import org.nuxeo.ecm.directory.DirectoryException; 038import org.nuxeo.ecm.directory.Session; 039import org.nuxeo.ecm.directory.api.DirectoryService; 040import org.nuxeo.runtime.api.Framework; 041import org.nuxeo.runtime.model.DefaultComponent; 042 043/** 044 * Implementation of the {@link OAuthServiceProviderRegistry}. The main storage backend is a SQL Directory. Readonly 045 * providers (contributed directly at OpenSocialService level) are managed in memory. 046 * 047 * @author tiry 048 */ 049public class OAuthServiceProviderRegistryImpl extends DefaultComponent implements OAuthServiceProviderRegistry { 050 051 protected static final Log log = LogFactory.getLog(OAuthServiceProviderRegistryImpl.class); 052 053 public static final String DIRECTORY_NAME = "oauthServiceProviders"; 054 055 protected static final Random RANDOM = new Random(); 056 057 protected Map<String, NuxeoOAuthServiceProvider> inMemoryProviders = new HashMap<String, NuxeoOAuthServiceProvider>(); 058 059 @Override 060 public NuxeoOAuthServiceProvider getProvider(String gadgetUri, String serviceName) { 061 try { 062 NuxeoOAuthServiceProvider provider = getEntry(gadgetUri, serviceName, null); 063 return provider; 064 } catch (DirectoryException e) { 065 log.error("Unable to read provider from Directory backend", e); 066 return null; 067 } 068 } 069 070 protected String getBareGadgetUri(String gadgetUri) { 071 if (gadgetUri == null) { 072 return null; 073 } 074 String pattern = "http(s)?://(localhost|127.0.0.1)"; 075 return gadgetUri.replaceFirst(pattern, ""); 076 } 077 078 protected String preProcessServiceName(String serviceName) { 079 if (serviceName != null && serviceName.trim().isEmpty()) { 080 return null; 081 } 082 return serviceName; 083 } 084 085 protected DocumentModel getBestEntry(DocumentModelList entries, String gadgetUri, String serviceName) 086 throws PropertyException { 087 if (entries.size() > 1) { 088 log.warn("Found several entries for gadgetUri=" + gadgetUri + " and serviceName=" + serviceName); 089 } 090 if (serviceName == null || serviceName.trim().isEmpty()) { 091 for (DocumentModel entry : entries) { 092 if (entry.getPropertyValue("serviceName") == null 093 || ((String) entry.getPropertyValue("serviceName")).trim().isEmpty()) { 094 return entry; 095 } 096 } 097 return null; 098 } else if (gadgetUri == null || gadgetUri.trim().isEmpty()) { 099 for (DocumentModel entry : entries) { 100 if (entry.getPropertyValue("gadgetUrl") == null 101 || ((String) entry.getPropertyValue("gadgetUrl")).trim().isEmpty()) { 102 return entry; 103 } 104 } 105 return null; 106 } 107 108 // XXX do better than that ! 109 return entries.get(0); 110 } 111 112 protected NuxeoOAuthServiceProvider getEntry(String gadgetUri, String serviceName, Set<String> ftFilter) 113 { 114 115 String id = mkStringIdx(gadgetUri, serviceName); 116 if (inMemoryProviders.containsKey(id)) { 117 return inMemoryProviders.get(id); 118 } 119 120 // normalize "enmpty" service name 121 serviceName = preProcessServiceName(serviceName); 122 123 if (gadgetUri == null && serviceName == null) { 124 log.warn("Can not find provider with null gadgetUri and null serviceName !"); 125 return null; 126 } 127 128 DirectoryService ds = Framework.getService(DirectoryService.class); 129 NuxeoOAuthServiceProvider provider = null; 130 try (Session session = ds.open(DIRECTORY_NAME)) { 131 Map<String, Serializable> filter = new HashMap<String, Serializable>(); 132 if (gadgetUri != null) { 133 filter.put("gadgetUrl", gadgetUri); 134 } 135 if (serviceName != null) { 136 filter.put("serviceName", serviceName); 137 } 138 DocumentModelList entries = session.query(filter, ftFilter); 139 if (entries == null || entries.size() == 0) { 140 String bareGadgetUrl = getBareGadgetUri(gadgetUri); 141 if (bareGadgetUrl != null && !bareGadgetUrl.equals(gadgetUri)) { 142 Set<String> urlfilter = new HashSet<String>(); 143 urlfilter.add("gadgetUrl"); 144 return getEntry(bareGadgetUrl, serviceName, urlfilter); 145 } 146 if (serviceName != null) { 147 if (bareGadgetUrl != null) { 148 provider = getEntry(bareGadgetUrl, null, ftFilter); 149 if (provider != null) { 150 return provider; 151 } 152 } 153 if (gadgetUri != null) { 154 return getEntry(null, serviceName, ftFilter); 155 } 156 } 157 return null; 158 } 159 DocumentModel entry = getBestEntry(entries, gadgetUri, serviceName); 160 if (entry == null) { 161 return null; 162 } 163 provider = NuxeoOAuthServiceProvider.createFromDirectoryEntry(entry); 164 return provider; 165 } 166 } 167 168 protected String mkStringIdx(String gadgetUri, String serviceName) { 169 return "k-" + gadgetUri + "-" + serviceName; 170 } 171 172 @Override 173 public NuxeoOAuthServiceProvider addReadOnlyProvider(String gadgetUri, String serviceName, String consumerKey, 174 String consumerSecret, String publicKey) { 175 String id = mkStringIdx(gadgetUri, serviceName); 176 long dummyId = RANDOM.nextLong(); 177 NuxeoOAuthServiceProvider sp = new NuxeoOAuthServiceProvider(dummyId, gadgetUri, serviceName, consumerKey, 178 consumerSecret, publicKey); 179 inMemoryProviders.put(id, sp); 180 return sp; 181 } 182 183 @Override 184 public void deleteProvider(String gadgetUri, String serviceName) { 185 186 NuxeoOAuthServiceProvider provider = getProvider(gadgetUri, serviceName); 187 if (provider != null) { 188 deleteProvider(provider.id.toString()); 189 } 190 191 } 192 193 @Override 194 public void deleteProvider(String providerId) { 195 try { 196 DirectoryService ds = Framework.getService(DirectoryService.class); 197 try (Session session = ds.open(DIRECTORY_NAME)) { 198 session.deleteEntry(providerId); 199 } 200 } catch (DirectoryException e) { 201 log.error("Unable to delete provider " + providerId, e); 202 } 203 } 204 205 @Override 206 public List<NuxeoOAuthServiceProvider> listProviders() { 207 208 List<NuxeoOAuthServiceProvider> result = new ArrayList<NuxeoOAuthServiceProvider>(); 209 for (NuxeoOAuthServiceProvider provider : inMemoryProviders.values()) { 210 result.add(provider); 211 } 212 DirectoryService ds = Framework.getService(DirectoryService.class); 213 Framework.doPrivileged(() -> { 214 try (Session session = ds.open(DIRECTORY_NAME)) { 215 DocumentModelList entries = session.query(Collections.emptyMap()); 216 for (DocumentModel entry : entries) { 217 result.add(NuxeoOAuthServiceProvider.createFromDirectoryEntry(entry)); 218 } 219 } catch (DirectoryException e) { 220 log.error("Error while fetching provider directory", e); 221 } 222 }); 223 return result; 224 } 225}