001/* 002 * (C) Copyright 2015 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nelson Silva 018 */ 019package org.nuxeo.ecm.platform.oauth2.providers; 020 021import java.io.Serializable; 022import java.util.HashMap; 023import java.util.Map; 024 025import org.apache.commons.logging.Log; 026import org.apache.commons.logging.LogFactory; 027import org.nuxeo.ecm.core.api.DocumentModel; 028import org.nuxeo.ecm.core.api.DocumentModelList; 029import org.nuxeo.ecm.directory.Session; 030import org.nuxeo.ecm.directory.api.DirectoryService; 031import org.nuxeo.ecm.platform.oauth2.tokens.NuxeoOAuth2Token; 032import org.nuxeo.runtime.api.Framework; 033 034/** 035 * Directory backed storage for mapping between users and services The current implementation reuses the existing token 036 * directory as storage. 037 * 038 * @since 7.3 039 */ 040public class OAuth2ServiceUserStore { 041 042 protected static final Log log = LogFactory.getLog(OAuth2ServiceUserStore.class); 043 044 public static final String DIRECTORY_NAME = "oauth2Tokens"; 045 046 public static final String ENTRY_ID = "id"; 047 048 private String serviceName; 049 050 public OAuth2ServiceUserStore(String serviceName) { 051 this.serviceName = serviceName; 052 } 053 054 public String store(String nuxeoLogin) { 055 return store(nuxeoLogin, new HashMap<>()); 056 } 057 058 public String store(String nuxeoLogin, Map<String, Object> fields) { 059 DirectoryService ds = Framework.getService(DirectoryService.class); 060 return Framework.doPrivileged(() -> { 061 try (Session session = ds.open(DIRECTORY_NAME)) { 062 fields.put("nuxeoLogin", nuxeoLogin); 063 fields.put("serviceName", serviceName); 064 DocumentModel entry = session.createEntry(fields); 065 Long id = (Long) entry.getProperty(NuxeoOAuth2Token.SCHEMA, ENTRY_ID); 066 return id.toString(); 067 } 068 }); 069 } 070 071 public String find(Map<String, Serializable> filter) { 072 filter.put("serviceName", serviceName); 073 DocumentModelList entries = query(filter); 074 if (entries == null || entries.size() == 0) { 075 return null; 076 } 077 if (entries.size() > 1) { 078 log.error("Found several tokens"); 079 } 080 Long id = (Long) entries.get(0).getProperty(NuxeoOAuth2Token.SCHEMA, ENTRY_ID); 081 return id.toString(); 082 } 083 084 protected DocumentModelList query(Map<String, Serializable> filter) { 085 DirectoryService ds = Framework.getService(DirectoryService.class); 086 return Framework.doPrivileged(() -> { 087 try (Session session = ds.open(DIRECTORY_NAME)) { 088 return session.query(filter); 089 } 090 }); 091 } 092}