001/* 002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 */ 019 020package org.nuxeo.ecm.platform.oauth.providers; 021 022import java.io.Serializable; 023import java.util.ArrayList; 024import java.util.HashMap; 025import java.util.HashSet; 026import java.util.List; 027import java.util.Map; 028import java.util.Random; 029import java.util.Set; 030 031import org.apache.commons.logging.Log; 032import org.apache.commons.logging.LogFactory; 033import org.nuxeo.ecm.core.api.DocumentModel; 034import org.nuxeo.ecm.core.api.DocumentModelList; 035import org.nuxeo.ecm.core.api.PropertyException; 036import org.nuxeo.ecm.directory.DirectoryException; 037import org.nuxeo.ecm.directory.Session; 038import org.nuxeo.ecm.directory.api.DirectoryService; 039import org.nuxeo.runtime.api.Framework; 040import org.nuxeo.runtime.model.DefaultComponent; 041 042/** 043 * Implementation of the {@link OAuthServiceProviderRegistry}. The main storage backend is a SQL Directory. Readonly 044 * providers (contributed directly at OpenSocialService level) are managed in memory. 045 * 046 * @author tiry 047 */ 048public class OAuthServiceProviderRegistryImpl extends DefaultComponent implements OAuthServiceProviderRegistry { 049 050 protected static final Log log = LogFactory.getLog(OAuthServiceProviderRegistryImpl.class); 051 052 public static final String DIRECTORY_NAME = "oauthServiceProviders"; 053 054 protected Map<String, NuxeoOAuthServiceProvider> inMemoryProviders = new HashMap<String, NuxeoOAuthServiceProvider>(); 055 056 @Override 057 public NuxeoOAuthServiceProvider getProvider(String gadgetUri, String serviceName) { 058 try { 059 NuxeoOAuthServiceProvider provider = getEntry(gadgetUri, serviceName, null); 060 return provider; 061 } catch (DirectoryException e) { 062 log.error("Unable to read provider from Directory backend", e); 063 return null; 064 } 065 } 066 067 protected String getBareGadgetUri(String gadgetUri) { 068 if (gadgetUri == null) { 069 return null; 070 } 071 String pattern = "http(s)?://(localhost|127.0.0.1)"; 072 return gadgetUri.replaceFirst(pattern, ""); 073 } 074 075 protected String preProcessServiceName(String serviceName) { 076 if (serviceName != null && serviceName.trim().isEmpty()) { 077 return null; 078 } 079 return serviceName; 080 } 081 082 protected DocumentModel getBestEntry(DocumentModelList entries, String gadgetUri, String serviceName) 083 throws PropertyException { 084 if (entries.size() > 1) { 085 log.warn("Found several entries for gadgetUri=" + gadgetUri + " and serviceName=" + serviceName); 086 } 087 if (serviceName == null || serviceName.trim().isEmpty()) { 088 for (DocumentModel entry : entries) { 089 if (entry.getPropertyValue("serviceName") == null 090 || ((String) entry.getPropertyValue("serviceName")).trim().isEmpty()) { 091 return entry; 092 } 093 } 094 return null; 095 } else if (gadgetUri == null || gadgetUri.trim().isEmpty()) { 096 for (DocumentModel entry : entries) { 097 if (entry.getPropertyValue("gadgetUrl") == null 098 || ((String) entry.getPropertyValue("gadgetUrl")).trim().isEmpty()) { 099 return entry; 100 } 101 } 102 return null; 103 } 104 105 // XXX do better than that ! 106 return entries.get(0); 107 } 108 109 protected NuxeoOAuthServiceProvider getEntry(String gadgetUri, String serviceName, Set<String> ftFilter) 110 { 111 112 String id = mkStringIdx(gadgetUri, serviceName); 113 if (inMemoryProviders.containsKey(id)) { 114 return inMemoryProviders.get(id); 115 } 116 117 // normalize "enmpty" service name 118 serviceName = preProcessServiceName(serviceName); 119 120 if (gadgetUri == null && serviceName == null) { 121 log.warn("Can not find provider with null gadgetUri and null serviceName !"); 122 return null; 123 } 124 125 DirectoryService ds = Framework.getService(DirectoryService.class); 126 NuxeoOAuthServiceProvider provider = null; 127 try (Session session = ds.open(DIRECTORY_NAME)) { 128 Map<String, Serializable> filter = new HashMap<String, Serializable>(); 129 if (gadgetUri != null) { 130 filter.put("gadgetUrl", gadgetUri); 131 } 132 if (serviceName != null) { 133 filter.put("serviceName", serviceName); 134 } 135 DocumentModelList entries = session.query(filter, ftFilter); 136 if (entries == null || entries.size() == 0) { 137 String bareGadgetUrl = getBareGadgetUri(gadgetUri); 138 if (bareGadgetUrl != null && !bareGadgetUrl.equals(gadgetUri)) { 139 Set<String> urlfilter = new HashSet<String>(); 140 urlfilter.add("gadgetUrl"); 141 return getEntry(bareGadgetUrl, serviceName, urlfilter); 142 } 143 if (serviceName != null) { 144 if (bareGadgetUrl != null) { 145 provider = getEntry(bareGadgetUrl, null, ftFilter); 146 if (provider != null) { 147 return provider; 148 } 149 } 150 if (gadgetUri != null) { 151 return getEntry(null, serviceName, ftFilter); 152 } 153 } 154 return null; 155 } 156 DocumentModel entry = getBestEntry(entries, gadgetUri, serviceName); 157 if (entry == null) { 158 return null; 159 } 160 provider = NuxeoOAuthServiceProvider.createFromDirectoryEntry(entry); 161 return provider; 162 } 163 } 164 165 protected String mkStringIdx(String gadgetUri, String serviceName) { 166 return "k-" + gadgetUri + "-" + serviceName; 167 } 168 169 @Override 170 public NuxeoOAuthServiceProvider addReadOnlyProvider(String gadgetUri, String serviceName, String consumerKey, 171 String consumerSecret, String publicKey) { 172 String id = mkStringIdx(gadgetUri, serviceName); 173 Long dummyId = new Random().nextLong(); 174 NuxeoOAuthServiceProvider sp = new NuxeoOAuthServiceProvider(dummyId, gadgetUri, serviceName, consumerKey, 175 consumerSecret, publicKey); 176 inMemoryProviders.put(id, sp); 177 return sp; 178 } 179 180 @Override 181 public void deleteProvider(String gadgetUri, String serviceName) { 182 183 NuxeoOAuthServiceProvider provider = getProvider(gadgetUri, serviceName); 184 if (provider != null) { 185 deleteProvider(provider.id.toString()); 186 } 187 188 } 189 190 @Override 191 public void deleteProvider(String providerId) { 192 try { 193 DirectoryService ds = Framework.getService(DirectoryService.class); 194 try (Session session = ds.open(DIRECTORY_NAME)) { 195 session.deleteEntry(providerId); 196 } 197 } catch (DirectoryException e) { 198 log.error("Unable to delete provider " + providerId, e); 199 } 200 } 201 202 @Override 203 public List<NuxeoOAuthServiceProvider> listProviders() { 204 205 List<NuxeoOAuthServiceProvider> result = new ArrayList<NuxeoOAuthServiceProvider>(); 206 for (NuxeoOAuthServiceProvider provider : inMemoryProviders.values()) { 207 result.add(provider); 208 } 209 DirectoryService ds = Framework.getService(DirectoryService.class); 210 Framework.doPrivileged(() -> { 211 try (Session session = ds.open(DIRECTORY_NAME)) { 212 DocumentModelList entries = session.getEntries(); 213 for (DocumentModel entry : entries) { 214 result.add(NuxeoOAuthServiceProvider.createFromDirectoryEntry(entry)); 215 } 216 } catch (DirectoryException e) { 217 log.error("Error while fetching provider directory", e); 218 } 219 }); 220 return result; 221 } 222}