001/*
002 * (C) Copyright 2010 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 */
019
020package org.nuxeo.ecm.platform.oauth.providers;
021
022import java.io.Serializable;
023import java.util.ArrayList;
024import java.util.HashMap;
025import java.util.HashSet;
026import java.util.List;
027import java.util.Map;
028import java.util.Random;
029import java.util.Set;
030
031import org.apache.commons.logging.Log;
032import org.apache.commons.logging.LogFactory;
033import org.nuxeo.ecm.core.api.DocumentModel;
034import org.nuxeo.ecm.core.api.DocumentModelList;
035import org.nuxeo.ecm.core.api.PropertyException;
036import org.nuxeo.ecm.directory.DirectoryException;
037import org.nuxeo.ecm.directory.Session;
038import org.nuxeo.ecm.directory.api.DirectoryService;
039import org.nuxeo.runtime.api.Framework;
040import org.nuxeo.runtime.model.DefaultComponent;
041
042/**
043 * Implementation of the {@link OAuthServiceProviderRegistry}. The main storage backend is a SQL Directory. Readonly
044 * providers (contributed directly at OpenSocialService level) are managed in memory.
045 *
046 * @author tiry
047 */
048public class OAuthServiceProviderRegistryImpl extends DefaultComponent implements OAuthServiceProviderRegistry {
049
050    protected static final Log log = LogFactory.getLog(OAuthServiceProviderRegistryImpl.class);
051
052    public static final String DIRECTORY_NAME = "oauthServiceProviders";
053
054    protected Map<String, NuxeoOAuthServiceProvider> inMemoryProviders = new HashMap<String, NuxeoOAuthServiceProvider>();
055
056    @Override
057    public NuxeoOAuthServiceProvider getProvider(String gadgetUri, String serviceName) {
058        try {
059            NuxeoOAuthServiceProvider provider = getEntry(gadgetUri, serviceName, null);
060            return provider;
061        } catch (DirectoryException e) {
062            log.error("Unable to read provider from Directory backend", e);
063            return null;
064        }
065    }
066
067    protected String getBareGadgetUri(String gadgetUri) {
068        if (gadgetUri == null) {
069            return null;
070        }
071        String pattern = "http(s)?://(localhost|127.0.0.1)";
072        return gadgetUri.replaceFirst(pattern, "");
073    }
074
075    protected String preProcessServiceName(String serviceName) {
076        if (serviceName != null && serviceName.trim().isEmpty()) {
077            return null;
078        }
079        return serviceName;
080    }
081
082    protected DocumentModel getBestEntry(DocumentModelList entries, String gadgetUri, String serviceName)
083            throws PropertyException {
084        if (entries.size() > 1) {
085            log.warn("Found several entries for gadgetUri=" + gadgetUri + " and serviceName=" + serviceName);
086        }
087        if (serviceName == null || serviceName.trim().isEmpty()) {
088            for (DocumentModel entry : entries) {
089                if (entry.getPropertyValue("serviceName") == null
090                        || ((String) entry.getPropertyValue("serviceName")).trim().isEmpty()) {
091                    return entry;
092                }
093            }
094            return null;
095        } else if (gadgetUri == null || gadgetUri.trim().isEmpty()) {
096            for (DocumentModel entry : entries) {
097                if (entry.getPropertyValue("gadgetUrl") == null
098                        || ((String) entry.getPropertyValue("gadgetUrl")).trim().isEmpty()) {
099                    return entry;
100                }
101            }
102            return null;
103        }
104
105        // XXX do better than that !
106        return entries.get(0);
107    }
108
109    protected NuxeoOAuthServiceProvider getEntry(String gadgetUri, String serviceName, Set<String> ftFilter)
110            {
111
112        String id = mkStringIdx(gadgetUri, serviceName);
113        if (inMemoryProviders.containsKey(id)) {
114            return inMemoryProviders.get(id);
115        }
116
117        // normalize "enmpty" service name
118        serviceName = preProcessServiceName(serviceName);
119
120        if (gadgetUri == null && serviceName == null) {
121            log.warn("Can not find provider with null gadgetUri and null serviceName !");
122            return null;
123        }
124
125        DirectoryService ds = Framework.getService(DirectoryService.class);
126        NuxeoOAuthServiceProvider provider = null;
127        try (Session session = ds.open(DIRECTORY_NAME)) {
128            Map<String, Serializable> filter = new HashMap<String, Serializable>();
129            if (gadgetUri != null) {
130                filter.put("gadgetUrl", gadgetUri);
131            }
132            if (serviceName != null) {
133                filter.put("serviceName", serviceName);
134            }
135            DocumentModelList entries = session.query(filter, ftFilter);
136            if (entries == null || entries.size() == 0) {
137                String bareGadgetUrl = getBareGadgetUri(gadgetUri);
138                if (bareGadgetUrl != null && !bareGadgetUrl.equals(gadgetUri)) {
139                    Set<String> urlfilter = new HashSet<String>();
140                    urlfilter.add("gadgetUrl");
141                    return getEntry(bareGadgetUrl, serviceName, urlfilter);
142                }
143                if (serviceName != null) {
144                    if (bareGadgetUrl != null) {
145                        provider = getEntry(bareGadgetUrl, null, ftFilter);
146                        if (provider != null) {
147                            return provider;
148                        }
149                    }
150                    if (gadgetUri != null) {
151                        return getEntry(null, serviceName, ftFilter);
152                    }
153                }
154                return null;
155            }
156            DocumentModel entry = getBestEntry(entries, gadgetUri, serviceName);
157            if (entry == null) {
158                return null;
159            }
160            provider = NuxeoOAuthServiceProvider.createFromDirectoryEntry(entry);
161            return provider;
162        }
163    }
164
165    protected String mkStringIdx(String gadgetUri, String serviceName) {
166        return "k-" + gadgetUri + "-" + serviceName;
167    }
168
169    @Override
170    public NuxeoOAuthServiceProvider addReadOnlyProvider(String gadgetUri, String serviceName, String consumerKey,
171            String consumerSecret, String publicKey) {
172        String id = mkStringIdx(gadgetUri, serviceName);
173        Long dummyId = new Random().nextLong();
174        NuxeoOAuthServiceProvider sp = new NuxeoOAuthServiceProvider(dummyId, gadgetUri, serviceName, consumerKey,
175                consumerSecret, publicKey);
176        inMemoryProviders.put(id, sp);
177        return sp;
178    }
179
180    @Override
181    public void deleteProvider(String gadgetUri, String serviceName) {
182
183        NuxeoOAuthServiceProvider provider = getProvider(gadgetUri, serviceName);
184        if (provider != null) {
185            deleteProvider(provider.id.toString());
186        }
187
188    }
189
190    @Override
191    public void deleteProvider(String providerId) {
192        try {
193            DirectoryService ds = Framework.getService(DirectoryService.class);
194            try (Session session = ds.open(DIRECTORY_NAME)) {
195                session.deleteEntry(providerId);
196            }
197        } catch (DirectoryException e) {
198            log.error("Unable to delete provider " + providerId, e);
199        }
200    }
201
202    @Override
203    public List<NuxeoOAuthServiceProvider> listProviders() {
204
205        List<NuxeoOAuthServiceProvider> result = new ArrayList<NuxeoOAuthServiceProvider>();
206        for (NuxeoOAuthServiceProvider provider : inMemoryProviders.values()) {
207            result.add(provider);
208        }
209        DirectoryService ds = Framework.getService(DirectoryService.class);
210        Framework.doPrivileged(() -> {
211            try (Session session = ds.open(DIRECTORY_NAME)) {
212                DocumentModelList entries = session.getEntries();
213                for (DocumentModel entry : entries) {
214                    result.add(NuxeoOAuthServiceProvider.createFromDirectoryEntry(entry));
215                }
216            } catch (DirectoryException e) {
217                log.error("Error while fetching provider directory", e);
218            }
219        });
220        return result;
221    }
222}