001/* 002 * (C) Copyright 2014 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Arnaud Kervern 018 */ 019package org.nuxeo.ecm.platform.oauth2.clients; 020 021import java.io.Serializable; 022import java.util.HashMap; 023import java.util.List; 024import java.util.Map; 025 026import org.apache.commons.logging.Log; 027import org.apache.commons.logging.LogFactory; 028import org.nuxeo.ecm.core.api.DocumentModel; 029import org.nuxeo.ecm.core.api.DocumentModelList; 030import org.nuxeo.ecm.directory.DirectoryException; 031import org.nuxeo.ecm.directory.Session; 032import org.nuxeo.ecm.directory.api.DirectoryService; 033import org.nuxeo.runtime.api.Framework; 034import org.nuxeo.runtime.model.ComponentInstance; 035import org.nuxeo.runtime.model.DefaultComponent; 036 037/** 038 * OAuth2 Client registry component 039 * 040 * @author <a href="mailto:ak@nuxeo.com">Arnaud Kervern</a> 041 * @since 5.9.2 042 */ 043public class ClientRegistryImpl extends DefaultComponent implements ClientRegistry { 044 045 private static final Log log = LogFactory.getLog(ClientRegistry.class); 046 047 @Override 048 public void registerContribution(Object contribution, String extensionPoint, ComponentInstance contributor) { 049 switch (extensionPoint) { 050 case "clients": 051 OAuth2Client client = (OAuth2Client) contribution; 052 registerClient(client); 053 break; 054 default: 055 break; 056 } 057 } 058 059 @Override 060 public boolean hasClient(String clientId) { 061 DirectoryService service = getService(); 062 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 063 Map<String, Serializable> filter = new HashMap<>(); 064 filter.put("clientId", clientId); 065 DocumentModelList docs = session.query(filter); 066 if (docs.size() == 0) { 067 return false; 068 } 069 070 DocumentModel entry = docs.get(0); 071 return OAuth2Client.fromDocumentModel(entry).isEnabled(); 072 } 073 } 074 075 @Override 076 public boolean isValidClient(String clientId, String clientSecret) { 077 DocumentModel docClient = getClientModel(clientId); 078 if (docClient != null) { 079 OAuth2Client client = OAuth2Client.fromDocumentModel(docClient); 080 return client.isValidWith(clientId, clientSecret); 081 } 082 return false; 083 } 084 085 @Override 086 public boolean registerClient(OAuth2Client client) { 087 DocumentModel doc = getClientModel(client.getId()); 088 if (doc != null) { 089 log.info("Trying to register an exisiting client"); 090 return false; 091 } 092 093 DirectoryService service = getService(); 094 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 095 if (session.hasEntry(client.getId())) { 096 log.debug(String.format("ClientId is already registered: %s", client.getId())); 097 return false; 098 } 099 session.createEntry(client.toMap()); 100 } 101 return true; 102 } 103 104 @Override 105 public boolean deleteClient(String clientId) { 106 DirectoryService service = getService(); 107 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 108 session.deleteEntry(clientId); 109 return true; 110 } catch (DirectoryException e) { 111 return false; 112 } 113 } 114 115 @Override 116 public List<DocumentModel> listClients() { 117 DirectoryService service = getService(); 118 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 119 return session.getEntries(); 120 } 121 } 122 123 public OAuth2Client getClient(String clientId) { 124 DocumentModel doc = getClientModel(clientId); 125 return doc != null ? OAuth2Client.fromDocumentModel(doc) : null; 126 } 127 128 protected DocumentModel getClientModel(String clientId) { 129 DirectoryService service = getService(); 130 try (Session session = service.open(OAUTH2CLIENT_DIRECTORY_NAME)) { 131 Map<String, Serializable> filter = new HashMap<>(); 132 filter.put("clientId", clientId); 133 DocumentModelList docs = session.query(filter); 134 if (docs.size() > 0) { 135 return docs.get(0); 136 } 137 } 138 return null; 139 } 140 141 protected DirectoryService getService() { 142 return Framework.getLocalService(DirectoryService.class); 143 } 144}