001/* 002 * (C) Copyright 2014 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nelson Silva <nelson.silva@inevo.pt> 018 */ 019package org.nuxeo.ecm.platform.auth.saml.user; 020 021import java.io.Serializable; 022import java.util.HashMap; 023import java.util.Map; 024 025import org.apache.commons.logging.Log; 026import org.apache.commons.logging.LogFactory; 027import org.nuxeo.ecm.core.api.DocumentModel; 028import org.nuxeo.ecm.core.api.DocumentModelList; 029import org.nuxeo.ecm.core.api.NuxeoException; 030import org.nuxeo.ecm.platform.auth.saml.SAMLCredential; 031import org.nuxeo.ecm.platform.usermanager.UserManager; 032import org.nuxeo.runtime.api.Framework; 033 034public class EmailBasedUserResolver extends AbstractUserResolver { 035 036 private static final Log log = LogFactory.getLog(EmailBasedUserResolver.class); 037 038 @Override 039 public String findNuxeoUser(SAMLCredential credential) { 040 041 try { 042 UserManager userManager = Framework.getLocalService(UserManager.class); 043 Map<String, Serializable> query = new HashMap<>(); 044 query.put(userManager.getUserEmailField(), credential.getNameID().getValue()); 045 046 DocumentModelList users = userManager.searchUsers(query, null); 047 048 if (users.isEmpty()) { 049 return null; 050 } 051 052 DocumentModel user = users.get(0); 053 return (String) user.getPropertyValue(userManager.getUserIdField()); 054 055 } catch (NuxeoException e) { 056 log.error("Error while search user in UserManager using email " + credential.getNameID().getValue(), e); 057 return null; 058 } 059 } 060 061 @Override 062 public DocumentModel updateUserInfo(DocumentModel user, SAMLCredential credential) { 063 try { 064 UserManager userManager = Framework.getLocalService(UserManager.class); 065 user.setPropertyValue(userManager.getUserEmailField(), credential.getNameID().getValue()); 066 } catch (NuxeoException e) { 067 log.error("Error while search user in UserManager using email " + credential.getNameID().getValue(), e); 068 return null; 069 } 070 return user; 071 } 072 073 @Override 074 public String getLoginName(SAMLCredential userInfo) { 075 String email = userInfo.getNameID().getValue(); 076 return email; 077 } 078 079}