001/*
002 * (C) Copyright 2006-2016 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nuxeo - initial API and implementation
018 */
019package org.nuxeo.ecm.platform.login;
020
021import java.util.HashMap;
022import java.util.Map;
023
024import javax.security.auth.callback.CallbackHandler;
025
026import org.apache.commons.logging.Log;
027import org.apache.commons.logging.LogFactory;
028import org.nuxeo.runtime.model.ComponentContext;
029import org.nuxeo.runtime.model.ComponentInstance;
030import org.nuxeo.runtime.model.ComponentName;
031import org.nuxeo.runtime.model.DefaultComponent;
032import org.nuxeo.runtime.model.Extension;
033
034public class LoginPluginRegistry extends DefaultComponent {
035
036    public static final ComponentName NAME = new ComponentName("org.nuxeo.ecm.platform.login.LoginPluginRegistry");
037
038    public static final String EP_PLUGIN = "plugin";
039
040    public static final String EP_CBFACTORY = "callbackFactory";
041
042    private static final Log log = LogFactory.getLog(LoginPluginRegistry.class);
043
044    private LoginPlugin currentLoginPlugin;
045
046    private Map<String, LoginPlugin> loginPluginStack;
047
048    private CallbackFactory callbackFactory;
049
050    private Map<String, LoginPluginDescriptor> pluginDescriptorStack;
051
052    public LoginPluginRegistry() {
053        currentLoginPlugin = null;
054    }
055
056    @Override
057    public void registerContribution(Object contribution, String extensionPoint, ComponentInstance contributor) {
058        if (extensionPoint.equals(EP_PLUGIN)) {
059            log.info("registering Login Plugin ... ");
060            registerPlugin((LoginPluginDescriptor) contribution);
061        } else if (extensionPoint.equals(EP_CBFACTORY)) {
062            log.info("registering Callback factory ... ");
063            registerCBFactory((CallbackFactoryDescriptor) contribution);
064        } else {
065            log.error("Extension point " + extensionPoint + " is unknown!");
066        }
067    }
068
069    private void registerCBFactory(CallbackFactoryDescriptor cbfExtension) {
070        try {
071            callbackFactory = (CallbackFactory) cbfExtension.getClassName().newInstance();
072        } catch (ReflectiveOperationException e) {
073            log.error("Unable to create Factory", e);
074        }
075    }
076
077    private void registerPlugin(LoginPluginDescriptor pluginExtension) {
078        Boolean enabled = pluginExtension.getEnabled();
079        Class<LoginPlugin> className = pluginExtension.getClassName();
080        String pluginName = pluginExtension.getPluginName();
081
082        if (loginPluginStack.containsKey(pluginName)) {
083            // merge
084            LoginPlugin oldLoginPlugin = loginPluginStack.get(pluginName);
085            LoginPluginDescriptor oldLoginPluginDescriptor = pluginDescriptorStack.get(pluginName);
086
087            Map<String, String> mergedParams = oldLoginPluginDescriptor.getParameters();
088            mergedParams.putAll(pluginExtension.getParameters());
089
090            oldLoginPlugin.setParameters(mergedParams);
091            if (!oldLoginPlugin.initLoginModule()) {
092                oldLoginPluginDescriptor.setInitialized(false);
093                log.warn("Unable to initialize LoginPlugin for class " + className.getName());
094            } else {
095                oldLoginPluginDescriptor.setInitialized(true);
096            }
097            if (enabled != null) {
098                oldLoginPluginDescriptor.setEnabled(enabled);
099            }
100        } else {
101            LoginPlugin newLoginPlugin;
102            try {
103                newLoginPlugin = className.newInstance();
104            } catch (InstantiationException | IllegalAccessException e) {
105                log.error("Unable to create LoginPlugin for class " + className.getName() + ":" + e.getMessage(), e);
106                return;
107            }
108            newLoginPlugin.setParameters(pluginExtension.getParameters());
109            if (newLoginPlugin.initLoginModule()) {
110                pluginExtension.setInitialized(true);
111                log.info("LoginPlugin initialized for class " + className.getName());
112            } else {
113                pluginExtension.setInitialized(false);
114                log.warn("Unable to initialize LoginPlugin for class " + className.getName());
115            }
116            pluginDescriptorStack.put(pluginName, pluginExtension);
117            loginPluginStack.put(pluginName, newLoginPlugin);
118        }
119    }
120
121    @Override
122    public void unregisterExtension(Extension extension) {
123        currentLoginPlugin = null;
124    }
125
126    @Override
127    public void activate(ComponentContext context) {
128        super.activate(context);
129        loginPluginStack = new HashMap<>();
130        pluginDescriptorStack = new HashMap<>();
131    }
132
133    public CallbackResult handleSpecifcCallbacks(CallbackHandler callbackHandler) {
134        if (callbackFactory == null) {
135            return null;
136        }
137        return callbackFactory.handleSpecificCallbacks(callbackHandler);
138    }
139
140    public LoginPlugin getPlugin(String pluginName) {
141        if (!pluginDescriptorStack.containsKey(pluginName)) {
142            log.error("Unable to find needed Login Plugin : " + pluginName);
143            return null;
144        }
145
146        LoginPlugin loginPlugin = loginPluginStack.get(pluginName);
147        LoginPluginDescriptor loginPluginDescriptor = pluginDescriptorStack.get(pluginName);
148
149        if (loginPlugin == null) {
150            log.error("Login Plugin : " + pluginName + " is null ");
151            return null;
152        }
153
154        if (!loginPluginDescriptor.getEnabled()) {
155            log.error("Login Plugin : " + pluginName + " is not Enabled ");
156            return null;
157        }
158        return loginPlugin;
159    }
160
161    public LoginPluginDescriptor getPluginDescriptor(String pluginName) {
162        if (!pluginDescriptorStack.containsKey(pluginName)) {
163            log.error("Unable to find needed Login Plugin : " + pluginName);
164            return null;
165        }
166
167        LoginPlugin loginPlugin = loginPluginStack.get(pluginName);
168        LoginPluginDescriptor loginPluginDescriptor = pluginDescriptorStack.get(pluginName);
169
170        if (loginPlugin == null) {
171            log.error("Login Plugin : " + pluginName + " is null ");
172            return null;
173        }
174
175        if (!loginPluginDescriptor.getEnabled()) {
176            log.error("Login Plugin : " + pluginName + " is not Enabled ");
177            return null;
178        }
179        return loginPluginDescriptor;
180    }
181
182}