001/* 002 * (C) Copyright 2006-2016 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * Nuxeo - initial API and implementation 018 */ 019package org.nuxeo.ecm.platform.login; 020 021import java.util.HashMap; 022import java.util.Map; 023 024import javax.security.auth.callback.CallbackHandler; 025 026import org.apache.commons.logging.Log; 027import org.apache.commons.logging.LogFactory; 028import org.nuxeo.runtime.model.ComponentContext; 029import org.nuxeo.runtime.model.ComponentInstance; 030import org.nuxeo.runtime.model.ComponentName; 031import org.nuxeo.runtime.model.DefaultComponent; 032import org.nuxeo.runtime.model.Extension; 033 034public class LoginPluginRegistry extends DefaultComponent { 035 036 public static final ComponentName NAME = new ComponentName("org.nuxeo.ecm.platform.login.LoginPluginRegistry"); 037 038 public static final String EP_PLUGIN = "plugin"; 039 040 public static final String EP_CBFACTORY = "callbackFactory"; 041 042 private static final Log log = LogFactory.getLog(LoginPluginRegistry.class); 043 044 private LoginPlugin currentLoginPlugin; 045 046 private Map<String, LoginPlugin> loginPluginStack; 047 048 private CallbackFactory callbackFactory; 049 050 private Map<String, LoginPluginDescriptor> pluginDescriptorStack; 051 052 public LoginPluginRegistry() { 053 currentLoginPlugin = null; 054 } 055 056 @Override 057 public void registerContribution(Object contribution, String extensionPoint, ComponentInstance contributor) { 058 if (extensionPoint.equals(EP_PLUGIN)) { 059 log.info("registering Login Plugin ... "); 060 registerPlugin((LoginPluginDescriptor) contribution); 061 } else if (extensionPoint.equals(EP_CBFACTORY)) { 062 log.info("registering Callback factory ... "); 063 registerCBFactory((CallbackFactoryDescriptor) contribution); 064 } else { 065 log.error("Extension point " + extensionPoint + " is unknown!"); 066 } 067 } 068 069 private void registerCBFactory(CallbackFactoryDescriptor cbfExtension) { 070 try { 071 callbackFactory = (CallbackFactory) cbfExtension.getClassName().newInstance(); 072 } catch (ReflectiveOperationException e) { 073 log.error("Unable to create Factory", e); 074 } 075 } 076 077 private void registerPlugin(LoginPluginDescriptor pluginExtension) { 078 Boolean enabled = pluginExtension.getEnabled(); 079 Class<LoginPlugin> className = pluginExtension.getClassName(); 080 String pluginName = pluginExtension.getPluginName(); 081 082 if (loginPluginStack.containsKey(pluginName)) { 083 // merge 084 LoginPlugin oldLoginPlugin = loginPluginStack.get(pluginName); 085 LoginPluginDescriptor oldLoginPluginDescriptor = pluginDescriptorStack.get(pluginName); 086 087 Map<String, String> mergedParams = oldLoginPluginDescriptor.getParameters(); 088 mergedParams.putAll(pluginExtension.getParameters()); 089 090 oldLoginPlugin.setParameters(mergedParams); 091 if (!oldLoginPlugin.initLoginModule()) { 092 oldLoginPluginDescriptor.setInitialized(false); 093 log.warn("Unable to initialize LoginPlugin for class " + className.getName()); 094 } else { 095 oldLoginPluginDescriptor.setInitialized(true); 096 } 097 if (enabled != null) { 098 oldLoginPluginDescriptor.setEnabled(enabled); 099 } 100 } else { 101 LoginPlugin newLoginPlugin; 102 try { 103 newLoginPlugin = className.newInstance(); 104 } catch (InstantiationException | IllegalAccessException e) { 105 log.error("Unable to create LoginPlugin for class " + className.getName() + ":" + e.getMessage(), e); 106 return; 107 } 108 newLoginPlugin.setParameters(pluginExtension.getParameters()); 109 if (newLoginPlugin.initLoginModule()) { 110 pluginExtension.setInitialized(true); 111 log.info("LoginPlugin initialized for class " + className.getName()); 112 } else { 113 pluginExtension.setInitialized(false); 114 log.warn("Unable to initialize LoginPlugin for class " + className.getName()); 115 } 116 pluginDescriptorStack.put(pluginName, pluginExtension); 117 loginPluginStack.put(pluginName, newLoginPlugin); 118 } 119 } 120 121 @Override 122 public void unregisterExtension(Extension extension) { 123 currentLoginPlugin = null; 124 } 125 126 @Override 127 public void activate(ComponentContext context) { 128 super.activate(context); 129 loginPluginStack = new HashMap<>(); 130 pluginDescriptorStack = new HashMap<>(); 131 } 132 133 public CallbackResult handleSpecifcCallbacks(CallbackHandler callbackHandler) { 134 if (callbackFactory == null) { 135 return null; 136 } 137 return callbackFactory.handleSpecificCallbacks(callbackHandler); 138 } 139 140 public LoginPlugin getPlugin(String pluginName) { 141 if (!pluginDescriptorStack.containsKey(pluginName)) { 142 log.error("Unable to find needed Login Plugin : " + pluginName); 143 return null; 144 } 145 146 LoginPlugin loginPlugin = loginPluginStack.get(pluginName); 147 LoginPluginDescriptor loginPluginDescriptor = pluginDescriptorStack.get(pluginName); 148 149 if (loginPlugin == null) { 150 log.error("Login Plugin : " + pluginName + " is null "); 151 return null; 152 } 153 154 if (!loginPluginDescriptor.getEnabled()) { 155 log.error("Login Plugin : " + pluginName + " is not Enabled "); 156 return null; 157 } 158 return loginPlugin; 159 } 160 161 public LoginPluginDescriptor getPluginDescriptor(String pluginName) { 162 if (!pluginDescriptorStack.containsKey(pluginName)) { 163 log.error("Unable to find needed Login Plugin : " + pluginName); 164 return null; 165 } 166 167 LoginPlugin loginPlugin = loginPluginStack.get(pluginName); 168 LoginPluginDescriptor loginPluginDescriptor = pluginDescriptorStack.get(pluginName); 169 170 if (loginPlugin == null) { 171 log.error("Login Plugin : " + pluginName + " is null "); 172 return null; 173 } 174 175 if (!loginPluginDescriptor.getEnabled()) { 176 log.error("Login Plugin : " + pluginName + " is not Enabled "); 177 return null; 178 } 179 return loginPluginDescriptor; 180 } 181 182}