001/* 002 * (C) Copyright 2014 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * Nelson Silva <nelson.silva@inevo.pt> 016 */ 017package org.nuxeo.ecm.platform.auth.saml.user; 018 019import java.io.Serializable; 020import java.util.HashMap; 021import java.util.Map; 022 023import org.apache.commons.logging.Log; 024import org.apache.commons.logging.LogFactory; 025import org.nuxeo.ecm.core.api.DocumentModel; 026import org.nuxeo.ecm.core.api.DocumentModelList; 027import org.nuxeo.ecm.core.api.NuxeoException; 028import org.nuxeo.ecm.platform.auth.saml.SAMLCredential; 029import org.nuxeo.ecm.platform.usermanager.UserManager; 030import org.nuxeo.runtime.api.Framework; 031 032public class EmailBasedUserResolver extends AbstractUserResolver { 033 034 private static final Log log = LogFactory.getLog(EmailBasedUserResolver.class); 035 036 @Override 037 public String findNuxeoUser(SAMLCredential credential) { 038 039 try { 040 UserManager userManager = Framework.getLocalService(UserManager.class); 041 Map<String, Serializable> query = new HashMap<>(); 042 query.put(userManager.getUserEmailField(), credential.getNameID().getValue()); 043 044 DocumentModelList users = userManager.searchUsers(query, null); 045 046 if (users.isEmpty()) { 047 return null; 048 } 049 050 DocumentModel user = users.get(0); 051 return (String) user.getPropertyValue(userManager.getUserIdField()); 052 053 } catch (NuxeoException e) { 054 log.error("Error while search user in UserManager using email " + credential.getNameID().getValue(), e); 055 return null; 056 } 057 } 058 059 @Override 060 public DocumentModel updateUserInfo(DocumentModel user, SAMLCredential credential) { 061 try { 062 UserManager userManager = Framework.getLocalService(UserManager.class); 063 user.setPropertyValue(userManager.getUserEmailField(), credential.getNameID().getValue()); 064 } catch (NuxeoException e) { 065 log.error("Error while search user in UserManager using email " + credential.getNameID().getValue(), e); 066 return null; 067 } 068 return user; 069 } 070 071 @Override 072 public String getLoginName(SAMLCredential userInfo) { 073 String email = userInfo.getNameID().getValue(); 074 return email; 075 } 076 077}