plugins/user-authenticators/oauth2/src/main/java/org/apache/cloudstack/oauth2/OAuth2AuthManagerImpl.java - cloudstack - Git at Google

 //
 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.
 //
 package org.apache.cloudstack.oauth2;

 import com.cloud.user.dao.UserDao;
 import com.cloud.utils.component.Manager;
 import com.cloud.utils.component.ManagerBase;
 import com.cloud.utils.exception.CloudRuntimeException;
 import org.apache.cloudstack.auth.UserOAuth2Authenticator;
 import org.apache.cloudstack.framework.config.ConfigKey;
 import org.apache.cloudstack.framework.config.Configurable;
 import org.apache.cloudstack.oauth2.api.command.DeleteOAuthProviderCmd;
 import org.apache.cloudstack.oauth2.api.command.ListOAuthProvidersCmd;
 import org.apache.cloudstack.oauth2.api.command.OauthLoginAPIAuthenticatorCmd;
 import org.apache.cloudstack.oauth2.api.command.RegisterOAuthProviderCmd;
 import org.apache.cloudstack.oauth2.api.command.UpdateOAuthProviderCmd;
 import org.apache.cloudstack.oauth2.api.command.VerifyOAuthCodeAndGetUserCmd;
 import org.apache.cloudstack.oauth2.dao.OauthProviderDao;
 import org.apache.cloudstack.oauth2.vo.OauthProviderVO;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.log4j.Logger;

 import javax.inject.Inject;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;

 public class OAuth2AuthManagerImpl extends ManagerBase implements OAuth2AuthManager, Manager, Configurable {
     private static final Logger s_logger = Logger.getLogger(OAuth2AuthManagerImpl.class);
     @Inject
     private UserDao _userDao;

     @Inject
     protected OauthProviderDao _oauthProviderDao;

     protected static Map<String, UserOAuth2Authenticator> userOAuth2AuthenticationProvidersMap = new HashMap<>();

     private List<UserOAuth2Authenticator> userOAuth2AuthenticationProviders;

     @Override
     public List<Class<?>> getAuthCommands() {
         List<Class<?>> cmdList = new ArrayList<Class<?>>();
         cmdList.add(OauthLoginAPIAuthenticatorCmd.class);
         cmdList.add(ListOAuthProvidersCmd.class);
         cmdList.add(VerifyOAuthCodeAndGetUserCmd.class);
         return cmdList;
     }

     @Override
     public boolean start() {
         if (isOAuthPluginEnabled()) {
             s_logger.info("OAUTH plugin loaded");
             initializeUserOAuth2AuthenticationProvidersMap();
         } else {
             s_logger.info("OAUTH plugin not enabled so not loading");
         }
         return true;
     }

     protected boolean isOAuthPluginEnabled() {
         return OAuth2IsPluginEnabled.value();
     }

     @Override
     public boolean stop() {
         return false;
     }

     @Override
     public List<Class<?>> getCommands() {
         List<Class<?>> cmdList = new ArrayList<Class<?>>();
         cmdList.add(RegisterOAuthProviderCmd.class);
         cmdList.add(DeleteOAuthProviderCmd.class);
         cmdList.add(UpdateOAuthProviderCmd.class);

         return cmdList;
     }

     @Override
     public List<UserOAuth2Authenticator> listUserOAuth2AuthenticationProviders() {
         return userOAuth2AuthenticationProviders;
     }

     @Override
     public UserOAuth2Authenticator getUserOAuth2AuthenticationProvider(String providerName) {
         if (StringUtils.isEmpty(providerName)) {
             throw new CloudRuntimeException("OAuth2 authentication provider name is empty");
         }
         if (!userOAuth2AuthenticationProvidersMap.containsKey(providerName.toLowerCase())) {
             throw new CloudRuntimeException(String.format("Failed to find OAuth2 authentication provider by the name: %s.", providerName));
         }
         return userOAuth2AuthenticationProvidersMap.get(providerName.toLowerCase());
     }

     public List<UserOAuth2Authenticator> getUserOAuth2AuthenticationProviders() {
         return userOAuth2AuthenticationProviders;
     }

     public void setUserOAuth2AuthenticationProviders(final List<UserOAuth2Authenticator> userOAuth2AuthenticationProviders) {
         this.userOAuth2AuthenticationProviders = userOAuth2AuthenticationProviders;
     }

     protected void initializeUserOAuth2AuthenticationProvidersMap() {
         if (userOAuth2AuthenticationProviders != null) {
             for (final UserOAuth2Authenticator userOAuth2Authenticator : userOAuth2AuthenticationProviders) {
                 userOAuth2AuthenticationProvidersMap.put(userOAuth2Authenticator.getName().toLowerCase(), userOAuth2Authenticator);
             }
         }
     }

     @Override
     public String verifyCodeAndFetchEmail(String code, String provider) {
         UserOAuth2Authenticator authenticator = getUserOAuth2AuthenticationProvider(provider);
         String email = authenticator.verifyCodeAndFetchEmail(code);

         return email;
     }

     @Override
     public OauthProviderVO registerOauthProvider(RegisterOAuthProviderCmd cmd) {
         String description = cmd.getDescription();
         String provider = cmd.getProvider();
         String clientId = cmd.getClientId();
         String redirectUri = cmd.getRedirectUri();
         String secretKey = cmd.getSecretKey();

         if (!isOAuthPluginEnabled()) {
             throw new CloudRuntimeException("OAuth is not enabled, please enable to register");
         }
         OauthProviderVO providerVO = _oauthProviderDao.findByProvider(provider);
         if (providerVO != null) {
             throw new CloudRuntimeException(String.format("Provider with the name %s is already registered", provider));
         }

         return saveOauthProvider(provider, description, clientId, secretKey, redirectUri);
     }

     @Override
     public List<OauthProviderVO> listOauthProviders(String provider, String uuid) {
         List<OauthProviderVO> providers;
         if (uuid != null) {
             providers = Collections.singletonList(_oauthProviderDao.findByUuid(uuid));
         } else if (StringUtils.isNotBlank(provider)) {
             providers = Collections.singletonList(_oauthProviderDao.findByProvider(provider));
         } else {
             providers = _oauthProviderDao.listAll();
         }
         return providers;
     }

     @Override
     public OauthProviderVO updateOauthProvider(UpdateOAuthProviderCmd cmd) {
         Long id = cmd.getId();
         String description = cmd.getDescription();
         String clientId = cmd.getClientId();
         String redirectUri = cmd.getRedirectUri();
         String secretKey = cmd.getSecretKey();
         Boolean enabled = cmd.getEnabled();

         OauthProviderVO providerVO = _oauthProviderDao.findById(id);
         if (providerVO == null) {
             throw new CloudRuntimeException("Provider with the given id is not there");
         }

         if (StringUtils.isNotEmpty(description)) {
             providerVO.setDescription(description);
         }
         if (StringUtils.isNotEmpty(clientId)) {
             providerVO.setClientId(clientId);
         }
         if (StringUtils.isNotEmpty(redirectUri)) {
             providerVO.setRedirectUri(redirectUri);
         }
         if (StringUtils.isNotEmpty(secretKey)) {
             providerVO.setSecretKey(secretKey);
         }
         if (enabled != null) {
             providerVO.setEnabled(enabled);
         }

         _oauthProviderDao.update(id, providerVO);

         return _oauthProviderDao.findById(id);
     }

     private OauthProviderVO saveOauthProvider(String provider, String description, String clientId, String secretKey, String redirectUri) {
         final OauthProviderVO oauthProviderVO = new OauthProviderVO();

         oauthProviderVO.setProvider(provider);
         oauthProviderVO.setDescription(description);
         oauthProviderVO.setClientId(clientId);
         oauthProviderVO.setSecretKey(secretKey);
         oauthProviderVO.setRedirectUri(redirectUri);
         oauthProviderVO.setEnabled(true);

         _oauthProviderDao.persist(oauthProviderVO);

         return oauthProviderVO;
     }

     @Override
     public boolean deleteOauthProvider(Long id) {
         return _oauthProviderDao.remove(id);
     }

     @Override
     public String getConfigComponentName() {
         return "OAUTH2-PLUGIN";
     }

     @Override
     public ConfigKey<?>[] getConfigKeys() {
         return new ConfigKey<?>[] {OAuth2IsPluginEnabled, OAuth2Plugins, OAuth2PluginsExclude};
     }
 }
	//
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.
	//
	package org.apache.cloudstack.oauth2;

	import com.cloud.user.dao.UserDao;
	import com.cloud.utils.component.Manager;
	import com.cloud.utils.component.ManagerBase;
	import com.cloud.utils.exception.CloudRuntimeException;
	import org.apache.cloudstack.auth.UserOAuth2Authenticator;
	import org.apache.cloudstack.framework.config.ConfigKey;
	import org.apache.cloudstack.framework.config.Configurable;
	import org.apache.cloudstack.oauth2.api.command.DeleteOAuthProviderCmd;
	import org.apache.cloudstack.oauth2.api.command.ListOAuthProvidersCmd;
	import org.apache.cloudstack.oauth2.api.command.OauthLoginAPIAuthenticatorCmd;
	import org.apache.cloudstack.oauth2.api.command.RegisterOAuthProviderCmd;
	import org.apache.cloudstack.oauth2.api.command.UpdateOAuthProviderCmd;
	import org.apache.cloudstack.oauth2.api.command.VerifyOAuthCodeAndGetUserCmd;
	import org.apache.cloudstack.oauth2.dao.OauthProviderDao;
	import org.apache.cloudstack.oauth2.vo.OauthProviderVO;
	import org.apache.commons.lang3.StringUtils;
	import org.apache.log4j.Logger;

	import javax.inject.Inject;
	import java.util.ArrayList;
	import java.util.Collections;
	import java.util.HashMap;
	import java.util.List;
	import java.util.Map;

	public class OAuth2AuthManagerImpl extends ManagerBase implements OAuth2AuthManager, Manager, Configurable {
	private static final Logger s_logger = Logger.getLogger(OAuth2AuthManagerImpl.class);
	@Inject
	private UserDao _userDao;

	@Inject
	protected OauthProviderDao _oauthProviderDao;

	protected static Map<String, UserOAuth2Authenticator> userOAuth2AuthenticationProvidersMap = new HashMap<>();

	private List<UserOAuth2Authenticator> userOAuth2AuthenticationProviders;

	@Override
	public List<Class<?>> getAuthCommands() {
	List<Class<?>> cmdList = new ArrayList<Class<?>>();
	cmdList.add(OauthLoginAPIAuthenticatorCmd.class);
	cmdList.add(ListOAuthProvidersCmd.class);
	cmdList.add(VerifyOAuthCodeAndGetUserCmd.class);
	return cmdList;
	}

	@Override
	public boolean start() {
	if (isOAuthPluginEnabled()) {
	s_logger.info("OAUTH plugin loaded");
	initializeUserOAuth2AuthenticationProvidersMap();
	} else {
	s_logger.info("OAUTH plugin not enabled so not loading");
	}
	return true;
	}

	protected boolean isOAuthPluginEnabled() {
	return OAuth2IsPluginEnabled.value();
	}

	@Override
	public boolean stop() {
	return false;
	}

	@Override
	public List<Class<?>> getCommands() {
	List<Class<?>> cmdList = new ArrayList<Class<?>>();
	cmdList.add(RegisterOAuthProviderCmd.class);
	cmdList.add(DeleteOAuthProviderCmd.class);
	cmdList.add(UpdateOAuthProviderCmd.class);

	return cmdList;
	}

	@Override
	public List<UserOAuth2Authenticator> listUserOAuth2AuthenticationProviders() {
	return userOAuth2AuthenticationProviders;
	}

	@Override
	public UserOAuth2Authenticator getUserOAuth2AuthenticationProvider(String providerName) {
	if (StringUtils.isEmpty(providerName)) {
	throw new CloudRuntimeException("OAuth2 authentication provider name is empty");
	}
	if (!userOAuth2AuthenticationProvidersMap.containsKey(providerName.toLowerCase())) {
	throw new CloudRuntimeException(String.format("Failed to find OAuth2 authentication provider by the name: %s.", providerName));
	}
	return userOAuth2AuthenticationProvidersMap.get(providerName.toLowerCase());
	}

	public List<UserOAuth2Authenticator> getUserOAuth2AuthenticationProviders() {
	return userOAuth2AuthenticationProviders;
	}

	public void setUserOAuth2AuthenticationProviders(final List<UserOAuth2Authenticator> userOAuth2AuthenticationProviders) {
	this.userOAuth2AuthenticationProviders = userOAuth2AuthenticationProviders;
	}

	protected void initializeUserOAuth2AuthenticationProvidersMap() {
	if (userOAuth2AuthenticationProviders != null) {
	for (final UserOAuth2Authenticator userOAuth2Authenticator : userOAuth2AuthenticationProviders) {
	userOAuth2AuthenticationProvidersMap.put(userOAuth2Authenticator.getName().toLowerCase(), userOAuth2Authenticator);
	}
	}
	}

	@Override
	public String verifyCodeAndFetchEmail(String code, String provider) {
	UserOAuth2Authenticator authenticator = getUserOAuth2AuthenticationProvider(provider);
	String email = authenticator.verifyCodeAndFetchEmail(code);

	return email;
	}

	@Override
	public OauthProviderVO registerOauthProvider(RegisterOAuthProviderCmd cmd) {
	String description = cmd.getDescription();
	String provider = cmd.getProvider();
	String clientId = cmd.getClientId();
	String redirectUri = cmd.getRedirectUri();
	String secretKey = cmd.getSecretKey();

	if (!isOAuthPluginEnabled()) {
	throw new CloudRuntimeException("OAuth is not enabled, please enable to register");
	}
	OauthProviderVO providerVO = _oauthProviderDao.findByProvider(provider);
	if (providerVO != null) {
	throw new CloudRuntimeException(String.format("Provider with the name %s is already registered", provider));
	}

	return saveOauthProvider(provider, description, clientId, secretKey, redirectUri);
	}

	@Override
	public List<OauthProviderVO> listOauthProviders(String provider, String uuid) {
	List<OauthProviderVO> providers;
	if (uuid != null) {
	providers = Collections.singletonList(_oauthProviderDao.findByUuid(uuid));
	} else if (StringUtils.isNotBlank(provider)) {
	providers = Collections.singletonList(_oauthProviderDao.findByProvider(provider));
	} else {
	providers = _oauthProviderDao.listAll();
	}
	return providers;
	}

	@Override
	public OauthProviderVO updateOauthProvider(UpdateOAuthProviderCmd cmd) {
	Long id = cmd.getId();
	String description = cmd.getDescription();
	String clientId = cmd.getClientId();
	String redirectUri = cmd.getRedirectUri();
	String secretKey = cmd.getSecretKey();
	Boolean enabled = cmd.getEnabled();

	OauthProviderVO providerVO = _oauthProviderDao.findById(id);
	if (providerVO == null) {
	throw new CloudRuntimeException("Provider with the given id is not there");
	}

	if (StringUtils.isNotEmpty(description)) {
	providerVO.setDescription(description);
	}
	if (StringUtils.isNotEmpty(clientId)) {
	providerVO.setClientId(clientId);
	}
	if (StringUtils.isNotEmpty(redirectUri)) {
	providerVO.setRedirectUri(redirectUri);
	}
	if (StringUtils.isNotEmpty(secretKey)) {
	providerVO.setSecretKey(secretKey);
	}
	if (enabled != null) {
	providerVO.setEnabled(enabled);
	}

	_oauthProviderDao.update(id, providerVO);

	return _oauthProviderDao.findById(id);
	}

	private OauthProviderVO saveOauthProvider(String provider, String description, String clientId, String secretKey, String redirectUri) {
	final OauthProviderVO oauthProviderVO = new OauthProviderVO();

	oauthProviderVO.setProvider(provider);
	oauthProviderVO.setDescription(description);
	oauthProviderVO.setClientId(clientId);
	oauthProviderVO.setSecretKey(secretKey);
	oauthProviderVO.setRedirectUri(redirectUri);
	oauthProviderVO.setEnabled(true);

	_oauthProviderDao.persist(oauthProviderVO);

	return oauthProviderVO;
	}

	@Override
	public boolean deleteOauthProvider(Long id) {
	return _oauthProviderDao.remove(id);
	}

	@Override
	public String getConfigComponentName() {
	return "OAUTH2-PLUGIN";
	}

	@Override
	public ConfigKey<?>[] getConfigKeys() {
	return new ConfigKey<?>[] {OAuth2IsPluginEnabled, OAuth2Plugins, OAuth2PluginsExclude};
	}
	}