trunk/oak-auth-external/src/main/java/org/apache/jackrabbit/oak/spi/security/authentication/external/ExternalIdentityProvider.java - jackrabbit-oak - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one or more
  * contributor license agreements.  See the NOTICE file distributed with
  * this work for additional information regarding copyright ownership.
  * The ASF licenses this file to You under the Apache License, Version 2.0
  * (the "License"); you may not use this file except in compliance with
  * the License.  You may obtain a copy of the License at
  *
  *      http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
 package org.apache.jackrabbit.oak.spi.security.authentication.external;

 import java.util.Iterator;

 import javax.jcr.Credentials;
 import javax.security.auth.login.LoginException;

 import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;

 /**
  * {@code ExternalIdentityProvider} defines an interface to an external system that provides users and groups that
  * can be synced with local ones.
  */
 public interface ExternalIdentityProvider {

     /**
      * Returns the name of this provider.
      * @return the provider name.
      */
     @NotNull
     String getName();

     /**
      * Returns the identity for the given reference or {@code null} if it does not exist. The provider should check if
      * the {@link ExternalIdentityRef#getProviderName() provider name} matches his own name or is {@code null} and
      * should not return a foreign identity.
      *
      * @param ref the reference
      * @return an identity or {@code null}
      *
      * @throws ExternalIdentityException if an error occurs.
      */
     @Nullable
     ExternalIdentity getIdentity(@NotNull ExternalIdentityRef ref) throws ExternalIdentityException;

     /**
      * Returns the user for the given (local) id. if the user does not exist {@code null} is returned.
      * @param userId the user id.
      * @return the user or {@code null}
      *
      * @throws ExternalIdentityException if an error occurs.
      */
     @Nullable
     ExternalUser getUser(@NotNull String userId) throws ExternalIdentityException;

     /**
      * Authenticates the user represented by the given credentials and returns it. If the user does not exist in this
      * provider, {@code null} is returned. If the authentication fails, a LoginException is thrown.
      *
      * @param credentials the credentials
      * @return the user or {@code null}
      * @throws ExternalIdentityException if an error occurs
      * @throws javax.security.auth.login.LoginException if the user could not be authenticated
      */
     @Nullable
     ExternalUser authenticate(@NotNull Credentials credentials) throws ExternalIdentityException, LoginException;

     /**
      * Returns the group for the given (local) group name. if the group does not exist {@code null} is returned.
      * @param name the group name
      * @return the group or {@code null}
      *
      * @throws ExternalIdentityException if an error occurs.
      */
     @Nullable
     ExternalGroup getGroup(@NotNull String name) throws ExternalIdentityException;

     /**
      * List all external users.
      * @return an iterator over all external users
      * @throws ExternalIdentityException if an error occurs.
      */
     @NotNull
     Iterator<ExternalUser> listUsers() throws ExternalIdentityException;

     /**
      * List all external groups.
      * @return an iterator over all external groups
      * @throws ExternalIdentityException if an error occurs.
      */
     @NotNull
     Iterator<ExternalGroup> listGroups() throws ExternalIdentityException;
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one or more
	* contributor license agreements. See the NOTICE file distributed with
	* this work for additional information regarding copyright ownership.
	* The ASF licenses this file to You under the Apache License, Version 2.0
	* (the "License"); you may not use this file except in compliance with
	* the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/
	package org.apache.jackrabbit.oak.spi.security.authentication.external;

	import java.util.Iterator;

	import javax.jcr.Credentials;
	import javax.security.auth.login.LoginException;

	import org.jetbrains.annotations.NotNull;
	import org.jetbrains.annotations.Nullable;

	/**
	* {@code ExternalIdentityProvider} defines an interface to an external system that provides users and groups that
	* can be synced with local ones.
	*/
	public interface ExternalIdentityProvider {

	/**
	* Returns the name of this provider.
	* @return the provider name.
	*/
	@NotNull
	String getName();

	/**
	* Returns the identity for the given reference or {@code null} if it does not exist. The provider should check if
	* the {@link ExternalIdentityRef#getProviderName() provider name} matches his own name or is {@code null} and
	* should not return a foreign identity.
	*
	* @param ref the reference
	* @return an identity or {@code null}
	*
	* @throws ExternalIdentityException if an error occurs.
	*/
	@Nullable
	ExternalIdentity getIdentity(@NotNull ExternalIdentityRef ref) throws ExternalIdentityException;

	/**
	* Returns the user for the given (local) id. if the user does not exist {@code null} is returned.
	* @param userId the user id.
	* @return the user or {@code null}
	*
	* @throws ExternalIdentityException if an error occurs.
	*/
	@Nullable
	ExternalUser getUser(@NotNull String userId) throws ExternalIdentityException;

	/**
	* Authenticates the user represented by the given credentials and returns it. If the user does not exist in this
	* provider, {@code null} is returned. If the authentication fails, a LoginException is thrown.
	*
	* @param credentials the credentials
	* @return the user or {@code null}
	* @throws ExternalIdentityException if an error occurs
	* @throws javax.security.auth.login.LoginException if the user could not be authenticated
	*/
	@Nullable
	ExternalUser authenticate(@NotNull Credentials credentials) throws ExternalIdentityException, LoginException;

	/**
	* Returns the group for the given (local) group name. if the group does not exist {@code null} is returned.
	* @param name the group name
	* @return the group or {@code null}
	*
	* @throws ExternalIdentityException if an error occurs.
	*/
	@Nullable
	ExternalGroup getGroup(@NotNull String name) throws ExternalIdentityException;

	/**
	* List all external users.
	* @return an iterator over all external users
	* @throws ExternalIdentityException if an error occurs.
	*/
	@NotNull
	Iterator<ExternalUser> listUsers() throws ExternalIdentityException;

	/**
	* List all external groups.
	* @return an iterator over all external groups
	* @throws ExternalIdentityException if an error occurs.
	*/
	@NotNull
	Iterator<ExternalGroup> listGroups() throws ExternalIdentityException;
	}