src/main/java/org/apache/sling/auth/xing/login/impl/DefaultXingLoginUserManager.java - sling-org-apache-sling-auth-xing-login - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.sling.auth.xing.login.impl;

 import java.util.Dictionary;

 import javax.jcr.Credentials;
 import javax.jcr.RepositoryException;
 import javax.jcr.Session;
 import javax.jcr.Value;
 import javax.jcr.ValueFactory;

 import org.apache.commons.lang.StringUtils;
 import org.apache.felix.scr.annotations.Activate;
 import org.apache.felix.scr.annotations.Component;
 import org.apache.felix.scr.annotations.Deactivate;
 import org.apache.felix.scr.annotations.Modified;
 import org.apache.felix.scr.annotations.Properties;
 import org.apache.felix.scr.annotations.Property;
 import org.apache.felix.scr.annotations.Reference;
 import org.apache.felix.scr.annotations.Service;
 import org.apache.jackrabbit.api.security.user.User;
 import org.apache.jackrabbit.api.security.user.UserManager;
 import org.apache.sling.auth.xing.api.AbstractXingUserManager;
 import org.apache.sling.auth.xing.api.XingUser;
 import org.apache.sling.auth.xing.login.XingLogin;
 import org.apache.sling.auth.xing.login.XingLoginUserManager;
 import org.apache.sling.auth.xing.login.XingLoginUtil;
 import org.apache.sling.commons.osgi.PropertiesUtil;
 import org.apache.sling.jcr.api.SlingRepository;
 import org.osgi.framework.Constants;
 import org.osgi.service.component.ComponentContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;

 @Component(
     label = "Apache Sling Authentication XING Login “Default User Manager”",
     description = "Default User Manager for Sling Authentication XING Login",
     immediate = true,
     metatype = true
 )
 @Service
 @Properties({
     @Property(name = Constants.SERVICE_VENDOR, value = XingLogin.SERVICE_VENDOR),
     @Property(name = Constants.SERVICE_DESCRIPTION, value = "Default User Manager for Sling Authentication XING Login"),
     @Property(name = Constants.SERVICE_RANKING, intValue = 0, propertyPrivate = false)
 })
 public class DefaultXingLoginUserManager extends AbstractXingUserManager implements XingLoginUserManager {

     private String secretKey;

     private String userDataProperty;

     private String userHashProperty;

     @Reference
     private SlingRepository slingRepository;

     private static final String DEFAULT_USER_DATA_PROPERTY = "data";

     private static final String DEFAULT_USER_HASH_PROPERTY = "hash";

     @Property(value = "")
     private static final String SECRET_KEY_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.secretKey";

     @Property(value = DEFAULT_USER_DATA_PROPERTY)
     private static final String USER_DATA_PROPERTY_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.property.data";

     @Property(value = DEFAULT_USER_HASH_PROPERTY)
     private static final String USER_HASH_PROPERTY_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.property.hash";

     @Property(boolValue = DEFAULT_AUTO_CREATE_USER)
     private static final String AUTO_CREATE_USER_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.create.auto";

     @Property(boolValue = DEFAULT_AUTO_UPDATE_USER)
     private static final String AUTO_UPDATE_USER_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.update.auto";

     private final Logger logger = LoggerFactory.getLogger(DefaultXingLoginUserManager.class);

     public DefaultXingLoginUserManager() {
     }

     @Activate
     protected void activate(final ComponentContext componentContext) {
         logger.debug("activate");
         configure(componentContext);
     }

     @Modified
     protected void modified(final ComponentContext componentContext) {
         logger.debug("modified");
         configure(componentContext);
     }

     @Deactivate
     protected void deactivate(final ComponentContext componentContext) {
         logger.debug("deactivate");
         if (session != null) {
             session.logout();
             session = null;
         }
     }

     protected synchronized void configure(final ComponentContext componentContext) {
         final Dictionary properties = componentContext.getProperties();
         secretKey = PropertiesUtil.toString(properties.get(SECRET_KEY_PARAMETER), "").trim();
         userDataProperty = PropertiesUtil.toString(properties.get(USER_DATA_PROPERTY_PARAMETER), DEFAULT_USER_DATA_PROPERTY).trim();
         userHashProperty = PropertiesUtil.toString(properties.get(USER_HASH_PROPERTY_PARAMETER), DEFAULT_USER_HASH_PROPERTY).trim();
         autoCreateUser = PropertiesUtil.toBoolean(properties.get(AUTO_CREATE_USER_PARAMETER), DEFAULT_AUTO_CREATE_USER);
         autoUpdateUser = PropertiesUtil.toBoolean(properties.get(AUTO_UPDATE_USER_PARAMETER), DEFAULT_AUTO_UPDATE_USER);

         if (StringUtils.isEmpty(secretKey)) {
             logger.warn("configured secret key is empty");
         }
     }

     @Override
     protected SlingRepository getSlingRepository() {
         return slingRepository;
     }

     @Override
     public User createUser(final Credentials credentials) {
         logger.debug("create user");
         return storeUser(credentials);
     }

     @Override
     public User updateUser(Credentials credentials) {
         logger.debug("update user");
         return storeUser(credentials);
     }

     protected User storeUser(Credentials credentials) {
         final String givenHash = XingLoginUtil.getHash(credentials);
         final String json = XingLoginUtil.getUser(credentials);

         if (givenHash == null || json == null) {
             logger.debug("unable to get hash and/or user data from given credentials");
             return null;
         }

         // validate user data with hash
         try {
             final String computedHash = XingLoginUtil.hash(json, secretKey, XingLogin.HASH_ALGORITHM);
             final boolean match = givenHash.equals(computedHash);
             if (!match) {
                 logger.warn("invalid hash or user data given, aborting");
                 return null;
             }
         } catch (Exception e) {
             logger.error(e.getMessage(), e);
             return null;
         }

         try {
             final XingUser xingUser = XingLoginUtil.fromJson(json);
             final String userId = xingUser.getId(); // TODO make configurable

             User user = getUser(userId);
             if (user == null) {
                 logger.debug("creating a new user with id '{}'", userId);
                 final Session session = getSession();
                 final UserManager userManager = getUserManager(session);
                 user = userManager.createUser(userId, null);
             } else {
                 logger.debug("updating an existing user with id '{}'", userId);
             }

             // TODO disable user on create?
             final ValueFactory valueFactory = getSession().getValueFactory();
             final Value dataValue = valueFactory.createValue(json);
             final Value hashValue = valueFactory.createValue(givenHash);
             user.setProperty(userDataProperty, dataValue);
             user.setProperty(userHashProperty, hashValue);
             session.save();
             return user;
         } catch (Exception e) {
             logger.error(e.getMessage(), e);
             return null;
         }
     }

     @Override
     public String getHash(final User user) {
         try {
             final Value[] values = user.getProperty(userHashProperty);
             if (values != null && values.length == 1) {
                 final Value value = values[0];
                 return value.getString();
             }
         } catch (RepositoryException e) {
             logger.error(e.getMessage(), e);
         }
         return null;
     }

 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.sling.auth.xing.login.impl;

	import java.util.Dictionary;

	import javax.jcr.Credentials;
	import javax.jcr.RepositoryException;
	import javax.jcr.Session;
	import javax.jcr.Value;
	import javax.jcr.ValueFactory;

	import org.apache.commons.lang.StringUtils;
	import org.apache.felix.scr.annotations.Activate;
	import org.apache.felix.scr.annotations.Component;
	import org.apache.felix.scr.annotations.Deactivate;
	import org.apache.felix.scr.annotations.Modified;
	import org.apache.felix.scr.annotations.Properties;
	import org.apache.felix.scr.annotations.Property;
	import org.apache.felix.scr.annotations.Reference;
	import org.apache.felix.scr.annotations.Service;
	import org.apache.jackrabbit.api.security.user.User;
	import org.apache.jackrabbit.api.security.user.UserManager;
	import org.apache.sling.auth.xing.api.AbstractXingUserManager;
	import org.apache.sling.auth.xing.api.XingUser;
	import org.apache.sling.auth.xing.login.XingLogin;
	import org.apache.sling.auth.xing.login.XingLoginUserManager;
	import org.apache.sling.auth.xing.login.XingLoginUtil;
	import org.apache.sling.commons.osgi.PropertiesUtil;
	import org.apache.sling.jcr.api.SlingRepository;
	import org.osgi.framework.Constants;
	import org.osgi.service.component.ComponentContext;
	import org.slf4j.Logger;
	import org.slf4j.LoggerFactory;

	@Component(
	label = "Apache Sling Authentication XING Login “Default User Manager”",
	description = "Default User Manager for Sling Authentication XING Login",
	immediate = true,
	metatype = true
	)
	@Service
	@Properties({
	@Property(name = Constants.SERVICE_VENDOR, value = XingLogin.SERVICE_VENDOR),
	@Property(name = Constants.SERVICE_DESCRIPTION, value = "Default User Manager for Sling Authentication XING Login"),
	@Property(name = Constants.SERVICE_RANKING, intValue = 0, propertyPrivate = false)
	})
	public class DefaultXingLoginUserManager extends AbstractXingUserManager implements XingLoginUserManager {

	private String secretKey;

	private String userDataProperty;

	private String userHashProperty;

	@Reference
	private SlingRepository slingRepository;

	private static final String DEFAULT_USER_DATA_PROPERTY = "data";

	private static final String DEFAULT_USER_HASH_PROPERTY = "hash";

	@Property(value = "")
	private static final String SECRET_KEY_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.secretKey";

	@Property(value = DEFAULT_USER_DATA_PROPERTY)
	private static final String USER_DATA_PROPERTY_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.property.data";

	@Property(value = DEFAULT_USER_HASH_PROPERTY)
	private static final String USER_HASH_PROPERTY_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.property.hash";

	@Property(boolValue = DEFAULT_AUTO_CREATE_USER)
	private static final String AUTO_CREATE_USER_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.create.auto";

	@Property(boolValue = DEFAULT_AUTO_UPDATE_USER)
	private static final String AUTO_UPDATE_USER_PARAMETER = "org.apache.sling.auth.xing.login.impl.DefaultXingLoginUserManager.user.update.auto";

	private final Logger logger = LoggerFactory.getLogger(DefaultXingLoginUserManager.class);

	public DefaultXingLoginUserManager() {
	}

	@Activate
	protected void activate(final ComponentContext componentContext) {
	logger.debug("activate");
	configure(componentContext);
	}

	@Modified
	protected void modified(final ComponentContext componentContext) {
	logger.debug("modified");
	configure(componentContext);
	}

	@Deactivate
	protected void deactivate(final ComponentContext componentContext) {
	logger.debug("deactivate");
	if (session != null) {
	session.logout();
	session = null;
	}
	}

	protected synchronized void configure(final ComponentContext componentContext) {
	final Dictionary properties = componentContext.getProperties();
	secretKey = PropertiesUtil.toString(properties.get(SECRET_KEY_PARAMETER), "").trim();
	userDataProperty = PropertiesUtil.toString(properties.get(USER_DATA_PROPERTY_PARAMETER), DEFAULT_USER_DATA_PROPERTY).trim();
	userHashProperty = PropertiesUtil.toString(properties.get(USER_HASH_PROPERTY_PARAMETER), DEFAULT_USER_HASH_PROPERTY).trim();
	autoCreateUser = PropertiesUtil.toBoolean(properties.get(AUTO_CREATE_USER_PARAMETER), DEFAULT_AUTO_CREATE_USER);
	autoUpdateUser = PropertiesUtil.toBoolean(properties.get(AUTO_UPDATE_USER_PARAMETER), DEFAULT_AUTO_UPDATE_USER);

	if (StringUtils.isEmpty(secretKey)) {
	logger.warn("configured secret key is empty");
	}
	}

	@Override
	protected SlingRepository getSlingRepository() {
	return slingRepository;
	}

	@Override
	public User createUser(final Credentials credentials) {
	logger.debug("create user");
	return storeUser(credentials);
	}

	@Override
	public User updateUser(Credentials credentials) {
	logger.debug("update user");
	return storeUser(credentials);
	}

	protected User storeUser(Credentials credentials) {
	final String givenHash = XingLoginUtil.getHash(credentials);
	final String json = XingLoginUtil.getUser(credentials);

	if (givenHash == null \|\| json == null) {
	logger.debug("unable to get hash and/or user data from given credentials");
	return null;
	}

	// validate user data with hash
	try {
	final String computedHash = XingLoginUtil.hash(json, secretKey, XingLogin.HASH_ALGORITHM);
	final boolean match = givenHash.equals(computedHash);
	if (!match) {
	logger.warn("invalid hash or user data given, aborting");
	return null;
	}
	} catch (Exception e) {
	logger.error(e.getMessage(), e);
	return null;
	}

	try {
	final XingUser xingUser = XingLoginUtil.fromJson(json);
	final String userId = xingUser.getId(); // TODO make configurable

	User user = getUser(userId);
	if (user == null) {
	logger.debug("creating a new user with id '{}'", userId);
	final Session session = getSession();
	final UserManager userManager = getUserManager(session);
	user = userManager.createUser(userId, null);
	} else {
	logger.debug("updating an existing user with id '{}'", userId);
	}

	// TODO disable user on create?
	final ValueFactory valueFactory = getSession().getValueFactory();
	final Value dataValue = valueFactory.createValue(json);
	final Value hashValue = valueFactory.createValue(givenHash);
	user.setProperty(userDataProperty, dataValue);
	user.setProperty(userHashProperty, hashValue);
	session.save();
	return user;
	} catch (Exception e) {
	logger.error(e.getMessage(), e);
	return null;
	}
	}

	@Override
	public String getHash(final User user) {
	try {
	final Value[] values = user.getProperty(userHashProperty);
	if (values != null && values.length == 1) {
	final Value value = values[0];
	return value.getString();
	}
	} catch (RepositoryException e) {
	logger.error(e.getMessage(), e);
	}
	return null;
	}

	}