return login("social");
}
require(AccountRoles.MANAGE_ACCOUNT);
csrfCheck(stateChecker);
UserModel user = auth.getUser();
if (Validation.isEmpty(providerId)) {
setReferrerOnPage();
return account.setError(Messages.MISSING_SOCIAL_PROVIDER).createResponse(AccountPages.SOCIAL);
}
AccountSocialAction accountSocialAction = AccountSocialAction.getAction(action);
if (accountSocialAction == null) {
setReferrerOnPage();
return account.setError(Messages.INVALID_SOCIAL_ACTION).createResponse(AccountPages.SOCIAL);
}
SocialProvider provider = SocialLoader.load(providerId);
if (provider == null) {
setReferrerOnPage();
return account.setError(Messages.SOCIAL_PROVIDER_NOT_FOUND).createResponse(AccountPages.SOCIAL);
}
if (!user.isEnabled()) {
setReferrerOnPage();
return account.setError(Messages.ACCOUNT_DISABLED).createResponse(AccountPages.SOCIAL);
}
switch (accountSocialAction) {
case ADD:
String redirectUri = UriBuilder.fromUri(Urls.accountSocialPage(uriInfo.getBaseUri(), realm.getName())).build().toString();
try {
ClientSessionModel clientSession = auth.getClientSession();
clientSession.setAction(ClientSessionModel.Action.AUTHENTICATE);
clientSession.setRedirectUri(redirectUri);
clientSession.setNote(OpenIDConnect.STATE_PARAM, UUID.randomUUID().toString());
ClientSessionCode clientSessionCode = new ClientSessionCode(realm, clientSession);
return Flows.social(realm, uriInfo, clientConnection, provider)
.redirectToSocialProvider(clientSessionCode);
} catch (SocialProviderException spe) {
setReferrerOnPage();
return account.setError(Messages.SOCIAL_REDIRECT_ERROR).createResponse(AccountPages.SOCIAL);
}
case REMOVE:
SocialLinkModel link = session.users().getSocialLink(user, providerId, realm);
if (link != null) {
// Removing last social provider is not possible if you don't have other possibility to authenticate
if (session.users().getSocialLinks(user, realm).size() > 1 || user.getFederationLink() != null || isPasswordSet(user)) {
session.users().removeSocialLink(realm, user, providerId);
logger.debugv("Social provider {0} removed successfully from user {1}", providerId, user.getUsername());
event.event(EventType.REMOVE_SOCIAL_LINK).client(auth.getClient()).user(auth.getUser())
.detail(Details.USERNAME, link.getSocialUserId() + "@" + link.getSocialProvider())
.success();