Source Code of org.exist.security.realm.oauth.OAuthRealm

/*
 *  eXist Open Source Native XML Database
 *  Copyright (C) 2011 The eXist Project
 *  http://exist-db.org
 *
 *  This program is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public License
 *  as published by the Free Software Foundation; either version 2
 *  of the License, or (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 *  $Id$
 */
package org.exist.security.realm.oauth;

import java.util.List;
import java.util.Map;
import java.util.Map.Entry;

import org.apache.log4j.Logger;
import org.exist.EXistException;
import org.exist.config.Configuration;
import org.exist.config.ConfigurationException;
import org.exist.config.Configurator;
import org.exist.config.annotation.*;
import org.exist.security.AbstractRealm;
import org.exist.security.Account;
import org.exist.security.AuthenticationException;
import org.exist.security.Group;
import org.exist.security.PermissionDeniedException;
import org.exist.security.SchemaType;
import org.exist.security.Subject;
import org.exist.security.internal.SecurityManagerImpl;
import org.exist.security.internal.aider.GroupAider;
import org.exist.security.internal.aider.UserAider;
import org.exist.storage.DBBroker;
import org.scribe.exceptions.OAuthException;

/**
 * @author <a href="mailto:shabanovd@gmail.com">Dmitriy Shabanov</a>
 *
 */
@ConfigurationClass("realm") //TODO: id = OAuth
public class OAuthRealm extends AbstractRealm {

    protected final static Logger LOG = Logger.getLogger(OAuthRealm.class);
    private final static String OAUTH = "OAuth";

    protected static OAuthRealm _ = null;

    @ConfigurationFieldAsAttribute("id")
    public final static String ID = "OAuth";

    @ConfigurationFieldAsAttribute("version")
    public final static String version = "1.0";

    //@ConfigurationReferenceBy("name")
    @ConfigurationFieldAsElement("service")
    @ConfigurationFieldClassMask("org.exist.security.realm.oauth.Service")
    List<Service> services;

    private Group primaryGroup = null;

    public OAuthRealm(final SecurityManagerImpl sm, Configuration config) throws ConfigurationException {
        super(sm, config);
        _ = this;

    configuration = Configurator.configure(this, config);
    }

  @Override
  public String getId() {
    return ID;
  }

  private synchronized Group getPrimaryGroup() throws PermissionDeniedException {
    if (primaryGroup == null) {
      primaryGroup = getGroup(OAUTH);
      if (primaryGroup == null)
        try {
          primaryGroup = executeAsSystemUser(new Unit<Group>() {
            @Override
            public Group execute(DBBroker broker) throws EXistException, PermissionDeniedException {
              return addGroup(new GroupAider(ID, OAUTH));
            }
          });

          if (primaryGroup == null)
            throw new ConfigurationException("OAuth realm can not create primary group 'OAuth'.");

        } catch (PermissionDeniedException e) {
          throw e;
        } catch (ConfigurationException e) {
          throw new PermissionDeniedException(e);
        } catch (EXistException e) {
          throw new PermissionDeniedException(e);
        }
    }
    return primaryGroup;
  }

  @Override
  public Subject authenticate(final String accountName, Object credentials) throws AuthenticationException {
    return null;
  }

  @Override
  public boolean deleteAccount(Account account) throws PermissionDeniedException, EXistException, ConfigurationException {
    // Auto-generated method stub
    return false;
  }

  @Override
  public boolean deleteGroup(Group group) throws PermissionDeniedException, EXistException, ConfigurationException {
    // Auto-generated method stub
    return false;
  }

    protected Account createAccountInDatabase(final String username, final Map<SchemaType, String> metadata) throws AuthenticationException {

        try {
            return executeAsSystemUser(new Unit<Account>(){
                @Override
                public Account execute(DBBroker broker) throws EXistException, PermissionDeniedException {
                    //create the user account
                    UserAider userAider = new UserAider(ID, username, getPrimaryGroup());

                    //store any requested metadata
                    for(Entry<SchemaType, String> entry : metadata.entrySet())
                        userAider.setMetadataValue(entry.getKey(), entry.getValue());

                    Account account = getSecurityManager().addAccount(userAider);

                    return account;
                }
            });
        } catch(Exception e) {
            throw new AuthenticationException(AuthenticationException.UNNOWN_EXCEPTION, e.getMessage(), e);
        }
    }

  public Service getServiceBulderByPath(String name) {
    for (Service service : services) {
      if (service.getName().equals(name)) {
        return service;
      }
    }

    throw new OAuthException("Service no found by name '"+name+"'.");
  }

}