Source code

001/*
002 * (C) Copyright 2006-2013 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     Nelson Silva <[email protected]> - initial API and implementation
018 *     Nuxeo
019 */
020
021package org.nuxeo.ecm.platform.oauth2.openid.auth;
022
023import java.io.Serializable;
024import java.util.HashMap;
025import java.util.Map;
026
027import org.apache.commons.logging.Log;
028import org.apache.commons.logging.LogFactory;
029import org.nuxeo.ecm.core.api.DocumentModel;
030import org.nuxeo.ecm.core.api.DocumentModelList;
031import org.nuxeo.ecm.core.api.NuxeoException;
032import org.nuxeo.ecm.directory.DirectoryException;
033import org.nuxeo.ecm.platform.oauth2.openid.OpenIDConnectProvider;
034import org.nuxeo.ecm.platform.usermanager.UserManager;
035import org.nuxeo.runtime.api.Framework;
036
037/**
038 * Helper class to manage mapping between identification info comming from the OpenID provider and Nuxeo UserManager.
039 *
040 * @author <a href="mailto:[email protected]">Tiry</a>
041 * @since 5.7
042 */
043public class EmailBasedUserResolver extends UserResolver {
044
045    private static final Log log = LogFactory.getLog(EmailBasedUserResolver.class);
046
047    public EmailBasedUserResolver(OpenIDConnectProvider provider) {
048        super(provider);
049    }
050
051    @Override
052    public String findNuxeoUser(OpenIDUserInfo userInfo) {
053
054        try {
055            UserManager userManager = Framework.getService(UserManager.class);
056            Map<String, Serializable> query = new HashMap<String, Serializable>();
057            query.put(userManager.getUserEmailField(), userInfo.getEmail());
058
059            DocumentModelList users = Framework.doPrivileged(() -> userManager.searchUsers(query, null));
060
061            if (users.isEmpty()) {
062                return null;
063            }
064
065            DocumentModel user = users.get(0);
066            return (String) user.getPropertyValue(userManager.getUserIdField());
067
068        } catch (NuxeoException e) {
069            log.error("Error while search user in UserManager using email " + userInfo.getEmail(), e);
070            return null;
071        }
072    }
073
074    @Override
075    public DocumentModel updateUserInfo(DocumentModel user, OpenIDUserInfo userInfo) {
076        try {
077            UserManager userManager = Framework.getService(UserManager.class);
078            user.setPropertyValue(userManager.getUserEmailField(), userInfo.getEmail());
079
080            Framework.doPrivileged(() -> userManager.updateUser(user));
081        } catch (NuxeoException e) {
082            log.error("Error while search user in UserManager using email " + userInfo.getEmail(), e);
083            return null;
084        }
085        return user;
086    }
087
088}