Search in sources :

Example 1 with UserIdentification

use of fi.otavanopisto.muikku.model.security.UserIdentification in project muikku by otavanopisto.

the class UserIdentificationDAO method findByAuthSourceAndExternalId.

public UserIdentification findByAuthSourceAndExternalId(AuthSource authSource, String externalId) {
    EntityManager entityManager = getEntityManager();
    CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
    CriteriaQuery<UserIdentification> criteria = criteriaBuilder.createQuery(UserIdentification.class);
    Root<UserIdentification> root = criteria.from(UserIdentification.class);
    criteria.select(root);
    criteria.where(criteriaBuilder.and(criteriaBuilder.equal(root.get(UserIdentification_.externalId), externalId), criteriaBuilder.equal(root.get(UserIdentification_.authSource), authSource)));
    return getSingleResult(entityManager.createQuery(criteria));
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) EntityManager(javax.persistence.EntityManager) UserIdentification(fi.otavanopisto.muikku.model.security.UserIdentification)

Example 2 with UserIdentification

use of fi.otavanopisto.muikku.model.security.UserIdentification in project muikku by otavanopisto.

the class UserIdentificationDAO method listByUser.

public List<UserIdentification> listByUser(UserEntity user) {
    EntityManager entityManager = getEntityManager();
    CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
    CriteriaQuery<UserIdentification> criteria = criteriaBuilder.createQuery(UserIdentification.class);
    Root<UserIdentification> root = criteria.from(UserIdentification.class);
    criteria.select(root);
    criteria.where(criteriaBuilder.equal(root.get(UserIdentification_.user), user));
    return entityManager.createQuery(criteria).getResultList();
}
Also used : CriteriaBuilder(javax.persistence.criteria.CriteriaBuilder) EntityManager(javax.persistence.EntityManager) UserIdentification(fi.otavanopisto.muikku.model.security.UserIdentification)

Example 3 with UserIdentification

use of fi.otavanopisto.muikku.model.security.UserIdentification in project muikku by otavanopisto.

the class UserIdentificationDAO method create.

public UserIdentification create(UserEntity user, AuthSource authSource, String externalId) {
    UserIdentification userIdentification = new UserIdentification();
    userIdentification.setAuthSource(authSource);
    userIdentification.setExternalId(externalId);
    userIdentification.setUser(user);
    return persist(userIdentification);
}
Also used : UserIdentification(fi.otavanopisto.muikku.model.security.UserIdentification)

Example 4 with UserIdentification

use of fi.otavanopisto.muikku.model.security.UserIdentification in project muikku by otavanopisto.

the class AbstractAuthenticationStrategy method processLogin.

protected AuthenticationResult processLogin(AuthSource authSource, Map<String, String[]> requestParameters, String externalId, List<String> emails, String firstName, String lastName) {
    if ((emails == null) || (emails.isEmpty())) {
        return new AuthenticationResult(Status.NO_EMAIL);
    }
    Collection<UserEntity> emailUsers = userEntityController.listUserEntitiesByEmails(emails);
    if (emailUsers.size() > 1) {
        return new AuthenticationResult(Status.CONFLICT, ConflictReason.SEVERAL_USERS_BY_EMAILS);
    }
    UserEntity emailUser = emailUsers.size() == 1 ? emailUsers.iterator().next() : null;
    boolean newAccount = false;
    User activeUser = null;
    UserIdentification userIdentification = userIdentificationController.findUserIdentificationByAuthSourceAndExternalId(authSource, externalId);
    if (userIdentification != null) {
        // User has identified by this auth source before
        if (emailUser != null && !emailUser.getId().equals(userIdentification.getUser().getId())) {
            return new AuthenticationResult(Status.CONFLICT, ConflictReason.EMAIL_BELONGS_TO_ANOTHER_USER);
        }
    } else {
        // User has not used this auth source before
        if (emailUser != null) {
            // But has existing user in the system, so we attach the identification into the same user
            userIdentification = userIdentificationController.createUserIdentification(emailUser, authSource, externalId);
        } else {
            List<User> users = null;
            // If user can be found from datasources by emails, we just attach those users to new entity
            schoolDataBridgeSessionController.startSystemSession();
            try {
                users = userSchoolDataController.listUsersByEmails(emails);
            } finally {
                schoolDataBridgeSessionController.endSystemSession();
            }
            UserEntity userEntity = null;
            for (User user : users) {
                UserSchoolDataIdentifier userSchoolDataIdentifier = userSchoolDataIdentifierController.findUserSchoolDataIdentifierByDataSourceAndIdentifier(user.getSchoolDataSource(), user.getIdentifier());
                if (userSchoolDataIdentifier != null) {
                    if (userEntity == null) {
                        userEntity = userSchoolDataIdentifier.getUserEntity();
                    } else if (!userEntity.getId().equals(userSchoolDataIdentifier.getUserEntity().getId())) {
                        logger.severe(String.format("User %s.%s points to multiple UserEntity instances", user.getSchoolDataSource(), user.getIdentifier()));
                        return new AuthenticationResult(Status.CONFLICT, ConflictReason.SEVERAL_USERS_BY_EMAILS);
                    }
                }
            }
            if (userEntity == null) {
                logger.severe(String.format("Unable to resolve UserEntity for %s", StringUtils.join(emails, ',')));
                return new AuthenticationResult(Status.NO_EMAIL);
            }
            userIdentification = userIdentificationController.createUserIdentification(userEntity, authSource, externalId);
            newAccount = true;
        }
    }
    if (activeUser == null) {
        activeUser = userSchoolDataController.findActiveUser(userIdentification.getUser().getDefaultSchoolDataSource(), userIdentification.getUser().getDefaultIdentifier());
        if (activeUser == null) {
            activeUser = userSchoolDataController.listUsersByEmails(emails).get(0);
        }
    }
    if (activeUser == null) {
        logger.severe(String.format("Active user could not be found"));
        return new AuthenticationResult(AuthenticationResult.Status.ERROR);
    }
    return login(userIdentification, activeUser, newAccount);
}
Also used : UserSchoolDataIdentifier(fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier) User(fi.otavanopisto.muikku.schooldata.entity.User) UserIdentification(fi.otavanopisto.muikku.model.security.UserIdentification) UserEntity(fi.otavanopisto.muikku.model.users.UserEntity)

Aggregations

UserIdentification (fi.otavanopisto.muikku.model.security.UserIdentification)4 EntityManager (javax.persistence.EntityManager)2 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2 UserEntity (fi.otavanopisto.muikku.model.users.UserEntity)1 UserSchoolDataIdentifier (fi.otavanopisto.muikku.model.users.UserSchoolDataIdentifier)1 User (fi.otavanopisto.muikku.schooldata.entity.User)1