Search in sources :

Example 1 with XingUser

use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.

the class DefaultXingOauthUserManager method updateUser.

@Override
public User updateUser(Credentials credentials) {
    logger.debug("update user");
    final XingUser xingUser = XingOauthUtil.getXingUser(credentials);
    if (xingUser == null) {
        return null;
    }
    try {
        final Session session = getSession();
        final User user = getUser(credentials);
        final ValueFactory valueFactory = session.getValueFactory();
        final boolean firstnameUpdated = updateUserProperty(user, valueFactory, FIRSTNAME_PROPERTY, xingUser.getFirstName());
        final boolean lastnameUpdated = updateUserProperty(user, valueFactory, LASTNAME_PROPERTY, xingUser.getLastName());
        if (firstnameUpdated || lastnameUpdated) {
            session.save();
        }
        return user;
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        return null;
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) XingUser(org.apache.sling.auth.xing.api.XingUser) XingUser(org.apache.sling.auth.xing.api.XingUser) ValueFactory(javax.jcr.ValueFactory) RepositoryException(javax.jcr.RepositoryException) Session(javax.jcr.Session)

Example 2 with XingUser

use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.

the class DefaultXingOauthUserManager method createUser.

@Override
public User createUser(final Credentials credentials) {
    logger.debug("create user");
    final XingUser xingUser = XingOauthUtil.getXingUser(credentials);
    if (xingUser == null) {
        return null;
    }
    try {
        // TODO make configurable
        final String userId = xingUser.getId();
        final Session session = getSession();
        final UserManager userManager = getUserManager(session);
        final User user = userManager.createUser(userId, null);
        // TODO disable user on create?
        final ValueFactory valueFactory = session.getValueFactory();
        final Value firstnameValue = valueFactory.createValue(xingUser.getFirstName());
        final Value lastnameValue = valueFactory.createValue(xingUser.getLastName());
        user.setProperty(FIRSTNAME_PROPERTY, firstnameValue);
        user.setProperty(LASTNAME_PROPERTY, lastnameValue);
        session.save();
        return user;
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        return null;
    }
}
Also used : User(org.apache.jackrabbit.api.security.user.User) XingUser(org.apache.sling.auth.xing.api.XingUser) UserManager(org.apache.jackrabbit.api.security.user.UserManager) AbstractXingUserManager(org.apache.sling.auth.xing.api.AbstractXingUserManager) XingOauthUserManager(org.apache.sling.auth.xing.oauth.XingOauthUserManager) Value(javax.jcr.Value) XingUser(org.apache.sling.auth.xing.api.XingUser) ValueFactory(javax.jcr.ValueFactory) RepositoryException(javax.jcr.RepositoryException) Session(javax.jcr.Session)

Example 3 with XingUser

use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.

the class XingOauthAuthenticationHandler method extractCredentials.

// we need the OAuth access token and the user from XING (/v1/users/me)
@Override
public AuthenticationInfo extractCredentials(final HttpServletRequest request, final HttpServletResponse response) {
    logger.debug("extract credentials");
    if (oAuthService == null) {
        logger.error("OAuthService is null, check configuration");
        return null;
    }
    try {
        final HttpSession httpSession = request.getSession(true);
        Token accessToken = (Token) httpSession.getAttribute(OAuthConstants.ACCESS_TOKEN);
        XingUser xingUser = (XingUser) httpSession.getAttribute(USER_SESSION_ATTRIBUTE_NAME);
        if (accessToken == null) {
            // we need the request token and verifier to get an access token
            final Token requestToken = (Token) httpSession.getAttribute(OAuthConstants.TOKEN);
            final String verifier = request.getParameter(OAuthConstants.VERIFIER);
            if (requestToken == null || verifier == null) {
                return null;
            }
            accessToken = oAuthService.getAccessToken(requestToken, new Verifier(verifier));
            logger.debug("access token: {}", accessToken);
            httpSession.setAttribute(OAuthConstants.ACCESS_TOKEN, accessToken);
        }
        if (xingUser == null) {
            xingUser = fetchUser(accessToken);
            logger.debug("xing user: {}", xingUser);
            httpSession.setAttribute(USER_SESSION_ATTRIBUTE_NAME, xingUser);
        }
        final AuthenticationInfo authenticationInfo = new AuthenticationInfo(XingOauth.AUTH_TYPE, xingUser.getId());
        authenticationInfo.put(XingOauth.AUTHENTICATION_CREDENTIALS_ACCESS_TOKEN_KEY, accessToken);
        authenticationInfo.put(XingOauth.AUTHENTICATION_CREDENTIALS_USER_KEY, xingUser);
        return authenticationInfo;
    } catch (Exception e) {
        logger.error(e.getMessage(), e);
        removeAuthFromSession(request);
        return null;
    }
}
Also used : HttpSession(javax.servlet.http.HttpSession) Token(org.scribe.model.Token) XingUser(org.apache.sling.auth.xing.api.XingUser) Verifier(org.scribe.model.Verifier) AuthenticationInfo(org.apache.sling.auth.core.spi.AuthenticationInfo) IOException(java.io.IOException)

Example 4 with XingUser

use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.

the class XingOauthAuthenticationPlugin method authenticate.

@Override
public boolean authenticate(final Credentials credentials) throws RepositoryException {
    logger.debug("authenticate");
    final Token accessToken = XingOauthUtil.getAccessToken(credentials);
    final XingUser xingUser = XingOauthUtil.getXingUser(credentials);
    if (accessToken == null || xingUser == null) {
        return false;
    }
    User user = xingOauthUserManager.getUser(credentials);
    if (user == null) {
        // check if given credentials pulled up an existing user
        logger.debug("no user found for given credentials");
        if (xingOauthUserManager.autoCreate()) {
            logger.debug("creating a new user from given user data");
            user = xingOauthUserManager.createUser(credentials);
        }
    } else {
        if (xingOauthUserManager.autoUpdate()) {
            xingOauthUserManager.updateUser(credentials);
        }
    }
    return user != null;
}
Also used : XingUser(org.apache.sling.auth.xing.api.XingUser) User(org.apache.jackrabbit.api.security.user.User) Token(org.scribe.model.Token) XingUser(org.apache.sling.auth.xing.api.XingUser)

Example 5 with XingUser

use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.

the class XingOauthUtil method getXingUser.

public static XingUser getXingUser(Credentials credentials) {
    if (credentials instanceof SimpleCredentials) {
        final SimpleCredentials simpleCredentials = (SimpleCredentials) credentials;
        final Object attribute = simpleCredentials.getAttribute(XingOauth.AUTHENTICATION_CREDENTIALS_USER_KEY);
        if (attribute instanceof XingUser) {
            return (XingUser) attribute;
        }
    }
    return null;
}
Also used : SimpleCredentials(javax.jcr.SimpleCredentials) XingUser(org.apache.sling.auth.xing.api.XingUser)

Aggregations

XingUser (org.apache.sling.auth.xing.api.XingUser)7 User (org.apache.jackrabbit.api.security.user.User)4 RepositoryException (javax.jcr.RepositoryException)3 Session (javax.jcr.Session)3 ValueFactory (javax.jcr.ValueFactory)3 Token (org.scribe.model.Token)3 Value (javax.jcr.Value)2 UserManager (org.apache.jackrabbit.api.security.user.UserManager)2 AbstractXingUserManager (org.apache.sling.auth.xing.api.AbstractXingUserManager)2 IOException (java.io.IOException)1 SimpleCredentials (javax.jcr.SimpleCredentials)1 HttpSession (javax.servlet.http.HttpSession)1 AuthenticationInfo (org.apache.sling.auth.core.spi.AuthenticationInfo)1 XingLoginUserManager (org.apache.sling.auth.xing.login.XingLoginUserManager)1 XingOauthUserManager (org.apache.sling.auth.xing.oauth.XingOauthUserManager)1 Verifier (org.scribe.model.Verifier)1