Example 6 with XingUser
use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.
the class XingOauthLoginModulePlugin method canHandle.
@Override
public boolean canHandle(final Credentials credentials) {
logger.debug("canHandle({})", credentials);
final Token accessToken = XingOauthUtil.getAccessToken(credentials);
final XingUser xingUser = XingOauthUtil.getXingUser(credentials);
logger.debug("access token: {}, xing user: {}", accessToken, xingUser);
return accessToken != null && xingUser != null;
}Example 7 with XingUser
use of org.apache.sling.auth.xing.api.XingUser in project sling by apache.
the class DefaultXingLoginUserManager method storeUser.
protected User storeUser(Credentials credentials) {
final String givenHash = XingLoginUtil.getHash(credentials);
final String json = XingLoginUtil.getUser(credentials);
if (givenHash == null || json == null) {
logger.debug("unable to get hash and/or user data from given credentials");
return null;
}
// validate user data with hash
try {
final String computedHash = XingLoginUtil.hash(json, secretKey, XingLogin.HASH_ALGORITHM);
final boolean match = givenHash.equals(computedHash);
if (!match) {
logger.warn("invalid hash or user data given, aborting");
return null;
}
} catch (Exception e) {
logger.error(e.getMessage(), e);
return null;
}
try {
final XingUser xingUser = XingLoginUtil.fromJson(json);
// TODO make configurable
final String userId = xingUser.getId();
User user = getUser(userId);
if (user == null) {
logger.debug("creating a new user with id '{}'", userId);
final Session session = getSession();
final UserManager userManager = getUserManager(session);
user = userManager.createUser(userId, null);
} else {
logger.debug("updating an existing user with id '{}'", userId);
}
// TODO disable user on create?
final ValueFactory valueFactory = getSession().getValueFactory();
final Value dataValue = valueFactory.createValue(json);
final Value hashValue = valueFactory.createValue(givenHash);
user.setProperty(userDataProperty, dataValue);
user.setProperty(userHashProperty, hashValue);
session.save();
return user;
} catch (Exception e) {
logger.error(e.getMessage(), e);
return null;
}
}
Also used :
User(org.apache.jackrabbit.api.security.user.User)
XingUser(org.apache.sling.auth.xing.api.XingUser)
XingLoginUserManager(org.apache.sling.auth.xing.login.XingLoginUserManager)
UserManager(org.apache.jackrabbit.api.security.user.UserManager)
AbstractXingUserManager(org.apache.sling.auth.xing.api.AbstractXingUserManager)
Value(javax.jcr.Value)
XingUser(org.apache.sling.auth.xing.api.XingUser)
ValueFactory(javax.jcr.ValueFactory)
RepositoryException(javax.jcr.RepositoryException)
Session(javax.jcr.Session)
Aggregations
XingUser (org.apache.sling.auth.xing.api.XingUser)7
User (org.apache.jackrabbit.api.security.user.User)4
RepositoryException (javax.jcr.RepositoryException)3
Session (javax.jcr.Session)3
ValueFactory (javax.jcr.ValueFactory)3
Token (org.scribe.model.Token)3
Value (javax.jcr.Value)2
UserManager (org.apache.jackrabbit.api.security.user.UserManager)2
AbstractXingUserManager (org.apache.sling.auth.xing.api.AbstractXingUserManager)2
IOException (java.io.IOException)1
SimpleCredentials (javax.jcr.SimpleCredentials)1
HttpSession (javax.servlet.http.HttpSession)1
AuthenticationInfo (org.apache.sling.auth.core.spi.AuthenticationInfo)1
XingLoginUserManager (org.apache.sling.auth.xing.login.XingLoginUserManager)1
XingOauthUserManager (org.apache.sling.auth.xing.oauth.XingOauthUserManager)1
Verifier (org.scribe.model.Verifier)1
