UserLdapAttributeMapper.java

package alien4cloud.security.spring.ldap;

import java.util.List;

import javax.naming.NamingException;
import javax.naming.directory.Attribute;
import javax.naming.directory.Attributes;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Conditional;
import org.springframework.ldap.core.AttributesMapper;
import org.springframework.stereotype.Component;

import alien4cloud.security.model.User;

import com.google.common.collect.Lists;

/**
 * Mapping LDAP user to Alien 4 Cloud ES User
 */
@Component
@Conditional(LdapCondition.class)
public class UserLdapAttributeMapper implements AttributesMapper<User> {

    @Value("${ldap.mapping.id}")
    private String userIdKey;

    @Value("${ldap.mapping.firstname}")
    private String userFirstNameKey;

    @Value("${ldap.mapping.lastname}")
    private String userLastNameKey;

    @Value("${ldap.mapping.email}")
    private String userEmailKey;

    @Value("${ldap.mapping.active.key:}")
    private String userActiveKey;

    @Value("${ldap.mapping.active.value:}")
    private String userActiveValue;

    @Value("${ldap.mapping.roles.key:}")
    private String userRolesKey;

    @Override
    public User mapFromAttributes(Attributes attributes) throws NamingException {
        User user = new User();

        // Each attribute name is specific to the LDAP
        Attribute username = attributes.get(userIdKey);
        Attribute lastName = attributes.get(userLastNameKey);
        Attribute firstName = attributes.get(userFirstNameKey);
        Attribute email = attributes.get(userEmailKey);
        Attribute accountStatus = (userActiveKey == null || userActiveKey.isEmpty()) ? null : attributes.get(userActiveKey);
        Attribute roles = (userRolesKey == null || userRolesKey.isEmpty()) ? null : attributes.get(userRolesKey);

        // Each field may not be defined in LDAP
        if (username != null) {
            user.setUsername((String) username.get());
        }

        if (lastName != null) {
            user.setLastName((String) lastName.get());
        }

        if (firstName != null) {
            user.setFirstName((String) firstName.get());
        }

        if (email != null) {
            user.setEmail((String) email.get());
        }

        if (accountStatus != null) {
            String status = (String) accountStatus.get();
            user.setAccountNonExpired(userActiveValue == null || userActiveValue.equals(status));
        }

        if (roles != null && roles.size() != 0) {
            List<String> userRoles = Lists.newArrayList();
            if (roles.size() > 1) {
                // expect only a single role per attribute
                for (int i = 0; i < roles.size(); i++) {
                    userRoles.add((String) roles.get(i));
                }
            } else {
                String rolesStr = (String) roles.get();
                for (String role : rolesStr.split(",")) {
                    if (!role.isEmpty()) {
                        userRoles.add(role);
                    }
                }
            }
            user.setRoles(userRoles.toArray(new String[userRoles.size()]));
        }

        return user;
    }
}