/**
* Copyright (C) 2011 JTalks.org Team
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
package org.jtalks.jcommune.plugin.auth.poulpe.service;
import org.apache.commons.lang3.StringUtils;
import org.jtalks.jcommune.model.dto.UserDto;
import org.jtalks.jcommune.plugin.api.exceptions.NoConnectionException;
import org.jtalks.jcommune.plugin.api.exceptions.UnexpectedErrorException;
import org.jtalks.jcommune.plugin.auth.poulpe.dto.Authentication;
import org.jtalks.jcommune.plugin.auth.poulpe.dto.Errors;
import org.jtalks.jcommune.plugin.auth.poulpe.dto.User;
import org.restlet.Context;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Status;
import org.restlet.engine.header.Header;
import org.restlet.engine.header.HeaderConstants;
import org.restlet.representation.Representation;
import org.restlet.resource.ClientResource;
import org.restlet.resource.ResourceException;
import org.restlet.util.Series;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import javax.xml.bind.JAXBContext;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import java.io.IOException;
import java.util.*;
import java.util.concurrent.ConcurrentMap;
/**
* This class contains method needed for communicate with Poulpe rest service.
*
* @author Andrey Pogorelov
*/
public class PoulpeAuthService {
private static final int CONNECTION_TIMEOUT = 5000;
private final Logger logger = LoggerFactory.getLogger(getClass());
private String regUrl;
private String authUrl;
private String activationUrl;
private String login;
private String password;
public PoulpeAuthService(String url, String login, String password) {
this.regUrl = url + "/rest/private/user";
this.activationUrl = url + "/rest/private/activate";
this.authUrl = url + "/rest/authenticate";
this.login = login;
this.password = password;
}
/**
* Register user with specified data via Poulpe.
* Returns errors if request failed, otherwise return null.
*
* @param userDto user
* @param dryRun do not register the user, just check if it is possible
* @return errors
*/
public Map<String, String> registerUser(UserDto userDto, Boolean dryRun)
throws IOException, NoConnectionException, JAXBException, UnexpectedErrorException {
User user = createUser(userDto.getUsername(), userDto.getPassword(), userDto.getEmail());
ClientResource clientResource = sendRegistrationRequest(user, dryRun);
Map<String, String> result = getRegistrationResult(clientResource, userDto.getLanguage().getLocale());
closeRestletConnection(clientResource);
return result;
}
/**
* Authenticate user with specified data via Poulpe.
* Returns true if auth success, otherwise return false.
*
* @param username username
* @param passwordHash password hash
* @return map with user details
*/
public Map<String, String> authenticate(String username, String passwordHash)
throws JAXBException, IOException, NoConnectionException {
ClientResource clientResource = sendAuthRequest(username, passwordHash);
Map<String, String> result = getAuthResult(clientResource);
closeRestletConnection(clientResource);
return result;
}
/**
* Activate user with specified username in Poulpe.
* @param username username
*/
public void activate(String username) {
ClientResource clientResource = null;
try {
clientResource = sendActivationRequest(username);
} finally {
if (clientResource != null) closeRestletConnection(clientResource);
}
}
private void closeRestletConnection(ClientResource clientResource) {
try {
clientResource.getResponseEntity().exhaust();
} catch (IOException e) {
logger.warn("Error closing connection: {}", e.getMessage() );
}
}
/**
* Gets authentication result from response entity.
*
* @param clientResource response container
* @return map with user details
* @throws org.jtalks.jcommune.plugin.api.exceptions.NoConnectionException
*
*/
private Map<String, String> getAuthResult(ClientResource clientResource)
throws NoConnectionException, JAXBException, IOException {
if (clientResource.getStatus().getCode() == Status.SUCCESS_OK.getCode()
&& clientResource.getResponseEntity() != null) {
return parseUserDetails(clientResource.getResponseEntity());
} else if (clientResource.getStatus().getCode() == Status.CLIENT_ERROR_NOT_FOUND.getCode()) {
return Collections.emptyMap();
} else {
throw new NoConnectionException(clientResource.getStatus().toString());
}
}
private Map<String, String> parseUserDetails(Representation repr) throws JAXBException, IOException {
JAXBContext context = JAXBContext.newInstance(Authentication.class);
Unmarshaller unmarshaller = context.createUnmarshaller();
Authentication auth = (Authentication) unmarshaller.unmarshal(repr.getStream());
Map<String, String> authInfo = new HashMap<>();
authInfo.put("username", auth.getCredintals().getUsername());
authInfo.put("email", auth.getProfile().getEmail());
authInfo.put("firstName", auth.getProfile().getFirstName());
authInfo.put("lastName", auth.getProfile().getLastName());
authInfo.put("enabled", String.valueOf(auth.getProfile().isEnabled()));
return authInfo;
}
/**
* Gets errors from response if request wasn't successful, otherwise return null.
*
* @param clientResource response container
* @param locale locale
* @return errors
* @throws org.jtalks.jcommune.plugin.api.exceptions.NoConnectionException
*
* @throws java.io.IOException
*/
private Map<String, String> getRegistrationResult(ClientResource clientResource, Locale locale)
throws NoConnectionException, IOException, JAXBException, UnexpectedErrorException {
if (clientResource.getStatus().getCode() == Status.SUCCESS_OK.getCode()
&& clientResource.getResponseEntity() != null) {
return Collections.emptyMap();
} else if (clientResource.getStatus().getCode() == Status.CLIENT_ERROR_BAD_REQUEST.getCode()) {
return parseErrors(clientResource.getResponseEntity(), locale);
} else if (clientResource.getStatus().getCode() == Status.SERVER_ERROR_INTERNAL.getCode()) {
throw new UnexpectedErrorException();
} else {
throw new NoConnectionException(clientResource.getStatus().toString());
}
}
/**
* Parse bad response representation for errors.
*
* @param repr response representation
* @param locale locale
* @return errors
* @throws java.io.IOException
*/
private Map<String, String> parseErrors(Representation repr, Locale locale) throws IOException, JAXBException {
JAXBContext context = JAXBContext.newInstance(Errors.class);
Unmarshaller unmarshaller = context.createUnmarshaller();
Errors errorsRepr = (Errors) unmarshaller.unmarshal(repr.getStream());
Map<String, String> errors = new HashMap<>();
ResourceBundle resourceBundle = ResourceBundle.getBundle("ValidationMessages", locale);
for (org.jtalks.jcommune.plugin.auth.poulpe.dto.Error error : errorsRepr.getErrorList()) {
if (error.getCode() != null && !error.getCode().isEmpty()) {
Map.Entry<String, String> errorEntry = parseErrorCode(error.getCode(), resourceBundle);
if (errorEntry != null) {
errors.put(errorEntry.getKey(), errorEntry.getValue());
}
}
}
return errors;
}
/**
* Parse error code with specified {@link ResourceBundle}.
*
* @param errorCode error code
* @param resourceBundle used {@link ResourceBundle}
* @return parsed error as pair field - error message
*/
private Map.Entry<String, String> parseErrorCode(String errorCode, ResourceBundle resourceBundle) {
Map.Entry<String, String> error = null;
if (resourceBundle.containsKey(errorCode)) {
String errorMessage = resourceBundle.getString(errorCode);
if (errorCode.contains("email")) {
errorMessage = errorMessage
.replace("{max}", String.valueOf(org.jtalks.common.model.entity.User.EMAIL_MAX_LENGTH));
error = new HashMap.SimpleEntry<>("userDto.email", errorMessage);
} else if (errorCode.contains("username")) {
errorMessage = errorMessage
.replace("{min}", String.valueOf(org.jtalks.common.model.entity.User.USERNAME_MIN_LENGTH))
.replace("{max}", String.valueOf(org.jtalks.common.model.entity.User.USERNAME_MAX_LENGTH));
error = new HashMap.SimpleEntry<>("userDto.username", errorMessage);
} else if (errorCode.contains("password")) {
errorMessage = errorMessage
.replace("{min}", String.valueOf(org.jtalks.common.model.entity.User.PASSWORD_MIN_LENGTH))
.replace("{max}", String.valueOf(org.jtalks.common.model.entity.User.PASSWORD_MAX_LENGTH));
error = new HashMap.SimpleEntry<>("userDto.password", errorMessage);
}
}
return error;
}
/**
* Creates user entity by specified username, password and email.
*
* @param username username
* @param passwordHash password hash
* @param email user email
* @return user entity
*/
private User createUser(String username, String passwordHash, String email) {
User user = new User();
user.setUsername(username == null ? "" : username);
user.setEmail(email == null ? "" : email);
user.setPasswordHash(passwordHash);
return user;
}
private void addHeaderAttribute(ClientResource clientResource, String attrName, String attrValue) {
ConcurrentMap<String, Object> attrs = clientResource.getRequest().getAttributes();
Series<Header> headers = (Series<Header>) attrs.get(HeaderConstants.ATTRIBUTE_HEADERS);
if (headers == null) {
headers = new Series<>(Header.class);
Series<Header> prev = (Series<Header>) attrs.putIfAbsent(HeaderConstants.ATTRIBUTE_HEADERS, headers);
if (prev != null) {
headers = prev;
}
}
headers.add(attrName, attrValue);
}
/**
* Sends registration post request.
*
* @param user user entity for registration
* @param dryRun do not register the user, just check if it is possible
* @return ClientResource result
*/
protected ClientResource sendRegistrationRequest(User user, Boolean dryRun) {
ClientResource clientResource = createClientResource(regUrl, true);
addCredentialsIfAny(clientResource);
if (dryRun) {
addHeaderAttribute(clientResource, "dryRun", "true");
}
writeRequestInfoToLog(clientResource);
try {
clientResource.post(user);
} catch (ResourceException e) {
logger.warn("Poulpe registration request error: {}", e.getStatus());
}
return clientResource;
}
/**
* Sends registration post request.
*
* @param username user name
* @param passwordHash password hash
* @return ClientResource result
*/
protected ClientResource sendAuthRequest(String username, String passwordHash) {
String url = authUrl + "?username=" + username + "&passwordHash=" + passwordHash;
ClientResource clientResource = createClientResource(url, false);
addCredentialsIfAny(clientResource);
writeRequestInfoToLog(clientResource);
try {
clientResource.get();
} catch (ResourceException e) {
logger.warn("Poulpe authentication request error: {}", e.getStatus());
}
return clientResource;
}
/**
* Send user activation request for specified username
* @param username username
* @return ClientResource result
*/
protected ClientResource sendActivationRequest(String username){
String url = activationUrl + "?username=" + username;
ClientResource clientResource = createClientResource(url, false);
addCredentialsIfAny(clientResource);
writeRequestInfoToLog(clientResource);
try {
clientResource.get();
} catch (ResourceException e) {
logger.warn("Poulpe activation request error: {}", e.getStatus());
}
return clientResource;
}
@SuppressWarnings("unchecked")
private void writeRequestInfoToLog(ClientResource clientResource) {
ConcurrentMap<String, Object> attrs = clientResource.getRequest().getAttributes();
Series<Header> headers = (Series<Header>) attrs.get(HeaderConstants.ATTRIBUTE_HEADERS);
logger.info("Request to Poulpe: requested URI - {}, request headers - {}, request body - {}",
new Object[]{clientResource.getRequest().getResourceRef(), headers, clientResource.getRequest()});
}
private ClientResource createClientResource(String url, boolean buffering) {
ClientResource clientResource = new ClientResource(new Context(), url);
clientResource.getContext().getParameters().add("socketConnectTimeoutMs", String.valueOf(CONNECTION_TIMEOUT));
clientResource.getContext().getParameters().add("maxIoIdleTimeMs", String.valueOf(CONNECTION_TIMEOUT));
clientResource.setEntityBuffering(buffering);
return clientResource;
}
private void addCredentialsIfAny(ClientResource clientResource){
if (!StringUtils.isAnyBlank(login, password))
clientResource.setChallengeResponse(ChallengeScheme.HTTP_BASIC, login, password);
}
}