RancherIdentityProvider.java

package io.cattle.platform.iaas.api.auth.integration.internal.rancher;

import io.cattle.platform.api.auth.Identity;
import io.cattle.platform.core.constants.IdentityConstants;
import io.cattle.platform.core.constants.ProjectConstants;
import io.cattle.platform.core.model.Account;
import io.cattle.platform.iaas.api.auth.dao.AuthDao;
import io.cattle.platform.iaas.api.auth.integration.interfaces.IdentityProvider;
import io.cattle.platform.object.ObjectManager;
import io.github.ibuildthecloud.gdapi.context.ApiContext;
import io.github.ibuildthecloud.gdapi.exception.ClientVisibleException;
import io.github.ibuildthecloud.gdapi.id.IdFormatter;
import io.github.ibuildthecloud.gdapi.util.ResponseCodes;

import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

import javax.inject.Inject;

public class RancherIdentityProvider implements IdentityProvider {

    @Inject
    AuthDao authDao;
    @Inject
    ObjectManager objectManager;

    @Inject
    IdFormatter idFormatter;

    @Override
    public List<Identity> searchIdentities(String name, String scope, boolean exactMatch) {
        if (!isConfigured()){
            notConfigured();
        }
        List<Identity> identities = new ArrayList<>();
        if (!scopes().contains(scope)){
            return identities;
        }
        List<Account> accounts = new ArrayList<>();
        if (exactMatch){
            accounts.add(authDao.getByUsername(name));
        } else {
            accounts.addAll(authDao.searchUsers(name));
        }
        for(Account account: accounts){
            if (account != null) {
                identities.add(authDao.getIdentity(account.getId(), ApiContext.getContext().getIdFormatter()));
            }
        }
        return identities;
    }

    @Override
    public Set<Identity> getIdentities(Account account) {
        Set<Identity> identities = new HashSet<>();
        identities.add(new Identity(ProjectConstants.RANCHER_ID, String.valueOf(account.getId())));
        return identities;
    }

    @Override
    public List<Identity> searchIdentities(String name, boolean exactMatch) {
        if (!isConfigured()){
            notConfigured();
        }
        List<Identity> identities = new ArrayList<>();
        for (String scope : scopes()) {
            identities.addAll(searchIdentities(name, scope, exactMatch));
        }
        return identities;
    }

    private void notConfigured() {
        throw new ClientVisibleException(ResponseCodes.SERVICE_UNAVAILABLE,
                "RancherIdentityNotConfigured", "Rancher is not configured as an Identity provider.", null);
    }

    @Override
    public Identity getIdentity(String id, String scope) {
        if (!isConfigured()){
            notConfigured();
        }
        if (!scopes().contains(scope)) {
            return null;
        }
        String accountId = idFormatter.parseId(id);
        return authDao.getIdentity(Long.valueOf(accountId == null ? id : accountId),
                idFormatter);
    }

    @Override
    public Identity transform(Identity identity) {
        IdFormatter idFormatter = ApiContext.getContext().getIdFormatter();
        switch (identity.getExternalIdType()) {

            case ProjectConstants.RANCHER_ID:
                String accountId = idFormatter.parseId(identity.getExternalId());
                return authDao.getIdentity(Long.valueOf(accountId != null ? accountId: identity.getExternalId()), null);
            default:
                throw new ClientVisibleException(ResponseCodes.BAD_REQUEST,
                        IdentityConstants.INVALID_TYPE, "Rancher does not provide: " + identity.getExternalIdType(), null);
        }
    }

    @Override
    public Identity untransform(Identity identity) {
        IdFormatter idFormatter = ApiContext.getContext().getIdFormatter();
        switch (identity.getExternalIdType()) {
            case ProjectConstants.RANCHER_ID:
                long id;
                try {
                    id = Long.valueOf(identity.getExternalId());
                } catch (NumberFormatException e) {
                    id = Long.valueOf(idFormatter.parseId(identity.getExternalId()));
                }
                Identity gotIdentity = authDao.getIdentity(id, idFormatter);
                if (gotIdentity != null) {
                    return new Identity(gotIdentity, identity.getRole(), identity.getProjectId());
                } else {
                    return null;
                }
            default:
                throw new ClientVisibleException(ResponseCodes.BAD_REQUEST,
                        IdentityConstants.INVALID_TYPE, "Rancher does not provide: " + identity.getExternalIdType(), null);
        }
    }

    @Override
    public Set<String> scopes() {
        return ProjectConstants.SCOPES;
    }

    @Override
    public boolean isConfigured() {
        return true;
    }

    @Override
    public String getName() {
        return ProjectConstants.RANCHER_SEARCH_PROVIDER;
    }

    @Override
    public String providerType() {
        return "rancherServer";
    }
}