OrganizationAuthenticatorImpl.java example

Explorer
etk-component-master
/*
 * Copyright (C) 2009 eXo Platform SAS.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */
package org.etk.core.membership.auth;

import org.etk.common.logging.Logger;
import org.etk.core.membership.ExtendedUserHandler;
import org.etk.core.membership.Membership;
import org.etk.core.membership.OrganizationService;
import org.etk.core.membership.UserHandler;
import org.etk.core.security.Authenticator;
import org.etk.core.security.Credential;
import org.etk.core.security.DigestPasswordEncrypter;
import org.etk.core.security.Identity;
import org.etk.core.security.MembershipEntry;
import org.etk.core.security.PasswordCredential;
import org.etk.core.security.PasswordEncrypter;
import org.etk.core.security.RolesExtractor;
import org.etk.core.security.UsernameCredential;
import org.etk.kernel.container.component.ComponentRequestLifecycle;
import org.etk.kernel.container.component.RequestLifeCycle;

import java.util.Collection;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import javax.security.auth.login.LoginException;

public class OrganizationAuthenticatorImpl implements Authenticator {

  protected static Logger log = Logger.getLogger(OrganizationAuthenticatorImpl.class);

  private final OrganizationService orgService;

  private final PasswordEncrypter   encrypter;

  private final RolesExtractor      rolesExtractor;

  public OrganizationAuthenticatorImpl(OrganizationService orgService,
                                       RolesExtractor rolesExtractor,
                                       PasswordEncrypter encrypter) {
    this.orgService = orgService;
    this.encrypter = encrypter;
    this.rolesExtractor = rolesExtractor;
  }

  public OrganizationAuthenticatorImpl(OrganizationService orgService, RolesExtractor rolesExtractor) {
    this(orgService, rolesExtractor, null);
  }

  public OrganizationAuthenticatorImpl(OrganizationService orgService) {
    this(orgService, null, null);
  }

  public OrganizationService getOrganizationService() {
    return orgService;
  }

  /*
   * (non-Javadoc)
   * @see
   * org.exoplatform.services.security.Authenticator#createIdentity(java.lang
   * .String)
   */
  public Identity createIdentity(String userId) throws Exception {
    Set<MembershipEntry> entries = new HashSet<MembershipEntry>();
    begin(orgService);
    Collection<Membership> memberships = orgService.getMembershipHandler()
                                                   .findMembershipsByUser(userId);
    end(orgService);
    if (memberships != null) {
      for (Membership membership : memberships)
        entries.add(new MembershipEntry(membership.getGroupId(), membership.getMembershipType()));
    }
    if (rolesExtractor == null)
      return new Identity(userId, entries);
    return new Identity(userId, entries, rolesExtractor.extractRoles(userId, entries));
  }

  /*
   * (non-Javadoc)
   * @see
   * org.exoplatform.services.security.Authenticator#validateUser(org.exoplatform
   * .services.security.Credential[])
   */
  public String validateUser(Credential[] credentials) throws LoginException, Exception {
    String username = null;
    String password = null;
    Map<String, String> passwordContext = null;
    for (Credential cred : credentials) {
      if (cred instanceof UsernameCredential) {
        username = ((UsernameCredential) cred).getUsername();
      }
      if (cred instanceof PasswordCredential) {
        password = ((PasswordCredential) cred).getPassword();
        passwordContext = ((PasswordCredential) cred).getPasswordContext();
      }
    }
    if (username == null || password == null)
      throw new LoginException("Username or Password is not defined");

    if (this.encrypter != null)
      password = new String(encrypter.encrypt(password.getBytes()));

    begin(orgService);
    boolean success;
    Object userHandler = orgService.getUserHandler();
    if (passwordContext != null && userHandler instanceof ExtendedUserHandler) {
      PasswordEncrypter pe = new DigestPasswordEncrypter(username, passwordContext);
      success = ((ExtendedUserHandler) userHandler).authenticate(username, password, pe);
    } else {
      success = ((UserHandler) userHandler).authenticate(username, password);
    }
    end(orgService);

    if (!success)
      throw new LoginException("Login failed for " + username.replace("\n", " ").replace("\r", " "));

    return username;
  }

  public void begin(OrganizationService orgService) throws Exception {
    if (orgService instanceof ComponentRequestLifecycle) {
      RequestLifeCycle.begin((ComponentRequestLifecycle) orgService);
    }
  }

  public void end(OrganizationService orgService) throws Exception {
    if (orgService instanceof ComponentRequestLifecycle) {
      RequestLifeCycle.end();
    }
  }

}