ADFSProvider.java

/**
 * <a href="http://www.openolat.org">
 * OpenOLAT - Online Learning and Training</a><br>
 * <p>
 * Licensed under the Apache License, Version 2.0 (the "License"); <br>
 * you may not use this file except in compliance with the License.<br>
 * You may obtain a copy of the License at the
 * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
 * <p>
 * Unless required by applicable law or agreed to in writing,<br>
 * software distributed under the License is distributed on an "AS IS" BASIS, <br>
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
 * See the License for the specific language governing permissions and <br>
 * limitations under the License.
 * <p>
 * Initial code contributed and copyrighted by<br>
 * frentix GmbH, http://www.frentix.com
 * <p>
 */
package org.olat.login.oauth.spi;

import org.json.JSONException;
import org.json.JSONObject;
import org.olat.core.logging.OLog;
import org.olat.core.logging.Tracing;
import org.olat.core.util.StringHelper;
import org.olat.login.oauth.OAuthLoginModule;
import org.olat.login.oauth.OAuthSPI;
import org.olat.login.oauth.model.OAuthUser;
import org.scribe.builder.api.Api;
import org.scribe.model.Token;
import org.scribe.oauth.OAuthService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;

/**
 * 
 * Initial date: 06.11.2014<br>
 * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
 *
 */
@Service
public class ADFSProvider implements OAuthSPI {
	
	private static final OLog log = Tracing.createLoggerFor(ADFSProvider.class);

	@Autowired
	private OAuthLoginModule oauthModule;
	
	@Override
	public boolean isEnabled() {
		return oauthModule.isAdfsEnabled();
	}

	@Override
	public boolean isRootEnabled() {
		return oauthModule.isAdfsRootEnabled();
	}

	@Override
	public boolean isImplicitWorkflow() {
		return false;
	}

	@Override
	public Api getScribeProvider() {
		return new ADFSApi();
	}

	@Override
	public String getName() {
		return "adfs";
	}
	
	@Override
	public String getProviderName() {
		return "ADFS";
	}

	@Override
	public String getIconCSS() {
		return "o_icon o_icon_provider_adfs";
	}

	@Override
	public String getAppKey() {
		return oauthModule.getAdfsApiKey();
	}

	@Override
	public String getAppSecret() {
		return "n/A";
	}

	@Override
	public String[] getScopes() {
		return new String[0];
	}

	@Override
	public OAuthUser getUser(OAuthService service, Token accessToken) {
		OAuthUser user = new OAuthUser();
		try {
			JSONWebToken jwt = JSONWebToken.parse(accessToken);
			JSONObject obj = jwt.getJsonPayload();
			user.setId(getValue(obj, "employeeNumber"));
			user.setFirstName(getValue(obj, "displayNamePrintable"));
			user.setLastName(getValue(obj, "Sn"));
			user.setEmail(getValue(obj, "mail"));
			user.setInstitutionalUserIdentifier(getValue(obj, "SAMAccountName"));
			if(!StringHelper.containsNonWhitespace(user.getId())) {
				user.setId(user.getInstitutionalUserIdentifier());
			}
			
		} catch (JSONException e) {
			log.error("", e);
		}
		return user;
	}
	
	private String getValue(JSONObject obj, String property) {
		String value = obj.optString(property);
		return StringHelper.containsNonWhitespace(value) ? value : null;
	}
}