edu.uiuc.ncsa.oa4mp.oauth2.client.OA2ClientLoader Maven / Gradle / Ivy
package edu.uiuc.ncsa.oa4mp.oauth2.client;
import edu.uiuc.ncsa.myproxy.oa4mp.client.ClientEnvironment;
import edu.uiuc.ncsa.myproxy.oa4mp.client.ClientXMLTags;
import edu.uiuc.ncsa.myproxy.oa4mp.client.OA4MPServiceProvider;
import edu.uiuc.ncsa.myproxy.oa4mp.client.loader.AbstractClientLoader;
import edu.uiuc.ncsa.myproxy.oa4mp.client.storage.*;
import edu.uiuc.ncsa.security.core.configuration.provider.CfgEvent;
import edu.uiuc.ncsa.security.core.configuration.provider.TypedProvider;
import edu.uiuc.ncsa.security.core.util.BasicIdentifier;
import edu.uiuc.ncsa.security.delegation.client.DelegationService;
import edu.uiuc.ncsa.security.delegation.storage.Client;
import edu.uiuc.ncsa.security.delegation.token.TokenForge;
import edu.uiuc.ncsa.security.oauth_2_0.OA2Constants;
import edu.uiuc.ncsa.security.oauth_2_0.OA2TokenForge;
import edu.uiuc.ncsa.security.oauth_2_0.client.*;
import org.apache.commons.configuration.tree.ConfigurationNode;
import javax.inject.Provider;
import java.net.URI;
import java.util.HashMap;
import static edu.uiuc.ncsa.myproxy.oa4mp.client.ClientEnvironment.CALLBACK_URI_KEY;
/**
* Created by Jeff Gaynor
* on 6/4/13 at 4:34 PM
*/
public class OA2ClientLoader extends AbstractClientLoader {
public OA2ClientLoader(ConfigurationNode node) {
super(node);
}
@Override
public String getVersionString() {
return "OA4MP Client OAuth 2 configuration loader, version " + VERSION_NUMBER;
}
public OA4MPServiceProvider getServiceProvider() {
return new OA2MPServiceProvider(load());
}
/**
* Factory method. Override this to create the actual instance as needed.
*
* @param tokenForgeProvider
* @param clientProvider
* @param constants
* @return
*/
public T createInstance(Provider tokenForgeProvider,
Provider clientProvider,
HashMap constants) {
ClientEnvironment ce = null;
ce = new OA2ClientEnvironment(
myLogger, constants,
getAccessTokenURI(),
getAuthorizeURI(),
getCallback(),
getInitiateURI(),
getAssetURI(),
checkCertLifetime(),
getId(),
getSkin(),
isEnableAssetCleanup(),
getMaxAssetLifetime(),
getKeypairLifetime(),
getAssetProvider(),
clientProvider,
tokenForgeProvider,
getDSP(),
getAssetStoreProvider(),
isShowRedirectPage(),
getErrorPagePath(),
getRedirectPagePath(),
getSuccessPagePath(),
getSecret()
);
return (T) ce;
}
AssetProvider assetProvider = null;
@Override
public AssetProvider getAssetProvider() {
if(assetProvider == null){
assetProvider = new OA2AssetProvider();
}
return assetProvider;
}
@Override
protected Provider getAssetStoreProvider() {
if (assetStoreProvider == null) {
MultiAssetStoreProvider masp = new MultiAssetStoreProvider(cn, isDefaultStoreDisabled(), loggerProvider.get());
OA2AssetSerializationKeys keys = new OA2AssetSerializationKeys();
OA2AssetConverter assetConverter = new OA2AssetConverter(keys, getAssetProvider());
assetStoreProvider = masp;
masp.addListener(new FSAssetStoreProvider(cn, getAssetProvider(), assetConverter));
masp.addListener(new OA2SQLAssetStoreProvider(cn, ClientXMLTags.POSTGRESQL_STORE, getPgConnectionPoolProvider(),
getAssetProvider(), assetConverter));
masp.addListener(new OA2SQLAssetStoreProvider(cn, ClientXMLTags.MYSQL_STORE, getMySQLConnectionPoolProvider(),
getAssetProvider(), assetConverter));
masp.addListener(new OA2SQLAssetStoreProvider(cn, ClientXMLTags.MARIADB_STORE, getMariaDBConnectionPoolProvider(),
getAssetProvider(), assetConverter));
// and a memory store, So only if one is requested it is available.
masp.addListener(new TypedProvider(cn, ClientXMLTags.MEMORY_STORE, ClientXMLTags.ASSET_STORE) {
@Override
public Object componentFound(CfgEvent configurationEvent) {
if (checkEvent(configurationEvent)) {
return get();
}
return null;
}
@Override
public MemoryAssetStore get() {
return new MemoryAssetStore(getAssetProvider());
}
});
}
return assetStoreProvider;
}
protected String getErrorPagePath() {
return getCfgValue(ClientXMLTags.ERROR_PAGE_PATH);
}
protected String getSecret() {
return getCfgValue(ClientXMLTags.SECRET_KEY);
}
protected String getSuccessPagePath() {
return getCfgValue(ClientXMLTags.SUCCESS_PAGE_PATH);
}
protected String getRedirectPagePath() {
return getCfgValue(ClientXMLTags.REDIRECT_PAGE_PATH);
}
protected boolean isShowRedirectPage() {
String temp = getCfgValue(ClientXMLTags.SHOW_REDIRECT_PAGE);
if (temp == null || temp.length() == 0) return false;
return Boolean.parseBoolean(getCfgValue(ClientXMLTags.SHOW_REDIRECT_PAGE));
}
@Override
public T createInstance() {
Provider tokenForgeProvider = new Provider() {
@Override
public TokenForge get() {
return new OA2TokenForge(getId());
}
};
Provider clientProvider = new Provider() {
@Override
public Client get() {
return new Client(BasicIdentifier.newID(getId()));
}
};
// sets constants specific to this protocol.
HashMap constants = new HashMap();
constants.put(CALLBACK_URI_KEY, OA2Constants.REDIRECT_URI);
constants.put(ClientEnvironment.FORM_ENCODING, OA2Constants.FORM_ENCODING);
constants.put(ClientEnvironment.TOKEN, OA2Constants.ACCESS_TOKEN);
constants.put(ClientEnvironment.TOKEN, OA2Constants.AUTHORIZATION_CODE);
// no verifier in this protocol.
return createInstance(tokenForgeProvider, clientProvider, constants);
}
@Override
protected Provider getDSP() {
if (dsp == null) {
dsp = new Provider() {
@Override
public DelegationService get() {
return new DS2(new AGServer2(createServiceClient(getAuthzURI())), // as per spec, request for AG comes through authz endpoint.
new ATServer2(createServiceClient(getAccessTokenURI())),
new PAServer2(createServiceClient(getAssetURI())),
new UIServer2(createServiceClient(getUIURI())),
new RTServer2(createServiceClient(getAccessTokenURI())) // as per spec, refresh token server is at same endpoint as access token server.
);
}
};
}
return dsp;
}
protected URI getUIURI() {
return createServiceURI(getCfgValue(ClientXMLTags.USER_INFO_URI), getCfgValue(ClientXMLTags.BASE_URI), USER_INFO_ENDPOINT);
}
protected URI getAuthzURI() {
return createServiceURI(getCfgValue(ClientXMLTags.AUTHORIZE_TOKEN_URI), getCfgValue(ClientXMLTags.BASE_URI), AUTHORIZE_ENDPOINT);
}
}