View Javadoc
1   /*
2    * Copyright (c) 2002-2014, Mairie de Paris
3    * All rights reserved.
4    *
5    * Redistribution and use in source and binary forms, with or without
6    * modification, are permitted provided that the following conditions
7    * are met:
8    *
9    *  1. Redistributions of source code must retain the above copyright notice
10   *     and the following disclaimer.
11   *
12   *  2. Redistributions in binary form must reproduce the above copyright notice
13   *     and the following disclaimer in the documentation and/or other materials
14   *     provided with the distribution.
15   *
16   *  3. Neither the name of 'Mairie de Paris' nor 'Lutece' nor the names of its
17   *     contributors may be used to endorse or promote products derived from
18   *     this software without specific prior written permission.
19   *
20   * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
21   * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22   * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23   * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE
24   * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
25   * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
26   * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
27   * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
28   * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
29   * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
30   * POSSIBILITY OF SUCH DAMAGE.
31   *
32   * License 1.0
33   */
34  package fr.paris.lutece.plugins.mylutece.modules.oauth.web;
35  
36  import fr.paris.lutece.plugins.mylutece.modules.oauth.authentication.OAuthAuthentication;
37  import fr.paris.lutece.plugins.mylutece.modules.oauth.authentication.OAuthAuthenticationFactory;
38  import fr.paris.lutece.plugins.mylutece.modules.oauth.service.OAuthPlugin;
39  import fr.paris.lutece.plugins.mylutece.modules.oauth.service.OAuthService;
40  import fr.paris.lutece.portal.service.message.AdminMessage;
41  import fr.paris.lutece.portal.service.message.AdminMessageService;
42  import fr.paris.lutece.portal.service.plugin.Plugin;
43  import fr.paris.lutece.portal.service.plugin.PluginService;
44  import fr.paris.lutece.portal.service.spring.SpringContextService;
45  import fr.paris.lutece.portal.service.template.AppTemplateService;
46  import fr.paris.lutece.portal.service.util.AppPropertiesService;
47  import fr.paris.lutece.portal.web.admin.PluginAdminPageJspBean;
48  import fr.paris.lutece.portal.web.constants.Messages;
49  import fr.paris.lutece.portal.web.constants.Parameters;
50  import fr.paris.lutece.portal.web.util.LocalizedPaginator;
51  import fr.paris.lutece.util.html.HtmlTemplate;
52  import fr.paris.lutece.util.html.Paginator;
53  import fr.paris.lutece.util.sort.AttributeComparator;
54  import fr.paris.lutece.util.url.UrlItem;
55  
56  import org.apache.commons.lang.StringUtils;
57  
58  import java.util.Collections;
59  import java.util.HashMap;
60  import java.util.List;
61  import java.util.Map;
62  
63  import javax.servlet.http.HttpServletRequest;
64  
65  
66  /**
67   * OAuthJspBean : provides crud operation for {@link OAuthAuthentication}
68   */
69  public class OAuthJspBean extends PluginAdminPageJspBean
70  {
71      public static final String RIGHT_MANAGE_OAUTH = "OAUTH_MANAGEMENT";
72      
73      private static final String PARAMETER_OAUTH_ID = "oauth_id";
74      private static final String PARAMETER_CANCEL = "cancel";
75      private static final String PARAMETER_AUTH_NAME = "auth_name";
76      private static final String PARAMETER_AUTH_SERVICE_NAME = "auth_service_name";
77      private static final String PARAMETER_AUTH_ICON_URL = "auth_icon_url";
78      private static final String PARAMETER_REQUEST_TOKEN_URL = "request_token_url";
79      private static final String PARAMETER_ACCESS_TOKEN_URL = "access_token_url";
80      private static final String PARAMETER_AUTHORIZE_URL = "authorize_url";
81      private static final String PARAMETER_CONSUMER_KEY = "consumer_key";
82      private static final String PARAMETER_CONSUMER_SECRET = "consumer_secret";
83      private static final String PARAMETER_CREDENTIAL_URL = "credential_url";
84      private static final String PARAMETER_CREDENTIAL_FORMAT = "credential_format";
85      private static final String JSP_DO_REMOVE_OAUTH = "jsp/admin/plugins/mylutece/modules/oauth/DoRemoveOAuth.jsp";
86      private static final String PROPERTY_PAGE_TITLE_MANAGE_OAUTH = "module.mylutece.oauth.manage_oauth.pageTitle";
87      private static final String PROPERTY_PAGE_TITLE_CREATE_OAUTH = "module.mylutece.oauth.create_oauth.pageTitle";
88      private static final String PROPERTY_PAGE_TITLE_MODIFY_OAUTH = "module.mylutece.oauth.modify_oauth.pageTitle";
89      private static final String MESSAGE_CONFIRM_REMOVE_OAUTH = "module.mylutece.oauth.message.confirmRemoveOAuth";
90      private static final String TEMPLATE_MANAGE_OAUTH = "admin/plugins/mylutece/modules/oauth/manage_oauth.html";
91      private static final String TEMPLATE_CREATE_OAUTH = "admin/plugins/mylutece/modules/oauth/create_oauth.html";
92      private static final String TEMPLATE_MODIFY_OAUTH = "admin/plugins/mylutece/modules/oauth/modify_oauth.html";
93  
94      /**
95       * FIXME : remove
96       */
97      private static final String CONSTANT_PROTOCOL_VERSION = "10a";
98  
99      // Properties
100     private static final String PROPERTY_OAUTH_PER_PAGE = "mylutece-oauth.itemsPerPage";
101 
102     // Marks
103     private static final String MARK_LIST_OAUTH = "oauth_list";
104     private static final String MARK_PAGINATOR = "paginator";
105     private static final String MARK_NB_ITEMS_PER_PAGE = "nb_items_per_page";
106     private static final String MARK_OAUTH = "oauth";
107 
108     // Variables
109     private int _nItemsPerPage;
110     private int _nDefaultItemsPerPage;
111     private String _strCurrentPageIndex;
112     private OAuthAuthenticationFactory _factory;
113     private OAuthService _service;
114 
115     /**
116      * Constructor
117      */
118     public OAuthJspBean(  )
119     {
120         _factory = (OAuthAuthenticationFactory) SpringContextService.getBean( "mylutece-oauth.authenticationFactory" );
121         _service = (OAuthService) SpringContextService.getBean( "mylutece-oauth.oauthService" );
122     }
123 
124     /**
125      * 
126      *{@inheritDoc}
127      */
128     @Override
129     public Plugin getPlugin(  )
130     {
131         return PluginService.getPlugin( OAuthPlugin.PLUGIN_NAME );
132     }
133 
134     /**
135      * Gets the list
136      * @param request the request
137      * @return html code
138      */
139     public String getManageOAuth( HttpServletRequest request )
140     {
141         setPageTitleProperty( PROPERTY_PAGE_TITLE_MANAGE_OAUTH );
142 
143         List<OAuthAuthentication> listAuthentication = _service.getListAuthentication(  );
144 
145         _nDefaultItemsPerPage = AppPropertiesService.getPropertyInt( PROPERTY_OAUTH_PER_PAGE, 10 );
146         _strCurrentPageIndex = Paginator.getPageIndex( request, Paginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex );
147         _nItemsPerPage = Paginator.getItemsPerPage( request, Paginator.PARAMETER_ITEMS_PER_PAGE, _nItemsPerPage,
148                 _nDefaultItemsPerPage );
149 
150         // SORT
151         String strSortedAttributeName = request.getParameter( Parameters.SORTED_ATTRIBUTE_NAME );
152         String strAscSort = null;
153 
154         if ( strSortedAttributeName != null )
155         {
156             strAscSort = request.getParameter( Parameters.SORTED_ASC );
157 
158             boolean bIsAscSort = Boolean.parseBoolean( strAscSort );
159 
160             Collections.sort( listAuthentication, new AttributeComparator( strSortedAttributeName, bIsAscSort ) );
161         }
162 
163         String strURL = getHomeUrl( request );
164         UrlItem url = new UrlItem( strURL );
165 
166         if ( strSortedAttributeName != null )
167         {
168             url.addParameter( Parameters.SORTED_ATTRIBUTE_NAME, strSortedAttributeName );
169         }
170 
171         if ( strAscSort != null )
172         {
173             url.addParameter( Parameters.SORTED_ASC, strAscSort );
174         }
175 
176         LocalizedPaginator<OAuthAuthentication> paginator = new LocalizedPaginator<OAuthAuthentication>( (List<OAuthAuthentication>) listAuthentication,
177                 _nItemsPerPage, url.getUrl(  ), Paginator.PARAMETER_PAGE_INDEX, _strCurrentPageIndex, getLocale(  ) );
178 
179         Map<String, Object> model = new HashMap<String, Object>(  );
180 
181         model.put( MARK_LIST_OAUTH, paginator.getPageItems(  ) );
182         model.put( MARK_PAGINATOR, paginator );
183         model.put( MARK_NB_ITEMS_PER_PAGE, "" + _nItemsPerPage );
184 
185         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MANAGE_OAUTH, getLocale(  ), model );
186 
187         return getAdminPage( template.getHtml(  ) );
188     }
189 
190     /**
191      * Get create form
192      * @param request the request
193      * @return html code
194      */
195     public String getCreateOAuth( HttpServletRequest request )
196     {
197         setPageTitleProperty( PROPERTY_PAGE_TITLE_CREATE_OAUTH );
198 
199         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_CREATE_OAUTH, getLocale(  ) );
200 
201         return getAdminPage( template.getHtml(  ) );
202     }
203 
204     /**
205      * Gets modify form
206      * @param request the reuqest
207      * @return html code
208      */
209     public String getModifyOAuth( HttpServletRequest request )
210     {
211         setPageTitleProperty( PROPERTY_PAGE_TITLE_MODIFY_OAUTH );
212 
213         String strAuthName = request.getParameter( PARAMETER_OAUTH_ID );
214 
215         OAuthAuthentication authentication = _service.getAuthentication( strAuthName );
216 
217         Map<String, Object> model = new HashMap<String, Object>(  );
218         model.put( MARK_OAUTH, authentication );
219 
220         HtmlTemplate template = AppTemplateService.getTemplate( TEMPLATE_MODIFY_OAUTH, getLocale(  ), model );
221 
222         return getAdminPage( template.getHtml(  ) );
223     }
224 
225     /**
226      * Modifies the auth
227      * @param request the request
228      * @return url
229      */
230     public String doModifyOAuth( HttpServletRequest request )
231     {
232         if ( request.getParameter( PARAMETER_CANCEL ) != null )
233         {
234             return getHomeUrl( request );
235         }
236 
237         String strAuthName = request.getParameter( PARAMETER_AUTH_NAME );
238 
239         OAuthAuthentication authentication = _service.getAuthentication( strAuthName );
240 
241         if ( authentication != null )
242         {
243             String strErrorUrl = getOAuthData( authentication, request );
244 
245             if ( strErrorUrl != null )
246             {
247                 return strErrorUrl;
248             }
249 
250             _service.updateAuthentication( authentication, getPlugin(  ) );
251         }
252 
253         return getHomeUrl( request );
254     }
255 
256     /**
257      * Creates an authentication
258      * @param request the request
259      * @return url
260      */
261     public String doCreateOAuth( HttpServletRequest request )
262     {
263         if ( request.getParameter( PARAMETER_CANCEL ) != null )
264         {
265             return getHomeUrl( request );
266         }
267 
268         // for future usage (support multiple version)
269         OAuthAuthentication authentication = _factory.newAuthentication( CONSTANT_PROTOCOL_VERSION );
270         String strError = getOAuthData( authentication, request );
271 
272         if ( strError != null )
273         {
274             return strError;
275         }
276 
277         _service.createNewAuthentication( authentication, getPlugin(  ) );
278 
279         return getHomeUrl( request );
280     }
281 
282     /**
283      * Gets the confirm message url
284      * @param request the request
285      * @return url
286      */
287     public String getConfirmRemoveOAuth( HttpServletRequest request )
288     {
289         Map<String, String> requestParameters = new HashMap<String, String>(  );
290         requestParameters.put( PARAMETER_OAUTH_ID, request.getParameter( PARAMETER_OAUTH_ID ) );
291 
292         return AdminMessageService.getMessageUrl( request, MESSAGE_CONFIRM_REMOVE_OAUTH, JSP_DO_REMOVE_OAUTH,
293             AdminMessage.TYPE_CONFIRMATION, requestParameters );
294     }
295 
296     /**
297      * Removes the authentication
298      * @param request the request
299      * @return url
300      */
301     public String doRemoveOAuth( HttpServletRequest request )
302     {
303         String strOAuthId = request.getParameter( PARAMETER_OAUTH_ID );
304         _service.removeAuthentication( strOAuthId, getPlugin(  ) );
305 
306         return getHomeUrl( request );
307     }
308 
309     /**
310      * Gets data from request
311      * @param auth the auth to fill
312      * @param request the request
313      * @return message url if any error, <code>null</code> otherwise.
314      */
315     private String getOAuthData( OAuthAuthentication auth, HttpServletRequest request )
316     {
317         String strName = request.getParameter( PARAMETER_AUTH_NAME );
318         String strServiceName = request.getParameter( PARAMETER_AUTH_SERVICE_NAME );
319         String strIconUrl = request.getParameter( PARAMETER_AUTH_ICON_URL );
320         String strRequestTokenUrl = request.getParameter( PARAMETER_REQUEST_TOKEN_URL );
321         String strAccessTokenUrl = request.getParameter( PARAMETER_ACCESS_TOKEN_URL );
322         String strAuthorizeUrl = request.getParameter( PARAMETER_AUTHORIZE_URL );
323         String strConsumerKey = request.getParameter( PARAMETER_CONSUMER_KEY );
324         String strConsumerSecret = request.getParameter( PARAMETER_CONSUMER_SECRET );
325         String strCredentialUrl = request.getParameter( PARAMETER_CREDENTIAL_URL );
326         String strCredentialFormat = request.getParameter( PARAMETER_CREDENTIAL_FORMAT );
327 
328         if ( isOneBlank( strName, strServiceName, strIconUrl, strRequestTokenUrl, strAccessTokenUrl, strAuthorizeUrl,
329                     strConsumerKey, strConsumerSecret, strCredentialUrl, strCredentialFormat ) )
330         {
331             return AdminMessageService.getMessageUrl( request, Messages.MANDATORY_FIELDS, AdminMessage.TYPE_STOP );
332         }
333 
334         auth.setName( strName );
335         auth.setAuthServiceName( strServiceName );
336         auth.setIconUrl( strIconUrl );
337         auth.setRequestTokenEndpointUrl( strRequestTokenUrl );
338         auth.setAccessTokenEndpointUrl( strAccessTokenUrl );
339         auth.setAuthorizeWebsiteUrl( strAuthorizeUrl );
340         auth.setConsumerKey( strConsumerKey );
341         auth.setConsumerSecret( strConsumerSecret );
342         auth.setCredentialUrl( strCredentialUrl );
343         auth.setCredentialFormat( strCredentialFormat );
344 
345         return null;
346     }
347 
348     /**
349      * Finds if at least one value is blank
350      * @param values the values to test
351      * @return <code>true</code> if at least one value is blank, <code>null</code> otherwise.
352      */
353     private boolean isOneBlank( String... values )
354     {
355         for ( String strValue : values )
356         {
357             if ( StringUtils.isBlank( strValue ) )
358             {
359                 return true;
360             }
361         }
362 
363         return false;
364     }
365 }