org.openiot.security.oauth.OAuth20ProfileController.java Source code

Java tutorial

  1. HOME
  2. Java
  3. org.openiot.security.oauth.OAuth20ProfileController.java

Introduction

Here is the source code for org.openiot.security.oauth.OAuth20ProfileController.java

Source

/**
 * Copyright (c) 2011-2014, OpenIoT
 *
 * This library is free software; you can redistribute it and/or
 * modify it either under the terms of the GNU Lesser General Public
 * License version 2.1 as published by the Free Software Foundation
 * (the "LGPL"). If you do not alter this
 * notice, a recipient may use your version of this file under the LGPL.
 *
 * You should have received a copy of the LGPL along with this library
 * in the file COPYING-LGPL-2.1; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY
 * OF ANY KIND, either express or implied. See the LGPL  for
 * the specific language governing rights and limitations.
 *
 * Contact: OpenIoT mailto: info@openiot.eu
 */

package org.openiot.security.oauth;

import java.util.Map;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang.StringUtils;
import org.jasig.cas.authentication.principal.Principal;
import org.jasig.cas.support.oauth.OAuthConstants;
import org.jasig.cas.support.oauth.profile.CasWrapperProfile;
import org.jasig.cas.ticket.TicketGrantingTicket;
import org.jasig.cas.ticket.registry.TicketRegistry;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.ModelAndView;
import org.springframework.web.servlet.mvc.AbstractController;

import com.fasterxml.jackson.core.JsonFactory;
import com.fasterxml.jackson.core.JsonGenerator;

/**
 * This controller returns a profile for the authenticated user (identifier +
 * attributes), found with the access token (CAS granting ticket).
 * 
 * @author Jerome Leleu
 * @author Mehdi Riahi
 */
public final class OAuth20ProfileController extends AbstractController {

    private static Logger log = LoggerFactory.getLogger(OAuth20ProfileController.class);

    private final TicketRegistry ticketRegistry;

    public OAuth20ProfileController(final TicketRegistry ticketRegistry) {
        this.ticketRegistry = ticketRegistry;
    }

    @Override
    protected ModelAndView handleRequestInternal(final HttpServletRequest request,
            final HttpServletResponse response) throws Exception {
        final String accessToken = request.getParameter(OAuthConstants.ACCESS_TOKEN);
        log.debug("accessToken : {}", accessToken);

        final JsonFactory jsonFactory = new JsonFactory();
        final JsonGenerator jsonGenerator = jsonFactory.createJsonGenerator(response.getWriter());

        response.setContentType("application/json");

        // accessToken is required
        if (StringUtils.isBlank(accessToken)) {
            log.error("missing accessToken");
            jsonGenerator.writeStartObject();
            jsonGenerator.writeStringField("error", OAuthConstants.MISSING_ACCESS_TOKEN);
            jsonGenerator.writeEndObject();
            jsonGenerator.close();
            response.flushBuffer();
            return null;
        }

        // get ticket granting ticket
        final TicketGrantingTicket ticketGrantingTicket = (TicketGrantingTicket) this.ticketRegistry
                .getTicket(accessToken);
        if (ticketGrantingTicket == null || ticketGrantingTicket.isExpired()) {
            log.error("expired accessToken : {}", accessToken);
            jsonGenerator.writeStartObject();
            jsonGenerator.writeStringField("error", OAuthConstants.EXPIRED_ACCESS_TOKEN);
            jsonGenerator.writeEndObject();
            jsonGenerator.close();
            response.flushBuffer();
            return null;
        }

        // generate profile : identifier + attributes
        final Principal principal = ticketGrantingTicket.getAuthentication().getPrincipal();
        jsonGenerator.writeStartObject();
        jsonGenerator.writeStringField(CasWrapperProfile.ID, principal.getId());
        jsonGenerator.writeArrayFieldStart(CasWrapperProfile.ATTRIBUTES);
        final Map<String, Object> attributes = principal.getAttributes();
        for (final String key : attributes.keySet()) {
            jsonGenerator.writeStartObject();
            Object vals = attributes.get(key);
            if (vals instanceof Iterable<?>) {
                jsonGenerator.writeArrayFieldStart(key);
                for (final Object value : (Iterable<?>) vals)
                    jsonGenerator.writeString(value.toString());
                jsonGenerator.writeEndArray();
            } else if ("role_name".equals(key)) {
                jsonGenerator.writeArrayFieldStart(key);
                if (!StringUtils.isBlank((String) vals))
                    jsonGenerator.writeString(vals.toString());
                jsonGenerator.writeEndArray();
            } else
                jsonGenerator.writeObjectField(key, attributes.get(key));

            jsonGenerator.writeEndObject();
        }
        jsonGenerator.writeEndArray();
        jsonGenerator.writeEndObject();
        jsonGenerator.close();
        response.flushBuffer();
        return null;
    }

    static void setLogger(final Logger aLogger) {
        log = aLogger;
    }
}