From a4f3832328c152046b1b4e2746e4f6817898eb3a Mon Sep 17 00:00:00 2001
From: uhensler <urs.hensler@frentix.com>
Date: Mon, 7 Jan 2019 12:39:06 +0100
Subject: [PATCH] OO-3797: Configuration of the user identifier
---
.../modules/edusharing/EdusharingModule.java | 7 +
.../edusharing/GetRenderedParameter.java | 10 +-
.../manager/EdusharingHttpClient.java | 2 +-
.../manager/EdusharingServiceImpl.java | 16 ++-
.../manager/EdusharingSoapClient.java | 49 +------
.../manager/EdusharingUserFactory.java | 120 ++++++++++++++++++
.../resources/serviceconfig/olat.properties | 9 +-
7 files changed, 153 insertions(+), 60 deletions(-)
create mode 100644 src/main/java/org/olat/modules/edusharing/manager/EdusharingUserFactory.java
diff --git a/src/main/java/org/olat/modules/edusharing/EdusharingModule.java b/src/main/java/org/olat/modules/edusharing/EdusharingModule.java
index 13795aa1d9f..06975047d8f 100644
--- a/src/main/java/org/olat/modules/edusharing/EdusharingModule.java
+++ b/src/main/java/org/olat/modules/edusharing/EdusharingModule.java
@@ -82,6 +82,9 @@ public class EdusharingModule extends AbstractSpringModule implements ConfigOnOf
private String authAffiliationId;
@Value("${edusharing.auth.affiliation.name}")
private String authAffiliationName;
+
+ @Value("${edusharing.user.identifier.key:username}")
+ private String userIdentifierKey;
@Autowired
private EdusharingSecurityService edusharingSignature;
@@ -228,6 +231,10 @@ public class EdusharingModule extends AbstractSpringModule implements ConfigOnOf
setStringProperty(EDUSHARING_REPO_PUBLIC_KEY, repoPublicKeyString, true);
}
+ public String getUserIdentifierKey() {
+ return userIdentifierKey;
+ }
+
public String getAuthKeyUseriId() {
return authKeyUseriId;
}
diff --git a/src/main/java/org/olat/modules/edusharing/GetRenderedParameter.java b/src/main/java/org/olat/modules/edusharing/GetRenderedParameter.java
index d438606b0d3..4de68d90fb9 100644
--- a/src/main/java/org/olat/modules/edusharing/GetRenderedParameter.java
+++ b/src/main/java/org/olat/modules/edusharing/GetRenderedParameter.java
@@ -38,7 +38,7 @@ public class GetRenderedParameter {
private final String signed;
private final String signature;
private final String timestamp;
- private final String encryptedUsername;
+ private final String encryptedUserIdentifier;
private final String displayMode;
private String width;
private String height;
@@ -46,7 +46,7 @@ public class GetRenderedParameter {
public GetRenderedParameter(String appId, String repoId, String nodeId, String resourceId, String courseId,
String version, String locale, String language, String signed, String signature, String timestamp,
- String encryptedUsername, String displayMode) {
+ String encryptedUserIdentifier, String displayMode) {
this.appId = appId;
this.repoId = repoId;
this.nodeId = nodeId;
@@ -58,7 +58,7 @@ public class GetRenderedParameter {
this.signed = signed;
this.signature = signature;
this.timestamp = timestamp;
- this.encryptedUsername = encryptedUsername;
+ this.encryptedUserIdentifier = encryptedUserIdentifier;
this.displayMode = displayMode;
}
@@ -106,8 +106,8 @@ public class GetRenderedParameter {
return timestamp;
}
- public String getEncryptedUsername() {
- return encryptedUsername;
+ public String getEncryptedUserIdentifier() {
+ return encryptedUserIdentifier;
}
public String getDisplayMode() {
diff --git a/src/main/java/org/olat/modules/edusharing/manager/EdusharingHttpClient.java b/src/main/java/org/olat/modules/edusharing/manager/EdusharingHttpClient.java
index a1ded265558..400d063a78b 100644
--- a/src/main/java/org/olat/modules/edusharing/manager/EdusharingHttpClient.java
+++ b/src/main/java/org/olat/modules/edusharing/manager/EdusharingHttpClient.java
@@ -122,7 +122,7 @@ class EdusharingHttpClient {
sb.append("&signed=").append(parameter.getSigned());
sb.append("&sig=").append(StringHelper.urlEncodeUTF8(parameter.getSignature()));
sb.append("&ts=").append(parameter.getTimestamp());
- sb.append("&u=").append(StringHelper.urlEncodeUTF8(parameter.getEncryptedUsername()));
+ sb.append("&u=").append(StringHelper.urlEncodeUTF8(parameter.getEncryptedUserIdentifier()));
sb.append("&display=").append(parameter.getDisplayMode()); // inline / dynamic / window
if (StringHelper.containsNonWhitespace(parameter.getWidth())) {
sb.append("&width=").append(parameter.getWidth());
diff --git a/src/main/java/org/olat/modules/edusharing/manager/EdusharingServiceImpl.java b/src/main/java/org/olat/modules/edusharing/manager/EdusharingServiceImpl.java
index 29e82d45e97..199af65bd61 100644
--- a/src/main/java/org/olat/modules/edusharing/manager/EdusharingServiceImpl.java
+++ b/src/main/java/org/olat/modules/edusharing/manager/EdusharingServiceImpl.java
@@ -75,6 +75,8 @@ public class EdusharingServiceImpl implements EdusharingService {
private EdusharingConversionService conversionService;
@Autowired
private EdusharingSecurityService securityService;
+ @Autowired
+ private EdusharingUserFactory userFactory;
@Override
public Properties getConfigForRegistration() {
@@ -162,7 +164,8 @@ public class EdusharingServiceImpl implements EdusharingService {
NodeIdentifier nodeIdentifier = conversionService.toNodeIdentifier(usage.getObjectUrl());
String courseId = conversionService.toEdusharingCourseId(usage.getOlatResourceable());
EdusharingSignature signature = securityService.createSignature();
- String encryptedUsername = securityService.encrypt(edusharingModule.getRepoPublicKey(), viewer.getName());
+ String userIdentifier = userFactory.getUserIdentifier(viewer);
+ String encryptedUserIdentifier = securityService.encrypt(edusharingModule.getRepoPublicKey(), userIdentifier);
GetRenderedParameter parameter = new GetRenderedParameter(
signature.getAppId(),
@@ -176,7 +179,7 @@ public class EdusharingServiceImpl implements EdusharingService {
signature.getSigned(),
signature.getSignature(),
signature.getTimeStamp(),
- encryptedUsername,
+ encryptedUserIdentifier,
"inline");
parameter.setWidth(widthChecked);
parameter.setHeight(heightChecked);
@@ -193,7 +196,8 @@ public class EdusharingServiceImpl implements EdusharingService {
NodeIdentifier nodeIdentifier = conversionService.toNodeIdentifier(usage.getObjectUrl());
String courseId = conversionService.toEdusharingCourseId(usage.getOlatResourceable());
EdusharingSignature signature = securityService.createSignature();
- String encryptedUsername = securityService.encrypt(edusharingModule.getRepoPublicKey(), viewer.getName());
+ String userIdentifier = userFactory.getUserIdentifier(viewer);
+ String encryptedUserIdentifier = securityService.encrypt(edusharingModule.getRepoPublicKey(), userIdentifier);
String encryptedTicket = securityService.encrypt(edusharingModule.getRepoPublicKey(), ticket.getTooken());
GetRenderedParameter parameter = new GetRenderedParameter(
@@ -208,7 +212,7 @@ public class EdusharingServiceImpl implements EdusharingService {
signature.getSigned(),
signature.getSignature(),
signature.getTimeStamp(),
- encryptedUsername,
+ encryptedUserIdentifier,
"window");
parameter.setEncryptedTicket(encryptedTicket);
return client.getRenderUrl(parameter);
@@ -221,7 +225,7 @@ public class EdusharingServiceImpl implements EdusharingService {
CreateUsageParameter parameter = new CreateUsageParameter(
element.getIdentifier(),
element.getObjectUrl(),
- identity.getName(),
+ userFactory.getUserIdentifier(identity),
conversionService.toEdusharingCourseId(ores)
);
client.createUsage(parameter);
@@ -248,7 +252,7 @@ public class EdusharingServiceImpl implements EdusharingService {
DeleteUsageParameter parameter = new DeleteUsageParameter(
usage.getIdentifier(),
usage.getObjectUrl(),
- identity.getName(),
+ userFactory.getUserIdentifier(identity),
conversionService.toEdusharingCourseId(usage.getOlatResourceable())
);
client.deleteUsage(parameter);
diff --git a/src/main/java/org/olat/modules/edusharing/manager/EdusharingSoapClient.java b/src/main/java/org/olat/modules/edusharing/manager/EdusharingSoapClient.java
index 28f62c6c273..f2aec14e6d1 100644
--- a/src/main/java/org/olat/modules/edusharing/manager/EdusharingSoapClient.java
+++ b/src/main/java/org/olat/modules/edusharing/manager/EdusharingSoapClient.java
@@ -37,7 +37,6 @@ import org.edu_sharing.webservices.usage2.Usage2;
import org.edu_sharing.webservices.usage2.Usage2Exception_Exception;
import org.edu_sharing.webservices.usage2.Usage2Service;
import org.olat.core.id.Identity;
-import org.olat.core.id.User;
import org.olat.core.logging.OLog;
import org.olat.core.logging.Tracing;
import org.olat.modules.edusharing.CreateUsageParameter;
@@ -59,6 +58,8 @@ class EdusharingSoapClient {
@Autowired
private EdusharingModule edusharingModule;
+ @Autowired
+ private EdusharingUserFactory userFactory;
String createTicket(Identity identity) throws AuthenticationException {
return authenticate(identity).getTicket();
@@ -66,7 +67,7 @@ class EdusharingSoapClient {
private AuthenticationResult authenticate(Identity identity) throws AuthenticationException {
AuthByApp service = getAuthByAppService();
- List<KeyValue> ssoData = getSSOData(identity);
+ List<KeyValue> ssoData = userFactory.getSSOData(identity);
AuthenticationResult result = service.authenticateByTrustedApp(edusharingModule.getAppId(), ssoData);
if (log.isDebug()) {
String logResult = new StringBuilder()
@@ -82,50 +83,6 @@ class EdusharingSoapClient {
return result;
}
- /**
- * Key are configured in edu-sharing configuration: edu-sharing-sso-context.xml
- *
- * @return
- */
- private List<KeyValue> getSSOData(Identity identity) {
- List<KeyValue> ssoData = new ArrayList<>();
-
- // mandatory
- KeyValue userId = new KeyValue();
- userId.setKey(edusharingModule.getAuthKeyUseriId());
- userId.setValue(identity.getName());
- ssoData.add(userId);
-
- // optional
- User user = identity.getUser();
- KeyValue lastname = new KeyValue();
- lastname.setKey(edusharingModule.getAuthKeyLastname());
- lastname.setValue(user.getLastName());
- ssoData.add(lastname);
-
- KeyValue firstname = new KeyValue();
- firstname.setKey(edusharingModule.getAuthKeyFirstname());
- firstname.setValue(user.getFirstName());
- ssoData.add(firstname);
-
- KeyValue email = new KeyValue();
- email.setKey(edusharingModule.getAuthKeyEmail());
- email.setValue(user.getEmail());
- ssoData.add(email);
-
- KeyValue affiliationId = new KeyValue();
- affiliationId.setKey("affiliation");
- affiliationId.setValue(edusharingModule.getAuthAffiliationId());
- ssoData.add(affiliationId);
-
- KeyValue affiliationName = new KeyValue();
- affiliationName.setKey("affiliationname");
- affiliationName.setValue(edusharingModule.getAuthAffiliationName());
- ssoData.add(affiliationName);
-
- return ssoData;
- }
-
boolean valdateTicket(String ticket) throws AuthenticationException {
AuthByApp service = getAuthByAppService();
return service.checkTicket(ticket);
diff --git a/src/main/java/org/olat/modules/edusharing/manager/EdusharingUserFactory.java b/src/main/java/org/olat/modules/edusharing/manager/EdusharingUserFactory.java
new file mode 100644
index 00000000000..70b315c0571
--- /dev/null
+++ b/src/main/java/org/olat/modules/edusharing/manager/EdusharingUserFactory.java
@@ -0,0 +1,120 @@
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.modules.edusharing.manager;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.edu_sharing.webservices.types.KeyValue;
+import org.olat.core.id.Identity;
+import org.olat.core.id.User;
+import org.olat.core.util.StringHelper;
+import org.olat.modules.edusharing.EdusharingModule;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+/**
+ *
+ * Initial date: 7 Jan 2019<br>
+ * @author uhensler, urs.hensler@frentix.com, http://www.frentix.com
+ *
+ */
+@Component
+class EdusharingUserFactory {
+
+ @Autowired
+ private EdusharingModule edusharingModule;
+
+ String getUserIdentifier(Identity identity) {
+ String identifier;
+
+ switch (edusharingModule.getUserIdentifierKey()) {
+ case "username":
+ identifier = identity.getName();
+ break;
+ case "email":
+ identifier = identity.getUser().getEmail();
+ break;
+ default:
+ identifier = null;
+ }
+
+ return StringHelper.blankIfNull(identifier);
+ }
+
+ /**
+ * Key are configured in edu-sharing configuration: edu-sharing-sso-context.xml
+ *
+ * @return
+ */
+ List<KeyValue> getSSOData(Identity identity) {
+ List<KeyValue> ssoData = new ArrayList<>();
+
+ // mandatory
+ KeyValue userId = new KeyValue();
+ userId.setKey(edusharingModule.getAuthKeyUseriId());
+ userId.setValue(getUserIdentifier(identity));
+ ssoData.add(userId);
+
+ // optional
+ User user = identity.getUser();
+
+ if (StringHelper.containsNonWhitespace(edusharingModule.getAuthKeyLastname())
+ && StringHelper.containsNonWhitespace(user.getLastName())) {
+ KeyValue lastname = new KeyValue();
+ lastname.setKey(edusharingModule.getAuthKeyLastname());
+ lastname.setValue(user.getLastName());
+ ssoData.add(lastname);
+ }
+
+ if (StringHelper.containsNonWhitespace(edusharingModule.getAuthKeyFirstname())
+ && StringHelper.containsNonWhitespace(user.getFirstName())) {
+ KeyValue firstname = new KeyValue();
+ firstname.setKey(edusharingModule.getAuthKeyFirstname());
+ firstname.setValue(user.getFirstName());
+ ssoData.add(firstname);
+ }
+
+ if (StringHelper.containsNonWhitespace(edusharingModule.getAuthKeyEmail())
+ && StringHelper.containsNonWhitespace(user.getEmail())) {
+ KeyValue email = new KeyValue();
+ email.setKey(edusharingModule.getAuthKeyEmail());
+ email.setValue(user.getEmail());
+ ssoData.add(email);
+ }
+
+ if (StringHelper.containsNonWhitespace(edusharingModule.getAuthAffiliationId())) {
+ KeyValue affiliationId = new KeyValue();
+ affiliationId.setKey("affiliation");
+ affiliationId.setValue(edusharingModule.getAuthAffiliationId());
+ ssoData.add(affiliationId);
+ }
+
+ if (StringHelper.containsNonWhitespace(edusharingModule.getAuthAffiliationName())) {
+ KeyValue affiliationName = new KeyValue();
+ affiliationName.setKey("affiliationname");
+ affiliationName.setValue(edusharingModule.getAuthAffiliationName());
+ ssoData.add(affiliationName);
+ }
+
+ return ssoData;
+ }
+
+}
diff --git a/src/main/resources/serviceconfig/olat.properties b/src/main/resources/serviceconfig/olat.properties
index 7f18d40fa96..3216a91e7a4 100644
--- a/src/main/resources/serviceconfig/olat.properties
+++ b/src/main/resources/serviceconfig/olat.properties
@@ -1446,13 +1446,18 @@ edusharing.app.id=
# IP address of the OpenOLAT instance
edusharing.host=
edusharing.ticket.valid.seconds=10
+
+# User attribute to pass as userid to edu-sharing
+edusharing.user.identifier.key=username
+edusharing.user.identifier.key.values=username,email
+
# Names of user attributes are configurable in edu-sharing. Use the same names here.
edusharing.auth.key.userid=userid
edusharing.auth.key.lastname=lastname
edusharing.auth.key.firstname=firstname
edusharing.auth.key.email=email
-edusharing.auth.affiliation.id=${instance.issuer.identifier}
-edusharing.auth.affiliation.name=${instance.issuer.identifier}
+edusharing.auth.affiliation.id=${instance.id}
+edusharing.auth.affiliation.name=${instance.id}
########################################
# Options for monitoring
--
GitLab