CL-436: custom OAuth provider

e6114b76 · srosse · e342506e · e6114b76 · e6114b76 · e6114b76
Commit e6114b76 authored 9 years ago by srosse
--- a/src/main/java/org/olat/login/oauth/spi/PantherApi.java
+++ b/src/main/java/org/olat/login/oauth/spi/PantherApi.java
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.login.oauth.spi;
+
+import org.scribe.builder.api.DefaultApi20;
+import org.scribe.extractors.AccessTokenExtractor;
+import org.scribe.extractors.JsonTokenExtractor;
+import org.scribe.model.OAuthConfig;
+import org.scribe.model.OAuthConstants;
+import org.scribe.model.OAuthRequest;
+import org.scribe.model.Response;
+import org.scribe.model.Token;
+import org.scribe.model.Verb;
+import org.scribe.model.Verifier;
+import org.scribe.oauth.OAuth20ServiceImpl;
+import org.scribe.oauth.OAuthService;
+import org.scribe.utils.OAuthEncoder;
+
+/**
+ * 
+ * Initial date: 10.09.2015<br>
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ *
+ */
+public class PantherApi extends DefaultApi20 {
+	
+	private static final String AUTHORIZE_URL = "https://author.hamilton-medical.com/.oauth/auth?client_id=%s&redirect_uri=%s&response_type=code";
+
+	@Override
+	public String getAccessTokenEndpoint() {
+		return "https://author.hamilton-medical.com/.oauth/token";
+	}
+
+	@Override
+	public String getAuthorizationUrl(OAuthConfig config) {
+		return String.format(AUTHORIZE_URL, config.getApiKey(), OAuthEncoder.encode(config.getCallback()));
+	}
+
+	@Override
+	public OAuthService createService(OAuthConfig config) {
+		return new PantherOAuth2Service(this, config);
+	}
+
+	@Override
+	public Verb getAccessTokenVerb() {
+		return Verb.POST;
+	}
+
+	@Override
+	public AccessTokenExtractor getAccessTokenExtractor() {
+        return new JsonTokenExtractor();
+	}
+	
+    private final static class PantherOAuth2Service extends OAuth20ServiceImpl {
+
+        private static final String GRANT_TYPE_AUTHORIZATION_CODE = "authorization_code";
+        private static final String GRANT_TYPE = "grant_type";
+        private DefaultApi20 api;
+        private OAuthConfig config;
+
+        public PantherOAuth2Service(DefaultApi20 api, OAuthConfig config) {
+            super(api, config);
+            this.api = api;
+            this.config = config;
+        }
+        
+        @Override
+        public Token getAccessToken(Token requestToken, Verifier verifier) {
+            OAuthRequest request = new OAuthRequest(api.getAccessTokenVerb(), api.getAccessTokenEndpoint());
+            switch (api.getAccessTokenVerb()) {
+	            case POST:
+	                request.addBodyParameter(OAuthConstants.CLIENT_ID, config.getApiKey());
+	                request.addBodyParameter(OAuthConstants.CLIENT_SECRET, config.getApiSecret());
+	                request.addBodyParameter(OAuthConstants.CODE, verifier.getValue());
+	                request.addBodyParameter(OAuthConstants.REDIRECT_URI, config.getCallback());
+	                request.addBodyParameter(GRANT_TYPE, GRANT_TYPE_AUTHORIZATION_CODE);
+	                break;
+	            case GET:
+	            default:
+	                request.addQuerystringParameter(OAuthConstants.CLIENT_ID, config.getApiKey());
+	                request.addQuerystringParameter(OAuthConstants.CLIENT_SECRET, config.getApiSecret());
+	                request.addQuerystringParameter(OAuthConstants.CODE, verifier.getValue());
+	                request.addQuerystringParameter(OAuthConstants.REDIRECT_URI, config.getCallback());
+	                if(config.hasScope()) request.addQuerystringParameter(OAuthConstants.SCOPE, config.getScope());
+            }
+            Response response = request.send();
+            return api.getAccessTokenExtractor().extract(response.getBody());
+        }
+    }
+}
--- a/src/main/java/org/olat/login/oauth/spi/PantherProvider.java
+++ b/src/main/java/org/olat/login/oauth/spi/PantherProvider.java
+/**
+ * <a href="http://www.openolat.org">
+ * OpenOLAT - Online Learning and Training</a><br>
+ * <p>
+ * Licensed under the Apache License, Version 2.0 (the "License"); <br>
+ * you may not use this file except in compliance with the License.<br>
+ * You may obtain a copy of the License at the
+ * <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache homepage</a>
+ * <p>
+ * Unless required by applicable law or agreed to in writing,<br>
+ * software distributed under the License is distributed on an "AS IS" BASIS, <br>
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. <br>
+ * See the License for the specific language governing permissions and <br>
+ * limitations under the License.
+ * <p>
+ * Initial code contributed and copyrighted by<br>
+ * frentix GmbH, http://www.frentix.com
+ * <p>
+ */
+package org.olat.login.oauth.spi;
+
+import org.json.JSONException;
+import org.json.JSONObject;
+import org.olat.core.logging.OLog;
+import org.olat.core.logging.Tracing;
+import org.olat.core.util.StringHelper;
+import org.olat.login.oauth.OAuthSPI;
+import org.olat.login.oauth.model.OAuthUser;
+import org.scribe.builder.api.Api;
+import org.scribe.model.OAuthRequest;
+import org.scribe.model.Response;
+import org.scribe.model.Token;
+import org.scribe.model.Verb;
+import org.scribe.oauth.OAuthService;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+
+/**
+ * 
+ * Initial date: 10.09.2015<br>
+ * @author srosse, stephane.rosse@frentix.com, http://www.frentix.com
+ *
+ */
+@Service
+public class PantherProvider implements OAuthSPI {
+	
+	private static final OLog log = Tracing.createLoggerFor(PantherProvider.class);
+
+	@Value("${oauth.panther.enabled:disabled}")
+	private String enabled;
+	@Value("${oauth.panther.appKey:null}")
+	private String appKey;
+	@Value("${oauth.panther.appSecret:null}")
+	private String appSecret;
+	
+	@Override
+	public boolean isEnabled() {
+		return "enabled".equals(enabled);
+	}
+
+	@Override
+	public Class<? extends Api> getScribeProvider() {
+		return PantherApi.class;
+	}
+
+	@Override
+	public String getName() {
+		return "panther";
+	}
+
+	@Override
+	public String getProviderName() {
+		return "PANTHER";
+	}
+
+	@Override
+	public String getIconCSS() {
+		return "o_icon o_icon_provider_panther";
+	}
+
+	@Override
+	public String getAppKey() {
+		return appKey;
+	}
+
+	@Override
+	public String getAppSecret() {
+		return appSecret;
+	}
+
+	@Override
+	public String[] getScopes() {
+		return new String[0];
+	}
+
+	@Override
+	public OAuthUser getUser(OAuthService service, Token accessToken) {
+		OAuthRequest oauthRequest = new OAuthRequest(Verb.GET, "https://author.hamilton-medical.com/.oauth/userinfo"); 
+		service.signRequest(accessToken, oauthRequest);
+		Response oauthResponse = oauthRequest.send();
+		String body = oauthResponse.getBody();
+		return parseInfos(body);
+	}
+	
+	public OAuthUser parseInfos(String body) {
+		OAuthUser user = new OAuthUser();
+		
+		try {
+			JSONObject obj = new JSONObject(body);
+			JSONObject properties = obj.getJSONObject("properties");
+			user.setId(getValue(properties, "username"));
+			user.setFirstName(getValue(properties, "firstName"));
+			user.setLastName(getValue(properties, "lastName"));
+			user.setLang(getValue(properties, "language"));
+			user.setInstitutionalUserIdentifier(getValue(properties, "aarcMemberID"));
+			user.setEmail(getValue(properties, "email"));
+		} catch (JSONException e) {
+			log.error("", e);
+		}
+		
+		return user;
+	}
+	
+	private String getValue(JSONObject obj, String property) {
+		String value = obj.optString(property);
+		return StringHelper.containsNonWhitespace(value) ? value : null;
+	}
+}
--- a/src/main/java/org/olat/login/oauth/ui/_i18n/LocalStrings_de.properties
+++ b/src/main/java/org/olat/login/oauth/ui/_i18n/LocalStrings_de.properties
@@ -29,6 +29,7 @@ login.linkedin=LinkedIn
 login.twitter=Twitter
 login.google=Google+
 login.adfs=ADFS
+login.panther=My Hamilton
 twitter.admin.title=Twitter Konfiguration
 twitter.enabled=Twitter
 twitter.api.id=Consumer key (App key)

--- a/src/main/java/org/olat/login/oauth/ui/_i18n/LocalStrings_en.properties
+++ b/src/main/java/org/olat/login/oauth/ui/_i18n/LocalStrings_en.properties
@@ -34,6 +34,7 @@ login.adfs=ADFS
 login.facebook=Facebook
 login.google=Google+
 login.linkedin=LinkedIn
+login.panther=My Hamilton
 login.twitter=Twitter
 oauth.admin.title=OAuth configuration
 twitter.admin.title=Twitter configuration