001/******************************************************************************* 002 * Copyright 2017 The MIT Internet Trust Consortium 003 * 004 * Portions copyright 2011-2013 The MITRE Corporation 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); 007 * you may not use this file except in compliance with the License. 008 * You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 *******************************************************************************/ 018package org.mitre.openid.connect.service.impl; 019 020import java.util.Collection; 021import java.util.Date; 022import java.util.List; 023import java.util.Set; 024 025import org.mitre.oauth2.model.OAuth2AccessTokenEntity; 026import org.mitre.oauth2.repository.OAuth2TokenRepository; 027import org.mitre.openid.connect.model.ApprovedSite; 028import org.mitre.openid.connect.repository.ApprovedSiteRepository; 029import org.mitre.openid.connect.service.ApprovedSiteService; 030import org.mitre.openid.connect.service.StatsService; 031import org.slf4j.Logger; 032import org.slf4j.LoggerFactory; 033import org.springframework.beans.factory.annotation.Autowired; 034import org.springframework.security.oauth2.provider.ClientDetails; 035import org.springframework.stereotype.Service; 036import org.springframework.transaction.annotation.Transactional; 037 038import com.google.common.base.Predicate; 039import com.google.common.collect.Collections2; 040 041/** 042 * Implementation of the ApprovedSiteService 043 * 044 * @author Michael Joseph Walsh, aanganes 045 * 046 */ 047@Service("defaultApprovedSiteService") 048public class DefaultApprovedSiteService implements ApprovedSiteService { 049 050 /** 051 * Logger for this class 052 */ 053 private static final Logger logger = LoggerFactory.getLogger(DefaultApprovedSiteService.class); 054 055 @Autowired 056 private ApprovedSiteRepository approvedSiteRepository; 057 058 @Autowired 059 private OAuth2TokenRepository tokenRepository; 060 061 @Autowired 062 private StatsService statsService; 063 064 @Override 065 public Collection<ApprovedSite> getAll() { 066 return approvedSiteRepository.getAll(); 067 } 068 069 @Override 070 @Transactional(value="defaultTransactionManager") 071 public ApprovedSite save(ApprovedSite approvedSite) { 072 ApprovedSite a = approvedSiteRepository.save(approvedSite); 073 statsService.resetCache(); 074 return a; 075 } 076 077 @Override 078 public ApprovedSite getById(Long id) { 079 return approvedSiteRepository.getById(id); 080 } 081 082 @Override 083 @Transactional(value="defaultTransactionManager") 084 public void remove(ApprovedSite approvedSite) { 085 086 //Remove any associated access and refresh tokens 087 List<OAuth2AccessTokenEntity> accessTokens = getApprovedAccessTokens(approvedSite); 088 089 for (OAuth2AccessTokenEntity token : accessTokens) { 090 if (token.getRefreshToken() != null) { 091 tokenRepository.removeRefreshToken(token.getRefreshToken()); 092 } 093 tokenRepository.removeAccessToken(token); 094 } 095 096 approvedSiteRepository.remove(approvedSite); 097 098 statsService.resetCache(); 099 } 100 101 @Override 102 @Transactional(value="defaultTransactionManager") 103 public ApprovedSite createApprovedSite(String clientId, String userId, Date timeoutDate, Set<String> allowedScopes) { 104 105 ApprovedSite as = approvedSiteRepository.save(new ApprovedSite()); 106 107 Date now = new Date(); 108 as.setCreationDate(now); 109 as.setAccessDate(now); 110 as.setClientId(clientId); 111 as.setUserId(userId); 112 as.setTimeoutDate(timeoutDate); 113 as.setAllowedScopes(allowedScopes); 114 115 return save(as); 116 117 } 118 119 @Override 120 public Collection<ApprovedSite> getByClientIdAndUserId(String clientId, String userId) { 121 122 return approvedSiteRepository.getByClientIdAndUserId(clientId, userId); 123 124 } 125 126 /** 127 * @param userId 128 * @return 129 * @see org.mitre.openid.connect.repository.ApprovedSiteRepository#getByUserId(java.lang.String) 130 */ 131 @Override 132 public Collection<ApprovedSite> getByUserId(String userId) { 133 return approvedSiteRepository.getByUserId(userId); 134 } 135 136 /** 137 * @param clientId 138 * @return 139 * @see org.mitre.openid.connect.repository.ApprovedSiteRepository#getByClientId(java.lang.String) 140 */ 141 @Override 142 public Collection<ApprovedSite> getByClientId(String clientId) { 143 return approvedSiteRepository.getByClientId(clientId); 144 } 145 146 147 @Override 148 public void clearApprovedSitesForClient(ClientDetails client) { 149 Collection<ApprovedSite> approvedSites = approvedSiteRepository.getByClientId(client.getClientId()); 150 if (approvedSites != null) { 151 for (ApprovedSite approvedSite : approvedSites) { 152 remove(approvedSite); 153 } 154 } 155 } 156 157 @Override 158 public void clearExpiredSites() { 159 160 logger.debug("Clearing expired approved sites"); 161 162 Collection<ApprovedSite> expiredSites = getExpired(); 163 if (expiredSites.size() > 0) { 164 logger.info("Found " + expiredSites.size() + " expired approved sites."); 165 } 166 if (expiredSites != null) { 167 for (ApprovedSite expired : expiredSites) { 168 remove(expired); 169 } 170 } 171 172 } 173 174 private Predicate<ApprovedSite> isExpired = new Predicate<ApprovedSite>() { 175 @Override 176 public boolean apply(ApprovedSite input) { 177 return (input != null && input.isExpired()); 178 } 179 }; 180 181 private Collection<ApprovedSite> getExpired() { 182 return Collections2.filter(approvedSiteRepository.getAll(), isExpired); 183 } 184 185 @Override 186 public List<OAuth2AccessTokenEntity> getApprovedAccessTokens( 187 ApprovedSite approvedSite) { 188 return tokenRepository.getAccessTokensForApprovedSite(approvedSite); 189 190 } 191 192}