001/******************************************************************************* 002 * Copyright 2017 The MIT Internet Trust Consortium 003 * 004 * Portions copyright 2011-2013 The MITRE Corporation 005 * 006 * Licensed under the Apache License, Version 2.0 (the "License"); 007 * you may not use this file except in compliance with the License. 008 * You may obtain a copy of the License at 009 * 010 * http://www.apache.org/licenses/LICENSE-2.0 011 * 012 * Unless required by applicable law or agreed to in writing, software 013 * distributed under the License is distributed on an "AS IS" BASIS, 014 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 015 * See the License for the specific language governing permissions and 016 * limitations under the License. 017 *******************************************************************************/ 018/** 019 * 020 */ 021package org.mitre.openid.connect.service.impl; 022 023import java.util.Set; 024import java.util.UUID; 025 026import org.mitre.oauth2.model.ClientDetailsEntity; 027import org.mitre.openid.connect.model.PairwiseIdentifier; 028import org.mitre.openid.connect.model.UserInfo; 029import org.mitre.openid.connect.repository.PairwiseIdentifierRepository; 030import org.mitre.openid.connect.service.PairwiseIdentiferService; 031import org.slf4j.Logger; 032import org.slf4j.LoggerFactory; 033import org.springframework.beans.factory.annotation.Autowired; 034import org.springframework.stereotype.Service; 035import org.springframework.web.util.UriComponents; 036import org.springframework.web.util.UriComponentsBuilder; 037 038import com.google.common.base.Strings; 039import com.google.common.collect.Iterables; 040 041/** 042 * @author jricher 043 * 044 */ 045@Service("uuidPairwiseIdentiferService") 046public class UUIDPairwiseIdentiferService implements PairwiseIdentiferService { 047 048 /** 049 * Logger for this class 050 */ 051 private static final Logger logger = LoggerFactory.getLogger(UUIDPairwiseIdentiferService.class); 052 053 @Autowired 054 private PairwiseIdentifierRepository pairwiseIdentifierRepository; 055 056 @Override 057 public String getIdentifier(UserInfo userInfo, ClientDetailsEntity client) { 058 059 String sectorIdentifier = null; 060 061 if (!Strings.isNullOrEmpty(client.getSectorIdentifierUri())) { 062 UriComponents uri = UriComponentsBuilder.fromUriString(client.getSectorIdentifierUri()).build(); 063 sectorIdentifier = uri.getHost(); // calculate based on the host component only 064 } else { 065 Set<String> redirectUris = client.getRedirectUris(); 066 UriComponents uri = UriComponentsBuilder.fromUriString(Iterables.getOnlyElement(redirectUris)).build(); 067 sectorIdentifier = uri.getHost(); // calculate based on the host of the only redirect URI 068 } 069 070 if (sectorIdentifier != null) { 071 // if there's a sector identifier, use that for the lookup 072 PairwiseIdentifier pairwise = pairwiseIdentifierRepository.getBySectorIdentifier(userInfo.getSub(), sectorIdentifier); 073 074 if (pairwise == null) { 075 // we don't have an identifier, need to make and save one 076 077 pairwise = new PairwiseIdentifier(); 078 pairwise.setIdentifier(UUID.randomUUID().toString()); 079 pairwise.setUserSub(userInfo.getSub()); 080 pairwise.setSectorIdentifier(sectorIdentifier); 081 082 pairwiseIdentifierRepository.save(pairwise); 083 } 084 085 return pairwise.getIdentifier(); 086 } else { 087 088 return null; 089 } 090 } 091 092}