Source code

001/*******************************************************************************
002 * Copyright 2017 The MIT Internet Trust Consortium
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *   http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *******************************************************************************/
016
017package org.mitre.uma.service.impl;
018
019import java.sql.Date;
020import java.util.Set;
021import java.util.UUID;
022
023import org.mitre.oauth2.service.SystemScopeService;
024import org.mitre.uma.model.Permission;
025import org.mitre.uma.model.PermissionTicket;
026import org.mitre.uma.model.ResourceSet;
027import org.mitre.uma.repository.PermissionRepository;
028import org.mitre.uma.service.PermissionService;
029import org.springframework.beans.factory.annotation.Autowired;
030import org.springframework.security.oauth2.common.exceptions.InsufficientScopeException;
031import org.springframework.stereotype.Service;
032
033/**
034 * @author jricher
035 *
036 */
037@Service
038public class DefaultPermissionService implements PermissionService {
039
040        @Autowired
041        private PermissionRepository repository;
042
043        @Autowired
044        private SystemScopeService scopeService;
045
046        private Long permissionExpirationSeconds = 60L * 60L; // 1 hr
047
048        /* (non-Javadoc)
049         * @see org.mitre.uma.service.PermissionService#create(org.mitre.uma.model.ResourceSet, java.util.Set)
050         */
051        @Override
052        public PermissionTicket createTicket(ResourceSet resourceSet, Set<String> scopes) {
053
054                // check to ensure that the scopes requested are a subset of those in the resource set
055
056                if (!scopeService.scopesMatch(resourceSet.getScopes(), scopes)) {
057                        throw new InsufficientScopeException("Scopes of resource set are not enough for requested permission.");
058                }
059
060                Permission perm = new Permission();
061                perm.setResourceSet(resourceSet);
062                perm.setScopes(scopes);
063
064                PermissionTicket ticket = new PermissionTicket();
065                ticket.setPermission(perm);
066                ticket.setTicket(UUID.randomUUID().toString());
067                ticket.setExpiration(new Date(System.currentTimeMillis() + permissionExpirationSeconds * 1000L));
068
069                return repository.save(ticket);
070
071        }
072
073        /* (non-Javadoc)
074         * @see org.mitre.uma.service.PermissionService#getByTicket(java.lang.String)
075         */
076        @Override
077        public PermissionTicket getByTicket(String ticket) {
078                return repository.getByTicket(ticket);
079        }
080
081        /* (non-Javadoc)
082         * @see org.mitre.uma.service.PermissionService#updateTicket(org.mitre.uma.model.PermissionTicket)
083         */
084        @Override
085        public PermissionTicket updateTicket(PermissionTicket ticket) {
086                if (ticket.getId() != null) {
087                        return repository.save(ticket);
088                } else {
089                        return null;
090                }
091
092        }
093
094
095
096}