You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by mm...@apache.org on 2020/02/27 08:17:36 UTC

[syncope] 07/12: complete binders, rest client and DAOs for authn client apps

This is an automated email from the ASF dual-hosted git repository.

mmoayyed pushed a commit to branch SYNCOPE-163-1
in repository https://gitbox.apache.org/repos/asf/syncope.git

commit 4349207fc3536d7113c5141c181ec2e0e8d116a9
Author: Misagh Moayyed <mm...@gmail.com>
AuthorDate: Tue Feb 25 16:51:07 2020 +0330

    complete binders, rest client and DAOs for authn client apps
---
 .../console/rest/ClientApplicationRestClient.java  | 10 +--
 .../common/lib/types/IdRepoEntitlement.java        | 16 ++++
 .../core/logic/AbstractClientApplicationLogic.java | 24 +++++-
 .../core/logic/OpenIdConnectRelyingPartyLogic.java | 99 ++++++++++++++++++++++
 .../core/logic/SAML2ServiceProviderLogic.java      | 98 +++++++++++++++++++++
 .../OpenIdConnectRelyingPartyServiceImpl.java}     | 17 +++-
 .../service/SAML2ServiceProviderServiceImpl.java}  | 17 +++-
 .../data/OpenIdConnectRelyingPartyDataBinder.java} | 12 ++-
 .../api/data/SAML2ServiceProviderDataBinder.java}  | 16 ++--
 9 files changed, 288 insertions(+), 21 deletions(-)

diff --git a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/rest/ClientApplicationRestClient.java b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/rest/ClientApplicationRestClient.java
index 0dfb663..2f36947 100644
--- a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/rest/ClientApplicationRestClient.java
+++ b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/rest/ClientApplicationRestClient.java
@@ -18,7 +18,7 @@
  */
 package org.apache.syncope.client.console.rest;
 
-import org.apache.syncope.common.lib.to.ApplicationTO;
+import org.apache.syncope.common.lib.to.ClientApplicationTO;
 import org.apache.syncope.common.rest.api.service.ClientApplicationService;
 
 import java.util.List;
@@ -34,19 +34,19 @@ public class ClientApplicationRestClient extends BaseRestClient {
         getService(ClientApplicationService.class).delete(key);
     }
 
-    public static ApplicationTO read(final String key) {
+    public static ClientApplicationTO read(final String key) {
         return getService(ClientApplicationService.class).read(key);
     }
 
-    public static void update(final ApplicationTO applicationTO) {
+    public static void update(final ClientApplicationTO applicationTO) {
         getService(ClientApplicationService.class).update(applicationTO);
     }
 
-    public static void create(final ApplicationTO applicationTO) {
+    public static void create(final ClientApplicationTO applicationTO) {
         getService(ClientApplicationService.class).create(applicationTO);
     }
 
-    public static List<ApplicationTO> list() {
+    public static List<ClientApplicationTO> list() {
         return getService(ClientApplicationService.class).list();
     }
 
diff --git a/common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/types/IdRepoEntitlement.java b/common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/types/IdRepoEntitlement.java
index 8ab42af..97746b2 100644
--- a/common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/types/IdRepoEntitlement.java
+++ b/common/idrepo/lib/src/main/java/org/apache/syncope/common/lib/types/IdRepoEntitlement.java
@@ -238,6 +238,22 @@ public final class IdRepoEntitlement {
 
     public static final String IMPLEMENTATION_DELETE = "IMPLEMENTATION_DELETE";
 
+    public static final String OIDC_RELYING_PARTY_READ = "OIDC_RELYING_PARTY_READ";
+
+    public static final String OIDC_RELYING_PARTY_DELETE = "OIDC_RELYING_PARTY_DELETE";
+
+    public static final String OIDC_RELYING_PARTY_CREATE = "OIDC_RELYING_PARTY_CREATE";
+
+    public static final String OIDC_RELYING_PARTY_LIST = "OIDC_RELYING_PARTY_LIST";
+
+    public static final String SAML2_SERVICE_PROVIDER_READ = "OIDC_RELYING_PARTY_READ";
+
+    public static final String SAML2_SERVICE_PROVIDER_DELETE = "SAML2_SERVICE_PROVIDER_DELETE";
+
+    public static final String SAML2_SERVICE_PROVIDER_CREATE = "SAML2_SERVICE_PROVIDER_CREATE";
+
+    public static final String SAML2_SERVICE_PROVIDER_LIST = "SAML2_SERVICE_PROVIDER_LIST";
+
     private static final Set<String> VALUES;
 
     static {
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
index 79ccf62..24cd2f1 100644
--- a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
+++ b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
@@ -19,7 +19,27 @@
 
 package org.apache.syncope.core.logic;
 
-import org.apache.syncope.common.lib.to.DynRealmTO;
+import org.apache.syncope.common.lib.to.ClientApplicationTO;
+
+import java.lang.reflect.Method;
+import java.util.List;
+
+public abstract class AbstractClientApplicationLogic extends AbstractTransactionalLogic<ClientApplicationTO> {
+
+    @Override
+    protected ClientApplicationTO resolveReference(final Method method, final Object... args)
+        throws UnresolvedReferenceException {
+        throw new UnresolvedReferenceException();
+    }
+
+    public abstract ClientApplicationTO delete(String key);
+
+    public abstract List<ClientApplicationTO> list();
+
+    public abstract ClientApplicationTO read(String key);
+
+    public abstract ClientApplicationTO create(ClientApplicationTO applicationTO);
+
+    public abstract ClientApplicationTO update(ClientApplicationTO applicationTO);
 
-public abstract class AbstractClientApplicationLogic extends AbstractTransactionalLogic<DynRealmTO> {
 }
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/OpenIdConnectRelyingPartyLogic.java b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/OpenIdConnectRelyingPartyLogic.java
new file mode 100644
index 0000000..f08bfdf
--- /dev/null
+++ b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/OpenIdConnectRelyingPartyLogic.java
@@ -0,0 +1,99 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.syncope.core.logic;
+
+import org.apache.syncope.common.lib.to.ClientApplicationTO;
+import org.apache.syncope.common.lib.types.IdRepoEntitlement;
+import org.apache.syncope.core.persistence.api.dao.NotFoundException;
+import org.apache.syncope.core.persistence.api.dao.authentication.OpenIdConnectRelyingPartyDAO;
+import org.apache.syncope.core.persistence.api.entity.authentication.OpenIdConnectRelyingParty;
+import org.apache.syncope.core.provisioning.api.data.OpenIdConnectRelyingPartyDataBinder;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+@Component
+public class OpenIdConnectRelyingPartyLogic extends AbstractClientApplicationLogic {
+    @Autowired
+    private OpenIdConnectRelyingPartyDAO openIdConnectRelyingPartyDAO;
+
+    @Autowired
+    private OpenIdConnectRelyingPartyDataBinder binder;
+
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.OIDC_RELYING_PARTY_READ + "')")
+    @Transactional(readOnly = true)
+    @Override
+    public ClientApplicationTO read(final String key) {
+        OpenIdConnectRelyingParty application = openIdConnectRelyingPartyDAO.find(key);
+        if (application == null) {
+            LOG.error("Could not find application '" + key + '\'');
+
+            throw new NotFoundException(key);
+        }
+
+        return binder.getClientApplicationTO(application);
+    }
+
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.OIDC_RELYING_PARTY_LIST + "')")
+    @Transactional(readOnly = true)
+    @Override
+    public List<ClientApplicationTO> list() {
+        return openIdConnectRelyingPartyDAO.findAll()
+            .stream().map(binder::getClientApplicationTO).collect(Collectors.toList());
+    }
+
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.OIDC_RELYING_PARTY_CREATE + "')")
+    @Override
+    public ClientApplicationTO create(final ClientApplicationTO applicationTO) {
+        return binder.getClientApplicationTO(openIdConnectRelyingPartyDAO.save(binder.create(applicationTO)));
+    }
+
+    @Override
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.APPLICATION_UPDATE + "')")
+    public ClientApplicationTO update(final ClientApplicationTO applicationTO) {
+        OpenIdConnectRelyingParty application = openIdConnectRelyingPartyDAO.find(applicationTO.getKey());
+        if (application == null) {
+            LOG.error("Could not find application '" + applicationTO.getKey() + '\'');
+            throw new NotFoundException(applicationTO.getKey());
+        }
+
+        return binder.getClientApplicationTO(openIdConnectRelyingPartyDAO.save(binder.update(application, applicationTO)));
+    }
+
+    @Override
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.OIDC_RELYING_PARTY_DELETE + "')")
+    public ClientApplicationTO delete(final String key) {
+        OpenIdConnectRelyingParty application = openIdConnectRelyingPartyDAO.find(key);
+        if (application == null) {
+            LOG.error("Could not find application '" + key + '\'');
+
+            throw new NotFoundException(key);
+        }
+
+        ClientApplicationTO deleted = binder.getClientApplicationTO(application);
+        openIdConnectRelyingPartyDAO.delete(key);
+        return deleted;
+    }
+    
+}
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/SAML2ServiceProviderLogic.java b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/SAML2ServiceProviderLogic.java
new file mode 100644
index 0000000..a2d5092
--- /dev/null
+++ b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/SAML2ServiceProviderLogic.java
@@ -0,0 +1,98 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.syncope.core.logic;
+
+import org.apache.syncope.common.lib.to.ClientApplicationTO;
+import org.apache.syncope.common.lib.types.IdRepoEntitlement;
+import org.apache.syncope.core.persistence.api.dao.NotFoundException;
+import org.apache.syncope.core.persistence.api.dao.authentication.SAML2ServiceProviderDAO;
+import org.apache.syncope.core.persistence.api.entity.authentication.SAML2ServiceProvider;
+import org.apache.syncope.core.provisioning.api.data.SAML2ServiceProviderDataBinder;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.stereotype.Component;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+@Component
+public class SAML2ServiceProviderLogic extends AbstractClientApplicationLogic {
+
+    @Autowired
+    private SAML2ServiceProviderDAO saml2ServiceProviderDAO;
+
+    @Autowired
+    private SAML2ServiceProviderDataBinder binder;
+
+    @Override
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.SAML2_SERVICE_PROVIDER_DELETE + "')")
+    public ClientApplicationTO delete(final String key) {
+        SAML2ServiceProvider application = saml2ServiceProviderDAO.find(key);
+        if (application == null) {
+            LOG.error("Could not find application '" + key + '\'');
+
+            throw new NotFoundException(key);
+        }
+
+        ClientApplicationTO deleted = binder.getClientApplicationTO(application);
+        saml2ServiceProviderDAO.delete(key);
+        return deleted;
+    }
+
+    @Override
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.SAML2_SERVICE_PROVIDER_LIST + "')")
+    @Transactional(readOnly = true)
+    public List<ClientApplicationTO> list() {
+        return saml2ServiceProviderDAO.findAll().stream().map(binder::getClientApplicationTO).collect(Collectors.toList());
+    }
+
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.SAML2_SERVICE_PROVIDER_READ + "')")
+    @Transactional(readOnly = true)
+    @Override
+    public ClientApplicationTO read(final String key) {
+        SAML2ServiceProvider application = saml2ServiceProviderDAO.find(key);
+        if (application == null) {
+            LOG.error("Could not find application '" + key + '\'');
+
+            throw new NotFoundException(key);
+        }
+
+        return binder.getClientApplicationTO(application);
+    }
+
+    @Override
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.SAML2_SERVICE_PROVIDER_CREATE + "')")
+    public ClientApplicationTO create(final ClientApplicationTO applicationTO) {
+        return binder.getClientApplicationTO(saml2ServiceProviderDAO.save(binder.create(applicationTO)));
+    }
+
+    @Override
+    @PreAuthorize("hasRole('" + IdRepoEntitlement.APPLICATION_UPDATE + "')")
+    public ClientApplicationTO update(final ClientApplicationTO applicationTO) {
+        SAML2ServiceProvider application = saml2ServiceProviderDAO.find(applicationTO.getKey());
+        if (application == null) {
+            LOG.error("Could not find application '" + applicationTO.getKey() + '\'');
+            throw new NotFoundException(applicationTO.getKey());
+        }
+
+        return binder.getClientApplicationTO(saml2ServiceProviderDAO.save(binder.update(application, applicationTO)));
+    }
+}
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java b/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/OpenIdConnectRelyingPartyServiceImpl.java
similarity index 58%
copy from core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
copy to core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/OpenIdConnectRelyingPartyServiceImpl.java
index 79ccf62..84f01de 100644
--- a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
+++ b/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/OpenIdConnectRelyingPartyServiceImpl.java
@@ -17,9 +17,20 @@
  *
  */
 
-package org.apache.syncope.core.logic;
+package org.apache.syncope.core.rest.cxf.service;
 
-import org.apache.syncope.common.lib.to.DynRealmTO;
+import org.apache.syncope.core.logic.AbstractClientApplicationLogic;
+import org.apache.syncope.core.logic.OpenIdConnectRelyingPartyLogic;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 
-public abstract class AbstractClientApplicationLogic extends AbstractTransactionalLogic<DynRealmTO> {
+@Service
+public class OpenIdConnectRelyingPartyServiceImpl extends AbstractClientApplicationServiceImpl {
+    @Autowired
+    private OpenIdConnectRelyingPartyLogic logic;
+
+    @Override
+    protected AbstractClientApplicationLogic getLogic() {
+        return this.logic;
+    }
 }
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java b/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SAML2ServiceProviderServiceImpl.java
similarity index 59%
copy from core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
copy to core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SAML2ServiceProviderServiceImpl.java
index 79ccf62..960a442 100644
--- a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
+++ b/core/idrepo/rest-cxf/src/main/java/org/apache/syncope/core/rest/cxf/service/SAML2ServiceProviderServiceImpl.java
@@ -17,9 +17,20 @@
  *
  */
 
-package org.apache.syncope.core.logic;
+package org.apache.syncope.core.rest.cxf.service;
 
-import org.apache.syncope.common.lib.to.DynRealmTO;
+import org.apache.syncope.core.logic.AbstractClientApplicationLogic;
+import org.apache.syncope.core.logic.SAML2ServiceProviderLogic;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 
-public abstract class AbstractClientApplicationLogic extends AbstractTransactionalLogic<DynRealmTO> {
+@Service
+public class SAML2ServiceProviderServiceImpl extends AbstractClientApplicationServiceImpl {
+    @Autowired
+    private SAML2ServiceProviderLogic logic;
+
+    @Override
+    protected AbstractClientApplicationLogic getLogic() {
+        return this.logic;
+    }
 }
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/OpenIdConnectRelyingPartyDataBinder.java
similarity index 60%
copy from core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
copy to core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/OpenIdConnectRelyingPartyDataBinder.java
index 79ccf62..87a1f57 100644
--- a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
+++ b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/OpenIdConnectRelyingPartyDataBinder.java
@@ -17,9 +17,15 @@
  *
  */
 
-package org.apache.syncope.core.logic;
+package org.apache.syncope.core.provisioning.api.data;
 
-import org.apache.syncope.common.lib.to.DynRealmTO;
+import org.apache.syncope.common.lib.to.ClientApplicationTO;
+import org.apache.syncope.core.persistence.api.entity.authentication.OpenIdConnectRelyingParty;
 
-public abstract class AbstractClientApplicationLogic extends AbstractTransactionalLogic<DynRealmTO> {
+public interface OpenIdConnectRelyingPartyDataBinder {
+    OpenIdConnectRelyingParty create(ClientApplicationTO applicationTO);
+
+    OpenIdConnectRelyingParty update(OpenIdConnectRelyingParty application, ClientApplicationTO applicationTO);
+
+    ClientApplicationTO getClientApplicationTO(OpenIdConnectRelyingParty application);
 }
diff --git a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/SAML2ServiceProviderDataBinder.java
similarity index 57%
copy from core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
copy to core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/SAML2ServiceProviderDataBinder.java
index 79ccf62..9b3b2be 100644
--- a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/AbstractClientApplicationLogic.java
+++ b/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/data/SAML2ServiceProviderDataBinder.java
@@ -6,7 +6,8 @@
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
- *    http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
@@ -14,12 +15,17 @@
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
- *
  */
+package org.apache.syncope.core.provisioning.api.data;
+
+import org.apache.syncope.common.lib.to.ClientApplicationTO;
+import org.apache.syncope.core.persistence.api.entity.authentication.SAML2ServiceProvider;
+
+public interface SAML2ServiceProviderDataBinder {
 
-package org.apache.syncope.core.logic;
+    SAML2ServiceProvider create(ClientApplicationTO applicationTO);
 
-import org.apache.syncope.common.lib.to.DynRealmTO;
+    SAML2ServiceProvider update(SAML2ServiceProvider application, ClientApplicationTO applicationTO);
 
-public abstract class AbstractClientApplicationLogic extends AbstractTransactionalLogic<DynRealmTO> {
+    ClientApplicationTO getClientApplicationTO(SAML2ServiceProvider application);
 }