SocialAuthenticationManager.java example

Explorer

xwiki-social-login-master
- xwiki-social-login-api
  - src
    - main
      - java
        org
        xwiki
        social
        authentication
        ProfilePictureProviderTransformer.java
        SocialAuthConfiguration.java
        SocialAuthConstants.java
        SocialAuthException.java
        SocialAuthSession.java
        SocialAuthenticationManager.java
        internal
        DefaultSocialAuthConfiguration.java
        DefaultSocialAuthManager.java
        FacebookProfilePictureProviderTransformer.java
        SocialAuthConfigurationSource.java
        SocialAuthDocumentConfigurationSource.java
        SocialAuthScriptService.java
        SocialAuthServiceImpl.java
        legacy
        crypto
        internal
        Convert.java
        DefaultUserDocumentUtils.java
        SerializationUtils.java
        UserDocumentUtils.java
        scripting
        CryptoScriptService.java
        passwd
        KeyDerivationFunction.java
        MemoryHardKeyDerivationFunction.java
        PasswordCiphertext.java
        PasswordCryptoService.java
        PasswordCryptoServiceConfiguration.java
        PasswordVerificationFunction.java
        internal
        AESPasswordCiphertext.java
        AbstractKeyDerivationFunction.java
        AbstractMemoryHardKeyDerivationFunction.java
        AbstractPasswordCiphertext.java
        CAST5PasswordCiphertext.java
        DefaultPasswordCryptoService.java
        DefaultPasswordCryptoServiceConfiguration.java
        DefaultPasswordVerificationFunction.java
        PBKDF2KeyDerivationFunction.java
        ScryptMemoryHardKeyDerivationFunction.java
        x509
        X509CryptoService.java
        XWikiX509Certificate.java
        XWikiX509KeyPair.java
        internal
        AbstractX509CertificateWrapper.java
        DefaultX509CryptoService.java
        DefaultXWikiX509KeyPair.java
        X509KeyService.java
        X509Keymaker.java
        X509SignatureService.java

/*
 * See the NOTICE file distributed with this work for additional
 * information regarding copyright ownership.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
 */
package org.xwiki.social.authentication;

import java.util.Map;

import org.xwiki.component.annotation.Role;
import org.xwiki.model.reference.DocumentReference;

import com.xpn.xwiki.XWikiException;

/**
 * Orchestrator of all things social authentication, it provides facilities to establish connections between XWiki users
 * and third party OAuth end-points, and to query both persistent and session status of such connections.
 */
@Role
public interface SocialAuthenticationManager
{
    /**
     * @param provider the provider to check if a user exists for or not. Examples: "facebook", "twitter", etc.
     * @param id the third party id to check if a user exists for or not. For the facebook provider, this would
     *            correspond to a FB id, and so on.
     * @return <code>true</code> if a user exists in the wiki for this provider and id, <code>false</code> otherwise. A
     *         user exists for a provider and id when it has a <tt>XWiki.SocialLoginProfileClass</tt> object in its
     *         profile page with matching provider and id properties
     */
    boolean userExists(String provider, String id);

    /**
     * @param provider the provider to lookup the user for. Examples: "facebook", "twitter", etc.
     * @param id the third party id to lookup the user for. For the facebook provider, this would correspond to a FB id,
     *            and so on.
     * @return the document reference for the user with a social profile that match the passed provider and id.
     *         <code>null</code> if no user have a social profile that matches those provider and id
     * @see #userExists(String, String)
     */
    DocumentReference getUser(String provider, String id);

    /**
     * @param user the reference to the document of the user to check for the presence of a certain provider
     * @param provider the provider to check the presence of
     * @return <code>true</code> if the user has a social profile for this provider in its XWiki profile,
     *         <code>false</code> otherwise
     */
    boolean hasProvider(DocumentReference user, String provider);

    /**
     * @return the current social authentication session, if it exists, <code>null</code> otherwise.
     */
    SocialAuthSession getSession();

    /**
     * @return <code>true</code> if the context user has a social session with any provider successfully connected,
     *         <code>false</code> otherwise.
     */
    boolean isConnected();

    /**
     * @param provider the provider to check the connection of
     * @return <code>true</code> if the context user has a social session with the specified provider connected,
     *         <code>false</code> otherwise.
     */
    boolean isConnected(String provider);

    /**
     * Requests an attempt at connecting with a social auth (OAuth) end point. This redirects to a third-party OAuth
     * end-point to verify authorization. If the user has already granted permission for our application, then it
     * redirects back to our site directly (with authorization payload), otherwise it requires the user to grant this
     * authorization, before redirecting back.
     * 
     * @param provider the provider to request the connection with
     * @param returnUrl the URL to provide as a return URL from the social site/OAuth end-point.
     * @throws SocialAuthException when something does not work as expected.
     */
    void requestConnection(String provider, String returnUrl) throws SocialAuthException;

    /**
     * Verifies third-party authorization payload, and tries to find a matching user in our XWiki user base. According
     * to configuration, this user might be created automatically he doesn't exist yet. Once the verification is OK and
     * a user if found, the social session is updated accordingly.
     * 
     * @param requestParameters the request parameters used to verify the authorization
     * @return the reference of the XWiki user matched or created, <code>null</code> when no such user could be matched
     * @throws SocialAuthException when something goes bananas
     */
    DocumentReference connect(Map<String, String> requestParameters) throws SocialAuthException;

    /**
     * Ensures a social session exists and is connected for the context user for the passed provider. This assumes the
     * user already has a profile defined for the provider in its XWiki user profile.
     * 
     * @param provider the provider to ensure connection for
     * @throws SocialAuthException when something goes wrong
     */
    void ensureConnected(String provider) throws SocialAuthException;

    /**
     * Creates a new user based on a social session already established.
     * 
     * @param extraProperties the extra user properties to create the user with (XWiki.XWikiUsers properties)
     * @return the reference of the document of the user created
     * @throws XWikiException when something doesn't work at the XWiki level (database, etc.)
     * @throws SocialAuthException when something doesn't work at this module's level (empty social session, etc.)
     */
    DocumentReference createUser(Map<String, String> extraProperties) throws XWikiException, SocialAuthException;

    /**
     * Creates a new user based on a social session already established, with a specific username.
     * 
     * @param username the username to create the user with
     * @param extraProperties the extra user properties to create the user with (XWiki.XWikiUsers properties)
     * @return the reference of the document of the user created
     * @throws XWikiException when something doesn't work at the XWiki level (database, etc.)
     * @throws SocialAuthException when something doesn't work at this module's level (empty social session, etc.)
     */
    DocumentReference createUser(String username, Map<String, String> extraProperties) throws XWikiException,
        SocialAuthException;

    /**
     * Tries to add a new social profile with to an existing XWiki user.
     * 
     * @param provider the provider to try to add the social profile for. Examples: "facebook", "twitter", etc.
     * @throws SocialAuthException when something goes wrong
     */
    void associateAccount(String provider) throws SocialAuthException;
}