package eu.eudat.security.validators.linkedin; import eu.eudat.exceptions.security.NonValidTokenException; import eu.eudat.exceptions.security.UnauthorisedException; import eu.eudat.models.login.LoginInfo; import eu.eudat.models.loginprovider.LoginProviderUser; import eu.eudat.models.security.Principal; import eu.eudat.security.validators.TokenValidator; import eu.eudat.security.validators.TokenValidatorFactoryImpl; import eu.eudat.services.ApiContext; import eu.eudat.services.operations.AuthenticationServiceImpl; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.core.env.Environment; import org.springframework.social.linkedin.api.LinkedIn; import org.springframework.social.linkedin.api.LinkedInProfile; import org.springframework.social.linkedin.connect.LinkedInServiceProvider; import org.springframework.social.oauth2.AccessGrant; import org.springframework.stereotype.Component; import java.io.IOException; import java.security.GeneralSecurityException; @Component("linkedInTokenValidator") public class LinkedInTokenValidator implements TokenValidator { private Environment environment; private ApiContext apiContext; private AuthenticationServiceImpl authenticationServiceImpl; private LinkedInServiceProvider linkedInServiceProvider; @Autowired public LinkedInTokenValidator(Environment environment, ApiContext apiContext, AuthenticationServiceImpl authenticationServiceImpl) { this.environment = environment; this.apiContext = apiContext; this.authenticationServiceImpl = authenticationServiceImpl; this.linkedInServiceProvider = new LinkedInServiceProvider(this.environment.getProperty("linkedin.login.clientId"), this.environment.getProperty("linkedin.login.clientSecret")); } @Override public Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException { AccessGrant accessGrant = this.linkedInServiceProvider.getOAuthOperations().exchangeForAccess(credentials.getTicket(), this.environment.getProperty("linkedin.login.redirect_uri"), null); LinkedIn linkedInService = this.linkedInServiceProvider.getApi(accessGrant.getAccessToken()); LinkedInProfile linkedInProfile = linkedInService.profileOperations().getUserProfile(); LoginProviderUser user = new LoginProviderUser(); if (linkedInProfile.getEmailAddress() == null) throw new UnauthorisedException("Cannot login user.LinkedIn account did not provide email"); user.setEmail(linkedInProfile.getEmailAddress()); user.setId(linkedInProfile.getId()); user.setIsVerified(true); //TODO user.setName(linkedInProfile.getFirstName() + " " + linkedInProfile.getLastName()); user.setProvider(TokenValidatorFactoryImpl.LoginProvider.LINKEDIN); user.setSecret(accessGrant.getAccessToken()); return this.authenticationServiceImpl.Touch(user); } }