56 lines
2.8 KiB
Java
56 lines
2.8 KiB
Java
package eu.eudat.security.validators.linkedin;
|
|
|
|
import eu.eudat.exceptions.security.NonValidTokenException;
|
|
import eu.eudat.exceptions.security.UnauthorisedException;
|
|
import eu.eudat.models.login.LoginInfo;
|
|
import eu.eudat.models.loginprovider.LoginProviderUser;
|
|
import eu.eudat.models.security.Principal;
|
|
import eu.eudat.security.validators.TokenValidator;
|
|
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
|
|
import eu.eudat.services.ApiContext;
|
|
import eu.eudat.services.AuthenticationService;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.core.env.Environment;
|
|
import org.springframework.social.linkedin.api.LinkedIn;
|
|
import org.springframework.social.linkedin.api.LinkedInProfile;
|
|
import org.springframework.social.linkedin.connect.LinkedInServiceProvider;
|
|
import org.springframework.social.oauth2.AccessGrant;
|
|
import org.springframework.stereotype.Component;
|
|
|
|
import java.io.IOException;
|
|
import java.security.GeneralSecurityException;
|
|
|
|
|
|
@Component("linkedInTokenValidator")
|
|
public class LinkedInTokenValidator implements TokenValidator {
|
|
|
|
private Environment environment;
|
|
private ApiContext apiContext;
|
|
private AuthenticationService authenticationService;
|
|
private LinkedInServiceProvider linkedInServiceProvider;
|
|
|
|
@Autowired
|
|
public LinkedInTokenValidator(Environment environment, ApiContext apiContext, AuthenticationService authenticationService) {
|
|
this.environment = environment;
|
|
this.apiContext = apiContext;
|
|
this.authenticationService = authenticationService;
|
|
this.linkedInServiceProvider = new LinkedInServiceProvider(this.environment.getProperty("linkedin.login.clientId"), this.environment.getProperty("linkedin.login.clientSecret"));
|
|
}
|
|
|
|
@Override
|
|
public Principal validateToken(LoginInfo credentials) throws NonValidTokenException, IOException, GeneralSecurityException {
|
|
AccessGrant accessGrant = this.linkedInServiceProvider.getOAuthOperations().exchangeForAccess(credentials.getTicket(), this.environment.getProperty("linkedin.login.redirect_uri"), null);
|
|
LinkedIn linkedInService = this.linkedInServiceProvider.getApi(accessGrant.getAccessToken());
|
|
LinkedInProfile linkedInProfile = linkedInService.profileOperations().getUserProfile();
|
|
LoginProviderUser user = new LoginProviderUser();
|
|
|
|
if (linkedInProfile.getEmailAddress() == null) throw new UnauthorisedException("Cannot login user.LinkedIn account did not provide email");
|
|
user.setEmail(linkedInProfile.getEmailAddress());
|
|
user.setIsVerified(true); //TODO
|
|
user.setName(linkedInProfile.getFirstName() + " " + linkedInProfile.getLastName());
|
|
user.setProvider(TokenValidatorFactoryImpl.LoginProvider.LINKEDIN);
|
|
user.setSecret(accessGrant.getAccessToken());
|
|
return this.authenticationService.Touch(user);
|
|
}
|
|
}
|