From e1326bdc9554b053943c78d79a70e9453a1d0edf Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Fri, 22 Feb 2019 16:35:32 +0100 Subject: [PATCH] [New] Persisting of SSO Users, enforcing SSO users have state REMOTE --- .../privilege/handler/DefaultPrivilegeHandler.java | 12 ++++++++++++ .../privilege/handler/SingleSignOnHandler.java | 1 - .../privilege/test/model/DummySsoHandler.java | 2 +- 3 files changed, 13 insertions(+), 2 deletions(-) diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java index 07ed92607..a95a3a7e3 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/DefaultPrivilegeHandler.java @@ -39,6 +39,7 @@ import li.strolch.privilege.xml.CertificateStubsDomWriter; import li.strolch.privilege.xml.CertificateStubsSaxReader; import li.strolch.privilege.xml.CertificateStubsSaxReader.CertificateStub; import li.strolch.utils.collections.Tuple; +import li.strolch.utils.dbc.DBC; import li.strolch.utils.helper.AesCryptoHelper; import li.strolch.utils.helper.StringHelper; import org.slf4j.Logger; @@ -1183,6 +1184,17 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { throw new IllegalStateException("The SSO Handler is not configured!"); User user = this.ssoHandler.authenticateSingleSignOn(data); + DBC.PRE.assertEquals("SSO Users must have UserState.REMOTE!", UserState.REMOTE, user.getUserState()); + + // persist this user + User internalUser = this.persistenceHandler.getUser(user.getUsername()); + if (internalUser == null) + this.persistenceHandler.addUser(user); + else + this.persistenceHandler.replaceUser(user); + + if (this.autoPersistOnUserChangesData) + this.persistenceHandler.persist(); // get 2 auth tokens String authToken = this.encryptionHandler.nextToken(); diff --git a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java index 9bc27f4e8..9f55914ce 100644 --- a/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java +++ b/li.strolch.privilege/src/main/java/li/strolch/privilege/handler/SingleSignOnHandler.java @@ -28,5 +28,4 @@ public interface SingleSignOnHandler { * if the SSO can not be performed with the given data */ User authenticateSingleSignOn(Object data) throws PrivilegeException; - } diff --git a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java index 3539a639d..5823bcabf 100644 --- a/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java +++ b/li.strolch.privilege/src/test/java/li/strolch/privilege/test/model/DummySsoHandler.java @@ -24,6 +24,6 @@ public class DummySsoHandler implements SingleSignOnHandler { Set roles = Arrays.stream(map.get("roles").split(",")).map(String::trim).collect(Collectors.toSet()); Map properties = new HashMap<>(); return new User(map.get("userId"), map.get("username"), null, null, null, -1, -1, map.get("firstName"), - map.get("lastName"), UserState.ENABLED, roles, Locale.ENGLISH, properties); + map.get("lastName"), UserState.REMOTE, roles, Locale.ENGLISH, properties); } }