private TypeCastingManager<UserTable> mUserTableCastingManager = new TypeCastingManager<>();
private TypeCastingManager<TokenTable> mTokenTableCastingManager = new TypeCastingManager<>();
+ /**
+ * API to return a sign-up response payload
+ *
+ * @param did
+ * Device id registered under user account
+ * @param authCode
+ * Unique identifier of the resource which is obtained from an
+ * auth provider or a single sign-on (SSO) client
+ * @param authProvider
+ * Provider name user for authentication (e.g., "Github")
+ * @param options
+ * Optional field (e.g., region authserver url, apiserver url)
+ *
+ * @return Sign-up response payload
+ */
+
public HashMap<String, Object> signUp(String did, String authCode,
String authProvider, Object options) {
-
boolean res = false;
+
+ // check auth provider name not to be case-sensitive
authProvider = checkAuthProviderName(authProvider);
res = loadAuthProviderLibrary(authProvider);
// check uuid
userUuid = findUuid(userInfo.getUserid(), authProvider);
- storeUserTokenInfo(userUuid, userInfo, tokenInfo);
+ // store token information and user information to the DB
+ // private group creation and store group information to the DB
+ storeUserTokenInfo(userUuid, userInfo, tokenInfo, did);
+
// make response
HashMap<String, Object> response = makeSignUpResponse(tokenInfo);
return response;
}
+ /**
+ * API to return a sign-in or sign-out response payload
+ *
+ * @param uuid
+ * User id which is provided by Sign-up process
+ * @param did
+ * Device id registered under user account
+ * @param accessToken
+ * Access token used for communication with cloud
+ * @return Sign-in or sign-out response payload
+ */
+ public HashMap<String, Object> signInOut(String uuid, String did,
+ String accessToken) {
+
+ // find token information corresponding to the uuid and did
+ HashMap<String, Object> condition = new HashMap<>();
+ condition.put(Constants.KEYFIELD_UUID, uuid);
+
+ ArrayList<HashMap<String, Object>> recordList = findRecord(
+ AccountDBManager.getInstance()
+ .selectRecord(Constants.TOKEN_TABLE, condition),
+ Constants.KEYFIELD_DID, did);
+
+ if (recordList.isEmpty()) {
+ throw new UnAuthorizedException("access token doesn't exist");
+ }
+
+ HashMap<String, Object> record = recordList.get(0);
+
+ TokenTable tokenInfo = castMapToTokenTable(record);
+
+ // token verification to check if the accesstoken is expired
+ if (verifyToken(tokenInfo, accessToken)) {
+ long remainedSeconds = getRemainedSeconds(
+ tokenInfo.getExpiredtime(), tokenInfo.getIssuedtime());
+
+ return makeSignInResponse(remainedSeconds);
+ } else {
+ throw new UnAuthorizedException("AccessToken is unauthorized");
+ }
+ }
+
+ /**
+ * API to return a token refresh response payload
+ *
+ * @param uuid
+ * user id which is provided by Sign-up process
+ * @param did
+ * device id registered under user account
+ * @param grantType
+ * token type to be granted
+ * @param refreshToken
+ * Refresh token used to refresh the access token in cloud before
+ * getting expired
+ * @return Token refresh response payload
+ */
+
+ public HashMap<String, Object> refreshToken(String uuid, String did,
+ String grantType, String refreshToken) {
+
+ // find record about uuid and did
+ HashMap<String, Object> condition = new HashMap<>();
+ condition.put(Constants.KEYFIELD_UUID, uuid);
+ condition.put(Constants.KEYFIELD_DID, did);
+
+ ArrayList<HashMap<String, Object>> recordList = findRecord(
+ AccountDBManager.getInstance()
+ .selectRecord(Constants.TOKEN_TABLE, condition),
+ Constants.KEYFIELD_DID, did);
+
+ if (recordList.isEmpty()) {
+ throw new NotFoundException("refresh token doesn't exist");
+ }
+
+ HashMap<String, Object> record = recordList.get(0);
+
+ TokenTable oldTokenInfo = castMapToTokenTable(record);
+ String provider = oldTokenInfo.getProvider();
+
+ if (!checkRefreshTokenInDB(oldTokenInfo, refreshToken)) {
+ throw new NotFoundException("refresh token is not correct");
+ }
+ // call 3rd party refresh token method
+ TokenTable newTokenInfo = requestRefreshToken(refreshToken, provider);
+
+ // record change
+ oldTokenInfo.setAccesstoken(newTokenInfo.getAccesstoken());
+ oldTokenInfo.setRefreshtoken(newTokenInfo.getRefreshtoken());
+
+ // insert record
+ AccountDBManager.getInstance().insertAndReplaceRecord(
+ Constants.TOKEN_TABLE, castTokenTableToMap(oldTokenInfo));
+
+ // make response
+ HashMap<String, Object> response = makeRefreshTokenResponse(
+ oldTokenInfo);
+
+ return response;
+ }
+
private void storeUserTokenInfo(String userUuid, UserTable userInfo,
- TokenTable tokenInfo) {
+ TokenTable tokenInfo, String did) {
// store db
+ // the user table is created
if (userUuid == null) {
userUuid = generateUuid();
userInfo.setUuid(userUuid);
authProviderName = Constants.GITHUB;
} else if (authProvider.equalsIgnoreCase(Constants.SAMSUNG)) {
authProviderName = Constants.SAMSUNG;
+ } else if (authProvider.equalsIgnoreCase(Constants.GOOGLE))
+ authProviderName = Constants.GOOGLE;
+ else {
+ Log.w("Unsupported oauth provider : " + authProvider);
}
return authProviderName;
options);
Log.d("access token : " + tokenInfo.getAccesstoken());
Log.d("refresh token : " + tokenInfo.getRefreshtoken());
- Log.d("expired time" + tokenInfo.getExpiredtime());
+ Log.d("expired time : " + tokenInfo.getExpiredtime());
return tokenInfo;
}
return userUuid;
}
- public HashMap<String, Object> signInOut(String uuid, String did,
- String accessToken) {
-
- // find record about uuid and did
- HashMap<String, Object> condition = new HashMap<>();
- condition.put(Constants.KEYFIELD_UUID, uuid);
-
- ArrayList<HashMap<String, Object>> recordList = findRecord(
- AccountDBManager.getInstance()
- .selectRecord(Constants.TOKEN_TABLE, condition),
- Constants.KEYFIELD_DID, did);
-
- if (recordList.isEmpty()) {
- throw new UnAuthorizedException("access token doesn't exist");
- }
-
- HashMap<String, Object> record = recordList.get(0);
-
- TokenTable tokenInfo = castMapToTokenTable(record);
-
- if (verifyToken(tokenInfo, accessToken)) {
- long remainedSeconds = getRemainedSeconds(
- tokenInfo.getExpiredtime(), tokenInfo.getIssuedtime());
-
- return makeSignInResponse(remainedSeconds);
- } else {
- throw new UnAuthorizedException("AccessToken is unauthorized");
- }
- }
-
private ArrayList<HashMap<String, Object>> findRecord(
ArrayList<HashMap<String, Object>> recordList, String fieldName,
String value) {
private boolean verifyToken(TokenTable tokenInfo, String accessToken) {
- if (checkTokenInDB(tokenInfo, accessToken)) {
- if (tokenInfo.getExpiredtime() == Constants.TOKEN_INFINITE) {
- return true;
- }
- if (checkExpiredTime(tokenInfo)) {
- return true;
- }
+ if (!checkAccessTokenInDB(tokenInfo, accessToken)) {
+ return false;
}
- return false;
+
+ if (tokenInfo.getExpiredtime() != Constants.TOKEN_INFINITE
+ && !checkExpiredTime(tokenInfo)) {
+ return false;
+ }
+
+ return true;
}
- private boolean checkTokenInDB(TokenTable tokenInfo, String token) {
+ private boolean checkRefreshTokenInDB(TokenTable tokenInfo, String token) {
+ if (tokenInfo.getRefreshtoken() == null) {
+ Log.w("Refreshtoken doesn't exist");
+ return false;
+ } else if (!tokenInfo.getRefreshtoken().equals(token)) {
+ Log.w("Refreshtoken is not correct");
+ return false;
+ }
+ return true;
+ }
+ private boolean checkAccessTokenInDB(TokenTable tokenInfo, String token) {
if (tokenInfo.getAccesstoken() == null) {
- Log.w("token doesn't exist");
+ Log.w("AccessToken doesn't exist");
return false;
} else if (!tokenInfo.getAccesstoken().equals(token)) {
- Log.w("token is not correct");
+ Log.w("AccessToken is not correct");
return false;
}
return true;
return elaspedSeconds;
}
- public HashMap<String, Object> refreshToken(String uuid, String did,
- String grantType, String refreshToken) {
-
- // find record about uuid and did
- HashMap<String, Object> condition = new HashMap<>();
- condition.put(Constants.KEYFIELD_UUID, uuid);
-
- ArrayList<HashMap<String, Object>> recordList = findRecord(
- AccountDBManager.getInstance()
- .selectRecord(Constants.TOKEN_TABLE, condition),
- Constants.KEYFIELD_DID, did);
-
- if (recordList.isEmpty()) {
- throw new NotFoundException("refresh token doesn't exist");
- }
-
- HashMap<String, Object> record = recordList.get(0);
-
- TokenTable oldTokenInfo = castMapToTokenTable(record);
-
- if (!checkTokenInDB(oldTokenInfo, refreshToken)) {
- throw new NotFoundException("refresh token is not correct");
- }
- // call 3rd party refresh token method
- TokenTable newTokenInfo = requestRefreshToken(refreshToken);
-
- // record change
- oldTokenInfo.setAccesstoken(newTokenInfo.getAccesstoken());
- oldTokenInfo.setRefreshtoken(newTokenInfo.getRefreshtoken());
-
- // insert record
- AccountDBManager.getInstance().insertAndReplaceRecord(
- Constants.TOKEN_TABLE, castTokenTableToMap(oldTokenInfo));
-
- // make response
- HashMap<String, Object> response = makeRefreshTokenResponse(
- oldTokenInfo);
-
- return response;
- }
-
private HashMap<String, Object> makeRefreshTokenResponse(
TokenTable tokenInfo) {
HashMap<String, Object> response = new HashMap<>();
return response;
}
- private TokenTable requestRefreshToken(String refreshToken) {
+ private TokenTable requestRefreshToken(String refreshToken,
+ String provider) {
+
+ if (mFactory == null) {
+
+ boolean res = false;
+ String authProvider = checkAuthProviderName(provider);
+ res = loadAuthProviderLibrary(authProvider);
+
+ if (!res) {
+ throw new InternalServerErrorException(
+ authProvider + " library is not loaded");
+ }
+ }
TokenTable tokenInfo = mFactory.requestRefreshTokenInfo(refreshToken);
HashSet<String> diSet = new HashSet<String>();
diSet.add(di);
- // the group that gid is uid is my group.
- GroupResource.getInstance().removeGroupDevice(uid, diSet);
+ // token table search criteria
+ HashMap<String, Object> condition = new HashMap<>();
+ condition.put(Constants.KEYFIELD_UUID, uid);
+ condition.put(Constants.KEYFIELD_DID, di);
+
+ // delete Token information from the DB
+ AccountDBManager.getInstance().deleteRecord(Constants.TOKEN_TABLE,
+ condition);
+ // delete device ID from all groups in the DB
+ GroupResource.getInstance().removeGroupDeviceinEveryGroup(uid, di);
+
+ // TODO remove device record from the ACL table
}
+
}