X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=cloud%2Faccount%2Fsrc%2Fmain%2Fjava%2Forg%2Fiotivity%2Fcloud%2Faccountserver%2Fresources%2Faccount%2FAccountManager.java;h=a523f2d0b57007674823566964ccceac0720c0ac;hb=ff3fb9a2decbfd6d68f9e5b590bf21f112500f23;hp=ee127ac08c4b97445cf9177ecc8142f31d3f0716;hpb=6ac4daf1c0a01ee54845041025cb7ec845d2502b;p=platform%2Fupstream%2Fiotivity.git diff --git a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java index ee127ac..a523f2d 100644 --- a/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java +++ b/cloud/account/src/main/java/org/iotivity/cloud/accountserver/resources/account/AccountManager.java @@ -29,7 +29,6 @@ import java.text.DateFormat; import java.text.ParseException; import java.text.SimpleDateFormat; import java.util.ArrayList; -import java.util.Arrays; import java.util.Date; import java.util.HashMap; import java.util.HashSet; @@ -60,10 +59,27 @@ public class AccountManager { private TypeCastingManager mUserTableCastingManager = new TypeCastingManager<>(); private TypeCastingManager mTokenTableCastingManager = new TypeCastingManager<>(); + /** + * API to return a sign-up response payload + * + * @param did + * Device id registered under user account + * @param authCode + * Unique identifier of the resource which is obtained from an + * auth provider or a single sign-on (SSO) client + * @param authProvider + * Provider name user for authentication (e.g., "Github") + * @param options + * Optional field (e.g., region authserver url, apiserver url) + * + * @return Sign-up response payload + */ + public HashMap signUp(String did, String authCode, String authProvider, Object options) { - boolean res = false; + + // check auth provider name not to be case-sensitive authProvider = checkAuthProviderName(authProvider); res = loadAuthProviderLibrary(authProvider); @@ -88,6 +104,8 @@ public class AccountManager { // check uuid userUuid = findUuid(userInfo.getUserid(), authProvider); + // store token information and user information to the DB + // private group creation and store group information to the DB storeUserTokenInfo(userUuid, userInfo, tokenInfo, did); // make response @@ -96,9 +114,110 @@ public class AccountManager { return response; } + /** + * API to return a sign-in or sign-out response payload + * + * @param uuid + * User id which is provided by Sign-up process + * @param did + * Device id registered under user account + * @param accessToken + * Access token used for communication with cloud + * @return Sign-in or sign-out response payload + */ + public HashMap signInOut(String uuid, String did, + String accessToken) { + + // find token information corresponding to the uuid and did + HashMap condition = new HashMap<>(); + condition.put(Constants.KEYFIELD_UUID, uuid); + + ArrayList> recordList = findRecord( + AccountDBManager.getInstance() + .selectRecord(Constants.TOKEN_TABLE, condition), + Constants.KEYFIELD_DID, did); + + if (recordList.isEmpty()) { + throw new UnAuthorizedException("access token doesn't exist"); + } + + HashMap record = recordList.get(0); + + TokenTable tokenInfo = castMapToTokenTable(record); + + // token verification to check if the accesstoken is expired + if (verifyToken(tokenInfo, accessToken)) { + long remainedSeconds = getRemainedSeconds( + tokenInfo.getExpiredtime(), tokenInfo.getIssuedtime()); + + return makeSignInResponse(remainedSeconds); + } else { + throw new UnAuthorizedException("AccessToken is unauthorized"); + } + } + + /** + * API to return a token refresh response payload + * + * @param uuid + * user id which is provided by Sign-up process + * @param did + * device id registered under user account + * @param grantType + * token type to be granted + * @param refreshToken + * Refresh token used to refresh the access token in cloud before + * getting expired + * @return Token refresh response payload + */ + + public HashMap refreshToken(String uuid, String did, + String grantType, String refreshToken) { + + // find record about uuid and did + HashMap condition = new HashMap<>(); + condition.put(Constants.KEYFIELD_UUID, uuid); + condition.put(Constants.KEYFIELD_DID, did); + + ArrayList> recordList = findRecord( + AccountDBManager.getInstance() + .selectRecord(Constants.TOKEN_TABLE, condition), + Constants.KEYFIELD_DID, did); + + if (recordList.isEmpty()) { + throw new NotFoundException("refresh token doesn't exist"); + } + + HashMap record = recordList.get(0); + + TokenTable oldTokenInfo = castMapToTokenTable(record); + String provider = oldTokenInfo.getProvider(); + + if (!checkRefreshTokenInDB(oldTokenInfo, refreshToken)) { + throw new NotFoundException("refresh token is not correct"); + } + // call 3rd party refresh token method + TokenTable newTokenInfo = requestRefreshToken(refreshToken, provider); + + // record change + oldTokenInfo.setAccesstoken(newTokenInfo.getAccesstoken()); + oldTokenInfo.setRefreshtoken(newTokenInfo.getRefreshtoken()); + + // insert record + AccountDBManager.getInstance().insertAndReplaceRecord( + Constants.TOKEN_TABLE, castTokenTableToMap(oldTokenInfo)); + + // make response + HashMap response = makeRefreshTokenResponse( + oldTokenInfo); + + return response; + } + private void storeUserTokenInfo(String userUuid, UserTable userInfo, TokenTable tokenInfo, String did) { // store db + // the user table is created if (userUuid == null) { userUuid = generateUuid(); userInfo.setUuid(userUuid); @@ -109,10 +228,6 @@ public class AccountManager { // make my private group GroupResource.getInstance().createGroup(userInfo.getUuid(), Constants.REQ_GTYPE_PRIVATE); - - // add my device to private group - GroupResource.getInstance().getGroup(userInfo.getUuid()) - .addDevice(new HashSet(Arrays.asList(did))); } tokenInfo.setUuid(userUuid); AccountDBManager.getInstance().insertAndReplaceRecord( @@ -127,6 +242,10 @@ public class AccountManager { authProviderName = Constants.GITHUB; } else if (authProvider.equalsIgnoreCase(Constants.SAMSUNG)) { authProviderName = Constants.SAMSUNG; + } else if (authProvider.equalsIgnoreCase(Constants.GOOGLE)) + authProviderName = Constants.GOOGLE; + else { + Log.w("Unsupported oauth provider : " + authProvider); } return authProviderName; @@ -222,7 +341,7 @@ public class AccountManager { options); Log.d("access token : " + tokenInfo.getAccesstoken()); Log.d("refresh token : " + tokenInfo.getRefreshtoken()); - Log.d("expired time" + tokenInfo.getExpiredtime()); + Log.d("expired time : " + tokenInfo.getExpiredtime()); return tokenInfo; } @@ -241,36 +360,6 @@ public class AccountManager { return userUuid; } - public HashMap signInOut(String uuid, String did, - String accessToken) { - - // find record about uuid and did - HashMap condition = new HashMap<>(); - condition.put(Constants.KEYFIELD_UUID, uuid); - - ArrayList> recordList = findRecord( - AccountDBManager.getInstance() - .selectRecord(Constants.TOKEN_TABLE, condition), - Constants.KEYFIELD_DID, did); - - if (recordList.isEmpty()) { - throw new UnAuthorizedException("access token doesn't exist"); - } - - HashMap record = recordList.get(0); - - TokenTable tokenInfo = castMapToTokenTable(record); - - if (verifyToken(tokenInfo, accessToken)) { - long remainedSeconds = getRemainedSeconds( - tokenInfo.getExpiredtime(), tokenInfo.getIssuedtime()); - - return makeSignInResponse(remainedSeconds); - } else { - throw new UnAuthorizedException("AccessToken is unauthorized"); - } - } - private ArrayList> findRecord( ArrayList> recordList, String fieldName, String value) { @@ -369,47 +458,6 @@ public class AccountManager { return elaspedSeconds; } - public HashMap refreshToken(String uuid, String did, - String grantType, String refreshToken) { - - // find record about uuid and did - HashMap condition = new HashMap<>(); - condition.put(Constants.KEYFIELD_UUID, uuid); - - ArrayList> recordList = findRecord( - AccountDBManager.getInstance() - .selectRecord(Constants.TOKEN_TABLE, condition), - Constants.KEYFIELD_DID, did); - - if (recordList.isEmpty()) { - throw new NotFoundException("refresh token doesn't exist"); - } - - HashMap record = recordList.get(0); - - TokenTable oldTokenInfo = castMapToTokenTable(record); - - if (!checkRefreshTokenInDB(oldTokenInfo, refreshToken)) { - throw new NotFoundException("refresh token is not correct"); - } - // call 3rd party refresh token method - TokenTable newTokenInfo = requestRefreshToken(refreshToken); - - // record change - oldTokenInfo.setAccesstoken(newTokenInfo.getAccesstoken()); - oldTokenInfo.setRefreshtoken(newTokenInfo.getRefreshtoken()); - - // insert record - AccountDBManager.getInstance().insertAndReplaceRecord( - Constants.TOKEN_TABLE, castTokenTableToMap(oldTokenInfo)); - - // make response - HashMap response = makeRefreshTokenResponse( - oldTokenInfo); - - return response; - } - private HashMap makeRefreshTokenResponse( TokenTable tokenInfo) { HashMap response = new HashMap<>(); @@ -421,7 +469,20 @@ public class AccountManager { return response; } - private TokenTable requestRefreshToken(String refreshToken) { + private TokenTable requestRefreshToken(String refreshToken, + String provider) { + + if (mFactory == null) { + + boolean res = false; + String authProvider = checkAuthProviderName(provider); + res = loadAuthProviderLibrary(authProvider); + + if (!res) { + throw new InternalServerErrorException( + authProvider + " library is not loaded"); + } + } TokenTable tokenInfo = mFactory.requestRefreshTokenInfo(refreshToken); @@ -497,7 +558,18 @@ public class AccountManager { HashSet diSet = new HashSet(); diSet.add(di); - // the group that gid is uid is my group. - GroupResource.getInstance().removeGroupDevice(uid, diSet); + // token table search criteria + HashMap condition = new HashMap<>(); + condition.put(Constants.KEYFIELD_UUID, uid); + condition.put(Constants.KEYFIELD_DID, di); + + // delete Token information from the DB + AccountDBManager.getInstance().deleteRecord(Constants.TOKEN_TABLE, + condition); + // delete device ID from all groups in the DB + GroupResource.getInstance().removeGroupDeviceinEveryGroup(uid, di); + + // TODO remove device record from the ACL table } + }