1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.core.logic;
20
21 import java.lang.reflect.Method;
22 import java.util.Optional;
23 import org.apache.syncope.common.lib.to.OIDCJWKSTO;
24 import org.apache.syncope.common.lib.types.AMEntitlement;
25 import org.apache.syncope.common.lib.types.IdRepoEntitlement;
26 import org.apache.syncope.core.persistence.api.dao.DuplicateException;
27 import org.apache.syncope.core.persistence.api.dao.NotFoundException;
28 import org.apache.syncope.core.persistence.api.dao.OIDCJWKSDAO;
29 import org.apache.syncope.core.persistence.api.entity.am.OIDCJWKS;
30 import org.apache.syncope.core.provisioning.api.data.OIDCJWKSDataBinder;
31 import org.springframework.security.access.prepost.PreAuthorize;
32 import org.springframework.transaction.annotation.Transactional;
33
34 public class OIDCJWKSLogic extends AbstractTransactionalLogic<OIDCJWKSTO> {
35
36 protected final OIDCJWKSDataBinder binder;
37
38 protected final OIDCJWKSDAO dao;
39
40 public OIDCJWKSLogic(final OIDCJWKSDataBinder binder, final OIDCJWKSDAO dao) {
41 this.binder = binder;
42 this.dao = dao;
43 }
44
45 @PreAuthorize("hasRole('" + AMEntitlement.OIDC_JWKS_READ + "') "
46 + "or hasRole('" + IdRepoEntitlement.ANONYMOUS + "')")
47 @Transactional(readOnly = true)
48 public OIDCJWKSTO get() {
49 return Optional.ofNullable(dao.get()).
50 map(binder::getOIDCJWKSTO).
51 orElseThrow(() -> new NotFoundException("OIDC JWKS not found"));
52 }
53
54 @PreAuthorize("hasRole('" + AMEntitlement.OIDC_JWKS_GENERATE + "') "
55 + "or hasRole('" + IdRepoEntitlement.ANONYMOUS + "')")
56 public OIDCJWKSTO generate(final String jwksKeyId, final String jwksType, final int jwksKeySize) {
57 OIDCJWKS jwks = dao.get();
58 if (jwks == null) {
59 return binder.getOIDCJWKSTO(dao.save(binder.create(jwksKeyId, jwksType, jwksKeySize)));
60 }
61 throw new DuplicateException("OIDC JWKS already set");
62 }
63
64 @PreAuthorize("hasRole('" + AMEntitlement.OIDC_JWKS_DELETE + "')")
65 public void delete() {
66 dao.delete();
67 }
68
69 @Override
70 protected OIDCJWKSTO resolveReference(final Method method, final Object... args)
71 throws UnresolvedReferenceException {
72 OIDCJWKS jwks = dao.get();
73 if (jwks == null) {
74 throw new UnresolvedReferenceException();
75 }
76 return binder.getOIDCJWKSTO(jwks);
77 }
78
79 @PreAuthorize("hasRole('" + AMEntitlement.OIDC_JWKS_SET + "') "
80 + "or hasRole('" + IdRepoEntitlement.ANONYMOUS + "')")
81 public OIDCJWKSTO set(final OIDCJWKSTO entityTO) {
82 OIDCJWKS jwks = dao.get();
83 jwks.setJson(entityTO.getJson());
84 return binder.getOIDCJWKSTO(dao.save(jwks));
85 }
86 }