added remote call interfaces and handling

Author: staust

pom.xml

@@ -182,6 +182,14 @@
                     <autoReleaseAfterClose>true</autoReleaseAfterClose>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>8</source>
+                    <target>8</target>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
     <profiles>

src/main/java/com/staffbase/plugins/sdk/RemoteCall/AbstractRemoteCallHandler.java

@@ -0,0 +1,30 @@
+/**
+ * Abstract remote handler implementation, based on this doc:
+ * https://developers.staffbase.com/api/plugin-sso/
+ *
+ * @category  Authentication
+ * @copyright 2018 Staffbase, GmbH.
+ * @author    Stefan Staude
+ * @license   http://www.apache.org/licenses/LICENSE-2.0
+ * @link      https://github.com/staffbase/plugins-sdk-java
+ */
+package com.staffbase.plugins.sdk.RemoteCall;
+
+/**
+ * class AbstractRemoteCallHandler
+ *
+ * An Abstract RemoteCallHandler implementation
+ * which can be used in conjunction with all
+ * remote call interfaces
+ */
+public abstract class AbstractRemoteCallHandler implements RemoteCallInterface{
+    @Override
+    public void exitSuccess() {
+        
+    }
+
+    @Override
+    public void exitFailure() {
+
+    }
+}

src/main/java/com/staffbase/plugins/sdk/RemoteCall/DeleteInstanceCallHandlerInterface.java

@@ -0,0 +1,25 @@
+/**
+ * Delete remote handler interface, based on this doc:
+ * https://developers.staffbase.com/api/plugin-sso/
+ *
+ * @category  Authentication
+ * @copyright 2018 Staffbase, GmbH.
+ * @author    Stefan Staude
+ * @license   http://www.apache.org/licenses/LICENSE-2.0
+ * @link      https://github.com/staffbase/plugins-sdk-java
+ */
+package com.staffbase.plugins.sdk.RemoteCall;
+
+/**
+ * Interface DeleteInstanceCallHandlerInterface
+ */
+public interface DeleteInstanceCallHandlerInterface extends RemoteCallInterface {
+
+    /**
+     * Method to remove and cleanup every plugin related data of the given identifier.
+     *
+     * @param instanceId Plugin Instance identifier
+     * @return <code>false</code> if the deletion goes wrong and should be retried later.
+     */
+    public boolean deleteInstance(String instanceId);
+}

src/main/java/com/staffbase/plugins/sdk/RemoteCall/RemoteCallInterface.java

@@ -0,0 +1,34 @@
+/**
+ * Remote call interface, based on this doc:
+ * https://developers.staffbase.com/api/plugin-sso/
+ *
+ * @category  Authentication
+ * @copyright 2018 Staffbase, GmbH.
+ * @author    Stefan Staude
+ * @license   http://www.apache.org/licenses/LICENSE-2.0
+ * @link      https://github.com/staffbase/plugins-sdk-java
+ */
+package com.staffbase.plugins.sdk.RemoteCall;
+
+/**
+ * Interface RemoteCallInterface
+ *
+ * A generic interface describing the protocol with the
+ * Staffbase Backend after a Remote SSO cal was issued.
+ */
+public interface RemoteCallInterface {
+
+    /**
+	 * Stop the execution by providing a 2XX HTTP response
+	 *
+	 * This will tell Staffbase that everything went OK.
+	 */
+    public void exitSuccess();
+
+    /**
+	 * Stop the execution by providing a 5XX HTTP response
+	 *
+	 * This will tell Staffbase that it should try again later.
+	 */
+    public void exitFailure();
+}

src/main/java/com/staffbase/plugins/sdk/sso/SSOData.java

@@ -37,6 +37,11 @@ public class SSOData {
    */
   public static final String ROLE_EDITOR = "editor";
 
+  /**
+   * The user id/subject to identify if the SSO call is an instance deletion call.
+   */
+  public static final String REMOTE_CALL_DELETE = "delete";
+
   /**
    * The key in the JWT claims for fetching the requested plugin instance's
    * unique id.
@@ -410,6 +415,18 @@ public boolean isEditor() {
     return ROLE_EDITOR.equals(this.userRole);
   }
 
+  /**
+   * Check if the SSO call is an instance deletion call.
+   *
+   * If an editor deletes a plugin instance in Staffbase,
+   * this will be true.
+   *
+   * @return <code>true</code> if the SSO call is an instance deletion call
+   */
+  public boolean isDeleteInstanceCall() {
+    return REMOTE_CALL_DELETE.equals(this.userID);
+  }
+
   /**
    * Get the tags of the user in regards of the requested {@link #instanceID}.
    * If the requesting user does have admin permissions, this value is set to

src/main/java/com/staffbase/plugins/sdk/sso/SSOFacade.java

@@ -16,6 +16,8 @@
 import java.util.Objects;
 
 
+import com.staffbase.plugins.sdk.RemoteCall.DeleteInstanceCallHandlerInterface;
+import com.staffbase.plugins.sdk.RemoteCall.RemoteCallInterface;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
@@ -67,6 +69,11 @@ public static SSOFacade create(final RSAPublicKey rsaPublicKey) {
    */
   private JwtConsumer jwtConsumer;
 
+  /**
+   * An instance handling remote calls
+   */
+  private RemoteCallInterface remoteCallHandler;
+
 
   /**********************************************
    * Constructors
@@ -83,15 +90,19 @@ public static SSOFacade create(final RSAPublicKey rsaPublicKey) {
    * Initialization
    **********************************************/
 
+  SSOFacade initialize(final RSAPublicKey rsaPublicKey) {
+    return this.initialize(rsaPublicKey, null);
+  }
+
   /**
    * Initialize this component by building up the consumer for JWT using the
    * pre-configured secret
    *
    * @param rsaPublicKey the RSA public key to be used for verification.
-   *
+   * @param remoteCallHandler a class handling remote calls
    * @return Fluent interface.
    */
-  SSOFacade initialize(final RSAPublicKey rsaPublicKey) {
+  SSOFacade initialize(final RSAPublicKey rsaPublicKey, final RemoteCallInterface remoteCallHandler) {
 
     if (logger.isDebugEnabled()) {
       logger.debug("Initializing single-sign-on manager SSOFacade. ");
@@ -112,6 +123,8 @@ SSOFacade initialize(final RSAPublicKey rsaPublicKey) {
       .setRequireIssuedAt() 
       .build();
 
+    this.remoteCallHandler = remoteCallHandler;
+
     return this;
   }
 
@@ -152,7 +165,7 @@ public SSOData verify(final String raw) throws SSOException {
               + "[instance_id=" + instanceId + "]");
         }
 
-        throw new SSOException("Missing or malformed instnance_id.");
+        throw new SSOException("Missing or malformed instance_id.");
       }
 
       if (logger.isDebugEnabled()) {
@@ -162,7 +175,23 @@ public SSOData verify(final String raw) throws SSOException {
       }
 
       // Parse and return the container data.
-      return new SSOData(jwtClaims);
+      SSOData ssoData = new SSOData(jwtClaims);
+      if(ssoData.isDeleteInstanceCall() && this.remoteCallHandler != null) {
+        boolean result = true;
+        if (this.remoteCallHandler instanceof DeleteInstanceCallHandlerInterface){
+          result = ((DeleteInstanceCallHandlerInterface) this.remoteCallHandler).deleteInstance(instanceId);
+        } else {
+          logger.warn("Warning: An instance deletion call for instance $instanceId was not handled.");
+        }
+
+        if(result){
+          this.remoteCallHandler.exitSuccess();
+        } else {
+          this.remoteCallHandler.exitFailure();
+        }
+        exitRemoteCall();
+      }
+      return ssoData;
     } catch (final MalformedClaimException malformationException) {
       if (logger.isFatalEnabled()) {
         logger.fatal("Encountered malformed sso attempt.", malformationException);
@@ -177,4 +206,14 @@ public SSOData verify(final String raw) throws SSOException {
       throw new SSOException(invalidJwtException.getMessage(), invalidJwtException);
     }
   }
+
+
+  /**
+   * @throws SSOException if a remote call was not handled by the user
+   */
+  private void exitRemoteCall() throws SSOException {
+    String message = "Warning: The exit procedure for a remote call was not properly handled.";
+    logger.warn(message);
+    throw new SSOException(message);
+  }
 }