extensible authentication system

docs-core/src/main/java/com/sismics/docs/core/util/EncryptionUtil.java

@@ -38,11 +38,14 @@ public class EncryptionUtil {
      * Generate a private key.
      * 
      * @return New random private key
-     * @throws NoSuchAlgorithmException 
      */
-    public static String generatePrivateKey() throws NoSuchAlgorithmException {
-        SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
-        return new BigInteger(176, random).toString(32);
+    public static String generatePrivateKey() {
+        try {
+            SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
+            return new BigInteger(176, random).toString(32);
+        } catch (NoSuchAlgorithmException e) {
+            throw new RuntimeException(e);
+        }
     }
     
     /**

docs-core/src/main/java/com/sismics/docs/core/util/RoutingUtil.java

@@ -50,6 +50,12 @@ public class RoutingUtil {
         }
     }
 
+    /**
+     * Send an email when a route step is validated.
+     *
+     * @param documentId Document ID
+     * @param routeStepDto Route step DTO
+     */
     public static void sendRouteStepEmail(String documentId, RouteStepDto routeStepDto) {
         DocumentDao documentDao = new DocumentDao();
         Document document = documentDao.getById(documentId);

docs-core/src/main/java/com/sismics/docs/core/util/authentication/AuthenticationHandler.java

@@ -0,0 +1,19 @@
+package com.sismics.docs.core.util.authentication;
+
+import com.sismics.docs.core.model.jpa.User;
+
+/**
+ * An authentication handler.
+ *
+ * @author bgamard
+ */
+public interface AuthenticationHandler {
+    /**
+     * Authenticate a user.
+     *
+     * @param username Username
+     * @param password Password
+     * @return Authenticated user
+     */
+    User authenticate(String username, String password);
+}

docs-core/src/main/java/com/sismics/docs/core/util/authentication/AuthenticationUtil.java

@@ -0,0 +1,45 @@
+package com.sismics.docs.core.util.authentication;
+
+import com.google.common.collect.Lists;
+import com.sismics.docs.core.model.jpa.User;
+import com.sismics.util.ClasspathScanner;
+
+import java.util.List;
+import java.util.stream.Collectors;
+
+/**
+ * User utilities.
+ */
+public class AuthenticationUtil {
+    /**
+     * List of authentication handlers scanned in the classpath.
+     */
+    private static final List<AuthenticationHandler> AUTH_HANDLERS = Lists.newArrayList(
+            new ClasspathScanner<AuthenticationHandler>().findClasses(AuthenticationHandler.class, "com.sismics.docs.core.util.authentication")
+                    .stream()
+
+                    .map(clazz -> {
+                try {
+                    return clazz.newInstance();
+                } catch (Exception e) {
+                    throw new RuntimeException(e);
+                }
+            }).collect(Collectors.toList()));
+
+    /**
+     * Authenticate a user.
+     *
+     * @param username Username
+     * @param password Password
+     * @return Authenticated user
+     */
+    public static User authenticate(String username, String password) {
+        for (AuthenticationHandler authenticationHandler : AUTH_HANDLERS) {
+            User user = authenticationHandler.authenticate(username, password);
+            if (user != null) {
+                return user;
+            }
+        }
+        return null;
+    }
+}

docs-core/src/main/java/com/sismics/docs/core/util/authentication/InternalAuthenticationHandler.java

@@ -0,0 +1,19 @@
+package com.sismics.docs.core.util.authentication;
+
+import com.sismics.docs.core.dao.jpa.UserDao;
+import com.sismics.docs.core.model.jpa.User;
+import com.sismics.util.ClasspathScanner;
+
+/**
+ * Authenticate using the internal database.
+ *
+ * @author bgamard
+ */
+@ClasspathScanner.Priority(100) // We can add handlers before this one
+public class InternalAuthenticationHandler implements AuthenticationHandler {
+    @Override
+    public User authenticate(String username, String password) {
+        UserDao userDao = new UserDao();
+        return userDao.authenticate(username, password);
+    }
+}

docs-core/src/main/java/com/sismics/util/ClasspathScanner.java

@@ -1,13 +1,13 @@
 package com.sismics.util;
 
-import com.google.common.collect.Sets;
+import com.google.common.collect.Lists;
 import com.google.common.reflect.ClassPath;
 import com.sismics.docs.core.util.format.PdfFormatHandler;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
 import java.lang.reflect.Modifier;
-import java.util.Set;
+import java.util.List;
 
 /**
  * Classes scanner.
@@ -23,11 +23,11 @@ public class ClasspathScanner<T> {
      *
      * @param topClass Top class or interface
      * @param pkg In this package
-     * @return Set of classes
+     * @return List of classes
      */
     @SuppressWarnings("unchecked")
-    public Set<Class<T>> findClasses(Class<T> topClass, String pkg) {
-        Set<Class<T>> classes = Sets.newHashSet();
+    public List<Class<T>> findClasses(Class<T> topClass, String pkg) {
+        List<Class<T>> classes = Lists.newArrayList();
         try {
         for (ClassPath.ClassInfo classInfo : ClassPath.from(topClass.getClassLoader()).getTopLevelClasses(pkg)) {
             Class<?> clazz = classInfo.load();
@@ -38,7 +38,22 @@ public class ClasspathScanner<T> {
         } catch (Exception e) {
             log.error("Error loading format handlers", e);
         }
+
+        classes.sort((o1, o2) -> {
+            Priority priority1 = o1.getDeclaredAnnotation(Priority.class);
+            Priority priority2 = o2.getDeclaredAnnotation(Priority.class);
+            return Integer.compare(priority1 == null ? Integer.MAX_VALUE : priority1.value(),
+                    priority2 == null ? Integer.MAX_VALUE : priority2.value());
+        });
+
         log.info("Found " + classes.size() + " classes for " + topClass.getSimpleName());
         return classes;
     }
+
+    /**
+     * Classpath scanning priority.
+     */
+    public @interface Priority {
+        int value() default Integer.MAX_VALUE;
+    }
 }