1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
12   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
14   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
15   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
16   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
17   * SOFTWARE.
18   */
19  
20  package com.liferay.portal.security.auth;
21  
22  import com.liferay.portal.kernel.util.GetterUtil;
23  import com.liferay.portal.kernel.util.InstancePool;
24  import com.liferay.portal.kernel.util.Validator;
25  import com.liferay.portal.model.CompanyConstants;
26  
27  import java.util.Map;
28  
29  /**
30   * <a href="AuthPipeline.java.html"><b><i>View Source</i></b></a>
31   *
32   * @author Brian Wing Shun Chan
33   *
34   */
35  public class AuthPipeline {
36  
37      public static int authenticateByEmailAddress(
38              String[] classes, long companyId, String emailAddress,
39              String password, Map<String, String[]> headerMap,
40              Map<String, String[]> parameterMap)
41          throws AuthException {
42  
43          return _authenticate(
44              classes, companyId, emailAddress, password,
45              CompanyConstants.AUTH_TYPE_EA, headerMap, parameterMap);
46      }
47  
48      public static int authenticateByScreenName(
49              String[] classes, long companyId, String screenName,
50              String password, Map<String, String[]> headerMap,
51              Map<String, String[]> parameterMap)
52          throws AuthException {
53  
54          return _authenticate(
55              classes, companyId, screenName, password,
56              CompanyConstants.AUTH_TYPE_SN, headerMap, parameterMap);
57      }
58  
59      public static int authenticateByUserId(
60              String[] classes, long companyId, long userId, String password,
61              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
62          throws AuthException {
63  
64          return _authenticate(
65              classes, companyId, String.valueOf(userId), password,
66              CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
67      }
68  
69      public static void onFailureByEmailAddress(
70              String[] classes, long companyId, String emailAddress,
71              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
72          throws AuthException {
73  
74          _onFailure(
75              classes, companyId, emailAddress, CompanyConstants.AUTH_TYPE_EA,
76              headerMap, parameterMap);
77      }
78  
79      public static void onFailureByScreenName(
80              String[] classes, long companyId, String screenName,
81              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
82          throws AuthException {
83  
84          _onFailure(
85              classes, companyId, screenName, CompanyConstants.AUTH_TYPE_SN,
86              headerMap, parameterMap);
87      }
88  
89      public static void onFailureByUserId(
90              String[] classes, long companyId, long userId,
91              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
92          throws AuthException {
93  
94          _onFailure(
95              classes, companyId, String.valueOf(userId),
96              CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
97      }
98  
99      public static void onMaxFailuresByEmailAddress(
100             String[] classes, long companyId, String emailAddress,
101             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
102         throws AuthException {
103 
104         onFailureByEmailAddress(
105             classes, companyId, emailAddress, headerMap, parameterMap);
106     }
107 
108     public static void onMaxFailuresByScreenName(
109             String[] classes, long companyId, String screenName,
110             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
111         throws AuthException {
112 
113         onFailureByScreenName(
114             classes, companyId, screenName, headerMap, parameterMap);
115     }
116 
117     public static void onMaxFailuresByUserId(
118             String[] classes, long companyId, long userId,
119             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
120         throws AuthException {
121 
122         onFailureByUserId(classes, companyId, userId, headerMap, parameterMap);
123     }
124 
125     private static int _authenticate(
126             String[] classes, long companyId, String login, String password,
127             String authType, Map<String, String[]> headerMap,
128             Map<String, String[]> parameterMap)
129         throws AuthException {
130 
131         if ((classes == null) || (classes.length == 0)) {
132             return 1;
133         }
134 
135         for (int i = 0; i < classes.length; i++) {
136             String className = classes[i];
137 
138             if (Validator.isNotNull(className)) {
139                 Authenticator auth =
140                     (Authenticator)InstancePool.get(classes[i]);
141 
142                 try {
143                     int authResult = Authenticator.FAILURE;
144 
145                     if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
146                         authResult = auth.authenticateByEmailAddress(
147                             companyId, login, password, headerMap,
148                             parameterMap);
149                     }
150                     else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
151                         authResult = auth.authenticateByScreenName(
152                             companyId, login, password, headerMap,
153                             parameterMap);
154                     }
155                     else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
156                         long userId = GetterUtil.getLong(login);
157 
158                         authResult = auth.authenticateByUserId(
159                             companyId, userId, password, headerMap,
160                             parameterMap);
161                     }
162 
163                     if (authResult != Authenticator.SUCCESS) {
164                         return authResult;
165                     }
166                 }
167                 catch (AuthException ae) {
168                     throw ae;
169                 }
170                 catch (Exception e) {
171                     throw new AuthException(e);
172                 }
173             }
174         }
175 
176         return Authenticator.SUCCESS;
177     }
178 
179     private static void _onFailure(
180             String[] classes, long companyId, String login, String authType,
181             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
182         throws AuthException {
183 
184         if ((classes == null) || (classes.length == 0)) {
185             return;
186         }
187 
188         for (int i = 0; i < classes.length; i++) {
189             String className = classes[i];
190 
191             if (Validator.isNotNull(className)) {
192                 AuthFailure authFailure = (AuthFailure)InstancePool.get(
193                     classes[i]);
194 
195                 try {
196                     if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
197                         authFailure.onFailureByEmailAddress(
198                             companyId, login, headerMap, parameterMap);
199                     }
200                     else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
201                         authFailure.onFailureByScreenName(
202                             companyId, login, headerMap, parameterMap);
203                     }
204                     else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
205                         long userId = GetterUtil.getLong(login);
206 
207                         authFailure.onFailureByUserId(
208                             companyId, userId, headerMap, parameterMap);
209                     }
210                 }
211                 catch (AuthException ae) {
212                     throw ae;
213                 }
214                 catch (Exception e) {
215                     throw new AuthException(e);
216                 }
217             }
218         }
219     }
220 
221 }