1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.security.auth;
24  
25  import com.liferay.portal.kernel.util.GetterUtil;
26  import com.liferay.portal.kernel.util.InstancePool;
27  import com.liferay.portal.kernel.util.Validator;
28  import com.liferay.portal.model.CompanyConstants;
29  
30  import java.util.Map;
31  
32  /**
33   * <a href="AuthPipeline.java.html"><b><i>View Source</i></b></a>
34   *
35   * @author Brian Wing Shun Chan
36   *
37   */
38  public class AuthPipeline {
39  
40      public static int authenticateByEmailAddress(
41              String[] classes, long companyId, String emailAddress,
42              String password, Map<String, String[]> headerMap,
43              Map<String, String[]> parameterMap)
44          throws AuthException {
45  
46          return _authenticate(
47              classes, companyId, emailAddress, password,
48              CompanyConstants.AUTH_TYPE_EA, headerMap, parameterMap);
49      }
50  
51      public static int authenticateByScreenName(
52              String[] classes, long companyId, String screenName,
53              String password, Map<String, String[]> headerMap,
54              Map<String, String[]> parameterMap)
55          throws AuthException {
56  
57          return _authenticate(
58              classes, companyId, screenName, password,
59              CompanyConstants.AUTH_TYPE_SN, headerMap, parameterMap);
60      }
61  
62      public static int authenticateByUserId(
63              String[] classes, long companyId, long userId, String password,
64              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
65          throws AuthException {
66  
67          return _authenticate(
68              classes, companyId, String.valueOf(userId), password,
69              CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
70      }
71  
72      public static void onFailureByEmailAddress(
73              String[] classes, long companyId, String emailAddress,
74              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
75          throws AuthException {
76  
77          _onFailure(
78              classes, companyId, emailAddress, CompanyConstants.AUTH_TYPE_EA,
79              headerMap, parameterMap);
80      }
81  
82      public static void onFailureByScreenName(
83              String[] classes, long companyId, String screenName,
84              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
85          throws AuthException {
86  
87          _onFailure(
88              classes, companyId, screenName, CompanyConstants.AUTH_TYPE_SN,
89              headerMap, parameterMap);
90      }
91  
92      public static void onFailureByUserId(
93              String[] classes, long companyId, long userId,
94              Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
95          throws AuthException {
96  
97          _onFailure(
98              classes, companyId, String.valueOf(userId),
99              CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
100     }
101 
102     public static void onMaxFailuresByEmailAddress(
103             String[] classes, long companyId, String emailAddress,
104             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
105         throws AuthException {
106 
107         onFailureByEmailAddress(
108             classes, companyId, emailAddress, headerMap, parameterMap);
109     }
110 
111     public static void onMaxFailuresByScreenName(
112             String[] classes, long companyId, String screenName,
113             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
114         throws AuthException {
115 
116         onFailureByScreenName(
117             classes, companyId, screenName, headerMap, parameterMap);
118     }
119 
120     public static void onMaxFailuresByUserId(
121             String[] classes, long companyId, long userId,
122             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
123         throws AuthException {
124 
125         onFailureByUserId(classes, companyId, userId, headerMap, parameterMap);
126     }
127 
128     private static int _authenticate(
129             String[] classes, long companyId, String login, String password,
130             String authType, Map<String, String[]> headerMap,
131             Map<String, String[]> parameterMap)
132         throws AuthException {
133 
134         if ((classes == null) || (classes.length == 0)) {
135             return 1;
136         }
137 
138         for (int i = 0; i < classes.length; i++) {
139             String className = classes[i];
140 
141             if (Validator.isNotNull(className)) {
142                 Authenticator auth =
143                     (Authenticator)InstancePool.get(classes[i]);
144 
145                 try {
146                     int authResult = Authenticator.FAILURE;
147 
148                     if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
149                         authResult = auth.authenticateByEmailAddress(
150                             companyId, login, password, headerMap,
151                             parameterMap);
152                     }
153                     else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
154                         authResult = auth.authenticateByScreenName(
155                             companyId, login, password, headerMap,
156                             parameterMap);
157                     }
158                     else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
159                         long userId = GetterUtil.getLong(login);
160 
161                         authResult = auth.authenticateByUserId(
162                             companyId, userId, password, headerMap,
163                             parameterMap);
164                     }
165 
166                     if (authResult != Authenticator.SUCCESS) {
167                         return authResult;
168                     }
169                 }
170                 catch (AuthException ae) {
171                     throw ae;
172                 }
173                 catch (Exception e) {
174                     throw new AuthException(e);
175                 }
176             }
177         }
178 
179         return Authenticator.SUCCESS;
180     }
181 
182     private static void _onFailure(
183             String[] classes, long companyId, String login, String authType,
184             Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
185         throws AuthException {
186 
187         if ((classes == null) || (classes.length == 0)) {
188             return;
189         }
190 
191         for (int i = 0; i < classes.length; i++) {
192             String className = classes[i];
193 
194             if (Validator.isNotNull(className)) {
195                 AuthFailure authFailure = (AuthFailure)InstancePool.get(
196                     classes[i]);
197 
198                 try {
199                     if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
200                         authFailure.onFailureByEmailAddress(
201                             companyId, login, headerMap, parameterMap);
202                     }
203                     else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
204                         authFailure.onFailureByScreenName(
205                             companyId, login, headerMap, parameterMap);
206                     }
207                     else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
208                         long userId = GetterUtil.getLong(login);
209 
210                         authFailure.onFailureByUserId(
211                             companyId, userId, headerMap, parameterMap);
212                     }
213                 }
214                 catch (AuthException ae) {
215                     throw ae;
216                 }
217                 catch (Exception e) {
218                     throw new AuthException(e);
219                 }
220             }
221         }
222     }
223 
224 }