1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.security.auth;
24  
25  import com.liferay.portal.NoSuchUserException;
26  import com.liferay.portal.kernel.log.Log;
27  import com.liferay.portal.kernel.log.LogFactoryUtil;
28  import com.liferay.portal.kernel.util.LocaleUtil;
29  import com.liferay.portal.kernel.util.StringPool;
30  import com.liferay.portal.kernel.util.Validator;
31  import com.liferay.portal.kernel.util.WebKeys;
32  import com.liferay.portal.model.User;
33  import com.liferay.portal.service.ServiceContext;
34  import com.liferay.portal.service.UserLocalServiceUtil;
35  import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
36  import com.liferay.portal.theme.ThemeDisplay;
37  import com.liferay.portal.util.PortalUtil;
38  import com.liferay.portal.util.PrefsPropsUtil;
39  import com.liferay.portal.util.PropsKeys;
40  import com.liferay.portal.util.PropsValues;
41  import com.liferay.util.PwdGenerator;
42  
43  import java.util.Calendar;
44  import java.util.Locale;
45  import java.util.Map;
46  
47  import javax.servlet.http.HttpServletRequest;
48  import javax.servlet.http.HttpServletResponse;
49  
50  /**
51   * <a href="OpenSSOAutoLogin.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Prashant Dighe
55   *
56   */
57  public class OpenSSOAutoLogin implements AutoLogin {
58  
59      public String[] login(
60          HttpServletRequest request, HttpServletResponse response) {
61  
62          String[] credentials = null;
63  
64          try {
65              long companyId = PortalUtil.getCompanyId(request);
66  
67              if (!PrefsPropsUtil.getBoolean(
68                      companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
69                      PropsValues.OPEN_SSO_AUTH_ENABLED)) {
70  
71                  return credentials;
72              }
73  
74              String serviceUrl = PrefsPropsUtil.getString(
75                  companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
76  
77              if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
78                  return credentials;
79              }
80  
81              String screenNameAttr = PrefsPropsUtil.getString(
82                  companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
83                  PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
84              String emailAddressAttr = PrefsPropsUtil.getString(
85                  companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
86                  PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
87              String firstNameAttr = PrefsPropsUtil.getString(
88                  companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
89                  PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
90              String lastNameAttr = PrefsPropsUtil.getString(
91                  companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
92                  PropsValues.OPEN_SSO_LAST_NAME_ATTR);
93  
94              Map<String, String> nameValues = OpenSSOUtil.getAttributes(
95                  request, serviceUrl);
96  
97              String screenName = nameValues.get(screenNameAttr);
98              String emailAddress = nameValues.get(emailAddressAttr);
99              String firstName = nameValues.get(firstNameAttr);
100             String lastName = nameValues.get(lastNameAttr);
101 
102             if (Validator.isNull(emailAddress)) {
103                 throw new AutoLoginException("Email address is null");
104             }
105 
106             User user = null;
107 
108             try {
109                 user = UserLocalServiceUtil.getUserByScreenName(
110                     companyId, screenName);
111             }
112             catch (NoSuchUserException nsue) {
113                 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
114                     WebKeys.THEME_DISPLAY);
115 
116                 Locale locale = LocaleUtil.getDefault();
117 
118                 if (themeDisplay != null) {
119 
120                     // ThemeDisplay should never be null, but some users
121                     // complain of this error. Cause is unknown.
122 
123                     locale = themeDisplay.getLocale();
124                 }
125 
126                 user = addUser(
127                     companyId, firstName, lastName, emailAddress, screenName,
128                     locale);
129             }
130 
131             credentials = new String[3];
132 
133             credentials[0] = String.valueOf(user.getUserId());
134             credentials[1] = user.getPassword();
135             credentials[2] = Boolean.TRUE.toString();
136         }
137         catch (Exception e) {
138             _log.error(e, e);
139         }
140 
141         return credentials;
142     }
143 
144     protected User addUser(
145             long companyId, String firstName, String lastName,
146             String emailAddress, String screenName, Locale locale)
147         throws Exception {
148 
149         long creatorUserId = 0;
150         boolean autoPassword = false;
151         String password1 = PwdGenerator.getPassword();
152         String password2 = password1;
153         boolean autoScreenName = false;
154         String openId = StringPool.BLANK;
155         String middleName = StringPool.BLANK;
156         int prefixId = 0;
157         int suffixId = 0;
158         boolean male = true;
159         int birthdayMonth = Calendar.JANUARY;
160         int birthdayDay = 1;
161         int birthdayYear = 1970;
162         String jobTitle = StringPool.BLANK;
163         long[] groupIds = null;
164         long[] organizationIds = null;
165         long[] roleIds = null;
166         long[] userGroupIds = null;
167         boolean sendEmail = false;
168         ServiceContext serviceContext = new ServiceContext();
169 
170         return UserLocalServiceUtil.addUser(
171             creatorUserId, companyId, autoPassword, password1, password2,
172             autoScreenName, screenName, emailAddress, openId, locale, firstName,
173             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
174             birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
175             roleIds, userGroupIds, sendEmail, serviceContext);
176     }
177 
178     private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
179 
180 }