001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.util.LocaleUtil;
021 import com.liferay.portal.kernel.util.ParamUtil;
022 import com.liferay.portal.kernel.util.PropsKeys;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.Validator;
025 import com.liferay.portal.kernel.util.WebKeys;
026 import com.liferay.portal.model.User;
027 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
028 import com.liferay.portal.service.ServiceContext;
029 import com.liferay.portal.service.UserLocalServiceUtil;
030 import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
031 import com.liferay.portal.theme.ThemeDisplay;
032 import com.liferay.portal.util.PortalUtil;
033 import com.liferay.portal.util.PrefsPropsUtil;
034 import com.liferay.portal.util.PropsValues;
035 import com.liferay.util.PwdGenerator;
036
037 import java.util.Calendar;
038 import java.util.Locale;
039 import java.util.Map;
040
041 import javax.servlet.http.HttpServletRequest;
042 import javax.servlet.http.HttpServletResponse;
043
044
048 public class OpenSSOAutoLogin implements AutoLogin {
049
050 public String[] login(
051 HttpServletRequest request, HttpServletResponse response) {
052
053 String[] credentials = null;
054
055 try {
056 long companyId = PortalUtil.getCompanyId(request);
057
058 if (!PrefsPropsUtil.getBoolean(
059 companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
060 PropsValues.OPEN_SSO_AUTH_ENABLED)) {
061
062 return credentials;
063 }
064
065 String serviceUrl = PrefsPropsUtil.getString(
066 companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
067
068 if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
069 return credentials;
070 }
071
072 boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
073 companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
074 PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
075 String screenNameAttr = PrefsPropsUtil.getString(
076 companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
077 PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
078 String emailAddressAttr = PrefsPropsUtil.getString(
079 companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
080 PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
081 String firstNameAttr = PrefsPropsUtil.getString(
082 companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
083 PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
084 String lastNameAttr = PrefsPropsUtil.getString(
085 companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
086 PropsValues.OPEN_SSO_LAST_NAME_ATTR);
087
088 Map<String, String> nameValues = OpenSSOUtil.getAttributes(
089 request, serviceUrl);
090
091 String screenName = nameValues.get(screenNameAttr);
092 String emailAddress = nameValues.get(emailAddressAttr);
093 String firstName = nameValues.get(firstNameAttr);
094 String lastName = nameValues.get(lastNameAttr);
095
096 if (_log.isDebugEnabled()) {
097 _log.debug(
098 "Validating user information for " + firstName + " " +
099 lastName + " with screen name " + screenName +
100 " and email address " + emailAddress);
101 }
102
103 User user = null;
104
105 if (ldapImportEnabled) {
106 user = PortalLDAPImporterUtil.importLDAPUserByScreenName(
107 companyId, screenName);
108 }
109 else {
110 if (Validator.isNull(emailAddress)) {
111 throw new AutoLoginException("Email address is null");
112 }
113
114 try {
115 user = UserLocalServiceUtil.getUserByScreenName(
116 companyId, screenName);
117 }
118 catch (NoSuchUserException nsue) {
119 }
120 }
121
122 if (user == null) {
123 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
124 WebKeys.THEME_DISPLAY);
125
126 Locale locale = LocaleUtil.getDefault();
127
128 if (themeDisplay != null) {
129
130
131
132
133 locale = themeDisplay.getLocale();
134 }
135
136 if (_log.isDebugEnabled()) {
137 _log.debug("Adding user " + screenName);
138 }
139
140 user = addUser(
141 companyId, firstName, lastName, emailAddress, screenName,
142 locale);
143 }
144
145 String redirect = ParamUtil.getString(request, "redirect");
146
147 if (Validator.isNotNull(redirect)) {
148 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
149 }
150
151 credentials = new String[3];
152
153 credentials[0] = String.valueOf(user.getUserId());
154 credentials[1] = user.getPassword();
155 credentials[2] = Boolean.TRUE.toString();
156 }
157 catch (Exception e) {
158 _log.error(e, e);
159 }
160
161 return credentials;
162 }
163
164 protected User addUser(
165 long companyId, String firstName, String lastName,
166 String emailAddress, String screenName, Locale locale)
167 throws Exception {
168
169 long creatorUserId = 0;
170 boolean autoPassword = false;
171 String password1 = PwdGenerator.getPassword();
172 String password2 = password1;
173 boolean autoScreenName = false;
174 long facebookId = 0;
175 String openId = StringPool.BLANK;
176 String middleName = StringPool.BLANK;
177 int prefixId = 0;
178 int suffixId = 0;
179 boolean male = true;
180 int birthdayMonth = Calendar.JANUARY;
181 int birthdayDay = 1;
182 int birthdayYear = 1970;
183 String jobTitle = StringPool.BLANK;
184 long[] groupIds = null;
185 long[] organizationIds = null;
186 long[] roleIds = null;
187 long[] userGroupIds = null;
188 boolean sendEmail = false;
189 ServiceContext serviceContext = new ServiceContext();
190
191 return UserLocalServiceUtil.addUser(
192 creatorUserId, companyId, autoPassword, password1, password2,
193 autoScreenName, screenName, emailAddress, facebookId, openId,
194 locale, firstName, middleName, lastName, prefixId, suffixId, male,
195 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
196 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
197 }
198
199 private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
200
201 }