1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.security.auth;
16  
17  import com.liferay.portal.NoSuchUserException;
18  import com.liferay.portal.kernel.log.Log;
19  import com.liferay.portal.kernel.log.LogFactoryUtil;
20  import com.liferay.portal.kernel.util.LocaleUtil;
21  import com.liferay.portal.kernel.util.PropsKeys;
22  import com.liferay.portal.kernel.util.StringPool;
23  import com.liferay.portal.kernel.util.Validator;
24  import com.liferay.portal.kernel.util.WebKeys;
25  import com.liferay.portal.model.User;
26  import com.liferay.portal.service.ServiceContext;
27  import com.liferay.portal.service.UserLocalServiceUtil;
28  import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
29  import com.liferay.portal.theme.ThemeDisplay;
30  import com.liferay.portal.util.PortalUtil;
31  import com.liferay.portal.util.PrefsPropsUtil;
32  import com.liferay.portal.util.PropsValues;
33  import com.liferay.util.PwdGenerator;
34  
35  import java.util.Calendar;
36  import java.util.Locale;
37  import java.util.Map;
38  
39  import javax.servlet.http.HttpServletRequest;
40  import javax.servlet.http.HttpServletResponse;
41  
42  /**
43   * <a href="OpenSSOAutoLogin.java.html"><b><i>View Source</i></b></a>
44   *
45   * @author Brian Wing Shun Chan
46   * @author Prashant Dighe
47   */
48  public class OpenSSOAutoLogin implements AutoLogin {
49  
50      public String[] login(
51          HttpServletRequest request, HttpServletResponse response) {
52  
53          String[] credentials = null;
54  
55          try {
56              long companyId = PortalUtil.getCompanyId(request);
57  
58              if (!PrefsPropsUtil.getBoolean(
59                      companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
60                      PropsValues.OPEN_SSO_AUTH_ENABLED)) {
61  
62                  return credentials;
63              }
64  
65              String serviceUrl = PrefsPropsUtil.getString(
66                  companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
67  
68              if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
69                  return credentials;
70              }
71  
72              String screenNameAttr = PrefsPropsUtil.getString(
73                  companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
74                  PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
75              String emailAddressAttr = PrefsPropsUtil.getString(
76                  companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
77                  PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
78              String firstNameAttr = PrefsPropsUtil.getString(
79                  companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
80                  PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
81              String lastNameAttr = PrefsPropsUtil.getString(
82                  companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
83                  PropsValues.OPEN_SSO_LAST_NAME_ATTR);
84  
85              Map<String, String> nameValues = OpenSSOUtil.getAttributes(
86                  request, serviceUrl);
87  
88              String screenName = nameValues.get(screenNameAttr);
89              String emailAddress = nameValues.get(emailAddressAttr);
90              String firstName = nameValues.get(firstNameAttr);
91              String lastName = nameValues.get(lastNameAttr);
92  
93              if (Validator.isNull(emailAddress)) {
94                  throw new AutoLoginException("Email address is null");
95              }
96  
97              User user = null;
98  
99              try {
100                 user = UserLocalServiceUtil.getUserByScreenName(
101                     companyId, screenName);
102             }
103             catch (NoSuchUserException nsue) {
104                 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
105                     WebKeys.THEME_DISPLAY);
106 
107                 Locale locale = LocaleUtil.getDefault();
108 
109                 if (themeDisplay != null) {
110 
111                     // ThemeDisplay should never be null, but some users
112                     // complain of this error. Cause is unknown.
113 
114                     locale = themeDisplay.getLocale();
115                 }
116 
117                 user = addUser(
118                     companyId, firstName, lastName, emailAddress, screenName,
119                     locale);
120             }
121 
122             credentials = new String[3];
123 
124             credentials[0] = String.valueOf(user.getUserId());
125             credentials[1] = user.getPassword();
126             credentials[2] = Boolean.TRUE.toString();
127         }
128         catch (Exception e) {
129             _log.error(e, e);
130         }
131 
132         return credentials;
133     }
134 
135     protected User addUser(
136             long companyId, String firstName, String lastName,
137             String emailAddress, String screenName, Locale locale)
138         throws Exception {
139 
140         long creatorUserId = 0;
141         boolean autoPassword = false;
142         String password1 = PwdGenerator.getPassword();
143         String password2 = password1;
144         boolean autoScreenName = false;
145         String openId = StringPool.BLANK;
146         String middleName = StringPool.BLANK;
147         int prefixId = 0;
148         int suffixId = 0;
149         boolean male = true;
150         int birthdayMonth = Calendar.JANUARY;
151         int birthdayDay = 1;
152         int birthdayYear = 1970;
153         String jobTitle = StringPool.BLANK;
154         long[] groupIds = null;
155         long[] organizationIds = null;
156         long[] roleIds = null;
157         long[] userGroupIds = null;
158         boolean sendEmail = false;
159         ServiceContext serviceContext = new ServiceContext();
160 
161         return UserLocalServiceUtil.addUser(
162             creatorUserId, companyId, autoPassword, password1, password2,
163             autoScreenName, screenName, emailAddress, openId, locale, firstName,
164             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
165             birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
166             roleIds, userGroupIds, sendEmail, serviceContext);
167     }
168 
169     private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
170 
171 }