1
14
15 package com.liferay.portal.security.auth;
16
17 import com.liferay.portal.kernel.util.GetterUtil;
18 import com.liferay.portal.kernel.util.InstancePool;
19 import com.liferay.portal.kernel.util.ListUtil;
20 import com.liferay.portal.kernel.util.PropsKeys;
21 import com.liferay.portal.model.CompanyConstants;
22 import com.liferay.portal.util.PropsValues;
23
24 import java.util.ArrayList;
25 import java.util.HashMap;
26 import java.util.List;
27 import java.util.Map;
28
29
34 public class AuthPipeline {
35
36 public static int authenticateByEmailAddress(
37 String key, long companyId, String emailAddress, String password,
38 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
39 throws AuthException {
40
41 return _instance._authenticate(
42 key, companyId, emailAddress, password,
43 CompanyConstants.AUTH_TYPE_EA, headerMap, parameterMap);
44 }
45
46 public static int authenticateByScreenName(
47 String key, long companyId, String screenName, String password,
48 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
49 throws AuthException {
50
51 return _instance._authenticate(
52 key, companyId, screenName, password, CompanyConstants.AUTH_TYPE_SN,
53 headerMap, parameterMap);
54 }
55
56 public static int authenticateByUserId(
57 String key, long companyId, long userId, String password,
58 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
59 throws AuthException {
60
61 return _instance._authenticate(
62 key, companyId, String.valueOf(userId), password,
63 CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
64 }
65
66 public static void onFailureByEmailAddress(
67 String key, long companyId, String emailAddress,
68 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
69 throws AuthException {
70
71 _instance._onFailure(
72 key, companyId, emailAddress, CompanyConstants.AUTH_TYPE_EA,
73 headerMap, parameterMap);
74 }
75
76 public static void onFailureByScreenName(
77 String key, long companyId, String screenName,
78 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
79 throws AuthException {
80
81 _instance._onFailure(
82 key, companyId, screenName, CompanyConstants.AUTH_TYPE_SN,
83 headerMap, parameterMap);
84 }
85
86 public static void onFailureByUserId(
87 String key, long companyId, long userId,
88 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
89 throws AuthException {
90
91 _instance._onFailure(
92 key, companyId, String.valueOf(userId),
93 CompanyConstants.AUTH_TYPE_ID, headerMap, parameterMap);
94 }
95
96 public static void onMaxFailuresByEmailAddress(
97 String key, long companyId, String emailAddress,
98 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
99 throws AuthException {
100
101 onFailureByEmailAddress(
102 key, companyId, emailAddress, headerMap, parameterMap);
103 }
104
105 public static void onMaxFailuresByScreenName(
106 String key, long companyId, String screenName,
107 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
108 throws AuthException {
109
110 onFailureByScreenName(
111 key, companyId, screenName, headerMap, parameterMap);
112 }
113
114 public static void onMaxFailuresByUserId(
115 String key, long companyId, long userId,
116 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
117 throws AuthException {
118
119 onFailureByUserId(key, companyId, userId, headerMap, parameterMap);
120 }
121
122 public static void registerAuthenticator(
123 String key, Authenticator authenticator) {
124
125 _instance._registerAuthenticator(key, authenticator);
126 }
127
128 public static void registerAuthFailure(
129 String key, AuthFailure authFailure) {
130
131 _instance._registerAuthFailure(key, authFailure);
132 }
133
134 public static void unregisterAuthenticator(
135 String key, Authenticator authenticator) {
136
137 _instance._unregisterAuthenticator(key, authenticator);
138 }
139
140 public static void unregisterAuthFailure(
141 String key, AuthFailure authFailure) {
142
143 _instance._unregisterAuthFailure(key, authFailure);
144 }
145
146 private AuthPipeline() {
147
148
150 List<Authenticator> authenticators = new ArrayList<Authenticator>();
151
152 for (String authenticatorClassName : PropsValues.AUTH_PIPELINE_PRE) {
153 Authenticator authenticator = (Authenticator)InstancePool.get(
154 authenticatorClassName);
155
156 authenticators.add(authenticator);
157 }
158
159 _authenticators.put(
160 PropsKeys.AUTH_PIPELINE_PRE,
161 authenticators.toArray(new Authenticator[authenticators.size()]));
162
163
165 authenticators.clear();
166
167 for (String authenticatorClassName : PropsValues.AUTH_PIPELINE_POST) {
168 Authenticator authenticator = (Authenticator)InstancePool.get(
169 authenticatorClassName);
170
171 authenticators.add(authenticator);
172 }
173
174 _authenticators.put(
175 PropsKeys.AUTH_PIPELINE_POST,
176 authenticators.toArray(new Authenticator[authenticators.size()]));
177
178
180 List<AuthFailure> authFailures = new ArrayList<AuthFailure>();
181
182 for (String authFailureClassName : PropsValues.AUTH_FAILURE) {
183 AuthFailure authFailure = (AuthFailure)InstancePool.get(
184 authFailureClassName);
185
186 authFailures.add(authFailure);
187 }
188
189 _authFailures.put(
190 PropsKeys.AUTH_FAILURE,
191 authFailures.toArray(new AuthFailure[authFailures.size()]));
192
193
195 authFailures.clear();
196
197 for (String authFailureClassName : PropsValues.AUTH_MAX_FAILURES) {
198 AuthFailure authFailure = (AuthFailure)InstancePool.get(
199 authFailureClassName);
200
201 authFailures.add(authFailure);
202 }
203
204 _authFailures.put(
205 PropsKeys.AUTH_MAX_FAILURES,
206 authFailures.toArray(new AuthFailure[authFailures.size()]));
207 }
208
209 private int _authenticate(
210 String key, long companyId, String login, String password,
211 String authType, Map<String, String[]> headerMap,
212 Map<String, String[]> parameterMap)
213 throws AuthException {
214
215 Authenticator[] authenticators = _authenticators.get(key);
216
217 if ((authenticators == null) || (authenticators.length == 0)) {
218 return 1;
219 }
220
221 for (Authenticator authenticator : authenticators) {
222 try {
223 int authResult = Authenticator.FAILURE;
224
225 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
226 authResult = authenticator.authenticateByEmailAddress(
227 companyId, login, password, headerMap, parameterMap);
228 }
229 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
230 authResult = authenticator.authenticateByScreenName(
231 companyId, login, password, headerMap, parameterMap);
232 }
233 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
234 long userId = GetterUtil.getLong(login);
235
236 authResult = authenticator.authenticateByUserId(
237 companyId, userId, password, headerMap, parameterMap);
238 }
239
240 if (authResult != Authenticator.SUCCESS) {
241 return authResult;
242 }
243 }
244 catch (AuthException ae) {
245 throw ae;
246 }
247 catch (Exception e) {
248 throw new AuthException(e);
249 }
250 }
251
252 return Authenticator.SUCCESS;
253 }
254
255 private void _onFailure(
256 String key, long companyId, String login, String authType,
257 Map<String, String[]> headerMap, Map<String, String[]> parameterMap)
258 throws AuthException {
259
260 AuthFailure[] authFailures = _authFailures.get(key);
261
262 if ((authFailures == null) || (authFailures.length == 0)) {
263 return;
264 }
265
266 for (AuthFailure authFailure : authFailures) {
267 try {
268 if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
269 authFailure.onFailureByEmailAddress(
270 companyId, login, headerMap, parameterMap);
271 }
272 else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
273 authFailure.onFailureByScreenName(
274 companyId, login, headerMap, parameterMap);
275 }
276 else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
277 long userId = GetterUtil.getLong(login);
278
279 authFailure.onFailureByUserId(
280 companyId, userId, headerMap, parameterMap);
281 }
282 }
283 catch (AuthException ae) {
284 throw ae;
285 }
286 catch (Exception e) {
287 throw new AuthException(e);
288 }
289 }
290 }
291
292 private void _registerAuthenticator(
293 String key, Authenticator authenticator) {
294
295 List<Authenticator> authenticators = ListUtil.fromArray(
296 _authenticators.get(key));
297
298 authenticators.add(authenticator);
299
300 _authenticators.put(
301 key,
302 authenticators.toArray(new Authenticator[authenticators.size()]));
303 }
304
305 private void _registerAuthFailure(String key, AuthFailure authFailure) {
306 List<AuthFailure> authFailures = ListUtil.fromArray(
307 _authFailures.get(key));
308
309 authFailures.add(authFailure);
310
311 _authFailures.put(
312 key, authFailures.toArray(new AuthFailure[authFailures.size()]));
313 }
314
315 private void _unregisterAuthenticator(
316 String key, Authenticator authenticator) {
317
318 List<Authenticator> authenticators = ListUtil.fromArray(
319 _authenticators.get(key));
320
321 if (authenticators.remove(authenticator)) {
322 _authenticators.put(
323 key,
324 authenticators.toArray(
325 new Authenticator[authenticators.size()]));
326 }
327 }
328
329 private void _unregisterAuthFailure(String key, AuthFailure authFailure) {
330 List<AuthFailure> authFailures = ListUtil.fromArray(
331 _authFailures.get(key));
332
333 if (authFailures.remove(authFailure)) {
334 _authFailures.put(
335 key,
336 authFailures.toArray(new AuthFailure[authFailures.size()]));
337 }
338 }
339
340 private static AuthPipeline _instance = new AuthPipeline();
341
342 private Map<String, Authenticator[]> _authenticators =
343 new HashMap<String, Authenticator[]>();
344 private Map<String, AuthFailure[]> _authFailures =
345 new HashMap<String, AuthFailure[]>();
346
347 }