1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.security.auth;
24  
25  import com.liferay.portal.NoSuchUserException;
26  import com.liferay.portal.kernel.log.Log;
27  import com.liferay.portal.kernel.log.LogFactoryUtil;
28  import com.liferay.portal.kernel.util.LocaleUtil;
29  import com.liferay.portal.kernel.util.StringPool;
30  import com.liferay.portal.kernel.util.Validator;
31  import com.liferay.portal.kernel.util.WebKeys;
32  import com.liferay.portal.model.User;
33  import com.liferay.portal.service.ServiceContext;
34  import com.liferay.portal.service.UserLocalServiceUtil;
35  import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
36  import com.liferay.portal.theme.ThemeDisplay;
37  import com.liferay.portal.util.PortalUtil;
38  import com.liferay.portal.util.PrefsPropsUtil;
39  import com.liferay.portal.util.PropsKeys;
40  import com.liferay.portal.util.PropsValues;
41  import com.liferay.util.PwdGenerator;
42  
43  import java.util.Calendar;
44  import java.util.Locale;
45  import java.util.Map;
46  
47  import javax.servlet.http.HttpServletRequest;
48  import javax.servlet.http.HttpServletResponse;
49  
50  /**
51   * <a href="OpenSSOAutoLogin.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Prashant Dighe
55   *
56   */
57  public class OpenSSOAutoLogin implements AutoLogin {
58  
59      public String[] login(
60          HttpServletRequest request, HttpServletResponse response) {
61  
62          String[] credentials = null;
63  
64          try {
65              long companyId = PortalUtil.getCompanyId(request);
66  
67              if (!PrefsPropsUtil.getBoolean(
68                      companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
69                      PropsValues.OPEN_SSO_AUTH_ENABLED)) {
70  
71                  return credentials;
72              }
73  
74              String serviceUrl = PrefsPropsUtil.getString(
75                  companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
76  
77              if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
78                  return credentials;
79              }
80  
81              String screenNameAttr = PrefsPropsUtil.getString(
82                  companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
83                  PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
84              String emailAddressAttr = PrefsPropsUtil.getString(
85                  companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
86                  PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
87              String firstNameAttr = PrefsPropsUtil.getString(
88                  companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
89                  PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
90              String lastNameAttr = PrefsPropsUtil.getString(
91                  companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
92                  PropsValues.OPEN_SSO_LAST_NAME_ATTR);
93  
94              Map<String, String> nameValues = OpenSSOUtil.getAttributes(
95                  request, serviceUrl);
96  
97              String screenName = nameValues.get(screenNameAttr);
98              String emailAddress = nameValues.get(emailAddressAttr);
99              String firstName = nameValues.get(firstNameAttr);
100             String lastName = nameValues.get(lastNameAttr);
101 
102             if (Validator.isNull(emailAddress)) {
103                 throw new AutoLoginException("Email address is null");
104             }
105 
106             User user = null;
107 
108             try {
109                 user = UserLocalServiceUtil.getUserByScreenName(
110                     companyId, screenName);
111             }
112             catch (NoSuchUserException nsue) {
113                 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
114                     WebKeys.THEME_DISPLAY);
115 
116                 Locale locale = LocaleUtil.getDefault();
117 
118                 if (themeDisplay != null) {
119 
120                     // ThemeDisplay should never be null, but some users
121                     // complain of this error. Cause is unknown.
122 
123                     locale = themeDisplay.getLocale();
124                 }
125 
126                 user = addUser(
127                     companyId, firstName, lastName, emailAddress, screenName,
128                     locale);
129             }
130 
131             credentials = new String[3];
132 
133             credentials[0] = String.valueOf(user.getUserId());
134             credentials[1] = user.getPassword();
135             credentials[2] = Boolean.TRUE.toString();
136         }
137         catch (Exception e) {
138             _log.error(e, e);
139         }
140 
141         return credentials;
142     }
143 
144     protected User addUser(
145             long companyId, String firstName, String lastName,
146             String emailAddress, String screenName, Locale locale)
147         throws Exception {
148 
149         long creatorUserId = 0;
150         boolean autoPassword = false;
151         String password1 = PwdGenerator.getPassword();
152         String password2 = password1;
153         boolean autoScreenName = false;
154         String openId = StringPool.BLANK;
155         String middleName = StringPool.BLANK;
156         int prefixId = 0;
157         int suffixId = 0;
158         boolean male = true;
159         int birthdayMonth = Calendar.JANUARY;
160         int birthdayDay = 1;
161         int birthdayYear = 1970;
162         String jobTitle = StringPool.BLANK;
163         long[] groupIds = null;
164         long[] organizationIds = null;
165         long[] roleIds = null;
166         long[] userGroupIds = null;
167         boolean sendEmail = false;
168         ServiceContext serviceContext = new ServiceContext();
169 
170         return UserLocalServiceUtil.addUser(
171             creatorUserId, companyId, autoPassword, password1, password2,
172             autoScreenName, screenName, emailAddress, openId, locale, firstName,
173             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
174             birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
175             roleIds, userGroupIds, sendEmail, serviceContext);
176     }
177 
178     private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
179 
180 }