001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.NoSuchUserException;
018    import com.liferay.portal.kernel.log.Log;
019    import com.liferay.portal.kernel.log.LogFactoryUtil;
020    import com.liferay.portal.kernel.util.LocaleUtil;
021    import com.liferay.portal.kernel.util.ParamUtil;
022    import com.liferay.portal.kernel.util.PropsKeys;
023    import com.liferay.portal.kernel.util.StringPool;
024    import com.liferay.portal.kernel.util.Validator;
025    import com.liferay.portal.kernel.util.WebKeys;
026    import com.liferay.portal.model.User;
027    import com.liferay.portal.service.ServiceContext;
028    import com.liferay.portal.service.UserLocalServiceUtil;
029    import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
030    import com.liferay.portal.theme.ThemeDisplay;
031    import com.liferay.portal.util.PortalUtil;
032    import com.liferay.portal.util.PrefsPropsUtil;
033    import com.liferay.portal.util.PropsValues;
034    import com.liferay.util.PwdGenerator;
035    
036    import java.util.Calendar;
037    import java.util.Locale;
038    import java.util.Map;
039    
040    import javax.servlet.http.HttpServletRequest;
041    import javax.servlet.http.HttpServletResponse;
042    
043    /**
044     * @author Brian Wing Shun Chan
045     * @author Prashant Dighe
046     */
047    public class OpenSSOAutoLogin implements AutoLogin {
048    
049            public String[] login(
050                    HttpServletRequest request, HttpServletResponse response) {
051    
052                    String[] credentials = null;
053    
054                    try {
055                            long companyId = PortalUtil.getCompanyId(request);
056    
057                            if (!PrefsPropsUtil.getBoolean(
058                                            companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
059                                            PropsValues.OPEN_SSO_AUTH_ENABLED)) {
060    
061                                    return credentials;
062                            }
063    
064                            String serviceUrl = PrefsPropsUtil.getString(
065                                    companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
066    
067                            if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
068                                    return credentials;
069                            }
070    
071                            String screenNameAttr = PrefsPropsUtil.getString(
072                                    companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
073                                    PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
074                            String emailAddressAttr = PrefsPropsUtil.getString(
075                                    companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
076                                    PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
077                            String firstNameAttr = PrefsPropsUtil.getString(
078                                    companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
079                                    PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
080                            String lastNameAttr = PrefsPropsUtil.getString(
081                                    companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
082                                    PropsValues.OPEN_SSO_LAST_NAME_ATTR);
083    
084                            Map<String, String> nameValues = OpenSSOUtil.getAttributes(
085                                    request, serviceUrl);
086    
087                            String screenName = nameValues.get(screenNameAttr);
088                            String emailAddress = nameValues.get(emailAddressAttr);
089                            String firstName = nameValues.get(firstNameAttr);
090                            String lastName = nameValues.get(lastNameAttr);
091    
092                            if (_log.isDebugEnabled()) {
093                                    _log.debug(
094                                            "Validating user information for " + firstName + " " +
095                                                    lastName + " with screen name " + screenName +
096                                                    " and email address " + emailAddress);
097                            }
098    
099                            if (Validator.isNull(emailAddress)) {
100                                    throw new AutoLoginException("Email address is null");
101                            }
102    
103                            User user = null;
104    
105                            try {
106                                    user = UserLocalServiceUtil.getUserByScreenName(
107                                            companyId, screenName);
108                            }
109                            catch (NoSuchUserException nsue) {
110                                    ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
111                                            WebKeys.THEME_DISPLAY);
112    
113                                    Locale locale = LocaleUtil.getDefault();
114    
115                                    if (themeDisplay != null) {
116    
117                                            // ThemeDisplay should never be null, but some users
118                                            // complain of this error. Cause is unknown.
119    
120                                            locale = themeDisplay.getLocale();
121                                    }
122    
123                                    if (_log.isDebugEnabled()) {
124                                            _log.debug("Adding user " + screenName);
125                                    }
126    
127                                    user = addUser(
128                                            companyId, firstName, lastName, emailAddress, screenName,
129                                            locale);
130                            }
131    
132                            String redirect = ParamUtil.getString(request, "redirect");
133    
134                            if (Validator.isNotNull(redirect)) {
135                                    request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
136                            }
137    
138                            credentials = new String[3];
139    
140                            credentials[0] = String.valueOf(user.getUserId());
141                            credentials[1] = user.getPassword();
142                            credentials[2] = Boolean.TRUE.toString();
143                    }
144                    catch (Exception e) {
145                            _log.error(e, e);
146                    }
147    
148                    return credentials;
149            }
150    
151            protected User addUser(
152                            long companyId, String firstName, String lastName,
153                            String emailAddress, String screenName, Locale locale)
154                    throws Exception {
155    
156                    long creatorUserId = 0;
157                    boolean autoPassword = false;
158                    String password1 = PwdGenerator.getPassword();
159                    String password2 = password1;
160                    boolean autoScreenName = false;
161                    long facebookId = 0;
162                    String openId = StringPool.BLANK;
163                    String middleName = StringPool.BLANK;
164                    int prefixId = 0;
165                    int suffixId = 0;
166                    boolean male = true;
167                    int birthdayMonth = Calendar.JANUARY;
168                    int birthdayDay = 1;
169                    int birthdayYear = 1970;
170                    String jobTitle = StringPool.BLANK;
171                    long[] groupIds = null;
172                    long[] organizationIds = null;
173                    long[] roleIds = null;
174                    long[] userGroupIds = null;
175                    boolean sendEmail = false;
176                    ServiceContext serviceContext = new ServiceContext();
177    
178                    return UserLocalServiceUtil.addUser(
179                            creatorUserId, companyId, autoPassword, password1, password2,
180                            autoScreenName, screenName, emailAddress, facebookId, openId,
181                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
182                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
183                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
184            }
185    
186            private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
187    
188    }