001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.util.LocaleUtil;
022 import com.liferay.portal.kernel.util.ParamUtil;
023 import com.liferay.portal.kernel.util.PropsKeys;
024 import com.liferay.portal.kernel.util.StringPool;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.kernel.util.WebKeys;
027 import com.liferay.portal.model.CompanyConstants;
028 import com.liferay.portal.model.User;
029 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
030 import com.liferay.portal.service.ServiceContext;
031 import com.liferay.portal.service.UserLocalServiceUtil;
032 import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
033 import com.liferay.portal.theme.ThemeDisplay;
034 import com.liferay.portal.util.PortalUtil;
035 import com.liferay.portal.util.PrefsPropsUtil;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.util.PwdGenerator;
038
039 import java.util.Calendar;
040 import java.util.Locale;
041 import java.util.Map;
042
043 import javax.servlet.http.HttpServletRequest;
044 import javax.servlet.http.HttpServletResponse;
045
046
050 public class OpenSSOAutoLogin extends BaseAutoLogin {
051
052 protected User addUser(
053 long companyId, String firstName, String lastName,
054 String emailAddress, String screenName, Locale locale)
055 throws Exception {
056
057 long creatorUserId = 0;
058 boolean autoPassword = false;
059 String password1 = PwdGenerator.getPassword();
060 String password2 = password1;
061 boolean autoScreenName = false;
062 long facebookId = 0;
063 String openId = StringPool.BLANK;
064 String middleName = StringPool.BLANK;
065 int prefixId = 0;
066 int suffixId = 0;
067 boolean male = true;
068 int birthdayMonth = Calendar.JANUARY;
069 int birthdayDay = 1;
070 int birthdayYear = 1970;
071 String jobTitle = StringPool.BLANK;
072 long[] groupIds = null;
073 long[] organizationIds = null;
074 long[] roleIds = null;
075 long[] userGroupIds = null;
076 boolean sendEmail = false;
077 ServiceContext serviceContext = new ServiceContext();
078
079 return UserLocalServiceUtil.addUser(
080 creatorUserId, companyId, autoPassword, password1, password2,
081 autoScreenName, screenName, emailAddress, facebookId, openId,
082 locale, firstName, middleName, lastName, prefixId, suffixId, male,
083 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
084 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
085 }
086
087 @Override
088 protected String[] doLogin(
089 HttpServletRequest request, HttpServletResponse response)
090 throws Exception {
091
092 long companyId = PortalUtil.getCompanyId(request);
093
094 if (!PrefsPropsUtil.getBoolean(
095 companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
096 PropsValues.OPEN_SSO_AUTH_ENABLED)) {
097
098 return null;
099 }
100
101 String serviceUrl = PrefsPropsUtil.getString(
102 companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
103
104 if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
105 return null;
106 }
107
108 boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
109 companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
110 PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
111 String screenNameAttr = PrefsPropsUtil.getString(
112 companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
113 PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
114 String emailAddressAttr = PrefsPropsUtil.getString(
115 companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
116 PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
117 String firstNameAttr = PrefsPropsUtil.getString(
118 companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
119 PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
120 String lastNameAttr = PrefsPropsUtil.getString(
121 companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
122 PropsValues.OPEN_SSO_LAST_NAME_ATTR);
123
124 Map<String, String> nameValues = OpenSSOUtil.getAttributes(
125 request, serviceUrl);
126
127 String screenName = nameValues.get(screenNameAttr);
128 String emailAddress = nameValues.get(emailAddressAttr);
129 String firstName = nameValues.get(firstNameAttr);
130 String lastName = nameValues.get(lastNameAttr);
131
132 if (_log.isDebugEnabled()) {
133 _log.debug(
134 "Validating user information for " + firstName + " " +
135 lastName + " with screen name " + screenName +
136 " and email address " + emailAddress);
137 }
138
139 User user = null;
140
141 if (PrefsPropsUtil.getBoolean(
142 companyId, PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
143
144 try {
145 user = UserLocalServiceUtil.getUserByEmailAddress(
146 companyId, emailAddress);
147
148 ScreenNameGenerator screenNameGenerator =
149 ScreenNameGeneratorFactory.getInstance();
150
151 screenName = screenNameGenerator.generate(
152 companyId, user.getUserId(), emailAddress);
153 }
154 catch (NoSuchUserException nsue) {
155 }
156 }
157
158 if (ldapImportEnabled) {
159 try {
160 String authType = PrefsPropsUtil.getString(
161 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
162 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
163
164 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
165 user = PortalLDAPImporterUtil.importLDAPUser(
166 companyId, StringPool.BLANK, screenName);
167 }
168 else {
169 user = PortalLDAPImporterUtil.importLDAPUser(
170 companyId, emailAddress, StringPool.BLANK);
171 }
172 }
173 catch (SystemException se) {
174 }
175 }
176 else {
177 if (Validator.isNull(emailAddress)) {
178 return handleException(
179 request, response, new Exception("Email address is null"));
180 }
181 }
182
183 if (user == null) {
184 try {
185 user = UserLocalServiceUtil.getUserByScreenName(
186 companyId, screenName);
187 }
188 catch (NoSuchUserException nsue) {
189 }
190 }
191
192 if (user == null) {
193 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
194 WebKeys.THEME_DISPLAY);
195
196 Locale locale = LocaleUtil.getDefault();
197
198 if (themeDisplay != null) {
199
200
201
202
203 locale = themeDisplay.getLocale();
204 }
205
206 if (_log.isDebugEnabled()) {
207 _log.debug("Adding user " + screenName);
208 }
209
210 user = addUser(
211 companyId, firstName, lastName, emailAddress, screenName,
212 locale);
213 }
214
215 String currentURL = PortalUtil.getCurrentURL(request);
216
217 if (currentURL.contains("/portal/login")) {
218 String redirect = ParamUtil.getString(request, "redirect");
219
220 if (Validator.isNull(redirect)) {
221 redirect = PortalUtil.getPathMain();
222 }
223
224 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
225 }
226
227 String[] credentials = new String[3];
228
229 credentials[0] = String.valueOf(user.getUserId());
230 credentials[1] = user.getPassword();
231 credentials[2] = Boolean.TRUE.toString();
232
233 return credentials;
234 }
235
236 private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
237
238 }