001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.kernel.portlet.LiferayPortletURL;
018 import com.liferay.portal.kernel.util.PropsUtil;
019 import com.liferay.portal.kernel.util.StringUtil;
020 import com.liferay.portal.model.Portlet;
021 import com.liferay.registry.Registry;
022 import com.liferay.registry.RegistryUtil;
023 import com.liferay.registry.ServiceReference;
024 import com.liferay.registry.ServiceRegistration;
025 import com.liferay.registry.ServiceTracker;
026 import com.liferay.registry.ServiceTrackerCustomizer;
027 import com.liferay.registry.collections.StringServiceRegistrationMap;
028 import com.liferay.registry.collections.StringServiceRegistrationMapImpl;
029 import com.liferay.registry.util.StringPlus;
030
031 import java.util.ArrayList;
032 import java.util.Collections;
033 import java.util.HashMap;
034 import java.util.List;
035 import java.util.Map;
036 import java.util.Set;
037
038 import javax.servlet.http.HttpServletRequest;
039
040
043 public abstract class BaseAuthTokenWhitelist implements AuthTokenWhitelist {
044
045 @Deprecated
046 @Override
047 public Set<String> getOriginCSRFWhitelist() {
048 return Collections.emptySet();
049 }
050
051 @Deprecated
052 @Override
053 public Set<String> getPortletCSRFWhitelist() {
054 return Collections.emptySet();
055 }
056
057 @Deprecated
058 @Override
059 public Set<String> getPortletCSRFWhitelistActions() {
060 return Collections.emptySet();
061 }
062
063 @Deprecated
064 @Override
065 public Set<String> getPortletInvocationWhitelist() {
066 return Collections.emptySet();
067 }
068
069 @Deprecated
070 @Override
071 public Set<String> getPortletInvocationWhitelistActions() {
072 return Collections.emptySet();
073 }
074
075 @Override
076 public boolean isOriginCSRFWhitelisted(long companyId, String origin) {
077 return false;
078 }
079
080 @Override
081 public boolean isPortletCSRFWhitelisted(
082 HttpServletRequest request, Portlet portlet) {
083
084 return false;
085 }
086
087 @Deprecated
088 @Override
089 public boolean isPortletCSRFWhitelisted(
090 long companyId, String portletId, String strutsAction) {
091
092 return false;
093 }
094
095 @Override
096 public boolean isPortletInvocationWhitelisted(
097 HttpServletRequest request, Portlet portlet) {
098
099 return false;
100 }
101
102 @Deprecated
103 @Override
104 public boolean isPortletInvocationWhitelisted(
105 long companyId, String portletId, String strutsAction) {
106
107 return false;
108 }
109
110 @Override
111 public boolean isPortletURLCSRFWhitelisted(
112 LiferayPortletURL liferayPortletURL) {
113
114 return false;
115 }
116
117 @Override
118 public boolean isPortletURLPortletInvocationWhitelisted(
119 LiferayPortletURL liferayPortletURL) {
120
121 return false;
122 }
123
124 @Override
125 public boolean isValidSharedSecret(String sharedSecret) {
126 return false;
127 }
128
129 @Deprecated
130 @Override
131 public Set<String> resetOriginCSRFWhitelist() {
132 return Collections.emptySet();
133 }
134
135 @Deprecated
136 @Override
137 public Set<String> resetPortletCSRFWhitelist() {
138 return Collections.emptySet();
139 }
140
141 @Deprecated
142 @Override
143 public Set<String> resetPortletInvocationWhitelist() {
144 return Collections.emptySet();
145 }
146
147 @Deprecated
148 @Override
149 public Set<String> resetPortletInvocationWhitelistActions() {
150 return Collections.emptySet();
151 }
152
153 protected void destroy() {
154 for (ServiceRegistration<Object> serviceRegistration :
155 serviceRegistrations.values()) {
156
157 serviceRegistration.unregister();
158 }
159
160 for (ServiceTracker<Object, Object> serviceTracker : serviceTrackers) {
161 serviceTracker.close();
162 }
163 }
164
165 protected void registerPortalProperty(String key) {
166 Registry registry = RegistryUtil.getRegistry();
167
168 Map<String, Object> properties = new HashMap<>();
169
170 String[] values = PropsUtil.getArray(key);
171
172 properties.put(key, values);
173
174 ServiceRegistration<Object> serviceRegistration =
175 registry.registerService(Object.class, new Object(), properties);
176
177 serviceRegistrations.put(StringUtil.merge(values), serviceRegistration);
178 }
179
180 protected ServiceTracker<Object, Object> trackWhitelistServices(
181 String whitelistName, Set<String> whiteList) {
182
183 Registry registry = RegistryUtil.getRegistry();
184
185 ServiceTracker<Object, Object> serviceTracker = registry.trackServices(
186 registry.getFilter("(" + whitelistName + "=*)"),
187 new TokenWhitelistTrackerCustomizer(whitelistName, whiteList));
188
189 serviceTracker.open();
190
191 serviceTrackers.add(serviceTracker);
192
193 return serviceTracker;
194 }
195
196 protected final StringServiceRegistrationMap<Object> serviceRegistrations =
197 new StringServiceRegistrationMapImpl<>();
198 protected final List<ServiceTracker<Object, Object>> serviceTrackers =
199 new ArrayList<>();
200
201 private class TokenWhitelistTrackerCustomizer
202 implements ServiceTrackerCustomizer<Object, Object> {
203
204 public TokenWhitelistTrackerCustomizer(
205 String whitelistName, Set<String> whitelist) {
206
207 _whitelistName = whitelistName;
208 _whitelist = whitelist;
209 }
210
211 @Override
212 public Object addingService(ServiceReference<Object> serviceReference) {
213 List<String> authTokenIgnoreActions = StringPlus.asList(
214 serviceReference.getProperty(_whitelistName));
215
216 _whitelist.addAll(authTokenIgnoreActions);
217
218 Registry registry = RegistryUtil.getRegistry();
219
220 return registry.getService(serviceReference);
221 }
222
223 @Override
224 public void modifiedService(
225 ServiceReference<Object> serviceReference, Object object) {
226
227 removedService(serviceReference, object);
228
229 addingService(serviceReference);
230 }
231
232 @Override
233 public void removedService(
234 ServiceReference<Object> serviceReference, Object object) {
235
236 List<String> authTokenIgnoreActions = StringPlus.asList(
237 serviceReference.getProperty(_whitelistName));
238
239 _whitelist.removeAll(authTokenIgnoreActions);
240 }
241
242 private final Set<String> _whitelist;
243 private final String _whitelistName;
244
245 }
246
247 }