001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.util.ParamUtil;
020    import com.liferay.portal.kernel.util.Validator;
021    import com.liferay.portal.util.PortalUtil;
022    
023    import java.util.Properties;
024    
025    import javax.servlet.http.HttpServletRequest;
026    import javax.servlet.http.HttpServletResponse;
027    
028    /**
029     * @author Mate Thurzo
030     */
031    public abstract class BaseAutoLogin implements AuthVerifier, AutoLogin {
032    
033            @Override
034            public String getAuthType() {
035                    return this.getClass().getSimpleName();
036            }
037    
038            @Override
039            public String[] handleException(
040                            HttpServletRequest request, HttpServletResponse response,
041                            Exception e)
042                    throws AutoLoginException {
043    
044                    return doHandleException(request, response, e);
045            }
046    
047            @Override
048            public String[] login(
049                            HttpServletRequest request, HttpServletResponse response)
050                    throws AutoLoginException {
051    
052                    try {
053                            return doLogin(request, response);
054                    }
055                    catch (Exception e) {
056                            return handleException(request, response, e);
057                    }
058            }
059    
060            @Override
061            public AuthVerifierResult verify(
062                            AccessControlContext accessControlContext, Properties properties)
063                    throws AuthException {
064    
065                    try {
066                            AuthVerifierResult authVerifierResult = new AuthVerifierResult();
067    
068                            String[] credentials = login(
069                                    accessControlContext.getRequest(),
070                                    accessControlContext.getResponse());
071    
072                            if (credentials != null) {
073                                    authVerifierResult.setPassword(credentials[1]);
074                                    authVerifierResult.setState(AuthVerifierResult.State.SUCCESS);
075                                    authVerifierResult.setUserId(Long.valueOf(credentials[0]));
076                            }
077    
078                            return authVerifierResult;
079                    }
080                    catch (AutoLoginException ale) {
081                            throw new AuthException(ale);
082                    }
083            }
084    
085            protected void addRedirect(HttpServletRequest request) {
086                    String redirect = ParamUtil.getString(request, "redirect");
087    
088                    if (Validator.isNotNull(redirect)) {
089                            request.setAttribute(
090                                    AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE,
091                                    PortalUtil.escapeRedirect(redirect));
092                    }
093            }
094    
095            protected String[] doHandleException(
096                            HttpServletRequest request, HttpServletResponse response,
097                            Exception e)
098                    throws AutoLoginException {
099    
100                    if (request.getAttribute(AutoLogin.AUTO_LOGIN_REDIRECT) == null) {
101                            throw new AutoLoginException(e);
102                    }
103    
104                    _log.error(e, e);
105    
106                    return null;
107            }
108    
109            protected abstract String[] doLogin(
110                            HttpServletRequest request, HttpServletResponse response)
111                    throws Exception;
112    
113            private static final Log _log = LogFactoryUtil.getLog(BaseAutoLogin.class);
114    
115    }