1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   * 
13   */
14  
15  package com.liferay.portal.security.auth;
16  
17  import com.liferay.portal.NoSuchUserException;
18  import com.liferay.portal.kernel.log.Log;
19  import com.liferay.portal.kernel.log.LogFactoryUtil;
20  import com.liferay.portal.kernel.util.LocaleUtil;
21  import com.liferay.portal.kernel.util.PropsKeys;
22  import com.liferay.portal.kernel.util.StringPool;
23  import com.liferay.portal.kernel.util.Validator;
24  import com.liferay.portal.kernel.util.WebKeys;
25  import com.liferay.portal.model.User;
26  import com.liferay.portal.service.UserLocalServiceUtil;
27  import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
28  import com.liferay.portal.theme.ThemeDisplay;
29  import com.liferay.portal.util.PortalUtil;
30  import com.liferay.portal.util.PrefsPropsUtil;
31  import com.liferay.portal.util.PropsValues;
32  import com.liferay.util.PwdGenerator;
33  
34  import java.util.Calendar;
35  import java.util.Locale;
36  import java.util.Map;
37  
38  import javax.servlet.http.HttpServletRequest;
39  import javax.servlet.http.HttpServletResponse;
40  
41  /**
42   * <a href="OpenSSOAutoLogin.java.html"><b><i>View Source</i></b></a>
43   *
44   * @author Brian Wing Shun Chan
45   * @author Prashant Dighe
46   */
47  public class OpenSSOAutoLogin implements AutoLogin {
48  
49      public String[] login(
50          HttpServletRequest request, HttpServletResponse response) {
51  
52          String[] credentials = null;
53  
54          try {
55              long companyId = PortalUtil.getCompanyId(request);
56  
57              if (!PrefsPropsUtil.getBoolean(
58                      companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
59                      PropsValues.OPEN_SSO_AUTH_ENABLED)) {
60  
61                  return credentials;
62              }
63  
64              String serviceUrl = PrefsPropsUtil.getString(
65                  companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
66  
67              if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
68                  return credentials;
69              }
70  
71              String screenNameAttr = PrefsPropsUtil.getString(
72                  companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
73                  PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
74              String emailAddressAttr = PrefsPropsUtil.getString(
75                  companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
76                  PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
77              String firstNameAttr = PrefsPropsUtil.getString(
78                  companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
79                  PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
80              String lastNameAttr = PrefsPropsUtil.getString(
81                  companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
82                  PropsValues.OPEN_SSO_LAST_NAME_ATTR);
83  
84              Map<String, String> nameValues = OpenSSOUtil.getAttributes(
85                  request, serviceUrl);
86  
87              String screenName = nameValues.get(screenNameAttr);
88              String emailAddress = nameValues.get(emailAddressAttr);
89              String firstName = nameValues.get(firstNameAttr);
90              String lastName = nameValues.get(lastNameAttr);
91  
92              if (Validator.isNull(emailAddress)) {
93                  throw new AutoLoginException("Email address is null");
94              }
95  
96              User user = null;
97  
98              try {
99                  user = UserLocalServiceUtil.getUserByScreenName(
100                     companyId, screenName);
101             }
102             catch (NoSuchUserException nsue) {
103                 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
104                     WebKeys.THEME_DISPLAY);
105 
106                 Locale locale = LocaleUtil.getDefault();
107 
108                 if (themeDisplay != null) {
109 
110                     // ThemeDisplay should never be null, but some users
111                     // complain of this error. Cause is unknown.
112 
113                     locale = themeDisplay.getLocale();
114                 }
115 
116                 user = addUser(
117                     companyId, firstName, lastName, emailAddress, screenName,
118                     locale);
119             }
120 
121             credentials = new String[3];
122 
123             credentials[0] = String.valueOf(user.getUserId());
124             credentials[1] = user.getPassword();
125             credentials[2] = Boolean.TRUE.toString();
126         }
127         catch (Exception e) {
128             _log.error(e, e);
129         }
130 
131         return credentials;
132     }
133 
134     protected User addUser(
135             long companyId, String firstName, String lastName,
136             String emailAddress, String screenName, Locale locale)
137         throws Exception {
138 
139         long creatorUserId = 0;
140         boolean autoPassword = false;
141         String password1 = PwdGenerator.getPassword();
142         String password2 = password1;
143         boolean autoScreenName = false;
144         String middleName = StringPool.BLANK;
145         int prefixId = 0;
146         int suffixId = 0;
147         boolean male = true;
148         int birthdayMonth = Calendar.JANUARY;
149         int birthdayDay = 1;
150         int birthdayYear = 1970;
151         String jobTitle = StringPool.BLANK;
152         long[] organizationIds = new long[0];
153         boolean sendEmail = false;
154 
155         return UserLocalServiceUtil.addUser(
156             creatorUserId, companyId, autoPassword, password1, password2,
157             autoScreenName, screenName, emailAddress, locale, firstName,
158             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
159             birthdayDay, birthdayYear, jobTitle, organizationIds, sendEmail);
160     }
161 
162     private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
163 
164 }