001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.util.LocaleUtil;
022 import com.liferay.portal.kernel.util.ParamUtil;
023 import com.liferay.portal.kernel.util.PropsKeys;
024 import com.liferay.portal.kernel.util.StringPool;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.kernel.util.WebKeys;
027 import com.liferay.portal.model.CompanyConstants;
028 import com.liferay.portal.model.User;
029 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
030 import com.liferay.portal.service.ServiceContext;
031 import com.liferay.portal.service.UserLocalServiceUtil;
032 import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
033 import com.liferay.portal.theme.ThemeDisplay;
034 import com.liferay.portal.util.PortalUtil;
035 import com.liferay.portal.util.PrefsPropsUtil;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.util.PwdGenerator;
038
039 import java.util.Calendar;
040 import java.util.Locale;
041 import java.util.Map;
042
043 import javax.servlet.http.HttpServletRequest;
044 import javax.servlet.http.HttpServletResponse;
045
046
050 public class OpenSSOAutoLogin implements AutoLogin {
051
052 public String[] login(
053 HttpServletRequest request, HttpServletResponse response) {
054
055 String[] credentials = null;
056
057 try {
058 long companyId = PortalUtil.getCompanyId(request);
059
060 if (!PrefsPropsUtil.getBoolean(
061 companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
062 PropsValues.OPEN_SSO_AUTH_ENABLED)) {
063
064 return credentials;
065 }
066
067 String serviceUrl = PrefsPropsUtil.getString(
068 companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
069
070 if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
071 return credentials;
072 }
073
074 boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
075 companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
076 PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
077 String screenNameAttr = PrefsPropsUtil.getString(
078 companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
079 PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
080 String emailAddressAttr = PrefsPropsUtil.getString(
081 companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
082 PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
083 String firstNameAttr = PrefsPropsUtil.getString(
084 companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
085 PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
086 String lastNameAttr = PrefsPropsUtil.getString(
087 companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
088 PropsValues.OPEN_SSO_LAST_NAME_ATTR);
089
090 Map<String, String> nameValues = OpenSSOUtil.getAttributes(
091 request, serviceUrl);
092
093 String screenName = nameValues.get(screenNameAttr);
094 String emailAddress = nameValues.get(emailAddressAttr);
095 String firstName = nameValues.get(firstNameAttr);
096 String lastName = nameValues.get(lastNameAttr);
097
098 if (_log.isDebugEnabled()) {
099 _log.debug(
100 "Validating user information for " + firstName + " " +
101 lastName + " with screen name " + screenName +
102 " and email address " + emailAddress);
103 }
104
105 User user = null;
106
107 if (PrefsPropsUtil.getBoolean(
108 companyId,
109 PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
110
111 try {
112 user = UserLocalServiceUtil.getUserByEmailAddress(
113 companyId, emailAddress);
114
115 ScreenNameGenerator screenNameGenerator =
116 ScreenNameGeneratorFactory.getInstance();
117
118 screenName = screenNameGenerator.generate(
119 companyId, user.getUserId(), emailAddress);
120 }
121 catch (NoSuchUserException nsue) {
122 }
123 }
124
125 if (ldapImportEnabled) {
126 try {
127 String authType = PrefsPropsUtil.getString(
128 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
129 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
130
131 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
132 user = PortalLDAPImporterUtil.importLDAPUser(
133 companyId, StringPool.BLANK, screenName);
134 }
135 else {
136 user = PortalLDAPImporterUtil.importLDAPUser(
137 companyId, emailAddress, StringPool.BLANK);
138 }
139 }
140 catch (SystemException se) {
141 }
142 }
143 else {
144 if (Validator.isNull(emailAddress)) {
145 throw new AutoLoginException("Email address is null");
146 }
147 }
148
149 if (user == null) {
150 try {
151 user = UserLocalServiceUtil.getUserByScreenName(
152 companyId, screenName);
153 }
154 catch (NoSuchUserException nsue) {
155 }
156 }
157
158 if (user == null) {
159 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
160 WebKeys.THEME_DISPLAY);
161
162 Locale locale = LocaleUtil.getDefault();
163
164 if (themeDisplay != null) {
165
166
167
168
169 locale = themeDisplay.getLocale();
170 }
171
172 if (_log.isDebugEnabled()) {
173 _log.debug("Adding user " + screenName);
174 }
175
176 user = addUser(
177 companyId, firstName, lastName, emailAddress, screenName,
178 locale);
179 }
180
181 String redirect = ParamUtil.getString(request, "redirect");
182
183 if (Validator.isNotNull(redirect)) {
184 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
185 }
186
187 credentials = new String[3];
188
189 credentials[0] = String.valueOf(user.getUserId());
190 credentials[1] = user.getPassword();
191 credentials[2] = Boolean.TRUE.toString();
192 }
193 catch (Exception e) {
194 _log.error(e, e);
195 }
196
197 return credentials;
198 }
199
200 protected User addUser(
201 long companyId, String firstName, String lastName,
202 String emailAddress, String screenName, Locale locale)
203 throws Exception {
204
205 long creatorUserId = 0;
206 boolean autoPassword = false;
207 String password1 = PwdGenerator.getPassword();
208 String password2 = password1;
209 boolean autoScreenName = false;
210 long facebookId = 0;
211 String openId = StringPool.BLANK;
212 String middleName = StringPool.BLANK;
213 int prefixId = 0;
214 int suffixId = 0;
215 boolean male = true;
216 int birthdayMonth = Calendar.JANUARY;
217 int birthdayDay = 1;
218 int birthdayYear = 1970;
219 String jobTitle = StringPool.BLANK;
220 long[] groupIds = null;
221 long[] organizationIds = null;
222 long[] roleIds = null;
223 long[] userGroupIds = null;
224 boolean sendEmail = false;
225 ServiceContext serviceContext = new ServiceContext();
226
227 return UserLocalServiceUtil.addUser(
228 creatorUserId, companyId, autoPassword, password1, password2,
229 autoScreenName, screenName, emailAddress, facebookId, openId,
230 locale, firstName, middleName, lastName, prefixId, suffixId, male,
231 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
232 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
233 }
234
235 private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
236
237 }