001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.auth;
016    
017    import com.liferay.portal.NoSuchUserException;
018    import com.liferay.portal.kernel.exception.SystemException;
019    import com.liferay.portal.kernel.log.Log;
020    import com.liferay.portal.kernel.log.LogFactoryUtil;
021    import com.liferay.portal.kernel.util.LocaleUtil;
022    import com.liferay.portal.kernel.util.ParamUtil;
023    import com.liferay.portal.kernel.util.PropsKeys;
024    import com.liferay.portal.kernel.util.StringPool;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.kernel.util.WebKeys;
027    import com.liferay.portal.model.CompanyConstants;
028    import com.liferay.portal.model.User;
029    import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
030    import com.liferay.portal.service.ServiceContext;
031    import com.liferay.portal.service.UserLocalServiceUtil;
032    import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
033    import com.liferay.portal.theme.ThemeDisplay;
034    import com.liferay.portal.util.PortalUtil;
035    import com.liferay.portal.util.PrefsPropsUtil;
036    import com.liferay.portal.util.PropsValues;
037    import com.liferay.util.PwdGenerator;
038    
039    import java.util.Calendar;
040    import java.util.Locale;
041    import java.util.Map;
042    
043    import javax.servlet.http.HttpServletRequest;
044    import javax.servlet.http.HttpServletResponse;
045    
046    /**
047     * @author Brian Wing Shun Chan
048     * @author Prashant Dighe
049     */
050    public class OpenSSOAutoLogin implements AutoLogin {
051    
052            public String[] login(
053                    HttpServletRequest request, HttpServletResponse response) {
054    
055                    String[] credentials = null;
056    
057                    try {
058                            long companyId = PortalUtil.getCompanyId(request);
059    
060                            if (!PrefsPropsUtil.getBoolean(
061                                            companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
062                                            PropsValues.OPEN_SSO_AUTH_ENABLED)) {
063    
064                                    return credentials;
065                            }
066    
067                            String serviceUrl = PrefsPropsUtil.getString(
068                                    companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
069    
070                            if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
071                                    return credentials;
072                            }
073    
074                            boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
075                                    companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
076                                    PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
077                            String screenNameAttr = PrefsPropsUtil.getString(
078                                    companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
079                                    PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
080                            String emailAddressAttr = PrefsPropsUtil.getString(
081                                    companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
082                                    PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
083                            String firstNameAttr = PrefsPropsUtil.getString(
084                                    companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
085                                    PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
086                            String lastNameAttr = PrefsPropsUtil.getString(
087                                    companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
088                                    PropsValues.OPEN_SSO_LAST_NAME_ATTR);
089    
090                            Map<String, String> nameValues = OpenSSOUtil.getAttributes(
091                                    request, serviceUrl);
092    
093                            String screenName = nameValues.get(screenNameAttr);
094                            String emailAddress = nameValues.get(emailAddressAttr);
095                            String firstName = nameValues.get(firstNameAttr);
096                            String lastName = nameValues.get(lastNameAttr);
097    
098                            if (_log.isDebugEnabled()) {
099                                    _log.debug(
100                                            "Validating user information for " + firstName + " " +
101                                                    lastName + " with screen name " + screenName +
102                                                    " and email address " + emailAddress);
103                            }
104    
105                            User user = null;
106    
107                            if (PrefsPropsUtil.getBoolean(
108                                            companyId,
109                                            PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
110    
111                                    try {
112                                            user = UserLocalServiceUtil.getUserByEmailAddress(
113                                                    companyId, emailAddress);
114    
115                                            ScreenNameGenerator screenNameGenerator =
116                                                    ScreenNameGeneratorFactory.getInstance();
117    
118                                            screenName = screenNameGenerator.generate(
119                                                    companyId, user.getUserId(), emailAddress);
120                                    }
121                                    catch (NoSuchUserException nsue) {
122                                    }
123                            }
124    
125                            if (ldapImportEnabled) {
126                                    try {
127                                            String authType = PrefsPropsUtil.getString(
128                                                    companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
129                                                    PropsValues.COMPANY_SECURITY_AUTH_TYPE);
130    
131                                            if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
132                                                    user = PortalLDAPImporterUtil.importLDAPUser(
133                                                            companyId, StringPool.BLANK, screenName);
134                                            }
135                                            else {
136                                                    user = PortalLDAPImporterUtil.importLDAPUser(
137                                                            companyId, emailAddress, StringPool.BLANK);
138                                            }
139                                    }
140                                    catch (SystemException se) {
141                                    }
142                            }
143                            else {
144                                    if (Validator.isNull(emailAddress)) {
145                                            throw new AutoLoginException("Email address is null");
146                                    }
147                            }
148    
149                            if (user == null) {
150                                    try {
151                                            user = UserLocalServiceUtil.getUserByScreenName(
152                                                    companyId, screenName);
153                                    }
154                                    catch (NoSuchUserException nsue) {
155                                    }
156                            }
157    
158                            if (user == null) {
159                                    ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
160                                            WebKeys.THEME_DISPLAY);
161    
162                                    Locale locale = LocaleUtil.getDefault();
163    
164                                    if (themeDisplay != null) {
165    
166                                            // ThemeDisplay should never be null, but some users
167                                            // complain of this error. Cause is unknown.
168    
169                                            locale = themeDisplay.getLocale();
170                                    }
171    
172                                    if (_log.isDebugEnabled()) {
173                                            _log.debug("Adding user " + screenName);
174                                    }
175    
176                                    user = addUser(
177                                            companyId, firstName, lastName, emailAddress, screenName,
178                                            locale);
179                            }
180    
181                            String redirect = ParamUtil.getString(request, "redirect");
182    
183                            if (Validator.isNotNull(redirect)) {
184                                    request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
185                            }
186    
187                            credentials = new String[3];
188    
189                            credentials[0] = String.valueOf(user.getUserId());
190                            credentials[1] = user.getPassword();
191                            credentials[2] = Boolean.TRUE.toString();
192                    }
193                    catch (Exception e) {
194                            _log.error(e, e);
195                    }
196    
197                    return credentials;
198            }
199    
200            protected User addUser(
201                            long companyId, String firstName, String lastName,
202                            String emailAddress, String screenName, Locale locale)
203                    throws Exception {
204    
205                    long creatorUserId = 0;
206                    boolean autoPassword = false;
207                    String password1 = PwdGenerator.getPassword();
208                    String password2 = password1;
209                    boolean autoScreenName = false;
210                    long facebookId = 0;
211                    String openId = StringPool.BLANK;
212                    String middleName = StringPool.BLANK;
213                    int prefixId = 0;
214                    int suffixId = 0;
215                    boolean male = true;
216                    int birthdayMonth = Calendar.JANUARY;
217                    int birthdayDay = 1;
218                    int birthdayYear = 1970;
219                    String jobTitle = StringPool.BLANK;
220                    long[] groupIds = null;
221                    long[] organizationIds = null;
222                    long[] roleIds = null;
223                    long[] userGroupIds = null;
224                    boolean sendEmail = false;
225                    ServiceContext serviceContext = new ServiceContext();
226    
227                    return UserLocalServiceUtil.addUser(
228                            creatorUserId, companyId, autoPassword, password1, password2,
229                            autoScreenName, screenName, emailAddress, facebookId, openId,
230                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
231                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
232                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
233            }
234    
235            private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
236    
237    }