1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portal.security.auth;
16  
17  import com.liferay.portal.NoSuchUserException;
18  import com.liferay.portal.kernel.log.Log;
19  import com.liferay.portal.kernel.log.LogFactoryUtil;
20  import com.liferay.portal.kernel.util.LocaleUtil;
21  import com.liferay.portal.kernel.util.ParamUtil;
22  import com.liferay.portal.kernel.util.PropsKeys;
23  import com.liferay.portal.kernel.util.StringPool;
24  import com.liferay.portal.kernel.util.Validator;
25  import com.liferay.portal.kernel.util.WebKeys;
26  import com.liferay.portal.model.User;
27  import com.liferay.portal.service.ServiceContext;
28  import com.liferay.portal.service.UserLocalServiceUtil;
29  import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
30  import com.liferay.portal.theme.ThemeDisplay;
31  import com.liferay.portal.util.PortalUtil;
32  import com.liferay.portal.util.PrefsPropsUtil;
33  import com.liferay.portal.util.PropsValues;
34  import com.liferay.util.PwdGenerator;
35  
36  import java.util.Calendar;
37  import java.util.Locale;
38  import java.util.Map;
39  
40  import javax.servlet.http.HttpServletRequest;
41  import javax.servlet.http.HttpServletResponse;
42  
43  /**
44   * <a href="OpenSSOAutoLogin.java.html"><b><i>View Source</i></b></a>
45   *
46   * @author Brian Wing Shun Chan
47   * @author Prashant Dighe
48   */
49  public class OpenSSOAutoLogin implements AutoLogin {
50  
51      public String[] login(
52          HttpServletRequest request, HttpServletResponse response) {
53  
54          String[] credentials = null;
55  
56          try {
57              long companyId = PortalUtil.getCompanyId(request);
58  
59              if (!PrefsPropsUtil.getBoolean(
60                      companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
61                      PropsValues.OPEN_SSO_AUTH_ENABLED)) {
62  
63                  return credentials;
64              }
65  
66              String serviceUrl = PrefsPropsUtil.getString(
67                  companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
68  
69              if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
70                  return credentials;
71              }
72  
73              String screenNameAttr = PrefsPropsUtil.getString(
74                  companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
75                  PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
76              String emailAddressAttr = PrefsPropsUtil.getString(
77                  companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
78                  PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
79              String firstNameAttr = PrefsPropsUtil.getString(
80                  companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
81                  PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
82              String lastNameAttr = PrefsPropsUtil.getString(
83                  companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
84                  PropsValues.OPEN_SSO_LAST_NAME_ATTR);
85  
86              Map<String, String> nameValues = OpenSSOUtil.getAttributes(
87                  request, serviceUrl);
88  
89              String screenName = nameValues.get(screenNameAttr);
90              String emailAddress = nameValues.get(emailAddressAttr);
91              String firstName = nameValues.get(firstNameAttr);
92              String lastName = nameValues.get(lastNameAttr);
93  
94              if (Validator.isNull(emailAddress)) {
95                  throw new AutoLoginException("Email address is null");
96              }
97  
98              User user = null;
99  
100             try {
101                 user = UserLocalServiceUtil.getUserByScreenName(
102                     companyId, screenName);
103             }
104             catch (NoSuchUserException nsue) {
105                 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
106                     WebKeys.THEME_DISPLAY);
107 
108                 Locale locale = LocaleUtil.getDefault();
109 
110                 if (themeDisplay != null) {
111 
112                     // ThemeDisplay should never be null, but some users
113                     // complain of this error. Cause is unknown.
114 
115                     locale = themeDisplay.getLocale();
116                 }
117 
118                 user = addUser(
119                     companyId, firstName, lastName, emailAddress, screenName,
120                     locale);
121             }
122 
123             String redirect = ParamUtil.getString(request, "redirect");
124 
125             if (Validator.isNotNull(redirect)) {
126                 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
127             }
128 
129             credentials = new String[3];
130 
131             credentials[0] = String.valueOf(user.getUserId());
132             credentials[1] = user.getPassword();
133             credentials[2] = Boolean.TRUE.toString();
134         }
135         catch (Exception e) {
136             _log.error(e, e);
137         }
138 
139         return credentials;
140     }
141 
142     protected User addUser(
143             long companyId, String firstName, String lastName,
144             String emailAddress, String screenName, Locale locale)
145         throws Exception {
146 
147         long creatorUserId = 0;
148         boolean autoPassword = false;
149         String password1 = PwdGenerator.getPassword();
150         String password2 = password1;
151         boolean autoScreenName = false;
152         String openId = StringPool.BLANK;
153         String middleName = StringPool.BLANK;
154         int prefixId = 0;
155         int suffixId = 0;
156         boolean male = true;
157         int birthdayMonth = Calendar.JANUARY;
158         int birthdayDay = 1;
159         int birthdayYear = 1970;
160         String jobTitle = StringPool.BLANK;
161         long[] groupIds = null;
162         long[] organizationIds = null;
163         long[] roleIds = null;
164         long[] userGroupIds = null;
165         boolean sendEmail = false;
166         ServiceContext serviceContext = new ServiceContext();
167 
168         return UserLocalServiceUtil.addUser(
169             creatorUserId, companyId, autoPassword, password1, password2,
170             autoScreenName, screenName, emailAddress, openId, locale, firstName,
171             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
172             birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
173             roleIds, userGroupIds, sendEmail, serviceContext);
174     }
175 
176     private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
177 
178 }