001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.util.LocaleUtil;
022 import com.liferay.portal.kernel.util.ParamUtil;
023 import com.liferay.portal.kernel.util.PropsKeys;
024 import com.liferay.portal.kernel.util.StringPool;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.kernel.util.WebKeys;
027 import com.liferay.portal.model.CompanyConstants;
028 import com.liferay.portal.model.User;
029 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
030 import com.liferay.portal.service.ServiceContext;
031 import com.liferay.portal.service.UserLocalServiceUtil;
032 import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
033 import com.liferay.portal.theme.ThemeDisplay;
034 import com.liferay.portal.util.PortalUtil;
035 import com.liferay.portal.util.PrefsPropsUtil;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.util.PwdGenerator;
038
039 import java.util.Calendar;
040 import java.util.Locale;
041 import java.util.Map;
042
043 import javax.servlet.http.HttpServletRequest;
044 import javax.servlet.http.HttpServletResponse;
045
046
050 public class OpenSSOAutoLogin implements AutoLogin {
051
052 @Override
053 public String[] login(
054 HttpServletRequest request, HttpServletResponse response) {
055
056 String[] credentials = null;
057
058 try {
059 long companyId = PortalUtil.getCompanyId(request);
060
061 if (!PrefsPropsUtil.getBoolean(
062 companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
063 PropsValues.OPEN_SSO_AUTH_ENABLED)) {
064
065 return credentials;
066 }
067
068 String serviceUrl = PrefsPropsUtil.getString(
069 companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
070
071 if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
072 return credentials;
073 }
074
075 boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
076 companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
077 PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
078 String screenNameAttr = PrefsPropsUtil.getString(
079 companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
080 PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
081 String emailAddressAttr = PrefsPropsUtil.getString(
082 companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
083 PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
084 String firstNameAttr = PrefsPropsUtil.getString(
085 companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
086 PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
087 String lastNameAttr = PrefsPropsUtil.getString(
088 companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
089 PropsValues.OPEN_SSO_LAST_NAME_ATTR);
090
091 Map<String, String> nameValues = OpenSSOUtil.getAttributes(
092 request, serviceUrl);
093
094 String screenName = nameValues.get(screenNameAttr);
095 String emailAddress = nameValues.get(emailAddressAttr);
096 String firstName = nameValues.get(firstNameAttr);
097 String lastName = nameValues.get(lastNameAttr);
098
099 if (_log.isDebugEnabled()) {
100 _log.debug(
101 "Validating user information for " + firstName + " " +
102 lastName + " with screen name " + screenName +
103 " and email address " + emailAddress);
104 }
105
106 User user = null;
107
108 if (PrefsPropsUtil.getBoolean(
109 companyId,
110 PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
111
112 try {
113 user = UserLocalServiceUtil.getUserByEmailAddress(
114 companyId, emailAddress);
115
116 ScreenNameGenerator screenNameGenerator =
117 ScreenNameGeneratorFactory.getInstance();
118
119 screenName = screenNameGenerator.generate(
120 companyId, user.getUserId(), emailAddress);
121 }
122 catch (NoSuchUserException nsue) {
123 }
124 }
125
126 if (ldapImportEnabled) {
127 try {
128 String authType = PrefsPropsUtil.getString(
129 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
130 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
131
132 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
133 user = PortalLDAPImporterUtil.importLDAPUser(
134 companyId, StringPool.BLANK, screenName);
135 }
136 else {
137 user = PortalLDAPImporterUtil.importLDAPUser(
138 companyId, emailAddress, StringPool.BLANK);
139 }
140 }
141 catch (SystemException se) {
142 }
143 }
144 else {
145 if (Validator.isNull(emailAddress)) {
146 throw new AutoLoginException("Email address is null");
147 }
148 }
149
150 if (user == null) {
151 try {
152 user = UserLocalServiceUtil.getUserByScreenName(
153 companyId, screenName);
154 }
155 catch (NoSuchUserException nsue) {
156 }
157 }
158
159 if (user == null) {
160 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
161 WebKeys.THEME_DISPLAY);
162
163 Locale locale = LocaleUtil.getDefault();
164
165 if (themeDisplay != null) {
166
167
168
169
170 locale = themeDisplay.getLocale();
171 }
172
173 if (_log.isDebugEnabled()) {
174 _log.debug("Adding user " + screenName);
175 }
176
177 user = addUser(
178 companyId, firstName, lastName, emailAddress, screenName,
179 locale);
180 }
181
182 String currentURL = PortalUtil.getCurrentURL(request);
183
184 if (currentURL.contains("/portal/login")) {
185 String redirect = ParamUtil.getString(request, "redirect");
186
187 if (Validator.isNull(redirect)) {
188 redirect = PortalUtil.getPathMain();
189 }
190
191 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
192 }
193
194 credentials = new String[3];
195
196 credentials[0] = String.valueOf(user.getUserId());
197 credentials[1] = user.getPassword();
198 credentials[2] = Boolean.TRUE.toString();
199 }
200 catch (Exception e) {
201 _log.error(e, e);
202 }
203
204 return credentials;
205 }
206
207 protected User addUser(
208 long companyId, String firstName, String lastName,
209 String emailAddress, String screenName, Locale locale)
210 throws Exception {
211
212 long creatorUserId = 0;
213 boolean autoPassword = false;
214 String password1 = PwdGenerator.getPassword();
215 String password2 = password1;
216 boolean autoScreenName = false;
217 long facebookId = 0;
218 String openId = StringPool.BLANK;
219 String middleName = StringPool.BLANK;
220 int prefixId = 0;
221 int suffixId = 0;
222 boolean male = true;
223 int birthdayMonth = Calendar.JANUARY;
224 int birthdayDay = 1;
225 int birthdayYear = 1970;
226 String jobTitle = StringPool.BLANK;
227 long[] groupIds = null;
228 long[] organizationIds = null;
229 long[] roleIds = null;
230 long[] userGroupIds = null;
231 boolean sendEmail = false;
232 ServiceContext serviceContext = new ServiceContext();
233
234 return UserLocalServiceUtil.addUser(
235 creatorUserId, companyId, autoPassword, password1, password2,
236 autoScreenName, screenName, emailAddress, facebookId, openId,
237 locale, firstName, middleName, lastName, prefixId, suffixId, male,
238 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
239 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
240 }
241
242 private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
243
244 }