001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.kernel.exception.SystemException;
018 import com.liferay.portal.kernel.log.Log;
019 import com.liferay.portal.kernel.log.LogFactoryUtil;
020 import com.liferay.portal.kernel.util.LocaleUtil;
021 import com.liferay.portal.kernel.util.ParamUtil;
022 import com.liferay.portal.kernel.util.PropsKeys;
023 import com.liferay.portal.kernel.util.StringPool;
024 import com.liferay.portal.kernel.util.Validator;
025 import com.liferay.portal.kernel.util.WebKeys;
026 import com.liferay.portal.model.CompanyConstants;
027 import com.liferay.portal.model.User;
028 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
029 import com.liferay.portal.service.ServiceContext;
030 import com.liferay.portal.service.UserLocalServiceUtil;
031 import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
032 import com.liferay.portal.theme.ThemeDisplay;
033 import com.liferay.portal.util.PortalUtil;
034 import com.liferay.portal.util.PrefsPropsUtil;
035 import com.liferay.portal.util.PropsValues;
036 import com.liferay.util.PwdGenerator;
037
038 import java.util.Calendar;
039 import java.util.Locale;
040 import java.util.Map;
041
042 import javax.servlet.http.HttpServletRequest;
043 import javax.servlet.http.HttpServletResponse;
044
045
049 public class OpenSSOAutoLogin extends BaseAutoLogin {
050
051 protected User addUser(
052 long companyId, String firstName, String lastName,
053 String emailAddress, String screenName, Locale locale)
054 throws Exception {
055
056 long creatorUserId = 0;
057 boolean autoPassword = false;
058 String password1 = PwdGenerator.getPassword();
059 String password2 = password1;
060 boolean autoScreenName = false;
061 long facebookId = 0;
062 String openId = StringPool.BLANK;
063 String middleName = StringPool.BLANK;
064 int prefixId = 0;
065 int suffixId = 0;
066 boolean male = true;
067 int birthdayMonth = Calendar.JANUARY;
068 int birthdayDay = 1;
069 int birthdayYear = 1970;
070 String jobTitle = StringPool.BLANK;
071 long[] groupIds = null;
072 long[] organizationIds = null;
073 long[] roleIds = null;
074 long[] userGroupIds = null;
075 boolean sendEmail = false;
076 ServiceContext serviceContext = new ServiceContext();
077
078 return UserLocalServiceUtil.addUser(
079 creatorUserId, companyId, autoPassword, password1, password2,
080 autoScreenName, screenName, emailAddress, facebookId, openId,
081 locale, firstName, middleName, lastName, prefixId, suffixId, male,
082 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
083 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
084 }
085
086 @Override
087 protected String[] doLogin(
088 HttpServletRequest request, HttpServletResponse response)
089 throws Exception {
090
091 long companyId = PortalUtil.getCompanyId(request);
092
093 if (!PrefsPropsUtil.getBoolean(
094 companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
095 PropsValues.OPEN_SSO_AUTH_ENABLED)) {
096
097 return null;
098 }
099
100 String serviceUrl = PrefsPropsUtil.getString(
101 companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
102
103 if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
104 return null;
105 }
106
107 boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
108 companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
109 PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
110 String screenNameAttr = PrefsPropsUtil.getString(
111 companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
112 PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
113 String emailAddressAttr = PrefsPropsUtil.getString(
114 companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
115 PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
116 String firstNameAttr = PrefsPropsUtil.getString(
117 companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
118 PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
119 String lastNameAttr = PrefsPropsUtil.getString(
120 companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
121 PropsValues.OPEN_SSO_LAST_NAME_ATTR);
122
123 Map<String, String> nameValues = OpenSSOUtil.getAttributes(
124 request, serviceUrl);
125
126 String screenName = nameValues.get(screenNameAttr);
127 String emailAddress = nameValues.get(emailAddressAttr);
128 String firstName = nameValues.get(firstNameAttr);
129 String lastName = nameValues.get(lastNameAttr);
130
131 if (_log.isDebugEnabled()) {
132 _log.debug(
133 "Validating user information for " + firstName + " " +
134 lastName + " with screen name " + screenName +
135 " and email address " + emailAddress);
136 }
137
138 User user = null;
139
140 if (PrefsPropsUtil.getBoolean(
141 companyId, PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
142
143 user = UserLocalServiceUtil.fetchUserByEmailAddress(
144 companyId, emailAddress);
145
146 if (user != null) {
147 ScreenNameGenerator screenNameGenerator =
148 ScreenNameGeneratorFactory.getInstance();
149
150 screenName = screenNameGenerator.generate(
151 companyId, user.getUserId(), emailAddress);
152 }
153 }
154
155 if (ldapImportEnabled) {
156 try {
157 String authType = PrefsPropsUtil.getString(
158 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
159 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
160
161 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
162 user = PortalLDAPImporterUtil.importLDAPUser(
163 companyId, StringPool.BLANK, screenName);
164 }
165 else {
166 user = PortalLDAPImporterUtil.importLDAPUser(
167 companyId, emailAddress, StringPool.BLANK);
168 }
169 }
170 catch (SystemException se) {
171 }
172 }
173 else {
174 if (Validator.isNull(emailAddress)) {
175 return handleException(
176 request, response, new Exception("Email address is null"));
177 }
178 }
179
180 if (user == null) {
181 user = UserLocalServiceUtil.fetchUserByScreenName(
182 companyId, screenName);
183 }
184
185 if (user == null) {
186 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
187 WebKeys.THEME_DISPLAY);
188
189 Locale locale = LocaleUtil.getDefault();
190
191 if (themeDisplay != null) {
192
193
194
195
196 locale = themeDisplay.getLocale();
197 }
198
199 if (_log.isDebugEnabled()) {
200 _log.debug("Adding user " + screenName);
201 }
202
203 user = addUser(
204 companyId, firstName, lastName, emailAddress, screenName,
205 locale);
206 }
207
208 String currentURL = PortalUtil.getCurrentURL(request);
209
210 if (currentURL.contains("/portal/login")) {
211 String redirect = ParamUtil.getString(request, "redirect");
212
213 if (Validator.isNotNull(redirect)) {
214 redirect = PortalUtil.escapeRedirect(redirect);
215 }
216 else {
217 redirect = PortalUtil.getPathMain();
218 }
219
220 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
221 }
222
223 String[] credentials = new String[3];
224
225 credentials[0] = String.valueOf(user.getUserId());
226 credentials[1] = user.getPassword();
227 credentials[2] = Boolean.TRUE.toString();
228
229 return credentials;
230 }
231
232 private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
233
234 }