1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    *
5    *
6    *
7    * The contents of this file are subject to the terms of the Liferay Enterprise
8    * Subscription License ("License"). You may not use this file except in
9    * compliance with the License. You can obtain a copy of the License by
10   * contacting Liferay, Inc. See the License for the specific language governing
11   * permissions and limitations under the License, including but not limited to
12   * distribution rights of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.security.auth;
24  
25  import com.liferay.portal.NoSuchUserException;
26  import com.liferay.portal.kernel.log.Log;
27  import com.liferay.portal.kernel.log.LogFactoryUtil;
28  import com.liferay.portal.kernel.util.LocaleUtil;
29  import com.liferay.portal.kernel.util.PropsKeys;
30  import com.liferay.portal.kernel.util.StringPool;
31  import com.liferay.portal.kernel.util.Validator;
32  import com.liferay.portal.kernel.util.WebKeys;
33  import com.liferay.portal.model.User;
34  import com.liferay.portal.service.ServiceContext;
35  import com.liferay.portal.service.UserLocalServiceUtil;
36  import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
37  import com.liferay.portal.theme.ThemeDisplay;
38  import com.liferay.portal.util.PortalUtil;
39  import com.liferay.portal.util.PrefsPropsUtil;
40  import com.liferay.portal.util.PropsValues;
41  import com.liferay.util.PwdGenerator;
42  
43  import java.util.Calendar;
44  import java.util.Locale;
45  import java.util.Map;
46  
47  import javax.servlet.http.HttpServletRequest;
48  import javax.servlet.http.HttpServletResponse;
49  
50  /**
51   * <a href="OpenSSOAutoLogin.java.html"><b><i>View Source</i></b></a>
52   *
53   * @author Brian Wing Shun Chan
54   * @author Prashant Dighe
55   */
56  public class OpenSSOAutoLogin implements AutoLogin {
57  
58      public String[] login(
59          HttpServletRequest request, HttpServletResponse response) {
60  
61          String[] credentials = null;
62  
63          try {
64              long companyId = PortalUtil.getCompanyId(request);
65  
66              if (!PrefsPropsUtil.getBoolean(
67                      companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
68                      PropsValues.OPEN_SSO_AUTH_ENABLED)) {
69  
70                  return credentials;
71              }
72  
73              String serviceUrl = PrefsPropsUtil.getString(
74                  companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
75  
76              if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
77                  return credentials;
78              }
79  
80              String screenNameAttr = PrefsPropsUtil.getString(
81                  companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
82                  PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
83              String emailAddressAttr = PrefsPropsUtil.getString(
84                  companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
85                  PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
86              String firstNameAttr = PrefsPropsUtil.getString(
87                  companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
88                  PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
89              String lastNameAttr = PrefsPropsUtil.getString(
90                  companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
91                  PropsValues.OPEN_SSO_LAST_NAME_ATTR);
92  
93              Map<String, String> nameValues = OpenSSOUtil.getAttributes(
94                  request, serviceUrl);
95  
96              String screenName = nameValues.get(screenNameAttr);
97              String emailAddress = nameValues.get(emailAddressAttr);
98              String firstName = nameValues.get(firstNameAttr);
99              String lastName = nameValues.get(lastNameAttr);
100 
101             if (Validator.isNull(emailAddress)) {
102                 throw new AutoLoginException("Email address is null");
103             }
104 
105             User user = null;
106 
107             try {
108                 user = UserLocalServiceUtil.getUserByScreenName(
109                     companyId, screenName);
110             }
111             catch (NoSuchUserException nsue) {
112                 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
113                     WebKeys.THEME_DISPLAY);
114 
115                 Locale locale = LocaleUtil.getDefault();
116 
117                 if (themeDisplay != null) {
118 
119                     // ThemeDisplay should never be null, but some users
120                     // complain of this error. Cause is unknown.
121 
122                     locale = themeDisplay.getLocale();
123                 }
124 
125                 user = addUser(
126                     companyId, firstName, lastName, emailAddress, screenName,
127                     locale);
128             }
129 
130             credentials = new String[3];
131 
132             credentials[0] = String.valueOf(user.getUserId());
133             credentials[1] = user.getPassword();
134             credentials[2] = Boolean.TRUE.toString();
135         }
136         catch (Exception e) {
137             _log.error(e, e);
138         }
139 
140         return credentials;
141     }
142 
143     protected User addUser(
144             long companyId, String firstName, String lastName,
145             String emailAddress, String screenName, Locale locale)
146         throws Exception {
147 
148         long creatorUserId = 0;
149         boolean autoPassword = false;
150         String password1 = PwdGenerator.getPassword();
151         String password2 = password1;
152         boolean autoScreenName = false;
153         String openId = StringPool.BLANK;
154         String middleName = StringPool.BLANK;
155         int prefixId = 0;
156         int suffixId = 0;
157         boolean male = true;
158         int birthdayMonth = Calendar.JANUARY;
159         int birthdayDay = 1;
160         int birthdayYear = 1970;
161         String jobTitle = StringPool.BLANK;
162         long[] groupIds = null;
163         long[] organizationIds = null;
164         long[] roleIds = null;
165         long[] userGroupIds = null;
166         boolean sendEmail = false;
167         ServiceContext serviceContext = new ServiceContext();
168 
169         return UserLocalServiceUtil.addUser(
170             creatorUserId, companyId, autoPassword, password1, password2,
171             autoScreenName, screenName, emailAddress, openId, locale, firstName,
172             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
173             birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
174             roleIds, userGroupIds, sendEmail, serviceContext);
175     }
176 
177     private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
178 
179 }