/**
* Gets the request fields that are configured in the properties file, such as the merchant key
* and password. This handles version as well. If some critical data is missing, this throws
* GenericServiceException.
*/
private static Map buildRequestHeader(String resource) throws GenericServiceException {
Map request = FastMap.newInstance();
String login = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.login");
if (UtilValidate.isEmpty(login)) {
Debug.logWarning(
"Authorize.NET login not configured. Please ensure payment.authorizedotnet.login is defined in "
+ resource,
module);
}
String password = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.password");
if (UtilValidate.isEmpty(password)) {
Debug.logWarning(
"Authorize.NET password not configured. Please ensure payment.authorizedotnet.password is defined in "
+ resource,
module);
}
String delimited =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.delimited");
String delimiter =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.delimiter");
String emailcustomer =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.emailcustomer");
String emailmerchant =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.emailmerchant");
String transdescription =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.transdescription");
request.put("x_login", login);
request.put("x_password", password);
request.put("x_delim_data", delimited);
request.put("x_delim_char", delimiter);
request.put("x_email_customer", emailcustomer);
request.put("x_email_merchant", emailmerchant);
request.put("x_description", transdescription);
request.put("x_relay_response", "FALSE");
String version =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.version", "3.0");
String tkey = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.trankey");
// transaction key is only supported in 3.1
if ("3.1".equals(version) && UtilValidate.isNotEmpty(tkey)) {
Debug.logWarning(
"Version 3.1 of Authorize.NET requires a transaction key. Please define payment.authorizedotnet.trankey in "
+ resource,
module);
Debug.logWarning("Reverting to version 3.0 of Authorize.NET", module);
version = "3.0";
}
request.put("x_version", version);
request.put("x_tran_key", tkey);
return request;
}
/**
* Method to get BigDecimal scale factor from a property
*
* @param file - Name of the property file
* @param property - Name of the config property from arithmeticPropertiesFile (e.g.,
* "invoice.decimals")
* @return int - Scale factor to pass to BigDecimal's methods. Defaults to DEFAULT_BD_SCALE (2)
*/
public static int getBigDecimalScale(String file, String property) {
if (UtilValidate.isEmpty(file)) return DEFAULT_BD_SCALE;
if (UtilValidate.isEmpty(property)) return DEFAULT_BD_SCALE;
int scale = -1;
String value = UtilProperties.getPropertyValue(file, property);
if (value != null) {
try {
scale = Integer.parseInt(value);
} catch (NumberFormatException e) {
}
}
if (scale == -1) {
Debug.logWarning(
"Could not set decimal precision from "
+ property
+ "="
+ value
+ ". Using default scale of "
+ DEFAULT_BD_SCALE
+ ".",
module);
scale = DEFAULT_BD_SCALE;
}
return scale;
}
// assumes production mode if the payment.authorizedotnet.test property is missing
private static boolean isTestMode(String resource) {
String boolValue =
UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.test", "false");
boolValue = boolValue.toLowerCase();
if (boolValue.startsWith("y") || boolValue.startsWith("t")) return true;
if (boolValue.startsWith("n") || boolValue.startsWith("f")) return false;
return false;
}
static {
levelStringMap.put("verbose", Debug.VERBOSE);
levelStringMap.put("timing", Debug.TIMING);
levelStringMap.put("info", Debug.INFO);
levelStringMap.put("important", Debug.IMPORTANT);
levelStringMap.put("warning", Debug.WARNING);
levelStringMap.put("error", Debug.ERROR);
levelStringMap.put("fatal", Debug.FATAL);
levelStringMap.put("always", Debug.ALWAYS);
// initialize levelOnCache
for (int i = 0; i < levelOnCache.length; i++) {
levelOnCache[i] =
(i == Debug.ALWAYS
|| UtilProperties.propertyValueEqualsIgnoreCase(
"debug.properties", levelProps[i], "true"));
}
}
/**
* Method to get BigDecimal rounding mode from a property
*
* @param file - Name of the property file
* @param property - Name of the config property from arithmeticPropertiesFile (e.g.,
* "invoice.rounding")
* @return int - Rounding mode to pass to BigDecimal's methods. Defaults to
* DEFAULT_BD_ROUNDING_MODE (BigDecimal.ROUND_HALF_UP)
*/
public static int getBigDecimalRoundingMode(String file, String property) {
if (UtilValidate.isEmpty(file)) return DEFAULT_BD_SCALE;
if (UtilValidate.isEmpty(property)) return DEFAULT_BD_ROUNDING_MODE;
String value = UtilProperties.getPropertyValue(file, property);
int mode = roundingModeFromString(value);
if (mode == -1) {
Debug.logWarning(
"Could not set decimal rounding mode from "
+ property
+ "="
+ value
+ ". Using default mode of "
+ DEFAULT_BD_SCALE
+ ".",
module);
return DEFAULT_BD_ROUNDING_MODE;
}
return mode;
}
/**
* Processes the request and returns an AuthorizeResponse. This service causes a
* GenericServiceException if there is a fatal confguration error that must be addressed.
*/
private static AuthorizeResponse processRequest(Map request, String resource)
throws GenericServiceException {
boolean testMode = isTestMode(resource);
String url = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.url");
if (UtilValidate.isEmpty(url)) {
throw new GenericServiceException(
"Authorize.NET transaction URL not configured. Please ensure payment.authorizedotnet.test is defined in "
+ resource);
}
Debug.logInfo("Sending eCheck.NET request type " + request.get("x_type"), module);
if (testMode) {
Debug.logInfo("Request URL: " + url, module);
Debug.logInfo("Request Map: " + request, module);
}
// post the request to the url
String responseString = null;
try {
HttpClient client = new HttpClient(url, request);
client.setClientCertificateAlias("AUTHORIZE_NET");
responseString = client.post();
} catch (HttpClientException e) {
Debug.logError(
e,
"Failed to send eCheck.NET request due to client exception: " + e.getMessage(),
module);
return null;
}
if (testMode) {
Debug.logInfo("Response from eCheck.NET: " + responseString, module);
}
return new AuthorizeResponse(responseString);
}
/**
* An HTTP WebEvent handler that checks to see is a userLogin is logged in. If not, the user is
* forwarded to the login page.
*
* @param request The HTTP request object for the current JSP or Servlet request.
* @param response The HTTP response object for the current JSP or Servlet request.
* @return String
*/
public static String checkLogin(HttpServletRequest request, HttpServletResponse response) {
GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
// anonymous shoppers are not logged in
if (userLogin != null && "anonymous".equals(userLogin.getString("userLoginId"))) {
userLogin = null;
}
// user is logged in; check to see if they have globally logged out if not
// check if they have permission for this login attempt; if not log them out
if (userLogin != null) {
Element rootElement = getRootElement(request);
boolean hasLdapLoggedOut = false;
if (rootElement != null) {
String className =
UtilXml.childElementValue(
rootElement,
"AuthenticationHandler",
"org.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler");
try {
Class<?> handlerClass = Class.forName(className);
InterfaceOFBizAuthenticationHandler authenticationHandler =
(InterfaceOFBizAuthenticationHandler) handlerClass.newInstance();
hasLdapLoggedOut = authenticationHandler.hasLdapLoggedOut(request, response, rootElement);
} catch (ClassNotFoundException e) {
Debug.logError(e, "Error calling checkLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (InstantiationException e) {
Debug.logError(e, "Error calling checkLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (IllegalAccessException e) {
Debug.logError(e, "Error calling checkLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (Exception e) {
Debug.logError(e, "Error calling checkLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
}
}
if (!hasBasePermission(userLogin, request)
|| isFlaggedLoggedOut(userLogin)
|| hasLdapLoggedOut) {
Debug.logInfo("User does not have permission or is flagged as logged out", module);
doBasicLogout(userLogin, request, response);
userLogin = null;
}
}
if (userLogin == null) {
return login(request, response);
}
return "success";
}
protected static Element getRootElement(HttpServletRequest request) {
if (Debug.infoOn()) {
Debug.log("Applet config file: " + ldapConfig);
}
File configFile = new File(ldapConfig);
FileInputStream configFileIS = null;
Element rootElement = null;
try {
configFileIS = new FileInputStream(configFile);
Document configDoc =
UtilXml.readXmlDocument(configFileIS, "LDAP configuration file " + ldapConfig);
rootElement = configDoc.getDocumentElement();
} catch (FileNotFoundException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (SAXException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (ParserConfigurationException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (IOException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} finally {
if (configFileIS != null) {
try {
configFileIS.close();
} catch (IOException e) {
}
}
}
return rootElement;
}
/**
* An HTTP WebEvent handler that logs out a userLogin by clearing the session.
*
* @param request The HTTP request object for the current request.
* @param response The HTTP response object for the current request.
* @return Return a boolean which specifies whether or not the calling request should generate its
* own content. This allows an event to override the default content.
*/
public static String logout(HttpServletRequest request, HttpServletResponse response) {
// run the before-logout events
RequestHandler rh = RequestHandler.getRequestHandler(request.getSession().getServletContext());
rh.runBeforeLogoutEvents(request, response);
// invalidate the security group list cache
GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
doBasicLogout(userLogin, request, response);
Element rootElement = getRootElement(request);
String result = "error";
if (rootElement != null) {
String className =
UtilXml.childElementValue(
rootElement,
"AuthenticationHandler",
"org.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler");
try {
Class<?> handlerClass = Class.forName(className);
InterfaceOFBizAuthenticationHandler authenticationHandler =
(InterfaceOFBizAuthenticationHandler) handlerClass.newInstance();
result = authenticationHandler.logout(request, response, rootElement);
} catch (ClassNotFoundException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (InstantiationException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (IllegalAccessException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (Exception e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
}
}
if (request.getAttribute("_AUTO_LOGIN_LOGOUT_") == null) {
return autoLoginCheck(request, response);
}
return result;
}
/**
* An HTTP WebEvent handler that logs in a userLogin. This should run before the security check.
*
* @param request The HTTP request object for the current JSP or Servlet request.
* @param response The HTTP response object for the current JSP or Servlet request.
* @return Return a boolean which specifies whether or not the calling Servlet or JSP should
* generate its own content. This allows an event to override the default content.
*/
public static String login(HttpServletRequest request, HttpServletResponse response) {
Element rootElement = getRootElement(request);
String result = "error";
if (rootElement != null) {
String className =
UtilXml.childElementValue(
rootElement,
"AuthenticationHandler",
"org.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler");
try {
Class<?> handlerClass = Class.forName(className);
InterfaceOFBizAuthenticationHandler authenticationHandler =
(InterfaceOFBizAuthenticationHandler) handlerClass.newInstance();
result = authenticationHandler.login(request, response, rootElement);
} catch (ClassNotFoundException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (InstantiationException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (IllegalAccessException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (NamingException e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
} catch (Exception e) {
Debug.logError(e, "Error calling userLogin service", module);
Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
String errMsg =
UtilProperties.getMessage(
resourceWebapp,
"loginevents.following_error_occurred_during_login",
messageMap,
UtilHttp.getLocale(request));
request.setAttribute("_ERROR_MESSAGE_", errMsg);
}
}
if (result.equals("error")) {
boolean useOFBizLoginWhenFail =
Boolean.getBoolean(
UtilXml.childElementValue(rootElement, "UseOFBizLoginWhenLDAPFail", "false"));
if (useOFBizLoginWhenFail) {
return LoginWorker.login(request, response);
}
}
return result;
}
