protected void login(
      ThemeDisplay themeDisplay, ActionRequest actionRequest, ActionResponse actionResponse)
      throws Exception {

    HttpServletRequest request =
        PortalUtil.getOriginalServletRequest(PortalUtil.getHttpServletRequest(actionRequest));
    HttpServletResponse response = PortalUtil.getHttpServletResponse(actionResponse);

    String login = ParamUtil.getString(actionRequest, "login");
    String password = actionRequest.getParameter("password");
    boolean rememberMe = ParamUtil.getBoolean(actionRequest, "rememberMe");

    if (!themeDisplay.isSignedIn()) {
      String portletId = PortalUtil.getPortletId(actionRequest);

      PortletPreferences portletPreferences =
          PortletPreferencesFactoryUtil.getStrictPortletSetup(themeDisplay.getLayout(), portletId);

      String authType = portletPreferences.getValue("authType", null);

      AuthenticatedSessionManagerUtil.login(
          request, response, login, password, rememberMe, authType);
    }

    String redirect = ParamUtil.getString(actionRequest, "redirect");

    if (Validator.isNotNull(redirect)) {
      redirect = PortalUtil.escapeRedirect(redirect);

      if (Validator.isNotNull(redirect) && !redirect.startsWith(Http.HTTP)) {

        redirect = getCompleteRedirectURL(request, redirect);
      }
    }

    String mainPath = themeDisplay.getPathMain();

    if (PropsValues.PORTAL_JAAS_ENABLE) {
      if (Validator.isNotNull(redirect)) {
        redirect =
            mainPath.concat("/portal/protected?redirect=").concat(HttpUtil.encodeURL(redirect));
      } else {
        redirect = mainPath.concat("/portal/protected");
      }

      actionResponse.sendRedirect(redirect);
    } else {
      if (Validator.isNotNull(redirect)) {
        actionResponse.sendRedirect(redirect);
      } else {
        boolean doActionAfterLogin = ParamUtil.getBoolean(actionRequest, "doActionAfterLogin");

        if (doActionAfterLogin) {
          return;
        } else {
          actionResponse.sendRedirect(mainPath);
        }
      }
    }
  }
Ejemplo n.º 2
0
  public static void authenticateEvernote(
      RenderRequest renderRequest, PortletSession portletSession, ThemeDisplay themeDisplay)
      throws OAuthException {

    HttpServletRequest request = PortalUtil.getHttpServletRequest(renderRequest);
    String authorizationUrl = StringPool.BLANK;

    try {

      OAuthService service = getOAuthService(request, themeDisplay);

      if (PortalUtil.getOriginalServletRequest(request).getParameter(OAUTH_VERIFIER) == null) {
        // Send an OAuth message to the Provider asking for a new Request
        // Token because we don't have access to the current user's account.
        Token scribeRequestToken = service.getRequestToken();

        portletSession.setAttribute(REQUEST_TOKEN, scribeRequestToken.getToken());
        portletSession.setAttribute(REQUEST_TOKEN_SECRET, scribeRequestToken.getSecret());

        authorizationUrl = EVERNOTE_SERVICE.getAuthorizationUrl(scribeRequestToken.getToken());

      } else {
        // Send an OAuth message to the Provider asking to exchange the
        // existing Request Token for an Access Token
        Token scribeRequestToken =
            new Token(
                portletSession.getAttribute(REQUEST_TOKEN).toString(),
                portletSession.getAttribute(REQUEST_TOKEN_SECRET).toString());

        Verifier scribeVerifier =
            new Verifier(
                PortalUtil.getOriginalServletRequest(request).getParameter(OAUTH_VERIFIER));

        Token scribeAccessToken = service.getAccessToken(scribeRequestToken, scribeVerifier);

        EvernoteAuth evernoteAuth =
            EvernoteAuth.parseOAuthResponse(EVERNOTE_SERVICE, scribeAccessToken.getRawResponse());

        portletSession.setAttribute(ACCESS_TOKEN, evernoteAuth.getToken());
      }

    } catch (Exception e) {
      throw new OAuthException(e);
    }

    renderRequest.setAttribute(AUTHORIZATION_URL, authorizationUrl);
  }
Ejemplo n.º 3
0
  /** @return */
  public static SearchContext getCurrentSearchContext() {
    final LiferayFacesContext liferayFacesContext = LiferayFacesContext.getInstance();

    final PortletRequest req =
        (PortletRequest) liferayFacesContext.getExternalContext().getRequest();

    final HttpServletRequest httpServletRequest =
        PortalUtil.getOriginalServletRequest(PortalUtil.getHttpServletRequest(req));
    final SearchContext searchContext = SearchContextFactory.getInstance(httpServletRequest);
    return searchContext;
  }
Ejemplo n.º 4
0
  protected String readOpenIdResponse(ThemeDisplay themeDisplay, ActionRequest actionRequest)
      throws Exception {

    HttpServletRequest request = PortalUtil.getHttpServletRequest(actionRequest);

    request = PortalUtil.getOriginalServletRequest(request);

    HttpSession session = request.getSession();

    ParameterList parameterList = new ParameterList(request.getParameterMap());

    DiscoveryInformation discoveryInformation =
        (DiscoveryInformation) session.getAttribute(OpenIdWebKeys.OPEN_ID_DISCO);

    if (discoveryInformation == null) {
      return null;
    }

    String receivingURL = ParamUtil.getString(request, "openid.return_to");

    VerificationResult verificationResult =
        _consumerManager.verify(receivingURL, parameterList, discoveryInformation);

    Identifier identifier = verificationResult.getVerifiedId();

    if (identifier == null) {
      return null;
    }

    AuthSuccess authSuccess = (AuthSuccess) verificationResult.getAuthResponse();

    String firstName = null;
    String lastName = null;
    String emailAddress = null;

    if (authSuccess.hasExtension(SRegMessage.OPENID_NS_SREG)) {
      MessageExtension messageExtension = authSuccess.getExtension(SRegMessage.OPENID_NS_SREG);

      if (messageExtension instanceof SRegResponse) {
        SRegResponse sregResp = (SRegResponse) messageExtension;

        String fullName =
            GetterUtil.getString(sregResp.getAttributeValue(_OPEN_ID_SREG_ATTR_FULLNAME));

        String[] names = splitFullName(fullName);

        if (names != null) {
          firstName = names[0];
          lastName = names[1];
        }

        emailAddress = sregResp.getAttributeValue(_OPEN_ID_SREG_ATTR_EMAIL);
      }
    }

    if (authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
      MessageExtension messageExtension = authSuccess.getExtension(AxMessage.OPENID_NS_AX);

      if (messageExtension instanceof FetchResponse) {
        FetchResponse fetchResponse = (FetchResponse) messageExtension;

        OpenIdProvider openIdProvider =
            _openIdProviderRegistry.getOpenIdProvider(discoveryInformation.getOPEndpoint());

        String[] openIdAXTypes = openIdProvider.getAxSchema();

        for (String openIdAXType : openIdAXTypes) {
          if (openIdAXType.equals(_OPEN_ID_AX_ATTR_EMAIL)) {
            if (Validator.isNull(emailAddress)) {
              emailAddress =
                  getFirstValue(fetchResponse.getAttributeValues(_OPEN_ID_AX_ATTR_EMAIL));
            }
          } else if (openIdAXType.equals(_OPEN_ID_AX_ATTR_FIRST_NAME)) {
            if (Validator.isNull(firstName)) {
              firstName =
                  getFirstValue(fetchResponse.getAttributeValues(_OPEN_ID_AX_ATTR_FIRST_NAME));
            }
          } else if (openIdAXType.equals(_OPEN_ID_AX_ATTR_FULL_NAME)) {
            String fullName = fetchResponse.getAttributeValue(_OPEN_ID_AX_ATTR_FULL_NAME);

            String[] names = splitFullName(fullName);

            if (names != null) {
              if (Validator.isNull(firstName)) {
                firstName = names[0];
              }

              if (Validator.isNull(lastName)) {
                lastName = names[1];
              }
            }
          } else if (openIdAXType.equals(_OPEN_ID_AX_ATTR_LAST_NAME)) {
            if (Validator.isNull(lastName)) {
              lastName =
                  getFirstValue(fetchResponse.getAttributeValues(_OPEN_ID_AX_ATTR_LAST_NAME));
            }
          }
        }
      }
    }

    String openId = normalize(authSuccess.getIdentity());

    User user = _userLocalService.fetchUserByOpenId(themeDisplay.getCompanyId(), openId);

    if (user != null) {
      session.setAttribute(WebKeys.OPEN_ID_LOGIN, user.getUserId());

      return null;
    }

    if (Validator.isNull(firstName)
        || Validator.isNull(lastName)
        || Validator.isNull(emailAddress)) {

      SessionMessages.add(request, "openIdUserInformationMissing");

      if (_log.isInfoEnabled()) {
        _log.info(
            "The OpenID provider did not send the required " + "attributes to create an account");
      }

      String createAccountURL = PortalUtil.getCreateAccountURL(request, themeDisplay);

      createAccountURL = HttpUtil.setParameter(createAccountURL, "openId", openId);

      session.setAttribute(WebKeys.OPEN_ID_LOGIN_PENDING, Boolean.TRUE);

      return createAccountURL;
    }

    long creatorUserId = 0;
    long companyId = themeDisplay.getCompanyId();
    boolean autoPassword = false;
    String password1 = PwdGenerator.getPassword();
    String password2 = password1;
    boolean autoScreenName = true;
    String screenName = StringPool.BLANK;
    long facebookId = 0;
    Locale locale = themeDisplay.getLocale();
    String middleName = StringPool.BLANK;
    long prefixId = 0;
    long suffixId = 0;
    boolean male = true;
    int birthdayMonth = Calendar.JANUARY;
    int birthdayDay = 1;
    int birthdayYear = 1970;
    String jobTitle = StringPool.BLANK;
    long[] groupIds = null;
    long[] organizationIds = null;
    long[] roleIds = null;
    long[] userGroupIds = null;
    boolean sendEmail = false;

    ServiceContext serviceContext = new ServiceContext();

    user =
        _userLocalService.addUser(
            creatorUserId,
            companyId,
            autoPassword,
            password1,
            password2,
            autoScreenName,
            screenName,
            emailAddress,
            facebookId,
            openId,
            locale,
            firstName,
            middleName,
            lastName,
            prefixId,
            suffixId,
            male,
            birthdayMonth,
            birthdayDay,
            birthdayYear,
            jobTitle,
            groupIds,
            organizationIds,
            roleIds,
            userGroupIds,
            sendEmail,
            serviceContext);

    session.setAttribute(WebKeys.OPEN_ID_LOGIN, user.getUserId());

    return null;
  }