/**
   * Gets the request fields that are configured in the properties file, such as the merchant key
   * and password. This handles version as well. If some critical data is missing, this throws
   * GenericServiceException.
   */
  private static Map buildRequestHeader(String resource) throws GenericServiceException {
    Map request = FastMap.newInstance();

    String login = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.login");
    if (UtilValidate.isEmpty(login)) {
      Debug.logWarning(
          "Authorize.NET login not configured.  Please ensure payment.authorizedotnet.login is defined in "
              + resource,
          module);
    }

    String password = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.password");
    if (UtilValidate.isEmpty(password)) {
      Debug.logWarning(
          "Authorize.NET password not configured.  Please ensure payment.authorizedotnet.password is defined in "
              + resource,
          module);
    }

    String delimited =
        UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.delimited");
    String delimiter =
        UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.delimiter");
    String emailcustomer =
        UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.emailcustomer");
    String emailmerchant =
        UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.emailmerchant");
    String transdescription =
        UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.transdescription");

    request.put("x_login", login);
    request.put("x_password", password);
    request.put("x_delim_data", delimited);
    request.put("x_delim_char", delimiter);
    request.put("x_email_customer", emailcustomer);
    request.put("x_email_merchant", emailmerchant);
    request.put("x_description", transdescription);
    request.put("x_relay_response", "FALSE");

    String version =
        UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.version", "3.0");
    String tkey = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.trankey");

    // transaction key is only supported in 3.1
    if ("3.1".equals(version) && UtilValidate.isNotEmpty(tkey)) {
      Debug.logWarning(
          "Version 3.1 of Authorize.NET requires a transaction key.  Please define payment.authorizedotnet.trankey in "
              + resource,
          module);
      Debug.logWarning("Reverting to version 3.0 of Authorize.NET", module);
      version = "3.0";
    }

    request.put("x_version", version);
    request.put("x_tran_key", tkey);

    return request;
  }
Exemple #2
0
  /**
   * Method to get BigDecimal scale factor from a property
   *
   * @param file - Name of the property file
   * @param property - Name of the config property from arithmeticPropertiesFile (e.g.,
   *     "invoice.decimals")
   * @return int - Scale factor to pass to BigDecimal's methods. Defaults to DEFAULT_BD_SCALE (2)
   */
  public static int getBigDecimalScale(String file, String property) {
    if (UtilValidate.isEmpty(file)) return DEFAULT_BD_SCALE;
    if (UtilValidate.isEmpty(property)) return DEFAULT_BD_SCALE;

    int scale = -1;
    String value = UtilProperties.getPropertyValue(file, property);
    if (value != null) {
      try {
        scale = Integer.parseInt(value);
      } catch (NumberFormatException e) {
      }
    }
    if (scale == -1) {
      Debug.logWarning(
          "Could not set decimal precision from "
              + property
              + "="
              + value
              + ". Using default scale of "
              + DEFAULT_BD_SCALE
              + ".",
          module);
      scale = DEFAULT_BD_SCALE;
    }
    return scale;
  }
 // assumes production mode if the payment.authorizedotnet.test property is missing
 private static boolean isTestMode(String resource) {
   String boolValue =
       UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.test", "false");
   boolValue = boolValue.toLowerCase();
   if (boolValue.startsWith("y") || boolValue.startsWith("t")) return true;
   if (boolValue.startsWith("n") || boolValue.startsWith("f")) return false;
   return false;
 }
Exemple #4
0
  static {
    levelStringMap.put("verbose", Debug.VERBOSE);
    levelStringMap.put("timing", Debug.TIMING);
    levelStringMap.put("info", Debug.INFO);
    levelStringMap.put("important", Debug.IMPORTANT);
    levelStringMap.put("warning", Debug.WARNING);
    levelStringMap.put("error", Debug.ERROR);
    levelStringMap.put("fatal", Debug.FATAL);
    levelStringMap.put("always", Debug.ALWAYS);

    // initialize levelOnCache
    for (int i = 0; i < levelOnCache.length; i++) {
      levelOnCache[i] =
          (i == Debug.ALWAYS
              || UtilProperties.propertyValueEqualsIgnoreCase(
                  "debug.properties", levelProps[i], "true"));
    }
  }
Exemple #5
0
  /**
   * Method to get BigDecimal rounding mode from a property
   *
   * @param file - Name of the property file
   * @param property - Name of the config property from arithmeticPropertiesFile (e.g.,
   *     "invoice.rounding")
   * @return int - Rounding mode to pass to BigDecimal's methods. Defaults to
   *     DEFAULT_BD_ROUNDING_MODE (BigDecimal.ROUND_HALF_UP)
   */
  public static int getBigDecimalRoundingMode(String file, String property) {
    if (UtilValidate.isEmpty(file)) return DEFAULT_BD_SCALE;
    if (UtilValidate.isEmpty(property)) return DEFAULT_BD_ROUNDING_MODE;

    String value = UtilProperties.getPropertyValue(file, property);
    int mode = roundingModeFromString(value);
    if (mode == -1) {
      Debug.logWarning(
          "Could not set decimal rounding mode from "
              + property
              + "="
              + value
              + ". Using default mode of "
              + DEFAULT_BD_SCALE
              + ".",
          module);
      return DEFAULT_BD_ROUNDING_MODE;
    }
    return mode;
  }
  /**
   * Processes the request and returns an AuthorizeResponse. This service causes a
   * GenericServiceException if there is a fatal confguration error that must be addressed.
   */
  private static AuthorizeResponse processRequest(Map request, String resource)
      throws GenericServiceException {
    boolean testMode = isTestMode(resource);
    String url = UtilProperties.getPropertyValue(resource, "payment.authorizedotnet.url");
    if (UtilValidate.isEmpty(url)) {
      throw new GenericServiceException(
          "Authorize.NET transaction URL not configured.  Please ensure payment.authorizedotnet.test is defined in "
              + resource);
    }

    Debug.logInfo("Sending eCheck.NET request type " + request.get("x_type"), module);
    if (testMode) {
      Debug.logInfo("Request URL: " + url, module);
      Debug.logInfo("Request Map: " + request, module);
    }

    // post the request to the url
    String responseString = null;
    try {
      HttpClient client = new HttpClient(url, request);
      client.setClientCertificateAlias("AUTHORIZE_NET");
      responseString = client.post();
    } catch (HttpClientException e) {
      Debug.logError(
          e,
          "Failed to send eCheck.NET request due to client exception: " + e.getMessage(),
          module);
      return null;
    }

    if (testMode) {
      Debug.logInfo("Response from eCheck.NET: " + responseString, module);
    }

    return new AuthorizeResponse(responseString);
  }
  /**
   * An HTTP WebEvent handler that checks to see is a userLogin is logged in. If not, the user is
   * forwarded to the login page.
   *
   * @param request The HTTP request object for the current JSP or Servlet request.
   * @param response The HTTP response object for the current JSP or Servlet request.
   * @return String
   */
  public static String checkLogin(HttpServletRequest request, HttpServletResponse response) {
    GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
    // anonymous shoppers are not logged in
    if (userLogin != null && "anonymous".equals(userLogin.getString("userLoginId"))) {
      userLogin = null;
    }

    // user is logged in; check to see if they have globally logged out if not
    // check if they have permission for this login attempt; if not log them out
    if (userLogin != null) {
      Element rootElement = getRootElement(request);
      boolean hasLdapLoggedOut = false;
      if (rootElement != null) {
        String className =
            UtilXml.childElementValue(
                rootElement,
                "AuthenticationHandler",
                "org.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler");
        try {
          Class<?> handlerClass = Class.forName(className);
          InterfaceOFBizAuthenticationHandler authenticationHandler =
              (InterfaceOFBizAuthenticationHandler) handlerClass.newInstance();
          hasLdapLoggedOut = authenticationHandler.hasLdapLoggedOut(request, response, rootElement);
        } catch (ClassNotFoundException e) {
          Debug.logError(e, "Error calling checkLogin service", module);
          Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
          String errMsg =
              UtilProperties.getMessage(
                  resourceWebapp,
                  "loginevents.following_error_occurred_during_login",
                  messageMap,
                  UtilHttp.getLocale(request));
          request.setAttribute("_ERROR_MESSAGE_", errMsg);
        } catch (InstantiationException e) {
          Debug.logError(e, "Error calling checkLogin service", module);
          Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
          String errMsg =
              UtilProperties.getMessage(
                  resourceWebapp,
                  "loginevents.following_error_occurred_during_login",
                  messageMap,
                  UtilHttp.getLocale(request));
          request.setAttribute("_ERROR_MESSAGE_", errMsg);
        } catch (IllegalAccessException e) {
          Debug.logError(e, "Error calling checkLogin service", module);
          Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
          String errMsg =
              UtilProperties.getMessage(
                  resourceWebapp,
                  "loginevents.following_error_occurred_during_login",
                  messageMap,
                  UtilHttp.getLocale(request));
          request.setAttribute("_ERROR_MESSAGE_", errMsg);
        } catch (Exception e) {
          Debug.logError(e, "Error calling checkLogin service", module);
          Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
          String errMsg =
              UtilProperties.getMessage(
                  resourceWebapp,
                  "loginevents.following_error_occurred_during_login",
                  messageMap,
                  UtilHttp.getLocale(request));
          request.setAttribute("_ERROR_MESSAGE_", errMsg);
        }
      }

      if (!hasBasePermission(userLogin, request)
          || isFlaggedLoggedOut(userLogin)
          || hasLdapLoggedOut) {
        Debug.logInfo("User does not have permission or is flagged as logged out", module);
        doBasicLogout(userLogin, request, response);
        userLogin = null;
      }
    }

    if (userLogin == null) {
      return login(request, response);
    }

    return "success";
  }
  protected static Element getRootElement(HttpServletRequest request) {
    if (Debug.infoOn()) {
      Debug.log("Applet config file: " + ldapConfig);
    }
    File configFile = new File(ldapConfig);
    FileInputStream configFileIS = null;
    Element rootElement = null;
    try {
      configFileIS = new FileInputStream(configFile);
      Document configDoc =
          UtilXml.readXmlDocument(configFileIS, "LDAP configuration file " + ldapConfig);
      rootElement = configDoc.getDocumentElement();
    } catch (FileNotFoundException e) {
      Debug.logError(e, "Error calling userLogin service", module);
      Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
      String errMsg =
          UtilProperties.getMessage(
              resourceWebapp,
              "loginevents.following_error_occurred_during_login",
              messageMap,
              UtilHttp.getLocale(request));
      request.setAttribute("_ERROR_MESSAGE_", errMsg);
    } catch (SAXException e) {
      Debug.logError(e, "Error calling userLogin service", module);
      Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
      String errMsg =
          UtilProperties.getMessage(
              resourceWebapp,
              "loginevents.following_error_occurred_during_login",
              messageMap,
              UtilHttp.getLocale(request));
      request.setAttribute("_ERROR_MESSAGE_", errMsg);
    } catch (ParserConfigurationException e) {
      Debug.logError(e, "Error calling userLogin service", module);
      Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
      String errMsg =
          UtilProperties.getMessage(
              resourceWebapp,
              "loginevents.following_error_occurred_during_login",
              messageMap,
              UtilHttp.getLocale(request));
      request.setAttribute("_ERROR_MESSAGE_", errMsg);
    } catch (IOException e) {
      Debug.logError(e, "Error calling userLogin service", module);
      Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
      String errMsg =
          UtilProperties.getMessage(
              resourceWebapp,
              "loginevents.following_error_occurred_during_login",
              messageMap,
              UtilHttp.getLocale(request));
      request.setAttribute("_ERROR_MESSAGE_", errMsg);
    } finally {
      if (configFileIS != null) {
        try {
          configFileIS.close();
        } catch (IOException e) {
        }
      }
    }

    return rootElement;
  }
  /**
   * An HTTP WebEvent handler that logs out a userLogin by clearing the session.
   *
   * @param request The HTTP request object for the current request.
   * @param response The HTTP response object for the current request.
   * @return Return a boolean which specifies whether or not the calling request should generate its
   *     own content. This allows an event to override the default content.
   */
  public static String logout(HttpServletRequest request, HttpServletResponse response) {
    // run the before-logout events
    RequestHandler rh = RequestHandler.getRequestHandler(request.getSession().getServletContext());
    rh.runBeforeLogoutEvents(request, response);

    // invalidate the security group list cache
    GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");

    doBasicLogout(userLogin, request, response);

    Element rootElement = getRootElement(request);

    String result = "error";
    if (rootElement != null) {
      String className =
          UtilXml.childElementValue(
              rootElement,
              "AuthenticationHandler",
              "org.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler");
      try {
        Class<?> handlerClass = Class.forName(className);
        InterfaceOFBizAuthenticationHandler authenticationHandler =
            (InterfaceOFBizAuthenticationHandler) handlerClass.newInstance();
        result = authenticationHandler.logout(request, response, rootElement);
      } catch (ClassNotFoundException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (InstantiationException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (IllegalAccessException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (Exception e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      }
    }

    if (request.getAttribute("_AUTO_LOGIN_LOGOUT_") == null) {
      return autoLoginCheck(request, response);
    }
    return result;
  }
  /**
   * An HTTP WebEvent handler that logs in a userLogin. This should run before the security check.
   *
   * @param request The HTTP request object for the current JSP or Servlet request.
   * @param response The HTTP response object for the current JSP or Servlet request.
   * @return Return a boolean which specifies whether or not the calling Servlet or JSP should
   *     generate its own content. This allows an event to override the default content.
   */
  public static String login(HttpServletRequest request, HttpServletResponse response) {

    Element rootElement = getRootElement(request);
    String result = "error";
    if (rootElement != null) {
      String className =
          UtilXml.childElementValue(
              rootElement,
              "AuthenticationHandler",
              "org.ofbiz.ldap.openldap.OFBizLdapAuthenticationHandler");
      try {
        Class<?> handlerClass = Class.forName(className);
        InterfaceOFBizAuthenticationHandler authenticationHandler =
            (InterfaceOFBizAuthenticationHandler) handlerClass.newInstance();
        result = authenticationHandler.login(request, response, rootElement);
      } catch (ClassNotFoundException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (InstantiationException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (IllegalAccessException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (NamingException e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      } catch (Exception e) {
        Debug.logError(e, "Error calling userLogin service", module);
        Map<String, String> messageMap = UtilMisc.toMap("errorMessage", e.getMessage());
        String errMsg =
            UtilProperties.getMessage(
                resourceWebapp,
                "loginevents.following_error_occurred_during_login",
                messageMap,
                UtilHttp.getLocale(request));
        request.setAttribute("_ERROR_MESSAGE_", errMsg);
      }
    }

    if (result.equals("error")) {
      boolean useOFBizLoginWhenFail =
          Boolean.getBoolean(
              UtilXml.childElementValue(rootElement, "UseOFBizLoginWhenLDAPFail", "false"));
      if (useOFBizLoginWhenFail) {
        return LoginWorker.login(request, response);
      }
    }
    return result;
  }