Beta version

4 years ago · 0edbd88e8f
parent 3d8c926ccc
commit 0edbd88e8f
15 changed files with 97 additions and 54 deletions
--- a/.classpath
+++ b/.classpath
@ -13,9 +13,9 @@
 	</classpathentry>
 	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
 		<attributes>
-			<attribute name="test" value="true"/>
 			<attribute name="optional" value="true"/>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
@ -24,18 +24,16 @@
 			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
 		<attributes>
-			<attribute name="test" value="true"/>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry combineaccessrules="false" kind="src" path="/oidc-library"/>
-	<classpathentry combineaccessrules="false" kind="src" path="/oidc-library-portal"/>
 	<classpathentry kind="output" path="target/classes"/>
 </classpath>
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1 @@
 target
-bin/*
--- a/.project
+++ b/.project
@ -3,8 +3,6 @@
 	<name>oidc-enrollment-hook</name>
 	<comment></comment>
 	<projects>
-		<project>oidc-library</project>
-		<project>oidc-library-portal</project>
 	</projects>
 	<buildSpec>
 		<buildCommand>
--- a/.settings/org.eclipse.m2e.wtp.prefs
+++ b/.settings/org.eclipse.m2e.wtp.prefs
@ -1,2 +0,0 @@
-eclipse.preferences.version=1
-org.eclipse.m2e.wtp.enabledProjectSpecificPrefs=false
--- a/.settings/org.eclipse.wst.common.component
+++ b/.settings/org.eclipse.wst.common.component
@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
-    <wb-module deploy-name="oidc-enrollment-hook">
+    <wb-module deploy-name="oidc-portal-enrollment-hook">
        <wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/>
        <wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
-        <property name="java-output-path" value="/target/classes"/>
-        <property name="context-root" value="oidc-enrollment-hook"/>
-        <property name="component.exclusion.patterns" value="WEB-INF/lib/oidc-library*.jar"/>
+        <property name="java-output-path" value="/oidc-portal-enrollment/target/classes"/>
+        <property name="context-root" value="oidc-portal-enrollment"/>
+        <property name="component.exclusion.patterns" value="WEB-INF/lib/*.jar"/>
    </wb-module>
 </project-modules>
--- a/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ b/.settings/org.eclipse.wst.common.project.facet.core.xml
@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <faceted-project>
  <fixed facet="wst.jsdt.web"/>
-  <installed facet="liferay.hook" version="6.0"/>
  <installed facet="wst.jsdt.web" version="1.0"/>
+  <installed facet="liferay.hook" version="6.0"/>
  <installed facet="java" version="1.8"/>
  <installed facet="jst.web" version="2.5"/>
  <installed facet="jst.jaxrs" version="2.1"/>
--- a/pom.xml
+++ b/pom.xml
@ -74,6 +74,12 @@
 			<artifactId>oidc-library</artifactId>
 			<version>[0.1.0,)</version>
 			<scope>compile</scope>
+			<exclusions>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-jdk15on</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>com.liferay.portal</groupId>
@ -104,12 +110,9 @@
 				<version>${liferay.maven.plugin.version}</version>
 				<configuration>
 					<autoDeployDir>${liferay.auto.deploy.dir}</autoDeployDir>
-					<appServerDeployDir>${liferay.app.server.deploy.dir}
-					</appServerDeployDir>
-					<appServerLibGlobalDir>${liferay.app.server.lib.global.dir}
-					</appServerLibGlobalDir>
-					<appServerPortalDir>${liferay.app.server.portal.dir}
-					</appServerPortalDir>
+					<appServerDeployDir>${liferay.app.server.deploy.dir}</appServerDeployDir>
+					<appServerLibGlobalDir>${liferay.app.server.lib.global.dir}</appServerLibGlobalDir>
+					<appServerPortalDir>${liferay.app.server.portal.dir}</appServerPortalDir>
 					<liferayVersion>${liferay.version}</liferayVersion>
 					<pluginType>hook</pluginType>
 				</configuration>
@ -122,12 +125,20 @@
 					<target>${maven.compiler.target}</target>
 				</configuration>
 			</plugin>
+			<plugin>
+				<artifactId>maven-resources-plugin</artifactId>
+				<version>2.5</version>
+				<configuration>
+					<encoding>UTF-8</encoding>
+				</configuration>
+			</plugin>
 			<plugin>
 				<artifactId>maven-war-plugin</artifactId>
+				<version>2.5</version>
 				<configuration>
-					<packagingExcludes>WEB-INF/lib/oidc-library*.jar</packagingExcludes>
+					<packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
 				</configuration>
 			</plugin>
 		</plugins>
 	</build>
-</project>
+</project>
--- a/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java
+++ b/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java
@ -29,13 +29,15 @@ public class OpenIdConnectAutoLogin extends BaseAutoLogin {

    @Override
    public String[] doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
-        JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
+        if (log.isTraceEnabled() && request.getSession(false) != null) {
+            log.trace("Session details: id=" + request.getSession(false).getId() + ", instance="
+                    + request.getSession(false));
+        }
+        JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
        if (token == null) {
+            log.error("OIDC token is null, Can0t perform auto login");
            return null;
        }
-        if (log.isTraceEnabled()) {
-            log.trace("Token's access token part is: " + token.getAccessTokenString());
-        }
        LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
        long companyId = PortalUtil.getCompanyId(request);
        long groupId = PortalUtil.getScopeGroupId(request);
--- a/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java
+++ b/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java
@ -34,14 +34,16 @@ public class OpenIdConnectLoginFilter extends BaseFilter {

        User user;
        try {
+            if (log.isDebugEnabled()) {
+                log.debug("Getting user via portal utils");
+            }
            user = PortalUtil.getUser(request);
        } catch (PortalException | SystemException e) {
-            throw new ServletException("Getting user using utls", e);
+            throw new ServletException("Getting user using utils", e);
        }
-        HttpSession session = null;
+        HttpSession session = request.getSession(false);
        JWTToken token = null;
        if (user == null) {
-            session = request.getSession(false);
            String uri = request.getRequestURI();
            if (log.isDebugEnabled()) {
                log.debug("No user logged in " + uri);
@ -56,16 +58,16 @@ public class OpenIdConnectLoginFilter extends BaseFilter {
                } catch (Exception e) {
                    throw new ServletException("Querying token from OIDC server", e);
                }
-                request.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
-                // The Autologin class will perform the auto-login with the token
+                JWTTokenUtil.putOIDCInRequest(token, request);
+                // The auto login class will perform the portal auto login using the token
            } else {
-                String redirectKeycloakURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
+                String oidcRedirectURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
                        configuration.getClientId(), sessionId, request.getRequestURL().toString());

                if (log.isDebugEnabled()) {
-                    log.debug("Redirecting to Keycloak login URL: " + redirectKeycloakURL);
+                    log.debug("Redirecting to OIDC server login URL: " + oidcRedirectURL);
                }
-                response.sendRedirect(redirectKeycloakURL);
+                response.sendRedirect(oidcRedirectURL);
                return;
            }
        }
--- a/src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java
@ -8,22 +8,33 @@ import com.liferay.portal.kernel.events.Action;
 import com.liferay.portal.kernel.events.ActionException;
 import com.liferay.portal.kernel.log.Log;
 import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
 import com.nubisware.oidc.rest.JWTToken;

 public class PostLoginAction extends Action {

-	protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);
+    protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);

    @Override
    public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
        if (log.isInfoEnabled()) {
            log.info("PostLoginAction invoked");
        }
-        JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
-        HttpSession session = request.getSession(false);
+        JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
+        HttpSession session = request.getSession();
        if (token != null && session != null) {
-            log.info("Setting OIDC token in session with id: " + session.getId());
-            session.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
+            if (log.isTraceEnabled()) {
+                log.trace("Session details: id=" + session.getId() + ", instance=" + session);
+            }
+            User user = (User) session.getAttribute("USER");
+            if (user != null) {
+                log.info("Setting OIDC token in proxy");
+                OIDCTokenProxy.getInstance().setOIDCToken(user, session, token);
+            } else {
+                log.error("User object not found in session");
+            }
+            log.info("Setting OIDC token in session");
+            JWTTokenUtil.putOIDCInSession(token, session);
        }
    }

--- a/src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java
@ -14,9 +14,10 @@ public class PreLoginAction extends Action {

    @Override
    public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
-        if (log.isDebugEnabled()) {
-            log.debug("PreLoginAction invoked");
+        if (log.isTraceEnabled()) {
+            log.trace("PreLoginAction invoked");
        }
+        // Noting to do at the moment
    }

 }
--- a/src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java
@ -13,8 +13,8 @@ public class SessionCreateAction extends SessionAction {

 	@Override
 	public void run(HttpSession session) throws ActionException {
-		if (log.isDebugEnabled()) {
-			log.debug("Session created");
+		if (log.isTraceEnabled()) {
+			log.trace("Session created. Details: id=" + session.getId() + ", instance=" + session);
 		}
 		// Noting to do at the moment
 	}
--- a/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java
@ -8,6 +8,7 @@ import com.liferay.portal.kernel.events.ActionException;
 import com.liferay.portal.kernel.events.SessionAction;
 import com.liferay.portal.kernel.log.Log;
 import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
 import com.nubisware.oidc.rest.JWTToken;
 import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;

@ -17,14 +18,16 @@ public class SessionDestroyAction extends SessionAction {

 	@Override
 	public void run(HttpSession session) throws ActionException {
-	    if (log.isTraceEnabled()) {
-	        log.trace("Session id is: " + session.getId());
-	    }
+        if (log.isTraceEnabled()) {
+            log.trace("Session details: id=" + session.getId() + ", instance=" + session);
+        }
 		LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
 		if (configuration.logoutOnPortalLogout()) {
-			JWTToken token = JWTToken.fromString((String) session.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
+			JWTToken token = JWTTokenUtil.getOIDCFromSession(session);
 			if (token != null) {
-				log.debug("Performing logout on OIDC server due to session destroy");
+			    if (log.isDebugEnabled()) {
+			        log.debug("Performing logout on OIDC server due to session destroy");
+			    }
 				try {
 					OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId());
 				} catch (IOException e) {
@ -34,8 +37,16 @@ public class SessionDestroyAction extends SessionAction {
 				log.error("Cannot find the OIDC token in session");
 			}
 		} else {
-			log.debug("Don't performing OIDC logout according to configuration");
+		    if (log.isDebugEnabled()) {
+		        log.debug("Don't performing OIDC logout according to configuration");
+		    }
 		}
+		if (log.isDebugEnabled()) {
+		    log.debug("Removing OIDC tokens from cache proxy");
+		}
+		User user = (User) session.getAttribute("USER");
+		OIDCTokenProxy.getInstance().removeOIDCToken(user, session);
+		OIDCTokenProxy.getInstance().removeUMAToken(user, session);
 	}

 }
--- a/src/main/resources/portal.properties
+++ b/src/main/resources/portal.properties
@ -1,10 +1,9 @@
 servlet.session.create.events=com.nubisware.oidc.lr62.SessionCreateAction
-login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
+#login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
 auto.login.hooks=com.nubisware.oidc.lr62.OpenIdConnectAutoLogin
 login.events.post=com.nubisware.oidc.lr62.PostLoginAction
 servlet.session.destroy.events=com.nubisware.oidc.lr62.SessionDestroyAction

-session.shared.attributes=USER_

 company.login.prepopulate.domain=false
 d4science.oidc-authorization=https://nubis2.int.d4science.net/auth/realms/d4science/protocol/openid-connect/auth
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@ -2,4 +2,17 @@
 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns="http://java.sun.com/xml/ns/javaee"
 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
-	id="WebApp_ID" version="2.5" />
+	id="WebApp_ID" version="2.5">
+
+<!-- 	<filter> -->
+<!-- 		<filter-name>OpenIdConnectLoginFilter</filter-name> -->
+<!-- 		<filter-class>com.nubisware.oidc.lr62.OpenIdConnectLoginFilter</filter-class> -->
+<!-- 	</filter> -->
+<!-- 	<filter-mapping> -->
+<!-- 		<filter-name>OpenIdConnectLoginFilter</filter-name> -->
+<!-- 		<url-pattern>/c/portal/login</url-pattern> -->
+<!-- 		<dispatcher>REQUEST</dispatcher> -->
+<!-- 		<dispatcher>FORWARD</dispatcher> -->
+<!-- 	</filter-mapping> -->
+
+</web-app>