Beta version

.classpath

@@ -13,9 +13,9 @@
 	</classpathentry>
 	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
 		<attributes>
-			<attribute name="test" value="true"/>
 			<attribute name="optional" value="true"/>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
@@ -24,18 +24,16 @@
 			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
 		</attributes>
 	</classpathentry>
+	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
+		<attributes>
+			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="test" value="true"/>
+		</attributes>
+	</classpathentry>
 	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
 		</attributes>
 	</classpathentry>
-	<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
-		<attributes>
-			<attribute name="test" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry combineaccessrules="false" kind="src" path="/oidc-library"/>
-	<classpathentry combineaccessrules="false" kind="src" path="/oidc-library-portal"/>
 	<classpathentry kind="output" path="target/classes"/>
 </classpath>

.gitignore

@@ -1,2 +1 @@
 target
-bin/*

.project

@@ -3,8 +3,6 @@
 	<name>oidc-enrollment-hook</name>
 	<comment></comment>
 	<projects>
-		<project>oidc-library</project>
-		<project>oidc-library-portal</project>
 	</projects>
 	<buildSpec>
 		<buildCommand>

.settings/org.eclipse.m2e.wtp.prefs

@@ -1,2 +0,0 @@
-eclipse.preferences.version=1
-org.eclipse.m2e.wtp.enabledProjectSpecificPrefs=false

.settings/org.eclipse.wst.common.component

@@ -1,11 +1,11 @@
 <?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
-    <wb-module deploy-name="oidc-enrollment-hook">
+    <wb-module deploy-name="oidc-portal-enrollment-hook">
         <wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/>
         <wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
         <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
         <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
-        <property name="java-output-path" value="/target/classes"/>
-        <property name="context-root" value="oidc-enrollment-hook"/>
-        <property name="component.exclusion.patterns" value="WEB-INF/lib/oidc-library*.jar"/>
+        <property name="java-output-path" value="/oidc-portal-enrollment/target/classes"/>
+        <property name="context-root" value="oidc-portal-enrollment"/>
+        <property name="component.exclusion.patterns" value="WEB-INF/lib/*.jar"/>
     </wb-module>
 </project-modules>

.settings/org.eclipse.wst.common.project.facet.core.xml

@@ -1,8 +1,8 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <faceted-project>
   <fixed facet="wst.jsdt.web"/>
-  <installed facet="liferay.hook" version="6.0"/>
   <installed facet="wst.jsdt.web" version="1.0"/>
+  <installed facet="liferay.hook" version="6.0"/>
   <installed facet="java" version="1.8"/>
   <installed facet="jst.web" version="2.5"/>
   <installed facet="jst.jaxrs" version="2.1"/>

pom.xml

@@ -74,6 +74,12 @@
 			<artifactId>oidc-library</artifactId>
 			<version>[0.1.0,)</version>
 			<scope>compile</scope>
+			<exclusions>
+				<exclusion>
+					<groupId>org.bouncycastle</groupId>
+					<artifactId>bcprov-jdk15on</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>com.liferay.portal</groupId>
@@ -104,12 +110,9 @@
 				<version>${liferay.maven.plugin.version}</version>
 				<configuration>
 					<autoDeployDir>${liferay.auto.deploy.dir}</autoDeployDir>
-					<appServerDeployDir>${liferay.app.server.deploy.dir}
-					</appServerDeployDir>
-					<appServerLibGlobalDir>${liferay.app.server.lib.global.dir}
-					</appServerLibGlobalDir>
-					<appServerPortalDir>${liferay.app.server.portal.dir}
-					</appServerPortalDir>
+					<appServerDeployDir>${liferay.app.server.deploy.dir}</appServerDeployDir>
+					<appServerLibGlobalDir>${liferay.app.server.lib.global.dir}</appServerLibGlobalDir>
+					<appServerPortalDir>${liferay.app.server.portal.dir}</appServerPortalDir>
 					<liferayVersion>${liferay.version}</liferayVersion>
 					<pluginType>hook</pluginType>
 				</configuration>
@@ -123,11 +126,19 @@
 				</configuration>
 			</plugin>
 			<plugin>
-				<artifactId>maven-war-plugin</artifactId>
+				<artifactId>maven-resources-plugin</artifactId>
+				<version>2.5</version>
 				<configuration>
-					<packagingExcludes>WEB-INF/lib/oidc-library*.jar</packagingExcludes>
+					<encoding>UTF-8</encoding>
+				</configuration>
+			</plugin>
+			<plugin>
+				<artifactId>maven-war-plugin</artifactId>
+				<version>2.5</version>
+				<configuration>
+					<packagingExcludes>WEB-INF/lib/*.jar</packagingExcludes>
 				</configuration>
 			</plugin>
 		</plugins>
 	</build>
-</project>
+</project>

src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java

@@ -29,12 +29,14 @@ public class OpenIdConnectAutoLogin extends BaseAutoLogin {
 
     @Override
     public String[] doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
-        JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
-        if (token == null) {
-            return null;
+        if (log.isTraceEnabled() && request.getSession(false) != null) {
+            log.trace("Session details: id=" + request.getSession(false).getId() + ", instance="
+                    + request.getSession(false));
         }
-        if (log.isTraceEnabled()) {
-            log.trace("Token's access token part is: " + token.getAccessTokenString());
+        JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
+        if (token == null) {
+            log.error("OIDC token is null, Can0t perform auto login");
+            return null;
         }
         LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
         long companyId = PortalUtil.getCompanyId(request);

src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java

@@ -34,14 +34,16 @@ public class OpenIdConnectLoginFilter extends BaseFilter {
 
         User user;
         try {
+            if (log.isDebugEnabled()) {
+                log.debug("Getting user via portal utils");
+            }
             user = PortalUtil.getUser(request);
         } catch (PortalException | SystemException e) {
-            throw new ServletException("Getting user using utls", e);
+            throw new ServletException("Getting user using utils", e);
         }
-        HttpSession session = null;
+        HttpSession session = request.getSession(false);
         JWTToken token = null;
         if (user == null) {
-            session = request.getSession(false);
             String uri = request.getRequestURI();
             if (log.isDebugEnabled()) {
                 log.debug("No user logged in " + uri);
@@ -56,16 +58,16 @@ public class OpenIdConnectLoginFilter extends BaseFilter {
                 } catch (Exception e) {
                     throw new ServletException("Querying token from OIDC server", e);
                 }
-                request.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
-                // The Autologin class will perform the auto-login with the token
+                JWTTokenUtil.putOIDCInRequest(token, request);
+                // The auto login class will perform the portal auto login using the token
             } else {
-                String redirectKeycloakURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
+                String oidcRedirectURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
                         configuration.getClientId(), sessionId, request.getRequestURL().toString());
 
                 if (log.isDebugEnabled()) {
-                    log.debug("Redirecting to Keycloak login URL: " + redirectKeycloakURL);
+                    log.debug("Redirecting to OIDC server login URL: " + oidcRedirectURL);
                 }
-                response.sendRedirect(redirectKeycloakURL);
+                response.sendRedirect(oidcRedirectURL);
                 return;
             }
         }

src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java

@@ -8,22 +8,33 @@ import com.liferay.portal.kernel.events.Action;
 import com.liferay.portal.kernel.events.ActionException;
 import com.liferay.portal.kernel.log.Log;
 import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
 import com.nubisware.oidc.rest.JWTToken;
 
 public class PostLoginAction extends Action {
 
-	protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);
+    protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);
 
     @Override
     public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
         if (log.isInfoEnabled()) {
             log.info("PostLoginAction invoked");
         }
-        JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
-        HttpSession session = request.getSession(false);
+        JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
+        HttpSession session = request.getSession();
         if (token != null && session != null) {
-            log.info("Setting OIDC token in session with id: " + session.getId());
-            session.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
+            if (log.isTraceEnabled()) {
+                log.trace("Session details: id=" + session.getId() + ", instance=" + session);
+            }
+            User user = (User) session.getAttribute("USER");
+            if (user != null) {
+                log.info("Setting OIDC token in proxy");
+                OIDCTokenProxy.getInstance().setOIDCToken(user, session, token);
+            } else {
+                log.error("User object not found in session");
+            }
+            log.info("Setting OIDC token in session");
+            JWTTokenUtil.putOIDCInSession(token, session);
         }
     }
 

src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java

@@ -14,9 +14,10 @@ public class PreLoginAction extends Action {
 
     @Override
     public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
-        if (log.isDebugEnabled()) {
-            log.debug("PreLoginAction invoked");
+        if (log.isTraceEnabled()) {
+            log.trace("PreLoginAction invoked");
         }
+        // Noting to do at the moment
     }
 
 }

src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java

@@ -13,8 +13,8 @@ public class SessionCreateAction extends SessionAction {
 
 	@Override
 	public void run(HttpSession session) throws ActionException {
-		if (log.isDebugEnabled()) {
-			log.debug("Session created");
+		if (log.isTraceEnabled()) {
+			log.trace("Session created. Details: id=" + session.getId() + ", instance=" + session);
 		}
 		// Noting to do at the moment
 	}

src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java

@@ -8,6 +8,7 @@ import com.liferay.portal.kernel.events.ActionException;
 import com.liferay.portal.kernel.events.SessionAction;
 import com.liferay.portal.kernel.log.Log;
 import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
 import com.nubisware.oidc.rest.JWTToken;
 import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;
 
@@ -17,14 +18,16 @@ public class SessionDestroyAction extends SessionAction {
 
 	@Override
 	public void run(HttpSession session) throws ActionException {
-	    if (log.isTraceEnabled()) {
-	        log.trace("Session id is: " + session.getId());
-	    }
+        if (log.isTraceEnabled()) {
+            log.trace("Session details: id=" + session.getId() + ", instance=" + session);
+        }
 		LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
 		if (configuration.logoutOnPortalLogout()) {
-			JWTToken token = JWTToken.fromString((String) session.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
+			JWTToken token = JWTTokenUtil.getOIDCFromSession(session);
 			if (token != null) {
-				log.debug("Performing logout on OIDC server due to session destroy");
+			    if (log.isDebugEnabled()) {
+			        log.debug("Performing logout on OIDC server due to session destroy");
+			    }
 				try {
 					OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId());
 				} catch (IOException e) {
@@ -34,8 +37,16 @@ public class SessionDestroyAction extends SessionAction {
 				log.error("Cannot find the OIDC token in session");
 			}
 		} else {
-			log.debug("Don't performing OIDC logout according to configuration");
+		    if (log.isDebugEnabled()) {
+		        log.debug("Don't performing OIDC logout according to configuration");
+		    }
 		}
+		if (log.isDebugEnabled()) {
+		    log.debug("Removing OIDC tokens from cache proxy");
+		}
+		User user = (User) session.getAttribute("USER");
+		OIDCTokenProxy.getInstance().removeOIDCToken(user, session);
+		OIDCTokenProxy.getInstance().removeUMAToken(user, session);
 	}
 
 }

src/main/resources/portal.properties

@@ -1,10 +1,9 @@
 servlet.session.create.events=com.nubisware.oidc.lr62.SessionCreateAction
-login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
+#login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
 auto.login.hooks=com.nubisware.oidc.lr62.OpenIdConnectAutoLogin
 login.events.post=com.nubisware.oidc.lr62.PostLoginAction
 servlet.session.destroy.events=com.nubisware.oidc.lr62.SessionDestroyAction
 
-session.shared.attributes=USER_
 
 company.login.prepopulate.domain=false
 d4science.oidc-authorization=https://nubis2.int.d4science.net/auth/realms/d4science/protocol/openid-connect/auth

src/main/webapp/WEB-INF/web.xml

@@ -2,4 +2,17 @@
 <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
 	xmlns="http://java.sun.com/xml/ns/javaee"
 	xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
-	id="WebApp_ID" version="2.5" />
+	id="WebApp_ID" version="2.5">
+
+<!-- 	<filter> -->
+<!-- 		<filter-name>OpenIdConnectLoginFilter</filter-name> -->
+<!-- 		<filter-class>com.nubisware.oidc.lr62.OpenIdConnectLoginFilter</filter-class> -->
+<!-- 	</filter> -->
+<!-- 	<filter-mapping> -->
+<!-- 		<filter-name>OpenIdConnectLoginFilter</filter-name> -->
+<!-- 		<url-pattern>/c/portal/login</url-pattern> -->
+<!-- 		<dispatcher>REQUEST</dispatcher> -->
+<!-- 		<dispatcher>FORWARD</dispatcher> -->
+<!-- 	</filter-mapping> -->
+
+</web-app>