diff --git a/.classpath b/.classpath
index 34de4b4..2a12dda 100644
--- a/.classpath
+++ b/.classpath
@@ -13,9 +13,9 @@
-
+
@@ -24,18 +24,16 @@
+
+
+
+
+
+
-
-
-
-
-
-
-
-
diff --git a/.gitignore b/.gitignore
index 330d718..eb5a316 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
target
-bin/*
diff --git a/.project b/.project
index 475a6b1..d2e4447 100644
--- a/.project
+++ b/.project
@@ -3,8 +3,6 @@
oidc-enrollment-hook
- oidc-library
- oidc-library-portal
diff --git a/.settings/org.eclipse.m2e.wtp.prefs b/.settings/org.eclipse.m2e.wtp.prefs
deleted file mode 100644
index ef86089..0000000
--- a/.settings/org.eclipse.m2e.wtp.prefs
+++ /dev/null
@@ -1,2 +0,0 @@
-eclipse.preferences.version=1
-org.eclipse.m2e.wtp.enabledProjectSpecificPrefs=false
diff --git a/.settings/org.eclipse.wst.common.component b/.settings/org.eclipse.wst.common.component
index 8838a95..4ac217a 100644
--- a/.settings/org.eclipse.wst.common.component
+++ b/.settings/org.eclipse.wst.common.component
@@ -1,11 +1,11 @@
-
+
-
-
-
+
+
+
diff --git a/.settings/org.eclipse.wst.common.project.facet.core.xml b/.settings/org.eclipse.wst.common.project.facet.core.xml
index aac0919..7e9f3cf 100644
--- a/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ b/.settings/org.eclipse.wst.common.project.facet.core.xml
@@ -1,8 +1,8 @@
-
+
diff --git a/pom.xml b/pom.xml
index b440baf..d9e4ebc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -74,6 +74,12 @@
oidc-library
[0.1.0,)
compile
+
+
+ org.bouncycastle
+ bcprov-jdk15on
+
+
com.liferay.portal
@@ -104,12 +110,9 @@
${liferay.maven.plugin.version}
${liferay.auto.deploy.dir}
- ${liferay.app.server.deploy.dir}
-
- ${liferay.app.server.lib.global.dir}
-
- ${liferay.app.server.portal.dir}
-
+ ${liferay.app.server.deploy.dir}
+ ${liferay.app.server.lib.global.dir}
+ ${liferay.app.server.portal.dir}
${liferay.version}
hook
@@ -123,11 +126,19 @@
- maven-war-plugin
+ maven-resources-plugin
+ 2.5
- WEB-INF/lib/oidc-library*.jar
+ UTF-8
+
+
+
+ maven-war-plugin
+ 2.5
+
+ WEB-INF/lib/*.jar
-
\ No newline at end of file
+
diff --git a/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java b/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java
index 8730007..1bc31d8 100644
--- a/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java
+++ b/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectAutoLogin.java
@@ -29,12 +29,14 @@ public class OpenIdConnectAutoLogin extends BaseAutoLogin {
@Override
public String[] doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
- JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
- if (token == null) {
- return null;
+ if (log.isTraceEnabled() && request.getSession(false) != null) {
+ log.trace("Session details: id=" + request.getSession(false).getId() + ", instance="
+ + request.getSession(false));
}
- if (log.isTraceEnabled()) {
- log.trace("Token's access token part is: " + token.getAccessTokenString());
+ JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
+ if (token == null) {
+ log.error("OIDC token is null, Can0t perform auto login");
+ return null;
}
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
long companyId = PortalUtil.getCompanyId(request);
diff --git a/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java b/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java
index af95c52..44ac4f5 100644
--- a/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java
+++ b/src/main/java/com/nubisware/oidc/lr62/OpenIdConnectLoginFilter.java
@@ -34,14 +34,16 @@ public class OpenIdConnectLoginFilter extends BaseFilter {
User user;
try {
+ if (log.isDebugEnabled()) {
+ log.debug("Getting user via portal utils");
+ }
user = PortalUtil.getUser(request);
} catch (PortalException | SystemException e) {
- throw new ServletException("Getting user using utls", e);
+ throw new ServletException("Getting user using utils", e);
}
- HttpSession session = null;
+ HttpSession session = request.getSession(false);
JWTToken token = null;
if (user == null) {
- session = request.getSession(false);
String uri = request.getRequestURI();
if (log.isDebugEnabled()) {
log.debug("No user logged in " + uri);
@@ -56,16 +58,16 @@ public class OpenIdConnectLoginFilter extends BaseFilter {
} catch (Exception e) {
throw new ServletException("Querying token from OIDC server", e);
}
- request.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
- // The Autologin class will perform the auto-login with the token
+ JWTTokenUtil.putOIDCInRequest(token, request);
+ // The auto login class will perform the portal auto login using the token
} else {
- String redirectKeycloakURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
+ String oidcRedirectURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
configuration.getClientId(), sessionId, request.getRequestURL().toString());
if (log.isDebugEnabled()) {
- log.debug("Redirecting to Keycloak login URL: " + redirectKeycloakURL);
+ log.debug("Redirecting to OIDC server login URL: " + oidcRedirectURL);
}
- response.sendRedirect(redirectKeycloakURL);
+ response.sendRedirect(oidcRedirectURL);
return;
}
}
diff --git a/src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java b/src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java
index fac0afa..7165a86 100644
--- a/src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/PostLoginAction.java
@@ -8,22 +8,33 @@ import com.liferay.portal.kernel.events.Action;
import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
import com.nubisware.oidc.rest.JWTToken;
public class PostLoginAction extends Action {
- protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);
+ protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);
@Override
public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
if (log.isInfoEnabled()) {
log.info("PostLoginAction invoked");
}
- JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
- HttpSession session = request.getSession(false);
+ JWTToken token = JWTTokenUtil.getOIDCFromRequest(request);
+ HttpSession session = request.getSession();
if (token != null && session != null) {
- log.info("Setting OIDC token in session with id: " + session.getId());
- session.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
+ if (log.isTraceEnabled()) {
+ log.trace("Session details: id=" + session.getId() + ", instance=" + session);
+ }
+ User user = (User) session.getAttribute("USER");
+ if (user != null) {
+ log.info("Setting OIDC token in proxy");
+ OIDCTokenProxy.getInstance().setOIDCToken(user, session, token);
+ } else {
+ log.error("User object not found in session");
+ }
+ log.info("Setting OIDC token in session");
+ JWTTokenUtil.putOIDCInSession(token, session);
}
}
diff --git a/src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java b/src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java
index 9d2be4b..7efa349 100644
--- a/src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/PreLoginAction.java
@@ -14,9 +14,10 @@ public class PreLoginAction extends Action {
@Override
public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
- if (log.isDebugEnabled()) {
- log.debug("PreLoginAction invoked");
+ if (log.isTraceEnabled()) {
+ log.trace("PreLoginAction invoked");
}
+ // Noting to do at the moment
}
}
diff --git a/src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java b/src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java
index 4699b9d..10d9df9 100644
--- a/src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/SessionCreateAction.java
@@ -13,8 +13,8 @@ public class SessionCreateAction extends SessionAction {
@Override
public void run(HttpSession session) throws ActionException {
- if (log.isDebugEnabled()) {
- log.debug("Session created");
+ if (log.isTraceEnabled()) {
+ log.trace("Session created. Details: id=" + session.getId() + ", instance=" + session);
}
// Noting to do at the moment
}
diff --git a/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java b/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java
index b73f297..d084185 100644
--- a/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java
+++ b/src/main/java/com/nubisware/oidc/lr62/SessionDestroyAction.java
@@ -8,6 +8,7 @@ import com.liferay.portal.kernel.events.ActionException;
import com.liferay.portal.kernel.events.SessionAction;
import com.liferay.portal.kernel.log.Log;
import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
import com.nubisware.oidc.rest.JWTToken;
import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;
@@ -17,14 +18,16 @@ public class SessionDestroyAction extends SessionAction {
@Override
public void run(HttpSession session) throws ActionException {
- if (log.isTraceEnabled()) {
- log.trace("Session id is: " + session.getId());
- }
+ if (log.isTraceEnabled()) {
+ log.trace("Session details: id=" + session.getId() + ", instance=" + session);
+ }
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
if (configuration.logoutOnPortalLogout()) {
- JWTToken token = JWTToken.fromString((String) session.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
+ JWTToken token = JWTTokenUtil.getOIDCFromSession(session);
if (token != null) {
- log.debug("Performing logout on OIDC server due to session destroy");
+ if (log.isDebugEnabled()) {
+ log.debug("Performing logout on OIDC server due to session destroy");
+ }
try {
OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId());
} catch (IOException e) {
@@ -34,8 +37,16 @@ public class SessionDestroyAction extends SessionAction {
log.error("Cannot find the OIDC token in session");
}
} else {
- log.debug("Don't performing OIDC logout according to configuration");
+ if (log.isDebugEnabled()) {
+ log.debug("Don't performing OIDC logout according to configuration");
+ }
}
+ if (log.isDebugEnabled()) {
+ log.debug("Removing OIDC tokens from cache proxy");
+ }
+ User user = (User) session.getAttribute("USER");
+ OIDCTokenProxy.getInstance().removeOIDCToken(user, session);
+ OIDCTokenProxy.getInstance().removeUMAToken(user, session);
}
}
diff --git a/src/main/resources/portal.properties b/src/main/resources/portal.properties
index f0d253b..04e4619 100644
--- a/src/main/resources/portal.properties
+++ b/src/main/resources/portal.properties
@@ -1,10 +1,9 @@
servlet.session.create.events=com.nubisware.oidc.lr62.SessionCreateAction
-login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
+#login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
auto.login.hooks=com.nubisware.oidc.lr62.OpenIdConnectAutoLogin
login.events.post=com.nubisware.oidc.lr62.PostLoginAction
servlet.session.destroy.events=com.nubisware.oidc.lr62.SessionDestroyAction
-session.shared.attributes=USER_
company.login.prepopulate.domain=false
d4science.oidc-authorization=https://nubis2.int.d4science.net/auth/realms/d4science/protocol/openid-connect/auth
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
index 387d66f..4a99ac8 100644
--- a/src/main/webapp/WEB-INF/web.xml
+++ b/src/main/webapp/WEB-INF/web.xml
@@ -2,4 +2,17 @@
\ No newline at end of file
+ id="WebApp_ID" version="2.5">
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file