Intial GIT commit
This commit is contained in:
commit
3d8c926ccc
|
@ -0,0 +1,41 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" output="target/classes" path="src/main/java">
|
||||
<attributes>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry excluding="**" kind="src" output="target/classes" path="src/main/resources">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="src" output="target/test-classes" path="src/test/java">
|
||||
<attributes>
|
||||
<attribute name="test" value="true"/>
|
||||
<attribute name="optional" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/JavaSE-1.8">
|
||||
<attributes>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry excluding="**" kind="src" output="target/test-classes" path="src/test/resources">
|
||||
<attributes>
|
||||
<attribute name="test" value="true"/>
|
||||
<attribute name="maven.pomderived" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry combineaccessrules="false" kind="src" path="/oidc-library"/>
|
||||
<classpathentry combineaccessrules="false" kind="src" path="/oidc-library-portal"/>
|
||||
<classpathentry kind="output" path="target/classes"/>
|
||||
</classpath>
|
|
@ -0,0 +1,2 @@
|
|||
target
|
||||
bin/*
|
|
@ -0,0 +1,39 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<projectDescription>
|
||||
<name>oidc-enrollment-hook</name>
|
||||
<comment></comment>
|
||||
<projects>
|
||||
<project>oidc-library</project>
|
||||
<project>oidc-library-portal</project>
|
||||
</projects>
|
||||
<buildSpec>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.jdt.core.javabuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.common.project.facet.core.builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.wst.validation.validationbuilder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
<buildCommand>
|
||||
<name>org.eclipse.m2e.core.maven2Builder</name>
|
||||
<arguments>
|
||||
</arguments>
|
||||
</buildCommand>
|
||||
</buildSpec>
|
||||
<natures>
|
||||
<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
|
||||
<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
|
||||
<nature>org.eclipse.jdt.core.javanature</nature>
|
||||
<nature>org.eclipse.m2e.core.maven2Nature</nature>
|
||||
<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
|
||||
<nature>org.eclipse.wst.jsdt.core.jsNature</nature>
|
||||
</natures>
|
||||
</projectDescription>
|
|
@ -0,0 +1,13 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<classpath>
|
||||
<classpathentry kind="src" path="src/main/webapp"/>
|
||||
<classpathentry excluding="**/bower_components/*|**/node_modules/*|**/*.min.js" kind="src" path="target/m2e-wtp/web-resources"/>
|
||||
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
|
||||
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
|
||||
<attributes>
|
||||
<attribute name="hide" value="true"/>
|
||||
</attributes>
|
||||
</classpathentry>
|
||||
<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
|
||||
<classpathentry kind="output" path=""/>
|
||||
</classpath>
|
|
@ -0,0 +1,6 @@
|
|||
eclipse.preferences.version=1
|
||||
encoding//src/main/java=UTF-8
|
||||
encoding//src/main/resources=UTF-8
|
||||
encoding//src/test/java=UTF-8
|
||||
encoding//src/test/resources=UTF-8
|
||||
encoding/<project>=UTF-8
|
|
@ -0,0 +1,11 @@
|
|||
eclipse.preferences.version=1
|
||||
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
|
||||
org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.8
|
||||
org.eclipse.jdt.core.compiler.compliance=1.8
|
||||
org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.enablePreviewFeatures=disabled
|
||||
org.eclipse.jdt.core.compiler.problem.enumIdentifier=error
|
||||
org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning
|
||||
org.eclipse.jdt.core.compiler.problem.reportPreviewFeatures=ignore
|
||||
org.eclipse.jdt.core.compiler.release=disabled
|
||||
org.eclipse.jdt.core.compiler.source=1.8
|
|
@ -0,0 +1,4 @@
|
|||
activeProfiles=gcube-developer
|
||||
eclipse.preferences.version=1
|
||||
resolveWorkspaceProjects=true
|
||||
version=1
|
|
@ -0,0 +1,2 @@
|
|||
eclipse.preferences.version=1
|
||||
org.eclipse.m2e.wtp.enabledProjectSpecificPrefs=false
|
|
@ -0,0 +1,11 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">
|
||||
<wb-module deploy-name="oidc-enrollment-hook">
|
||||
<wb-resource deploy-path="/" source-path="/target/m2e-wtp/web-resources"/>
|
||||
<wb-resource deploy-path="/" source-path="/src/main/webapp" tag="defaultRootSource"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>
|
||||
<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
|
||||
<property name="java-output-path" value="/target/classes"/>
|
||||
<property name="context-root" value="oidc-enrollment-hook"/>
|
||||
<property name="component.exclusion.patterns" value="WEB-INF/lib/oidc-library*.jar"/>
|
||||
</wb-module>
|
||||
</project-modules>
|
|
@ -0,0 +1,7 @@
|
|||
<root>
|
||||
<facet id="jst.jaxrs">
|
||||
<node name="libprov">
|
||||
<attribute name="provider-id" value="jaxrs-no-op-library-provider"/>
|
||||
</node>
|
||||
</facet>
|
||||
</root>
|
|
@ -0,0 +1,9 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<faceted-project>
|
||||
<fixed facet="wst.jsdt.web"/>
|
||||
<installed facet="liferay.hook" version="6.0"/>
|
||||
<installed facet="wst.jsdt.web" version="1.0"/>
|
||||
<installed facet="java" version="1.8"/>
|
||||
<installed facet="jst.web" version="2.5"/>
|
||||
<installed facet="jst.jaxrs" version="2.1"/>
|
||||
</faceted-project>
|
|
@ -0,0 +1 @@
|
|||
org.eclipse.wst.jsdt.launching.baseBrowserLibrary
|
|
@ -0,0 +1 @@
|
|||
Window
|
|
@ -0,0 +1,2 @@
|
|||
disabled=06target
|
||||
eclipse.preferences.version=1
|
|
@ -0,0 +1,133 @@
|
|||
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
||||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
||||
<modelVersion>4.0.0</modelVersion>
|
||||
<parent>
|
||||
<artifactId>maven-parent</artifactId>
|
||||
<groupId>org.gcube.tools</groupId>
|
||||
<version>1.1.0</version>
|
||||
<relativePath />
|
||||
</parent>
|
||||
<groupId>org.gcube.portal</groupId>
|
||||
<artifactId>oidc-enrollment-hook</artifactId>
|
||||
<packaging>war</packaging>
|
||||
<version>0.4.0-SNAPSHOT</version>
|
||||
<properties>
|
||||
<java-version>1.8</java-version>
|
||||
<liferay.version>6.2.5</liferay.version>
|
||||
<liferay.maven.plugin.version>6.2.10.12</liferay.maven.plugin.version>
|
||||
<liferay.auto.deploy.dir>/Users/themaxx/Development/Server/liferay-portal-6.2-ce-ga6/deploy
|
||||
</liferay.auto.deploy.dir>
|
||||
<liferay.app.server.deploy.dir>/Users/themaxx/Development/Server/liferay-portal-6.2-ce-ga6/tomcat-7.0.62/webapps
|
||||
</liferay.app.server.deploy.dir>
|
||||
<liferay.app.server.lib.global.dir>/Users/themaxx/Development/Server/liferay-portal-6.2-ce-ga6/tomcat-7.0.62/lib/ext
|
||||
</liferay.app.server.lib.global.dir>
|
||||
<liferay.app.server.portal.dir>/Users/themaxx/Development/Server/liferay-portal-6.2-ce-ga6/tomcat-7.0.62/webapps/ROOT
|
||||
</liferay.app.server.portal.dir>
|
||||
</properties>
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.gcube.distribution</groupId>
|
||||
<artifactId>maven-portal-bom</artifactId>
|
||||
<version>3.6.0</version>
|
||||
<type>pom</type>
|
||||
<scope>import</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.resteasy</groupId>
|
||||
<artifactId>resteasy-jaxb-provider</artifactId>
|
||||
<exclusions>
|
||||
<exclusion>
|
||||
<groupId>com.sun.istack</groupId>
|
||||
<artifactId>istack-commons-runtime</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.jvnet.staxex</groupId>
|
||||
<artifactId>stax-ex</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.glassfish.jaxb</groupId>
|
||||
<artifactId>txw2</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>com.sun.xml.fastinfoset</groupId>
|
||||
<artifactId>FastInfoset</artifactId>
|
||||
</exclusion>
|
||||
<exclusion>
|
||||
<groupId>org.glassfish.jaxb</groupId>
|
||||
<artifactId>jaxb-runtime</artifactId>
|
||||
</exclusion>
|
||||
</exclusions>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.gcube.portal</groupId>
|
||||
<artifactId>oidc-library-portal</artifactId>
|
||||
<version>[0.1.0,)</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.gcube.common</groupId>
|
||||
<artifactId>oidc-library</artifactId>
|
||||
<version>[0.1.0,)</version>
|
||||
<scope>compile</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.liferay.portal</groupId>
|
||||
<artifactId>portal-service</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.liferay.portal</groupId>
|
||||
<artifactId>util-java</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.portlet</groupId>
|
||||
<artifactId>portlet-api</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>javax.servlet</groupId>
|
||||
<artifactId>javax.servlet-api</artifactId>
|
||||
<scope>provided</scope>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
<build>
|
||||
<plugins>
|
||||
<plugin>
|
||||
<groupId>com.liferay.maven.plugins</groupId>
|
||||
<artifactId>liferay-maven-plugin</artifactId>
|
||||
<version>${liferay.maven.plugin.version}</version>
|
||||
<configuration>
|
||||
<autoDeployDir>${liferay.auto.deploy.dir}</autoDeployDir>
|
||||
<appServerDeployDir>${liferay.app.server.deploy.dir}
|
||||
</appServerDeployDir>
|
||||
<appServerLibGlobalDir>${liferay.app.server.lib.global.dir}
|
||||
</appServerLibGlobalDir>
|
||||
<appServerPortalDir>${liferay.app.server.portal.dir}
|
||||
</appServerPortalDir>
|
||||
<liferayVersion>${liferay.version}</liferayVersion>
|
||||
<pluginType>hook</pluginType>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<artifactId>maven-compiler-plugin</artifactId>
|
||||
<configuration>
|
||||
<encoding>UTF-8</encoding>
|
||||
<source>${maven.compiler.source}</source>
|
||||
<target>${maven.compiler.target}</target>
|
||||
</configuration>
|
||||
</plugin>
|
||||
<plugin>
|
||||
<artifactId>maven-war-plugin</artifactId>
|
||||
<configuration>
|
||||
<packagingExcludes>WEB-INF/lib/oidc-library*.jar</packagingExcludes>
|
||||
</configuration>
|
||||
</plugin>
|
||||
</plugins>
|
||||
</build>
|
||||
</project>
|
|
@ -0,0 +1,163 @@
|
|||
package com.nubisware.oidc.lr62;
|
||||
|
||||
import java.util.Arrays;
|
||||
import java.util.Calendar;
|
||||
import java.util.Locale;
|
||||
import java.util.UUID;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.liferay.portal.kernel.exception.PortalException;
|
||||
import com.liferay.portal.kernel.exception.SystemException;
|
||||
import com.liferay.portal.kernel.log.Log;
|
||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||
import com.liferay.portal.kernel.util.LocaleUtil;
|
||||
import com.liferay.portal.kernel.util.StringPool;
|
||||
import com.liferay.portal.model.User;
|
||||
import com.liferay.portal.security.auth.BaseAutoLogin;
|
||||
import com.liferay.portal.service.ServiceContext;
|
||||
import com.liferay.portal.service.UserLocalServiceUtil;
|
||||
import com.liferay.portal.util.PortalUtil;
|
||||
import com.liferay.util.PwdGenerator;
|
||||
import com.nubisware.oidc.gcube.URLEncodedContextMapper;
|
||||
import com.nubisware.oidc.rest.JWTToken;
|
||||
|
||||
public class OpenIdConnectAutoLogin extends BaseAutoLogin {
|
||||
|
||||
private static final Log log = LogFactoryUtil.getLog(OpenIdConnectAutoLogin.class);
|
||||
|
||||
@Override
|
||||
public String[] doLogin(HttpServletRequest request, HttpServletResponse response) throws Exception {
|
||||
JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
|
||||
if (token == null) {
|
||||
return null;
|
||||
}
|
||||
if (log.isTraceEnabled()) {
|
||||
log.trace("Token's access token part is: " + token.getAccessTokenString());
|
||||
}
|
||||
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
|
||||
long companyId = PortalUtil.getCompanyId(request);
|
||||
long groupId = PortalUtil.getScopeGroupId(request);
|
||||
String portalURL = PortalUtil.getPortalURL(request, true);
|
||||
User user = createOrUpdateUser(token, companyId, groupId, portalURL, configuration);
|
||||
if (user != null) {
|
||||
log.info("Applying sites and roles strategy");
|
||||
try {
|
||||
UserSitesToGroupsAndRolesMapper mapper = new UserSitesToGroupsAndRolesMapper(
|
||||
user, new URLEncodedContextMapper(
|
||||
token.getResourceNameToAccessRolesMap(Arrays.asList(JWTToken.ACCOUNT_RESOURCE))));
|
||||
|
||||
mapper.map();
|
||||
} catch (Throwable t) {
|
||||
// TODO: to be removed when tested in depth
|
||||
log.error("Applying strategy", t);
|
||||
}
|
||||
log.debug("Returning logged in user's info");
|
||||
return new String[] { String.valueOf(user.getUserId()), UUID.randomUUID().toString(), "false" };
|
||||
} else {
|
||||
log.warn("User is null");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public static User createOrUpdateUser(JWTToken token, long companyId, long groupId, String portalURL,
|
||||
LiferayOpenIdConnectConfiguration configuration) throws Exception {
|
||||
|
||||
String email = token.getEmail();
|
||||
String given = token.getGiven();
|
||||
String family = token.getFamily();
|
||||
String subject = token.getSub();
|
||||
User user = null;
|
||||
try {
|
||||
boolean updateUser = false;
|
||||
// Search by email first
|
||||
user = UserLocalServiceUtil.fetchUserByEmailAddress(companyId, email);
|
||||
if (user == null) {
|
||||
log.debug("No Liferay user found with email address=" + email + ", trying with openId");
|
||||
// Then search by openId, in case user has changed the email address
|
||||
user = UserLocalServiceUtil.fetchUserByOpenId(companyId, subject);
|
||||
if (user == null) {
|
||||
log.debug("No Liferay user found with openid=" + subject + " and email address=" + email);
|
||||
if (configuration.createUnexistingUser()) {
|
||||
log.info("A new user will be created");
|
||||
user = addUser(companyId, groupId, portalURL, email, given, family, subject);
|
||||
} else {
|
||||
log.info("User will not be created according to configuration");
|
||||
return null;
|
||||
}
|
||||
} else {
|
||||
log.info("User found by its openId, the email will be updated");
|
||||
updateUser = true;
|
||||
}
|
||||
}
|
||||
if (user != null) {
|
||||
log.debug("User found, updating name details with info from userinfo if changed");
|
||||
if (given != user.getFirstName()) {
|
||||
user.setFirstName(given);
|
||||
updateUser = true;
|
||||
}
|
||||
if (family != user.getLastName()) {
|
||||
user.setLastName(family);
|
||||
updateUser = true;
|
||||
}
|
||||
if (email != user.getEmailAddress()) {
|
||||
user.setEmailAddress(email);
|
||||
updateUser = true;
|
||||
}
|
||||
}
|
||||
if (updateUser) {
|
||||
UserLocalServiceUtil.updateUser(user);
|
||||
}
|
||||
} catch (SystemException | PortalException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
return user;
|
||||
}
|
||||
|
||||
public static User addUser(long companyId, long groupId, String portalURL, String emailAddress, String firstName,
|
||||
String lastName, String openid) throws SystemException, PortalException {
|
||||
|
||||
Locale locale = LocaleUtil.getMostRelevantLocale();
|
||||
long creatorUserId = 0;
|
||||
boolean autoPassword = false;
|
||||
String password1 = PwdGenerator.getPassword();
|
||||
String password2 = password1;
|
||||
boolean autoScreenName = true;
|
||||
String screenName = StringPool.BLANK;
|
||||
long facebookId = 0;
|
||||
String openId = openid;
|
||||
String middleName = StringPool.BLANK;
|
||||
int prefixId = 0;
|
||||
int suffixId = 0;
|
||||
boolean male = true;
|
||||
int birthdayMonth = Calendar.JANUARY;
|
||||
int birthdayDay = 1;
|
||||
int birthdayYear = 1970;
|
||||
String jobTitle = StringPool.BLANK;
|
||||
long[] groupIds = null;
|
||||
long[] organizationIds = null;
|
||||
long[] roleIds = null;
|
||||
long[] userGroupIds = null;
|
||||
boolean sendEmail = false;
|
||||
ServiceContext serviceContext = new ServiceContext();
|
||||
serviceContext.setScopeGroupId(groupId);
|
||||
serviceContext.setPortalURL(portalURL);
|
||||
|
||||
User user = UserLocalServiceUtil.addUser(creatorUserId, companyId, autoPassword, password1, password2,
|
||||
autoScreenName, screenName, emailAddress, facebookId, openId, locale, firstName, middleName, lastName,
|
||||
prefixId, suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
|
||||
roleIds, userGroupIds, sendEmail, serviceContext);
|
||||
|
||||
// No password
|
||||
user.setPasswordReset(false);
|
||||
// email is already verified by oidc connect provider
|
||||
user.setEmailAddressVerified(true);
|
||||
// No reminder query at first login.
|
||||
user.setReminderQueryQuestion("x");
|
||||
user.setReminderQueryAnswer("y");
|
||||
UserLocalServiceUtil.updateUser(user);
|
||||
return user;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,80 @@
|
|||
package com.nubisware.oidc.lr62;
|
||||
|
||||
import javax.servlet.FilterChain;
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import com.liferay.portal.kernel.exception.PortalException;
|
||||
import com.liferay.portal.kernel.exception.SystemException;
|
||||
import com.liferay.portal.kernel.log.Log;
|
||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||
import com.liferay.portal.kernel.servlet.BaseFilter;
|
||||
import com.liferay.portal.model.User;
|
||||
import com.liferay.portal.util.PortalUtil;
|
||||
import com.nubisware.oidc.rest.JWTToken;
|
||||
import com.nubisware.oidc.rest.OpenIdConnectConfiguration;
|
||||
import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;
|
||||
|
||||
public class OpenIdConnectLoginFilter extends BaseFilter {
|
||||
|
||||
protected static final Log log = LogFactoryUtil.getLog(OpenIdConnectLoginFilter.class);
|
||||
|
||||
public OpenIdConnectLoginFilter() {
|
||||
super();
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Filter created");
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void processFilter(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
|
||||
throws Exception {
|
||||
|
||||
User user;
|
||||
try {
|
||||
user = PortalUtil.getUser(request);
|
||||
} catch (PortalException | SystemException e) {
|
||||
throw new ServletException("Getting user using utls", e);
|
||||
}
|
||||
HttpSession session = null;
|
||||
JWTToken token = null;
|
||||
if (user == null) {
|
||||
session = request.getSession(false);
|
||||
String uri = request.getRequestURI();
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("No user logged in " + uri);
|
||||
}
|
||||
String sessionId = session.getId();
|
||||
OpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration(request);
|
||||
if (request.getParameter("state") != null && request.getParameter("state").equals(sessionId)) {
|
||||
try {
|
||||
token = OpenIdConnectRESTHelper.queryToken(configuration.getClientId(),
|
||||
configuration.getTokenUrl(), request.getParameter("code"), configuration.getScope(),
|
||||
request.getRequestURL().toString());
|
||||
} catch (Exception e) {
|
||||
throw new ServletException("Querying token from OIDC server", e);
|
||||
}
|
||||
request.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
|
||||
// The Autologin class will perform the auto-login with the token
|
||||
} else {
|
||||
String redirectKeycloakURL = OpenIdConnectRESTHelper.buildLoginUrl(configuration.getAuthorizationUrl(),
|
||||
configuration.getClientId(), sessionId, request.getRequestURL().toString());
|
||||
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Redirecting to Keycloak login URL: " + redirectKeycloakURL);
|
||||
}
|
||||
response.sendRedirect(redirectKeycloakURL);
|
||||
return;
|
||||
}
|
||||
}
|
||||
processFilter(getClass(), request, response, filterChain);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected Log getLog() {
|
||||
return log;
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,30 @@
|
|||
package com.nubisware.oidc.lr62;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import com.liferay.portal.kernel.events.Action;
|
||||
import com.liferay.portal.kernel.events.ActionException;
|
||||
import com.liferay.portal.kernel.log.Log;
|
||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||
import com.nubisware.oidc.rest.JWTToken;
|
||||
|
||||
public class PostLoginAction extends Action {
|
||||
|
||||
protected static final Log log = LogFactoryUtil.getLog(PostLoginAction.class);
|
||||
|
||||
@Override
|
||||
public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
|
||||
if (log.isInfoEnabled()) {
|
||||
log.info("PostLoginAction invoked");
|
||||
}
|
||||
JWTToken token = JWTToken.fromString((String) request.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
|
||||
HttpSession session = request.getSession(false);
|
||||
if (token != null && session != null) {
|
||||
log.info("Setting OIDC token in session with id: " + session.getId());
|
||||
session.setAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE, token.getRaw());
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
package com.nubisware.oidc.lr62;
|
||||
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import com.liferay.portal.kernel.events.Action;
|
||||
import com.liferay.portal.kernel.events.ActionException;
|
||||
import com.liferay.portal.kernel.log.Log;
|
||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||
|
||||
public class PreLoginAction extends Action {
|
||||
|
||||
protected static final Log log = LogFactoryUtil.getLog(PreLoginAction.class);
|
||||
|
||||
@Override
|
||||
public void run(HttpServletRequest request, HttpServletResponse response) throws ActionException {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("PreLoginAction invoked");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,22 @@
|
|||
package com.nubisware.oidc.lr62;
|
||||
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import com.liferay.portal.kernel.events.ActionException;
|
||||
import com.liferay.portal.kernel.events.SessionAction;
|
||||
import com.liferay.portal.kernel.log.Log;
|
||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||
|
||||
public class SessionCreateAction extends SessionAction {
|
||||
|
||||
protected static final Log log = LogFactoryUtil.getLog(SessionCreateAction.class);
|
||||
|
||||
@Override
|
||||
public void run(HttpSession session) throws ActionException {
|
||||
if (log.isDebugEnabled()) {
|
||||
log.debug("Session created");
|
||||
}
|
||||
// Noting to do at the moment
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,41 @@
|
|||
package com.nubisware.oidc.lr62;
|
||||
|
||||
import java.io.IOException;
|
||||
|
||||
import javax.servlet.http.HttpSession;
|
||||
|
||||
import com.liferay.portal.kernel.events.ActionException;
|
||||
import com.liferay.portal.kernel.events.SessionAction;
|
||||
import com.liferay.portal.kernel.log.Log;
|
||||
import com.liferay.portal.kernel.log.LogFactoryUtil;
|
||||
import com.nubisware.oidc.rest.JWTToken;
|
||||
import com.nubisware.oidc.rest.OpenIdConnectRESTHelper;
|
||||
|
||||
public class SessionDestroyAction extends SessionAction {
|
||||
|
||||
protected static final Log log = LogFactoryUtil.getLog(SessionDestroyAction.class);
|
||||
|
||||
@Override
|
||||
public void run(HttpSession session) throws ActionException {
|
||||
if (log.isTraceEnabled()) {
|
||||
log.trace("Session id is: " + session.getId());
|
||||
}
|
||||
LiferayOpenIdConnectConfiguration configuration = LiferayOpenIdConnectConfiguration.getConfiguration();
|
||||
if (configuration.logoutOnPortalLogout()) {
|
||||
JWTToken token = JWTToken.fromString((String) session.getAttribute(JWTToken.OIDC_TOKEN_ATTRIBUTE));
|
||||
if (token != null) {
|
||||
log.debug("Performing logout on OIDC server due to session destroy");
|
||||
try {
|
||||
OpenIdConnectRESTHelper.logout(token, configuration.getLogoutUrl(), configuration.getClientId());
|
||||
} catch (IOException e) {
|
||||
throw new ActionException("Performing logut on OIDC server", e);
|
||||
}
|
||||
} else {
|
||||
log.error("Cannot find the OIDC token in session");
|
||||
}
|
||||
} else {
|
||||
log.debug("Don't performing OIDC logout according to configuration");
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -0,0 +1,17 @@
|
|||
servlet.session.create.events=com.nubisware.oidc.lr62.SessionCreateAction
|
||||
login.events.pre=com.nubisware.oidc.lr62.PreLoginAction
|
||||
auto.login.hooks=com.nubisware.oidc.lr62.OpenIdConnectAutoLogin
|
||||
login.events.post=com.nubisware.oidc.lr62.PostLoginAction
|
||||
servlet.session.destroy.events=com.nubisware.oidc.lr62.SessionDestroyAction
|
||||
|
||||
session.shared.attributes=USER_
|
||||
|
||||
company.login.prepopulate.domain=false
|
||||
d4science.oidc-authorization=https://nubis2.int.d4science.net/auth/realms/d4science/protocol/openid-connect/auth
|
||||
d4science.oidc-token=https://nubis2.int.d4science.net/auth/realms/d4science/protocol/openid-connect/token
|
||||
d4science.oidc-issuer=https://nubis2.int.d4science.net/auth/realms/d4science
|
||||
d4science.oidc-client-id=portal
|
||||
d4science.oidc-scope=openid profile email
|
||||
d4science.oidc-logout=https://nubis2.int.d4science.net/auth/realms/d4science/protocol/openid-connect/logout
|
||||
d4science.oidc-logout-on-portal-logout=true
|
||||
d4science.oidc-create-unexisting-user=true
|
|
@ -0,0 +1,16 @@
|
|||
<?xml version="1.0"?>
|
||||
<!DOCTYPE hook PUBLIC "-//Liferay//DTD Hook 6.2.0//EN" "http://www.liferay.com/dtd/liferay-hook_6_2_0.dtd">
|
||||
|
||||
<hook>
|
||||
<portal-properties>portal.properties</portal-properties>
|
||||
<servlet-filter>
|
||||
<servlet-filter-name>OpenIdConnectLoginFilter</servlet-filter-name>
|
||||
<servlet-filter-impl>com.nubisware.oidc.lr62.OpenIdConnectLoginFilter</servlet-filter-impl>
|
||||
</servlet-filter>
|
||||
<servlet-filter-mapping>
|
||||
<servlet-filter-name>OpenIdConnectLoginFilter</servlet-filter-name>
|
||||
<url-pattern>/c/portal/login</url-pattern>
|
||||
<dispatcher>REQUEST</dispatcher>
|
||||
<dispatcher>FORWARD</dispatcher>
|
||||
</servlet-filter-mapping>
|
||||
</hook>
|
|
@ -0,0 +1,11 @@
|
|||
name=OIDC Login Hook
|
||||
module-group-id=liferay
|
||||
module-incremental-version=1
|
||||
tags=
|
||||
short-description=
|
||||
long-description=
|
||||
change-log=
|
||||
page-url=http://www.liferay.com
|
||||
author=Liferay, Inc.
|
||||
licenses=LGPL
|
||||
liferay-versions=6.2.0+
|
|
@ -0,0 +1,5 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
||||
xmlns="http://java.sun.com/xml/ns/javaee"
|
||||
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
|
||||
id="WebApp_ID" version="2.5" />
|
|
@ -0,0 +1,8 @@
|
|||
<?xml version="1.0"?>
|
||||
<!DOCTYPE log4j:configuration SYSTEM "log4j.dtd">
|
||||
|
||||
<log4j:configuration xmlns:log4j="http://jakarta.apache.org/log4j/">
|
||||
<category name="com.nubisware.oidc">
|
||||
<priority value="DEBUG" />
|
||||
</category>
|
||||
</log4j:configuration>
|
|
@ -0,0 +1,7 @@
|
|||
log4j.rootLogger=DEBUG, CONSOLE
|
||||
|
||||
log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender
|
||||
log4j.appender.CONSOLE.layout=org.apache.log4j.EnhancedPatternLayout
|
||||
log4j.appender.CONSOLE.layout.ConversionPattern=%d{ABSOLUTE} %-5p [%c{1}:%L] %m%n
|
||||
|
||||
log4j.category.com.nubisware=DEBUG
|
|
@ -0,0 +1,6 @@
|
|||
debug.com.sun.portal.level=WARNING
|
||||
|
||||
org.apache.catalina.core.ContainerBase.[Catalina].handlers=java.util.logging.ConsoleHandler
|
||||
org.apache.catalina.core.ContainerBase.[Catalina].level=INFO
|
||||
|
||||
com.nubisware.level = DEBUG
|
Loading…
Reference in New Issue