1 package com.liferay.portal.security.internalSSO;
5 import org.json.JSONArray;
6 import org.json.JSONObject;
8 import com.liferay.portal.kernel.log.Log;
9 import com.liferay.portal.kernel.log.LogFactoryUtil;
10 import com.liferay.portal.model.User;
11 import com.liferay.portal.service.UserLocalServiceUtil;
12 import com.pentila.entSavoie.casManager.model.ServiceSSO;
13 import com.pentila.entSavoie.casManager.service.ServiceSSOLocalServiceUtil;
14 import com.pentila.entSavoie.userProperties.service.InternalOauthLocalServiceUtil;
15 import com.pentila.entSavoie.utils.ENTMainUtilsLocalServiceUtil;
16 import org.apache.commons.codec.binary.Base64;
18 public class InternalOauth {
20 private static Log logger = LogFactoryUtil.getLog(InternalOauth.class);
22 public static String getCode(String redirectUri, String clientId, User user) {
25 if (redirectUri.isEmpty()) {
26 logger.error("No service found in ticket request");
27 return "{\"error\":\"NO_SERVICE\"}";
30 if (!clientId.equals(ENTMainUtilsLocalServiceUtil.getOauthClientId())) {
31 logger.error(redirectUri + " not allowed to access");
32 return "{\"error\":\"" + redirectUri + " not allowed to access\"}";
35 ServiceSSO monService = ServiceSSOLocalServiceUtil.getFirstServiceMatched(redirectUri);
37 if (monService != null) {
38 // Generate a ticket for the user and store it in a cache!
39 String ssoIdK = UUID.randomUUID().toString();
42 String codeOauth = "ST-ISC-" + ssoIdK + "%%%%%" + user.getUserId();
44 return new String(Base64.encodeBase64(codeOauth.getBytes("UTF-8")), "UTF-8");
46 return "{\"error\":\"NOT_ALLOWED\"}";
49 } catch (Exception e) {
50 logger.error("error in getCode acquire", e);
51 return "{\"error\":\"error in getCode acquire\"}";
55 public static String getToken(String service, String code) {
59 if (service.isEmpty()) {
60 logger.error("No service found in ticket request");
61 return "{\"error\":\"NO_SERVICE\"}";
65 logger.error("No code found");
66 return "{\"error\":\"NO_CODE\"}";
69 Long userId = new Long(0);
70 System.out.println("code: " + code);
71 String codeDecoded = new String(Base64.decodeBase64(code.getBytes("UTF-8")), "UTF-8");
72 System.out.println("code decoded: " + codeDecoded);
73 String[] codeSplitted = codeDecoded.split("%%%%%");
74 if (codeSplitted.length == 2) {
75 userId = new Long(codeSplitted[1]);
77 logger.error("the code is not a Ent Nero's code like");
78 return "{\"error\":\"Code not provided by Ent Nero\"}";
81 ServiceSSO monService = ServiceSSOLocalServiceUtil.getFirstServiceMatched(service);
83 if (monService != null) {
84 // Generate a ticket for the user and store it in a cache!
85 String oauthIdK = UUID.randomUUID().toString();
88 String token = oauthIdK;
89 // we store the ticket for a valid period of 10sec
90 InternalOauthLocalServiceUtil.addInternalOauth(token, service, userId);
91 System.out.println("user Id = " + userId);
92 logger.info("ticket " + token + " stored");
95 JSONObject result = new JSONObject();
96 result.put("access_token", token);
97 result.put("expires_in", 20);
98 result.put("token_type", "Bearer");
100 return result.toString();
102 return "{\"error\":\"NOT_ALLOWED\"}";
105 } catch (Exception e) {
106 logger.error("error in getToken acquire", e);
107 return "{\"error\":\"error in getToken acquire\"}";
112 public static String getProfile(String token) {
113 JSONObject result = new JSONObject();
114 com.pentila.entSavoie.userProperties.model.InternalOauth internalOauth = null;
117 internalOauth = InternalOauthLocalServiceUtil.getOauthByToken(token);
118 } catch (Exception e) {
119 logger.error("error in getProfile acquire", e);
120 return "{\"error\":\"error in getProfile acquire\"}";
123 if (internalOauth == null) {
124 logger.error("Session not found");
125 return "{\"error\":\"Session not found\"}";
128 User user = UserLocalServiceUtil.getUserById(internalOauth.getUserId());
129 result.put("id", "" + user.getUserId());
130 result.put("displayName", user.getFullName());
131 result.put("firstName", user.getFirstName());
132 result.put("lastName", user.getLastName());
133 result.put("email", user.getEmailAddress());
134 } catch (Exception e) {
135 logger.error("User not found");
136 return "{\"error\":\"User not found\"}";
139 System.out.println("result of getProfile: " + result.toString());
140 return result.toString();