--- /dev/null
+package com.liferay.portal.security.internalSSO;
+
+import java.util.UUID;
+
+import org.json.JSONArray;
+import org.json.JSONObject;
+
+import com.liferay.portal.kernel.log.Log;
+import com.liferay.portal.kernel.log.LogFactoryUtil;
+import com.liferay.portal.model.User;
+import com.liferay.portal.service.UserLocalServiceUtil;
+import com.pentila.entSavoie.casManager.model.ServiceSSO;
+import com.pentila.entSavoie.casManager.service.ServiceSSOLocalServiceUtil;
+import com.pentila.entSavoie.userProperties.service.InternalOauthLocalServiceUtil;
+import com.pentila.entSavoie.utils.ENTMainUtilsLocalServiceUtil;
+import org.apache.commons.codec.binary.Base64;
+
+public class InternalOauth {
+
+ private static Log logger = LogFactoryUtil.getLog(InternalOauth.class);
+
+ public static String getCode(String redirectUri, String clientId, User user) {
+ try {
+
+ if (redirectUri.isEmpty()) {
+ logger.error("No service found in ticket request");
+ return "{\"error\":\"NO_SERVICE\"}";
+ }
+
+ if (!clientId.equals(ENTMainUtilsLocalServiceUtil.getOauthClientId())) {
+ logger.error(redirectUri + " not allowed to access");
+ return "{\"error\":\"" + redirectUri + " not allowed to access\"}";
+ }
+
+ ServiceSSO monService = ServiceSSOLocalServiceUtil.getFirstServiceMatched(redirectUri);
+
+ if (monService != null) {
+ // Generate a ticket for the user and store it in a cache!
+ String ssoIdK = UUID.randomUUID().toString();
+
+ // Clé du cache
+ String codeOauth = "ST-ISC-" + ssoIdK + "%%%%%" + user.getUserId();
+
+ return new String(Base64.encodeBase64(codeOauth.getBytes("UTF-8")), "UTF-8");
+ } else {
+ return "{\"error\":\"NOT_ALLOWED\"}";
+ }
+
+ } catch (Exception e) {
+ logger.error("error in getCode acquire", e);
+ return "{\"error\":\"error in getCode acquire\"}";
+ }
+ }
+
+ public static String getToken(String service, String code) {
+
+ try {
+
+ if (service.isEmpty()) {
+ logger.error("No service found in ticket request");
+ return "{\"error\":\"NO_SERVICE\"}";
+ }
+
+ if (code.isEmpty()) {
+ logger.error("No code found");
+ return "{\"error\":\"NO_CODE\"}";
+ }
+
+ Long userId = new Long(0);
+ System.out.println("code: " + code);
+ String codeDecoded = new String(Base64.decodeBase64(code.getBytes("UTF-8")), "UTF-8");
+ System.out.println("code decoded: " + codeDecoded);
+ String[] codeSplitted = codeDecoded.split("%%%%%");
+ if (codeSplitted.length == 2) {
+ userId = new Long(codeSplitted[1]);
+ } else {
+ logger.error("the code is not a Ent Nero's code like");
+ return "{\"error\":\"Code not provided by Ent Nero\"}";
+ }
+
+ ServiceSSO monService = ServiceSSOLocalServiceUtil.getFirstServiceMatched(service);
+
+ if (monService != null) {
+ // Generate a ticket for the user and store it in a cache!
+ String oauthIdK = UUID.randomUUID().toString();
+
+ // Clé du cache
+ String token = oauthIdK;
+ // we store the ticket for a valid period of 10sec
+ InternalOauthLocalServiceUtil.addInternalOauth(token, service, userId);
+ System.out.println("user Id = " + userId);
+ logger.info("ticket " + token + " stored");
+
+ // return token
+ JSONObject result = new JSONObject();
+ result.put("access_token", token);
+ result.put("expires_in", 20);
+ result.put("token_type", "Bearer");
+
+ return result.toString();
+ } else {
+ return "{\"error\":\"NOT_ALLOWED\"}";
+ }
+
+ } catch (Exception e) {
+ logger.error("error in getToken acquire", e);
+ return "{\"error\":\"error in getToken acquire\"}";
+ }
+
+ }
+
+ public static String getProfile(String token) {
+ JSONObject result = new JSONObject();
+ com.pentila.entSavoie.userProperties.model.InternalOauth internalOauth = null;
+
+ try {
+ internalOauth = InternalOauthLocalServiceUtil.getOauthByToken(token);
+ } catch (Exception e) {
+ logger.error("error in getProfile acquire", e);
+ return "{\"error\":\"error in getProfile acquire\"}";
+ }
+
+ if (internalOauth == null) {
+ logger.error("Session not found");
+ return "{\"error\":\"Session not found\"}";
+ } else {
+ try {
+ User user = UserLocalServiceUtil.getUserById(internalOauth.getUserId());
+ result.put("id", "" + user.getUserId());
+ result.put("displayName", user.getFullName());
+ result.put("firstName", user.getFirstName());
+ result.put("lastName", user.getLastName());
+ result.put("email", user.getEmailAddress());
+ } catch (Exception e) {
+ logger.error("User not found");
+ return "{\"error\":\"User not found\"}";
+ }
+ }
+ System.out.println("result of getProfile: " + result.toString());
+ return result.toString();
+ }
+
+}