Liferay 6.2上的oAuth SSO

时间:2017-08-24 16:31:51

标签: oauth liferay single-sign-on autologin liferay-6.2

我需要在Liferay 6.2 GA6上集成一个来自提供oAuth信息的Web应用程序的SSO

原生支持不存在。

我的问题是在Liferay上创建自动登录(在用户创建之后或用户已经存在时)。有什么帮助吗?

2 个答案:

答案 0 :(得分:0)

您必须创建一个钩子,您可以在其中创建扩展BaseAutoLogin的AutoLogin类。阅读oAuth文档并在该钩子中编写登录逻辑,然后在portal-ext.properties(properties reference)中的auto.login.hooks属性中设置它。然后,您将必须创建一个扩展BasePortalFilter并实现processFilter方法的过滤器。您可以在CASFilter和CASAutologin

上建模

答案 1 :(得分:0)

覆盖portal.properties添加

auto.login.hooks=com.yourpackage.hook.MyAutoLogin

创建课程:

package com.yourpackage.hook;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.model.User;
import com.liferay.portal.security.auth.AutoLogin;
import com.liferay.portal.security.auth.AutoLoginException;
import com.liferay.portal.service.UserLocalServiceUtil;
import com.liferay.portal.util.PortalUtil;

//based on example
// https://bitbucket.org/brandizzi/liferay-examples/src/a41d71eba8f2fb2d4272a3ce8f393e77cec41d60/unsafe-login-hook/docroot/WEB-INF/src/br/brandizzi/adam/liferay/unsecure/UnsecureAutoLogin.java?at=default&fileviewer=file-view-default

public class MyAutoLogin implements AutoLogin {

    @Override
    public String[] login(HttpServletRequest request,HttpServletResponse response) throws AutoLoginException {

        HttpSession session = request.getSession();
        String emailAddress = (String) session.getAttribute("LIFERAY_SHARED_EMAIL");

        if (emailAddress == null || emailAddress.isEmpty())
            return null;


            long companyId = PortalUtil.getCompanyId(request);
            User user = null;
            try {
                user = UserLocalServiceUtil.getUserByEmailAddress(companyId, emailAddress);
            } catch (PortalException | SystemException e) {

                e.printStackTrace();
            }


            String redirect = ParamUtil.getString(request, "redirect");

            if (Validator.isNotNull(redirect)) {
                request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE,PortalUtil.escapeRedirect(redirect));
            }


            String[] credentials = new String[3];

                                credentials[0] = String.valueOf(user.getUserId());
                                credentials[1] = user.getPassword();
                                credentials[2] = String.valueOf(user.isPasswordEncrypted());
                              //  credentials[2] =  Boolean.FALSE.toString();
        return credentials;
    }

    @Override
    public String[] handleException(HttpServletRequest arg0,
            HttpServletResponse arg1, Exception arg2)
            throws AutoLoginException {

        System.out.println("AutoLogin handleException ");

        return null;
    }
}

使用静态方法创建另一个类:

public static JSONObject doSSO(String firstname, String surname,  String email,  String username,String accessToken, ActionRequest actionRequest,   ActionResponse actionResponse){

    JSONObject jsonResp = JSONFactoryUtil.createJSONObject();

    //Get default Liferay company
     String webId = new String("liferay.com");
     Company company = null;
    try {
        company = CompanyLocalServiceUtil.getCompanyByWebId(webId);
    } catch (PortalException | SystemException e) {
      e.printStackTrace();
    }


    System.out.println("email "+email);

    User currentUser = null;
    try {
         currentUser = UserLocalServiceUtil.getUserByEmailAddress(company.getCompanyId(), email);

    } catch (SystemException | PortalException e) {

        System.out.println("User to create");

    }

    if (Validator.isNull(currentUser)){

        long newUserId = 0;

        try {
            jsonResp = addNewUser( firstname,  surname,   email,   username );
        } catch (Exception e) {
            e.printStackTrace();
        }

        String newUserIdS = jsonResp.getString("newUserId");
        newUserId = Long.valueOf(newUserIdS);

        try {
            currentUser = UserLocalServiceUtil.fetchUser(newUserId);
        } catch (SystemException e) {
            e.printStackTrace();
        }

        notifyAuthorAboutInvited(email, currentUser);


    }

    setExistingUserOnSession( actionRequest,currentUser, accessToken);

    //Login the user
    HttpServletRequest request = PortalUtil.getOriginalServletRequest(PortalUtil.getHttpServletRequest(actionRequest));
    HttpServletResponse response = PortalUtil.getHttpServletResponse(actionResponse);

    MyAutoLogin myLogin = new MyAutoLogin();
    try {
         myLogin.login(request, response);
         jsonResp.put("message","OK - User logged on Liferay");
    } catch (AutoLoginException e1) {
        e1.printStackTrace();
    }



    //set Token on customfield
    //remember to set permission guest to view and update
     ServiceContext serviceContext = null;
    try {
        serviceContext = ServiceContextFactory.getInstance(User.class.getName(), actionRequest);
    } catch (PortalException | SystemException e) {
        e.printStackTrace();
    }
     Map<String,Serializable> expandoBridgeAttributes = new HashMap<String, Serializable>();
     expandoBridgeAttributes.put("token", accessToken);  
     serviceContext.setExpandoBridgeAttributes(expandoBridgeAttributes);
     currentUser.setExpandoBridgeAttributes(serviceContext);
    try {
        UserLocalServiceUtil.updateUser(currentUser);
    } catch (SystemException e) {
        e.printStackTrace();
    }


    String userToken =currentUser.getExpandoBridge().getAttribute("token").toString();
    //System.out.println("doSSO accessToken dopo "+userToken);


    return jsonResp;
}

和:

private static void setExistingUserOnSession(ActionRequest actionRequest,User user, String accessToken) {

    HttpServletRequest req = PortalUtil.getHttpServletRequest(actionRequest);
    HttpSession session = req.getSession();
    session.setAttribute("LIFERAY_SHARED_EMAIL", user.getEmailAddress());
}