Liferay 6.2 上的 oAuth SSO

oAuth SSO on Liferay 6.2

我需要在 Liferay 6.2 GA6 上集成一个来自 Web 应用程序的 SSO,该应用程序通过 oAuth

提供信息

不存在本机支持。

我的问题是在 Liferay 上创建自动登录(在创建用户之后或者如果用户已经存在)。有帮助吗?

您必须在创建扩展 BaseAutoLogin 的自动登录 class 的地方创建一个挂钩。阅读 oAuth 文档并在该挂钩中编写登录逻辑,然后在 portal-ext.properties(properties reference) 中的 auto.login.hooks 属性 中设置它。然后,您将必须创建一个过滤器来扩展 BasePortalFilter 并实现 processFilter 方法。您可以在 CASFilter 和 CASAutologin

上建模

覆盖portal.properties添加

auto.login.hooks=com.yourpackage.hook.MyAutoLogin

创建 class:

package com.yourpackage.hook;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import com.liferay.portal.kernel.exception.PortalException;
import com.liferay.portal.kernel.exception.SystemException;
import com.liferay.portal.kernel.util.ParamUtil;
import com.liferay.portal.kernel.util.Validator;
import com.liferay.portal.model.User;
import com.liferay.portal.security.auth.AutoLogin;
import com.liferay.portal.security.auth.AutoLoginException;
import com.liferay.portal.service.UserLocalServiceUtil;
import com.liferay.portal.util.PortalUtil;

//based on example
// https://bitbucket.org/brandizzi/liferay-examples/src/a41d71eba8f2fb2d4272a3ce8f393e77cec41d60/unsafe-login-hook/docroot/WEB-INF/src/br/brandizzi/adam/liferay/unsecure/UnsecureAutoLogin.java?at=default&fileviewer=file-view-default

public class MyAutoLogin implements AutoLogin {

    @Override
    public String[] login(HttpServletRequest request,HttpServletResponse response) throws AutoLoginException {

        HttpSession session = request.getSession();
        String emailAddress = (String) session.getAttribute("LIFERAY_SHARED_EMAIL");

        if (emailAddress == null || emailAddress.isEmpty())
            return null;


            long companyId = PortalUtil.getCompanyId(request);
            User user = null;
            try {
                user = UserLocalServiceUtil.getUserByEmailAddress(companyId, emailAddress);
            } catch (PortalException | SystemException e) {

                e.printStackTrace();
            }


            String redirect = ParamUtil.getString(request, "redirect");

            if (Validator.isNotNull(redirect)) {
                request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT_AND_CONTINUE,PortalUtil.escapeRedirect(redirect));
            }


            String[] credentials = new String[3];

                                credentials[0] = String.valueOf(user.getUserId());
                                credentials[1] = user.getPassword();
                                credentials[2] = String.valueOf(user.isPasswordEncrypted());
                              //  credentials[2] =  Boolean.FALSE.toString();
        return credentials;
    }

    @Override
    public String[] handleException(HttpServletRequest arg0,
            HttpServletResponse arg1, Exception arg2)
            throws AutoLoginException {

        System.out.println("AutoLogin handleException ");

        return null;
    }
}

使用静态方法创建另一个 class:

public static JSONObject doSSO(String firstname, String surname,  String email,  String username,String accessToken, ActionRequest actionRequest,   ActionResponse actionResponse){

    JSONObject jsonResp = JSONFactoryUtil.createJSONObject();

    //Get default Liferay company
     String webId = new String("liferay.com");
     Company company = null;
    try {
        company = CompanyLocalServiceUtil.getCompanyByWebId(webId);
    } catch (PortalException | SystemException e) {
      e.printStackTrace();
    }


    System.out.println("email "+email);

    User currentUser = null;
    try {
         currentUser = UserLocalServiceUtil.getUserByEmailAddress(company.getCompanyId(), email);

    } catch (SystemException | PortalException e) {

        System.out.println("User to create");

    }

    if (Validator.isNull(currentUser)){

        long newUserId = 0;

        try {
            jsonResp = addNewUser( firstname,  surname,   email,   username );
        } catch (Exception e) {
            e.printStackTrace();
        }

        String newUserIdS = jsonResp.getString("newUserId");
        newUserId = Long.valueOf(newUserIdS);

        try {
            currentUser = UserLocalServiceUtil.fetchUser(newUserId);
        } catch (SystemException e) {
            e.printStackTrace();
        }

        notifyAuthorAboutInvited(email, currentUser);


    }

    setExistingUserOnSession( actionRequest,currentUser, accessToken);

    //Login the user
    HttpServletRequest request = PortalUtil.getOriginalServletRequest(PortalUtil.getHttpServletRequest(actionRequest));
    HttpServletResponse response = PortalUtil.getHttpServletResponse(actionResponse);

    MyAutoLogin myLogin = new MyAutoLogin();
    try {
         myLogin.login(request, response);
         jsonResp.put("message","OK - User logged on Liferay");
    } catch (AutoLoginException e1) {
        e1.printStackTrace();
    }



    //set Token on customfield
    //remember to set permission guest to view and update
     ServiceContext serviceContext = null;
    try {
        serviceContext = ServiceContextFactory.getInstance(User.class.getName(), actionRequest);
    } catch (PortalException | SystemException e) {
        e.printStackTrace();
    }
     Map<String,Serializable> expandoBridgeAttributes = new HashMap<String, Serializable>();
     expandoBridgeAttributes.put("token", accessToken);  
     serviceContext.setExpandoBridgeAttributes(expandoBridgeAttributes);
     currentUser.setExpandoBridgeAttributes(serviceContext);
    try {
        UserLocalServiceUtil.updateUser(currentUser);
    } catch (SystemException e) {
        e.printStackTrace();
    }


    String userToken =currentUser.getExpandoBridge().getAttribute("token").toString();
    //System.out.println("doSSO accessToken dopo "+userToken);


    return jsonResp;
}

和:

private static void setExistingUserOnSession(ActionRequest actionRequest,User user, String accessToken) {

    HttpServletRequest req = PortalUtil.getHttpServletRequest(actionRequest);
    HttpSession session = req.getSession();
    session.setAttribute("LIFERAY_SHARED_EMAIL", user.getEmailAddress());
}