Source Code of org.wso2.carbon.ui.DefaultCarbonAuthenticator

/*
 *  Copyright (c) 2005-2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
 *
 *  WSO2 Inc. licenses this file to you under the Apache License,
 *  Version 2.0 (the "License"); you may not use this file except
 *  in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *    http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing,
 * software distributed under the License is distributed on an
 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 * KIND, either express or implied.  See the License for the
 * specific language governing permissions and limitations
 * under the License.
 */
package org.wso2.carbon.ui;

import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.authenticator.proxy.AuthenticationAdminClient;
import org.wso2.carbon.authenticator.stub.RememberMeData;
import org.wso2.carbon.core.common.AuthenticationException;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.utils.ServerConstants;
import org.wso2.carbon.utils.multitenancy.MultitenantConstants;

import javax.servlet.ServletContext;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.rmi.RemoteException;

public class DefaultCarbonAuthenticator implements CarbonUIAuthenticator {

    protected static final Log log = LogFactory.getLog(DefaultCarbonAuthenticator.class);
    protected static final String AUTHENTICATION_ADMIN_SERVICE = "AuthenticationAdminService";
    private static final int DEFAULT_PRIORITY_LEVEL = 5;
    private static final String AUTHENTICATOR_NAME = "DefaultCarbonAuthenticator";

    public boolean reAuthenticateOnSessionExpire(Object object) throws AuthenticationException {
        boolean isValidRememberMe = false;
        try {
            HttpServletRequest request = (HttpServletRequest) object;
            AuthenticationAdminClient client = getAuthenticationAdminCient(request);
            Cookie[] cookies = request.getCookies();
            for (Cookie cookie : cookies) {
                if (cookie.getName().equals(CarbonConstants.REMEMBER_ME_COOKE_NAME)) {
                    isValidRememberMe = client.loginWithRememberMeCookie(cookie.getValue());
                }
            }

        } catch (AxisFault e) {
            log.error(e.getMessage(), e);
            throw new AuthenticationException(e.getMessage(), e);
        }
        return isValidRememberMe;
    }

    public boolean isHandle(Object object) {
        // try to authenticate any request that comes
        // least priority authenticator
        return true;
    }

    /**
     * {@inheritDoc}
     */
    public boolean authenticate(Object object) throws AuthenticationException {
        HttpServletRequest request = (HttpServletRequest) object;
        String userName = request.getParameter("username");
        String password = request.getParameter("password");
        String value = request.getParameter("rememberMe");
        boolean isRememberMe = false;
        if (value != null && value.equals("rememberMe")) {
            isRememberMe = true;
        }
        boolean isAuthenticated = false;
        try {
            isAuthenticated = authenticate(request, userName, password, isRememberMe);
        } catch (RemoteException e) {
            throw new AuthenticationException(e.getMessage(), e);
        }
        return isAuthenticated;
    }

    /**
     *
     */
    public void unauthenticate(Object object) throws Exception {
        try {
            getAuthenticationAdminCient(((HttpServletRequest) object)).logout();
        } catch (Exception ignored) {
            String msg = "Configuration context is null.";
            log.error(msg);
            throw new Exception(msg);
        }
    }

    protected boolean authenticate(HttpServletRequest request, String userName, String password,
            boolean isRememberMe) throws RemoteException {
        try {

            ServletContext servletContext = request.getSession().getServletContext();
            ConfigurationContext configContext = (ConfigurationContext) servletContext
                    .getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);

            if (configContext == null) {
                String msg = "Configuration context is null.";
                log.error(msg);
                throw new RemoteException(msg);
            }
            // Obtain the back-end server URL from the request. If not obtain it
            // from the http session and then from the ServletContext.

            AuthenticationAdminClient proxy = getAuthenticationAdminCient(request);

            String userNameWithDomain = userName;
            String domainName = (String) request.getAttribute(MultitenantConstants.TENANT_DOMAIN);
            if (domainName != null) {
                userNameWithDomain += "@" + domainName;
            }
            userNameWithDomain = userNameWithDomain.trim();
            boolean isLogged = false;
            if (isRememberMe) {
                RememberMeData data = proxy.loginWithRememberMeOption(userNameWithDomain, password,
                        request.getRemoteAddr());
                if (data != null) {
                    isLogged = true;
                    request.setAttribute(CarbonConstants.REMEMBER_ME_COOKIE_VALUE, data.getValue());
                    request.setAttribute(CarbonConstants.REMEMBER_ME_COOKIE_AGE,
                            new Integer(data.getMaxAge()).toString());
                }
            } else {
                isLogged = proxy.login(userNameWithDomain, password, request.getRemoteAddr());
            }
            return isLogged;
        } catch (AxisFault axisFault) {
            throw axisFault;
        } catch (RemoteException e) {
            throw e;
        } catch (Exception e) {
            throw new AxisFault("Exception occured", e);
        }
    }

    /**
     * Returns the priority
     */
    public int getPriority() {
        AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig =
                authenticatorsConfiguration.getAuthenticatorConfig(AUTHENTICATOR_NAME);
        if (authenticatorConfig != null && authenticatorConfig.getPriority() > 0) {
            return authenticatorConfig.getPriority();
        }
        return DEFAULT_PRIORITY_LEVEL;
    }

    public String getAuthenticatorName() {
        return AUTHENTICATOR_NAME;
    }

    protected AuthenticationAdminClient getAuthenticationAdminCient(HttpServletRequest request)
            throws AxisFault {
        HttpSession session = request.getSession();
        ServletContext servletContext = session.getServletContext();
        String backendServerURL = request.getParameter("backendURL");
        if (backendServerURL == null) {
            backendServerURL = CarbonUIUtil.getServerURL(servletContext, request.getSession());
        }
        session.setAttribute(CarbonConstants.SERVER_URL, backendServerURL);

        ConfigurationContext configContext = (ConfigurationContext) servletContext
                .getAttribute(CarbonConstants.CONFIGURATION_CONTEXT);

        String cookie = (String) session.getAttribute(ServerConstants.ADMIN_SERVICE_AUTH_TOKEN);

        return new AuthenticationAdminClient(configContext, backendServerURL, cookie, session, true);

    }

    public boolean isDisabled() {
        AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
        AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig =
                authenticatorsConfiguration.getAuthenticatorConfig(AUTHENTICATOR_NAME);
        if (authenticatorConfig != null) {
            return authenticatorConfig.isDisabled();
        }
        return false;
    }
}