Adding new features and refactoring

dxp-oidc-filter/pom.xml

@@ -6,10 +6,10 @@
     <name>OpenID Connect DXP filter</name>
 
 	<parent>
-		<artifactId>oidc-parent</artifactId>
-		<groupId>nl.finalist.liferay.oidc</groupId>
-		<version>0.5.3-SNAPSHOT</version>
-	</parent>
+        <artifactId>oidc-parent</artifactId>
+        <groupId>nl.finalist.liferay.oidc</groupId>
+        <version>0.5.3-RELEASE</version>
+    </parent>
 	<dependencies>
 
 		<dependency>
@@ -61,8 +61,8 @@
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
                 <configuration>
-                    <source>1.7</source>
-                    <target>1.7</target>
+                    <source>8</source>
+                    <target>8</target>
                 </configuration>
             </plugin>
             <plugin>

dxp-oidc-filter/src/main/java/nl/finalist/liferay/oidc/Liferay70Adapter.java

@@ -5,21 +5,25 @@
 import com.liferay.portal.kernel.log.Log;
 import com.liferay.portal.kernel.log.LogFactoryUtil;
 import com.liferay.portal.kernel.model.User;
+import com.liferay.portal.kernel.model.UserGroup;
 import com.liferay.portal.kernel.module.configuration.ConfigurationException;
 import com.liferay.portal.kernel.module.configuration.ConfigurationProvider;
 import com.liferay.portal.kernel.service.ServiceContext;
+import com.liferay.portal.kernel.service.UserGroupLocalServiceUtil;
 import com.liferay.portal.kernel.service.UserLocalService;
-import com.liferay.portal.kernel.util.LocaleUtil;
+import com.liferay.portal.kernel.service.UserLocalServiceUtil;
+import com.liferay.portal.kernel.service.persistence.UserGroupUtil;
+import com.liferay.portal.kernel.service.persistence.UserUtil;
 import com.liferay.portal.kernel.util.PortalUtil;
-import com.liferay.portal.kernel.util.PwdGenerator;
-import com.liferay.portal.kernel.util.StringPool;
-
-import java.util.Calendar;
-import java.util.Locale;
+import nl.finalist.liferay.oidc.configuration.OpenIDConnectOCDConfiguration;
+import nl.finalist.liferay.oidc.dto.PersonGroupDto;
+import nl.finalist.liferay.oidc.dto.UserDto;
 
 import javax.servlet.http.HttpServletRequest;
-
-import nl.finalist.liferay.oidc.configuration.OpenIDConnectOCDConfiguration;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.function.Function;
+import java.util.stream.Collectors;
 
 
 public class Liferay70Adapter implements LiferayAdapter {
@@ -31,8 +35,8 @@ public class Liferay70Adapter implements LiferayAdapter {
 
 
     public Liferay70Adapter(UserLocalService userLocalService, ConfigurationProvider
-        configurationProvider) {
-		this.userLocalService = userLocalService;
+            configurationProvider) {
+        this.userLocalService = userLocalService;
         this.configurationProvider = configurationProvider;
     }
 
@@ -43,7 +47,7 @@ public OIDCConfiguration getOIDCConfiguration(long companyId) {
             throw new SystemException(e);
         }
     }
-    
+
     @Override
     public void trace(String s) {
         LOG.trace(s);
@@ -90,79 +94,148 @@ public long getCompanyId(HttpServletRequest request) {
 
 
     @Override
-    public String createOrUpdateUser(long companyId, String emailAddress, String firstName, String lastName) {
-
+    public Long createOrUpdateUser(long companyId, UserDto userDto) {
         try {
-            User user = userLocalService.fetchUserByEmailAddress(companyId, emailAddress);
-
+            User user = userLocalService.fetchUserByUuidAndCompanyId(userDto.getUuid(), companyId);
             if (user == null) {
-                LOG.debug("No Liferay user found with email address " + emailAddress + ", will create one.");
-                user = addUser(companyId, emailAddress, firstName, lastName);
+                user = addUser(companyId, userDto);
             } else {
-                LOG.debug("User found, updating name details with info from userinfo");
-                updateUser(user, firstName, lastName);
+                updateUser(user, userDto);
             }
-            return String.valueOf(user.getUserId());
+            return user.getUserId();
 
         } catch (SystemException | PortalException e) {
             throw new RuntimeException(e);
         }
     }
 
+    @Override
+    public Set<Long> createOrUpdateUserGroup(long companyId, long userId, Set<PersonGroupDto> personGroupDtos) {
+        Set<Long> groupIds = new HashSet<>();
+        for (PersonGroupDto personGroupDto : personGroupDtos) {
+            try {
+                final UserGroup userGroup = UserGroupLocalServiceUtil.fetchUserGroupByUuidAndCompanyId(personGroupDto.getUuid(), companyId);
+                if (userGroup == null) {
+                    groupIds.add(addNewUserGroup(companyId, userId, personGroupDto).getUserGroupId());
+                } else {
+                    groupIds.add(updateUserGroup(userGroup, personGroupDto).getUserGroupId());
+                }
+            } catch (SystemException e) {
+                LOG.error(e.getMessage());
+            }
+        }
+        return groupIds;
+    }
+
+    private UserGroup updateUserGroup(UserGroup userGroup, PersonGroupDto personGroupDto) {
+        try {
+            userGroup.setName(personGroupDto.getName());
+            return UserGroupLocalServiceUtil.updateUserGroup(userGroup);
+        } catch (SystemException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private UserGroup addNewUserGroup(long companyId, long userId, PersonGroupDto personGroupDto) {
+        try {
+            final UserGroup userGroup = UserGroupLocalServiceUtil.addUserGroup(userId, companyId, personGroupDto.getName(), null, null);
+            userGroup.setUuid(personGroupDto.getUuid());
+            return UserGroupLocalServiceUtil.updateUserGroup(userGroup);
+        } catch (PortalException | SystemException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    @Override
+    public void addUserInUserGroup(Long userId, Set<Long> newUserGroupIds) {
+        try {
+            final Set<Long> oldUserGroupIds = UserGroupLocalServiceUtil.getUserUserGroups(userId).stream()
+                    .map(getUserGroupLongFunction())
+                    .collect(Collectors.toSet());
+            final long[] newIdsArray = newUserGroupIds.stream()
+                    .filter(id -> !oldUserGroupIds.contains(id))
+                    .mapToLong(Long::longValue)
+                    .toArray();
+            final long[] deleteIds = oldUserGroupIds.stream()
+                    .filter(id -> !newUserGroupIds.contains(id))
+                    .mapToLong(Long::longValue)
+                    .toArray();
+            if (newIdsArray != null && newIdsArray.length > 0) {
+                UserUtil.addUserGroups(userId, newIdsArray);
+                UserGroupUtil.clearCache();
+            }
+            if (deleteIds != null && deleteIds.length > 0) {
+                UserUtil.removeUserGroups(userId, deleteIds);
+                UserGroupUtil.clearCache();
+            }
+        } catch (SystemException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private Function<UserGroup, Long> getUserGroupLongFunction() {
+        return userGroup -> {
+            try {
+                return userGroup.getUserGroupId();
+            } catch (SystemException e) {
+                throw new RuntimeException(e);
+            }
+        };
+    }
+
 
     // Copied from OpenSSOAutoLogin.java
-    protected User addUser(
-            long companyId, String emailAddress, String firstName, String lastName)
-            throws SystemException, PortalException {
-
-        Locale locale = LocaleUtil.getMostRelevantLocale();
-        long creatorUserId = 0;
-        boolean autoPassword = false;
-        String password1 = PwdGenerator.getPassword();
-        String password2 = password1;
-        boolean autoScreenName = true;
-        String screenName = "not_used_but_autogenerated_instead";
-        long facebookId = 0;
-        String openId = StringPool.BLANK;
-        String middleName = StringPool.BLANK;
-        int prefixId = 0;
-        int suffixId = 0;
-        boolean male = true;
-        int birthdayMonth = Calendar.JANUARY;
-        int birthdayDay = 1;
-        int birthdayYear = 1970;
-        String jobTitle = StringPool.BLANK;
-        long[] groupIds = null;
-        long[] organizationIds = null;
-        long[] roleIds = null;
-        long[] userGroupIds = null;
-        boolean sendEmail = false;
+    protected User addUser(long companyId, UserDto userDto) throws SystemException, PortalException {
         ServiceContext serviceContext = new ServiceContext();
-
-        User user = userLocalService.addUser(
-                creatorUserId, companyId, autoPassword, password1, password2,
-                autoScreenName, screenName, emailAddress, facebookId, openId,
-                locale, firstName, middleName, lastName, prefixId, suffixId, male,
-                birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
-                organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
-
-        // No password
-        user.setPasswordReset(false);
-        // No reminder query at first login.
-        user.setReminderQueryQuestion("x");
-        user.setReminderQueryAnswer("y");
+        User user = UserLocalServiceUtil.addUser(
+                userDto.getCreatorUserId(),
+                companyId,
+                userDto.isAutoPassword(),
+                userDto.getPassword1(),
+                userDto.getPassword2(),
+                userDto.isAutoScreenName(),
+                userDto.getScreenName(),
+                userDto.getEmail(),
+                userDto.getFacebookId(),
+                userDto.getOpenId(),
+                userDto.getLocale(),
+                userDto.getFirstName(),
+                userDto.getMiddleName(),
+                userDto.getLastName(),
+                userDto.getPrefixId(),
+                userDto.getSuffixId(),
+                userDto.isMale(),
+                userDto.getBirthdayMonth(),
+                userDto.getBirthdayDay(),
+                userDto.getBirthdayYear(),
+                userDto.getJobTitle(),
+                userDto.getGroupIds(),
+                userDto.getOrganizationIds(),
+                userDto.getRoleIds(),
+                null,
+                userDto.isSendEmail(),
+                serviceContext
+        );
+        user.setUuid(userDto.getUuid());
+        user.setPasswordReset(userDto.isPasswordReset());
+        user.setReminderQueryQuestion(userDto.getQueryQuestion());
+        user.setReminderQueryAnswer(userDto.getQueryAnswer());
         userLocalService.updateUser(user);
         return user;
     }
 
+    private void updateUser(User user, UserDto userDto) {
+        user.setFirstName(userDto.getFirstName());
+        user.setLastName(userDto.getLastName());
+        user.setMiddleName(userDto.getMiddleName());
+        user.setEmailAddress(userDto.getEmail());
 
-    private void updateUser(User user, String firstName, String lastName) {
-        user.setFirstName(firstName);
-        user.setLastName(lastName);
         try {
             userLocalService.updateUser(user);
         } catch (SystemException e) {
             LOG.error("Could not update user with new name attributes", e);
         }
     }
+
+
 }

dxp-oidc-filter/src/main/java/nl/finalist/liferay/oidc/configuration/OpenIDConnectOCDConfiguration.java

@@ -1,8 +1,7 @@
 package nl.finalist.liferay.oidc.configuration;
 
-import com.liferay.portal.configuration.metatype.annotations.ExtendedObjectClassDefinition;
-
 import aQute.bnd.annotation.metatype.Meta;
+import com.liferay.portal.configuration.metatype.annotations.ExtendedObjectClassDefinition;
 import nl.finalist.liferay.oidc.OIDCConfiguration;
 
 /**
@@ -39,22 +38,27 @@ public interface OpenIDConnectOCDConfiguration extends OIDCConfiguration {
     String tokenLocation();
 
     @Meta.AD(
-        required = true
+            required = true
     )
     String profileUri();
 
     @Meta.AD(
-        required = false
+            required = false
     )
     String ssoLogoutUri();
 
     @Meta.AD(
-        required = false
+            required = false
+    )
+    String ssoLogoutToken();
+
+    @Meta.AD(
+            required = false
     )
     String ssoLogoutParam();
 
     @Meta.AD(
-        required = false
+            required = false
     )
     String ssoLogoutValue();
 

dxp-oidc-portalsettings-web/pom.xml

@@ -8,7 +8,7 @@
     <parent>
         <artifactId>oidc-parent</artifactId>
         <groupId>nl.finalist.liferay.oidc</groupId>
-        <version>0.5.3-SNAPSHOT</version>
+        <version>0.5.3-RELEASE</version>
     </parent>
     <dependencies>
 

dxp-oidc-portalsettings-web/src/main/resources/META-INF/resources/com.liferay.portal.settings.web/oidc.jsp

@@ -14,6 +14,7 @@
     String tokenLocation = oidcConfiguration.tokenLocation();
     String profileUri = oidcConfiguration.profileUri();
     String ssoLogoutUri = oidcConfiguration.ssoLogoutUri();
+    String ssoLogoutToken = oidcConfiguration.ssoLogoutToken();
     String ssoLogoutParam = oidcConfiguration.ssoLogoutParam();
     String ssoLogoutValue = oidcConfiguration.ssoLogoutValue();
     String issuer = oidcConfiguration.issuer();
@@ -39,6 +40,8 @@
         <aui:option label="azure" value="azure" />
     </aui:select>
     <aui:input cssClass="lfr-input-text-container" label="ssoLogoutUri" name='<%= ns + "ssoLogoutUri" %>' type="text" value="<%= ssoLogoutUri %>" />
+    <aui:input cssClass="lfr-input-text-container" label="ssoLogoutToken" name='<%= ns + "ssoLogoutToken" %>'
+               type="text" value="<%= ssoLogoutToken %>"/>
     <aui:input cssClass="lfr-input-text-container" label="ssoLogoutParam" name='<%= ns + "ssoLogoutParam" %>' type="text" value="<%= ssoLogoutParam %>" />
     <aui:input cssClass="lfr-input-text-container" label="ssoLogoutValue" name='<%= ns + "ssoLogoutValue" %>' type="text" value="<%= ssoLogoutValue %>" />
 

dxp-oidc-portalsettings-web/src/main/resources/content/Language.properties

@@ -4,8 +4,9 @@
 authorizationLocation=Location of the authorization service (example: https://accounts.google.com/o/oauth2/v2/auth)
 tokenLocation=Location of the token service (example: https://www.googleapis.com/oauth2/v4/token)
 profileUri = UserInfo endpoint (example: https://www.googleapis.com/plus/v1/people/me/openIdConnect)
-ssoLogoutUri = SSO logout endpoint (optional)
-ssoLogoutParam = Parameter name supplied to SSO logout endpoint (optional)
+ssoLogoutUri=SSO logout endpoint (optional)
+ssoLogoutToken=Access token that allows you to log out any user
+ssoLogoutParam=Parameter name supplied to SSO logout endpoint (optional)
 ssoLogoutValue = Parameter value supplied to SSO logout endpoint (optional)
 issuer = Issuer
 issuer-helpMessage=Name of the issuer, to be confirmed with the contents of the ID token

oidc-hook/pom.xml

@@ -5,7 +5,7 @@
     <parent>
         <artifactId>oidc-parent</artifactId>
         <groupId>nl.finalist.liferay.oidc</groupId>
-        <version>0.5.3-SNAPSHOT</version>
+        <version>0.5.3-RELEASE</version>
     </parent>
 
     <artifactId>oidc-hook</artifactId>
@@ -34,6 +34,14 @@
                     <outputFileNameMapping>@{artifactId}@@{dashClassifier?}@.@{extension}@</outputFileNameMapping>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>8</source>
+                    <target>8</target>
+                </configuration>
+            </plugin>
         </plugins>
     </build>