use of com.liferay.portal.UserEmailAddressException in project liferay-ide by liferay.
the class UserLocalServiceImpl method validateEmailAddress.
protected void validateEmailAddress(long companyId, String emailAddress) throws PortalException, SystemException {
if (Validator.isNull(emailAddress) && !PropsValues.USERS_EMAIL_ADDRESS_REQUIRED) {
return;
}
EmailAddressValidator emailAddressValidator = EmailAddressValidatorFactory.getInstance();
if (!emailAddressValidator.validate(companyId, emailAddress)) {
throw new UserEmailAddressException();
}
String pop3User = PrefsPropsUtil.getString(PropsKeys.MAIL_SESSION_MAIL_POP3_USER, PropsValues.MAIL_SESSION_MAIL_POP3_USER);
if (StringUtil.equalsIgnoreCase(emailAddress, pop3User)) {
throw new ReservedUserEmailAddressException();
}
String[] reservedEmailAddresses = PrefsPropsUtil.getStringArray(companyId, PropsKeys.ADMIN_RESERVED_EMAIL_ADDRESSES, StringPool.NEW_LINE, PropsValues.ADMIN_RESERVED_EMAIL_ADDRESSES);
for (String reservedEmailAddress : reservedEmailAddresses) {
if (StringUtil.equalsIgnoreCase(emailAddress, reservedEmailAddress)) {
throw new ReservedUserEmailAddressException();
}
}
}
use of com.liferay.portal.UserEmailAddressException in project liferay-ide by liferay.
the class UserLocalServiceImpl method authenticate.
/**
* Attempts to authenticate the user by their login and password, while
* using the AuthPipeline.
*
* <p>
* Authentication type specifies what <code>login</code> contains.The valid
* values are:
* </p>
*
* <ul>
* <li>
* <code>CompanyConstants.AUTH_TYPE_EA</code> - <code>login</code> is the
* user's email address
* </li>
* <li>
* <code>CompanyConstants.AUTH_TYPE_SN</code> - <code>login</code> is the
* user's screen name
* </li>
* <li>
* <code>CompanyConstants.AUTH_TYPE_ID</code> - <code>login</code> is the
* user's primary key
* </li>
* </ul>
*
* @param companyId the primary key of the user's company
* @param login either the user's email address, screen name, or primary
* key depending on the value of <code>authType</code>
* @param password the user's password
* @param authType the type of authentication to perform
* @param headerMap the header map from the authentication request
* @param parameterMap the parameter map from the authentication request
* @param resultsMap the map of authentication results (may be nil). After
* a succesful authentication the user's primary key will be placed
* under the key <code>userId</code>.
* @return the authentication status. This can be {@link
* com.liferay.portal.security.auth.Authenticator#FAILURE}
* indicating that the user's credentials are invalid, {@link
* com.liferay.portal.security.auth.Authenticator#SUCCESS}
* indicating a successful login, or {@link
* com.liferay.portal.security.auth.Authenticator#DNE} indicating
* that a user with that login does not exist.
* @throws PortalException if <code>login</code> or <code>password</code>
* was <code>null</code>
* @throws SystemException if a system exception occurred
* @see com.liferay.portal.security.auth.AuthPipeline
*/
protected int authenticate(long companyId, String login, String password, String authType, Map<String, String[]> headerMap, Map<String, String[]> parameterMap, Map<String, Object> resultsMap) throws PortalException, SystemException {
if (PropsValues.AUTH_LOGIN_DISABLED) {
return Authenticator.FAILURE;
}
login = StringUtil.toLowerCase(login.trim());
long userId = GetterUtil.getLong(login);
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
if (Validator.isNull(login)) {
throw new UserEmailAddressException();
}
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
if (Validator.isNull(login)) {
throw new UserScreenNameException();
}
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
if (Validator.isNull(login)) {
throw new UserIdException();
}
}
if (Validator.isNull(password)) {
throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
}
int authResult = Authenticator.FAILURE;
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_PRE, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_PRE, companyId, userId, password, headerMap, parameterMap);
}
// Get user
User user = null;
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
user = fetchUserByEmailAddress(companyId, login);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
user = fetchUserByScreenName(companyId, login);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
user = userPersistence.fetchByPrimaryKey(GetterUtil.getLong(login));
}
if (user == null) {
return Authenticator.DNE;
}
if (user.isDefaultUser()) {
if (_log.isInfoEnabled()) {
_log.info("Authentication is disabled for the default user");
}
return Authenticator.DNE;
} else if (!user.isActive()) {
if (_log.isInfoEnabled()) {
_log.info("Authentication is disabled for inactive user " + user.getUserId());
}
return Authenticator.FAILURE;
}
if (!user.isPasswordEncrypted()) {
user.setPassword(PasswordEncryptorUtil.encrypt(user.getPassword()));
user.setPasswordEncrypted(true);
userPersistence.update(user);
}
// Check password policy to see if the is account locked out or if the
// password is expired
checkLockout(user);
checkPasswordExpired(user);
// Authenticate against the User_ table
boolean skipLiferayCheck = false;
if (authResult == Authenticator.SKIP_LIFERAY_CHECK) {
authResult = Authenticator.SUCCESS;
skipLiferayCheck = true;
} else if ((authResult == Authenticator.SUCCESS) && PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK) {
boolean authenticated = PwdAuthenticator.authenticate(login, password, user.getPassword());
if (authenticated) {
authResult = Authenticator.SUCCESS;
} else {
authResult = Authenticator.FAILURE;
}
}
if (authResult == Authenticator.SUCCESS) {
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
authResult = AuthPipeline.authenticateByEmailAddress(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
authResult = AuthPipeline.authenticateByScreenName(PropsKeys.AUTH_PIPELINE_POST, companyId, login, password, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
authResult = AuthPipeline.authenticateByUserId(PropsKeys.AUTH_PIPELINE_POST, companyId, userId, password, headerMap, parameterMap);
}
}
if (authResult == Authenticator.SUCCESS) {
if (resultsMap != null) {
resultsMap.put("userId", user.getUserId());
}
if (skipLiferayCheck || !PropsValues.AUTH_PIPELINE_ENABLE_LIFERAY_CHECK || Validator.isNull(user.getDigest())) {
String digest = user.getDigest(password);
user.setDigest(digest);
userPersistence.update(user);
}
}
if (authResult == Authenticator.FAILURE) {
try {
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
AuthPipeline.onFailureByEmailAddress(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
AuthPipeline.onFailureByScreenName(PropsKeys.AUTH_FAILURE, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
AuthPipeline.onFailureByUserId(PropsKeys.AUTH_FAILURE, companyId, userId, headerMap, parameterMap);
}
user = userPersistence.fetchByPrimaryKey(user.getUserId());
if (user == null) {
return Authenticator.DNE;
}
if (!LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
user = userPersistence.fetchByPrimaryKey(user.getUserId());
int failedLoginAttempts = user.getFailedLoginAttempts();
int maxFailures = passwordPolicy.getMaxFailure();
if ((failedLoginAttempts >= maxFailures) && (maxFailures != 0)) {
if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
AuthPipeline.onMaxFailuresByEmailAddress(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
AuthPipeline.onMaxFailuresByScreenName(PropsKeys.AUTH_MAX_FAILURES, companyId, login, headerMap, parameterMap);
} else if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
AuthPipeline.onMaxFailuresByUserId(PropsKeys.AUTH_MAX_FAILURES, companyId, userId, headerMap, parameterMap);
}
}
}
} catch (Exception e) {
_log.error(e, e);
}
}
return authResult;
}
use of com.liferay.portal.UserEmailAddressException in project liferay-ide by liferay.
the class UserLocalServiceImpl method sendPassword.
/**
* Sends the password email to the user with the email address. The content
* of this email can be specified in <code>portal.properties</code> with the
* <code>admin.email.password</code> keys.
*
* @param companyId the primary key of the user's company
* @param emailAddress the user's email address
* @param fromName the name of the individual that the email should be from
* @param fromAddress the address of the individual that the email should
* be from
* @param subject the email subject. If <code>null</code>, the subject
* specified in <code>portal.properties</code> will be used.
* @param body the email body. If <code>null</code>, the body specified in
* <code>portal.properties</code> will be used.
* @param serviceContext the service context to be applied
* @throws PortalException if a user with the email address could not be
* found
* @throws SystemException if a system exception occurred
*/
@Override
public void sendPassword(long companyId, String emailAddress, String fromName, String fromAddress, String subject, String body, ServiceContext serviceContext) throws PortalException, SystemException {
Company company = companyPersistence.findByPrimaryKey(companyId);
if (!company.isSendPassword() && !company.isSendPasswordResetLink()) {
return;
}
emailAddress = StringUtil.toLowerCase(emailAddress.trim());
if (Validator.isNull(emailAddress)) {
throw new UserEmailAddressException();
}
User user = userPersistence.findByC_EA(companyId, emailAddress);
PasswordPolicy passwordPolicy = user.getPasswordPolicy();
String newPassword = StringPool.BLANK;
String passwordResetURL = StringPool.BLANK;
if (company.isSendPasswordResetLink()) {
Date expirationDate = null;
if ((passwordPolicy != null) && (passwordPolicy.getResetTicketMaxAge() > 0)) {
expirationDate = new Date(System.currentTimeMillis() + (passwordPolicy.getResetTicketMaxAge() * 1000));
}
Ticket ticket = ticketLocalService.addTicket(companyId, User.class.getName(), user.getUserId(), TicketConstants.TYPE_PASSWORD, null, expirationDate, serviceContext);
passwordResetURL = serviceContext.getPortalURL() + serviceContext.getPathMain() + "/portal/update_password?p_l_id=" + serviceContext.getPlid() + "&ticketKey=" + ticket.getKey();
} else {
if (!PasswordEncryptorUtil.PASSWORDS_ENCRYPTION_ALGORITHM.equals(PasswordEncryptorUtil.TYPE_NONE)) {
if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
if (_log.isWarnEnabled()) {
StringBundler sb = new StringBundler(5);
sb.append("When LDAP password policy is enabled, ");
sb.append("it is possible that portal generated ");
sb.append("passwords will not match the LDAP policy.");
sb.append("Using RegExpToolkit to generate new ");
sb.append("password.");
_log.warn(sb.toString());
}
RegExpToolkit regExpToolkit = new RegExpToolkit();
newPassword = regExpToolkit.generate(null);
} else {
newPassword = PwdToolkitUtil.generate(passwordPolicy);
}
boolean passwordReset = false;
if (passwordPolicy.getChangeable() && passwordPolicy.getChangeRequired()) {
passwordReset = true;
}
user.setPassword(PasswordEncryptorUtil.encrypt(newPassword));
user.setPasswordUnencrypted(newPassword);
user.setPasswordEncrypted(true);
user.setPasswordReset(passwordReset);
user.setPasswordModified(true);
user.setPasswordModifiedDate(new Date());
userPersistence.update(user);
user.setPasswordModified(false);
} else {
newPassword = user.getPassword();
}
}
if (Validator.isNull(fromName)) {
fromName = PrefsPropsUtil.getString(companyId, PropsKeys.ADMIN_EMAIL_FROM_NAME);
}
if (Validator.isNull(fromAddress)) {
fromAddress = PrefsPropsUtil.getString(companyId, PropsKeys.ADMIN_EMAIL_FROM_ADDRESS);
}
String toName = user.getFullName();
String toAddress = user.getEmailAddress();
if (Validator.isNull(subject)) {
if (company.isSendPasswordResetLink()) {
subject = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_RESET_SUBJECT);
} else {
subject = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT);
}
}
if (Validator.isNull(body)) {
if (company.isSendPasswordResetLink()) {
body = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_RESET_BODY);
} else {
body = PrefsPropsUtil.getContent(companyId, PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_BODY);
}
}
SubscriptionSender subscriptionSender = new SubscriptionSender();
subscriptionSender.setBody(body);
subscriptionSender.setCompanyId(companyId);
subscriptionSender.setContextAttributes("[$PASSWORD_RESET_URL$]", passwordResetURL, "[$REMOTE_ADDRESS$]", serviceContext.getRemoteAddr(), "[$REMOTE_HOST$]", serviceContext.getRemoteHost(), "[$USER_ID$]", user.getUserId(), "[$USER_PASSWORD$]", newPassword, "[$USER_SCREENNAME$]", user.getScreenName());
subscriptionSender.setFrom(fromAddress, fromName);
subscriptionSender.setHtmlFormat(true);
subscriptionSender.setMailId("user", user.getUserId(), System.currentTimeMillis(), PwdGenerator.getPassword());
subscriptionSender.setServiceContext(serviceContext);
subscriptionSender.setSubject(subject);
subscriptionSender.setUserId(user.getUserId());
subscriptionSender.addRuntimeSubscribers(toAddress, toName);
subscriptionSender.flushNotificationsAsync();
}
Aggregations