Search in sources :

Example 1 with EncryptorException

use of com.liferay.util.EncryptorException in project liferay-ide by liferay.

the class UserLocalServiceImpl method decryptUserId.

/**
 * Decrypts the user's primary key and password from their encrypted forms.
 * Used for decrypting a user's credentials from the values stored in an
 * automatic login cookie.
 *
 * @param  companyId the primary key of the user's company
 * @param  name the encrypted primary key of the user
 * @param  password the encrypted password of the user
 * @return the user's primary key and password
 * @throws PortalException if a user with the primary key could not be found
 *         or if the user's password was incorrect
 * @throws SystemException if a system exception occurred
 */
@Override
public KeyValuePair decryptUserId(long companyId, String name, String password) throws PortalException, SystemException {
    Company company = companyPersistence.findByPrimaryKey(companyId);
    try {
        name = Encryptor.decrypt(company.getKeyObj(), name);
    } catch (EncryptorException ee) {
        throw new SystemException(ee);
    }
    long userId = GetterUtil.getLong(name);
    User user = userPersistence.findByPrimaryKey(userId);
    try {
        password = Encryptor.decrypt(company.getKeyObj(), password);
    } catch (EncryptorException ee) {
        throw new SystemException(ee);
    }
    String userPassword = user.getPassword();
    String encPassword = PasswordEncryptorUtil.encrypt(password, userPassword);
    if (userPassword.equals(encPassword)) {
        if (isPasswordExpired(user)) {
            user.setPasswordReset(true);
            userPersistence.update(user);
        }
        return new KeyValuePair(name, password);
    } else {
        throw new PrincipalException();
    }
}
Also used : Company(com.liferay.portal.model.Company) User(com.liferay.portal.model.User) EncryptorException(com.liferay.util.EncryptorException) SystemException(com.liferay.portal.kernel.exception.SystemException) KeyValuePair(com.liferay.portal.kernel.util.KeyValuePair) PrincipalException(com.liferay.portal.security.auth.PrincipalException)

Example 2 with EncryptorException

use of com.liferay.util.EncryptorException in project liferay-ide by liferay.

the class UserLocalServiceImpl method encryptUserId.

/**
 * Encrypts the primary key of the user. Used when encrypting the user's
 * credentials for storage in an automatic login cookie.
 *
 * @param  name the primary key of the user
 * @return the user's encrypted primary key
 * @throws PortalException if a user with the primary key could not be found
 * @throws SystemException if a system exception occurred
 */
@Override
@Transactional(propagation = Propagation.SUPPORTS, readOnly = true)
public String encryptUserId(String name) throws PortalException, SystemException {
    long userId = GetterUtil.getLong(name);
    User user = userPersistence.findByPrimaryKey(userId);
    Company company = companyPersistence.findByPrimaryKey(user.getCompanyId());
    try {
        return Encryptor.encrypt(company.getKeyObj(), name);
    } catch (EncryptorException ee) {
        throw new SystemException(ee);
    }
}
Also used : Company(com.liferay.portal.model.Company) User(com.liferay.portal.model.User) EncryptorException(com.liferay.util.EncryptorException) SystemException(com.liferay.portal.kernel.exception.SystemException) Transactional(com.liferay.portal.kernel.transaction.Transactional)

Example 3 with EncryptorException

use of com.liferay.util.EncryptorException in project liferay-ide by liferay.

the class ShindigFilter method setPermissionChecker.

protected boolean setPermissionChecker(ServletRequest servletRequest) {
    String companyIdString = CookieKeys.getCookie((HttpServletRequest) servletRequest, CookieKeys.COMPANY_ID);
    if (Validator.isNull(companyIdString)) {
        return false;
    }
    long companyId = GetterUtil.getLong(companyIdString);
    String userUUID = StringPool.BLANK;
    try {
        Company company = CompanyLocalServiceUtil.fetchCompany(companyId);
        if (company == null) {
            return false;
        }
        String userUUIDString = CookieKeys.getCookie((HttpServletRequest) servletRequest, CookieKeys.USER_UUID);
        if (Validator.isNull(userUUIDString)) {
            return false;
        }
        userUUID = GetterUtil.getString(Encryptor.decrypt(company.getKeyObj(), userUUIDString));
    } catch (EncryptorException ee) {
        return false;
    } catch (Exception e) {
        _log.error(e, e);
        return false;
    }
    if (!AuthenticatedUserUUIDStoreUtil.exists(userUUID)) {
        return false;
    }
    String userIdString = userUUID.substring(0, userUUID.indexOf(StringPool.PERIOD));
    long userId = GetterUtil.getLong(userIdString);
    try {
        User user = UserLocalServiceUtil.getUserById(userId);
        PrincipalThreadLocal.setName(userIdString);
        PermissionChecker permissionChecker = PermissionCheckerFactoryUtil.create(user);
        PermissionThreadLocal.setPermissionChecker(permissionChecker);
    } catch (Exception e) {
        _log.error(e, e);
        return false;
    }
    return true;
}
Also used : Company(com.liferay.portal.model.Company) User(com.liferay.portal.model.User) EncryptorException(com.liferay.util.EncryptorException) PermissionChecker(com.liferay.portal.security.permission.PermissionChecker) ServletException(javax.servlet.ServletException) EncryptorException(com.liferay.util.EncryptorException) IOException(java.io.IOException) UnavailableException(javax.servlet.UnavailableException)

Aggregations

Company (com.liferay.portal.model.Company)3 User (com.liferay.portal.model.User)3 EncryptorException (com.liferay.util.EncryptorException)3 SystemException (com.liferay.portal.kernel.exception.SystemException)2 Transactional (com.liferay.portal.kernel.transaction.Transactional)1 KeyValuePair (com.liferay.portal.kernel.util.KeyValuePair)1 PrincipalException (com.liferay.portal.security.auth.PrincipalException)1 PermissionChecker (com.liferay.portal.security.permission.PermissionChecker)1 IOException (java.io.IOException)1 ServletException (javax.servlet.ServletException)1 UnavailableException (javax.servlet.UnavailableException)1