summaryrefslogtreecommitdiffstats
path: root/src/main/java/com/gitblit/SalesforceUserService.java
blob: aa0795ac5a20108fea4ee8f02d81d97c9d9e5a33 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
package com.gitblit;

import java.io.File;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.gitblit.Constants.AccountType;
import com.gitblit.models.UserModel;
import com.gitblit.utils.ArrayUtils;
import com.gitblit.utils.StringUtils;
import com.sforce.soap.partner.Connector;
import com.sforce.soap.partner.GetUserInfoResult;
import com.sforce.soap.partner.PartnerConnection;
import com.sforce.ws.ConnectionException;
import com.sforce.ws.ConnectorConfig;

public class SalesforceUserService extends GitblitUserService {
	public static final Logger logger = LoggerFactory
			.getLogger(SalesforceUserService.class);
	private IStoredSettings settings;
	
	protected AccountType getAccountType() {
		return AccountType.SALESFORCE;
	}
	
	@Override
	public void setup(IStoredSettings settings) {
		this.settings = settings;
		String file = settings.getString(
				Keys.realm.salesforce.backingUserService,
				"${baseFolder}/users.conf");
		File realmFile = GitBlit.getFileOrFolder(file);

		serviceImpl = createUserService(realmFile);

		logger.info("Salesforce User Service backed by "
				+ serviceImpl.toString());
	}

	@Override
	public UserModel authenticate(String username, char[] password) {
		if (isLocalAccount(username)) {
			// local account, bypass Salesforce authentication
			return super.authenticate(username, password);
		}

		ConnectorConfig config = new ConnectorConfig();
		config.setUsername(username);
		config.setPassword(new String(password));

		try {
			PartnerConnection connection = Connector.newConnection(config);

			GetUserInfoResult info = connection.getUserInfo();

			String org = settings.getString(Keys.realm.salesforce.orgId, "0")
					.trim();

			if (!org.equals("0")) {
				if (!org.equals(info.getOrganizationId())) {
					logger.warn("Access attempted by user of an invalid org: "
							+ info.getUserName() + ", org: "
							+ info.getOrganizationName() + "("
							+ info.getOrganizationId() + ")");

					return null;
				}
			}

			logger.info("Authenticated user " + info.getUserName()
					+ " using org " + info.getOrganizationName() + "("
					+ info.getOrganizationId() + ")");

			String simpleUsername = getSimpleUsername(info);

			UserModel user = null;
			synchronized (this) {
				user = getUserModel(simpleUsername);
				if (user == null)
					user = new UserModel(simpleUsername);

				if (StringUtils.isEmpty(user.cookie)
						&& !ArrayUtils.isEmpty(password)) {
					user.cookie = StringUtils.getSHA1(user.username
							+ new String(password));
				}

				setUserAttributes(user, info);

				super.updateUserModel(user);
			}

			return user;
		} catch (ConnectionException e) {
			logger.error("Failed to authenticate", e);
		}

		return null;
	}

	private void setUserAttributes(UserModel user, GetUserInfoResult info) {
		// Don't want visibility into the real password, make up a dummy
		user.password = Constants.EXTERNAL_ACCOUNT;
		user.accountType = getAccountType();

		// Get full name Attribute
		user.displayName = info.getUserFullName();

		// Get email address Attribute
		user.emailAddress = info.getUserEmail();
	}

	/**
	 * Simple user name is the first part of the email address.
	 */
	private String getSimpleUsername(GetUserInfoResult info) {
		String email = info.getUserEmail();

		return email.split("@")[0];
	}

	@Override
	public boolean supportsCredentialChanges() {
		return false;
	}

	@Override
	public boolean supportsDisplayNameChanges() {
		return false;
	}

	@Override
	public boolean supportsEmailAddressChanges() {
		return false;
	}
}