| package com.gitblit; |
| |
| import java.io.File; |
| |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| |
| import com.gitblit.Constants.AccountType; |
| import com.gitblit.manager.IRuntimeManager; |
| import com.gitblit.models.UserModel; |
| import com.gitblit.utils.ArrayUtils; |
| import com.gitblit.utils.StringUtils; |
| import com.sforce.soap.partner.Connector; |
| import com.sforce.soap.partner.GetUserInfoResult; |
| import com.sforce.soap.partner.PartnerConnection; |
| import com.sforce.ws.ConnectionException; |
| import com.sforce.ws.ConnectorConfig; |
| |
| public class SalesforceUserService extends GitblitUserService { |
| |
| public static final Logger logger = LoggerFactory.getLogger(SalesforceUserService.class); |
| private IStoredSettings settings; |
| |
| @Override |
| public AccountType getAccountType() { |
| return AccountType.SALESFORCE; |
| } |
| |
| @Override |
| public void setup(IRuntimeManager runtimeManager) { |
| this.settings = runtimeManager.getSettings(); |
| String file = settings.getString( |
| Keys.realm.salesforce.backingUserService, |
| "${baseFolder}/users.conf"); |
| File realmFile = runtimeManager.getFileOrFolder(file); |
| |
| serviceImpl = createUserService(realmFile); |
| |
| logger.info("Salesforce User Service backed by " |
| + serviceImpl.toString()); |
| } |
| |
| @Override |
| public UserModel authenticate(String username, char[] password) { |
| if (isLocalAccount(username)) { |
| // local account, bypass Salesforce authentication |
| return super.authenticate(username, password); |
| } |
| |
| ConnectorConfig config = new ConnectorConfig(); |
| config.setUsername(username); |
| config.setPassword(new String(password)); |
| |
| try { |
| PartnerConnection connection = Connector.newConnection(config); |
| |
| GetUserInfoResult info = connection.getUserInfo(); |
| |
| String org = settings.getString(Keys.realm.salesforce.orgId, "0") |
| .trim(); |
| |
| if (!org.equals("0")) { |
| if (!org.equals(info.getOrganizationId())) { |
| logger.warn("Access attempted by user of an invalid org: " |
| + info.getUserName() + ", org: " |
| + info.getOrganizationName() + "(" |
| + info.getOrganizationId() + ")"); |
| |
| return null; |
| } |
| } |
| |
| logger.info("Authenticated user " + info.getUserName() |
| + " using org " + info.getOrganizationName() + "(" |
| + info.getOrganizationId() + ")"); |
| |
| String simpleUsername = getSimpleUsername(info); |
| |
| UserModel user = null; |
| synchronized (this) { |
| user = getUserModel(simpleUsername); |
| if (user == null) |
| user = new UserModel(simpleUsername); |
| |
| if (StringUtils.isEmpty(user.cookie) |
| && !ArrayUtils.isEmpty(password)) { |
| user.cookie = StringUtils.getSHA1(user.username |
| + new String(password)); |
| } |
| |
| setUserAttributes(user, info); |
| |
| super.updateUserModel(user); |
| } |
| |
| return user; |
| } catch (ConnectionException e) { |
| logger.error("Failed to authenticate", e); |
| } |
| |
| return null; |
| } |
| |
| private void setUserAttributes(UserModel user, GetUserInfoResult info) { |
| // Don't want visibility into the real password, make up a dummy |
| user.password = Constants.EXTERNAL_ACCOUNT; |
| user.accountType = getAccountType(); |
| |
| // Get full name Attribute |
| user.displayName = info.getUserFullName(); |
| |
| // Get email address Attribute |
| user.emailAddress = info.getUserEmail(); |
| } |
| |
| /** |
| * Simple user name is the first part of the email address. |
| */ |
| private String getSimpleUsername(GetUserInfoResult info) { |
| String email = info.getUserEmail(); |
| |
| return email.split("@")[0]; |
| } |
| |
| @Override |
| public boolean supportsCredentialChanges() { |
| return false; |
| } |
| |
| @Override |
| public boolean supportsDisplayNameChanges() { |
| return false; |
| } |
| |
| @Override |
| public boolean supportsEmailAddressChanges() { |
| return false; |
| } |
| } |
