Initial support for OAuth. Support for Facebook login. Saving informa…

…tions about usernames and access tokens to UserProfile

Initial support for Facebook login works (limitation that FB username needs to be same as GateIn username)

Conflicts:

	component/web/pom.xml
	pom.xml

Saving FB accessToken into userProfile after successful authentication

Simplify code to use newest FacebookProcessor from picketlink 3.x

Logging message

Added method UserDAOImpl.findUserByUniqueAttribute

Added initial logic for deal with storing informations (usernames and accessCodes)

Bind FB username with attribute on user profile

Move GateInException classes to common module to be visible from everywhere. Handle oauth error with duplicate username in OrganizationManagementPortlet

minor change in comment

Added AccountSocial tab to UIAccountSettings portlet

Move webui components for RegistrationPortlet to webui/portal project

Conflicts:

	webui/portal/src/main/java/org/exoplatform/portal/webui/register/UIRegisterForm.java

Base methods to AuthenticationRegistry to have it more flexible

component/common/src/main/java/conf/configuration-jboss.properties

@@ -81,10 +81,24 @@ gatein.gadgets.signingkeyfile=${gatein.conf.dir}/gadgets/oauthkey.pem
 # SSO
 gatein.sso.enabled=false
 
+# OAuth
+## Facebook
+gatein.oauth.facebook.enabled=false
+gatein.oauth.facebook.appid=<<to be replaced>>
+gatein.oauth.facebook.appsecret=<<to be replaced>>
+gatein.oauth.facebook.redirecturl=${gatein.sso.portal.url}/@@portal.container.name@@/facebookAuth
+gatein.oauth.facebook.scope=email
+gatein.oauth.facebook.display=
+
+## Google
+gatein.oauth.google.enabled=false
+gatein.oauth.google.clientid=<<to be replaced>>
+gatein.oauth.google.clientsecret=<<to be replaced>>
+
 # Resource browser caching configuration
 #gatein.assets.version=PORTAL-VERSION
 #gatein.assets.script.max-age=604800
 #gatein.assets.css.max-age=604800
 
 # Root password
-gatein.portal.setup.initialpassword.root=6MSyXIj3kkQ=
+gatein.portal.setup.initialpassword.root=6MSyXIj3kkQ=

component/common/src/main/java/conf/configuration-jetty.properties

@@ -84,10 +84,24 @@ gatein.gadgets.signingkeyfile=${gatein.conf.dir}/gadgets/oauthkey.pem
 # SSO
 gatein.sso.enabled=false
 
+# OAuth
+## Facebook
+gatein.oauth.facebook.enabled=false
+gatein.oauth.facebook.appid=<<to be replaced>>
+gatein.oauth.facebook.appsecret=<<to be replaced>>
+gatein.oauth.facebook.redirecturl=${gatein.sso.portal.url}/@@portal.container.name@@/facebookAuth
+gatein.oauth.facebook.scope=email
+gatein.oauth.facebook.display=
+
+## Google
+gatein.oauth.google.enabled=false
+gatein.oauth.google.clientid=<<to be replaced>>
+gatein.oauth.google.clientsecret=<<to be replaced>>
+
 # Resource browser caching configuration
 #gatein.assets.version=PORTAL-VERSION
 #gatein.assets.script.max-age=604800
 #gatein.assets.css.max-age=604800
 
 # Root password
-gatein.portal.setup.initialpassword.root=6MSyXIj3kkQ=
+gatein.portal.setup.initialpassword.root=6MSyXIj3kkQ=

component/common/src/main/java/conf/configuration-tomcat.properties

@@ -84,10 +84,24 @@ gatein.gadgets.signingkeyfile=${gatein.conf.dir}/gadgets/oauthkey.pem
 # SSO
 gatein.sso.enabled=false
 
+# OAuth
+## Facebook
+gatein.oauth.facebook.enabled=false
+gatein.oauth.facebook.appid=<<to be replaced>>
+gatein.oauth.facebook.appsecret=<<to be replaced>>
+gatein.oauth.facebook.redirecturl=${gatein.sso.portal.url}/@@portal.container.name@@/facebookAuth
+gatein.oauth.facebook.scope=email
+gatein.oauth.facebook.display=
+
+## Google
+gatein.oauth.google.enabled=false
+gatein.oauth.google.clientid=<<to be replaced>>
+gatein.oauth.google.clientsecret=<<to be replaced>>
+
 # Resource browser caching configuration
 #gatein.assets.version=PORTAL-VERSION
 #gatein.assets.script.max-age=604800
 #gatein.assets.css.max-age=604800
 
 # Root password
-gatein.portal.setup.initialpassword.root=6MSyXIj3kkQ=
+gatein.portal.setup.initialpassword.root=6MSyXIj3kkQ=

component/common/src/main/java/org/gatein/common/exception/GateInException.java

@@ -0,0 +1,77 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2013, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.gatein.common.exception;
+
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class GateInException extends RuntimeException {
+
+    // Specify error code
+    private final int exceptionCode;
+
+    // Context with additional attributes about error
+    private final Map<String, Object> exceptionAttributes;
+
+    public GateInException() {
+        super();
+        this.exceptionCode = GateInExceptionConstants.EXCEPTION_CODE_UNSPECIFIED;
+        this.exceptionAttributes = new HashMap<String, Object>();
+    }
+
+    public GateInException(int exceptionCode, Map<String, Object> exceptionAttributes, String message) {
+        super(message);
+        this.exceptionCode = exceptionCode;
+        this.exceptionAttributes = exceptionAttributes == null ? new HashMap<String, Object>() : exceptionAttributes;
+    }
+
+    public GateInException(int exceptionCode, Map<String, Object> exceptionAttributes, String message, Throwable cause) {
+        super(message, cause);
+        this.exceptionCode = exceptionCode;
+        this.exceptionAttributes = exceptionAttributes == null ? new HashMap<String, Object>() : exceptionAttributes;
+    }
+
+    public GateInException(int exceptionCode, Map<String, Object> exceptionAttributes, Throwable cause) {
+        super(cause);
+        this.exceptionCode = exceptionCode;
+        this.exceptionAttributes = exceptionAttributes == null ? new HashMap<String, Object>() : exceptionAttributes;
+    }
+
+    public int getExceptionCode() {
+        return exceptionCode;
+    }
+
+    public Map<String, Object> getExceptionAttributes() {
+        return Collections.unmodifiableMap(exceptionAttributes);
+    }
+
+    public Object getExceptionAttribute(String attrName) {
+        return exceptionAttributes.get(attrName);
+    }
+
+}

component/common/src/main/java/org/gatein/common/exception/GateInExceptionConstants.java

@@ -0,0 +1,60 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2013, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.gatein.common.exception;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public class GateInExceptionConstants {
+
+    // Exception codes
+
+    /**
+     * Unspecified GateIn+OAuth error
+     */
+    public static final int EXCEPTION_CODE_UNSPECIFIED = 0;
+
+    /**
+     * This error could happen during saving of user into GateIn identity database.
+     * It happens when there is an attempt to save user with facebookUsername (or googleUsername), but there is already an existing
+     * user with same facebookUsername.
+     *
+     * For example: We want to save user 'john' with facebookUsername 'john.doyle' but we already have user 'johny2' with same facebookUsername 'john.doyle'
+     */
+    public static final int EXCEPTION_CODE_DUPLICATE_OAUTH_PROVIDER_USERNAME = 10;
+
+
+    // Key of exception attributes
+
+    /**
+     * Name of attribute with OAuth provider username
+     */
+    public static final String EXCEPTION_OAUTH_PROVIDER_USERNAME_ATTRIBUTE_NAME = "OAuthProviderUsernameAttributeName";
+
+    /**
+     * OAuth provider username
+     */
+    public static final String EXCEPTION_OAUTH_PROVIDER_USERNAME = "OAuthProviderUsername";
+
+}

component/identity/src/main/java/org/exoplatform/services/organization/idm/UserDAOImpl.java

@@ -401,8 +401,13 @@ public LazyPageList findUsersByGroup(String groupId) throws Exception {
     }
 
     public User findUserByEmail(String email) throws Exception {
+        return findUserByUniqueAttribute(USER_EMAIL, email);
+    }
+
+    public User findUserByUniqueAttribute(String attributeName, String attributeValue) throws Exception {
         if (log.isTraceEnabled()) {
-            Tools.logMethodIn(log, LogLevel.TRACE, "findUserByEmail", new Object[] { "findUserByEmail", email });
+            Tools.logMethodIn(log, LogLevel.TRACE, "findUserByUniqueAttribute", new Object[] { "findUserByUniqueAttribute",
+                    attributeName, attributeValue });
         }
 
         IdentitySession session = service_.getIdentitySession();
@@ -412,9 +417,10 @@ public User findUserByEmail(String email) throws Exception {
         try {
             orgService.flush();
 
-            plUser = session.getAttributesManager().findUserByUniqueAttribute(USER_EMAIL, email);
+            plUser = session.getAttributesManager().findUserByUniqueAttribute(attributeName, attributeValue);
         } catch (IdentityException e) {
-            handleException("Cannot find user by email: " + email + "; ", e);
+            handleException("Cannot find user by unique attribute: attrName=" + attributeName +
+                    ", attrValue="  + attributeValue + "; ", e);
 
         }
 
@@ -427,7 +433,7 @@ public User findUserByEmail(String email) throws Exception {
         }
 
         if (log.isTraceEnabled()) {
-            Tools.logMethodOut(log, LogLevel.TRACE, "findUserByEmail", user);
+            Tools.logMethodOut(log, LogLevel.TRACE, "findUserByUniqueAttribute", user);
         }
 
         return user;

component/web/oauth/pom.xml

@@ -0,0 +1,84 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ JBoss, a division of Red Hat
+  ~ Copyright 2013, Red Hat Middleware, LLC, and individual
+  ~ contributors as indicated by the @authors tag. See the
+  ~ copyright.txt in the distribution for a full listing of
+  ~ individual contributors.
+  ~
+  ~ This is free software; you can redistribute it and/or modify it
+  ~ under the terms of the GNU Lesser General Public License as
+  ~ published by the Free Software Foundation; either version 2.1 of
+  ~ the License, or (at your option) any later version.
+  ~
+  ~ This software is distributed in the hope that it will be useful,
+  ~ but WITHOUT ANY WARRANTY; without even the implied warranty of
+  ~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  ~ Lesser General Public License for more details.
+  ~
+  ~ You should have received a copy of the GNU Lesser General Public
+  ~ License along with this software; if not, write to the Free
+  ~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+  ~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <parent>
+    <groupId>org.gatein.portal</groupId>
+    <artifactId>exo.portal.component.web</artifactId>
+    <version>3.6.0.MO1-SNAPSHOT</version>
+  </parent>
+
+  <modelVersion>4.0.0</modelVersion>
+  <artifactId>exo.portal.component.web.oauth</artifactId>
+  <packaging>jar</packaging>
+  <name>GateIn Portal Component Web OAuth</name>
+  <description>GateIn OAuth authentication and authorization</description>
+
+  <dependencies>
+    <dependency>
+      <groupId>org.exoplatform.core</groupId>
+      <artifactId>exo.core.component.organization.api</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>quartz</groupId>
+          <artifactId>quartz</artifactId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+    <dependency>
+      <groupId>org.gatein.portal</groupId>
+      <artifactId>exo.portal.component.common</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.picketlink</groupId>
+      <artifactId>picketlink-social</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.gatein.sso</groupId>
+      <artifactId>sso-agent</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.gatein.portal</groupId>
+      <artifactId>exo.portal.component.test.core</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.gatein.portal</groupId>
+      <artifactId>exo.portal.component.identity</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.gatein.portal</groupId>
+      <artifactId>exo.portal.component.identity</artifactId>
+      <type>test-jar</type>
+      <scope>test</scope>
+    </dependency>
+
+  </dependencies>
+
+
+</project>

component/web/oauth/src/main/java/org/gatein/security/oauth/data/OAuthDataStorage.java

@@ -0,0 +1,46 @@
+/*
+ * JBoss, a division of Red Hat
+ * Copyright 2013, Red Hat Middleware, LLC, and individual
+ * contributors as indicated by the @authors tag. See the
+ * copyright.txt in the distribution for a full listing of
+ * individual contributors.
+ *
+ * This is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU Lesser General Public License as
+ * published by the Free Software Foundation; either version 2.1 of
+ * the License, or (at your option) any later version.
+ *
+ * This software is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this software; if not, write to the Free
+ * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
+ * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
+ */
+
+package org.gatein.security.oauth.data;
+
+import org.exoplatform.services.organization.User;
+
+/**
+ * @author <a href="mailto:mposolda@redhat.com">Marek Posolda</a>
+ */
+public interface OAuthDataStorage {
+
+    User findUserByFacebookUsername(String facebookUsername);
+
+    User findUserByGoogleUsername(String googleUsername);
+
+    User findUserByOAuthProviderUsername(String oauthProviderUsernameAttrName, String oauthProviderUsername);
+
+    void saveFacebookAccessToken(String username, String accessToken);
+
+    void saveGoogleAccessToken(String username, String accessToken);
+
+    String getFacebookAccessToken(String username);
+
+    String getGoogleAccessToken(String username);
+}