保誠-保戶業務員媒合平台
究查 | 歷程 | 原始
jack
2024-12-27 5e8b57aacdbf94cd57c4d3533ded5ee73ff71340 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115

package com.pollex.pam.security.provider;


 


import com.pollex.pam.business.domain.Consultant;


import com.pollex.pam.business.enums.ConsultantDetailEnum;


import com.pollex.pam.business.repository.ConsultantRepository;


import com.pollex.pam.business.repository.EServiceErrorCodeRepository;


import com.pollex.pam.business.service.EServiceConnectService;


import com.pollex.pam.business.service.dto.EServiceResponse;


import com.pollex.pam.business.web.errors.ConsultantDisableException;


import com.pollex.pam.business.config.AppProperties;


import com.pollex.pam.business.security.token.EServiceAuthenticationToken;


import com.pollex.pam.business.web.errors.EServiceErrorException;


import com.pollex.pam.config.ApplicationProperties;


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.http.*;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.security.core.userdetails.UsernameNotFoundException;


import org.springframework.stereotype.Component;


 


import java.security.GeneralSecurityException;


import java.util.*;


 


import static java.util.Arrays.asList;


 


@Component


public class EServiceAuthenticationProvider {


 


    private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "true";


    private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class);


 


    @Autowired


    ApplicationProperties applicationProperties;


 


    @Autowired


    ConsultantRepository consultantRepository;


 


    @Autowired


    EServiceConnectService eServiceConnectService;


 


    @Autowired


    EServiceErrorCodeRepository eServiceErrorCodeRepository;


 


    public Authentication authenticate(EServiceAuthenticationToken authenticationToken) throws AuthenticationException {


        String account = authenticationToken.getPrincipal();


        String credentials = authenticationToken.getCredentials();


 


 


        if(applicationProperties.isMockLogin()){


            return getConsultantTokenAndRecordLoginTime(account, credentials);


        }


 


 


 


        try {


            ResponseEntity<EServiceResponse> responseEntity = eServiceConnectService.loginByEService(account, credentials);


            if(HttpStatus.OK.equals(responseEntity.getStatusCode())) {


                EServiceResponse eServiceResponse = responseEntity.getBody();


                log.debug("eService response = {}", eServiceResponse);


 


                if(eServiceResponse == null) {


                    throw new RuntimeException("eService error!, response body is null");


                }


 


                List<String> successCode = new ArrayList<>(asList("0","3","4","6"));


 


                if(successCode.contains(eServiceResponse.getCode())) {


                    return getConsultantTokenAndRecordLoginTime(account, credentials);


                } else {


                    log.debug("account:{},error:{}",account,eServiceResponse.getMsg());


                    eServiceErrorCodeRepository.findByErrorCode(eServiceResponse.getCode()).


                            ifPresent(eServiceErrorCode -> {


                                throw new EServiceErrorException(eServiceErrorCode.getErrorMessage());


                            });


 


                    throw new EServiceErrorException("您輸入的資訊有誤,請重新輸入");


                }


 


//                if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getIssuccess())){


//


//                    return getConsultantTokenAndRecordLoginTime(account, credentials);


//                }


//                else {


//                    log.debug("account:{},error:{}",account,eServiceResponse.getMsg());


//                    throw new EServiceErrorException("您輸入的資訊有誤,請重新輸入");


//                }


            }


 


            throw new RuntimeException("eService http error!, response http status code = " + responseEntity.getStatusCode());


        } catch (GeneralSecurityException e) {


            log.error("General Security SSL error!",e);


            throw new RuntimeException("General Security SSL error!");


        }


    }


 


    private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException {


        Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("帳號密碼錯誤"));


 


        List<GrantedAuthority> grantedAuths = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));


        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);


 


        Map<String, String> details = new HashMap<>();


        details.put(ConsultantDetailEnum.ID.getValue(), consultant.getId().toString());


        details.put(ConsultantDetailEnum.NAME.getValue(), consultant.getName());


        details.put(ConsultantDetailEnum.AGENT_NO.getValue(), account);


        authenticationToken.setDetails(details);


 


        return authenticationToken;


    }


}