package com.pollex.pam.security.provider;
|
|
import com.pollex.pam.business.domain.Consultant;
|
import com.pollex.pam.business.enums.ConsultantDetailEnum;
|
import com.pollex.pam.business.repository.ConsultantRepository;
|
import com.pollex.pam.business.service.EServiceConnectService;
|
import com.pollex.pam.business.service.dto.EServiceResponse;
|
import com.pollex.pam.business.web.errors.ConsultantDisableException;
|
import com.pollex.pam.business.config.AppProperties;
|
import com.pollex.pam.business.security.token.EServiceAuthenticationToken;
|
import com.pollex.pam.business.web.errors.EServiceErrorException;
|
import com.pollex.pam.config.ApplicationProperties;
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.http.*;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.stereotype.Component;
|
|
import java.security.GeneralSecurityException;
|
import java.util.*;
|
|
@Component
|
public class EServiceAuthenticationProvider {
|
|
private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "true";
|
private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class);
|
|
@Autowired
|
ApplicationProperties applicationProperties;
|
|
@Autowired
|
ConsultantRepository consultantRepository;
|
|
@Autowired
|
EServiceConnectService eServiceConnectService;
|
|
public Authentication authenticate(EServiceAuthenticationToken authenticationToken) throws AuthenticationException {
|
String account = authenticationToken.getPrincipal();
|
String credentials = authenticationToken.getCredentials();
|
|
if(applicationProperties.isMockLogin()){
|
return getConsultantTokenAndRecordLoginTime(account, credentials);
|
}
|
|
try {
|
ResponseEntity<EServiceResponse> responseEntity = eServiceConnectService.loginByEService(account, credentials);
|
if(HttpStatus.OK.equals(responseEntity.getStatusCode())) {
|
EServiceResponse eServiceResponse = responseEntity.getBody();
|
log.debug("eService response = {}", eServiceResponse);
|
|
if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getIssuccess())){
|
return getConsultantTokenAndRecordLoginTime(account, credentials);
|
}
|
else {
|
log.debug("account:{},error:{}",account,eServiceResponse.getMsg());
|
throw new EServiceErrorException("帳號密碼錯誤");
|
}
|
}
|
|
throw new RuntimeException("eService http error!, response http status code = " + responseEntity.getStatusCode());
|
} catch (GeneralSecurityException e) {
|
throw new RuntimeException("General Security SSL error!");
|
}
|
}
|
|
private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException {
|
Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("帳號密碼錯誤"));
|
|
List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);
|
|
Map<String, String> details = new HashMap<>();
|
details.put(ConsultantDetailEnum.ID.getValue(), consultant.getId().toString());
|
details.put(ConsultantDetailEnum.NAME.getValue(), consultant.getName());
|
details.put(ConsultantDetailEnum.AGENT_NO.getValue(), account);
|
authenticationToken.setDetails(details);
|
|
return authenticationToken;
|
}
|
}
|
