package com.pollex.pam.security.provider;
|
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
import com.pollex.pam.config.ApplicationProperties;
|
import com.pollex.pam.domain.Consultant;
|
import com.pollex.pam.enums.ConsultantDetailEnum;
|
import com.pollex.pam.enums.CustomerDetailEnum;
|
import com.pollex.pam.repository.ConsultantRepository;
|
import com.pollex.pam.security.token.EServiceAuthenticationToken;
|
import com.pollex.pam.service.dto.EServiceRequest;
|
import com.pollex.pam.service.dto.EServiceResponse;
|
import org.apache.http.conn.ssl.NoopHostnameVerifier;
|
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
|
import org.apache.http.impl.client.CloseableHttpClient;
|
import org.apache.http.impl.client.HttpClients;
|
import org.apache.http.ssl.SSLContexts;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.http.*;
|
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
|
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.AuthenticationException;
|
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
import org.springframework.stereotype.Component;
|
import org.springframework.web.client.RestTemplate;
|
|
import javax.net.ssl.SSLContext;
|
import java.security.KeyManagementException;
|
import java.security.KeyStoreException;
|
import java.security.NoSuchAlgorithmException;
|
import java.security.cert.X509Certificate;
|
import java.util.Arrays;
|
import java.util.HashMap;
|
import java.util.List;
|
import java.util.Map;
|
|
@Component
|
public class EServiceAuthenticationProvider {
|
|
private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "0";
|
|
@Autowired
|
ApplicationProperties applicationProperty;
|
|
@Autowired
|
ConsultantRepository consultantRepository;
|
|
public Authentication authenticate(EServiceAuthenticationToken authenticationToken) throws AuthenticationException {
|
String account = authenticationToken.getPrincipal();
|
String credentials = authenticationToken.getCredentials();
|
|
if(applicationProperty.isMockLogin()){
|
return getConsultantToken(account, credentials);
|
}
|
|
try {
|
ResponseEntity<EServiceResponse> responseEntity = loginByEService(account, credentials);
|
if(HttpStatus.OK.equals(responseEntity.getStatusCode())) {
|
EServiceResponse eServiceResponse = responseEntity.getBody();
|
|
if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getCode())){
|
return getConsultantToken(account, credentials);
|
}
|
}
|
|
throw new AuthenticationCredentialsNotFoundException("");
|
} catch (Exception e) {
|
throw new AuthenticationCredentialsNotFoundException("");
|
}
|
}
|
|
private UsernamePasswordAuthenticationToken getConsultantToken(String account, String credential) {
|
Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("consultant is not in db, consultant agentNo = " + account));
|
|
List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);
|
|
Map<String, String> details = new HashMap<>();
|
details.put(ConsultantDetailEnum.ID.getValue(), consultant.getId().toString());
|
details.put(ConsultantDetailEnum.NAME.getValue(), consultant.getName());
|
details.put(ConsultantDetailEnum.AGENT_NO.getValue(), account);
|
authenticationToken.setDetails(details);
|
|
return authenticationToken;
|
}
|
|
private ResponseEntity<EServiceResponse> loginByEService(String account, String paxxword) throws Exception{
|
EServiceRequest dto = new EServiceRequest();
|
dto.setFunc("ValidateUserLogin");
|
dto.setId(account);
|
dto.setPin(paxxword);
|
dto.setPwd(paxxword);
|
dto.setSys("epos");
|
|
String dtoJson = new ObjectMapper().writeValueAsString(dto);
|
|
RestTemplate restTemplate = getTrustAllRestTemplate();
|
|
HttpHeaders headers = new HttpHeaders();
|
headers.setContentType(MediaType.APPLICATION_JSON);
|
|
HttpEntity<String> entity = new HttpEntity<>(dtoJson, headers);
|
return restTemplate.exchange(applicationProperty.geteServiceLoginUrl(), HttpMethod.POST, entity, EServiceResponse.class);
|
}
|
|
private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
|
SSLContext sslContext = SSLContexts.custom()
|
.loadTrustMaterial(null, (X509Certificate[] x509Certs, String s) -> true)
|
.build();
|
SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());
|
CloseableHttpClient httpClient = HttpClients.custom()
|
.setSSLSocketFactory(csf)
|
.build();
|
HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
|
requestFactory.setHttpClient(httpClient);
|
requestFactory.setConnectTimeout(300000);
|
requestFactory.setReadTimeout(300000);
|
return new RestTemplate(requestFactory);
|
}
|
}
|
