package com.pollex.pam.web.rest;
|
|
import com.pollex.pam.config.ApplicationProperties;
|
import com.pollex.pam.enums.OtpLoginTypeEnum;
|
import com.pollex.pam.security.jwt.JWTFilter;
|
import com.pollex.pam.security.jwt.TokenProvider;
|
import com.pollex.pam.security.token.OtpAuthenticationToken;
|
import com.pollex.pam.service.OtpWebService;
|
import com.pollex.pam.service.dto.OtpResponseDTO;
|
import com.pollex.pam.web.rest.vm.*;
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpStatus;
|
import org.springframework.http.ResponseEntity;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.web.bind.annotation.*;
|
|
import javax.xml.rpc.ServiceException;
|
import java.rmi.RemoteException;
|
import java.util.UUID;
|
|
@RestController
|
@RequestMapping("/api/otp")
|
public class OtpResource {
|
|
private final static Logger log = LoggerFactory.getLogger(OtpResource.class);
|
|
@Autowired
|
ApplicationProperties applicationProperty;
|
|
@Autowired
|
OtpWebService otpWebService;
|
|
@Autowired
|
AuthenticationManagerBuilder authenticationManagerBuilder;
|
|
@Autowired
|
TokenProvider tokenProvider;
|
|
@PostMapping("/sendOtp")
|
public ResponseEntity<Object> sendOtp(@RequestBody OtpLoginVM login) {
|
try {
|
if(applicationProperty.isMockLogin()) {
|
return new ResponseEntity<>(getMockSendOtpResponse(), HttpStatus.OK);
|
}
|
|
if(login.getLoginType() == OtpLoginTypeEnum.SMS) {
|
return new ResponseEntity<>(otpWebService.sendByPhone(login.getAccount()), HttpStatus.OK);
|
}
|
else if(login.getLoginType() == OtpLoginTypeEnum.EMAIL) {
|
return new ResponseEntity<>(otpWebService.sendByEmail(login.getAccount()), HttpStatus.OK);
|
}
|
|
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("can not support this login type, loginType = " + login.getLoginType().name());
|
} catch (ServiceException | RemoteException e) {
|
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("connecting otp web service error");
|
}
|
}
|
|
@PostMapping("/verify")
|
public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) {
|
OtpAccount otpAccount = new OtpAccount(verifyOtpParam.getAccount(), verifyOtpParam.getIndexKey());
|
OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(
|
otpAccount,
|
verifyOtpParam.getOtpCode()
|
);
|
|
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
String jwt = tokenProvider.createToken(authentication, false);
|
HttpHeaders httpHeaders = new HttpHeaders();
|
httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
|
return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
|
}
|
|
private OtpResponseDTO getMockSendOtpResponse() {
|
String indexKey = UUID.randomUUID().toString().substring(0, 8);
|
return new OtpResponseDTO(new String[]{indexKey, "0", "", ""});
|
}
|
}
|
