package com.pollex.pam.web.rest;
|
|
import com.pollex.pam.config.ApplicationProperties;
|
import com.pollex.pam.security.jwt.JWTFilter;
|
import com.pollex.pam.security.jwt.TokenProvider;
|
import com.pollex.pam.security.token.EServiceAuthenticationToken;
|
import com.pollex.pam.security.token.OtpAuthenticationToken;
|
import com.pollex.pam.service.LoginService;
|
import com.pollex.pam.service.OtpWebService;
|
import com.pollex.pam.service.dto.OtpResponseDTO;
|
import com.pollex.pam.web.rest.vm.OtpAccount;
|
import org.slf4j.Logger;
|
import org.slf4j.LoggerFactory;
|
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.http.HttpHeaders;
|
import org.springframework.http.HttpStatus;
|
import org.springframework.http.ResponseEntity;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.core.Authentication;
|
import org.springframework.security.core.context.SecurityContextHolder;
|
import org.springframework.web.bind.annotation.*;
|
import tw.com.softleader.otp.ws.OtpWebServicePortBindingStub;
|
|
import javax.xml.rpc.ServiceException;
|
import java.rmi.RemoteException;
|
|
|
// todo,僅為初期接login方便使用而用get的方式登入,目前已拆出OtpResource與EServiceResource,主要是用這兩個做登入
|
@Deprecated
|
@RestController
|
@RequestMapping("/api/testLogin")
|
public class TestLoginResource {
|
|
private final static Logger log = LoggerFactory.getLogger(TestLoginResource.class);
|
|
@Autowired
|
LoginService loginService;
|
|
@Autowired
|
ApplicationProperties applicationProperty;
|
|
@Autowired
|
OtpWebService otpWebService;
|
|
@Autowired
|
AuthenticationManagerBuilder authenticationManagerBuilder;
|
|
@Autowired
|
TokenProvider tokenProvider;
|
|
@GetMapping("/bySMS")
|
public ResponseEntity<OtpResponseDTO> sendOtpBySMS(@RequestParam("phone") String phone) throws ServiceException, RemoteException {
|
final OtpResponseDTO otpResponseDTO = otpWebService.sendByPhone(phone);
|
return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
|
}
|
|
@GetMapping("/byEmail")
|
public ResponseEntity<OtpResponseDTO> sendOtpByEmail(@RequestParam("email") String email) throws RemoteException, ServiceException {
|
final OtpResponseDTO otpResponseDTO = otpWebService.sendByEmail(email);
|
return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
|
}
|
|
@GetMapping("/verifyOtp")
|
public ResponseEntity<OtpResponseDTO> verifyOtp(@RequestParam("account") String account, @RequestParam("indexKey") String indexKey, @RequestParam("otpCode") String otpCode) throws ServiceException, RemoteException {
|
OtpWebServicePortBindingStub stub = otpWebService.getOtpWebServicePortBindingStub();
|
log.info("call OtpService verifyOTP, systemType = {}, service password = {}, indexKey = {}, paxxword = {}",
|
applicationProperty.getOtpWebServiceSystemType(), applicationProperty.getOtpWebServicePassword(), indexKey, otpCode);
|
|
String[] result =
|
stub.verifyOtp(applicationProperty.getOtpWebServicePassword(), applicationProperty.getOtpWebServiceSystemType(), indexKey, otpCode);
|
|
return new ResponseEntity<>(new OtpResponseDTO(result), HttpStatus.OK);
|
}
|
|
@GetMapping("/byEService")
|
public ResponseEntity<UserJWTController.JWTToken> loginByEService(@RequestParam("account") String account, @RequestParam("password") String password) throws Exception {
|
EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
|
account,
|
password
|
);
|
|
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
SecurityContextHolder.getContext().setAuthentication(authenticationToken);
|
String jwt = tokenProvider.createToken(authentication, false);
|
HttpHeaders httpHeaders = new HttpHeaders();
|
httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
|
return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
|
}
|
}
|
