保誠-保戶業務員媒合平台
究查 | 歷程 | 修補檔 | 提交 | 提交差異 | 忽略空白
jack
2024-12-27 5e8b57aacdbf94cd57c4d3533ded5ee73ff71340 
 pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java


¤ñ¹ï·sÀÉ®×


@@ -0,0 +1,115 @@


package com.pollex.pam.security.provider;




import com.pollex.pam.business.domain.Consultant;


import com.pollex.pam.business.enums.ConsultantDetailEnum;


import com.pollex.pam.business.repository.ConsultantRepository;


import com.pollex.pam.business.repository.EServiceErrorCodeRepository;


import com.pollex.pam.business.service.EServiceConnectService;


import com.pollex.pam.business.service.dto.EServiceResponse;


import com.pollex.pam.business.web.errors.ConsultantDisableException;


import com.pollex.pam.business.config.AppProperties;


import com.pollex.pam.business.security.token.EServiceAuthenticationToken;


import com.pollex.pam.business.web.errors.EServiceErrorException;


import com.pollex.pam.config.ApplicationProperties;


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.http.*;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.security.core.userdetails.UsernameNotFoundException;


import org.springframework.stereotype.Component;




import java.security.GeneralSecurityException;


import java.util.*;




import static java.util.Arrays.asList;




@Component


public class EServiceAuthenticationProvider {




    private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "true";


    private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class);




    @Autowired


    ApplicationProperties applicationProperties;




    @Autowired


    ConsultantRepository consultantRepository;




    @Autowired


    EServiceConnectService eServiceConnectService;




    @Autowired


    EServiceErrorCodeRepository eServiceErrorCodeRepository;




    public Authentication authenticate(EServiceAuthenticationToken authenticationToken) throws AuthenticationException {


        String account = authenticationToken.getPrincipal();


        String credentials = authenticationToken.getCredentials();






        if(applicationProperties.isMockLogin()){


            return getConsultantTokenAndRecordLoginTime(account, credentials);


        }








        try {


            ResponseEntity<EServiceResponse> responseEntity = eServiceConnectService.loginByEService(account, credentials);


            if(HttpStatus.OK.equals(responseEntity.getStatusCode())) {


                EServiceResponse eServiceResponse = responseEntity.getBody();


                log.debug("eService response = {}", eServiceResponse);




                if(eServiceResponse == null) {


                    throw new RuntimeException("eService error!, response body is null");


                }




                List<String> successCode = new ArrayList<>(asList("0","3","4","6"));




                if(successCode.contains(eServiceResponse.getCode())) {


                    return getConsultantTokenAndRecordLoginTime(account, credentials);


                } else {


                    log.debug("account:{},error:{}",account,eServiceResponse.getMsg());


                    eServiceErrorCodeRepository.findByErrorCode(eServiceResponse.getCode()).


                            ifPresent(eServiceErrorCode -> {


                                throw new EServiceErrorException(eServiceErrorCode.getErrorMessage());


                            });




                    throw new EServiceErrorException("您輸入的資訊有誤,請重新輸入");


                }




//                if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getIssuccess())){


//


//                    return getConsultantTokenAndRecordLoginTime(account, credentials);


//                }


//                else {


//                   log.debug("account:{},error:{}",account,eServiceResponse.getMsg());


//                    throw new EServiceErrorException("您輸入的資訊有誤,請重新輸入");


//                }


            }




            throw new RuntimeException("eService http error!, response http status code = " + responseEntity.getStatusCode());


        } catch (GeneralSecurityException e) {


           log.error("General Security SSL error!",e);


            throw new RuntimeException("General Security SSL error!");


        }


    }




    private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException {


        Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("帳號密碼錯誤"));




        List<GrantedAuthority> grantedAuths = Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER"));


        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);




        Map<String, String> details = new HashMap<>();


        details.put(ConsultantDetailEnum.ID.getValue(), consultant.getId().toString());


        details.put(ConsultantDetailEnum.NAME.getValue(), consultant.getName());


        details.put(ConsultantDetailEnum.AGENT_NO.getValue(), account);


        authenticationToken.setDetails(details);




        return authenticationToken;


    }


}