pcalife/PAM.git - dev.pollex.com.tw

			@@ -1,5 +1,6 @@
			package com.pollex.pam.web.rest;

			import com.fasterxml.jackson.databind.ObjectMapper;
			import com.pollex.pam.config.ApplicationProperties;
			import com.pollex.pam.security.jwt.JWTFilter;
			import com.pollex.pam.security.jwt.TokenProvider;
			@@ -7,22 +8,43 @@
			import com.pollex.pam.security.token.OtpAuthenticationToken;
			import com.pollex.pam.service.LoginService;
			import com.pollex.pam.service.OtpWebService;
			import com.pollex.pam.service.dto.EServiceRequest;
			import com.pollex.pam.service.dto.EServiceResponse;
			import com.pollex.pam.service.dto.OtpResponseDTO;
			import com.pollex.pam.web.rest.vm.OtpAccount;
			import org.apache.http.conn.ssl.NoopHostnameVerifier;
			import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
			import org.apache.http.impl.client.CloseableHttpClient;
			import org.apache.http.impl.client.HttpClients;
			import org.apache.http.ssl.SSLContexts;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			import org.springframework.beans.factory.annotation.Autowired;
			import org.springframework.http.HttpHeaders;
			import org.springframework.http.HttpStatus;
			import org.springframework.http.ResponseEntity;
			import org.springframework.http.*;
			import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
			import org.springframework.http.converter.HttpMessageConverter;
			import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
			import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
			import org.springframework.security.core.Authentication;
			import org.springframework.security.core.context.SecurityContextHolder;
			import org.springframework.web.bind.annotation.*;
			import org.springframework.web.client.RestTemplate;
			import tw.com.softleader.otp.ws.OtpWebServicePortBindingStub;

			import javax.net.ssl.SSLContext;
			import javax.xml.rpc.ServiceException;
			import java.rmi.RemoteException;
			import java.security.KeyManagementException;
			import java.security.KeyStoreException;
			import java.security.NoSuchAlgorithmException;
			import java.security.cert.X509Certificate;
			import java.util.ArrayList;
			import java.util.Collections;
			import java.util.List;


			// todo，僅為初期接login方便使用而用get的方式登入，目前已拆出OtpResource與EServiceResource，主要是用這兩個做登入
			@Deprecated
			@RestController
			@RequestMapping("/api/testLogin")
			public class TestLoginResource {
			@@ -46,44 +68,69 @@

			@GetMapping("/bySMS")
			public ResponseEntity<OtpResponseDTO> sendOtpBySMS(@RequestParam("phone") String phone) throws ServiceException, RemoteException {
			otpWebService.sendByPhone(phone);
			return new ResponseEntity<>(HttpStatus.OK);
			final OtpResponseDTO otpResponseDTO = otpWebService.sendByPhone(phone);
			return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
			}

			@GetMapping("/byEmail")
			public ResponseEntity<OtpResponseDTO> sendOtpByEmail(@RequestParam("email") String email) throws RemoteException, ServiceException {
			otpWebService.sendByEmail(email);
			return new ResponseEntity<>(HttpStatus.OK);
			final OtpResponseDTO otpResponseDTO = otpWebService.sendByEmail(email);
			return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
			}

			@GetMapping("/verifyOtp")
			public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestParam("account") String account, @RequestParam("indexKey") String indexKey, @RequestParam("otpCode") String otpCode) throws ServiceException, RemoteException {
			OtpAccount otpAccount = new OtpAccount(account, indexKey);
			OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(
			otpAccount,
			otpCode
			);
			public ResponseEntity<OtpResponseDTO> verifyOtp(@RequestParam("account") String account, @RequestParam("indexKey") String indexKey, @RequestParam("otpCode") String otpCode) throws ServiceException, RemoteException {
			OtpWebServicePortBindingStub stub = otpWebService.getOtpWebServicePortBindingStub();
			log.info("call OtpService verifyOTP, systemType = {}, service password = {}, indexKey = {}, paxxword = {}",
			applicationProperty.getOtpWebServiceSystemType(), applicationProperty.getOtpWebServicePassword(), indexKey, otpCode);

			Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
			SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			String jwt = tokenProvider.createToken(authentication, false);
			HttpHeaders httpHeaders = new HttpHeaders();
			httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
			return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
			String[] result =
			stub.verifyOtp(applicationProperty.getOtpWebServicePassword(), applicationProperty.getOtpWebServiceSystemType(), indexKey, otpCode);

			return new ResponseEntity<>(new OtpResponseDTO(result), HttpStatus.OK);
			}

			@GetMapping("/byEService")
			public ResponseEntity<UserJWTController.JWTToken> loginByEService(@RequestParam("account") String account, @RequestParam("password") String password) throws Exception {
			EServiceAuthenticationToken authenticationToken = new EServiceAuthenticationToken(
			account,
			password
			);
			public ResponseEntity<EServiceResponse> loginByEService(@RequestParam("account") String account, @RequestParam("password") String password) throws Exception {
			EServiceRequest dto = new EServiceRequest();
			dto.setFunc("ValidateUserLogin");
			dto.setId(account);
			dto.setPin(password);
			dto.setPwd(password);
			dto.setSys("epos");

			Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
			SecurityContextHolder.getContext().setAuthentication(authenticationToken);
			String jwt = tokenProvider.createToken(authentication, false);
			HttpHeaders httpHeaders = new HttpHeaders();
			httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
			return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
			String dtoJson = new ObjectMapper().writeValueAsString(dto);

			RestTemplate restTemplate = getTrustAllRestTemplate();
			settingMessageConvertesToSpecifyType(restTemplate, MediaType.ALL);

			HttpHeaders headers = new HttpHeaders();
			headers.setContentType(MediaType.APPLICATION_JSON);

			HttpEntity<String> entity = new HttpEntity<>(dtoJson, headers);
			return restTemplate.exchange(applicationProperty.geteServiceLoginUrl(), HttpMethod.POST, entity, EServiceResponse.class);
			}

			private void settingMessageConvertesToSpecifyType(RestTemplate restTemplate, MediaType mediaType) {
			List<HttpMessageConverter<?>> messageConverters = new ArrayList<>();
			MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
			converter.setSupportedMediaTypes(Collections.singletonList(mediaType));
			messageConverters.add(converter);
			restTemplate.setMessageConverters(messageConverters);
			}

			private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
			SSLContext sslContext = SSLContexts.custom()
			.loadTrustMaterial(null, (X509Certificate[] x509Certs, String s) -> true)
			.build();
			SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());
			CloseableHttpClient httpClient = HttpClients.custom()
			.setSSLSocketFactory(csf)
			.build();
			HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
			requestFactory.setHttpClient(httpClient);
			requestFactory.setConnectTimeout(300000);
			requestFactory.setReadTimeout(300000);
			return new RestTemplate(requestFactory);
			}
			}