保誠-保戶業務員媒合平台
究查 | 歷程 | 修補檔 | 提交 | 提交差異 | 忽略空白
Jack
2021-11-26 bdcaac32492b5e6223fef4304f4d86403e877022 
 pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java


@@ -1,33 +1,22 @@


package com.pollex.pam.security.provider;




import com.pollex.pam.config.ApplicationProperties;


import com.pollex.pam.domain.Customer;


import com.pollex.pam.domain.OtpTmp;


import com.pollex.pam.enums.CustomerDetailEnum;


import com.pollex.pam.enums.OtpLoginTypeEnum;


import com.pollex.pam.enums.OtpTmpStatusEnum;


import com.pollex.pam.repository.CustomerRepository;


import com.pollex.pam.security.token.OtpAuthenticationToken;


import com.pollex.pam.service.OtpTmpService;


import com.pollex.pam.service.OtpWebService;


import com.pollex.pam.service.dto.OtpResponseDTO;


import com.pollex.pam.web.rest.vm.OtpAccount;


import org.slf4j.Logger;


import org.slf4j.LoggerFactory;


import org.springframework.beans.factory.annotation.Autowired;


import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.core.Authentication;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.GrantedAuthority;


import org.springframework.security.core.authority.SimpleGrantedAuthority;


import org.springframework.security.core.userdetails.UsernameNotFoundException;


import org.springframework.stereotype.Component;




import java.util.Arrays;


import java.util.HashMap;


import java.util.List;


import java.util.Map;


import com.pollex.pam.domain.Customer;


import com.pollex.pam.domain.OtpTmp;


import com.pollex.pam.enums.OtpTmpStatusEnum;


import com.pollex.pam.repository.CustomerRepository;


import com.pollex.pam.security.token.OtpAuthenticationToken;


import com.pollex.pam.service.CustomerAuthService;


import com.pollex.pam.service.OtpTmpService;


import com.pollex.pam.service.OtpUtilService;


import com.pollex.pam.web.rest.vm.OtpAccount;




@Component


public class OtpAuthenticationProvider {


@@ -35,16 +24,16 @@


    private static final Logger log = LoggerFactory.getLogger(OtpAuthenticationProvider.class);




    @Autowired


    ApplicationProperties applicationProperty;




    @Autowired


    OtpWebService otpWebService;




    CustomerAuthService customerAuthService;


    


    @Autowired


    CustomerRepository customerRepository;


    


    @Autowired


    OtpTmpService otpTmpService;


    


    @Autowired


    OtpUtilService otpUtilService;




    public Authentication authenticate(OtpAuthenticationToken otpAuthenticationToken) throws AuthenticationException {


        OtpAccount otpAccount = otpAuthenticationToken.getPrincipal();


@@ -52,23 +41,19 @@


        String indexKey = otpAccount.getIndexKey();


        String otpCode = otpAuthenticationToken.getCredentials();




        if(applicationProperty.isMockLogin()){


           setVerrifiedOtpTmp(account, indexKey);


            return getCustomerToken(account, otpCode, indexKey);


        }


        otpUtilService.verifyOtp(indexKey, otpCode);


        


       setVerrifiedOtpTmp(account, indexKey);


    	


       Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)


                      .orElse(null);


    	


       if (customer == null) {


          throw new AuthenticationCredentialsNotFoundException("");


       }


    	


       return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);




        try {


            OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);


            if(otpResponseDTO.isSuccess()) {


               setVerrifiedOtpTmp(account, indexKey);


                return getCustomerToken(account, otpCode, indexKey);


            }


        } catch (Exception e) {


            log.error("Exception: ", e);


            throw new AuthenticationCredentialsNotFoundException("");


        }




        throw new AuthenticationCredentialsNotFoundException("");


    }




    private void setVerrifiedOtpTmp(String account, String indexKey) {


@@ -77,23 +62,5 @@


       otpTmpService.save(otpTmp);


   }




   private UsernamePasswordAuthenticationToken getCustomerToken(String account


          , String otpCode, String indexKey) {


    	


    	


       // todo 未存在於DB所屬正常現象,需用特殊message告知前端可進行註冊


        Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account, account).orElseThrow(() -> new UsernameNotFoundException("this customer is not in register, account = " + account));




        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));


        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);




        Map<String, String> details = new HashMap<>();


        details.put(CustomerDetailEnum.ID.getValue(), customer.getId().toString());


        details.put(CustomerDetailEnum.NAME.getValue(), customer.getName());


        details.put(CustomerDetailEnum.ACCOUNT.getValue(), account);


//        details.put(CustomerDetailEnum.CONTACT_TYPE.getValue(), customer.getContactType());


        authenticationToken.setDetails(details);




        return authenticationToken;


    }


		


}