Merge branch '滲透' of https://dev.pollex.com.tw:8443/r/pcalife/PAM into 滲透

Tomas

2023-09-01 23f937de7378d94c74e81e6f0ef1d6a1e0f1fa0e

Merge branch '滲透' of https://dev.pollex.com.tw:8443/r/pcalife/PAM into 滲透

 pamapi/src/main/java/com/pollex/pam/config/ApplicationProperties.java

@@ -26,6 +26,7 @@
    private SendSMSProperties sms;
    private SendEmailProperties email;
    private String fileFolderPath;
    private String aesKey;

    public boolean isMockLogin() {
        return mockLogin;
@@ -115,4 +116,15 @@
        this.fileFolderPath = fileFolderPath;
    }

    @Override
    public String getAesKey() {
        return aesKey;
    }

    public void setAesKey(String aesKey) {
        this.aesKey = aesKey;
    }
	
	

}

 pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java

@@ -60,9 +60,12 @@

    private void setVerrifiedOtpTmp(String account, String indexKey) {
        OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
        if(otpTmp!=null) {
        otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
        otpTmpService.save(otpTmp);
    }

    }


}

 pamapi/src/main/java/com/pollex/pam/web/rest/TestLoginResource.java

@@ -71,49 +71,49 @@
        return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK);
    }

    @GetMapping("/byEService")
    public ResponseEntity<EServiceResponse> loginByEService(@RequestParam("account") String account, @RequestParam("password") String password) throws Exception {
        RestTemplate restTemplate = getTrustAllRestTemplate();
        settingMessageConvertesToSpecifyType(restTemplate, MediaType.ALL);
//    @GetMapping("/byEService")
//    public ResponseEntity<EServiceResponse> loginByEService(@RequestParam("account") String account, @RequestParam("password") String password) throws Exception {
//        RestTemplate restTemplate = getTrustAllRestTemplate();
//        settingMessageConvertesToSpecifyType(restTemplate, MediaType.ALL);
//
//        String urlTemplate = UriComponentsBuilder.fromHttpUrl(applicationProperty.geteServiceLoginUrl())
//            .queryParam("func", applicationProperty.geteServiceLoginFunc())
//            .queryParam("id", account)
//            .queryParam("pin", password)
//            .queryParam("pwd", password)
//            .queryParam("sys", applicationProperty.geteServiceLoginSys())
//            .queryParam("transactionId", UUID.randomUUID().toString())
//            .encode().toUriString();
//
//        log.debug("http get loginByEService, url = {}", urlTemplate);
//
//        HttpHeaders headers = new HttpHeaders();
//        headers.setContentType(MediaType.APPLICATION_JSON);
//
//        HttpEntity<String> entity = new HttpEntity<>(headers);
//        return restTemplate.exchange(urlTemplate, HttpMethod.GET, entity, EServiceResponse.class);
//    }

        String urlTemplate = UriComponentsBuilder.fromHttpUrl(applicationProperty.geteServiceLoginUrl())
            .queryParam("func", applicationProperty.geteServiceLoginFunc())
            .queryParam("id", account)
            .queryParam("pin", password)
            .queryParam("pwd", password)
            .queryParam("sys", applicationProperty.geteServiceLoginSys())
            .queryParam("transactionId", UUID.randomUUID().toString())
            .encode().toUriString();
//    private void settingMessageConvertesToSpecifyType(RestTemplate restTemplate, MediaType mediaType) {
//        List<HttpMessageConverter<?>> messageConverters = new ArrayList<>();
//        MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
//        converter.setSupportedMediaTypes(Collections.singletonList(mediaType));
//        messageConverters.add(converter);
//        restTemplate.setMessageConverters(messageConverters);
//    }

        log.debug("http get loginByEService, url = {}", urlTemplate);

        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_JSON);

        HttpEntity<String> entity = new HttpEntity<>(headers);
        return restTemplate.exchange(urlTemplate, HttpMethod.GET, entity, EServiceResponse.class);
    }

    private void settingMessageConvertesToSpecifyType(RestTemplate restTemplate, MediaType mediaType) {
        List<HttpMessageConverter<?>> messageConverters = new ArrayList<>();
        MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
        converter.setSupportedMediaTypes(Collections.singletonList(mediaType));
        messageConverters.add(converter);
        restTemplate.setMessageConverters(messageConverters);
    }

    private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
        SSLContext sslContext = SSLContexts.custom()
            .loadTrustMaterial(null, (X509Certificate[] x509Certs, String s) -> true)
            .build();
        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());
        CloseableHttpClient httpClient = HttpClients.custom()
            .setSSLSocketFactory(csf)
            .build();
        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
        requestFactory.setHttpClient(httpClient);
        requestFactory.setConnectTimeout(300000);
        requestFactory.setReadTimeout(300000);
        return new RestTemplate(requestFactory);
    }
//    private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
//        SSLContext sslContext = SSLContexts.custom()
//            .loadTrustMaterial(null, (X509Certificate[] x509Certs, String s) -> true)
//            .build();
//        SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier());
//        CloseableHttpClient httpClient = HttpClients.custom()
//            .setSSLSocketFactory(csf)
//            .build();
//        HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory();
//        requestFactory.setHttpClient(httpClient);
//        requestFactory.setConnectTimeout(300000);
//        requestFactory.setReadTimeout(300000);
//        return new RestTemplate(requestFactory);
//    }
}

 pamapi/src/main/resources/config/application-dev.yml

@@ -140,3 +140,4 @@
    sender-email: noreply@pcalife.com.tw
    method: 'POLLEX_GMAIL'
  file-folder-path: C://pam_file
  aes-key: PAMKEY1234567890

 pamapi/src/main/resources/config/application-pollex.yml

@@ -32,9 +32,13 @@
      indent-output: true
  datasource:
    type: com.zaxxer.hikari.HikariDataSource
    url: jdbc:postgresql://dev.pollex.com.tw:5433/pam_p2
    #url: jdbc:postgresql://localhost:5432/omo?currentSchema=public
    username: pamadmin
    password: pamadmin
    hikari:
      poolName: Hikari
    jndi-name: Pam
      maximum-pool-size: 500
  jpa:
    database-platform: tech.jhipster.domain.util.FixedPostgreSQL10Dialect
  liquibase:
@@ -136,3 +140,4 @@
    sender-email: noreply@pcalife.com.tw
    method: 'POLLEX_GMAIL'
  file-folder-path: C://pam_file
  aes-key: PAMKEY1234567890

 pamapi/src/main/resources/config/application-prod.yml

@@ -153,3 +153,4 @@
    sender-email: noreply@pcalife.com.tw
    method: 'PAM_EMAIL_SERVICE'
  file-folder-path: /sfs_omo/AgentPhoto/
  aes-key: PAMKEY1234567890

 pamapi/src/main/resources/config/application-sit.yml

@@ -130,3 +130,4 @@
    sender-email: noreply@pcalife.com.tw
    method: 'PAM_EMAIL_SERVICE'
  file-folder-path: /sfs_omo/AgentPhoto/
  aes-key: PAMKEY1234567890

 pamapi/src/main/resources/config/application-uat.yml

@@ -130,3 +130,4 @@
    sender-email: noreply@pcalife.com.tw
    method: 'PAM_EMAIL_SERVICE'
  file-folder-path: /sfs_omo/AgentPhoto/
  aes-key: PAMKEY1234567890