[update] EService的登入機制改由原本確定OK的TestLogin的GET登入，而非POST

wayne

2021-11-25 7dbb876d93cef50d0475f332dbf6cc279893b8e2

[update] EService的登入機制改由原本確定OK的TestLogin的GET登入，而非POST

 pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java

@@ -15,6 +15,8 @@
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
@@ -30,6 +32,7 @@
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
import org.springframework.web.util.UriComponentsBuilder;

import javax.net.ssl.SSLContext;
import java.security.GeneralSecurityException;
@@ -43,6 +46,7 @@
public class EServiceAuthenticationProvider {

    private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "0";
    private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class);

    @Autowired
    ApplicationProperties applicationProperty;
@@ -67,7 +71,7 @@
                    return getConsultantToken(account, credentials);
                }

                throw new RuntimeException("eService login failed, eService response code = " + eServiceResponse.getCode());
                throw new RuntimeException("eService login failed, eService response code = " + eServiceResponse.getCode() + ", eService response msg = " + eServiceResponse.getMsg());
            }

            throw new RuntimeException("eService http error!, response http status code = " + responseEntity.getStatusCode());
@@ -94,23 +98,25 @@
    }

    private ResponseEntity<EServiceResponse> loginByEService(String account, String paxxword) throws JsonProcessingException, GeneralSecurityException {
        EServiceRequest dto = new EServiceRequest();
        dto.setFunc("ValidateUserLogin");
        dto.setId(account);
        dto.setPin(paxxword);
        dto.setPwd(paxxword);
        dto.setSys("epos");

        String dtoJson = new ObjectMapper().writeValueAsString(dto);

        RestTemplate restTemplate = getTrustAllRestTemplate();
        settingMessageConvertesToSpecifyType(restTemplate, MediaType.ALL);

        String urlTemplate = UriComponentsBuilder.fromHttpUrl(applicationProperty.geteServiceLoginUrl())
            .queryParam("func", applicationProperty.geteServiceLoginFunc())
            .queryParam("id", account)
            .queryParam("pin", paxxword)
            .queryParam("pwd", paxxword)
            .queryParam("sys", applicationProperty.geteServiceLoginSys())
            .queryParam("transactionId", UUID.randomUUID().toString())
            .encode().toUriString();

        log.debug("http get loginByEService, url = {}", urlTemplate);

        HttpHeaders headers = new HttpHeaders();
        headers.setContentType(MediaType.APPLICATION_JSON);

        HttpEntity<String> entity = new HttpEntity<>(dtoJson, headers);
        return restTemplate.exchange(applicationProperty.geteServiceLoginUrl(), HttpMethod.POST, entity, EServiceResponse.class);
        HttpEntity<String> entity = new HttpEntity<>(headers);
        return restTemplate.exchange(urlTemplate, HttpMethod.GET, entity, EServiceResponse.class);
    }

    private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {