pcalife/PAM.git - dev.pollex.com.tw

wayne

2021-11-26 e93c2fa0d3f054f6dd5adef5ecce0c4e58a5ffa9

[update] 調整OtpVerify需寫入至Otp_tmp table中

修改3個檔案

	pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java	23 ●●●●● 修補檔 \| 檢視 \| 原始 \| 究查 \| 歷程
	pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java	48 ●●●●● 修補檔 \| 檢視 \| 原始 \| 究查 \| 歷程
	pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java	16 ●●●●● 修補檔 \| 檢視 \| 原始 \| 究查 \| 歷程

 pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java

@@ -25,13 +25,13 @@

    @Autowired
    CustomerAuthService customerAuthService;
    

    @Autowired
    CustomerRepository customerRepository;
    

    @Autowired
    OtpTmpService otpTmpService;
    

    @Autowired
    OtpUtilService otpUtilService;

@@ -41,26 +41,15 @@
        String indexKey = otpAccount.getIndexKey();
        String otpCode = otpAuthenticationToken.getCredentials();

        otpUtilService.verifyOtp(indexKey, otpCode);
        
        setVerrifiedOtpTmp(account, indexKey);
    	
        otpUtilService.verifyOtp(account, indexKey, otpCode);
        Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
                            .orElse(null);
    	

        if (customer == null) {
            throw new AuthenticationCredentialsNotFoundException("");
        }
    	

        return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);

    }

    private void setVerrifiedOtpTmp(String account, String indexKey) {
        OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
        otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
        otpTmpService.save(otpTmp);
    }

		
}

 pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java

@@ -1,5 +1,8 @@
package com.pollex.pam.service;

import com.pollex.pam.domain.OtpTmp;
import com.pollex.pam.enums.OtpTmpStatusEnum;
import com.pollex.pam.web.rest.vm.VerifyOtpVM;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -9,33 +12,50 @@
import com.pollex.pam.config.ApplicationProperties;
import com.pollex.pam.security.provider.OtpAuthenticationProvider;
import com.pollex.pam.service.dto.OtpResponseDTO;
import org.springframework.transaction.annotation.Transactional;

@Service
public class OtpUtilService {
	

    private static final Logger log = LoggerFactory.getLogger(OtpUtilService.class);

    @Autowired
    ApplicationProperties applicationProperty;
    

    @Autowired
    OtpWebService otpWebService;
    
    public void verifyOtp(String indexKey, String otpCode) {
        if(applicationProperty.isMockLogin()){
            return;
        }
    	

    @Autowired
    OtpTmpService otpTmpService;

    @Transactional
    public void verifyOtp(VerifyOtpVM verifyOtpParam) {
        verifyOtp(verifyOtpParam.getAccount(), verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
    }

    @Transactional
    public void verifyOtp(String account, String indexKey, String otpCode) {
        try {
            OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
            if (!otpResponseDTO.isSuccess()) {
                throw new AuthenticationCredentialsNotFoundException("");
            }
            if(applicationProperty.isMockLogin()){
                log.debug("Do MockLogin");
            } else {  // otp logon
                OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
                if (!otpResponseDTO.isSuccess()) {
                    throw new AuthenticationCredentialsNotFoundException("");
                }
            }
            setVerrifiedOtpTmp(account, indexKey);
        } catch (Exception e) {
            log.error("Exception: ", e);
            throw new AuthenticationCredentialsNotFoundException("");
        }
    	
    	
    }

    private void setVerrifiedOtpTmp(String account, String indexKey) {
        OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
        otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
        otpTmpService.save(otpTmp);
    }


}

 pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java

@@ -57,10 +57,10 @@

    @Autowired
    CustomerService customerService;
    

    @Autowired
    OtpUtilService otpUtilService;
    

    @Autowired
    CustomerRepository customerRepository;

@@ -83,16 +83,16 @@

    @PostMapping("/verify")
    public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) {
        otpUtilService.verifyOtp(verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
    	
        otpUtilService.verifyOtp(verifyOtpParam);

        Customer customer = customerRepository
                            .findOneByEmailEqualsOrPhoneEquals(verifyOtpParam.getAccount())
                            .orElse(null);
    	

        if (customer == null) {
            return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
        }
    	

        String jwt = customerAuthService.authorize(customer, verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
        HttpHeaders httpHeaders = new HttpHeaders();
        httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
@@ -112,6 +112,6 @@
        httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
        return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
    }
    
    


}

			@@ -25,13 +25,13 @@

			@Autowired
			CustomerAuthService customerAuthService;


			@Autowired
			CustomerRepository customerRepository;


			@Autowired
			OtpTmpService otpTmpService;


			@Autowired
			OtpUtilService otpUtilService;

			@@ -41,26 +41,15 @@
			String indexKey = otpAccount.getIndexKey();
			String otpCode = otpAuthenticationToken.getCredentials();

			otpUtilService.verifyOtp(indexKey, otpCode);

			setVerrifiedOtpTmp(account, indexKey);

			otpUtilService.verifyOtp(account, indexKey, otpCode);
			Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
			.orElse(null);


			if (customer == null) {
			throw new AuthenticationCredentialsNotFoundException("");
			}


			return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);

			}

			private void setVerrifiedOtpTmp(String account, String indexKey) {
			OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
			otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
			otpTmpService.save(otpTmp);
			}


			}

			@@ -1,5 +1,8 @@
			package com.pollex.pam.service;

			import com.pollex.pam.domain.OtpTmp;
			import com.pollex.pam.enums.OtpTmpStatusEnum;
			import com.pollex.pam.web.rest.vm.VerifyOtpVM;
			import org.slf4j.Logger;
			import org.slf4j.LoggerFactory;
			import org.springframework.beans.factory.annotation.Autowired;
			@@ -9,33 +12,50 @@
			import com.pollex.pam.config.ApplicationProperties;
			import com.pollex.pam.security.provider.OtpAuthenticationProvider;
			import com.pollex.pam.service.dto.OtpResponseDTO;
			import org.springframework.transaction.annotation.Transactional;

			@Service
			public class OtpUtilService {


			private static final Logger log = LoggerFactory.getLogger(OtpUtilService.class);

			@Autowired
			ApplicationProperties applicationProperty;


			@Autowired
			OtpWebService otpWebService;

			public void verifyOtp(String indexKey, String otpCode) {
			if(applicationProperty.isMockLogin()){
			return;
			}


			@Autowired
			OtpTmpService otpTmpService;

			@Transactional
			public void verifyOtp(VerifyOtpVM verifyOtpParam) {
			verifyOtp(verifyOtpParam.getAccount(), verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
			}

			@Transactional
			public void verifyOtp(String account, String indexKey, String otpCode) {
			try {
			OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
			if (!otpResponseDTO.isSuccess()) {
			throw new AuthenticationCredentialsNotFoundException("");
			}
			if(applicationProperty.isMockLogin()){
			log.debug("Do MockLogin");
			} else { // otp logon
			OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
			if (!otpResponseDTO.isSuccess()) {
			throw new AuthenticationCredentialsNotFoundException("");
			}
			}
			setVerrifiedOtpTmp(account, indexKey);
			} catch (Exception e) {
			log.error("Exception: ", e);
			throw new AuthenticationCredentialsNotFoundException("");
			}


			}

			private void setVerrifiedOtpTmp(String account, String indexKey) {
			OtpTmp otpTmp = otpTmpService.findByAccountAndIndexKey(account, indexKey);
			otpTmp.setStatus(OtpTmpStatusEnum.VERRIFIED);
			otpTmpService.save(otpTmp);
			}


			}

			@@ -57,10 +57,10 @@

			@Autowired
			CustomerService customerService;


			@Autowired
			OtpUtilService otpUtilService;


			@Autowired
			CustomerRepository customerRepository;

			@@ -83,16 +83,16 @@

			@PostMapping("/verify")
			public ResponseEntity<UserJWTController.JWTToken> verifyOtp(@RequestBody VerifyOtpVM verifyOtpParam) {
			otpUtilService.verifyOtp(verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());

			otpUtilService.verifyOtp(verifyOtpParam);

			Customer customer = customerRepository
			.findOneByEmailEqualsOrPhoneEquals(verifyOtpParam.getAccount())
			.orElse(null);


			if (customer == null) {
			return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
			}


			String jwt = customerAuthService.authorize(customer, verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
			HttpHeaders httpHeaders = new HttpHeaders();
			httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
			@@ -112,6 +112,6 @@
			httpHeaders.add(JWTFilter.AUTHORIZATION_HEADER, "Bearer" + jwt);
			return new ResponseEntity<>(new UserJWTController.JWTToken(jwt), httpHeaders, HttpStatus.OK);
			}




			}