From 81be73b65d72cb2e61b31ec30a9a1b81c242e671 Mon Sep 17 00:00:00 2001
From: wayne <wayne8692wayne8692@gmail.com>
Date: 星期一, 14 二月 2022 17:01:48 +0800
Subject: [PATCH] [BUG] [todo 135269] 修正Eservice的登入帳號是否成功登入的檢核

---
 pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java |   71 +++++++++++------------------------
 1 files changed, 22 insertions(+), 49 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
index 6fadbba..3802087 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
@@ -1,29 +1,20 @@
 package com.pollex.pam.security.provider;
 
-import com.pollex.pam.config.ApplicationProperties;
-import com.pollex.pam.domain.Customer;
-import com.pollex.pam.enums.CustomerDetailEnum;
-import com.pollex.pam.repository.CustomerRepository;
-import com.pollex.pam.security.token.OtpAuthenticationToken;
-import com.pollex.pam.service.OtpWebService;
-import com.pollex.pam.service.dto.OtpResponseDTO;
-import com.pollex.pam.web.rest.vm.OtpAccount;
+import com.pollex.pam.web.rest.errors.CustomerNotRegisteredException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.AuthenticationException;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Component;
 
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import com.pollex.pam.domain.Customer;
+import com.pollex.pam.repository.CustomerRepository;
+import com.pollex.pam.security.token.OtpAuthenticationToken;
+import com.pollex.pam.service.CustomerAuthService;
+import com.pollex.pam.service.OtpTmpService;
+import com.pollex.pam.service.OtpUtilService;
+import com.pollex.pam.web.rest.vm.OtpAccount;
 
 @Component
 public class OtpAuthenticationProvider {
@@ -31,13 +22,16 @@
     private static final Logger log = LoggerFactory.getLogger(OtpAuthenticationProvider.class);
 
     @Autowired
-    ApplicationProperties applicationProperty;
-
-    @Autowired
-    OtpWebService otpWebService;
+    CustomerAuthService customerAuthService;
 
     @Autowired
     CustomerRepository customerRepository;
+
+    @Autowired
+    OtpTmpService otpTmpService;
+
+    @Autowired
+    OtpUtilService otpUtilService;
 
     public Authentication authenticate(OtpAuthenticationToken otpAuthenticationToken) throws AuthenticationException {
         OtpAccount otpAccount = otpAuthenticationToken.getPrincipal();
@@ -45,36 +39,15 @@
         String indexKey = otpAccount.getIndexKey();
         String otpCode = otpAuthenticationToken.getCredentials();
 
-        if(applicationProperty.isMockLogin()){
-            return getCustomerToken(account, otpCode);
-        }
+        otpUtilService.verifyOtp(account, indexKey, otpCode);
+    	Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account)
+    						.orElse(null);
 
-        try {
-            OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
-            if(otpResponseDTO.isSuccess()) {
-                return getCustomerToken(account, otpCode);
-            }
-        } catch (Exception e) {
-            log.error("Exception: ", e);
-            throw new AuthenticationCredentialsNotFoundException("");
-        }
+    	if (customer == null) {
+    		throw new CustomerNotRegisteredException();
+    	}
 
-        throw new AuthenticationCredentialsNotFoundException("");
-    }
+    	return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);
 
-    private UsernamePasswordAuthenticationToken getCustomerToken(String account, String otpCode) {
-        // todo �摮�DB��撅祆迤撣貊鞊∴����畾essage����垢��脰�酉���
-        Customer customer = customerRepository.findOneByEmailEqualsOrPhoneEquals(account, account).orElseThrow(() -> new UsernameNotFoundException("this customer is not in db, account = " + account));
-
-        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
-        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);
-
-        Map<String, String> details = new HashMap<>();
-        details.put(CustomerDetailEnum.ID.getValue(), customer.getId().toString());
-        details.put(CustomerDetailEnum.NAME.getValue(), customer.getName());
-        details.put(CustomerDetailEnum.ACCOUNT.getValue(), account);
-        authenticationToken.setDetails(details);
-
-        return authenticationToken;
     }
 }

--
Gitblit v1.8.0