From 925f8b4ffca99f07c629660d42c48f531b4f77a0 Mon Sep 17 00:00:00 2001
From: wayne <wayne8692wayne8692@gmail.com>
Date: 星期一, 21 二月 2022 18:17:14 +0800
Subject: [PATCH] [update] 移除login_record欄位,改統一放之後 將新開的稽核欄位"audit_logging",並在顧問欄位加開最後上線時間
---
pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java | 88 +++++++++++++++++++++++++++++--------------
1 files changed, 59 insertions(+), 29 deletions(-)
diff --git a/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java b/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java
index 28a2a19..8b12535 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/provider/EServiceAuthenticationProvider.java
@@ -1,23 +1,26 @@
package com.pollex.pam.security.provider;
-import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.core.JsonProcessingException;
import com.pollex.pam.config.ApplicationProperties;
import com.pollex.pam.domain.Consultant;
import com.pollex.pam.enums.ConsultantDetailEnum;
-import com.pollex.pam.enums.CustomerDetailEnum;
import com.pollex.pam.repository.ConsultantRepository;
import com.pollex.pam.security.token.EServiceAuthenticationToken;
-import com.pollex.pam.service.dto.EServiceRequest;
import com.pollex.pam.service.dto.EServiceResponse;
+import com.pollex.pam.web.rest.errors.ConsultantDisableException;
+import com.pollex.pam.web.rest.errors.EServiceErrorException;
import org.apache.http.conn.ssl.NoopHostnameVerifier;
import org.apache.http.conn.ssl.SSLConnectionSocketFactory;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.ssl.SSLContexts;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.*;
import org.springframework.http.client.HttpComponentsClientHttpRequestFactory;
-import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
+import org.springframework.http.converter.HttpMessageConverter;
+import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
@@ -26,21 +29,24 @@
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import org.springframework.web.client.RestTemplate;
+import org.springframework.web.util.UriComponentsBuilder;
import javax.net.ssl.SSLContext;
+import java.security.GeneralSecurityException;
import java.security.KeyManagementException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
+import java.time.Instant;
+import java.util.*;
+
+import static com.pollex.pam.enums.ConsultantStatusEnum.DISABLE;
@Component
public class EServiceAuthenticationProvider {
- private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "0";
+ private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "true";
+ private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class);
@Autowired
ApplicationProperties applicationProperty;
@@ -53,27 +59,40 @@
String credentials = authenticationToken.getCredentials();
if(applicationProperty.isMockLogin()){
- return getConsultantToken(account, credentials);
+ return getConsultantTokenAndRecordLoginTime(account, credentials);
}
try {
ResponseEntity<EServiceResponse> responseEntity = loginByEService(account, credentials);
if(HttpStatus.OK.equals(responseEntity.getStatusCode())) {
EServiceResponse eServiceResponse = responseEntity.getBody();
+ log.debug("eService response = {}", eServiceResponse);
- if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getCode())){
- return getConsultantToken(account, credentials);
+ if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getIssuccess())){
+ return getConsultantTokenAndRecordLoginTime(account, credentials);
+ }
+ else {
+ throw new EServiceErrorException(eServiceResponse.getMsg());
}
}
- throw new AuthenticationCredentialsNotFoundException("");
- } catch (Exception e) {
- throw new AuthenticationCredentialsNotFoundException("");
+ throw new RuntimeException("eService http error!, response http status code = " + responseEntity.getStatusCode());
+ } catch (JsonProcessingException e) {
+ throw new RuntimeException("convert to json processing error!");
+ } catch (GeneralSecurityException e) {
+ throw new RuntimeException("General Security SSL error!");
}
}
- private UsernamePasswordAuthenticationToken getConsultantToken(String account, String credential) {
- Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("consultant is not in db, consultant agentNo = " + account));
+ private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException {
+ Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("閰脤“����蒂銝��慦�像�蝟餌絞銝�"));
+
+ if(consultant.getStatus() == DISABLE) {
+ throw new ConsultantDisableException("憿批�董�����銝�");
+ }
+
+ consultant.setLatestLoginTime(Instant.now());
+ consultantRepository.save(consultant);
List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths);
@@ -87,23 +106,26 @@
return authenticationToken;
}
- private ResponseEntity<EServiceResponse> loginByEService(String account, String paxxword) throws Exception{
- EServiceRequest dto = new EServiceRequest();
- dto.setFunc("ValidateUserLogin");
- dto.setId(account);
- dto.setPin(paxxword);
- dto.setPwd(paxxword);
- dto.setSys("epos");
-
- String dtoJson = new ObjectMapper().writeValueAsString(dto);
-
+ private ResponseEntity<EServiceResponse> loginByEService(String account, String paxxword) throws JsonProcessingException, GeneralSecurityException {
RestTemplate restTemplate = getTrustAllRestTemplate();
+ settingMessageConvertersToSpecifyType(restTemplate, MediaType.ALL);
+
+ String urlTemplate = UriComponentsBuilder.fromHttpUrl(applicationProperty.geteServiceLoginUrl())
+ .queryParam("func", applicationProperty.geteServiceLoginFunc())
+ .queryParam("id", account)
+ .queryParam("pin", paxxword)
+ .queryParam("pwd", paxxword)
+ .queryParam("sys", applicationProperty.geteServiceLoginSys())
+ .queryParam("transactionId", UUID.randomUUID().toString())
+ .encode().toUriString();
+
+ log.debug("http get loginByEService, url = {}", urlTemplate);
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_JSON);
- HttpEntity<String> entity = new HttpEntity<>(dtoJson, headers);
- return restTemplate.exchange(applicationProperty.geteServiceLoginUrl(), HttpMethod.POST, entity, EServiceResponse.class);
+ HttpEntity<String> entity = new HttpEntity<>(headers);
+ return restTemplate.exchange(urlTemplate, HttpMethod.GET, entity, EServiceResponse.class);
}
private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException {
@@ -120,4 +142,12 @@
requestFactory.setReadTimeout(300000);
return new RestTemplate(requestFactory);
}
+
+ private void settingMessageConvertersToSpecifyType(RestTemplate restTemplate, MediaType mediaType) {
+ List<HttpMessageConverter<?>> messageConverters = new ArrayList<>();
+ MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter();
+ converter.setSupportedMediaTypes(Collections.singletonList(mediaType));
+ messageConverters.add(converter);
+ restTemplate.setMessageConverters(messageConverters);
+ }
}
--
Gitblit v1.8.0