From bdcaac32492b5e6223fef4304f4d86403e877022 Mon Sep 17 00:00:00 2001
From: Jack <jack.su@pollex.com.tw>
Date: 星期五, 26 十一月 2021 18:33:11 +0800
Subject: [PATCH] [UPDATE] 調整註冊和OTP登入的流程

---
 pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java |   44 ++++++++++++++++++++++++++++++++++++++++----
 1 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java b/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java
index 6960ee6..aa9b5b4 100644
--- a/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java
+++ b/pamapi/src/main/java/com/pollex/pam/service/CustomerAuthService.java
@@ -1,34 +1,70 @@
 package com.pollex.pam.service;
 
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
 
+import com.pollex.pam.domain.Customer;
+import com.pollex.pam.enums.CustomerDetailEnum;
+import com.pollex.pam.repository.CustomerRepository;
 import com.pollex.pam.security.jwt.TokenProvider;
 import com.pollex.pam.security.token.OtpAuthenticationToken;
 import com.pollex.pam.web.rest.vm.OtpAccount;
 
 @Service
+@Transactional
 public class CustomerAuthService {
 	
 	@Autowired
     AuthenticationManagerBuilder authenticationManagerBuilder;
+	
+	@Autowired
+    CustomerRepository customerRepository;
 
     @Autowired
     TokenProvider tokenProvider;
-	
-	public String authorize(String account, String indexKey, String otpCode) {
-		OtpAccount otpAccount = new OtpAccount(account, indexKey);
+    
+	public String authorize(Customer account, String indexKey, String otpCode) {
+		OtpAccount otpAccount = OtpAccount.createOtpAccount(account, indexKey);
         OtpAuthenticationToken authenticationToken = new OtpAuthenticationToken(
             otpAccount,
             otpCode
         );
 
-        Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
         SecurityContextHolder.getContext().setAuthentication(authenticationToken);
+        
+        Authentication authentication = buildCustomerAuthToken(account, otpCode, indexKey);
         String jwt = tokenProvider.createToken(authentication, false);
         return jwt;
 	}
+	
+	public UsernamePasswordAuthenticationToken buildCustomerAuthToken(Customer customer
+    		, String otpCode, String indexKey) {
+    	
+        List<GrantedAuthority> grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
+        
+        final String account = customer.toAccountString();
+        UsernamePasswordAuthenticationToken authenticationToken = 
+        		new UsernamePasswordAuthenticationToken(account, otpCode, grantedAuths);
+
+        Map<String, String> details = new HashMap<>();
+        details.put(CustomerDetailEnum.ID.getValue(), customer.getId().toString());
+        details.put(CustomerDetailEnum.NAME.getValue(), customer.getName());
+        details.put(CustomerDetailEnum.ACCOUNT.getValue(), account);
+//        details.put(CustomerDetailEnum.CONTACT_TYPE.getValue(), customer.getContactType());
+        authenticationToken.setDetails(details);
+
+        return authenticationToken;
+    }
 }

--
Gitblit v1.8.0