From cc752b0680d6f4975b14a3cdc2b8922e8d3bf0ee Mon Sep 17 00:00:00 2001
From: wayne <wayne8692wayne8692@gmail.com>
Date: 星期一, 29 十一月 2021 19:56:39 +0800
Subject: [PATCH] [update] Otp認證錯誤代碼規格調整
---
pamapi/src/main/java/com/pollex/pam/web/rest/errors/CustomerNotRegisteredException.java | 8 ++++
pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java | 3 +
pamapi/src/doc/登入API/客戶認證OTP並登入.txt | 7 ++-
pamapi/src/main/java/com/pollex/pam/web/rest/errors/OtpLoginFailException.java | 11 +++++
pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java | 6 +--
pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java | 31 +++++++--------
6 files changed, 42 insertions(+), 24 deletions(-)
diff --git "a/pamapi/src/doc/\347\231\273\345\205\245API/\345\256\242\346\210\266\350\252\215\350\255\211OTP\344\270\246\347\231\273\345\205\245.txt" "b/pamapi/src/doc/\347\231\273\345\205\245API/\345\256\242\346\210\266\350\252\215\350\255\211OTP\344\270\246\347\231\273\345\205\245.txt"
index 124c914..cdd2b1f 100644
--- "a/pamapi/src/doc/\347\231\273\345\205\245API/\345\256\242\346\210\266\350\252\215\350\255\211OTP\344\270\246\347\231\273\345\205\245.txt"
+++ "b/pamapi/src/doc/\347\231\273\345\205\245API/\345\256\242\346\210\266\350\252\215\350\255\211OTP\344\270\246\347\231\273\345\205\245.txt"
@@ -8,10 +8,13 @@
"otpCode": "123" // �����縑蝞望�����Ⅳ
}
-���ev銝剖恥�撣唾���撌崎eams��mail靽∠拳��� (�����垢撌亦�葦��A撣唾�歇蝬�末)��
�ndexKey��tpCode�dev�銝��遙雿���隞亦���
-response body:
+response body: �Otp隤����府撣唾�歇閮餃�迨蝟餌絞
{
"id_token": "eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJ3YXluZUBwb2xsZXguY29tLnR3IiwiYXV0aCI6IlJPTEVfVVNFUiIsImRldGFpbHMiOnsiQ3VzdG9tZXJBY2NvdW50Ijoid2F5bmVAcG9sbGV4LmNvbS50dyIsIkN1c3RvbWVySWQiOiI2IiwiQ3VzdG9tZXJOYW1lIjoiV2F5bmUifSwiZXhwIjoxNjM3NjQ5NzUzfQ.6xqkWG7kQPUHOys8vPdx6ebgH1wgZ4gysFEa1t1jCnKB44VsFZ8PjtUlN2mvroBdGtPwpOynoTHU7HvAQ3_mnQ"
}
+
+�Otp隤�隤斗��� 401嚗etail���府甈﹒tp蝟餌絞���隤方�
+�Otp隤�����府account撠閮餃���� 403
+���隞頂蝯梢隤斤絞銝����500
diff --git a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
index 675c809..3802087 100644
--- a/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
+++ b/pamapi/src/main/java/com/pollex/pam/security/provider/OtpAuthenticationProvider.java
@@ -1,16 +1,14 @@
package com.pollex.pam.security.provider;
+import com.pollex.pam.web.rest.errors.CustomerNotRegisteredException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.stereotype.Component;
import com.pollex.pam.domain.Customer;
-import com.pollex.pam.domain.OtpTmp;
-import com.pollex.pam.enums.OtpTmpStatusEnum;
import com.pollex.pam.repository.CustomerRepository;
import com.pollex.pam.security.token.OtpAuthenticationToken;
import com.pollex.pam.service.CustomerAuthService;
@@ -46,7 +44,7 @@
.orElse(null);
if (customer == null) {
- throw new AuthenticationCredentialsNotFoundException("");
+ throw new CustomerNotRegisteredException();
}
return customerAuthService.buildCustomerAuthToken(customer, otpCode, indexKey);
diff --git a/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java b/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java
index be48bd2..a0d7494 100644
--- a/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java
+++ b/pamapi/src/main/java/com/pollex/pam/service/OtpUtilService.java
@@ -2,6 +2,7 @@
import com.pollex.pam.domain.OtpTmp;
import com.pollex.pam.enums.OtpTmpStatusEnum;
+import com.pollex.pam.web.rest.errors.OtpLoginFailException;
import com.pollex.pam.web.rest.vm.VerifyOtpVM;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -37,25 +38,21 @@
@Transactional
public void verifyOtp(String account, String indexKey, String otpCode) {
- try {
- if(applicationProperty.isMockLogin()){
- loginRecordService.saveOTPLoginSuccessRecord(account);
- log.debug("Do MockLogin");
- } else { // otp logon
- OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
- if (otpResponseDTO.isSuccess()) {
- loginRecordService.saveOTPLoginSuccessRecord(account);
- }
- else {
- loginRecordService.saveOTPLoginFailRecord(account, otpResponseDTO.getFailReason());
- throw new AuthenticationCredentialsNotFoundException("");
- }
+ if (applicationProperty.isMockLogin()) {
+ log.debug("Do MockLogin");
+ } else { // otp logon
+ OtpResponseDTO otpResponseDTO = otpWebService.verifyOTP(indexKey, otpCode);
+ if (otpResponseDTO.isSuccess()) {
+ log.info("otp login success!");
}
- setVerrifiedOtpTmp(account, indexKey);
- } catch (Exception e) {
- log.error("Exception: ", e);
- throw new AuthenticationCredentialsNotFoundException("");
+ else {
+ log.info("otp login fail... , account = {}, failReason = {}", account, otpResponseDTO.getFailReason());
+ loginRecordService.saveOTPLoginFailRecord(account, otpResponseDTO.getFailReason());
+ throw new OtpLoginFailException(otpResponseDTO.getFailReason());
+ }
}
+ loginRecordService.saveOTPLoginSuccessRecord(account);
+ setVerrifiedOtpTmp(account, indexKey);
}
private void setVerrifiedOtpTmp(String account, String indexKey) {
diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
index dbb8c05..883c80a 100644
--- a/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/OtpResource.java
@@ -3,6 +3,7 @@
import java.util.Arrays;
import java.util.UUID;
+import com.pollex.pam.web.rest.errors.CustomerNotRegisteredException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
@@ -90,7 +91,7 @@
.orElse(null);
if (customer == null) {
- return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build();
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
}
String jwt = customerAuthService.authorize(customer, verifyOtpParam.getIndexKey(), verifyOtpParam.getOtpCode());
diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/errors/CustomerNotRegisteredException.java b/pamapi/src/main/java/com/pollex/pam/web/rest/errors/CustomerNotRegisteredException.java
new file mode 100644
index 0000000..89acfc0
--- /dev/null
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/errors/CustomerNotRegisteredException.java
@@ -0,0 +1,8 @@
+package com.pollex.pam.web.rest.errors;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(code = HttpStatus.FORBIDDEN, reason = "CustomerNotRegistered")
+public class CustomerNotRegisteredException extends RuntimeException{
+}
diff --git a/pamapi/src/main/java/com/pollex/pam/web/rest/errors/OtpLoginFailException.java b/pamapi/src/main/java/com/pollex/pam/web/rest/errors/OtpLoginFailException.java
new file mode 100644
index 0000000..65ff04f
--- /dev/null
+++ b/pamapi/src/main/java/com/pollex/pam/web/rest/errors/OtpLoginFailException.java
@@ -0,0 +1,11 @@
+package com.pollex.pam.web.rest.errors;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(code = HttpStatus.UNAUTHORIZED)
+public class OtpLoginFailException extends RuntimeException{
+ public OtpLoginFailException(String message) {
+ super(message);
+ }
+}
--
Gitblit v1.8.0