package com.pollex.pam.security.provider; import com.pollex.pam.business.domain.Consultant; import com.pollex.pam.business.enums.ConsultantDetailEnum; import com.pollex.pam.business.repository.ConsultantRepository; import com.pollex.pam.business.service.EServiceConnectService; import com.pollex.pam.business.service.dto.EServiceResponse; import com.pollex.pam.business.web.errors.ConsultantDisableException; import com.pollex.pam.business.config.AppProperties; import com.pollex.pam.business.security.token.EServiceAuthenticationToken; import com.pollex.pam.business.web.errors.EServiceErrorException; import com.pollex.pam.config.ApplicationProperties; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.*; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.SimpleGrantedAuthority; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.stereotype.Component; import java.security.GeneralSecurityException; import java.util.*; @Component public class EServiceAuthenticationProvider { private static final String E_SERVICE_LOGIN_SUCCESS_CODE = "true"; private static final Logger log = LoggerFactory.getLogger(EServiceAuthenticationProvider.class); @Autowired ApplicationProperties applicationProperties; @Autowired ConsultantRepository consultantRepository; @Autowired EServiceConnectService eServiceConnectService; public Authentication authenticate(EServiceAuthenticationToken authenticationToken) throws AuthenticationException { String account = authenticationToken.getPrincipal(); String credentials = authenticationToken.getCredentials(); if(applicationProperties.isMockLogin()){ return getConsultantTokenAndRecordLoginTime(account, credentials); } try { ResponseEntity responseEntity = eServiceConnectService.loginByEService(account, credentials); if(HttpStatus.OK.equals(responseEntity.getStatusCode())) { EServiceResponse eServiceResponse = responseEntity.getBody(); log.debug("eService response = {}", eServiceResponse); if(E_SERVICE_LOGIN_SUCCESS_CODE.equals(eServiceResponse.getIssuccess())){ return getConsultantTokenAndRecordLoginTime(account, credentials); } else { log.debug("account:{},error:{}",account,eServiceResponse.getMsg()); throw new EServiceErrorException("帳號密碼錯誤"); } } throw new RuntimeException("eService http error!, response http status code = " + responseEntity.getStatusCode()); } catch (GeneralSecurityException e) { throw new RuntimeException("General Security SSL error!"); } } private UsernamePasswordAuthenticationToken getConsultantTokenAndRecordLoginTime(String account, String credential) throws ConsultantDisableException { Consultant consultant = consultantRepository.findOneByAgentNo(account).orElseThrow(() -> new UsernameNotFoundException("帳號密碼錯誤")); List grantedAuths = Arrays.asList(new SimpleGrantedAuthority("ROLE_USER")); UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(account, credential, grantedAuths); Map details = new HashMap<>(); details.put(ConsultantDetailEnum.ID.getValue(), consultant.getId().toString()); details.put(ConsultantDetailEnum.NAME.getValue(), consultant.getName()); details.put(ConsultantDetailEnum.AGENT_NO.getValue(), account); authenticationToken.setDetails(details); return authenticationToken; } }