package com.pollex.pam.web.rest; import com.fasterxml.jackson.databind.ObjectMapper; import com.pollex.pam.config.ApplicationProperties; import com.pollex.pam.security.jwt.JWTFilter; import com.pollex.pam.security.jwt.TokenProvider; import com.pollex.pam.security.token.EServiceAuthenticationToken; import com.pollex.pam.security.token.OtpAuthenticationToken; import com.pollex.pam.service.LoginService; import com.pollex.pam.service.OtpWebService; import com.pollex.pam.service.dto.EServiceRequest; import com.pollex.pam.service.dto.EServiceResponse; import com.pollex.pam.service.dto.OtpResponseDTO; import com.pollex.pam.web.rest.vm.OtpAccount; import org.apache.http.conn.ssl.NoopHostnameVerifier; import org.apache.http.conn.ssl.SSLConnectionSocketFactory; import org.apache.http.impl.client.CloseableHttpClient; import org.apache.http.impl.client.HttpClients; import org.apache.http.ssl.SSLContexts; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.*; import org.springframework.http.client.HttpComponentsClientHttpRequestFactory; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.web.bind.annotation.*; import org.springframework.web.client.RestTemplate; import tw.com.softleader.otp.ws.OtpWebServicePortBindingStub; import javax.net.ssl.SSLContext; import javax.xml.rpc.ServiceException; import java.rmi.RemoteException; import java.security.KeyManagementException; import java.security.KeyStoreException; import java.security.NoSuchAlgorithmException; import java.security.cert.X509Certificate; import java.util.ArrayList; import java.util.Collections; import java.util.List; // todo,僅為初期接login方便使用而用get的方式登入,目前已拆出OtpResource與EServiceResource,主要是用這兩個做登入 @Deprecated @RestController @RequestMapping("/api/testLogin") public class TestLoginResource { private final static Logger log = LoggerFactory.getLogger(TestLoginResource.class); @Autowired LoginService loginService; @Autowired ApplicationProperties applicationProperty; @Autowired OtpWebService otpWebService; @Autowired AuthenticationManagerBuilder authenticationManagerBuilder; @Autowired TokenProvider tokenProvider; @GetMapping("/bySMS") public ResponseEntity sendOtpBySMS(@RequestParam("phone") String phone) throws ServiceException, RemoteException { final OtpResponseDTO otpResponseDTO = otpWebService.sendByPhone(phone); return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK); } @GetMapping("/byEmail") public ResponseEntity sendOtpByEmail(@RequestParam("email") String email) throws RemoteException, ServiceException { final OtpResponseDTO otpResponseDTO = otpWebService.sendByEmail(email); return new ResponseEntity<>(otpResponseDTO, HttpStatus.OK); } @GetMapping("/verifyOtp") public ResponseEntity verifyOtp(@RequestParam("account") String account, @RequestParam("indexKey") String indexKey, @RequestParam("otpCode") String otpCode) throws ServiceException, RemoteException { OtpWebServicePortBindingStub stub = otpWebService.getOtpWebServicePortBindingStub(); log.info("call OtpService verifyOTP, systemType = {}, service password = {}, indexKey = {}, paxxword = {}", applicationProperty.getOtpWebServiceSystemType(), applicationProperty.getOtpWebServicePassword(), indexKey, otpCode); String[] result = stub.verifyOtp(applicationProperty.getOtpWebServicePassword(), applicationProperty.getOtpWebServiceSystemType(), indexKey, otpCode); return new ResponseEntity<>(new OtpResponseDTO(result), HttpStatus.OK); } @GetMapping("/byEService") public ResponseEntity loginByEService(@RequestParam("account") String account, @RequestParam("password") String password) throws Exception { EServiceRequest dto = new EServiceRequest(); dto.setFunc("ValidateUserLogin"); dto.setId(account); dto.setPin(password); dto.setPwd(password); dto.setSys("epos"); String dtoJson = new ObjectMapper().writeValueAsString(dto); RestTemplate restTemplate = getTrustAllRestTemplate(); settingMessageConvertesToSpecifyType(restTemplate, MediaType.ALL); HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_JSON); HttpEntity entity = new HttpEntity<>(dtoJson, headers); return restTemplate.exchange(applicationProperty.geteServiceLoginUrl(), HttpMethod.POST, entity, EServiceResponse.class); } private void settingMessageConvertesToSpecifyType(RestTemplate restTemplate, MediaType mediaType) { List> messageConverters = new ArrayList<>(); MappingJackson2HttpMessageConverter converter = new MappingJackson2HttpMessageConverter(); converter.setSupportedMediaTypes(Collections.singletonList(mediaType)); messageConverters.add(converter); restTemplate.setMessageConverters(messageConverters); } private RestTemplate getTrustAllRestTemplate() throws KeyStoreException, NoSuchAlgorithmException, KeyManagementException { SSLContext sslContext = SSLContexts.custom() .loadTrustMaterial(null, (X509Certificate[] x509Certs, String s) -> true) .build(); SSLConnectionSocketFactory csf = new SSLConnectionSocketFactory(sslContext, new NoopHostnameVerifier()); CloseableHttpClient httpClient = HttpClients.custom() .setSSLSocketFactory(csf) .build(); HttpComponentsClientHttpRequestFactory requestFactory = new HttpComponentsClientHttpRequestFactory(); requestFactory.setHttpClient(httpClient); requestFactory.setConnectTimeout(300000); requestFactory.setReadTimeout(300000); return new RestTemplate(requestFactory); } }