argos/dmp-backend/src/main/java/eu/eudat/services/operations/AuthenticationServiceImpl.java

190 lines
9.2 KiB
Java
Raw Normal View History

2018-03-05 17:18:45 +01:00
package eu.eudat.services.operations;
2017-12-15 17:57:41 +01:00
2018-02-16 08:45:18 +01:00
import eu.eudat.builders.entity.CredentialBuilder;
import eu.eudat.builders.entity.UserInfoBuilder;
import eu.eudat.builders.entity.UserTokenBuilder;
import eu.eudat.builders.model.models.PrincipalBuilder;
2018-01-10 17:05:23 +01:00
import eu.eudat.entities.Credential;
2017-12-15 17:57:41 +01:00
import eu.eudat.entities.UserInfo;
2018-01-31 16:39:16 +01:00
import eu.eudat.entities.UserRole;
2017-12-15 17:57:41 +01:00
import eu.eudat.entities.UserToken;
2018-01-10 17:05:23 +01:00
import eu.eudat.models.criteria.UserInfoCriteria;
2018-01-31 16:39:16 +01:00
import eu.eudat.models.login.Credentials;
2018-01-10 17:05:23 +01:00
import eu.eudat.models.loginprovider.LoginProviderUser;
2017-12-15 17:57:41 +01:00
import eu.eudat.models.security.Principal;
2018-01-10 17:05:23 +01:00
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
2018-03-05 17:18:45 +01:00
import eu.eudat.services.ApiContext;
2018-01-31 16:39:16 +01:00
import eu.eudat.types.Authorities;
2017-12-15 17:57:41 +01:00
import org.springframework.beans.factory.annotation.Autowired;
2018-01-31 16:39:16 +01:00
import org.springframework.core.env.Environment;
2017-12-15 17:57:41 +01:00
import org.springframework.stereotype.Service;
2018-01-31 16:39:16 +01:00
import org.springframework.transaction.annotation.Transactional;
2017-12-15 17:57:41 +01:00
2018-01-10 17:05:23 +01:00
import java.util.*;
2017-12-15 17:57:41 +01:00
2018-02-01 10:08:06 +01:00
2018-03-05 17:18:45 +01:00
@Service("authenticationService")
public class AuthenticationServiceImpl implements AuthenticationService {
2018-01-10 17:05:23 +01:00
private ApiContext apiContext;
2018-01-31 16:39:16 +01:00
private Environment environment;
2018-01-10 17:05:23 +01:00
2017-12-15 17:57:41 +01:00
@Autowired
2018-03-05 17:18:45 +01:00
public AuthenticationServiceImpl(ApiContext apiContext, Environment environment) {
2018-01-31 16:39:16 +01:00
this.environment = environment;
2018-01-10 17:05:23 +01:00
this.apiContext = apiContext;
}
2017-12-15 17:57:41 +01:00
2018-01-31 16:39:16 +01:00
public Principal Touch(UUID token) {
2018-03-05 17:18:45 +01:00
UserToken tokenEntry = this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().find(token);
2017-12-15 17:57:41 +01:00
if (tokenEntry == null || tokenEntry.getExpiresAt().before(new Date())) return null;
2018-02-01 08:47:24 +01:00
return this.Touch(tokenEntry);
2017-12-15 17:57:41 +01:00
}
2018-01-31 16:39:16 +01:00
public void Logout(UUID token) {
2018-03-05 17:18:45 +01:00
UserToken tokenEntry = this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().find(token);
this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().delete(tokenEntry);
2017-12-15 17:57:41 +01:00
}
2018-01-31 16:39:16 +01:00
private Principal Touch(UserToken token) {
2017-12-15 17:57:41 +01:00
if (token == null || token.getExpiresAt().before(new Date())) return null;
2018-03-05 17:18:45 +01:00
UserInfo user = this.apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().find(token.getUser().getId());
2018-01-31 16:39:16 +01:00
if (user == null) return null;
2017-12-15 17:57:41 +01:00
2018-03-05 17:18:45 +01:00
Principal principal = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(PrincipalBuilder.class)
2018-02-16 08:45:18 +01:00
.id(user.getId()).token(token.getToken())
.expiresAt(token.getExpiresAt()).name(user.getName())
.build();
2017-12-15 17:57:41 +01:00
2018-03-05 17:18:45 +01:00
List<UserRole> userRoles = apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().getUserRoles(user);
2018-01-31 16:39:16 +01:00
for (UserRole item : userRoles) {
2018-02-01 08:47:24 +01:00
if (principal.getAuthz() == null) principal.setAuthorities(new HashSet<>());
2018-01-31 16:39:16 +01:00
principal.getAuthz().add(Authorities.fromInteger(item.getRole()));
2017-12-15 17:57:41 +01:00
}
return principal;
}
2018-01-10 17:05:23 +01:00
2018-01-31 16:39:16 +01:00
public Principal Touch(Credentials credentials) {
2018-03-05 17:18:45 +01:00
Credential credential = this.apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().getLoggedInCredentials(credentials);
2018-01-31 16:39:16 +01:00
2018-02-16 08:45:18 +01:00
if (credential == null && credentials.getUsername().equals(environment.getProperty("autouser.root.username"))) {
try {
credential = this.autoCreateUser(credentials.getUsername(), credentials.getSecret());
} catch (Exception e) {
e.printStackTrace();
return null;
}
}
2018-02-01 08:47:24 +01:00
if (credential == null) return null;
2018-01-31 16:39:16 +01:00
2018-03-05 17:18:45 +01:00
UserToken userToken = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserTokenBuilder.class)
2018-02-16 08:45:18 +01:00
.issuedAt(new Date()).user(credential.getUserInfo())
.token(UUID.randomUUID()).expiresAt(addADay(new Date()))
.build();
2018-03-05 17:18:45 +01:00
userToken = apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
2018-01-31 16:39:16 +01:00
return this.Touch(userToken);
}
public Principal Touch(LoginProviderUser profile) {
2018-01-10 17:05:23 +01:00
UserInfoCriteria criteria = new UserInfoCriteria();
criteria.setEmail(profile.getEmail());
2018-02-23 11:36:51 +01:00
2018-03-05 17:18:45 +01:00
UserInfo userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().asQueryable().withHint("userInfo").where((builder, root) -> builder.equal(root.get("email"), profile.getEmail())).getSingleOrDefault();
2018-02-09 16:54:41 +01:00
2018-03-05 17:18:45 +01:00
if (userInfo == null) {
Optional<Credential> optionalCredential = Optional.ofNullable(apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao()
2018-02-23 11:36:51 +01:00
.asQueryable().withHint("credentialUserInfo")
.where((builder, root) -> builder.and(builder.equal(root.get("provider"), profile.getProvider().getValue()), builder.equal(root.get("externalId"), profile.getId())))
.getSingleOrDefault());
userInfo = optionalCredential.map(Credential::getUserInfo).orElse(null);
}
2018-03-05 17:18:45 +01:00
final Credential credential = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(CredentialBuilder.class)
2018-02-16 08:45:18 +01:00
.id(UUID.randomUUID()).creationTime(new Date()).status(1)
.lastUpdateTime(new Date()).provider((int) profile.getProvider().getValue())
2018-02-23 11:36:51 +01:00
.secret(profile.getSecret()).externalId(profile.getId())
2018-02-16 08:45:18 +01:00
.build();
2018-01-31 16:39:16 +01:00
if (userInfo == null) {
2018-03-05 17:18:45 +01:00
userInfo = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserInfoBuilder.class)
2018-02-16 08:45:18 +01:00
.name(profile.getName()).verified_email(profile.getIsVerified())
.email(profile.getEmail()).created(new Date()).lastloggedin(new Date())
.authorization_level((short) 1).usertype((short) 1)
.build();
2018-03-05 17:18:45 +01:00
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
2018-01-10 17:05:23 +01:00
credential.setPublicValue(userInfo.getName());
credential.setUserInfo(userInfo);
2018-03-05 17:18:45 +01:00
apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
2018-01-31 16:39:16 +01:00
UserRole role = new UserRole();
role.setRole(Authorities.USER.getValue());
role.setUserInfo(userInfo);
2018-03-05 17:18:45 +01:00
apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().createOrUpdate(role);
2018-01-31 16:39:16 +01:00
} else {
2018-01-10 17:05:23 +01:00
userInfo.setLastloggedin(new Date());
Set<Credential> credentials = userInfo.getCredentials();
2018-01-31 16:39:16 +01:00
if (credentials.contains(credential)) {
Credential oldCredential = credentials.stream().filter(item -> credential.getProvider().equals(item.getProvider())).findFirst().get();
2018-01-10 17:05:23 +01:00
credential.setId(oldCredential.getId());
2018-01-31 16:39:16 +01:00
} else {
2018-01-10 17:05:23 +01:00
credential.setUserInfo(userInfo);
credential.setId(UUID.randomUUID());
credential.setPublicValue(userInfo.getName());
2018-03-05 17:18:45 +01:00
apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
2018-01-10 17:05:23 +01:00
userInfo.getCredentials().add(credential);
}
2018-03-05 17:18:45 +01:00
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
2018-01-10 17:05:23 +01:00
}
2018-03-05 17:18:45 +01:00
UserToken userToken = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserTokenBuilder.class)
2018-02-16 08:45:18 +01:00
.token(UUID.randomUUID()).user(userInfo)
.expiresAt(addADay(new Date())).issuedAt(new Date())
.build();
2018-03-05 17:18:45 +01:00
apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
2018-01-10 17:05:23 +01:00
return Touch(userToken.getToken());
}
2018-01-31 16:39:16 +01:00
private Date addADay(Date date) {
2018-01-10 17:05:23 +01:00
Date dt = new Date();
Calendar c = Calendar.getInstance();
c.setTime(dt);
c.add(Calendar.DATE, 1);
dt = c.getTime();
return dt;
}
2018-01-31 16:39:16 +01:00
@Transactional
2018-02-01 08:47:24 +01:00
private Credential autoCreateUser(String username, String password) {
if (!environment.getProperty("autouser.root.username").equals(username) || !environment.getProperty("autouser.root.password").equals(password))
return null;
2018-01-31 16:39:16 +01:00
2018-03-05 17:18:45 +01:00
UserInfo userInfo = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserInfoBuilder.class)
2018-02-16 08:45:18 +01:00
.name(username).email(environment.getProperty("autouser.root.email")).created(new Date())
.lastloggedin(new Date()).authorization_level((short) 1).usertype((short) 1)
.build();
2018-03-05 17:18:45 +01:00
userInfo = this.apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
2018-01-31 16:39:16 +01:00
UserRole role = new UserRole();
role.setRole(Authorities.ADMIN.getValue());
role.setUserInfo(userInfo);
2018-03-05 17:18:45 +01:00
this.apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().createOrUpdate(role);
2018-01-31 16:39:16 +01:00
2018-03-05 17:18:45 +01:00
Credential credential = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(CredentialBuilder.class)
2018-02-16 08:45:18 +01:00
.userInfo(userInfo).publicValue(username).secret(password)
.provider((int) TokenValidatorFactoryImpl.LoginProvider.NATIVELOGIN.getValue())
.creationTime(new Date()).lastUpdateTime(new Date()).status(0)
.build();
2018-03-05 17:18:45 +01:00
return this.apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
2018-01-31 16:39:16 +01:00
}
2017-12-15 17:57:41 +01:00
}