2019-07-12 15:58:17 +02:00
|
|
|
package eu.eudat.logic.services.operations.authentication;
|
|
|
|
|
|
|
|
import eu.eudat.data.entities.Credential;
|
|
|
|
import eu.eudat.data.entities.UserInfo;
|
|
|
|
import eu.eudat.data.entities.UserRole;
|
|
|
|
import eu.eudat.data.entities.UserToken;
|
|
|
|
import eu.eudat.exceptions.security.NullEmailException;
|
|
|
|
import eu.eudat.logic.builders.entity.CredentialBuilder;
|
|
|
|
import eu.eudat.logic.builders.entity.UserInfoBuilder;
|
|
|
|
import eu.eudat.logic.builders.entity.UserTokenBuilder;
|
|
|
|
import eu.eudat.logic.security.validators.TokenValidatorFactoryImpl;
|
|
|
|
import eu.eudat.logic.services.ApiContext;
|
|
|
|
import eu.eudat.models.data.login.Credentials;
|
|
|
|
import eu.eudat.models.data.loginprovider.LoginProviderUser;
|
|
|
|
import eu.eudat.models.data.security.Principal;
|
|
|
|
import eu.eudat.types.Authorities;
|
|
|
|
import org.json.JSONObject;
|
2020-01-16 16:46:24 +01:00
|
|
|
import org.slf4j.Logger;
|
|
|
|
import org.slf4j.LoggerFactory;
|
2019-07-12 15:58:17 +02:00
|
|
|
import org.springframework.core.env.Environment;
|
|
|
|
import org.springframework.transaction.annotation.Transactional;
|
|
|
|
|
2020-09-07 17:15:52 +02:00
|
|
|
import java.sql.Timestamp;
|
2020-04-03 17:40:03 +02:00
|
|
|
import java.time.Instant;
|
2020-09-07 17:15:52 +02:00
|
|
|
import java.time.LocalDateTime;
|
2019-07-12 15:58:17 +02:00
|
|
|
import java.util.*;
|
|
|
|
|
|
|
|
public abstract class AbstractAuthenticationService implements AuthenticationService {
|
2020-01-16 16:46:24 +01:00
|
|
|
private static final Logger logger = LoggerFactory.getLogger(AbstractAuthenticationService.class);
|
2019-07-12 15:58:17 +02:00
|
|
|
|
|
|
|
protected ApiContext apiContext;
|
|
|
|
protected Environment environment;
|
|
|
|
|
|
|
|
public AbstractAuthenticationService(ApiContext apiContext, Environment environment) {
|
|
|
|
this.apiContext = apiContext;
|
|
|
|
this.environment = environment;
|
|
|
|
}
|
|
|
|
|
|
|
|
protected Date addADay(Date date) {
|
|
|
|
Date dt = new Date();
|
|
|
|
Calendar c = Calendar.getInstance();
|
|
|
|
c.setTime(dt);
|
|
|
|
c.add(Calendar.DATE, 1);
|
|
|
|
dt = c.getTime();
|
|
|
|
return dt;
|
|
|
|
}
|
|
|
|
|
|
|
|
abstract Principal Touch(UserToken token);
|
|
|
|
|
|
|
|
@Transactional
|
|
|
|
protected Credential autoCreateUser(String username, String password) {
|
|
|
|
if (!environment.getProperty("autouser.root.username").equals(username) || !environment.getProperty("autouser.root.password").equals(password))
|
|
|
|
return null;
|
|
|
|
|
|
|
|
UserInfo userInfo = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserInfoBuilder.class)
|
|
|
|
.name(username).email(environment.getProperty("autouser.root.email")).created(new Date())
|
2020-10-27 17:06:58 +01:00
|
|
|
.lastloggedin(new Date()).authorization_level((short) 1).usertype((short) 1).userStatus((short)0)
|
2019-07-12 15:58:17 +02:00
|
|
|
.build();
|
|
|
|
|
|
|
|
userInfo = this.apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
|
|
|
|
|
|
|
|
UserRole role = new UserRole();
|
|
|
|
role.setRole(Authorities.ADMIN.getValue());
|
|
|
|
role.setUserInfo(userInfo);
|
|
|
|
this.apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().createOrUpdate(role);
|
|
|
|
|
|
|
|
Credential credential = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(CredentialBuilder.class)
|
|
|
|
.id(UUID.randomUUID()).userInfo(userInfo).publicValue(username).secret(password)
|
|
|
|
.provider((int) TokenValidatorFactoryImpl.LoginProvider.NATIVELOGIN.getValue())
|
|
|
|
.creationTime(new Date()).lastUpdateTime(new Date()).status(0)
|
|
|
|
.build();
|
|
|
|
|
|
|
|
return this.apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
|
|
|
|
}
|
|
|
|
|
|
|
|
public Principal Touch(UUID token) {
|
|
|
|
UserToken tokenEntry = this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().find(token);
|
|
|
|
if (tokenEntry == null || tokenEntry.getExpiresAt().before(new Date())) return null;
|
|
|
|
|
|
|
|
return this.Touch(tokenEntry);
|
|
|
|
}
|
|
|
|
|
|
|
|
public void Logout(UUID token) {
|
|
|
|
UserToken tokenEntry = this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().find(token);
|
|
|
|
this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().delete(tokenEntry);
|
|
|
|
}
|
|
|
|
|
|
|
|
public Principal Touch(Credentials credentials) throws NullEmailException {
|
|
|
|
Credential credential = this.apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().getLoggedInCredentials(credentials.getUsername(), credentials.getSecret(), TokenValidatorFactoryImpl.LoginProvider.NATIVELOGIN.getValue());
|
|
|
|
|
|
|
|
if (credential == null && credentials.getUsername().equals(environment.getProperty("autouser.root.username"))) {
|
|
|
|
try {
|
|
|
|
credential = this.autoCreateUser(credentials.getUsername(), credentials.getSecret());
|
|
|
|
} catch (Exception e) {
|
2020-01-16 16:46:24 +01:00
|
|
|
logger.error(e.getMessage(), e);
|
2019-07-12 15:58:17 +02:00
|
|
|
return null;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (credential == null) return null;
|
|
|
|
|
|
|
|
UserToken userToken = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserTokenBuilder.class)
|
|
|
|
.issuedAt(new Date()).user(credential.getUserInfo())
|
2021-07-21 10:17:32 +02:00
|
|
|
.token(UUID.randomUUID()).expiresAt(Timestamp.valueOf(LocalDateTime.now().plusDays(10)))
|
2019-07-12 15:58:17 +02:00
|
|
|
.build();
|
|
|
|
|
|
|
|
userToken = apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
|
|
|
|
|
|
|
|
return this.Touch(userToken);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
public Principal Touch(LoginProviderUser profile) throws NullEmailException {
|
|
|
|
|
2020-10-27 17:06:58 +01:00
|
|
|
UserInfo userInfo;// = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().asQueryable().withHint("userInfo").where((builder, root) -> builder.and(builder.equal(root.get("email"), profile.getEmail()), builder.equal(root.get("userStatus"), 0))).getSingleOrDefault();
|
2019-07-12 15:58:17 +02:00
|
|
|
|
2020-10-27 17:06:58 +01:00
|
|
|
//if (userInfo == null) {
|
2019-07-12 15:58:17 +02:00
|
|
|
Optional<Credential> optionalCredential = Optional.ofNullable(apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao()
|
|
|
|
.asQueryable().withHint("credentialUserInfo")
|
|
|
|
.where((builder, root) -> builder.and(builder.equal(root.get("provider"), profile.getProvider().getValue()), builder.equal(root.get("externalId"), profile.getId())))
|
|
|
|
.getSingleOrDefault());
|
|
|
|
userInfo = optionalCredential.map(Credential::getUserInfo).orElse(null);
|
2020-11-04 15:52:10 +01:00
|
|
|
if (userInfo != null) {
|
|
|
|
if (userInfo.getUserStatus() == 1) {
|
|
|
|
userInfo = null;
|
|
|
|
}
|
2020-10-27 17:06:58 +01:00
|
|
|
}
|
|
|
|
//}
|
|
|
|
if (userInfo == null) {
|
|
|
|
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().asQueryable().withHint("userInfo").where((builder, root) -> builder.and(builder.equal(root.get("email"), profile.getEmail()), builder.equal(root.get("userStatus"), 0))).getSingleOrDefault();
|
2019-07-12 15:58:17 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
final Credential credential = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(CredentialBuilder.class)
|
|
|
|
.id(UUID.randomUUID())
|
|
|
|
.creationTime(new Date())
|
|
|
|
.status(1)
|
|
|
|
.lastUpdateTime(new Date())
|
|
|
|
.provider(profile.getProvider().getValue())
|
|
|
|
.secret(profile.getSecret())
|
|
|
|
.externalId(profile.getId())
|
2020-10-27 17:08:16 +01:00
|
|
|
.email(profile.getEmail())
|
2019-07-12 15:58:17 +02:00
|
|
|
.build();
|
|
|
|
|
|
|
|
if (userInfo == null) {
|
|
|
|
userInfo = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserInfoBuilder.class)
|
|
|
|
.name(profile.getName()).verified_email(profile.getIsVerified())
|
|
|
|
.email(profile.getEmail()).created(new Date()).lastloggedin(new Date())
|
2020-04-10 16:16:37 +02:00
|
|
|
.additionalinfo("{\"data\":{\"avatar\":{\"url\":\"" + profile.getAvatarUrl()
|
2020-05-04 16:19:23 +02:00
|
|
|
+ "\"},\"zenodoToken\":\"" + profile.getZenodoId()
|
|
|
|
+ "\", \"expirationDate\": \"" + Instant.now().plusSeconds((profile.getZenodoExpire() != null ? profile.getZenodoExpire(): 0)).toEpochMilli()
|
2020-04-10 16:16:37 +02:00
|
|
|
+ "\", \"zenodoRefresh\": \"" + profile.getZenodoRefresh()
|
2020-05-04 16:19:23 +02:00
|
|
|
+ (profile.getProvider() == TokenValidatorFactoryImpl.LoginProvider.ZENODO ? "\", \"zenodoEmail\": \"" + profile.getEmail() : "") +"\"}}")
|
2020-10-27 17:06:58 +01:00
|
|
|
.authorization_level((short) 1).usertype((short) 1).userStatus((short)0)
|
2019-07-12 15:58:17 +02:00
|
|
|
.build();
|
|
|
|
|
|
|
|
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
|
|
|
|
credential.setPublicValue(userInfo.getName());
|
2020-10-23 17:40:17 +02:00
|
|
|
credential.setEmail(userInfo.getEmail());
|
2019-07-12 15:58:17 +02:00
|
|
|
credential.setUserInfo(userInfo);
|
|
|
|
apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
|
|
|
|
|
|
|
|
UserRole role = new UserRole();
|
|
|
|
role.setRole(Authorities.USER.getValue());
|
|
|
|
role.setUserInfo(userInfo);
|
|
|
|
apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().createOrUpdate(role);
|
|
|
|
|
|
|
|
} else {
|
|
|
|
Map<String, Object> additionalInfo = userInfo.getAdditionalinfo() != null ?
|
|
|
|
new JSONObject(userInfo.getAdditionalinfo()).toMap() : new HashMap<>();
|
2020-04-03 17:40:03 +02:00
|
|
|
if (profile.getAvatarUrl() != null && !profile.getAvatarUrl().isEmpty() && !profile.getAvatarUrl().equals("null")) {
|
|
|
|
additionalInfo.put("avatarUrl", profile.getAvatarUrl());
|
|
|
|
}
|
|
|
|
if (profile.getZenodoId() != null && !profile.getZenodoId().isEmpty() && !profile.getZenodoId().equals("null")) {
|
|
|
|
additionalInfo.put("zenodoToken", profile.getZenodoId());
|
|
|
|
}
|
|
|
|
if (profile.getZenodoExpire() != null) {
|
|
|
|
additionalInfo.put("expirationDate", Instant.now().plusSeconds(profile.getZenodoExpire()).toEpochMilli());
|
|
|
|
}
|
2020-04-10 16:16:37 +02:00
|
|
|
if (profile.getZenodoRefresh() != null) {
|
|
|
|
additionalInfo.put("zenodoRefresh", profile.getZenodoRefresh());
|
|
|
|
}
|
|
|
|
if (profile.getProvider() == TokenValidatorFactoryImpl.LoginProvider.ZENODO) {
|
|
|
|
additionalInfo.put("zenodoEmail", profile.getEmail());
|
|
|
|
}
|
2019-07-12 15:58:17 +02:00
|
|
|
userInfo.setLastloggedin(new Date());
|
|
|
|
userInfo.setAdditionalinfo(new JSONObject(additionalInfo).toString());
|
|
|
|
Set<Credential> credentials = userInfo.getCredentials();
|
|
|
|
if (credentials.contains(credential)) {
|
|
|
|
Credential oldCredential = credentials.stream().filter(item -> credential.getProvider().equals(item.getProvider())).findFirst().get();
|
|
|
|
credential.setId(oldCredential.getId());
|
|
|
|
} else {
|
|
|
|
credential.setUserInfo(userInfo);
|
|
|
|
credential.setId(UUID.randomUUID());
|
|
|
|
credential.setPublicValue(userInfo.getName());
|
2020-10-27 17:08:16 +01:00
|
|
|
credential.setEmail(userInfo.getEmail());
|
2019-07-12 15:58:17 +02:00
|
|
|
apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
|
|
|
|
userInfo.getCredentials().add(credential);
|
|
|
|
}
|
|
|
|
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
|
|
|
|
}
|
|
|
|
|
|
|
|
UserToken userToken = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserTokenBuilder.class)
|
|
|
|
.token(UUID.randomUUID()).user(userInfo)
|
2021-07-21 10:17:32 +02:00
|
|
|
.expiresAt(Timestamp.valueOf(LocalDateTime.now().plusDays(10))).issuedAt(new Date())
|
2019-07-12 15:58:17 +02:00
|
|
|
.build();
|
|
|
|
|
|
|
|
apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
|
|
|
|
return Touch(userToken.getToken());
|
|
|
|
}
|
|
|
|
}
|