You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
190 lines
9.2 KiB
Java
190 lines
9.2 KiB
Java
package eu.eudat.services.operations;
|
|
|
|
import eu.eudat.builders.entity.CredentialBuilder;
|
|
import eu.eudat.builders.entity.UserInfoBuilder;
|
|
import eu.eudat.builders.entity.UserTokenBuilder;
|
|
import eu.eudat.builders.model.models.PrincipalBuilder;
|
|
import eu.eudat.entities.Credential;
|
|
import eu.eudat.entities.UserInfo;
|
|
import eu.eudat.entities.UserRole;
|
|
import eu.eudat.entities.UserToken;
|
|
import eu.eudat.models.criteria.UserInfoCriteria;
|
|
import eu.eudat.models.login.Credentials;
|
|
import eu.eudat.models.loginprovider.LoginProviderUser;
|
|
import eu.eudat.models.security.Principal;
|
|
import eu.eudat.security.validators.TokenValidatorFactoryImpl;
|
|
import eu.eudat.services.ApiContext;
|
|
import eu.eudat.types.Authorities;
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.core.env.Environment;
|
|
import org.springframework.stereotype.Service;
|
|
import org.springframework.transaction.annotation.Transactional;
|
|
|
|
import java.util.*;
|
|
|
|
|
|
@Service("authenticationService")
|
|
public class AuthenticationServiceImpl implements AuthenticationService {
|
|
private ApiContext apiContext;
|
|
private Environment environment;
|
|
|
|
@Autowired
|
|
public AuthenticationServiceImpl(ApiContext apiContext, Environment environment) {
|
|
this.environment = environment;
|
|
this.apiContext = apiContext;
|
|
}
|
|
|
|
public Principal Touch(UUID token) {
|
|
UserToken tokenEntry = this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().find(token);
|
|
if (tokenEntry == null || tokenEntry.getExpiresAt().before(new Date())) return null;
|
|
|
|
return this.Touch(tokenEntry);
|
|
}
|
|
|
|
public void Logout(UUID token) {
|
|
UserToken tokenEntry = this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().find(token);
|
|
this.apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().delete(tokenEntry);
|
|
}
|
|
|
|
private Principal Touch(UserToken token) {
|
|
if (token == null || token.getExpiresAt().before(new Date())) return null;
|
|
|
|
UserInfo user = this.apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().find(token.getUser().getId());
|
|
if (user == null) return null;
|
|
|
|
Principal principal = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(PrincipalBuilder.class)
|
|
.id(user.getId()).token(token.getToken())
|
|
.expiresAt(token.getExpiresAt()).name(user.getName())
|
|
.build();
|
|
|
|
List<UserRole> userRoles = apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().getUserRoles(user);
|
|
for (UserRole item : userRoles) {
|
|
if (principal.getAuthz() == null) principal.setAuthorities(new HashSet<>());
|
|
principal.getAuthz().add(Authorities.fromInteger(item.getRole()));
|
|
}
|
|
return principal;
|
|
}
|
|
|
|
public Principal Touch(Credentials credentials) {
|
|
Credential credential = this.apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().getLoggedInCredentials(credentials);
|
|
|
|
if (credential == null && credentials.getUsername().equals(environment.getProperty("autouser.root.username"))) {
|
|
try {
|
|
credential = this.autoCreateUser(credentials.getUsername(), credentials.getSecret());
|
|
} catch (Exception e) {
|
|
e.printStackTrace();
|
|
return null;
|
|
}
|
|
}
|
|
if (credential == null) return null;
|
|
|
|
UserToken userToken = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserTokenBuilder.class)
|
|
.issuedAt(new Date()).user(credential.getUserInfo())
|
|
.token(UUID.randomUUID()).expiresAt(addADay(new Date()))
|
|
.build();
|
|
|
|
userToken = apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
|
|
|
|
return this.Touch(userToken);
|
|
|
|
}
|
|
|
|
public Principal Touch(LoginProviderUser profile) {
|
|
UserInfoCriteria criteria = new UserInfoCriteria();
|
|
criteria.setEmail(profile.getEmail());
|
|
|
|
UserInfo userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().asQueryable().withHint("userInfo").where((builder, root) -> builder.equal(root.get("email"), profile.getEmail())).getSingleOrDefault();
|
|
|
|
if (userInfo == null) {
|
|
Optional<Credential> optionalCredential = Optional.ofNullable(apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao()
|
|
.asQueryable().withHint("credentialUserInfo")
|
|
.where((builder, root) -> builder.and(builder.equal(root.get("provider"), profile.getProvider().getValue()), builder.equal(root.get("externalId"), profile.getId())))
|
|
.getSingleOrDefault());
|
|
userInfo = optionalCredential.map(Credential::getUserInfo).orElse(null);
|
|
}
|
|
|
|
final Credential credential = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(CredentialBuilder.class)
|
|
.id(UUID.randomUUID()).creationTime(new Date()).status(1)
|
|
.lastUpdateTime(new Date()).provider((int) profile.getProvider().getValue())
|
|
.secret(profile.getSecret()).externalId(profile.getId())
|
|
.build();
|
|
|
|
if (userInfo == null) {
|
|
userInfo = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserInfoBuilder.class)
|
|
.name(profile.getName()).verified_email(profile.getIsVerified())
|
|
.email(profile.getEmail()).created(new Date()).lastloggedin(new Date())
|
|
.authorization_level((short) 1).usertype((short) 1)
|
|
.build();
|
|
|
|
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
|
|
credential.setPublicValue(userInfo.getName());
|
|
credential.setUserInfo(userInfo);
|
|
apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
|
|
|
|
UserRole role = new UserRole();
|
|
role.setRole(Authorities.USER.getValue());
|
|
role.setUserInfo(userInfo);
|
|
apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().createOrUpdate(role);
|
|
|
|
} else {
|
|
userInfo.setLastloggedin(new Date());
|
|
Set<Credential> credentials = userInfo.getCredentials();
|
|
if (credentials.contains(credential)) {
|
|
Credential oldCredential = credentials.stream().filter(item -> credential.getProvider().equals(item.getProvider())).findFirst().get();
|
|
credential.setId(oldCredential.getId());
|
|
} else {
|
|
credential.setUserInfo(userInfo);
|
|
credential.setId(UUID.randomUUID());
|
|
credential.setPublicValue(userInfo.getName());
|
|
apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
|
|
userInfo.getCredentials().add(credential);
|
|
}
|
|
userInfo = apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
|
|
}
|
|
|
|
UserToken userToken = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserTokenBuilder.class)
|
|
.token(UUID.randomUUID()).user(userInfo)
|
|
.expiresAt(addADay(new Date())).issuedAt(new Date())
|
|
.build();
|
|
|
|
apiContext.getOperationsContext().getDatabaseRepository().getUserTokenDao().createOrUpdate(userToken);
|
|
return Touch(userToken.getToken());
|
|
}
|
|
|
|
private Date addADay(Date date) {
|
|
Date dt = new Date();
|
|
Calendar c = Calendar.getInstance();
|
|
c.setTime(dt);
|
|
c.add(Calendar.DATE, 1);
|
|
dt = c.getTime();
|
|
return dt;
|
|
}
|
|
|
|
|
|
@Transactional
|
|
private Credential autoCreateUser(String username, String password) {
|
|
if (!environment.getProperty("autouser.root.username").equals(username) || !environment.getProperty("autouser.root.password").equals(password))
|
|
return null;
|
|
|
|
UserInfo userInfo = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(UserInfoBuilder.class)
|
|
.name(username).email(environment.getProperty("autouser.root.email")).created(new Date())
|
|
.lastloggedin(new Date()).authorization_level((short) 1).usertype((short) 1)
|
|
.build();
|
|
|
|
userInfo = this.apiContext.getOperationsContext().getDatabaseRepository().getUserInfoDao().createOrUpdate(userInfo);
|
|
|
|
UserRole role = new UserRole();
|
|
role.setRole(Authorities.ADMIN.getValue());
|
|
role.setUserInfo(userInfo);
|
|
this.apiContext.getOperationsContext().getDatabaseRepository().getUserRoleDao().createOrUpdate(role);
|
|
|
|
Credential credential = this.apiContext.getOperationsContext().getBuilderFactory().getBuilder(CredentialBuilder.class)
|
|
.userInfo(userInfo).publicValue(username).secret(password)
|
|
.provider((int) TokenValidatorFactoryImpl.LoginProvider.NATIVELOGIN.getValue())
|
|
.creationTime(new Date()).lastUpdateTime(new Date()).status(0)
|
|
.build();
|
|
|
|
return this.apiContext.getOperationsContext().getDatabaseRepository().getCredentialDao().createOrUpdate(credential);
|
|
}
|
|
}
|