Revision 44:07a11f13a278
src/main/java/my/com/upass/MinimalUPassControllerV2.java | ||
---|---|---|
37 | 37 |
protected AppAccessMgtService appAccessMgtService = new AppAccessMgtService(); |
38 | 38 |
protected ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this); |
39 | 39 |
|
40 |
//for spring-ldap usage |
|
40 |
// for spring-ldap usage
|
|
41 | 41 |
private static final Object CONFIG_LOCK = new Object(); |
42 | 42 |
private static MaybankLdapDAO maybankLdapDAO; |
43 |
|
|
43 |
|
|
44 | 44 |
public MinimalUPassControllerV2() { |
45 | 45 |
initializeConfigurations(); |
46 | 46 |
} |
... | ... | |
410 | 410 |
return appId; |
411 | 411 |
} |
412 | 412 |
|
413 |
protected Integer checkAppAccess(
|
|
413 |
public Integer checkAppAccess(
|
|
414 | 414 |
String appAccessId, String hashedSecretKey, final Session txSession) |
415 | 415 |
throws UPassException, MultipleAppAccessesFound { |
416 | 416 |
|
417 | 417 |
int rc = verifyStaticPasswordService.verifyStaticPassword( |
418 |
appAccessId, hashedSecretKey, true, |
|
419 |
MinimalConstants.UTYPE_STATE_USER, txSession); |
|
418 |
appAccessId, hashedSecretKey, false, 0, txSession); |
|
420 | 419 |
|
421 | 420 |
if (rc != MinimalConstants.ERR_SUCCESS) |
422 | 421 |
throw new UPassException(rc); |
... | ... | |
426 | 425 |
} |
427 | 426 |
|
428 | 427 |
public UserProfile findProfile( |
429 |
String appAccessId, String hashedSecretKey, String username, Session txSession) |
|
428 |
String appAccessId, String hashedSecretKey, |
|
429 |
String username, Session txSession) |
|
430 |
throws UPassException { |
|
431 |
|
|
432 |
return findProfile(appAccessId, hashedSecretKey, username, null, txSession); |
|
433 |
} |
|
434 |
|
|
435 |
public UserProfile findProfile( |
|
436 |
String appAccessId, String hashedSecretKey, |
|
437 |
String username, Integer targetAppId, Session txSession) |
|
430 | 438 |
throws UPassException { |
431 | 439 |
|
432 | 440 |
try { |
433 | 441 |
Integer invokingAppId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
434 |
|
|
435 | 442 |
if (invokingAppId == null) |
436 | 443 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
437 | 444 |
|
438 |
else {
|
|
439 |
List profiles = modifyUserService.listProfiles(username, txSession);
|
|
445 |
if (targetAppId == null) {
|
|
446 |
targetAppId = invokingAppId;
|
|
440 | 447 |
|
441 |
for (Iterator profileIter = profiles.iterator(); profileIter.hasNext();) { |
|
442 |
UserProfile profile = (UserProfile) profileIter.next(); |
|
448 |
} else if (!targetAppId.equals(invokingAppId)) { |
|
449 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
450 |
} |
|
451 |
List profiles = modifyUserService.listProfiles(username, txSession); |
|
443 | 452 |
|
444 |
final Integer appIdForProfile = (Integer) AppAccessMgtService
|
|
445 |
.profileToAppMap.get(profile.getClass());
|
|
453 |
for (Iterator profileIter = profiles.iterator(); profileIter.hasNext();) {
|
|
454 |
UserProfile profile = (UserProfile) profileIter.next();
|
|
446 | 455 |
|
447 |
if (invokingAppId.equals(appIdForProfile)) { |
|
448 |
return profile; |
|
449 |
} |
|
456 |
final Integer appIdForProfile = (Integer) AppAccessMgtService |
|
457 |
.profileToAppMap.get(profile.getClass()); |
|
458 |
|
|
459 |
if (targetAppId.equals(appIdForProfile)) { |
|
460 |
return profile; |
|
450 | 461 |
} |
451 |
return null; |
|
452 | 462 |
} |
463 |
return null; |
|
464 |
|
|
465 |
} catch (MultipleAppAccessesFound e) { |
|
466 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e); |
|
467 |
} |
|
468 |
} |
|
469 |
|
|
470 |
public List/* <UserProfile> */listProfilesByExamples( |
|
471 |
String appAccessId, String hashedSecretKey, |
|
472 |
List/* <UserProfile> */exampleProfiles, Session txSession) |
|
473 |
throws UPassException { |
|
474 |
|
|
475 |
return listProfilesByExamples(appAccessId, hashedSecretKey, exampleProfiles, null, txSession); |
|
476 |
} |
|
477 |
|
|
478 |
public List/* <UserProfile> */listProfilesByExamples( |
|
479 |
String appAccessId, String hashedSecretKey, |
|
480 |
List/* <UserProfile> */exampleProfiles, Integer targetAppId, Session txSession) |
|
481 |
throws UPassException { |
|
482 |
|
|
483 |
try { |
|
484 |
Integer invokingAppId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
485 |
if (invokingAppId == null) |
|
486 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
487 |
|
|
488 |
if (targetAppId == null) { |
|
489 |
targetAppId = invokingAppId; |
|
490 |
|
|
491 |
} else if (!targetAppId.equals(invokingAppId)) { |
|
492 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
493 |
} |
|
494 |
List profiles = modifyUserService.listProfilesByExamples(exampleProfiles, txSession); |
|
495 |
|
|
496 |
for (Iterator iterator = profiles.iterator(); iterator.hasNext();) { |
|
497 |
UserProfile profile = (UserProfile) iterator.next(); |
|
498 |
|
|
499 |
final Integer appIdForProfile = (Integer) AppAccessMgtService |
|
500 |
.profileToAppMap.get(profile.getClass()); |
|
501 |
|
|
502 |
if (!targetAppId.equals(appIdForProfile)) |
|
503 |
iterator.remove(); |
|
504 |
} |
|
505 |
return profiles; |
|
506 |
|
|
453 | 507 |
} catch (MultipleAppAccessesFound e) { |
454 | 508 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e); |
455 | 509 |
} |
... | ... | |
457 | 511 |
|
458 | 512 |
public static MaybankLdapDAO getMaybankLdapDAO() { |
459 | 513 |
synchronized (CONFIG_LOCK) { |
460 |
if(maybankLdapDAO == null){
|
|
514 |
if (maybankLdapDAO == null) {
|
|
461 | 515 |
Resource resource = new ClassPathResource("spring-ldap.xml"); |
462 | 516 |
BeanFactory factory = new XmlBeanFactory(resource); |
463 |
maybankLdapDAO = (MaybankLdapDAO)factory.getBean("maybankLdap"); |
|
517 |
maybankLdapDAO = (MaybankLdapDAO) factory.getBean("maybankLdap");
|
|
464 | 518 |
} |
465 | 519 |
|
466 | 520 |
return maybankLdapDAO; |
src/main/java/my/com/upass/maybank/MinimalMaybankFacade.java | ||
---|---|---|
28 | 28 |
String username, String pan2); |
29 | 29 |
|
30 | 30 |
Response lookupUsername_internal( |
31 |
String appAccessId, String hashedSecretKey, |
|
32 |
String username); |
|
31 |
String appAccessId, String hashedSecretKey, String username); |
|
32 |
|
|
33 |
Response lookupPublicUsername_internal( |
|
34 |
String appAccessId, String hashedSecretKey, String username); |
|
35 |
|
|
36 |
Response lookupPan1_internal( |
|
37 |
String appAccessId, String hashedSecretKey, String pan1); |
|
38 |
|
|
39 |
Response lookupPan2_internal( |
|
40 |
String appAccessId, String hashedSecretKey, String pan2); |
|
41 |
|
|
42 |
Response lookupPanCc_internal( |
|
43 |
String appAccessId, String hashedSecretKey, String panCc); |
|
33 | 44 |
} |
src/main/java/my/com/upass/maybank/MinimalMaybankFacadeImpl.java | ||
---|---|---|
1 | 1 |
package my.com.upass.maybank; |
2 | 2 |
|
3 |
import java.util.LinkedList; |
|
4 |
import java.util.List; |
|
3 | 5 |
import java.util.Map; |
4 | 6 |
|
5 | 7 |
import my.com.upass.MinimalConstants; |
6 | 8 |
import my.com.upass.MinimalUPassControllerV2; |
7 | 9 |
import my.com.upass.UPassException; |
10 |
import my.com.upass.maybank.entities.IbccUser; |
|
8 | 11 |
import my.com.upass.maybank.entities.M2uUser; |
9 | 12 |
import my.com.upass.maybank.entities.UserProfile; |
13 |
import my.com.upass.pojo.ClientApp; |
|
10 | 14 |
import my.com.upass.pojo.MinimalUserBean; |
11 | 15 |
import my.com.upass.pojo.UserAppAccess; |
12 | 16 |
import net.penril.generic.hibernate.GenericDAOHibernate; |
... | ... | |
86 | 90 |
String username) { |
87 | 91 |
|
88 | 92 |
Response res = new Response(); |
89 |
|
|
90 | 93 |
Session session = null; |
91 | 94 |
try { |
92 | 95 |
session = HibernateUtils.currentSession(); |
... | ... | |
112 | 115 |
return res; |
113 | 116 |
} |
114 | 117 |
|
118 |
public Response lookupPublicUsername_internal( |
|
119 |
String appAccessId, String hashedSecretKey, String username) { |
|
120 |
|
|
121 |
Response res = new Response(); |
|
122 |
Session session = null; |
|
123 |
try { |
|
124 |
session = HibernateUtils.currentSession(); |
|
125 |
|
|
126 |
UserProfile profile = minUpcV2.findProfile( |
|
127 |
appAccessId, hashedSecretKey, username, ClientApp.APP_ID_CCPP, session); |
|
128 |
|
|
129 |
final Map map = profile.propertiesToMap(); |
|
130 |
res.setMap(map); |
|
131 |
res.setCode(MinimalConstants.ERR_SUCCESS); |
|
132 |
|
|
133 |
} catch (UPassException e) { |
|
134 |
LOGGER.info(e, e); |
|
135 |
res.setCode(e.getErrorCode()); |
|
136 |
|
|
137 |
} catch (Exception e) { |
|
138 |
LOGGER.error(e, e); |
|
139 |
res.setCode(MinimalConstants.ERR_UNKNOWN); |
|
140 |
|
|
141 |
} finally { |
|
142 |
GenericDAOHibernate.closeSessionIfAny(session); |
|
143 |
} |
|
144 |
return res; |
|
145 |
} |
|
146 |
|
|
147 |
public Response lookupPan1_internal( |
|
148 |
String appAccessId, String hashedSecretKey, String pan1) { |
|
149 |
|
|
150 |
final M2uUser example = new M2uUser(); |
|
151 |
example.setPan1(pan1); |
|
152 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_M2U, example); |
|
153 |
} |
|
154 |
|
|
155 |
public Response lookupPan2_internal( |
|
156 |
String appAccessId, String hashedSecretKey, String pan2) { |
|
157 |
|
|
158 |
final M2uUser example = new M2uUser(); |
|
159 |
example.setPan2(pan2); |
|
160 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_M2U, example); |
|
161 |
} |
|
162 |
|
|
163 |
public Response lookupPanCc_internal( |
|
164 |
String appAccessId, String hashedSecretKey, String panCc) { |
|
165 |
|
|
166 |
final IbccUser example = new IbccUser(); |
|
167 |
example.setPanCc(panCc); |
|
168 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_CCPP, example); |
|
169 |
} |
|
170 |
|
|
115 | 171 |
// protected methods |
116 | 172 |
|
117 | 173 |
protected int newUser( |
... | ... | |
157 | 213 |
session.beginTransaction(); |
158 | 214 |
|
159 | 215 |
UserProfile profile = minUpcV2.findProfile( |
160 |
appAccessId, hashedSecretKey, username, session); |
|
216 |
appAccessId, hashedSecretKey, username, ClientApp.APP_ID_M2U, session);
|
|
161 | 217 |
|
162 | 218 |
if (profile instanceof M2uUser) { |
163 |
|
|
164 | 219 |
M2uUser m2uUser = (M2uUser) profile; |
165 | 220 |
|
166 | 221 |
if (pan1 != null) |
... | ... | |
177 | 232 |
|
178 | 233 |
} else { |
179 | 234 |
GenericDAOHibernate.rollbackTransactionIfAny(session); |
180 |
return MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
|
|
235 |
return MinimalConstants.ERR_INVALID_INPUT;
|
|
181 | 236 |
} |
182 | 237 |
} catch (UPassException e) { |
183 | 238 |
LOGGER.info(e, e); |
... | ... | |
193 | 248 |
GenericDAOHibernate.closeSessionIfAny(session); |
194 | 249 |
} |
195 | 250 |
} |
251 |
|
|
252 |
protected Response lookupProfileByExample( |
|
253 |
String appAccessId, String hashedSecretKey, |
|
254 |
Integer targetAppId, UserProfile example) { |
|
255 |
|
|
256 |
Response res = new Response(); |
|
257 |
Session session = null; |
|
258 |
try { |
|
259 |
session = HibernateUtils.currentSession(); |
|
260 |
|
|
261 |
List examples = new LinkedList(); |
|
262 |
examples.add(example); |
|
263 |
|
|
264 |
List profiles = minUpcV2.listProfilesByExamples( |
|
265 |
appAccessId, hashedSecretKey, examples, targetAppId, session); |
|
266 |
|
|
267 |
if (profiles.size() != 1) |
|
268 |
res.setCode(MinimalConstants.ERR_INVALID_INPUT); |
|
269 |
|
|
270 |
else { |
|
271 |
final UserProfile profile = (UserProfile) profiles.get(0); |
|
272 |
res.setMap(profile.propertiesToMap()); |
|
273 |
res.setCode(MinimalConstants.ERR_SUCCESS); |
|
274 |
} |
|
275 |
} catch (UPassException e) { |
|
276 |
LOGGER.info(e, e); |
|
277 |
res.setCode(e.getErrorCode()); |
|
278 |
|
|
279 |
} catch (Exception e) { |
|
280 |
LOGGER.error(e, e); |
|
281 |
res.setCode(MinimalConstants.ERR_UNKNOWN); |
|
282 |
|
|
283 |
} finally { |
|
284 |
GenericDAOHibernate.closeSessionIfAny(session); |
|
285 |
} |
|
286 |
return res; |
|
287 |
} |
|
196 | 288 |
} |
Also available in: Unified diff