Revision 44:07a11f13a278
| src/main/java/my/com/upass/MinimalUPassControllerV2.java | ||
|---|---|---|
| 37 | 37 |
protected AppAccessMgtService appAccessMgtService = new AppAccessMgtService(); |
| 38 | 38 |
protected ChangeStaticPasswordService changeStaticPasswordService = new ChangeStaticPasswordService(this); |
| 39 | 39 |
|
| 40 |
//for spring-ldap usage |
|
| 40 |
// for spring-ldap usage
|
|
| 41 | 41 |
private static final Object CONFIG_LOCK = new Object(); |
| 42 | 42 |
private static MaybankLdapDAO maybankLdapDAO; |
| 43 |
|
|
| 43 |
|
|
| 44 | 44 |
public MinimalUPassControllerV2() {
|
| 45 | 45 |
initializeConfigurations(); |
| 46 | 46 |
} |
| ... | ... | |
| 410 | 410 |
return appId; |
| 411 | 411 |
} |
| 412 | 412 |
|
| 413 |
protected Integer checkAppAccess(
|
|
| 413 |
public Integer checkAppAccess(
|
|
| 414 | 414 |
String appAccessId, String hashedSecretKey, final Session txSession) |
| 415 | 415 |
throws UPassException, MultipleAppAccessesFound {
|
| 416 | 416 |
|
| 417 | 417 |
int rc = verifyStaticPasswordService.verifyStaticPassword( |
| 418 |
appAccessId, hashedSecretKey, true, |
|
| 419 |
MinimalConstants.UTYPE_STATE_USER, txSession); |
|
| 418 |
appAccessId, hashedSecretKey, false, 0, txSession); |
|
| 420 | 419 |
|
| 421 | 420 |
if (rc != MinimalConstants.ERR_SUCCESS) |
| 422 | 421 |
throw new UPassException(rc); |
| ... | ... | |
| 426 | 425 |
} |
| 427 | 426 |
|
| 428 | 427 |
public UserProfile findProfile( |
| 429 |
String appAccessId, String hashedSecretKey, String username, Session txSession) |
|
| 428 |
String appAccessId, String hashedSecretKey, |
|
| 429 |
String username, Session txSession) |
|
| 430 |
throws UPassException {
|
|
| 431 |
|
|
| 432 |
return findProfile(appAccessId, hashedSecretKey, username, null, txSession); |
|
| 433 |
} |
|
| 434 |
|
|
| 435 |
public UserProfile findProfile( |
|
| 436 |
String appAccessId, String hashedSecretKey, |
|
| 437 |
String username, Integer targetAppId, Session txSession) |
|
| 430 | 438 |
throws UPassException {
|
| 431 | 439 |
|
| 432 | 440 |
try {
|
| 433 | 441 |
Integer invokingAppId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
| 434 |
|
|
| 435 | 442 |
if (invokingAppId == null) |
| 436 | 443 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
| 437 | 444 |
|
| 438 |
else {
|
|
| 439 |
List profiles = modifyUserService.listProfiles(username, txSession);
|
|
| 445 |
if (targetAppId == null) {
|
|
| 446 |
targetAppId = invokingAppId;
|
|
| 440 | 447 |
|
| 441 |
for (Iterator profileIter = profiles.iterator(); profileIter.hasNext();) {
|
|
| 442 |
UserProfile profile = (UserProfile) profileIter.next(); |
|
| 448 |
} else if (!targetAppId.equals(invokingAppId)) {
|
|
| 449 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 450 |
} |
|
| 451 |
List profiles = modifyUserService.listProfiles(username, txSession); |
|
| 443 | 452 |
|
| 444 |
final Integer appIdForProfile = (Integer) AppAccessMgtService
|
|
| 445 |
.profileToAppMap.get(profile.getClass());
|
|
| 453 |
for (Iterator profileIter = profiles.iterator(); profileIter.hasNext();) {
|
|
| 454 |
UserProfile profile = (UserProfile) profileIter.next();
|
|
| 446 | 455 |
|
| 447 |
if (invokingAppId.equals(appIdForProfile)) {
|
|
| 448 |
return profile; |
|
| 449 |
} |
|
| 456 |
final Integer appIdForProfile = (Integer) AppAccessMgtService |
|
| 457 |
.profileToAppMap.get(profile.getClass()); |
|
| 458 |
|
|
| 459 |
if (targetAppId.equals(appIdForProfile)) {
|
|
| 460 |
return profile; |
|
| 450 | 461 |
} |
| 451 |
return null; |
|
| 452 | 462 |
} |
| 463 |
return null; |
|
| 464 |
|
|
| 465 |
} catch (MultipleAppAccessesFound e) {
|
|
| 466 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e); |
|
| 467 |
} |
|
| 468 |
} |
|
| 469 |
|
|
| 470 |
public List/* <UserProfile> */listProfilesByExamples( |
|
| 471 |
String appAccessId, String hashedSecretKey, |
|
| 472 |
List/* <UserProfile> */exampleProfiles, Session txSession) |
|
| 473 |
throws UPassException {
|
|
| 474 |
|
|
| 475 |
return listProfilesByExamples(appAccessId, hashedSecretKey, exampleProfiles, null, txSession); |
|
| 476 |
} |
|
| 477 |
|
|
| 478 |
public List/* <UserProfile> */listProfilesByExamples( |
|
| 479 |
String appAccessId, String hashedSecretKey, |
|
| 480 |
List/* <UserProfile> */exampleProfiles, Integer targetAppId, Session txSession) |
|
| 481 |
throws UPassException {
|
|
| 482 |
|
|
| 483 |
try {
|
|
| 484 |
Integer invokingAppId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 485 |
if (invokingAppId == null) |
|
| 486 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 487 |
|
|
| 488 |
if (targetAppId == null) {
|
|
| 489 |
targetAppId = invokingAppId; |
|
| 490 |
|
|
| 491 |
} else if (!targetAppId.equals(invokingAppId)) {
|
|
| 492 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 493 |
} |
|
| 494 |
List profiles = modifyUserService.listProfilesByExamples(exampleProfiles, txSession); |
|
| 495 |
|
|
| 496 |
for (Iterator iterator = profiles.iterator(); iterator.hasNext();) {
|
|
| 497 |
UserProfile profile = (UserProfile) iterator.next(); |
|
| 498 |
|
|
| 499 |
final Integer appIdForProfile = (Integer) AppAccessMgtService |
|
| 500 |
.profileToAppMap.get(profile.getClass()); |
|
| 501 |
|
|
| 502 |
if (!targetAppId.equals(appIdForProfile)) |
|
| 503 |
iterator.remove(); |
|
| 504 |
} |
|
| 505 |
return profiles; |
|
| 506 |
|
|
| 453 | 507 |
} catch (MultipleAppAccessesFound e) {
|
| 454 | 508 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED, e); |
| 455 | 509 |
} |
| ... | ... | |
| 457 | 511 |
|
| 458 | 512 |
public static MaybankLdapDAO getMaybankLdapDAO() {
|
| 459 | 513 |
synchronized (CONFIG_LOCK) {
|
| 460 |
if(maybankLdapDAO == null){
|
|
| 514 |
if (maybankLdapDAO == null) {
|
|
| 461 | 515 |
Resource resource = new ClassPathResource("spring-ldap.xml");
|
| 462 | 516 |
BeanFactory factory = new XmlBeanFactory(resource); |
| 463 |
maybankLdapDAO = (MaybankLdapDAO)factory.getBean("maybankLdap");
|
|
| 517 |
maybankLdapDAO = (MaybankLdapDAO) factory.getBean("maybankLdap");
|
|
| 464 | 518 |
} |
| 465 | 519 |
|
| 466 | 520 |
return maybankLdapDAO; |
| src/main/java/my/com/upass/maybank/MinimalMaybankFacade.java | ||
|---|---|---|
| 28 | 28 |
String username, String pan2); |
| 29 | 29 |
|
| 30 | 30 |
Response lookupUsername_internal( |
| 31 |
String appAccessId, String hashedSecretKey, |
|
| 32 |
String username); |
|
| 31 |
String appAccessId, String hashedSecretKey, String username); |
|
| 32 |
|
|
| 33 |
Response lookupPublicUsername_internal( |
|
| 34 |
String appAccessId, String hashedSecretKey, String username); |
|
| 35 |
|
|
| 36 |
Response lookupPan1_internal( |
|
| 37 |
String appAccessId, String hashedSecretKey, String pan1); |
|
| 38 |
|
|
| 39 |
Response lookupPan2_internal( |
|
| 40 |
String appAccessId, String hashedSecretKey, String pan2); |
|
| 41 |
|
|
| 42 |
Response lookupPanCc_internal( |
|
| 43 |
String appAccessId, String hashedSecretKey, String panCc); |
|
| 33 | 44 |
} |
| src/main/java/my/com/upass/maybank/MinimalMaybankFacadeImpl.java | ||
|---|---|---|
| 1 | 1 |
package my.com.upass.maybank; |
| 2 | 2 |
|
| 3 |
import java.util.LinkedList; |
|
| 4 |
import java.util.List; |
|
| 3 | 5 |
import java.util.Map; |
| 4 | 6 |
|
| 5 | 7 |
import my.com.upass.MinimalConstants; |
| 6 | 8 |
import my.com.upass.MinimalUPassControllerV2; |
| 7 | 9 |
import my.com.upass.UPassException; |
| 10 |
import my.com.upass.maybank.entities.IbccUser; |
|
| 8 | 11 |
import my.com.upass.maybank.entities.M2uUser; |
| 9 | 12 |
import my.com.upass.maybank.entities.UserProfile; |
| 13 |
import my.com.upass.pojo.ClientApp; |
|
| 10 | 14 |
import my.com.upass.pojo.MinimalUserBean; |
| 11 | 15 |
import my.com.upass.pojo.UserAppAccess; |
| 12 | 16 |
import net.penril.generic.hibernate.GenericDAOHibernate; |
| ... | ... | |
| 86 | 90 |
String username) {
|
| 87 | 91 |
|
| 88 | 92 |
Response res = new Response(); |
| 89 |
|
|
| 90 | 93 |
Session session = null; |
| 91 | 94 |
try {
|
| 92 | 95 |
session = HibernateUtils.currentSession(); |
| ... | ... | |
| 112 | 115 |
return res; |
| 113 | 116 |
} |
| 114 | 117 |
|
| 118 |
public Response lookupPublicUsername_internal( |
|
| 119 |
String appAccessId, String hashedSecretKey, String username) {
|
|
| 120 |
|
|
| 121 |
Response res = new Response(); |
|
| 122 |
Session session = null; |
|
| 123 |
try {
|
|
| 124 |
session = HibernateUtils.currentSession(); |
|
| 125 |
|
|
| 126 |
UserProfile profile = minUpcV2.findProfile( |
|
| 127 |
appAccessId, hashedSecretKey, username, ClientApp.APP_ID_CCPP, session); |
|
| 128 |
|
|
| 129 |
final Map map = profile.propertiesToMap(); |
|
| 130 |
res.setMap(map); |
|
| 131 |
res.setCode(MinimalConstants.ERR_SUCCESS); |
|
| 132 |
|
|
| 133 |
} catch (UPassException e) {
|
|
| 134 |
LOGGER.info(e, e); |
|
| 135 |
res.setCode(e.getErrorCode()); |
|
| 136 |
|
|
| 137 |
} catch (Exception e) {
|
|
| 138 |
LOGGER.error(e, e); |
|
| 139 |
res.setCode(MinimalConstants.ERR_UNKNOWN); |
|
| 140 |
|
|
| 141 |
} finally {
|
|
| 142 |
GenericDAOHibernate.closeSessionIfAny(session); |
|
| 143 |
} |
|
| 144 |
return res; |
|
| 145 |
} |
|
| 146 |
|
|
| 147 |
public Response lookupPan1_internal( |
|
| 148 |
String appAccessId, String hashedSecretKey, String pan1) {
|
|
| 149 |
|
|
| 150 |
final M2uUser example = new M2uUser(); |
|
| 151 |
example.setPan1(pan1); |
|
| 152 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_M2U, example); |
|
| 153 |
} |
|
| 154 |
|
|
| 155 |
public Response lookupPan2_internal( |
|
| 156 |
String appAccessId, String hashedSecretKey, String pan2) {
|
|
| 157 |
|
|
| 158 |
final M2uUser example = new M2uUser(); |
|
| 159 |
example.setPan2(pan2); |
|
| 160 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_M2U, example); |
|
| 161 |
} |
|
| 162 |
|
|
| 163 |
public Response lookupPanCc_internal( |
|
| 164 |
String appAccessId, String hashedSecretKey, String panCc) {
|
|
| 165 |
|
|
| 166 |
final IbccUser example = new IbccUser(); |
|
| 167 |
example.setPanCc(panCc); |
|
| 168 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_CCPP, example); |
|
| 169 |
} |
|
| 170 |
|
|
| 115 | 171 |
// protected methods |
| 116 | 172 |
|
| 117 | 173 |
protected int newUser( |
| ... | ... | |
| 157 | 213 |
session.beginTransaction(); |
| 158 | 214 |
|
| 159 | 215 |
UserProfile profile = minUpcV2.findProfile( |
| 160 |
appAccessId, hashedSecretKey, username, session); |
|
| 216 |
appAccessId, hashedSecretKey, username, ClientApp.APP_ID_M2U, session);
|
|
| 161 | 217 |
|
| 162 | 218 |
if (profile instanceof M2uUser) {
|
| 163 |
|
|
| 164 | 219 |
M2uUser m2uUser = (M2uUser) profile; |
| 165 | 220 |
|
| 166 | 221 |
if (pan1 != null) |
| ... | ... | |
| 177 | 232 |
|
| 178 | 233 |
} else {
|
| 179 | 234 |
GenericDAOHibernate.rollbackTransactionIfAny(session); |
| 180 |
return MinimalConstants.ERR_APP_SERV_NOT_PERMITTED;
|
|
| 235 |
return MinimalConstants.ERR_INVALID_INPUT;
|
|
| 181 | 236 |
} |
| 182 | 237 |
} catch (UPassException e) {
|
| 183 | 238 |
LOGGER.info(e, e); |
| ... | ... | |
| 193 | 248 |
GenericDAOHibernate.closeSessionIfAny(session); |
| 194 | 249 |
} |
| 195 | 250 |
} |
| 251 |
|
|
| 252 |
protected Response lookupProfileByExample( |
|
| 253 |
String appAccessId, String hashedSecretKey, |
|
| 254 |
Integer targetAppId, UserProfile example) {
|
|
| 255 |
|
|
| 256 |
Response res = new Response(); |
|
| 257 |
Session session = null; |
|
| 258 |
try {
|
|
| 259 |
session = HibernateUtils.currentSession(); |
|
| 260 |
|
|
| 261 |
List examples = new LinkedList(); |
|
| 262 |
examples.add(example); |
|
| 263 |
|
|
| 264 |
List profiles = minUpcV2.listProfilesByExamples( |
|
| 265 |
appAccessId, hashedSecretKey, examples, targetAppId, session); |
|
| 266 |
|
|
| 267 |
if (profiles.size() != 1) |
|
| 268 |
res.setCode(MinimalConstants.ERR_INVALID_INPUT); |
|
| 269 |
|
|
| 270 |
else {
|
|
| 271 |
final UserProfile profile = (UserProfile) profiles.get(0); |
|
| 272 |
res.setMap(profile.propertiesToMap()); |
|
| 273 |
res.setCode(MinimalConstants.ERR_SUCCESS); |
|
| 274 |
} |
|
| 275 |
} catch (UPassException e) {
|
|
| 276 |
LOGGER.info(e, e); |
|
| 277 |
res.setCode(e.getErrorCode()); |
|
| 278 |
|
|
| 279 |
} catch (Exception e) {
|
|
| 280 |
LOGGER.error(e, e); |
|
| 281 |
res.setCode(MinimalConstants.ERR_UNKNOWN); |
|
| 282 |
|
|
| 283 |
} finally {
|
|
| 284 |
GenericDAOHibernate.closeSessionIfAny(session); |
|
| 285 |
} |
|
| 286 |
return res; |
|
| 287 |
} |
|
| 196 | 288 |
} |
Also available in: Unified diff