Revision 74:94a953ba47b0
src/main/java/my/com/upass/MinimalUPassControllerV2.java | ||
---|---|---|
10 | 10 |
import my.com.upass.dao.ConfigurationDAO; |
11 | 11 |
import my.com.upass.dao.MinimalDAOFactory; |
12 | 12 |
import my.com.upass.maybank.entities.UserProfile; |
13 |
import my.com.upass.pojo.AuthenticationBean; |
|
13 | 14 |
import my.com.upass.pojo.ClientApp; |
14 | 15 |
import my.com.upass.pojo.ConfigurationBean; |
15 | 16 |
import my.com.upass.pojo.MinimalUserBean; |
... | ... | |
211 | 212 |
} catch (UPassException e) { |
212 | 213 |
rc = e.getErrorCode(); |
213 | 214 |
e.printStackTrace(); |
214 |
|
|
215 |
} catch (MultipleAppAccessesFound e) { |
|
216 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
|
217 |
e.printStackTrace(); |
|
218 | 215 |
} |
219 | 216 |
logger.info("addUser - user alias: [" + userAlias + "] Return: " + rc); |
220 | 217 |
return rc; |
... | ... | |
304 | 301 |
|
305 | 302 |
int rc; |
306 | 303 |
try { |
304 |
// AuthenticationBean authBean = verifyStaticPasswordService.retrieveAuthBeanFor( |
|
305 |
// appAccessId, hashedSecretKey, username, hashedPassword); |
|
306 |
|
|
307 | 307 |
checkAppAccessToUser(appAccessId, hashedSecretKey, username, null); |
308 |
rc = verifyStaticPasswordService.verifyStaticPassword( |
|
309 |
username, hashedPassword, false, 0); |
|
308 |
// checkAppAccessToUser(authBean); |
|
309 |
|
|
310 |
rc = verifyStaticPasswordService.verifyStaticPassword(username, hashedPassword, false, 0); |
|
311 |
// rc = verifyStaticPasswordService.verifyStaticPassword(authBean, false, 0); |
|
310 | 312 |
|
311 | 313 |
} catch (MultipleAppAccessesFound e) { |
312 | 314 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
... | ... | |
395 | 397 |
} else if (invokingAppId.intValue() != appIdForProfile) { |
396 | 398 |
permitted = false; |
397 | 399 |
} |
398 |
if (!permitted) { |
|
400 |
if (permitted) |
|
401 |
rc = updateProfileShallowly_noAccessCheck(profile, txSession); |
|
402 |
else |
|
399 | 403 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
400 |
|
|
401 |
} else { |
|
402 |
List grantedAppAccesses = appAccessMgtService.listAppIdsForUser(user.getUsername(), txSession); |
|
403 |
|
|
404 |
boolean granted = false; |
|
405 |
granted = (grantedAppAccesses.contains(new Integer(appIdForProfile))) ? |
|
406 |
true |
|
407 |
: appAccessMgtService.grantAppAccessToUser( |
|
408 |
user.getUserID(), appIdForProfile, UserAppAccess.TYPE_USER, txSession); |
|
409 |
|
|
410 |
rc = granted ? |
|
411 |
modifyUserService.updateProfileShallowly(profile, txSession) |
|
412 |
: MinimalConstants.ERR_SYSTEM_NOT_READY; |
|
413 |
} |
|
404 |
|
|
414 | 405 |
} catch (MultipleAppAccessesFound e) { |
415 | 406 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
416 | 407 |
e.printStackTrace(); |
... | ... | |
419 | 410 |
return rc; |
420 | 411 |
} |
421 | 412 |
|
413 |
public int updateProfileShallowly_noAccessCheck(UserProfile profile, Session txSession) |
|
414 |
throws MultipleAppAccessesFound { |
|
415 |
|
|
416 |
final MinimalUserBean user = profile.getMinUser(); |
|
417 |
final int appIdForProfile = AppAccessMgtService.getAppIdForProfile(profile).intValue(); |
|
418 |
|
|
419 |
List grantedAppAccesses = appAccessMgtService.listAppIdsForUser(user.getUsername(), txSession); |
|
420 |
|
|
421 |
boolean granted = false; |
|
422 |
granted = (grantedAppAccesses.contains(new Integer(appIdForProfile))) ? |
|
423 |
true |
|
424 |
: appAccessMgtService.grantAppAccessToUser( |
|
425 |
user.getUserID(), appIdForProfile, UserAppAccess.TYPE_USER, txSession); |
|
426 |
|
|
427 |
return granted ? |
|
428 |
modifyUserService.updateProfileShallowly(profile, txSession) |
|
429 |
: MinimalConstants.ERR_SYSTEM_NOT_READY; |
|
430 |
} |
|
431 |
|
|
422 | 432 |
/** |
423 | 433 |
* This method generate static password and to be using SP_VerifyStaticPassword() |
424 | 434 |
* |
src/main/java/my/com/upass/maybank/MinimalMaybankFacadeImpl.java | ||
---|---|---|
176 | 176 |
return lookupProfileByExample(appAccessId, hashedSecretKey, ClientApp.APP_ID_CCPP, example); |
177 | 177 |
} |
178 | 178 |
|
179 |
public int convertPublicToM2u(String appAccessId, String hashedSecretKey, String username, String pan1, String pan2) { |
|
180 |
// TODO Auto-generated method stub |
|
181 |
return 0; |
|
179 |
public int convertPublicToM2u( |
|
180 |
String appAccessId, String hashedSecretKey, |
|
181 |
String username, String pan1, String pan2) { |
|
182 |
|
|
183 |
int rc = MinimalConstants.ERR_UNKNOWN; |
|
184 |
Session session = null; |
|
185 |
try { |
|
186 |
session = HibernateUtils.currentSession(); |
|
187 |
session.beginTransaction(); |
|
188 |
|
|
189 |
UserProfile profile = minUpcV2.findProfile( |
|
190 |
appAccessId, hashedSecretKey, username, ClientApp.APP_ID_CCPP, session); |
|
191 |
|
|
192 |
if (profile instanceof IbccUser) { |
|
193 |
IbccUser ibccUser = (IbccUser) profile; |
|
194 |
|
|
195 |
final M2uUser m2uUser = new M2uUser(); |
|
196 |
m2uUser.setMinUser(ibccUser.getMinUser()); |
|
197 |
m2uUser.setPan1(pan1); |
|
198 |
m2uUser.setPan2(pan2); |
|
199 |
|
|
200 |
rc = minUpcV2.updateProfileShallowly_noAccessCheck(m2uUser, session); |
|
201 |
|
|
202 |
if (rc == MinimalConstants.ERR_SUCCESS) |
|
203 |
session.getTransaction().commit(); |
|
204 |
else |
|
205 |
GenericDAOHibernate.rollbackTransactionIfAny(session); |
|
206 |
|
|
207 |
} else { |
|
208 |
rc = MinimalConstants.ERR_USERALIAS_NOT_FOUND; |
|
209 |
} |
|
210 |
} catch (UPassException e) { |
|
211 |
rc = e.getErrorCode(); |
|
212 |
LOGGER.error(e, e); |
|
213 |
GenericDAOHibernate.rollbackTransactionIfAny(session); |
|
214 |
|
|
215 |
} catch (Exception e) { |
|
216 |
LOGGER.error(e, e); |
|
217 |
GenericDAOHibernate.rollbackTransactionIfAny(session); |
|
218 |
|
|
219 |
} finally { |
|
220 |
GenericDAOHibernate.closeSessionIfAny(session); |
|
221 |
} |
|
222 |
return rc; |
|
182 | 223 |
} |
183 | 224 |
|
184 | 225 |
public CountResponse getFailedLoginsCount(String appAccessId, String hashedSecretKey, String username) { |
src/main/java/my/com/upass/pojo/AuthenticationBean.java | ||
---|---|---|
1 |
package my.com.upass.pojo; |
|
2 |
|
|
3 |
import java.util.List; |
|
4 |
|
|
5 |
public class AuthenticationBean { |
|
6 |
|
|
7 |
private final String givenInvokerUsername; |
|
8 |
private final String givenInvokerHashedPassword; |
|
9 |
private final String givenTargetUsername; |
|
10 |
private final String givenTargetHashedPassword; |
|
11 |
|
|
12 |
/** |
|
13 |
* The invoking loadedTarget or application. |
|
14 |
*/ |
|
15 |
private MinimalUserBean loadedInvoker; |
|
16 |
|
|
17 |
/** |
|
18 |
* The list of {@link UserAppAccess} records for the {@link #loadedInvoker}. |
|
19 |
*/ |
|
20 |
private List/* <UserAppAccess> */loadedInvokerAccessList; |
|
21 |
|
|
22 |
/** |
|
23 |
* The loadedTarget loadedTarget for authentication. |
|
24 |
*/ |
|
25 |
private MinimalUserBean loadedTarget; |
|
26 |
|
|
27 |
/** |
|
28 |
* The list of {@link UserAppAccess} records for the {@link #loadedTarget}. |
|
29 |
*/ |
|
30 |
private List/* <UserAppAccess> */loadedTargetAccessList; |
|
31 |
|
|
32 |
// |
|
33 |
|
|
34 |
public AuthenticationBean( |
|
35 |
String givenInvokerUsername, String givenInvokerHashedPassword, |
|
36 |
String givenTargetUsername, String givenTargetHashedPassword) { |
|
37 |
|
|
38 |
this.givenInvokerUsername = givenInvokerUsername; |
|
39 |
this.givenInvokerHashedPassword = givenInvokerHashedPassword; |
|
40 |
this.givenTargetUsername = givenTargetUsername; |
|
41 |
this.givenTargetHashedPassword = givenTargetHashedPassword; |
|
42 |
} |
|
43 |
|
|
44 |
public String getGivenInvokerUsername() { |
|
45 |
return givenInvokerUsername; |
|
46 |
} |
|
47 |
|
|
48 |
public String getGivenInvokerHashedPassword() { |
|
49 |
return givenInvokerHashedPassword; |
|
50 |
} |
|
51 |
|
|
52 |
public String getGivenTargetUsername() { |
|
53 |
return givenTargetUsername; |
|
54 |
} |
|
55 |
|
|
56 |
public String getGivenTargetHashedPassword() { |
|
57 |
return givenTargetHashedPassword; |
|
58 |
} |
|
59 |
|
|
60 |
public MinimalUserBean getLoadedInvoker() { |
|
61 |
return loadedInvoker; |
|
62 |
} |
|
63 |
|
|
64 |
public void setLoadedInvoker(MinimalUserBean invoker) { |
|
65 |
this.loadedInvoker = invoker; |
|
66 |
} |
|
67 |
|
|
68 |
public List/* <UserAppAccess> */getLoadedInvokerAccessList() { |
|
69 |
return loadedInvokerAccessList; |
|
70 |
} |
|
71 |
|
|
72 |
public void setLoadedInvokerAccessList(List/* <UserAppAccess> */invokerAccesses) { |
|
73 |
this.loadedInvokerAccessList = invokerAccesses; |
|
74 |
} |
|
75 |
|
|
76 |
public MinimalUserBean getLoadedTarget() { |
|
77 |
return loadedTarget; |
|
78 |
} |
|
79 |
|
|
80 |
public void setLoadedTarget(MinimalUserBean user) { |
|
81 |
this.loadedTarget = user; |
|
82 |
} |
|
83 |
|
|
84 |
public List/* <UserAppAccess> */getLoadedTargetAccessList() { |
|
85 |
return loadedTargetAccessList; |
|
86 |
} |
|
87 |
|
|
88 |
public void setLoadedTargetAccessList(List/* <UserAppAccess> */userAccesses) { |
|
89 |
this.loadedTargetAccessList = userAccesses; |
|
90 |
} |
|
91 |
} |
src/main/java/my/com/upass/services/AppAccessMgtService.java | ||
---|---|---|
18 | 18 |
import java.util.List; |
19 | 19 |
import java.util.Map; |
20 | 20 |
|
21 |
import my.com.upass.MinimalConstants; |
|
22 |
import my.com.upass.UPassException; |
|
21 | 23 |
import my.com.upass.dao.MinimalDAOFactory; |
22 | 24 |
import my.com.upass.dao.UserDAO; |
23 | 25 |
import my.com.upass.maybank.entities.IbccUser; |
... | ... | |
72 | 74 |
} |
73 | 75 |
|
74 | 76 |
public static Integer getAppIdForProfile(UserProfile profile) { |
77 |
|
|
78 |
Integer appId = (Integer) PROFILE_TO_APP_ID_MAP.get(profile); |
|
79 |
if (appId != null) |
|
80 |
return appId; |
|
81 |
|
|
75 | 82 |
for (Iterator keyIterator = PROFILE_TO_APP_ID_MAP.keySet().iterator(); keyIterator.hasNext();) { |
76 | 83 |
Class clazz = (Class) keyIterator.next(); |
77 | 84 |
if (clazz.isAssignableFrom(profile.getClass())) |
... | ... | |
172 | 179 |
|
173 | 180 |
// |
174 | 181 |
|
175 |
public class MultipleAppAccessesFound extends Exception { |
|
182 |
public class MultipleAppAccessesFound extends UPassException { |
|
183 |
|
|
176 | 184 |
private static final long serialVersionUID = 1L; |
185 |
|
|
186 |
public MultipleAppAccessesFound() { |
|
187 |
super(MinimalConstants.ERR_USERALIAS_NOT_FOUND); |
|
188 |
} |
|
177 | 189 |
} |
178 | 190 |
} |
Also available in: Unified diff