Z-Archive » Maybank Projects » M2U UPASS Project

/**

 * Copyright (c) 2010 Penril Datability (M) Sdn Bhd All rights reserved.

 *

 * This software is copyrighted. Under the copyright laws, this software

 * may not be copied, in whole or in part, without prior written consent

 * of Penril Datability (M) Sdn Bhd or its assignees. This software is

 * provided under the terms of a license between Penril Datability (M)

 * Sdn Bhd and the recipient, and its use is subject to the terms of that

 * license.

 */

package my.com.upass.services;

import java.util.Date;

import java.util.StringTokenizer;

import my.com.upass.Constants;

import my.com.upass.UPassControllerV2;

import my.com.upass.dao.DAOFactoryProvider;

import my.com.upass.dao.UserDAO;

import my.com.upass.factory.UPassFactory;

import my.com.upass.pojo.UserBean;

import my.com.upass.spassword.PasswordController;

/**

 * PROGRAMMER: Danniell

 * CHANGE-NO:

 * TASK-NO:

 * DATE CREATED: Dec 29, 2011

 * TAG AS:

 * REASON(S):

 * MODIFICATION:

 */

/**

 * <Class description>

 */

public class CheckPasswordReusedService

{

        private UPassControllerV2 upc;

        public CheckPasswordReusedService(UPassControllerV2 upc)

        {

                this.upc = upc;

        }

        public int CheckPasswordReused (String userAlias, String password)

        {

                String token;

                if (userAlias == null || password == null)

                {

                        return Constants.ERR_INVALID_INPUT;

                }

                try

                {

                        UserDAO userDao = DAOFactoryProvider.getDAOFactory ().getUserDAO ();

                        UserBean userBean = userDao.getUserFromStore (userAlias);

                        if (userBean == null)

                        {

                                return Constants.ERR_USERALIAS_NOT_FOUND;

                        }

                        // verify user state, must be active (not inactive|locked|deleted)

                        switch (userBean.getUstate ())

                        {

                                case (Constants.UID_STATE_ACTIVE):

                                        break;

                                case (Constants.UID_STATE_TMP_LOCKED):

                                        Date now = new Date ();

                                        if (userBean.getUdateLockedTo ().after (now))

                                        {

                                                return Constants.ERR_INVALID_STATE;

                                        }

                                        break;

                                default:

                                        return Constants.ERR_INVALID_STATE;

                        }

                        PasswordController pc = UPassFactory.getPasswordController (

                                        userBean, upc.getConfigurationsMap ());

                        String cipherText = pc.SHA256 (userBean.getUserAlias(), password);

                        if (userBean.getPhistoryList () != null)

                        {

                                StringTokenizer stz = new StringTokenizer (

                                                userBean.getPhistoryList (), ":");

                                while (stz.hasMoreTokens ())

                                {

                                        token = stz.nextToken ();

                                        if (cipherText.equals (token))

                                        {

                                                return Constants.ERR_REUSED_PASSWD;

                                        }

                                }

                        }

                        return Constants.ERR_SUCCESS;

                }

                catch (Exception e)

                {

                        e.printStackTrace ();

                        return Constants.ERR_SYSTEM_NOT_READY;

                }

        }

}