Search in sources :

Example 1 with EthereumAccount

use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.

the class AccountMapperController method authorizeBankTransferAndCreateAccountIdentityMapping.

@ApiOperation(value = "[Bank Transfer based account registration] Validate signed authIdentifier, store new account-identity mapping and activate ethereum account [BASIC AUTH]")
@RequestMapping(method = PUT, value = "/accounts", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<AccountActivationResponse> authorizeBankTransferAndCreateAccountIdentityMapping(@Valid @RequestBody BankTransferBasedAccountRegistrationCommand cmd, @RequestHeader(value = "Authorization") String authorization) {
    AccountActivationResponse.AccountActivationResponseBuilder responseBuilder = AccountActivationResponse.getBuilderForAuthType(AuthorisationType.BANK_TRANSFER).ownerId(cmd.getOwnerId());
    if (!isAuthorized(authorization)) {
        log.error("Account registration via bank unauthorized");
        return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
    }
    PendingAuthorisation pendingAuthorisation = pendingAuthorisationService.findByPaymentReference(cmd.getPaymentReference());
    if (pendingAuthorisation == null) {
        return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
    }
    EthereumAccount newAccount;
    String txHash = new String();
    try {
        newAccount = accountManagementService.storeNewAccount(pendingAuthorisation.getAddress(), cmd.getOwnerId(), AuthorisationType.BANK_TRANSFER);
        if (accountActivationEnabled) {
            txHash = ethereumService.activateEthereumAccount(newAccount.getAddress());
        }
    } catch (Exception e) {
        log.error("Login failure", e);
        return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
    }
    accountManagementService.markActivated(newAccount, txHash);
    pendingAuthorisationService.expire(pendingAuthorisation);
    return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).build(), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) AccountActivationResponse(eu.cryptoeuro.accountmapper.response.AccountActivationResponse) PendingAuthorisation(eu.cryptoeuro.accountmapper.domain.PendingAuthorisation) EthereumAccount(eu.cryptoeuro.accountmapper.domain.EthereumAccount) JSONException(org.json.JSONException) IOException(java.io.IOException) ApiOperation(io.swagger.annotations.ApiOperation)

Example 2 with EthereumAccount

use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.

the class AccountMapperController method authenticateIdCard.

@ApiOperation(value = "Associate created address with ID card")
@RequestMapping(method = POST, value = "/authorisations/idCards", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<AccountActivationResponse> authenticateIdCard(@Valid @RequestBody AuthenticateCommand authenticateCommand, Principal principal) throws JSONException, IOException {
    // if (!principal) throw SOME CUSTOM EXCEPTION OF CARD NOT PRESENT
    String ownerId = principal.getName();
    HttpStatus status = HttpStatus.OK;
    String txHash = new String();
    EthereumAccount account = new EthereumAccount();
    List<EthereumAccount> existingAccounts = accountManagementService.getAccountsByAccountAddress(Hex.toHexString(authenticateCommand.getAccountAddress()));
    if (existingAccounts.size() == 0) {
        account = accountManagementService.storeNewAccount(Hex.toHexString(authenticateCommand.getAccountAddress()), ownerId, AuthorisationType.ID_CARD);
        if (accountActivationEnabled) {
            try {
                txHash = ethereumService.activateEthereumAccount(account.getAddress());
                accountManagementService.markActivated(account, txHash);
            } catch (IOException e) {
                log.error("failed to activate account " + account.getAddress() + " on Ethereum", e);
                status = HttpStatus.INTERNAL_SERVER_ERROR;
            }
        }
    } else {
        log.error("Refusing to activate account: {0} binding(s) found already", existingAccounts.size());
        status = HttpStatus.BAD_REQUEST;
    }
    return new ResponseEntity<>(AccountActivationResponse.builder().authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).ownerId(ownerId).transactionHash(txHash).escrowTransfers(clearEscrow(account)).build(), status);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) HttpStatus(org.springframework.http.HttpStatus) IOException(java.io.IOException) EthereumAccount(eu.cryptoeuro.accountmapper.domain.EthereumAccount) ApiOperation(io.swagger.annotations.ApiOperation)

Example 3 with EthereumAccount

use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.

the class AccountMapperController method authorizeMobileIdAndCreateAccountIdentityMapping.

@ApiOperation(value = "[Mobile ID polling endpoint] Validate authorisation, store new account-identity mapping and activate ethereum account")
@RequestMapping(method = POST, value = "/accounts", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<AccountActivationResponse> authorizeMobileIdAndCreateAccountIdentityMapping(@Valid @RequestBody PollCommand pollCommand) throws IOException, JSONException {
    PendingAuthorisation pendingAuthorisation = pendingAuthorisationService.findByAuthIdentifier(pollCommand.getAuthIdentifier());
    AccountActivationResponse.AccountActivationResponseBuilder responseBuilder = AccountActivationResponse.getBuilderForAuthType(AuthorisationType.MOBILE_ID);
    if (pendingAuthorisation == null) {
        return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
    }
    MobileIDSession mobileIDSession = MobileIDSession.fromString(pendingAuthorisation.getSerialisedMobileIdSession());
    String accountAddress = pendingAuthorisation.getAddress();
    if (mobileIDSession == null || accountAddress == null) {
        return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
    }
    responseBuilder.ownerId(mobileIDSession.personalCode);
    // TODO: Make a better API here, so that the client would not have to submit the signature every time.
    if (StringUtils.hasText(pollCommand.getSignature())) {
        // TODO: Remove this if-statement when client-side is finished (i.e., make signatures mandatory)
        if (!pendingAuthorisation.verifyChallengeSignedByEthereumAccountHolder(pollCommand.getSignatureParsedForm())) {
            return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_INVALID_SIGNATURE.name()).build(), HttpStatus.OK);
        }
    }
    // Check if authenticated
    if (mobileIdAuthService.isLoginComplete(mobileIDSession)) {
        pendingAuthorisationService.expire(pendingAuthorisation);
    } else {
        return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_PENDING.name()).build(), HttpStatus.OK);
    }
    EthereumAccount newAccount;
    String txHash = new String();
    try {
        newAccount = accountManagementService.storeNewAccount(accountAddress, mobileIDSession.personalCode, AuthorisationType.MOBILE_ID);
        if (accountActivationEnabled) {
            txHash = ethereumService.activateEthereumAccount(accountAddress);
        }
    } catch (Exception e) {
        log.error("Login failure", e);
        return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
    }
    accountManagementService.markActivated(newAccount, txHash);
    return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).transactionHash(txHash).escrowTransfers(clearEscrow(newAccount)).build(), HttpStatus.OK);
}
Also used : ResponseEntity(org.springframework.http.ResponseEntity) MobileIDSession(com.codeborne.security.mobileid.MobileIDSession) AccountActivationResponse(eu.cryptoeuro.accountmapper.response.AccountActivationResponse) PendingAuthorisation(eu.cryptoeuro.accountmapper.domain.PendingAuthorisation) EthereumAccount(eu.cryptoeuro.accountmapper.domain.EthereumAccount) JSONException(org.json.JSONException) IOException(java.io.IOException) ApiOperation(io.swagger.annotations.ApiOperation)

Example 4 with EthereumAccount

use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.

the class EscrowService method approveEscrowAccountForId.

public EthereumAccount approveEscrowAccountForId(long idCode) throws IOException {
    Escrow escrow = createEscrowKey(idCode);
    EthereumAccount ethAccount = accountService.storeNewAccount(escrow.getAddress(), String.valueOf(escrow.getIdCode()), AuthorisationType.ESCROW);
    String txHash = ethereumService.activateEthereumAccount(escrow.getAddress());
    accountService.markActivated(ethAccount, txHash);
    escrowRepository.save(escrow);
    return ethAccount;
}
Also used : Escrow(eu.cryptoeuro.accountmapper.domain.Escrow) EthereumAccount(eu.cryptoeuro.accountmapper.domain.EthereumAccount)

Example 5 with EthereumAccount

use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.

the class EscrowController method getEscrow.

@RequestMapping(method = RequestMethod.GET, value = "/{idCode}")
public ResponseEntity<AccountActivationResponse> getEscrow(@PathVariable("idCode") @Valid long idCode) throws IOException {
    if (accountService.hasActivatedAccount(idCode)) {
        throw new HasActiveAccountException();
    }
    ;
    if (ldapService.lookupIdCode(idCode) == null) {
        throw new LdapNotFoundException();
    }
    ;
    EthereumAccount account;
    account = escrowService.approveEscrowAccountForId(idCode);
    AccountActivationResponse aaResponse = AccountActivationResponse.builder().authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).ownerId(account.getOwnerId()).address(account.getAddress()).transactionHash(account.getTransactionHash()).build();
    return new ResponseEntity<AccountActivationResponse>(aaResponse, HttpStatus.OK);
}
Also used : HasActiveAccountException(eu.cryptoeuro.accountmapper.error.HasActiveAccountException) ResponseEntity(org.springframework.http.ResponseEntity) LdapNotFoundException(eu.cryptoeuro.accountmapper.error.LdapNotFoundException) AccountActivationResponse(eu.cryptoeuro.accountmapper.response.AccountActivationResponse) EthereumAccount(eu.cryptoeuro.accountmapper.domain.EthereumAccount) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

EthereumAccount (eu.cryptoeuro.accountmapper.domain.EthereumAccount)6 ResponseEntity (org.springframework.http.ResponseEntity)4 AccountActivationResponse (eu.cryptoeuro.accountmapper.response.AccountActivationResponse)3 ApiOperation (io.swagger.annotations.ApiOperation)3 IOException (java.io.IOException)3 PendingAuthorisation (eu.cryptoeuro.accountmapper.domain.PendingAuthorisation)2 JSONException (org.json.JSONException)2 MobileIDSession (com.codeborne.security.mobileid.MobileIDSession)1 Escrow (eu.cryptoeuro.accountmapper.domain.Escrow)1 CannotStoreAccountException (eu.cryptoeuro.accountmapper.error.CannotStoreAccountException)1 HasActiveAccountException (eu.cryptoeuro.accountmapper.error.HasActiveAccountException)1 LdapNotFoundException (eu.cryptoeuro.accountmapper.error.LdapNotFoundException)1 HttpStatus (org.springframework.http.HttpStatus)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1