use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.
the class AccountMapperController method authorizeBankTransferAndCreateAccountIdentityMapping.
@ApiOperation(value = "[Bank Transfer based account registration] Validate signed authIdentifier, store new account-identity mapping and activate ethereum account [BASIC AUTH]")
@RequestMapping(method = PUT, value = "/accounts", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<AccountActivationResponse> authorizeBankTransferAndCreateAccountIdentityMapping(@Valid @RequestBody BankTransferBasedAccountRegistrationCommand cmd, @RequestHeader(value = "Authorization") String authorization) {
AccountActivationResponse.AccountActivationResponseBuilder responseBuilder = AccountActivationResponse.getBuilderForAuthType(AuthorisationType.BANK_TRANSFER).ownerId(cmd.getOwnerId());
if (!isAuthorized(authorization)) {
log.error("Account registration via bank unauthorized");
return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
}
PendingAuthorisation pendingAuthorisation = pendingAuthorisationService.findByPaymentReference(cmd.getPaymentReference());
if (pendingAuthorisation == null) {
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
}
EthereumAccount newAccount;
String txHash = new String();
try {
newAccount = accountManagementService.storeNewAccount(pendingAuthorisation.getAddress(), cmd.getOwnerId(), AuthorisationType.BANK_TRANSFER);
if (accountActivationEnabled) {
txHash = ethereumService.activateEthereumAccount(newAccount.getAddress());
}
} catch (Exception e) {
log.error("Login failure", e);
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
}
accountManagementService.markActivated(newAccount, txHash);
pendingAuthorisationService.expire(pendingAuthorisation);
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).build(), HttpStatus.OK);
}
use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.
the class AccountMapperController method authenticateIdCard.
@ApiOperation(value = "Associate created address with ID card")
@RequestMapping(method = POST, value = "/authorisations/idCards", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<AccountActivationResponse> authenticateIdCard(@Valid @RequestBody AuthenticateCommand authenticateCommand, Principal principal) throws JSONException, IOException {
// if (!principal) throw SOME CUSTOM EXCEPTION OF CARD NOT PRESENT
String ownerId = principal.getName();
HttpStatus status = HttpStatus.OK;
String txHash = new String();
EthereumAccount account = new EthereumAccount();
List<EthereumAccount> existingAccounts = accountManagementService.getAccountsByAccountAddress(Hex.toHexString(authenticateCommand.getAccountAddress()));
if (existingAccounts.size() == 0) {
account = accountManagementService.storeNewAccount(Hex.toHexString(authenticateCommand.getAccountAddress()), ownerId, AuthorisationType.ID_CARD);
if (accountActivationEnabled) {
try {
txHash = ethereumService.activateEthereumAccount(account.getAddress());
accountManagementService.markActivated(account, txHash);
} catch (IOException e) {
log.error("failed to activate account " + account.getAddress() + " on Ethereum", e);
status = HttpStatus.INTERNAL_SERVER_ERROR;
}
}
} else {
log.error("Refusing to activate account: {0} binding(s) found already", existingAccounts.size());
status = HttpStatus.BAD_REQUEST;
}
return new ResponseEntity<>(AccountActivationResponse.builder().authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).ownerId(ownerId).transactionHash(txHash).escrowTransfers(clearEscrow(account)).build(), status);
}
use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.
the class AccountMapperController method authorizeMobileIdAndCreateAccountIdentityMapping.
@ApiOperation(value = "[Mobile ID polling endpoint] Validate authorisation, store new account-identity mapping and activate ethereum account")
@RequestMapping(method = POST, value = "/accounts", consumes = MediaType.APPLICATION_JSON_UTF8_VALUE)
public ResponseEntity<AccountActivationResponse> authorizeMobileIdAndCreateAccountIdentityMapping(@Valid @RequestBody PollCommand pollCommand) throws IOException, JSONException {
PendingAuthorisation pendingAuthorisation = pendingAuthorisationService.findByAuthIdentifier(pollCommand.getAuthIdentifier());
AccountActivationResponse.AccountActivationResponseBuilder responseBuilder = AccountActivationResponse.getBuilderForAuthType(AuthorisationType.MOBILE_ID);
if (pendingAuthorisation == null) {
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
}
MobileIDSession mobileIDSession = MobileIDSession.fromString(pendingAuthorisation.getSerialisedMobileIdSession());
String accountAddress = pendingAuthorisation.getAddress();
if (mobileIDSession == null || accountAddress == null) {
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
}
responseBuilder.ownerId(mobileIDSession.personalCode);
// TODO: Make a better API here, so that the client would not have to submit the signature every time.
if (StringUtils.hasText(pollCommand.getSignature())) {
// TODO: Remove this if-statement when client-side is finished (i.e., make signatures mandatory)
if (!pendingAuthorisation.verifyChallengeSignedByEthereumAccountHolder(pollCommand.getSignatureParsedForm())) {
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_INVALID_SIGNATURE.name()).build(), HttpStatus.OK);
}
}
// Check if authenticated
if (mobileIdAuthService.isLoginComplete(mobileIDSession)) {
pendingAuthorisationService.expire(pendingAuthorisation);
} else {
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_PENDING.name()).build(), HttpStatus.OK);
}
EthereumAccount newAccount;
String txHash = new String();
try {
newAccount = accountManagementService.storeNewAccount(accountAddress, mobileIDSession.personalCode, AuthorisationType.MOBILE_ID);
if (accountActivationEnabled) {
txHash = ethereumService.activateEthereumAccount(accountAddress);
}
} catch (Exception e) {
log.error("Login failure", e);
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_EXPIRED.name()).build(), HttpStatus.OK);
}
accountManagementService.markActivated(newAccount, txHash);
return new ResponseEntity<AccountActivationResponse>(responseBuilder.authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).transactionHash(txHash).escrowTransfers(clearEscrow(newAccount)).build(), HttpStatus.OK);
}
use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.
the class EscrowService method approveEscrowAccountForId.
public EthereumAccount approveEscrowAccountForId(long idCode) throws IOException {
Escrow escrow = createEscrowKey(idCode);
EthereumAccount ethAccount = accountService.storeNewAccount(escrow.getAddress(), String.valueOf(escrow.getIdCode()), AuthorisationType.ESCROW);
String txHash = ethereumService.activateEthereumAccount(escrow.getAddress());
accountService.markActivated(ethAccount, txHash);
escrowRepository.save(escrow);
return ethAccount;
}
use of eu.cryptoeuro.accountmapper.domain.EthereumAccount in project account-identity by cryptofiat.
the class EscrowController method getEscrow.
@RequestMapping(method = RequestMethod.GET, value = "/{idCode}")
public ResponseEntity<AccountActivationResponse> getEscrow(@PathVariable("idCode") @Valid long idCode) throws IOException {
if (accountService.hasActivatedAccount(idCode)) {
throw new HasActiveAccountException();
}
;
if (ldapService.lookupIdCode(idCode) == null) {
throw new LdapNotFoundException();
}
;
EthereumAccount account;
account = escrowService.approveEscrowAccountForId(idCode);
AccountActivationResponse aaResponse = AccountActivationResponse.builder().authenticationStatus(AuthenticationStatus.LOGIN_SUCCESS.name()).ownerId(account.getOwnerId()).address(account.getAddress()).transactionHash(account.getTransactionHash()).build();
return new ResponseEntity<AccountActivationResponse>(aaResponse, HttpStatus.OK);
}
Aggregations