use of org.egov.user.web.contract.auth.Role in project core-services by digit-egov.
the class UserControllerTest method getRoles.
private Set<Role> getRoles() {
Set<Role> roles = new HashSet<>();
org.egov.user.domain.model.Role roleModel = org.egov.user.domain.model.Role.builder().name("Employee").code("EMPLOYEE").build();
Role role = new Role(roleModel);
roles.add(role);
return roles;
}
use of org.egov.user.web.contract.auth.Role in project core-services by digit-egov.
the class CustomPreAuthenticatedProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
UsernamePasswordAuthenticationToken token = (UsernamePasswordAuthenticationToken) authentication.getPrincipal();
SecureUser secureUser = (SecureUser) token.getPrincipal();
String userName = secureUser.getUsername();
final LinkedHashMap<String, String> details = (LinkedHashMap<String, String>) token.getDetails();
String tenantId = details.get("tenantId");
String userType = details.get("userType");
if (isEmpty(tenantId)) {
throw new OAuth2Exception("TenantId is mandatory");
}
if (isEmpty(userType) || isNull(UserType.fromValue(userType))) {
throw new OAuth2Exception("User Type is mandatory and has to be a valid type");
}
User user;
try {
user = userService.getUniqueUser(userName, tenantId, UserType.fromValue(userType));
/* decrypt here */
Set<org.egov.user.domain.model.Role> domain_roles = user.getRoles();
List<org.egov.common.contract.request.Role> contract_roles = new ArrayList<>();
for (org.egov.user.domain.model.Role role : domain_roles) {
contract_roles.add(org.egov.common.contract.request.Role.builder().code(role.getCode()).name(role.getName()).build());
}
org.egov.common.contract.request.User userInfo = org.egov.common.contract.request.User.builder().uuid(user.getUuid()).type(user.getType() != null ? user.getType().name() : null).roles(contract_roles).build();
RequestInfo requestInfo = RequestInfo.builder().userInfo(userInfo).build();
user = encryptionDecryptionUtil.decryptObject(user, "User", User.class, requestInfo);
} catch (UserNotFoundException e) {
log.error("User not found", e);
throw new OAuth2Exception("Invalid login credentials");
} catch (DuplicateUserNameException e) {
log.error("Fatal error, user conflict, more than one user found", e);
throw new OAuth2Exception("Invalid login credentials");
}
if (user.getAccountLocked() == null || user.getAccountLocked()) {
throw new OAuth2Exception("Account locked");
}
List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_" + user.getType()));
final SecureUser finalUser = new SecureUser(getUser(user));
return new PreAuthenticatedAuthenticationToken(finalUser, null, grantedAuths);
}
use of org.egov.user.web.contract.auth.Role in project core-services by digit-egov.
the class CustomAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) {
String userName = authentication.getName();
String password = authentication.getCredentials().toString();
final LinkedHashMap<String, String> details = (LinkedHashMap<String, String>) authentication.getDetails();
String tenantId = details.get("tenantId");
String userType = details.get("userType");
if (isEmpty(tenantId)) {
throw new OAuth2Exception("TenantId is mandatory");
}
if (isEmpty(userType) || isNull(UserType.fromValue(userType))) {
throw new OAuth2Exception("User Type is mandatory and has to be a valid type");
}
User user;
RequestInfo requestInfo;
try {
user = userService.getUniqueUser(userName, tenantId, UserType.fromValue(userType));
/* decrypt here otp service and final response need decrypted data*/
Set<org.egov.user.domain.model.Role> domain_roles = user.getRoles();
List<org.egov.common.contract.request.Role> contract_roles = new ArrayList<>();
for (org.egov.user.domain.model.Role role : domain_roles) {
contract_roles.add(org.egov.common.contract.request.Role.builder().code(role.getCode()).name(role.getName()).build());
}
org.egov.common.contract.request.User userInfo = org.egov.common.contract.request.User.builder().uuid(user.getUuid()).type(user.getType() != null ? user.getType().name() : null).roles(contract_roles).build();
requestInfo = RequestInfo.builder().userInfo(userInfo).build();
user = encryptionDecryptionUtil.decryptObject(user, "User", User.class, requestInfo);
} catch (UserNotFoundException e) {
log.error("User not found", e);
throw new OAuth2Exception("Invalid login credentials");
} catch (DuplicateUserNameException e) {
log.error("Fatal error, user conflict, more than one user found", e);
throw new OAuth2Exception("Invalid login credentials");
}
if (user.getActive() == null || !user.getActive()) {
throw new OAuth2Exception("Please activate your account");
}
if (user.getAccountLocked() != null && user.getAccountLocked()) {
if (userService.isAccountUnlockAble(user)) {
user = unlockAccount(user, requestInfo);
} else
throw new OAuth2Exception("Account locked");
}
boolean isCitizen = false;
if (user.getType() != null && user.getType().equals(UserType.CITIZEN))
isCitizen = true;
boolean isPasswordMatched;
if (isCitizen) {
if (fixedOTPEnabled && !fixedOTPPassword.equals("") && fixedOTPPassword.equals(password)) {
// for automation allow fixing otp validation to a fixed otp
isPasswordMatched = true;
} else {
isPasswordMatched = isPasswordMatch(citizenLoginPasswordOtpEnabled, password, user, authentication);
}
} else {
isPasswordMatched = isPasswordMatch(employeeLoginPasswordOtpEnabled, password, user, authentication);
}
if (isPasswordMatched) {
/*
We assume that there will be only one type. If it is multiple
then we have change below code Separate by comma or other and
iterate
*/
List<GrantedAuthority> grantedAuths = new ArrayList<>();
grantedAuths.add(new SimpleGrantedAuthority("ROLE_" + user.getType()));
final SecureUser secureUser = new SecureUser(getUser(user));
userService.resetFailedLoginAttempts(user);
return new UsernamePasswordAuthenticationToken(secureUser, password, grantedAuths);
} else {
// Handle failed login attempt
// Fetch Real IP after being forwarded by reverse proxy
userService.handleFailedLogin(user, request.getHeader(IP_HEADER_NAME), requestInfo);
throw new OAuth2Exception("Invalid login credentials");
}
}
Aggregations