Merge pull request #80 from Kitzanos/fixed-bug-login-attempt
Logged Login Attempts for SAML-Based Authentication
This commit is contained in:
rbonazzo-KZ
@@ -207,7 +207,7 @@ public class ApplicationAmendmentRequestDao {
|
|||||||
applicationAmendmentRequestEntity.setIsEmail(applicationAmendmentRequest.getIsSendEmail());
|
applicationAmendmentRequestEntity.setIsEmail(applicationAmendmentRequest.getIsSendEmail());
|
||||||
applicationAmendmentRequestEntity.setIsNotification(applicationAmendmentRequest.getIsSendNotification());
|
applicationAmendmentRequestEntity.setIsNotification(applicationAmendmentRequest.getIsSendNotification());
|
||||||
applicationAmendmentRequestEntity.setStartDate(DateTimeUtil.DateServerToUTC(LocalDateTime.now()));
|
applicationAmendmentRequestEntity.setStartDate(DateTimeUtil.DateServerToUTC(LocalDateTime.now()));
|
||||||
applicationAmendmentRequestEntity.setStatus(ApplicationAmendmentRequestEnum.AWATING.getValue());
|
applicationAmendmentRequestEntity.setStatus(ApplicationAmendmentRequestEnum.AWAITING.getValue());
|
||||||
ApplicationEvaluationEntity applicationEvaluationEntity = applicationEvaluationService.validateApplicationEvaluation(applicationEvaluationId);
|
ApplicationEvaluationEntity applicationEvaluationEntity = applicationEvaluationService.validateApplicationEvaluation(applicationEvaluationId);
|
||||||
|
|
||||||
applicationAmendmentRequestEntity.setApplicationEvaluationEntity(applicationEvaluationEntity);
|
applicationAmendmentRequestEntity.setApplicationEvaluationEntity(applicationEvaluationEntity);
|
||||||
@@ -554,8 +554,9 @@ public class ApplicationAmendmentRequestDao {
|
|||||||
|
|
||||||
log.info("Updating application amendement with status: {}", id);
|
log.info("Updating application amendement with status: {}", id);
|
||||||
ApplicationAmendmentRequestEntity existingApplicationAmendment = validateApplicationAmendmentRequest(id);
|
ApplicationAmendmentRequestEntity existingApplicationAmendment = validateApplicationAmendmentRequest(id);
|
||||||
if(Boolean.TRUE.equals(existingApplicationAmendment.getStatus().equals(ApplicationAmendmentRequestEnum.AWATING.getValue())) && Boolean.TRUE.equals(statusTypeEnum.equals(ApplicationAmendmentRequestEnum.RESPONSE_RECEIVED))){
|
if(Boolean.TRUE.equals(existingApplicationAmendment.getStatus().equals(ApplicationAmendmentRequestEnum.AWAITING.getValue())) && Boolean.TRUE.equals(statusTypeEnum.equals(ApplicationAmendmentRequestEnum.RESPONSE_RECEIVED))){
|
||||||
existingApplicationAmendment.setStatus(ApplicationAmendmentRequestEnum.RESPONSE_RECEIVED.getValue());
|
existingApplicationAmendment.setStatus(ApplicationAmendmentRequestEnum.RESPONSE_RECEIVED.getValue());
|
||||||
|
existingApplicationAmendment.setUpdatedDate(DateTimeUtil.DateServerToUTC(LocalDateTime.now()));
|
||||||
applicationAmendmentRequestRepository.save(existingApplicationAmendment);
|
applicationAmendmentRequestRepository.save(existingApplicationAmendment);
|
||||||
}
|
}
|
||||||
ApplicationAmendmentRequestResponse response = convertEntityToResponse(existingApplicationAmendment);
|
ApplicationAmendmentRequestResponse response = convertEntityToResponse(existingApplicationAmendment);
|
||||||
|
|||||||
@@ -5,10 +5,7 @@ import jakarta.servlet.http.HttpServletResponse;
|
|||||||
import net.gepafin.tendermanagement.config.SamlSuccessHandler;
|
import net.gepafin.tendermanagement.config.SamlSuccessHandler;
|
||||||
import net.gepafin.tendermanagement.config.Translator;
|
import net.gepafin.tendermanagement.config.Translator;
|
||||||
import net.gepafin.tendermanagement.constants.GepafinConstant;
|
import net.gepafin.tendermanagement.constants.GepafinConstant;
|
||||||
import net.gepafin.tendermanagement.entities.BeneficiaryEntity;
|
import net.gepafin.tendermanagement.entities.*;
|
||||||
import net.gepafin.tendermanagement.entities.HubEntity;
|
|
||||||
import net.gepafin.tendermanagement.entities.RoleEntity;
|
|
||||||
import net.gepafin.tendermanagement.entities.UserEntity;
|
|
||||||
import net.gepafin.tendermanagement.enums.RoleStatusEnum;
|
import net.gepafin.tendermanagement.enums.RoleStatusEnum;
|
||||||
import net.gepafin.tendermanagement.enums.UserStatusEnum;
|
import net.gepafin.tendermanagement.enums.UserStatusEnum;
|
||||||
import net.gepafin.tendermanagement.model.request.*;
|
import net.gepafin.tendermanagement.model.request.*;
|
||||||
@@ -80,6 +77,9 @@ public class UserDao {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private HubService hubService;
|
private HubService hubService;
|
||||||
|
|
||||||
|
@Autowired
|
||||||
|
private AuthenticationService authenticationService;
|
||||||
|
|
||||||
|
|
||||||
public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) {
|
public JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq) {
|
||||||
if(StringUtils.isEmpty(userReq.getHubUuid())) {
|
if(StringUtils.isEmpty(userReq.getHubUuid())) {
|
||||||
@@ -92,6 +92,14 @@ public class UserDao {
|
|||||||
BeneficiaryEntity beneficiary = createBeneficiary(roleEntity, userReq, hub);
|
BeneficiaryEntity beneficiary = createBeneficiary(roleEntity, userReq, hub);
|
||||||
UserEntity userEntity = convertUserRequestToUserEntity(beneficiary, roleEntity, userReq, hub);
|
UserEntity userEntity = convertUserRequestToUserEntity(beneficiary, roleEntity, userReq, hub);
|
||||||
log.info("User created with ID: {}", userEntity.getId());
|
log.info("User created with ID: {}", userEntity.getId());
|
||||||
|
LoginReq loginReq=new LoginReq();
|
||||||
|
loginReq.setEmail(userEntity.getEmail());
|
||||||
|
if(userEntity!=null){
|
||||||
|
LoginAttemptEntity loginAttemptEntity =authenticationService.prepareLoginAttemptEntity(loginReq, request);
|
||||||
|
log.info("Authentication failed for email: {}", loginReq.getEmail());
|
||||||
|
loginAttemptEntity.setUserId(userEntity.getId());
|
||||||
|
authenticationService.createSuccessLoginAttempt(loginAttemptEntity);
|
||||||
|
}
|
||||||
return authService.getJWTTokenBean(userEntity, Boolean.TRUE);
|
return authService.getJWTTokenBean(userEntity, Boolean.TRUE);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -403,8 +411,8 @@ public class UserDao {
|
|||||||
return userResponseBeans;
|
return userResponseBeans;
|
||||||
}
|
}
|
||||||
|
|
||||||
public JWTToken validateExistingUserToken(String token) {
|
public JWTToken validateExistingUserToken(HttpServletRequest request,String token) {
|
||||||
return authService.validateExistingUserToken(token);
|
return authService.validateExistingUserToken(request,token);
|
||||||
}
|
}
|
||||||
|
|
||||||
public UserSamlResponse validateNewUserToken(String token) {
|
public UserSamlResponse validateNewUserToken(String token) {
|
||||||
|
|||||||
@@ -3,7 +3,7 @@ package net.gepafin.tendermanagement.enums;
|
|||||||
import com.fasterxml.jackson.annotation.JsonValue;
|
import com.fasterxml.jackson.annotation.JsonValue;
|
||||||
|
|
||||||
public enum ApplicationAmendmentRequestEnum {
|
public enum ApplicationAmendmentRequestEnum {
|
||||||
AWATING("AWATING"),
|
AWAITING("AWAITING"),
|
||||||
RESPONSE_RECEIVED("RESPONSE_RECEIVED"),
|
RESPONSE_RECEIVED("RESPONSE_RECEIVED"),
|
||||||
CLOSE("CLOSE"),
|
CLOSE("CLOSE"),
|
||||||
EXPIRED("EXPIRED");
|
EXPIRED("EXPIRED");
|
||||||
|
|||||||
@@ -23,7 +23,7 @@ public interface ApplicationAmendmentRequestService {
|
|||||||
ApplicationAmendmentRequestResponse closeAmendmentRequest(HttpServletRequest request, Long id, CloseAmendmentRequest closeAmendmentRequest);
|
ApplicationAmendmentRequestResponse closeAmendmentRequest(HttpServletRequest request, Long id, CloseAmendmentRequest closeAmendmentRequest);
|
||||||
ApplicationAmendmentRequestResponse extendResponseDays(HttpServletRequest request, Long id, Long addedDays);
|
ApplicationAmendmentRequestResponse extendResponseDays(HttpServletRequest request, Long id, Long addedDays);
|
||||||
public ApplicationAmendmentRequestResponse getAmendmentByApplicationId(HttpServletRequest request,Long applicationId);
|
public ApplicationAmendmentRequestResponse getAmendmentByApplicationId(HttpServletRequest request,Long applicationId);
|
||||||
public ApplicationAmendmentRequestResponse updateApplicationStatus(HttpServletRequest request, Long applicationId, ApplicationAmendmentRequestEnum status);
|
public ApplicationAmendmentRequestResponse updateApplicationAmendmentStatus(HttpServletRequest request, Long applicationAmendmentId, ApplicationAmendmentRequestEnum status);
|
||||||
|
|
||||||
void sendReminderEmail(HttpServletRequest request,Long amendmentId);
|
void sendReminderEmail(HttpServletRequest request,Long amendmentId);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -140,8 +140,8 @@ public class ApplicationAmendmentRequestServiceImpl implements ApplicationAmendm
|
|||||||
return applicationAmendmentRequestDao.getAmendmentByApplicationId(request,applicationId);
|
return applicationAmendmentRequestDao.getAmendmentByApplicationId(request,applicationId);
|
||||||
}
|
}
|
||||||
@Override
|
@Override
|
||||||
public ApplicationAmendmentRequestResponse updateApplicationStatus(HttpServletRequest request, Long applicationId, ApplicationAmendmentRequestEnum status) {
|
public ApplicationAmendmentRequestResponse updateApplicationAmendmentStatus(HttpServletRequest request, Long applicationAmendmentId, ApplicationAmendmentRequestEnum status) {
|
||||||
return applicationAmendmentRequestDao.updateApplicationAmendmentStatus(applicationId, status);
|
return applicationAmendmentRequestDao.updateApplicationAmendmentStatus(applicationAmendmentId, status);
|
||||||
|
|
||||||
}
|
}
|
||||||
@Override
|
@Override
|
||||||
|
|||||||
@@ -79,6 +79,7 @@ public class AuthenticationService {
|
|||||||
UserEntity user=null;
|
UserEntity user=null;
|
||||||
|
|
||||||
LoginAttemptEntity loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request);
|
LoginAttemptEntity loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request);
|
||||||
|
try {
|
||||||
log.info("Attempting login for email: {}", loginReq.getEmail());
|
log.info("Attempting login for email: {}", loginReq.getEmail());
|
||||||
String emailWithHubId = loginReq.getEmail()+":"+loginReq.getHubUuid();
|
String emailWithHubId = loginReq.getEmail()+":"+loginReq.getHubUuid();
|
||||||
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(
|
||||||
@@ -94,11 +95,18 @@ public class AuthenticationService {
|
|||||||
throw new ResourceNotFoundException(Status.NOT_FOUND,
|
throw new ResourceNotFoundException(Status.NOT_FOUND,
|
||||||
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG));
|
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG));
|
||||||
}
|
}
|
||||||
|
loginAttemptEntity.setUserId(user.getId());
|
||||||
createSuccessLoginAttempt(loginAttemptEntity);
|
createSuccessLoginAttempt(loginAttemptEntity);
|
||||||
|
} catch (Exception e) {
|
||||||
|
log.info("Authentication failed for email: {}", loginReq.getEmail());
|
||||||
|
loginAttemptEntity.setUserId(user.getId());
|
||||||
|
createFailedLoginAttempt(loginAttemptEntity, e.getMessage());
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
return getJWTTokenBean(user, loginReq.getRememberMe());
|
return getJWTTokenBean(user, loginReq.getRememberMe());
|
||||||
}
|
}
|
||||||
|
|
||||||
private LoginAttemptEntity prepareLoginAttemptEntity(LoginReq loginUserReq, HttpServletRequest request) {
|
public LoginAttemptEntity prepareLoginAttemptEntity(LoginReq loginUserReq, HttpServletRequest request) {
|
||||||
String ipAddress = Utils.getClientIpAddress(request);
|
String ipAddress = Utils.getClientIpAddress(request);
|
||||||
String userAgent = request.getHeader("user-agent");
|
String userAgent = request.getHeader("user-agent");
|
||||||
LoginAttemptEntity loginAttemptEntity = new LoginAttemptEntity();
|
LoginAttemptEntity loginAttemptEntity = new LoginAttemptEntity();
|
||||||
@@ -109,11 +117,11 @@ public class AuthenticationService {
|
|||||||
return loginAttemptEntity;
|
return loginAttemptEntity;
|
||||||
}
|
}
|
||||||
|
|
||||||
private void createSuccessLoginAttempt(LoginAttemptEntity loginAttemptEntity) {
|
public void createSuccessLoginAttempt(LoginAttemptEntity loginAttemptEntity) {
|
||||||
loginAttemptEntity.setResult(LoginAttemptResultEnum.SUCCESS.getValue());
|
loginAttemptEntity.setResult(LoginAttemptResultEnum.SUCCESS.getValue());
|
||||||
loginAttemptDao.createLoginAttempt(loginAttemptEntity);
|
loginAttemptDao.createLoginAttempt(loginAttemptEntity);
|
||||||
}
|
}
|
||||||
private void createFailedLoginAttempt(LoginAttemptEntity loginAttemptEntity, String errorMsg) {
|
public void createFailedLoginAttempt(LoginAttemptEntity loginAttemptEntity, String errorMsg) {
|
||||||
loginAttemptEntity.setResult(LoginAttemptResultEnum.FAILED.getValue());
|
loginAttemptEntity.setResult(LoginAttemptResultEnum.FAILED.getValue());
|
||||||
loginAttemptEntity.setErrorMsg(errorMsg);
|
loginAttemptEntity.setErrorMsg(errorMsg);
|
||||||
loginAttemptDao.createLoginAttempt(loginAttemptEntity);
|
loginAttemptDao.createLoginAttempt(loginAttemptEntity);
|
||||||
@@ -184,13 +192,17 @@ public class AuthenticationService {
|
|||||||
SecurityContextHolder.clearContext();
|
SecurityContextHolder.clearContext();
|
||||||
}
|
}
|
||||||
|
|
||||||
public JWTToken validateExistingUserToken(String token) {
|
public JWTToken validateExistingUserToken(HttpServletRequest request,String token) {
|
||||||
SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token);
|
SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token);
|
||||||
if (samlResponseLogEntity == null) {
|
if (samlResponseLogEntity == null) {
|
||||||
log.info("Invalid spid login token : {}", token);
|
log.info("Invalid spid login token : {}", token);
|
||||||
throw new CustomValidationException(Status.VALIDATION_ERROR,
|
throw new CustomValidationException(Status.VALIDATION_ERROR,
|
||||||
Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
|
Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
|
||||||
}
|
}
|
||||||
|
LoginReq loginReq=new LoginReq();
|
||||||
|
Long userId=null;
|
||||||
|
LoginAttemptEntity loginAttemptEntity =new LoginAttemptEntity();
|
||||||
|
try {
|
||||||
HubEntity hub = hubService.getHubByUuid(samlResponseLogEntity.getHubUuid());
|
HubEntity hub = hubService.getHubByUuid(samlResponseLogEntity.getHubUuid());
|
||||||
Map<String, List<Object>> userAttributes = Utils
|
Map<String, List<Object>> userAttributes = Utils
|
||||||
.convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject());
|
.convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject());
|
||||||
@@ -198,9 +210,18 @@ public class AuthenticationService {
|
|||||||
UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscaleAndHubId(cf, hub.getId())
|
UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscaleAndHubId(cf, hub.getId())
|
||||||
.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
|
.orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND,
|
||||||
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
|
Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)));
|
||||||
|
userId=userEntity.getId();
|
||||||
//samlResponseLogRepository.delete(samlResponseLogEntity);
|
//samlResponseLogRepository.delete(samlResponseLogEntity);
|
||||||
|
loginReq.setEmail(userEntity.getEmail());
|
||||||
return getJWTTokenBean(userEntity, Boolean.TRUE);
|
loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request);
|
||||||
|
loginAttemptEntity.setUserId(userEntity.getId());
|
||||||
|
return getJWTTokenBean(userEntity, Boolean.TRUE);
|
||||||
|
} catch (Exception e) {
|
||||||
|
log.info("Authentication login failed for email: {}",e.getMessage());
|
||||||
|
loginAttemptEntity.setUserId(userId);
|
||||||
|
createFailedLoginAttempt(loginAttemptEntity, e.getMessage());
|
||||||
|
throw e;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@@ -103,7 +103,7 @@ public class UserServiceImpl implements UserService {
|
|||||||
@Override
|
@Override
|
||||||
@Transactional(rollbackFor = Exception.class)
|
@Transactional(rollbackFor = Exception.class)
|
||||||
public JWTToken validateExistingUserToken(HttpServletRequest request, String token) {
|
public JWTToken validateExistingUserToken(HttpServletRequest request, String token) {
|
||||||
return userDao.validateExistingUserToken(token);
|
return userDao.validateExistingUserToken(request,token);
|
||||||
}
|
}
|
||||||
@Override
|
@Override
|
||||||
public UserSamlResponse validateNewUserToken(HttpServletRequest request, String token) {
|
public UserSamlResponse validateNewUserToken(HttpServletRequest request, String token) {
|
||||||
|
|||||||
@@ -111,11 +111,11 @@ public class ApplicationAmendmentRequestController implements ApplicationAmendme
|
|||||||
.body(new Response<>(applicationAmendmentBean, Status.SUCCESS, Translator.toLocale(GepafinConstant.APPLICATION_DATA_FOR_AMENDMENT_SUCCESS_MSG)));
|
.body(new Response<>(applicationAmendmentBean, Status.SUCCESS, Translator.toLocale(GepafinConstant.APPLICATION_DATA_FOR_AMENDMENT_SUCCESS_MSG)));
|
||||||
}
|
}
|
||||||
@Override
|
@Override
|
||||||
public ResponseEntity<Response<ApplicationAmendmentRequestResponse>> updateApplicationAmendmentStatus(HttpServletRequest request, Long applicationId,
|
public ResponseEntity<Response<ApplicationAmendmentRequestResponse>> updateApplicationAmendmentStatus(HttpServletRequest request, Long applicationAmendmentId,
|
||||||
ApplicationAmendmentRequestEnum status) {
|
ApplicationAmendmentRequestEnum status) {
|
||||||
ApplicationAmendmentRequestResponse applicationResponse = applicationAmendmentRequestService.updateApplicationStatus(request, applicationId, status);
|
ApplicationAmendmentRequestResponse applicationResponse = applicationAmendmentRequestService.updateApplicationAmendmentStatus(request, applicationAmendmentId, status);
|
||||||
return ResponseEntity.status(HttpStatus.OK)
|
return ResponseEntity.status(HttpStatus.OK)
|
||||||
.body(new Response<>(applicationResponse, Status.SUCCESS, Translator.toLocale(GepafinConstant.APPLICATION_STATUS_UPDATED_SUCCESSFULLY)));
|
.body(new Response<>(applicationResponse, Status.SUCCESS, Translator.toLocale(GepafinConstant.APPLICATION_AMENDMENT_UPDATE_SUCCESSFULLY_MSG)));
|
||||||
}
|
}
|
||||||
@Override
|
@Override
|
||||||
public ResponseEntity<Response<Void>> sendReminderEmail(
|
public ResponseEntity<Response<Void>> sendReminderEmail(
|
||||||
|
|||||||
Reference in New Issue
Block a user