diff --git a/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java b/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java index 3c5ed0fb..14f2b1bf 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java @@ -110,7 +110,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler { logger.info("SAML login successful for user: " + principal.getName()); String cf = userAttributes.get("CodiceFiscale").get(0).toString(); - UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscale(cf).orElse(null); + UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscaleAndHubId(cf, hub.getId()).orElse(null); if (userEntity == null) { redirectUrl += "/registration?temp_token=" + token; } else { diff --git a/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java b/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java index e474fccf..c9122eb7 100644 --- a/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java +++ b/src/main/java/net/gepafin/tendermanagement/repositories/UserRepository.java @@ -33,4 +33,6 @@ public interface UserRepository extends JpaRepository { List findByHubId(Long hubId); Long countByStatusAndRoleEntityRoleTypeAndHubId(String status, String roleName, Long hubId); + + Optional findByBeneficiaryCodiceFiscaleAndHubId(String codiceFiscale, Long hubId); } diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java index 95eb6763..3fe819a4 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java @@ -8,6 +8,7 @@ import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.dao.CompanyDao; import net.gepafin.tendermanagement.dao.LoginAttemptDao; import net.gepafin.tendermanagement.dao.RoleDao; +import net.gepafin.tendermanagement.entities.HubEntity; import net.gepafin.tendermanagement.entities.LoginAttemptEntity; import net.gepafin.tendermanagement.entities.SamlResponseEntity; import net.gepafin.tendermanagement.entities.UserEntity; @@ -22,6 +23,7 @@ import net.gepafin.tendermanagement.model.response.UserSamlResponse; import net.gepafin.tendermanagement.model.util.JWTToken; import net.gepafin.tendermanagement.repositories.SamlResponseRepository; import net.gepafin.tendermanagement.repositories.UserRepository; +import net.gepafin.tendermanagement.service.HubService; import net.gepafin.tendermanagement.util.DateTimeUtil; import net.gepafin.tendermanagement.util.Utils; import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException; @@ -63,6 +65,9 @@ public class AuthenticationService { @Autowired private LoginAttemptDao loginAttemptDao; + + @Autowired + private HubService hubService; @Autowired public AuthenticationService(TokenProvider tokenProvider, AuthenticationManager authenticationManager) { @@ -186,10 +191,11 @@ public class AuthenticationService { throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG)); } + HubEntity hub = hubService.getHubByUuid(samlResponseLogEntity.getHubUuid()); Map> userAttributes = Utils .convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject()); String cf = userAttributes.get("CodiceFiscale").get(0).toString(); - UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscale(cf) + UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscaleAndHubId(cf, hub.getId()) .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG))); //samlResponseLogRepository.delete(samlResponseLogEntity);