created new api's for login with spid
This commit is contained in:
rajesh
@@ -4,23 +4,21 @@ import java.io.IOException;
|
||||
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import net.gepafin.tendermanagement.entities.SamlResponseLogEntity;
|
||||
import net.gepafin.tendermanagement.repositories.SamlResponseLogRepository;
|
||||
|
||||
@Component
|
||||
public class SamlFailureHandler implements AuthenticationFailureHandler {
|
||||
|
||||
private final Logger logger = LoggerFactory.getLogger(SamlSuccessHandler.class);
|
||||
|
||||
@Autowired
|
||||
private SamlResponseLogRepository samlResponseLogRepository;
|
||||
@Value("fe.base.url")
|
||||
private String feBaseUrl;
|
||||
|
||||
@Override
|
||||
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
|
||||
@@ -28,15 +26,7 @@ public class SamlFailureHandler implements AuthenticationFailureHandler {
|
||||
try {
|
||||
logger.error("SAML login failed: " + exception.getMessage());
|
||||
|
||||
// Log the failure details to the database (Optional)
|
||||
SamlResponseLogEntity samlResponseLogEntity = new SamlResponseLogEntity();
|
||||
samlResponseLogEntity.setRequest(request.toString());
|
||||
samlResponseLogEntity.setResponse(response.toString());
|
||||
samlResponseLogEntity.setExceptionObject(exception.toString());
|
||||
samlResponseLogRepository.save(samlResponseLogEntity);
|
||||
|
||||
// Handle failure redirection
|
||||
response.sendRedirect("http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com/login");
|
||||
response.sendRedirect(feBaseUrl + "/login");
|
||||
} catch (Exception e) {
|
||||
logger.error("Error processing SAML failure handler", e);
|
||||
}
|
||||
|
||||
@@ -7,6 +7,7 @@ import java.util.Map;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.beans.factory.annotation.Value;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal;
|
||||
import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
|
||||
@@ -17,48 +18,77 @@ import com.fasterxml.jackson.databind.ObjectMapper;
|
||||
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import jakarta.servlet.http.HttpServletResponse;
|
||||
import net.gepafin.tendermanagement.entities.SamlResponseLogEntity;
|
||||
import net.gepafin.tendermanagement.repositories.SamlResponseLogRepository;
|
||||
import net.gepafin.tendermanagement.constants.GepafinConstant;
|
||||
import net.gepafin.tendermanagement.entities.SamlResponseEntity;
|
||||
import net.gepafin.tendermanagement.entities.UserEntity;
|
||||
import net.gepafin.tendermanagement.repositories.SamlResponseRepository;
|
||||
import net.gepafin.tendermanagement.repositories.UserRepository;
|
||||
import net.gepafin.tendermanagement.util.Utils;
|
||||
import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException;
|
||||
import net.gepafin.tendermanagement.web.rest.api.errors.Status;
|
||||
|
||||
@Component
|
||||
public class SamlSuccessHandler implements AuthenticationSuccessHandler{
|
||||
|
||||
public class SamlSuccessHandler implements AuthenticationSuccessHandler {
|
||||
|
||||
private final Logger logger = LoggerFactory.getLogger(SamlSuccessHandler.class);
|
||||
|
||||
@Autowired
|
||||
private SamlResponseLogRepository samlResponseLogRepository;
|
||||
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
|
||||
Authentication authentication) throws IOException {
|
||||
try {
|
||||
// Cast the authentication object to Saml2Authentication
|
||||
Saml2Authentication samlAuth = (Saml2Authentication) authentication;
|
||||
Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
|
||||
private final Logger logger = LoggerFactory.getLogger(SamlSuccessHandler.class);
|
||||
|
||||
// Extract the user attributes from the principal
|
||||
Map<String, List<Object>> userAttributes = principal.getAttributes();
|
||||
@Autowired
|
||||
private SamlResponseRepository samlResponseLogRepository;
|
||||
|
||||
// Log the user attributes for debugging purposes
|
||||
logger.info("SAML User Attributes: " + userAttributes);
|
||||
@Autowired
|
||||
private UserRepository userRepository;
|
||||
|
||||
// Save the authentication details in the database (Optional)
|
||||
SamlResponseLogEntity samlResponseLogEntity = new SamlResponseLogEntity();
|
||||
samlResponseLogEntity.setAuthenticationObject(authentication.toString());
|
||||
@Value("fe.base.url")
|
||||
private String feBaseUrl;
|
||||
|
||||
// Convert user attributes to JSON and save in DB
|
||||
ObjectMapper objectMapper = new ObjectMapper();
|
||||
String userAttributesJson = objectMapper.writeValueAsString(userAttributes);
|
||||
samlResponseLogEntity.setAuthenticationObject(userAttributesJson);
|
||||
samlResponseLogRepository.save(samlResponseLogEntity);
|
||||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
|
||||
Authentication authentication) throws IOException {
|
||||
try {
|
||||
Saml2Authentication samlAuth = (Saml2Authentication) authentication;
|
||||
Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
|
||||
|
||||
// Successful login logic
|
||||
logger.info("SAML login successful for user: " + principal.getName());
|
||||
response.sendRedirect("http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com/login");
|
||||
} catch (Exception e) {
|
||||
logger.error("Error processing SAML success handler", e);
|
||||
}
|
||||
}
|
||||
Map<String, List<Object>> userAttributes = principal.getAttributes();
|
||||
String token = Utils.generateSecureToken();
|
||||
logger.info("SAML User Attributes: " + userAttributes);
|
||||
|
||||
SamlResponseEntity samlResponseLogEntity = new SamlResponseEntity();
|
||||
samlResponseLogEntity.setAuthenticationObject(authentication.toString());
|
||||
|
||||
ObjectMapper objectMapper = new ObjectMapper();
|
||||
String userAttributesJson = objectMapper.writeValueAsString(userAttributes);
|
||||
samlResponseLogEntity.setAuthenticationObject(userAttributesJson);
|
||||
samlResponseLogEntity.setToken(token);
|
||||
samlResponseLogRepository.save(samlResponseLogEntity);
|
||||
|
||||
// Successful login logic
|
||||
logger.info("SAML login successful for user: " + principal.getName());
|
||||
String cf = userAttributes.get("CodiceFiscale").get(0).toString();
|
||||
UserEntity userEntity = userRepository.findByCodiceFiscale(cf).orElse(null);
|
||||
if (userEntity == null) {
|
||||
response.sendRedirect(feBaseUrl + "/registration?temp_token=" + token);
|
||||
} else {
|
||||
response.sendRedirect(feBaseUrl + "/login?temp_token=" + token);
|
||||
}
|
||||
} catch (Exception e) {
|
||||
logger.error("Error processing SAML success handler", e);
|
||||
}
|
||||
}
|
||||
|
||||
public void validateToken(String token, String codiceFiscale) {
|
||||
SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token);
|
||||
if (samlResponseLogEntity == null) {
|
||||
throw new CustomValidationException(Status.VALIDATION_ERROR,
|
||||
Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
|
||||
}
|
||||
Map<String, List<Object>> userAttributes = Utils
|
||||
.convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject());
|
||||
String cf = userAttributes.get("CodiceFiscale").get(0).toString();
|
||||
if (codiceFiscale == null || Boolean.FALSE.equals(codiceFiscale.equals(cf))) {
|
||||
throw new CustomValidationException(Status.VALIDATION_ERROR,
|
||||
Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG));
|
||||
}
|
||||
samlResponseLogRepository.delete(samlResponseLogEntity);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -99,6 +99,9 @@ public class SecurityConfig {
|
||||
http.csrf(AbstractHttpConfigurer::disable).authorizeHttpRequests(auth -> auth
|
||||
// Allow public access to the login endpoints
|
||||
.requestMatchers("/v1/user/login").permitAll() // JWT-based login
|
||||
.requestMatchers("/v1/user").permitAll() // User registration
|
||||
.requestMatchers("/v1/user/sso/validate/existing-user/{token}").permitAll()
|
||||
.requestMatchers("/v1/user/sso/validate/new-user/{token}").permitAll()
|
||||
.requestMatchers("/v1/saml/**").permitAll() // JWT-based login
|
||||
.requestMatchers("/saml2/**").permitAll() // SAML login initiation
|
||||
.requestMatchers("/swagger-ui/**").permitAll() // Swagger docs
|
||||
|
||||
@@ -82,10 +82,11 @@ public class TokenProvider {
|
||||
log.info("JWT Secret Key initialized.");
|
||||
}
|
||||
|
||||
public String createToken(Authentication authentication, Boolean rememberMe, UserEntity user) {
|
||||
String authorities = authentication.getAuthorities().stream()
|
||||
.map(GrantedAuthority::getAuthority)
|
||||
.collect(Collectors.joining(","));
|
||||
public String createToken(Boolean rememberMe, UserEntity user) {
|
||||
// String authorities = authentication.getAuthorities().stream()
|
||||
// .map(GrantedAuthority::getAuthority)
|
||||
// .collect(Collectors.joining(","));
|
||||
String authorities = user.getRoleEntity().getRoleType();
|
||||
Long now;
|
||||
Date validity;
|
||||
|
||||
@@ -99,7 +100,7 @@ public class TokenProvider {
|
||||
log.info("Creating token with standard validity of {} seconds.", this.tokenValidityInSeconds);
|
||||
}
|
||||
|
||||
String payload = authentication.getName();
|
||||
String payload = user.getEmail();
|
||||
if(user != null) {
|
||||
payload += ":"+user.getId();
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user