package net.gepafin.tendermanagement.config; import java.io.IOException; import java.util.List; import java.util.Map; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Value; import org.springframework.security.core.Authentication; import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal; import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication; import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.stereotype.Component; import com.fasterxml.jackson.databind.ObjectMapper; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.SamlResponseEntity; import net.gepafin.tendermanagement.entities.UserEntity; import net.gepafin.tendermanagement.repositories.SamlResponseRepository; import net.gepafin.tendermanagement.repositories.UserRepository; import net.gepafin.tendermanagement.util.Utils; import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException; import net.gepafin.tendermanagement.web.rest.api.errors.Status; @Component public class SamlSuccessHandler implements AuthenticationSuccessHandler { private final Logger logger = LoggerFactory.getLogger(SamlSuccessHandler.class); @Autowired private SamlResponseRepository samlResponseLogRepository; @Autowired private UserRepository userRepository; @Value("${fe.base.url}") private String feBaseUrl; @Override public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException { try { Saml2Authentication samlAuth = (Saml2Authentication) authentication; Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal(); Map> userAttributes = principal.getAttributes(); String token = Utils.generateSecureToken(); logger.info("SAML User Attributes: " + userAttributes); SamlResponseEntity samlResponseLogEntity = new SamlResponseEntity(); samlResponseLogEntity.setAuthenticationObject(authentication.toString()); ObjectMapper objectMapper = new ObjectMapper(); String userAttributesJson = objectMapper.writeValueAsString(userAttributes); samlResponseLogEntity.setAuthenticationObject(userAttributesJson); samlResponseLogEntity.setToken(token); samlResponseLogRepository.save(samlResponseLogEntity); String redirectUrl = feBaseUrl; logger.info("SAML login successful for user: " + principal.getName()); String cf = userAttributes.get("CodiceFiscale").get(0).toString(); UserEntity userEntity = userRepository.findByBeneficiaryCodiceFiscale(cf).orElse(null); if (userEntity == null) { redirectUrl += "/registration?temp_token=" + token; } else { redirectUrl += "/login?temp_token=" + token; } response.sendRedirect(redirectUrl); logger.info("SAML redirect Url: " + redirectUrl); } catch (Exception e) { logger.error("Error processing SAML success handler", e); } } public void validateToken(String token, String codiceFiscale) { SamlResponseEntity samlResponseLogEntity = samlResponseLogRepository.findByToken(token); if (samlResponseLogEntity == null) { throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG)); } Map> userAttributes = Utils .convertStringIntoMap(samlResponseLogEntity.getAuthenticationObject()); String cf = userAttributes.get("CodiceFiscale").get(0).toString(); if (codiceFiscale == null || Boolean.FALSE.equals(codiceFiscale.equals(cf))) { throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.INVALID_TOKEN_MSG)); } samlResponseLogRepository.delete(samlResponseLogEntity); } }