1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package com.hack23.cia.service.impl.action.user;
20
21 import org.slf4j.Logger;
22 import org.slf4j.LoggerFactory;
23 import org.springframework.beans.factory.annotation.Autowired;
24 import org.springframework.security.access.annotation.Secured;
25 import org.springframework.stereotype.Service;
26 import org.springframework.transaction.annotation.Propagation;
27 import org.springframework.transaction.annotation.Transactional;
28
29 import com.hack23.cia.model.internal.application.system.impl.ApplicationEventGroup;
30 import com.hack23.cia.model.internal.application.system.impl.ApplicationOperationType;
31 import com.hack23.cia.model.internal.application.user.impl.UserAccount;
32 import com.hack23.cia.service.api.action.application.CreateApplicationEventRequest;
33 import com.hack23.cia.service.api.action.application.CreateApplicationEventResponse;
34 import com.hack23.cia.service.api.action.common.ServiceResponse.ServiceResult;
35 import com.hack23.cia.service.api.action.user.SetGoogleAuthenticatorCredentialRequest;
36 import com.hack23.cia.service.api.action.user.SetGoogleAuthenticatorCredentialResponse;
37 import com.hack23.cia.service.data.api.AgencyDAO;
38 import com.hack23.cia.service.data.api.UserDAO;
39 import com.hack23.cia.service.impl.action.common.AbstractBusinessServiceImpl;
40 import com.hack23.cia.service.impl.action.common.BusinessService;
41 import com.warrenstrange.googleauth.GoogleAuthenticator;
42 import com.warrenstrange.googleauth.GoogleAuthenticatorKey;
43 import com.warrenstrange.googleauth.GoogleAuthenticatorQRGenerator;
44
45
46
47
48 @Service
49 @Transactional(propagation = Propagation.REQUIRED,timeout=600)
50 public final class SetGoogleAuthenticatorCredentialService extends
51 AbstractBusinessServiceImpl<SetGoogleAuthenticatorCredentialRequest, SetGoogleAuthenticatorCredentialResponse>
52 implements BusinessService<SetGoogleAuthenticatorCredentialRequest, SetGoogleAuthenticatorCredentialResponse> {
53
54
55 private static final Logger LOGGER = LoggerFactory
56 .getLogger(SetGoogleAuthenticatorCredentialService.class);
57
58
59 @Autowired
60 private BusinessService<CreateApplicationEventRequest, CreateApplicationEventResponse> createApplicationEventService;
61
62
63 @Autowired
64 private UserDAO userDAO;
65
66 @Autowired
67 private AgencyDAO agencyDAO;
68
69
70
71
72 public SetGoogleAuthenticatorCredentialService() {
73 super(SetGoogleAuthenticatorCredentialRequest.class);
74 }
75
76
77 @Secured({ "ROLE_USER", "ROLE_ADMIN"})
78 @Override
79 public SetGoogleAuthenticatorCredentialResponse processService(
80 final SetGoogleAuthenticatorCredentialRequest serviceRequest) {
81
82 LOGGER.info("{}:{}",serviceRequest.getClass().getSimpleName(),serviceRequest.getSessionId());
83
84
85 final CreateApplicationEventRequest eventRequest = new CreateApplicationEventRequest();
86 eventRequest.setEventGroup(ApplicationEventGroup.USER);
87 eventRequest.setApplicationOperation(ApplicationOperationType.CREATE);
88 eventRequest.setActionName(SetGoogleAuthenticatorCredentialRequest.class.getSimpleName());
89 eventRequest.setSessionId(serviceRequest.getSessionId());
90
91 final UserAccount userAccount = getUserAccountFromSecurityContext();
92
93 final SetGoogleAuthenticatorCredentialResponse response = new SetGoogleAuthenticatorCredentialResponse(ServiceResult.SUCCESS);
94 if (userAccount != null) {
95
96 eventRequest.setUserId(userAccount.getUserId());
97
98 final GoogleAuthenticator gAuth = new GoogleAuthenticator();
99 final GoogleAuthenticatorKey gKey = gAuth.createCredentials();
100
101 final UserAccount updateUserAccount = userDAO.load(userAccount.getHjid());
102
103 updateUserAccount.setGoogleAuthKey(gKey.getKey());
104 updateUserAccount.setGoogleAuthVerificationCode(gKey.getVerificationCode());
105 updateUserAccount.setGoogleAuthScratchCodes(gKey.getScratchCodes());
106 userDAO.merge(updateUserAccount);
107
108 final String otpAuthTotpURL = GoogleAuthenticatorQRGenerator.getOtpAuthTotpURL(agencyDAO.getAll().get(0).getAgencyName(), updateUserAccount.getEmail(), gKey);
109
110 response.setOtpAuthTotpURL(otpAuthTotpURL);
111 response.setGoogleAuthKey(gKey.getKey());
112 response.setGoogleAuthVerificationCode(gKey.getVerificationCode());
113 response.setGoogleAuthScratchCodes(gKey.getScratchCodes());
114 }
115
116 eventRequest.setApplicationMessage(response.getResult().toString());
117 createApplicationEventService.processService(eventRequest);
118
119 return response;
120 }
121
122
123
124 }