logincompany

1. package th.in.oneauth.servlet;
2.  
3. import java.io.BufferedReader;
4. import java.io.IOException;
5. import java.io.InputStreamReader;
6. import java.net.URISyntaxException;
7. import java.util.Date;
8.  
9. import javax.servlet.ServletException;
10. import javax.servlet.annotation.WebServlet;
11. import javax.servlet.http.HttpServlet;
12. import javax.servlet.http.HttpServletRequest;
13. import javax.servlet.http.HttpServletResponse;
14.  
15. import org.apache.commons.lang3.StringUtils;
16. import org.apache.http.HttpResponse;
17. import org.apache.http.client.ClientProtocolException;
18. import org.apache.http.client.HttpClient;
19. import org.apache.http.client.methods.HttpGet;
20. import org.apache.http.client.methods.HttpPost;
21. import org.apache.http.client.utils.URIBuilder;
22. import org.apache.http.entity.StringEntity;
23. import org.apache.http.impl.client.HttpClientBuilder;
24. import org.bouncycastle.util.encoders.Base64;
25.  
26. import com.google.gson.JsonArray;
27. import com.google.gson.JsonDeserializer;
28. import com.google.gson.JsonObject;
29. import com.google.gson.JsonParser;
30.  
31. import th.in.oneauthen.SigningTest;
32. import th.in.oneauthen.object.DocumentDB;
33. import th.in.oneauthen.object.UserUidDB;
34. import th.in.oneauthen.object.DAO.DocumentDAO;
35. import th.in.oneauthen.object.DAO.UserUidDAO;
36. import th.in.oneauthen.util.CryptoUtil;
37.  
38. /**
39.  * Servlet implementation class LoginServlet
40.  */
41. @WebServlet("/loginCompany")
42. public class LoginCompanyServlet extends HttpServlet {
43.     private static final long serialVersionUID = 1L;
44.  
45.     public static final String SESSION_PARAM_USER = "userSession";
46.     public static final String SESSION_PARAM_ONEID_AUTH = "authToken";
47.     public static final String REQUEST_PARAM_USERNAME = "username";
48.     // public static final String REQUEST_PARAM_PASSWORD = "password";
49.  
50.     public static final String DASHBOARD_URL = "dashboard.jsp";
51.     public static final String DASHBOARD_SINGING = "dashboard.jsp?reqp=signing";
52.     ////////////////////////////////////////////////////////////////////
53.     public static String Email = "email_company";
54.     public static String Name_company = "name_company";
55.  
56.     /**
57.      * @see HttpServlet#HttpServlet()
58.      */
59.     public LoginCompanyServlet() {
60.         super();
61.         // TODO Auto-generated constructor stub
62.     }
63.  
64.     /**
65.      * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
66.      *      response)
67.      */
68.     protected void doGet(HttpServletRequest request, HttpServletResponse response)
69.             throws ServletException, IOException {
70.         // TODO Auto-generated method stub
71.         doPost(request, response);
72.     }
73.  
74.     /**
75.      * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
76.      *      response)
77.      */
78.     public static void doPost(HttpServletRequest request, HttpServletResponse response,String logoutMsg)
79.             throws ServletException, IOException {
80.         // TODO Auto-generated method stub
81.  
82.         JsonObject json = new JsonObject();
83.         json.addProperty("grant_type", "password");
84.         json.addProperty("client_id", 50);
85.         json.addProperty("client_secret", "cKnvabgq5ZWre7gR4R4E9Y0AGxMYdJrtj7TneYDi");
86.         json.addProperty("username", "chatchaii");
87.         json.addProperty("password", "chatchaii.1");
88.  
89.         BufferedReader br = null;
90.         String output;
91.         StringBuilder responseBuilder = null;
92.  
93.         HttpClient httpClient = HttpClientBuilder.create().build();
94.         URIBuilder uriBuilder;
95.         try {
96.             uriBuilder = new URIBuilder("https://testoneid.inet.co.th/api/oauth/getpwd");
97.             HttpPost postMethod = new HttpPost(uriBuilder.build());
98.             StringEntity params = new StringEntity(json.toString());
99.  
100.             postMethod.addHeader("content-type", "application/json");
101.             postMethod.setEntity(params);
102.  
103.             HttpResponse httpResponse = httpClient.execute(postMethod);
104.             int responseCode = httpResponse.getStatusLine().getStatusCode();
105.             if (responseCode == 201 || responseCode == 200) {
106.                 br = new BufferedReader(new InputStreamReader((httpResponse.getEntity().getContent())));
107.                 responseBuilder = new StringBuilder();
108.                 while ((output = br.readLine()) != null) {
109.                     responseBuilder.append(output);
110.                 }
111.                 System.out.println(httpResponse.getStatusLine().getStatusCode());
112.  
113.             } else {
114.                 System.out.println("Failed : HTTP error code : " + httpResponse.getStatusLine().getStatusCode());
115.             }
116.             String GetToken = responseBuilder.toString();
117.             JsonObject jsonObject = new JsonParser().parse(GetToken).getAsJsonObject();
118.             String access_token = jsonObject.get("access_token").getAsString();
119.             //  เรัยกใช้อีกฟังก์ชั่นเพื่อรับข้อมูลขอผู้ที่login
120.             String oneIdAuthToken = SetAccessToken(access_token);
121.             JsonObject jsonObject_token = new JsonParser().parse(oneIdAuthToken).getAsJsonObject();
122.             //  เเอดข้อมูล jsonArray to data
123.             JsonArray data = jsonObject_token.getAsJsonArray("data");
124.             for (int i = 0; i < 1; ++i) {
125.                 JsonObject dataObj = (JsonObject) data.get(i);
126.  
127.                 Email = dataObj.get("thai_email").getAsString();
128.                 Name_company = dataObj.get("id_card_num").getAsString();
129.  
130.             }
131.             System.out.println(Email);
132.             UserUidDAO userDao = new UserUidDAO();
133.            
134.             UserUidDB user = null;
135.  
136.             if( userDao.findUsername(Name_company) != null) {
137.                 user = userDao.findUsername(Name_company);
138.                
139.             }
140.             if (StringUtils.isEmpty(oneIdAuthToken) && user == null) {
141.                 LogoutServlet.doLogout(request, response, "Login Failed!!");
142.             } else if (!StringUtils.isEmpty(oneIdAuthToken) && user == null) {
143.                 // oneIdAuthToken != null && user == null
144.                 UserUidDB newUser = new UserUidDB();
145.                 newUser.setUserName(Name_company);
146.                 newUser.setLastLogin(new Date());
147.                 newUser.setSamlTokenUid(oneIdAuthToken);
148.                 try {
149.                     userDao.save(newUser);
150.                     System.out.println("Login success!!");
151.                     request.getSession().setAttribute(SESSION_PARAM_USER, newUser);
152.                     request.getSession().setAttribute(SESSION_PARAM_ONEID_AUTH, Email);
153.                     request.getRequestDispatcher(DASHBOARD_SINGING).forward(request, response);
154.                 } catch (Exception e) {
155.                     e.printStackTrace();
156.                     LogoutServlet.doLogout(request, response, "System error !! Please contact system administrator!");
157.                 }
158.             } else if (!StringUtils.isEmpty(oneIdAuthToken) && userDao.findUsername(Name_company) != null) {
159.                 System.out.println("Login success!!");
160.         //int   A=  user.getUserId();
161.                 request.getSession().setAttribute(SESSION_PARAM_USER, user);
162.                 request.getSession().setAttribute(SESSION_PARAM_ONEID_AUTH, Email);
163.                 request.getRequestDispatcher(DASHBOARD_SINGING).forward(request, response);
164.                 System.out.println("DAO: " + user.getUserId());
165.                
166.                 // example qury
167.                 DocumentDAO hisDao = new DocumentDAO();
168.                 if( hisDao.findByUserUID(user) != null) {
169.                     for ( DocumentDB his : hisDao.findByUserUID(user)) {
170.                         System.out.println("DAO:USER = " + his.getCreator().getUserName().toString());
171.                        
172.                     }
173.                
174.                 }
175.             }
176.            
177.            
178.  
179.         } catch (URISyntaxException e1) {
180.             System.out.println("can not connect to URL (https://one.th/api/oauth/getpwd) ");
181.             e1.printStackTrace();
182.         }
183.  
184.     }
185.    
186.     public static String SetAccessToken(String token) throws URISyntaxException, ClientProtocolException, IOException {
187.  
188.         BufferedReader br = null;
189.         String output;
190.         StringBuilder responseBuilder = null;
191.         HttpClient httpClient = HttpClientBuilder.create().build();
192.         URIBuilder uriBuilder;
193.  
194.         uriBuilder = new URIBuilder("https://testoneid.inet.co.th/api/getBusinessAccount/0107538000533");
195.         HttpGet getMethod = new HttpGet(uriBuilder.build());
196.         getMethod.addHeader("Authorization", "Bearer " + token);
197.  
198.         HttpResponse httpResponse = httpClient.execute(getMethod);
199.         int responseCode = httpResponse.getStatusLine().getStatusCode();
200.         if (responseCode == 201 || responseCode == 200) {
201.             br = new BufferedReader(new InputStreamReader((httpResponse.getEntity().getContent())));
202.             responseBuilder = new StringBuilder();
203.             while ((output = br.readLine()) != null) {
204.                 responseBuilder.append(output);
205.             }
206.  
207.         } else {
208.             System.out.println("Failed : HTTP error code : " + httpResponse.getStatusLine().getStatusCode());
209.         }
210.  
211.         return responseBuilder.toString();
212.  
213.     }
214. }