Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package com.progoti.surecash.security
- import com.google.gson.Gson
- import com.google.gson.reflect.TypeToken
- import com.progoti.PropertiesReader
- import com.progoti.bean.RedirProperties
- import com.progoti.surecash.dto.member.UserLookUpResponse
- import com.progoti.surecash.exception.SystemException
- import com.progoti.surecash.home.DashboardService
- import com.progoti.surecash.merchant.PinlessWallet
- import com.progoti.surecash.rest.ResfullAPIServices
- import com.progoti.surecash.soap.ProfinoWebServices
- import com.progoti.surecash.soap.service.LoginStatus
- import com.progoti.surecash.user.*
- import com.progoti.surecash.util.EncryptionUtils
- import com.progoti.surecash.util.ProTraceLevel
- import com.progoti.switchable.Environment
- import org.apache.commons.lang.StringUtils
- import org.apache.log4j.LogManager
- import org.apache.log4j.Logger
- import org.json.JSONObject
- import javax.xml.ws.WebServiceException
- //import java.util.logging.Level
- //import java.util.logging.Logger
- class AuthenticationController {
- def securityService
- DashboardService dashboardService;
- AuthenticationService authenticationService;
- ScAuthorityService scAuthorityService;
- ScUserGroupService scUserGroupService;
- ScUserService scUserService;
- def billerInfoService;
- def fingerprintService
- WalletCodeService walletCodeService;
- ObviousPinsService obviousPinsService;
- private static final Logger logger = LogManager.getLogger(AuthenticationController.class.getName());
- def index = {}
- def login = {
- if (session.UserName != null && session.PIN != null && session?.isActive) {
- redirect(controller: "home", action: "dashboard");
- } else {
- def targetUri = params.targetUri;
- try {
- if (params.targetUri != null) {
- response.setHeader(params.targetUri, "")
- }
- } catch (Exception ex) {
- logger.error(ProTraceLevel.PRO_TRACE, ex);
- }
- render(view: "/auth/progoti_login", model: [targetUri: targetUri]);
- }
- }
- def merchantAdminPage(){
- render(view: "/agentAccountReg/list")
- }
- def getAuthenticationByPushInfo(String wallet) {
- boolean isWalletHolder = true;
- boolean allowedWithoutPinCheck = true;
- UserLookUpResponse walletInfo = null;
- try {
- // search the given wallet/ID among wallets on switch
- walletInfo = ResfullAPIServices.getUserInfoFromSwitch(wallet, isWalletHolder);
- } catch (ClassNotFoundException ex) {
- def loginStatus = LoginStatus.LoginValidationStatus.CLASS_NOT_FOUND;
- logger.error(ProTraceLevel.PRO_TRACE, ex);
- }
- if (walletInfo != null && walletInfo.getStatus().equalsIgnoreCase("SUCCESS")) {
- String userType = walletInfo.userType;
- String requiredAccountTypes = PropertiesReader.getProperty("user.type.require.phone.validation", "unbanked");
- String[] types = requiredAccountTypes?.split(",");
- for (String type : types) {
- if (type.equalsIgnoreCase(userType)) {
- allowedWithoutPinCheck = false;
- break;
- }
- }
- }
- List<PinlessWallet> pinlessWallets = PinlessWallet.findAllByIsActiveAndAllowLoginAndWalletNo(true, true,wallet);
- if(pinlessWallets!=null && pinlessWallets.size()>0){
- allowedWithoutPinCheck=true;
- }
- JSONObject json = new JSONObject();
- if(allowedWithoutPinCheck){
- json.put("status", true);
- }else{
- json.put("status", false);
- }
- response.setContentType("application/json");
- PrintWriter out = response.getWriter();
- out.println(json.toString());
- out.flush();
- out.close();
- return;
- }
- def authenticate = {
- String credentialValidityStatus = "";
- Boolean isPushRequired=true;
- String wallet=params?.merchant;
- session.LoginbyMerchantAdmin = null
- if(session?.UserType.toString().equalsIgnoreCase("merchantAdmin") || session?.UserType.toString().equalsIgnoreCase("MAD")){
- session.LoginbyMerchantAdmin = session.UserName
- if(session?.UserType.toString().equalsIgnoreCase("MAD")){
- wallet=params?.id;
- }
- String pin = session.PIN;
- if(wallet != null){
- Environment.setEnvironmentByBank(session?.UserBankName)
- pin = fingerprintService.getPinByWallet(wallet)
- params.userName= wallet
- params.password=pin
- session.UserName=null
- session.PIN=null
- }
- isPushRequired=false
- }
- if(session?.UserType.toString().equalsIgnoreCase("merchantAdmin")){
- String pin = session.PIN;
- if(wallet != null){
- Environment.setEnvironmentByBank(session?.merchantBank)
- pin = fingerprintService.getPinByWallet(wallet)
- params.userName= wallet
- params.password=pin
- session.UserName=null
- session.PIN=null
- }
- isPushRequired=false
- }
- boolean haveWalletShortCode = false;
- // if(wallet!=null && wallet.equalsIgnoreCase("nbsm")){
- // wallet="017743543567";
- // }
- //
- // if(wallet!=null && wallet.equalsIgnoreCase("ntsm")){
- // wallet="019902776772";
- // }
- //
- // if(wallet!=null && wallet.equalsIgnoreCase("rjsm")){
- // wallet="015510865999";
- // }
- //
- // if(wallet!=null && wallet.equalsIgnoreCase("fsm")){
- // wallet="019754688745";
- // }
- if (session.UserName != null && session.PIN != null && session?.isActive) {
- RedirProperties redirProperties = dashboardService.getRedirProperties(session, "home", "dashboard");
- redirect(controller: redirProperties.getControllerName(), action: redirProperties.getActionName());
- } else {
- ////////////////
- String userName = params.userName != null && params.userName != "" ? ((String) params.userName)?.trim() : "";
- String password = params.password != null && params.password != "" ? ((String) params.password)?.trim() : "";
- Object user;
- String userType;
- session.isActive = false;
- List<ScUserGroup> userGroups = new ArrayList<ScUserGroup>();
- List<ScAuthority> userAuthorities = new ArrayList<ScAuthority>();
- UserLookUpResponse walletInfo = null;
- String loginStatusMesg = PropertiesReader.getResponseMesgByErrCode(LoginStatus.LoginValidationStatus.UNABLE_TO_CONNECT_SWITCH);
- LoginStatus.LoginValidationStatus loginStatus = LoginStatus.LoginValidationStatus.UNABLE_TO_CONNECT_SWITCH;
- if ((userName != null && !userName.equals("")) && (password != null && !password.equals(""))) { // empty chk
- loginStatus = LoginStatus.LoginValidationStatus.UNABLE_TO_CONNECT_SWITCH;
- boolean isWalletHolder = true;
- try {
- // search the given wallet/ID among wallets on switch
- walletInfo = ResfullAPIServices.getUserInfoFromSwitch(userName, isWalletHolder);
- } catch (ClassNotFoundException ex) {
- loginStatus = LoginStatus.LoginValidationStatus.CLASS_NOT_FOUND;
- logger.error(ProTraceLevel.PRO_TRACE, ex);
- }
- if (walletInfo != null && walletInfo.getStatus().equalsIgnoreCase("SUCCESS")) {
- Environment.setEnvironmentByBank(walletInfo.bankName);
- ObviousPins obviousPin = obviousPinsService.findByPin(password);
- if(!session?.UserType.toString().equalsIgnoreCase("merchantAdmin") && obviousPin != null){
- loginStatus = LoginStatus.LoginValidationStatus.OBVIOUS_PIN_FOUND;
- flash.message = PropertiesReader.getResponseMesgByErrCode(loginStatus);
- redirect(controller: "authentication", action: "login");
- return false;
- }
- List<PinlessWallet> pinlessWallets = PinlessWallet.findAllByIsActiveAndAllowLoginAndWalletNo(true, true,userName);
- if(pinlessWallets!=null && pinlessWallets.size()>0){
- isPushRequired=false;
- }
- // setting bank specific data source.
- //EnvironmentHolder.setEnvironment(Environment.list().get(Integer.parseInt(walletInfo.bankId) - 1));
- isPushRequired = false
- if(isPushRequired && !authenticationService.authenticatePinByPush(walletInfo)){
- flash.message = "Invalid PIN provided on phone";
- redirect(controller: "authentication", action: "login");
- return false;
- }
- try {
- loginStatus = authenticationService.doLoginByProfinoUser(walletInfo, userName, password, session);
- loginStatus = LoginStatus.LoginValidationStatus.VALID
- // wallet found on bank-specific profino
- if (loginStatus.compareTo(LoginStatus.LoginValidationStatus.VALID) == 0) {
- try {
- user = ProfinoWebServices.loadByUsername(userName, walletInfo.getBankName());
- } catch (WebServiceException ex) {
- throw new SystemException(LoginStatus.LoginValidationStatus.UNABLE_TO_CONNECT_PROFINO);
- } catch (Exception ex) {
- throw new SystemException(LoginStatus.LoginValidationStatus.SOAP_FAULT_EXCEPTION);
- }
- if (user == null) {
- throw new SystemException(LoginStatus.LoginValidationStatus.MEMBER_NOT_FOUND);
- }
- Long groupId = ((com.progoti.surecash.webservices.members.Member) user).getGroupId();
- HashMap memberMap = ProfinoWebServices.memberListToHashMap((com.progoti.surecash.webservices.members.Member) user);
- if (((String) memberMap.get("status")).equalsIgnoreCase("active")) {
- session.isActive = true;
- ///******Setting session of logged in profino member ******/////
- userType = memberMap.containsKey("userType") && !memberMap?.get("userType").equals("") ? memberMap?.get("userType") : null
- authenticationService.setLoginSessionForProfinoMember(session, password, memberMap);
- if (userType?.equalsIgnoreCase("banked") || userType?.equalsIgnoreCase("employee")
- || userType?.equalsIgnoreCase("merchant") || userType?.equalsIgnoreCase("remitter")
- || userType?.equalsIgnoreCase("unbanked") || userType?.equalsIgnoreCase("MR") || userType?.equalsIgnoreCase("MAD")) {
- userAuthorities?.add(scAuthorityService.findByRoleTitle(userType));
- //get and set session feature of logged user
- scAuthorityService.getApprovedFeatureByUserGroups(session, userGroups, userType, userAuthorities);
- } else {
- ScUserGroup scUserGroup = scUserGroupService.findByGroupId(groupId);
- if (scUserGroup != null) {
- userGroups?.add(scUserGroup);
- //get and set session feature of logged user
- scAuthorityService.getApprovedFeatureByUserGroups(session, userGroups, userType, userAuthorities);
- } else {
- logger.log(ProTraceLevel.PRO_TRACE, "User [" + userName + "] have tried to login which have no valid userGroup.");
- }
- }
- // //get and set session feature of logged user
- // scAuthorityService.getApprovedFeatureByUserGroups(session,userGroups,userType,userAuthorities);
- } else {
- loginStatus = LoginStatus.LoginValidationStatus.NOT_ACTIVE_USER;
- }
- }
- } catch (SystemException ex) {
- logger.error(ProTraceLevel.PRO_TRACE, ex);
- // LOGGER.log(Level.SEVERE, null, ex);
- if (ex.getErrorCode() == LoginStatus.LoginValidationStatus.UNABLE_TO_CONNECT_PROFINO) {
- loginStatus = LoginStatus.LoginValidationStatus.UNABLE_TO_CONNECT_PROFINO
- } else if (ex.getErrorCode() == LoginStatus.LoginValidationStatus.SOAP_FAULT_EXCEPTION) {
- loginStatus = LoginStatus.LoginValidationStatus.SOAP_FAULT_EXCEPTION
- } else if (ex.getErrorCode() == LoginStatus.LoginValidationStatus.MEMBER_NOT_FOUND) {
- loginStatus = LoginStatus.LoginValidationStatus.MEMBER_NOT_FOUND
- }
- }
- } else { // if wallet not found on switch's master table
- try {
- // Given username is not a valid wallet
- // so search among custom users on switch
- isWalletHolder = false;
- walletInfo = ResfullAPIServices.getUserInfoFromSwitch(userName, isWalletHolder);
- session.setAttribute("merchantBank",walletInfo.bankName)
- } catch (ClassNotFoundException ex) {
- logger.error(ProTraceLevel.PRO_TRACE, ex);
- loginStatus = LoginStatus.LoginValidationStatus.CLASS_NOT_FOUND;
- // LOGGER.log(Level.SEVERE, ex.getMessage(), ex);
- }
- // if custom users found on switch
- if (walletInfo != null && walletInfo.getStatus().equalsIgnoreCase("SUCCESS")) {
- // setting bank specific data source.
- Environment.setEnvironmentByBank(walletInfo.getBankName());
- WalletCode walletCode = walletCodeService.findByShortCode(userName);
- if(walletCode != null){
- wallet = walletCode.wallet;
- haveWalletShortCode = true;
- session.UserName=wallet
- }
- session.UserBankName = walletInfo.bankName;
- session.userWalletNo=wallet;
- // if(wallet!=null && (wallet.equalsIgnoreCase("nbsm")||wallet.equalsIgnoreCase("ntsm")||wallet.equalsIgnoreCase("rjsm")||wallet.equalsIgnoreCase("fsm"))){
- // session.UserName=wallet
- // }
- ScUser scUser = null;
- scUser = scUserService.findByLoginNameAndPassword(userName, EncryptionUtils.encrypt(password));
- scUser = ScUser.findByLoginName(userName)
- if (scUser != null) {
- if(Boolean.valueOf(PropertiesReader.getProperty("USER_AUTHENTICATION_FOR_NON_WALLET", false))){
- String response = ResfullAPIServices.getUserInfoForNonWallet(userName);
- HashMap<String, Object> map = new Gson().fromJson(response, new TypeToken<HashMap<String, String>>(){}.getType());
- if(StringUtils.isBlank(map.get("mobilePhone")) && Boolean.valueOf(PropertiesReader.getProperty("USER_AUTHENTICATION_IF_NOT_MOBILE_NO_FOUND",false))){
- flash.message = "No Mobile number found. Please Contact with admin";
- redirect(action: "login");
- return false;
- }
- else if(StringUtils.isNotBlank(map.get("mobilePhone"))){
- String walletGeneration = map.get("mobilePhone") + String.valueOf((char)(new Random().nextInt(26) + (int)'a'));
- walletInfo.setUserId(walletGeneration);
- walletInfo.setUserType("banked");
- walletInfo?.setBankId(map.get("bankId"));
- walletInfo?.setBankName(map.get("bankName"));
- if(!authenticationService.authenticatePinByPush(walletInfo, userName)){
- flash.message = "Invalid PIN provided on phone";
- redirect(action: "login");
- return false;
- }
- }
- }
- userAuthorities.addAll(scUser?.authorities);
- userGroups.addAll(scUser?.userGroups);
- if (scUser?.status == 2) {
- session.isActive = true;
- ///******Setting session of logged in ScUser ******/////
- session.user = scUser;
- if (scUser?.scUserProfile?.photographUrl != null) {
- session.setAttribute("UserImageUrl", scUser?.scUserProfile?.photographUrl?.toString()?.trim());
- } else {
- session.setAttribute("UserImageUrl", null);
- }
- authenticationService.setLoginSessionForScUser(session, scUser);
- } else {
- loginStatus = LoginStatus.LoginValidationStatus.NOT_ACTIVE_USER;
- }
- user = scUser;
- //get and set session feature of logged user
- scAuthorityService.getApprovedFeatureByUserGroups(session, userGroups, userType, userAuthorities);
- } else {
- loginStatus = LoginStatus.LoginValidationStatus.INVALID;
- }
- } else {
- // if(walletInfo != null && walletInfo.getMsg() != null && !(walletInfo.getMsg().equalsIgnoreCase(""))){
- // loginStatus = LoginStatus.LoginValidationStatus.TAKE_RESPONSE_MESG_FROM_SWITCH;
- // }else{
- // loginStatus = LoginStatus.LoginValidationStatus.NOT_SURECASH_USER ;
- // }
- if (walletInfo != null && walletInfo.getStatus() != null && (walletInfo.getStatus().equalsIgnoreCase("FAILED"))) {
- loginStatus = LoginStatus.LoginValidationStatus.NOT_SURECASH_USER;
- }
- }
- }
- } else {
- loginStatus = LoginStatus.LoginValidationStatus.INVALID;
- }
- if (loginStatus.compareTo(LoginStatus.LoginValidationStatus.TAKE_RESPONSE_MESG_FROM_SWITCH) == 0) {
- loginStatusMesg = walletInfo.getMsg();
- } else {
- loginStatusMesg = PropertiesReader.getResponseMesgByErrCode(loginStatus);
- }
- //check logged in user is WASA
- try {
- authenticationService.getRemoveWasaFeature(session, user)
- } catch (Exception e) {
- //ignore
- }
- //END
- //check logged in user is link3 merchant
- try {
- authenticationService.getRemoveLink3Feature(session, user)
- } catch (Exception e) {
- //ignore
- }
- //END
- if(session.LoginbyMerchantAdmin != null){
- authenticationService.getRemoveFeature(session, user,session.LoginbyMerchantAdmin)
- authenticationService.addTypeOrWalletSpecificFeature(session, session.LoginbyMerchantAdmin)
- }
- else{
- if(user != null && (String)session.UserName != null){
- authenticationService.getRemoveFeature(session, user,(String)session.UserName)
- authenticationService.addTypeOrWalletSpecificFeature(session, (String)session.UserName)
- }
- }
- credentialValidityStatus = loginStatusMesg;
- ///////////////
- // credentialValidityStatus = authenticationService.doAuthentication(params, session);
- if (session.isActive) {
- if(!isPushRequired){
- session.requestedController=null;
- session.requestedAction=null;
- }
- if (session.requestedController != null && session.requestedAction != null && !"authenticate".equalsIgnoreCase(session.requestedAction) && !"login".equalsIgnoreCase(session.requestedAction)) {
- redirect(controller: session.requestedController, action: session.requestedAction, params: params);
- } else if(session.UserName != null && session?.UserType.toString().equalsIgnoreCase("merchantAdmin")){
- session.setAttribute("merchantUser",session?.user)
- redirect(controller: "merchantAdminHome", action: "index");
- } else if(session.UserName != null && session?.UserType.toString().equalsIgnoreCase("stipendAdmin")) {
- List<ScFeature> approveFeatures = session.getAttribute("approvedFeatures");
- if(approveFeatures.contains(ScFeature.findByModuleAndOperation("StDisburse", "first"))) {
- redirect(controller: "StDisburse", action: "first");
- } else {
- RedirProperties redirProperties = dashboardService.getRedirProperties(session, "home", "dashboard");
- redirect(controller: redirProperties.getControllerName(), action: redirProperties.getActionName());
- }
- } else {
- RedirProperties redirProperties = dashboardService.getRedirProperties(session, "home", "dashboard");
- redirect(controller: redirProperties.getControllerName(), action: redirProperties.getActionName());
- }
- return true;
- } else {
- flash.message = credentialValidityStatus;
- redirect(action: "login");
- }
- }
- }
- /**
- * check user permission to view the menu
- * @params - session
- * @params - module as like controller name
- * @params - operator as like permission to access (list/view/show/update/create etc)
- * @return - boolean
- */
- public boolean hasPermission(session, module, operator) {
- boolean retVal = false;
- if (operator.equals("") || operator.equals(null)) {
- operator = "index";
- }
- if (securityService.checkAuthorization(session, module, operator)) {
- retVal = true;
- }
- return retVal;
- }
- /**
- * getting a unique module list as string from approved feature
- * @param - session
- * @return - List<String>
- */
- public List<String> getUniqueModuleListOfFeatures(session) {
- ScFeatureService featureService = new ScFeatureService();
- return featureService.getUniqueModuleListOfFeatures(session)
- }
- /**
- * getting a feature list by module Name
- * @param - session
- * @param - module as string
- * @return - List<ScFeature>
- */
- public List<ScFeature> getFeatureListByModule(session, String module) {
- ScFeatureService featureService = new ScFeatureService();
- return featureService.getFeatureListByModule(session, module)
- }
- /**
- * get menu displayable sorted feature list
- * @param - session
- * @return - List<ScFeature>
- */
- public List<ScFeature> getDisplayableFeatureSortedList(session) {
- ScFeatureService featureService = new ScFeatureService();
- return featureService.getDisplayableFeatureSortedList(session)
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement