Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- package th.in.oneauth.servlet;
- import java.io.BufferedReader;
- import java.io.IOException;
- import java.io.InputStreamReader;
- import java.net.URISyntaxException;
- import java.util.Date;
- import javax.servlet.ServletException;
- import javax.servlet.annotation.WebServlet;
- import javax.servlet.http.HttpServlet;
- import javax.servlet.http.HttpServletRequest;
- import javax.servlet.http.HttpServletResponse;
- import org.apache.commons.lang3.StringUtils;
- import org.apache.http.HttpEntity;
- import org.apache.http.HttpResponse;
- import org.apache.http.client.ClientProtocolException;
- import org.apache.http.client.HttpClient;
- import org.apache.http.client.methods.HttpGet;
- import org.apache.http.client.methods.HttpPost;
- import org.apache.http.client.utils.URIBuilder;
- import org.apache.http.entity.mime.MultipartEntityBuilder;
- import org.apache.http.impl.client.HttpClientBuilder;
- import com.google.gson.JsonDeserializer;
- import com.google.gson.JsonObject;
- import com.google.gson.JsonParser;
- import th.in.oneauthen.object.DocumentDB;
- import th.in.oneauthen.object.UserUidDB;
- import th.in.oneauthen.object.DAO.DocumentDAO;
- import th.in.oneauthen.object.DAO.UserUidDAO;
- /**
- * Servlet implementation class LoginServlet
- */
- @WebServlet("/login")
- public class LoginServlet extends HttpServlet {
- private static final long serialVersionUID = 1L;
- public static final String SESSION_PARAM_USER = "userSession";
- public static final String SESSION_PARAM_ONEID_AUTH = "authToken";
- public static final String REQUEST_PARAM_USERNAME = "username";
- public static final String REQUEST_PARAM_PASSWORD = "password";
- public static final String DASHBOARD_URL = "dashboard.jsp";
- public static final String DASHBOARD_SINGING = "dashboard.jsp?reqp=signing";
- /**
- * @see HttpServlet#HttpServlet()
- */
- public LoginServlet() {
- super();
- // TODO Auto-generated constructor stub
- }
- /**
- * @see HttpServlet#doGet(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- // TODO Auto-generated method stub
- doPost(request, response);
- }
- /**
- * @see HttpServlet#doPost(HttpServletRequest request, HttpServletResponse
- * response)
- */
- protected void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- // TODO Auto-generated method stub
- BufferedReader br = null;
- String output;
- StringBuilder responseBuilder = null;
- HttpClient httpClient = HttpClientBuilder.create().build();
- URIBuilder uriBuilder;
- String username = request.getParameter(REQUEST_PARAM_USERNAME);
- String password = request.getParameter(REQUEST_PARAM_PASSWORD);
- try {
- uriBuilder = new URIBuilder("https://one.th/api/oauth/getpwd");
- HttpPost postMethod = new HttpPost(uriBuilder.build());
- HttpEntity entity = MultipartEntityBuilder .create()
- .addTextBody("grant_type", "password")
- .addTextBody("client_id", "39")
- .addTextBody("client_secret", "0MfIjO8Pp54fGfo0re5NkW9iOv0GsMzb7u5PdpMi")
- .addTextBody("username", username)
- .addTextBody("password", password)
- .addTextBody("ref_code", "3t7XRF").build();
- postMethod.setEntity(entity);
- HttpResponse httpResponse = httpClient.execute(postMethod);
- int responseCode = httpResponse.getStatusLine().getStatusCode();
- if (responseCode == 201 || responseCode == 200) {
- br = new BufferedReader(new InputStreamReader((httpResponse.getEntity().getContent())));
- responseBuilder = new StringBuilder();
- while ((output = br.readLine()) != null) {
- responseBuilder.append(output);
- }
- } else {
- System.out.println("Failed : HTTP error code : " + httpResponse.getStatusLine().getStatusCode());
- }
- System.out.println(responseBuilder.toString());
- String GetToken = responseBuilder.toString();
- JsonObject jsonObject = new JsonParser().parse(GetToken).getAsJsonObject();
- String access_token = jsonObject.get("access_token").getAsString();
- System.out.println("access_token : "+access_token);
- String oneIdAuthToken = SetAccessToken(access_token);
- JsonObject jsonObject_token = new JsonParser().parse(oneIdAuthToken).getAsJsonObject();
- String id_card_num = jsonObject_token.get("hash_id_card_num").getAsString();
- System.out.println(id_card_num);
- String id = jsonObject_token.get("id").getAsString();
- String email = jsonObject_token.get("thai_email").getAsString();
- System.out.println(id);
- System.out.println(email);
- //////////////////////////////////////////////////////////////////////
- UserUidDAO userDao = new UserUidDAO();
- UserUidDB user = null;
- if( userDao.findUsername(username) != null) {
- user = userDao.findUsername(username);
- }
- System.out.println("DAO: " + user);
- System.out.println("oneIdAuth: " + !(StringUtils.isEmpty(oneIdAuthToken)));
- if (StringUtils.isEmpty(oneIdAuthToken) && user == null) {
- LogoutServlet.doLogout(request, response, "Login Failed!!");
- } else if (!StringUtils.isEmpty(oneIdAuthToken) && user == null) {
- // oneIdAuthToken != null && user == null
- UserUidDB newUser = new UserUidDB();
- newUser.setUserName(username);
- newUser.setLastLogin(new Date());
- newUser.setSamlTokenUid(oneIdAuthToken);
- newUser.setIdCardUid(id_card_num);
- // newUser.setUserPwd(password);
- try {
- userDao.save(newUser);
- System.out.println("Login success!!");
- request.getSession().setAttribute(SESSION_PARAM_USER, newUser);
- request.getSession().setAttribute(SESSION_PARAM_ONEID_AUTH, email);
- request.getRequestDispatcher(DASHBOARD_SINGING).forward(request, response);
- } catch (Exception e) {
- e.printStackTrace();
- LogoutServlet.doLogout(request, response, "System error !! Please contact system administrator!");
- }
- //
- } else if (!StringUtils.isEmpty(oneIdAuthToken) && userDao.findUsername(username) != null) {
- System.out.println("Login success!!");
- //int A= user.getUserId();
- request.getSession().setAttribute(SESSION_PARAM_USER, user);
- request.getSession().setAttribute(SESSION_PARAM_ONEID_AUTH, email);
- request.getRequestDispatcher(DASHBOARD_SINGING).forward(request, response);
- System.out.println("DAO: " + user.getUserId());
- SigningTest.doTest(request, response, "System error !! Please contact system administrator!");
- DocumentDAO hisDao = new DocumentDAO();
- if( hisDao.findByUserUID(user) != null) {
- for ( DocumentDB his : hisDao.findByUserUID(user)) {
- System.out.println("DAO:USER = " + his.getCreator().getUserName().toString());
- }
- }
- }
- else
- LogoutServlet.doLogout(request, response, "Login Failed!!");
- } catch (URISyntaxException e1) {
- System.out.println("can not connect to URL (https://one.th/api/oauth/getpwd) ");
- e1.printStackTrace();
- }
- }
- public String SetAccessToken(String token) throws URISyntaxException, ClientProtocolException, IOException {
- BufferedReader br = null;
- String output;
- StringBuilder responseBuilder = null;
- HttpClient httpClient = HttpClientBuilder.create().build();
- URIBuilder uriBuilder;
- uriBuilder = new URIBuilder("https://one.th/api/account");
- HttpGet getMethod = new HttpGet(uriBuilder.build());
- getMethod.addHeader("Authorization","Bearer "+token);
- HttpResponse httpResponse = httpClient.execute(getMethod);
- int responseCode = httpResponse.getStatusLine().getStatusCode();
- if (responseCode == 201 || responseCode == 200) {
- br = new BufferedReader(new InputStreamReader((httpResponse.getEntity().getContent())));
- responseBuilder = new StringBuilder();
- while ((output = br.readLine()) != null) {
- responseBuilder.append(output);
- }
- } else {
- System.out.println("Failed : HTTP error code : " + httpResponse.getStatusLine().getStatusCode());
- }
- //System.out.println(responseBuilder.toString());
- return responseBuilder.toString();
- }
- }
Add Comment
Please, Sign In to add comment