2020-09-11 14:12:13 +02:00
package com.plannaplan.controllers ;
2020-12-23 12:12:50 +01:00
import java.util.Optional ;
2020-12-23 11:51:17 +01:00
import java.util.UUID ;
2020-12-03 16:57:53 +01:00
import com.plannaplan.entities.User ;
2020-09-14 12:55:47 +02:00
import com.plannaplan.exceptions.UserNotFoundException ;
2020-12-07 21:46:47 +01:00
import com.plannaplan.responses.models.TokenResponse ;
2020-12-03 15:11:23 +01:00
import com.plannaplan.security.cas.CasUserIdentity ;
2020-12-02 13:31:18 +01:00
import com.plannaplan.security.cas.CasValidationExcepiton ;
2020-12-04 15:54:49 +01:00
import com.plannaplan.security.cas.CasValidator ;
2020-12-03 17:14:39 +01:00
import com.plannaplan.security.cas.CustomUAMCasValidator ;
2020-12-04 15:54:49 +01:00
import com.plannaplan.security.cas.DefaultUAMCasValidator ;
2020-09-14 12:55:47 +02:00
import com.plannaplan.services.UserService ;
2020-09-11 14:12:13 +02:00
2020-09-14 12:55:47 +02:00
import org.springframework.beans.factory.annotation.Autowired ;
2020-12-04 15:42:28 +01:00
import org.springframework.beans.factory.annotation.Value ;
2020-09-11 14:33:29 +02:00
import org.springframework.http.HttpStatus ;
2020-09-11 14:12:13 +02:00
import org.springframework.http.ResponseEntity ;
import org.springframework.web.bind.annotation.CrossOrigin ;
import org.springframework.web.bind.annotation.GetMapping ;
import org.springframework.web.bind.annotation.RequestParam ;
import org.springframework.web.bind.annotation.RestController ;
2020-11-04 16:40:02 +01:00
import io.swagger.annotations.Api ;
2020-11-04 16:58:26 +01:00
import io.swagger.annotations.ApiOperation ;
2020-11-04 17:23:29 +01:00
import io.swagger.annotations.ApiParam ;
2020-11-04 16:40:02 +01:00
2021-01-16 13:57:58 +01:00
/ * *
* Rest controller to Token related endpoints . More detailed api docs is
* available via swagger
* /
2020-09-11 14:12:13 +02:00
@RestController
@CrossOrigin
2020-11-04 16:40:02 +01:00
@Api ( tags = { " Token " } , value = " Token " , description = " Enpoints to get authorization. " )
2020-09-11 14:12:13 +02:00
public class TokenController {
2020-12-04 15:42:28 +01:00
@Value ( " ${plannaplan.frontendUrl} " )
2020-12-04 15:54:49 +01:00
private String serviceUrl ;
@Value ( " ${plannaplan.dev} " )
private boolean isDev ;
2020-09-11 14:12:13 +02:00
2020-09-14 12:55:47 +02:00
@Autowired
private UserService userService ;
2021-01-16 13:57:58 +01:00
/ * *
* @param ticket via CAS obtained ticket - it ' s base to auth user
* @return TokenResponse if operation was success
* /
2020-09-11 14:33:29 +02:00
@GetMapping ( " /token " )
2020-11-04 16:58:26 +01:00
@ApiOperation ( value = " Endpoint to access token required to call secured endpoints. In order to access token we need to provide access token comming from unviersity CAS system " )
2020-12-07 21:46:47 +01:00
public ResponseEntity < TokenResponse > getToken (
2020-12-03 17:14:39 +01:00
@RequestParam ( " ticket " ) @ApiParam ( value = " Ticket get from CAS system. It should look like ST-1376572-wo41gty5R0JCZFKMMie2-cas.amu.edu.psl " ) final String ticket ) {
2020-12-07 21:46:47 +01:00
final CasValidator validator = isDev ? new DefaultUAMCasValidator ( serviceUrl , ticket )
: new CustomUAMCasValidator ( serviceUrl , ticket ) ;
2020-09-11 14:33:29 +02:00
2020-09-14 12:55:47 +02:00
try {
2020-12-03 16:57:53 +01:00
final CasUserIdentity casUserIdentity = validator . validate ( ) ;
final String usosId = casUserIdentity . getUsosId ( ) ;
final String authority = casUserIdentity . getEmail ( ) ;
2020-12-07 21:46:47 +01:00
User user = this . userService . checkForUser ( authority , usosId ) ;
user = this . userService . login ( user ) ;
return new ResponseEntity < > ( new TokenResponse ( user ) , HttpStatus . OK ) ;
2020-09-14 12:55:47 +02:00
} catch ( CasValidationExcepiton e ) {
2020-12-07 21:46:47 +01:00
return new ResponseEntity < > ( null , HttpStatus . UNAUTHORIZED ) ;
2020-09-14 12:55:47 +02:00
} catch ( UserNotFoundException e ) {
2020-12-07 21:46:47 +01:00
return new ResponseEntity < > ( null , HttpStatus . NOT_FOUND ) ;
2020-09-14 12:55:47 +02:00
} catch ( Exception e ) {
2020-12-07 21:46:47 +01:00
return new ResponseEntity < > ( null , HttpStatus . INTERNAL_SERVER_ERROR ) ;
2020-09-11 14:33:29 +02:00
}
}
2020-12-23 11:51:17 +01:00
2021-01-16 13:57:58 +01:00
/ * *
* @param refreshToken refresh token obtained via / token endpoint
* @return TokenResponse if operation was success
* @throws NullPointerException is thrown if user was not found by refrshtoken
* /
2020-12-23 11:51:17 +01:00
@GetMapping ( " /token/refresh " )
@ApiOperation ( value = " Endpoint to access new token based on refresh token. It's needed when request with provided token fail with code 403 " )
public ResponseEntity < TokenResponse > getRefreshToken (
2020-12-23 12:12:50 +01:00
@RequestParam ( " refreshToken " ) @ApiParam ( value = " Refresh token obtained in /token request " ) final String refreshToken )
throws NullPointerException {
Optional < User > userResult = this . userService . getUserByRefreshToken ( refreshToken ) ;
if ( userResult . isEmpty ( ) ) {
return new ResponseEntity < > ( null , HttpStatus . NOT_FOUND ) ;
}
User user = userResult . get ( ) ;
2020-12-23 11:51:17 +01:00
user . setToken ( UUID . randomUUID ( ) . toString ( ) ) ;
user = this . userService . save ( user ) ;
return new ResponseEntity < > ( new TokenResponse ( user ) , HttpStatus . OK ) ;
}
2020-09-11 14:12:13 +02:00
}