|
|
|
@ -1,6 +1,11 @@
|
|
|
|
|
package com.icomsys.main_vm.biz.common.login.service;
|
|
|
|
|
|
|
|
|
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
|
|
|
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
|
|
|
|
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
|
|
|
|
|
import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
|
|
|
|
|
import com.google.gson.Gson;
|
|
|
|
|
import com.google.gson.JsonObject;
|
|
|
|
|
import com.icomsys.main_vm.biz.advice.excep.CustomBadRequestException;
|
|
|
|
|
import com.icomsys.main_vm.biz.advice.excep.CustomNotFoundException;
|
|
|
|
|
import com.icomsys.main_vm.biz.common.common.service.LogService;
|
|
|
|
@ -22,8 +27,11 @@ import com.icomsys.main_vm.db.jpa.entity.conversation.TbIcsLog;
|
|
|
|
|
import com.icomsys.main_vm.db.jpa.entity.system.TbBotUser;
|
|
|
|
|
import com.icomsys.main_vm.db.jpa.repo.system.*;
|
|
|
|
|
import com.icomsys.main_vm.db.mybatis.alias.LoginVO;
|
|
|
|
|
import io.jsonwebtoken.Claims;
|
|
|
|
|
import lombok.RequiredArgsConstructor;
|
|
|
|
|
import lombok.extern.slf4j.Slf4j;
|
|
|
|
|
import org.springframework.boot.json.BasicJsonParser;
|
|
|
|
|
import org.springframework.boot.json.JsonParser;
|
|
|
|
|
import org.springframework.context.MessageSource;
|
|
|
|
|
import org.springframework.data.jpa.repository.config.EnableJpaAuditing;
|
|
|
|
|
import org.springframework.http.ResponseEntity;
|
|
|
|
@ -39,11 +47,18 @@ import org.springframework.security.crypto.password.PasswordEncoder;
|
|
|
|
|
import org.springframework.stereotype.Service;
|
|
|
|
|
import org.springframework.transaction.annotation.Transactional;
|
|
|
|
|
import org.springframework.ui.ModelMap;
|
|
|
|
|
import org.springframework.util.StringUtils;
|
|
|
|
|
|
|
|
|
|
import javax.servlet.http.Cookie;
|
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
|
|
|
|
import javax.servlet.http.HttpServletResponse;
|
|
|
|
|
import javax.servlet.http.HttpSession;
|
|
|
|
|
import java.io.ByteArrayInputStream;
|
|
|
|
|
import java.io.IOException;
|
|
|
|
|
import java.io.ObjectInputStream;
|
|
|
|
|
import java.io.Reader;
|
|
|
|
|
import java.time.LocalDateTime;
|
|
|
|
|
import java.time.format.DateTimeFormatter;
|
|
|
|
|
import java.util.*;
|
|
|
|
|
import java.util.concurrent.atomic.AtomicInteger;
|
|
|
|
|
import java.util.stream.Collectors;
|
|
|
|
@ -98,7 +113,7 @@ public class LoginService {
|
|
|
|
|
SecurityContext securityContext = SecurityContextHolder.getContext();
|
|
|
|
|
securityContext.setAuthentication(authentication);
|
|
|
|
|
|
|
|
|
|
sessionSetting(user);
|
|
|
|
|
// sessionSetting(user);
|
|
|
|
|
|
|
|
|
|
LoginVO userResult = user.toLoginVO();
|
|
|
|
|
return "forward:/adm/main/actionMain.do";
|
|
|
|
@ -115,30 +130,66 @@ public class LoginService {
|
|
|
|
|
session.setAttribute(SessionResource.UserVO.getName(), tbu.toUserVO());
|
|
|
|
|
session.setMaxInactiveInterval(60 * 60);
|
|
|
|
|
// session.setMaxInactiveInterval(30);
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// private void jwtSetting(LoginReq dto, TbBotUser user) {
|
|
|
|
|
// // 1. Login ID/PW 를 기반으로 Authentication 객체 생성
|
|
|
|
|
// // 이때 authentication 는 인증 여부를 확인하는 authenticated 값이 false
|
|
|
|
|
// UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(dto.getUserId(), dto.getPassword());
|
|
|
|
|
//
|
|
|
|
|
// // 2. 실제 검증 (사용자 비밀번호 체크)이 이루어지는 부분
|
|
|
|
|
// // authenticate 매서드가 실행될 때 CustomUserDetailsService 에서 만든 loadUserByUsername 메서드가 실행
|
|
|
|
|
// try {
|
|
|
|
|
// Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
|
|
|
|
//
|
|
|
|
|
// // 3. 인증 정보를 기반으로 JWT 토큰 생성
|
|
|
|
|
// CinnamonToken tokenInfo = tokenProvider.generateToken(authentication, user);
|
|
|
|
|
//
|
|
|
|
|
// // create a cookie
|
|
|
|
|
// Cookie cookie = new Cookie("accessToken", tokenInfo.getAccessToken());
|
|
|
|
|
//
|
|
|
|
|
// // expires in 7 days
|
|
|
|
|
// cookie.setMaxAge(7 * 24 * 60 * 60);
|
|
|
|
|
//
|
|
|
|
|
// // optional properties
|
|
|
|
|
// cookie.setSecure(true);
|
|
|
|
|
// cookie.setHttpOnly(true);
|
|
|
|
|
// cookie.setPath("/");
|
|
|
|
|
//
|
|
|
|
|
// // add cookie to response
|
|
|
|
|
// httpServletResponse.addCookie(cookie);
|
|
|
|
|
// } catch ( AuthenticationException e) {
|
|
|
|
|
// log.info(e.getMessage());
|
|
|
|
|
// throw e;
|
|
|
|
|
// }
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
@Transactional
|
|
|
|
|
public CinnamonToken tokenLogin(LoginCheckReq dto){
|
|
|
|
|
// 1. Login ID/PW 를 기반으로 Authentication 객체 생성
|
|
|
|
|
// 이때 authentication 는 인증 여부를 확인하는 authenticated 값이 false
|
|
|
|
|
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(dto.getUserId(), dto.getPassword());
|
|
|
|
|
|
|
|
|
|
TbBotUser user = tbBotUserRepo.findByUserIdAndUseYn(dto.getUserId(), "Y")
|
|
|
|
|
.orElseThrow(() -> new UsernameNotFoundException("로그인 실패"));
|
|
|
|
|
|
|
|
|
|
// 2. 실제 검증 (사용자 비밀번호 체크)이 이루어지는 부분
|
|
|
|
|
// authenticate 매서드가 실행될 때 CustomUserDetailsService 에서 만든 loadUserByUsername 메서드가 실행
|
|
|
|
|
try {
|
|
|
|
|
Authentication authentication = authenticationManagerBuilder.getObject().authenticate(authenticationToken);
|
|
|
|
|
|
|
|
|
|
// 3. 인증 정보를 기반으로 JWT 토큰 생성
|
|
|
|
|
CinnamonToken tokenInfo = tokenProvider.generateToken(authentication);
|
|
|
|
|
return tokenInfo;
|
|
|
|
|
CinnamonToken cinnamonToken = tokenProvider.generateToken(authentication, user);
|
|
|
|
|
|
|
|
|
|
return cinnamonToken;
|
|
|
|
|
} catch ( AuthenticationException e) {
|
|
|
|
|
log.info(e.getMessage());
|
|
|
|
|
throw e;
|
|
|
|
|
} catch (JsonProcessingException e) {
|
|
|
|
|
throw new RuntimeException(e);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
public String actionMain(ModelMap model) {
|
|
|
|
|
|
|
|
|
|
log.info("action main init ");
|
|
|
|
@ -147,7 +198,9 @@ public class LoginService {
|
|
|
|
|
List<MenuVo> menuVos = new ArrayList<>();
|
|
|
|
|
String url = "";
|
|
|
|
|
// LoginVO loginVO = (LoginVO) httpServletRequest.getSession().getAttribute(SessionResource.LoginVO.getName());
|
|
|
|
|
UserVo userVo = (UserVo) httpServletRequest.getSession().getAttribute(SessionResource.UserVO.getName());
|
|
|
|
|
// UserVo userVo = (UserVo) httpServletRequest.getSession().getAttribute(SessionResource.UserVO.getName());
|
|
|
|
|
UserVo userVo = getUserVo();
|
|
|
|
|
|
|
|
|
|
log.info("action main session uservo- {}", new Gson().toJson(userVo));
|
|
|
|
|
// if (loginVO != null && loginVO.getUserId() != null && !loginVO.getUserId().equals("")) {
|
|
|
|
|
if (userVo != null && userVo.getUserId() != null && !userVo.getUserId().equals("")) {
|
|
|
|
@ -182,7 +235,47 @@ public class LoginService {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public UserVo getUserVo() {
|
|
|
|
|
UserVo user = (UserVo) httpServletRequest.getSession().getAttribute(SessionResource.UserVO.getName());
|
|
|
|
|
String payloadJWT = "";
|
|
|
|
|
String accessToken = "";
|
|
|
|
|
|
|
|
|
|
// String bearerToken = httpServletRequest.getHeader("Authorization");
|
|
|
|
|
//
|
|
|
|
|
// if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer")) {
|
|
|
|
|
// payload = bearerToken.substring(7);
|
|
|
|
|
// }
|
|
|
|
|
|
|
|
|
|
Cookie[] cookies = httpServletRequest.getCookies();
|
|
|
|
|
|
|
|
|
|
if(cookies!=null){
|
|
|
|
|
for (Cookie c : cookies) {
|
|
|
|
|
String name = c.getName(); // 쿠키 이름 가져오기
|
|
|
|
|
String value = c.getValue(); // 쿠키 값 가져오기
|
|
|
|
|
if (name.equals("accessToken")) {
|
|
|
|
|
payloadJWT = value.split("[.]")[1];
|
|
|
|
|
accessToken = value;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
Claims claims = tokenProvider.parseClaims(accessToken);
|
|
|
|
|
|
|
|
|
|
// Base64.Decoder decoder = Base64.getUrlDecoder();
|
|
|
|
|
// final String payload = new String(decoder.decode(payloadJWT));
|
|
|
|
|
// JsonParser jsonParser = new BasicJsonParser();
|
|
|
|
|
// Map<String, Object> jsonArray = jsonParser.parseMap(payload);
|
|
|
|
|
|
|
|
|
|
Gson gson =new Gson();
|
|
|
|
|
Map map =new HashMap();
|
|
|
|
|
// map = gson.fromJson((String) jsonArray.get("UserVO"), map.getClass());
|
|
|
|
|
map = gson.fromJson((String) claims.get("UserVO"), map.getClass());
|
|
|
|
|
|
|
|
|
|
map.put("registDate", map.get("registDate").toString().replace(" ", "T"));
|
|
|
|
|
map.put("updateDate", map.get("updateDate").toString().replace(" ", "T"));
|
|
|
|
|
|
|
|
|
|
ObjectMapper objectMapper = new ObjectMapper();
|
|
|
|
|
UserVo user = objectMapper.registerModule(new JavaTimeModule()).convertValue(map, UserVo.class);
|
|
|
|
|
|
|
|
|
|
// UserVo user = (UserVo) httpServletRequest.getSession().getAttribute(SessionResource.UserVO.getName());
|
|
|
|
|
// if (user == null || user.equals("")) {
|
|
|
|
|
// httpServletResponse.setStatus(401);
|
|
|
|
|
// }
|
|
|
|
@ -191,6 +284,24 @@ public class LoginService {
|
|
|
|
|
|
|
|
|
|
public List<String> getSessionPolicy() {
|
|
|
|
|
return (ArrayList) httpServletRequest.getSession().getAttribute(SessionResource.PolicyList.getName());
|
|
|
|
|
|
|
|
|
|
// String accessToken = "";
|
|
|
|
|
//
|
|
|
|
|
// Cookie[] cookies = httpServletRequest.getCookies();
|
|
|
|
|
//
|
|
|
|
|
// if(cookies!=null){
|
|
|
|
|
// for (Cookie c : cookies) {
|
|
|
|
|
// String name = c.getName(); // 쿠키 이름 가져오기
|
|
|
|
|
// String value = c.getValue(); // 쿠키 값 가져오기
|
|
|
|
|
// if (name.equals("accessToken")) {
|
|
|
|
|
// accessToken = value;
|
|
|
|
|
// }
|
|
|
|
|
// }
|
|
|
|
|
// }
|
|
|
|
|
//
|
|
|
|
|
// Claims claims = tokenProvider.parseClaims(accessToken);
|
|
|
|
|
//
|
|
|
|
|
// return (ArrayList) claims.get("PolicyList");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Transactional
|
|
|
|
@ -307,8 +418,7 @@ public class LoginService {
|
|
|
|
|
public void LastUserServiceGroupUpdate(Long userSeq, String updateService) throws CustomNotFoundException {
|
|
|
|
|
tbBotUserRepo.findById(userSeq)
|
|
|
|
|
.orElseThrow(() -> new CustomNotFoundException())
|
|
|
|
|
.updateLastService(updateService)
|
|
|
|
|
;
|
|
|
|
|
.updateLastService(updateService);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
@Transactional
|
|
|
|
@ -369,7 +479,6 @@ public class LoginService {
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
public List<OprmngCodeRes> getOprmngCodeAdmin(String serviceType) {
|
|
|
|
|
|
|
|
|
|
List<OprmngCodeRes> result = tbServiceGrouopRepo.getOprmngCodeAdmin(getUserVo(), serviceType);
|
|
|
|
|
log.info("result - {}", new Gson().toJson(result));
|
|
|
|
|
return result;
|
|
|
|
@ -412,7 +521,6 @@ public class LoginService {
|
|
|
|
|
return ResponseEntity.ok().build();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
@Transactional
|
|
|
|
|
public ResponseEntity PwdUpdate(PwdUpdateReq dto) throws CustomNotFoundException, CustomBadRequestException {
|
|
|
|
|
TbBotUser user = tbBotUserRepo.findByUserId(dto.getId()).orElseThrow(() -> new CustomNotFoundException());
|
|
|
|
|