1
|
package eu.dnetlib.repo.manager.server.services;
|
2
|
|
3
|
import com.google.gwt.user.client.Cookies;
|
4
|
import eu.dnetlib.domain.functionality.UserProfile;
|
5
|
import eu.dnetlib.gwt.server.service.SpringGwtRemoteServiceServlet;
|
6
|
import eu.dnetlib.repo.manager.client.services.UserService;
|
7
|
import eu.dnetlib.repo.manager.server.utils.EmailUtils;
|
8
|
import eu.dnetlib.repo.manager.shared.Tuple;
|
9
|
import eu.dnetlib.repo.manager.shared.UserAccessException;
|
10
|
import eu.dnetlib.users.UserApi;
|
11
|
import org.apache.log4j.Logger;
|
12
|
import org.eclipse.jetty.server.Authentication;
|
13
|
import org.mitre.openid.connect.model.OIDCAuthenticationToken;
|
14
|
import org.springframework.beans.factory.annotation.Autowired;
|
15
|
import org.springframework.security.core.context.SecurityContextHolder;
|
16
|
import org.springframework.stereotype.Service;
|
17
|
|
18
|
import javax.servlet.ServletConfig;
|
19
|
import javax.servlet.ServletException;
|
20
|
import javax.servlet.http.Cookie;
|
21
|
import javax.servlet.http.HttpSession;
|
22
|
import java.util.ArrayList;
|
23
|
import java.util.Arrays;
|
24
|
import java.util.List;
|
25
|
import java.util.regex.Pattern;
|
26
|
|
27
|
/**
|
28
|
* Created by nikonas on 12/7/15.
|
29
|
*/
|
30
|
@Service("userService")
|
31
|
public class UserServiceImpl extends SpringGwtRemoteServiceServlet implements UserService {
|
32
|
|
33
|
private static final Logger LOGGER = Logger
|
34
|
.getLogger(UserServiceImpl.class);
|
35
|
|
36
|
@Autowired
|
37
|
private UserApi userAPI;
|
38
|
|
39
|
@Autowired
|
40
|
private EmailUtils emailUtils;
|
41
|
|
42
|
|
43
|
public void init(ServletConfig config) throws ServletException {
|
44
|
|
45
|
LOGGER.info("initializing user service impl ");
|
46
|
super.init(config);
|
47
|
|
48
|
}
|
49
|
|
50
|
@Override
|
51
|
public Tuple<UserProfile, String> login(String email_username, String password) throws UserAccessException {
|
52
|
LOGGER.info("Checking credentials for user " + email_username);
|
53
|
try {
|
54
|
|
55
|
String email = email_username;
|
56
|
|
57
|
Pattern rfc2822 = Pattern.compile("^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$");
|
58
|
if (!rfc2822.matcher(email_username.trim().toLowerCase()).matches()) {
|
59
|
LOGGER.debug("user logged in using username");
|
60
|
email = this.userAPI.getEmailFromUsername(email_username);
|
61
|
}
|
62
|
if (email == null) {
|
63
|
throw new UserAccessException("login.userNotExists", UserAccessException.ErrorCode.INVALID_USERNAME);
|
64
|
}
|
65
|
if (!this.userAPI.userExists(email)) {
|
66
|
throw new UserAccessException("login.userNotExists", UserAccessException.ErrorCode.INVALID_USERNAME);
|
67
|
}
|
68
|
if (!this.userAPI.isUserActivated(email)) {
|
69
|
throw new UserAccessException("login.notActivated", UserAccessException.ErrorCode.NOT_ACTIVATED);
|
70
|
}
|
71
|
if (!this.userAPI.correctCreds(email, password)) {
|
72
|
throw new UserAccessException("login.InvalidPassword", UserAccessException.ErrorCode.INVALID_PASSWORD);
|
73
|
}
|
74
|
|
75
|
UserProfile userProfile = this.userAPI.getUser(email);
|
76
|
String role = "";
|
77
|
|
78
|
String[] adminEmails = new String[] {"stefania.martziou@gmail.com" , "antleb@di.uoa.gr", "ant.lebesis@gmail.com", "natalia@di.uoa.gr", "pedroprincipe@sdum.uminho.pt", "dpierrakos@gmail.com", "jochen.schirrwagen@uni-bielefeld.de", "aenne.loehden@uni-bielefeld.de"};
|
79
|
if(Arrays.asList(adminEmails).contains(userProfile.getEmail()))
|
80
|
role = "admin";
|
81
|
|
82
|
return new Tuple<>(userProfile, role);
|
83
|
|
84
|
} catch (Exception e) {
|
85
|
LOGGER.error("An error occurred while checking credentials for user " + email_username, e);
|
86
|
emailUtils.reportException(e);
|
87
|
|
88
|
if (e instanceof UserAccessException) {
|
89
|
throw (UserAccessException) e;
|
90
|
}
|
91
|
else {
|
92
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
93
|
}
|
94
|
}
|
95
|
|
96
|
}
|
97
|
|
98
|
@Override
|
99
|
public Tuple<UserProfile, String> getUserByEmail(String email) throws UserAccessException {
|
100
|
LOGGER.info("Getting user with email " + email);
|
101
|
try {
|
102
|
|
103
|
UserProfile userProfile = this.userAPI.getUser(email);
|
104
|
String role = "";
|
105
|
|
106
|
String[] adminEmails = new String[] {"stefania.martziou@gmail.com" , "antleb@di.uoa.gr", "ant.lebesis@gmail.com", "natalia@di.uoa.gr", "pedroprincipe@sdum.uminho.pt", "dpierrakos@gmail.com", "jochen.schirrwagen@uni-bielefeld.de", "aenne.loehden@uni-bielefeld.de"};
|
107
|
if(Arrays.asList(adminEmails).contains(userProfile.getEmail()))
|
108
|
role = "admin";
|
109
|
|
110
|
return new Tuple<>(userProfile, role);
|
111
|
|
112
|
} catch (Exception e) {
|
113
|
LOGGER.error("An error occurred while getting user with email " + email, e);
|
114
|
emailUtils.reportException(e);
|
115
|
|
116
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
117
|
}
|
118
|
}
|
119
|
|
120
|
@Override
|
121
|
public void register(UserProfile userProfile) throws UserAccessException {
|
122
|
|
123
|
try {
|
124
|
LOGGER.info("Registering user " + userProfile.getEmail());
|
125
|
|
126
|
Pattern rfc2822 = Pattern.compile("^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$");
|
127
|
if (!rfc2822.matcher(userProfile.getEmail().trim().toLowerCase()).matches()) {
|
128
|
throw new UserAccessException("login.notValidEmail", UserAccessException.ErrorCode.INVALID_EMAIL_FORMAT);
|
129
|
}
|
130
|
|
131
|
if (this.userAPI.usernameExists(userProfile.getUsername())) {
|
132
|
throw new UserAccessException("login.usernameAlreadyExists", UserAccessException.ErrorCode.USERNAME_ALREADY_EXISTS);
|
133
|
}
|
134
|
if (this.userAPI.userExists(userProfile.getEmail())) {
|
135
|
throw new UserAccessException("login.mailAlreadyExists", UserAccessException.ErrorCode.MAIL_ALREADY_EXISTS);
|
136
|
}
|
137
|
|
138
|
// String activationId = "TEST";
|
139
|
String activationId = this.userAPI.addUser(userProfile.getUsername(), userProfile.getEmail(), userProfile.getPassword(), userProfile.getFirstname(), userProfile.getLastname(), userProfile.getInstitution());
|
140
|
|
141
|
emailUtils.sendActivationEmail(userProfile, activationId);
|
142
|
|
143
|
} catch (Exception e) {
|
144
|
LOGGER.error("Error while registering user " + userProfile.getEmail(), e);
|
145
|
emailUtils.reportException(e);
|
146
|
|
147
|
if (e instanceof UserAccessException)
|
148
|
throw (UserAccessException) e;
|
149
|
else
|
150
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
151
|
}
|
152
|
|
153
|
}
|
154
|
|
155
|
@Override
|
156
|
public void activateUser(String activationId) throws UserAccessException {
|
157
|
try {
|
158
|
LOGGER.info("Activating user with activation with activation id " + activationId);
|
159
|
|
160
|
if (!this.userAPI.activateUser(activationId))
|
161
|
throw new UserAccessException("registration.okAccountAlreadyActivation", UserAccessException.ErrorCode.ALREADY_ACTIVATED);
|
162
|
} catch (Exception e) {
|
163
|
LOGGER.error("Error while activating user account with activation id " + activationId, e);
|
164
|
emailUtils.reportException(e);
|
165
|
|
166
|
if (e instanceof UserAccessException)
|
167
|
throw (UserAccessException) e;
|
168
|
else
|
169
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
170
|
}
|
171
|
}
|
172
|
|
173
|
@Override
|
174
|
public void updateUser(UserProfile userProfile) throws UserAccessException {
|
175
|
try {
|
176
|
LOGGER.info("Editing user " + userProfile.getUsername());
|
177
|
Pattern rfc2822 = Pattern.compile("^[a-z0-9!#$%&'*+/=?^_`{|}~-]+(?:\\.[a-z0-9!#$%&'*+/=?^_`{|}~-]+)*@(?:[a-z0-9](?:[a-z0-9-]*[a-z0-9])?\\.)+[a-z0-9](?:[a-z0-9-]*[a-z0-9])?$");
|
178
|
if (!rfc2822.matcher(userProfile.getEmail().trim().toLowerCase()).matches()) {
|
179
|
throw new UserAccessException("login.notValidEmail", UserAccessException.ErrorCode.INVALID_EMAIL_FORMAT);
|
180
|
}
|
181
|
|
182
|
String currentEmail = this.userAPI.getEmailFromUsername(userProfile.getUsername());
|
183
|
if (!userProfile.getEmail().equalsIgnoreCase(currentEmail)) {
|
184
|
if (this.userAPI.userExists(userProfile.getEmail())) {
|
185
|
throw new UserAccessException("login.mailAlreadyExists", UserAccessException.ErrorCode.MAIL_ALREADY_EXISTS);
|
186
|
}
|
187
|
}
|
188
|
|
189
|
this.userAPI.editUser(userProfile);
|
190
|
|
191
|
} catch (Exception e) {
|
192
|
LOGGER.error("Error while editing user " + userProfile.getUsername(), e);
|
193
|
if (e instanceof UserAccessException)
|
194
|
throw (UserAccessException) e;
|
195
|
else
|
196
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
197
|
}
|
198
|
}
|
199
|
|
200
|
@Override
|
201
|
public void prepareResetPassword(String email) throws UserAccessException {
|
202
|
|
203
|
try {
|
204
|
LOGGER.debug("Sending password recovery to user " + email);
|
205
|
if (!this.userAPI.userExists(email)) {
|
206
|
throw new UserAccessException("login.userNotExists", UserAccessException.ErrorCode.INVALID_USERNAME);
|
207
|
}
|
208
|
List<String> to = new ArrayList<String>();
|
209
|
to.add(email);
|
210
|
String securityCode = this.userAPI.prepareResetPassword(email);
|
211
|
|
212
|
emailUtils.sendResetPasswordEmail(email, securityCode);
|
213
|
|
214
|
} catch (Exception e) {
|
215
|
LOGGER.error("Error while sending password recovery to user " + email, e);
|
216
|
emailUtils.reportException(e);
|
217
|
|
218
|
if (e instanceof UserAccessException)
|
219
|
throw (UserAccessException) e;
|
220
|
else
|
221
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
222
|
}
|
223
|
}
|
224
|
|
225
|
@Override
|
226
|
public void resetPassword(String securityCode, String password) throws UserAccessException {
|
227
|
try {
|
228
|
LOGGER.debug("Reseting password with security code " + securityCode);
|
229
|
|
230
|
if (securityCode.length() == 0) {
|
231
|
throw new UserAccessException("resetPassword.wrongSecurityCode", UserAccessException.ErrorCode.WRONG_SECURITY_CODE);
|
232
|
}
|
233
|
|
234
|
this.userAPI.resetPassword(securityCode, password);
|
235
|
|
236
|
} catch (Exception e) {
|
237
|
LOGGER.error("Error while reseting password with security code " + securityCode);
|
238
|
emailUtils.reportException(e);
|
239
|
|
240
|
if (e instanceof UserAccessException)
|
241
|
throw (UserAccessException) e;
|
242
|
else
|
243
|
throw new UserAccessException("login.generalError", UserAccessException.ErrorCode.GENERAL_ERROR);
|
244
|
}
|
245
|
}
|
246
|
|
247
|
@Override
|
248
|
public void resendActivation(String email) throws UserAccessException {
|
249
|
|
250
|
}
|
251
|
|
252
|
@Override
|
253
|
public Tuple<UserProfile, String> checkCookie() throws Exception {
|
254
|
OIDCAuthenticationToken authentication;
|
255
|
try {
|
256
|
authentication = (OIDCAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
257
|
UserProfile userProfile = new UserProfile();
|
258
|
userProfile.setFirstname(authentication.getUserInfo().getGivenName());
|
259
|
userProfile.setLastname(authentication.getUserInfo().getFamilyName());
|
260
|
userProfile.setEmail(authentication.getUserInfo().getEmail());
|
261
|
|
262
|
LOGGER.debug("User email -> " + userProfile.getEmail());
|
263
|
|
264
|
|
265
|
String role = "";
|
266
|
String[] adminEmails = new String[] {"stefania.martziou@gmail.com" , "antleb@di.uoa.gr", "ant.lebesis@gmail.com", "natalia@di.uoa.gr", "pedroprincipe@sdum.uminho.pt", "dpierrakos@gmail.com", "jochen.schirrwagen@uni-bielefeld.de", "aenne.loehden@uni-bielefeld.de"};
|
267
|
if(Arrays.asList(adminEmails).contains(userProfile.getEmail()))
|
268
|
role = "admin";
|
269
|
return new Tuple<>(userProfile, role);
|
270
|
|
271
|
} catch (Exception e) {
|
272
|
LOGGER.debug("Error on security context holder",e);
|
273
|
LOGGER.debug(Cookies.getCookie("currentUser"));
|
274
|
throw e;
|
275
|
}
|
276
|
}
|
277
|
|
278
|
@Override
|
279
|
public void clearCookie(){
|
280
|
SecurityContextHolder.clearContext();
|
281
|
Cookies.getCookie("currentUser");
|
282
|
}
|
283
|
|
284
|
}
|