All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.capitalone.dashboard.service.ApiTokenServiceImpl Maven / Gradle / Ivy

There is a newer version: 4.0.2
Show newest version
package com.capitalone.dashboard.service;

import com.capitalone.dashboard.misc.HygieiaException;
import com.capitalone.dashboard.model.ApiToken;
import com.capitalone.dashboard.model.UserInfo;
import com.capitalone.dashboard.model.UserRole;
import com.capitalone.dashboard.repository.ApiTokenRepository;
import com.capitalone.dashboard.repository.UserInfoRepository;
import com.capitalone.dashboard.util.Encryption;
import com.capitalone.dashboard.util.EncryptionException;
import com.capitalone.dashboard.util.UnsafeDeleteException;
import com.google.common.collect.Sets;
import org.apache.commons.collections4.CollectionUtils;
import org.apache.log4j.Logger;
import org.bson.types.ObjectId;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.stereotype.Component;

import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.HashSet;
import java.util.List;

@Component
public class ApiTokenServiceImpl implements ApiTokenService {

    private static final Logger LOGGER = Logger.getLogger(ApiTokenServiceImpl.class);

    private ApiTokenRepository apiTokenRepository;

    private UserInfoRepository userInfoRepository;

    @Autowired
    public ApiTokenServiceImpl(ApiTokenRepository apiTokenRepository,UserInfoRepository userInfoRepository) {
        this.apiTokenRepository = apiTokenRepository;
        this.userInfoRepository = userInfoRepository;
    }

    public Collection getApiTokens() {
        return Sets.newHashSet(apiTokenRepository.findAll());
    }

    @Override
    public String getApiToken(String apiUser, Long expirationDt) throws EncryptionException, HygieiaException {
        ApiToken apiToken = apiTokenRepository.findByApiUserAndExpirationDt(apiUser, expirationDt);
        String apiKey = "";
        if(apiToken == null) {
            apiKey = Encryption.getStringKey();
            apiToken = new ApiToken(apiUser, apiKey, expirationDt);
            apiTokenRepository.save(apiToken);
        } else {
            SimpleDateFormat sdf = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss");
            throw new HygieiaException("Token already exists for " + apiUser
                    + " expiring " + sdf.format(new Date(apiToken.getExpirationDt())),
                    HygieiaException.DUPLICATE_DATA);
        }
        return apiKey;
    }

    @Override
    public org.springframework.security.core.Authentication authenticate(String username, String password) {
        List apiTokens = apiTokenRepository.findByApiUser(username);
        UserInfo user = userInfoRepository.findByUsername(username);
        for(ApiToken apiToken : apiTokens) {
            if (username.equalsIgnoreCase(apiToken.getApiUser())) {
                if (apiToken.checkApiKey(password)) {
                    Date sysdate = Calendar.getInstance().getTime();
                    Date expDt = new Date(apiToken.getExpirationDt());
                    if (compareDates(sysdate, expDt) <= 0) {

                        Collection roles = new ArrayList<>();
                        roles.add(UserRole.ROLE_API);
                        if(isUserAdmin(user))
                            roles.add(UserRole.ROLE_ADMIN);
                        return new UsernamePasswordAuthenticationToken(username,
                                password, createAuthorities(roles));
                    }
                }
            }
        }

        throw new BadCredentialsException("Login Failed: Invalid credentials for user " + username);
    }

    private boolean isUserAdmin(UserInfo user) {
        if(user==null) return false;
        if(CollectionUtils.isEmpty(user.getAuthorities())) return false;
        return user.getAuthorities().stream().anyMatch(userRole -> userRole.equals(UserRole.ROLE_ADMIN));
    }

    @Override
    public void deleteToken(ObjectId id) {
        ApiToken apiToken = apiTokenRepository.findOne(id);

        if(apiToken == null) {
            throw new UnsafeDeleteException("Cannot delete token ");
        }else{
            apiTokenRepository .delete(apiToken);
        }
    }
    @Override
    public String updateToken(Long expirationDt, ObjectId id) throws HygieiaException{
        ApiToken apiToken = apiTokenRepository.findOne(id);
        if(apiToken == null) {
            throw new HygieiaException("Cannot find token ", HygieiaException.BAD_DATA);
        }else{

            apiToken.setExpirationDt(expirationDt);
            apiTokenRepository.save(apiToken);
        }

        return apiToken.getId().toString();
    }
    private Collection createAuthorities(Collection authorities) {
        Collection grantedAuthorities = new HashSet<>();
        authorities.forEach(authority -> grantedAuthorities.add(new SimpleGrantedAuthority(authority.name())));
        return grantedAuthorities;
    }

    /**
     *
     * @param argA firstDate
     * @param argB secondDate
     * @return 0 = equal, -1 = firstDate is before secondDate, 1 = firstDate is after secondDate
     */
    private static int compareDates(Date argA, Date argB) {

        if (argA == null || argB == null) {
            return -1;
        }

        int retVal = -1;
        try {
            retVal = argA.compareTo(argB);
            if (retVal == 0) { //if dates are equal.
                return 0;
            } else if (retVal < 0) { //if argA is before argument.
                return -1;
            } else { //if argA is after argument.
                return 1;
            }
        } catch (Exception e) {
            LOGGER.warn("Unable to compare dates", e);
        }

        return retVal;
    }
}




© 2015 - 2025 Weber Informatics LLC | Privacy Policy