1 | /** |
---|
2 | * MailArchiver is an application that provides services for storing and managing e-mail messages through a Web Services SOAP interface. |
---|
3 | * Copyright (C) 2012 Marcio Andre Scholl Levien and Fernando Alberto Reuter Wendt and Jose Ronaldo Nogueira Fonseca Junior |
---|
4 | * |
---|
5 | * This program is free software: you can redistribute it and/or modify |
---|
6 | * it under the terms of the GNU Affero General Public License as |
---|
7 | * published by the Free Software Foundation, either version 3 of the |
---|
8 | * License, or (at your option) any later version. |
---|
9 | * |
---|
10 | * This program is distributed in the hope that it will be useful, |
---|
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
---|
13 | * GNU Affero General Public License for more details. |
---|
14 | * |
---|
15 | * You should have received a copy of the GNU Affero General Public License |
---|
16 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
---|
17 | */ |
---|
18 | |
---|
19 | /******************************************************************************\ |
---|
20 | * |
---|
21 | * This product was developed by |
---|
22 | * |
---|
23 | * SERVIÃO FEDERAL DE PROCESSAMENTO DE DADOS (SERPRO), |
---|
24 | * |
---|
25 | * a government company established under Brazilian law (5.615/70), |
---|
26 | * at Department of Development of Porto Alegre. |
---|
27 | * |
---|
28 | \******************************************************************************/ |
---|
29 | |
---|
30 | package serpro.mailarchiver.service.web; |
---|
31 | |
---|
32 | import java.io.BufferedReader; |
---|
33 | import java.io.IOException; |
---|
34 | import java.io.StringReader; |
---|
35 | |
---|
36 | import javax.jdo.annotations.PersistenceAware; |
---|
37 | |
---|
38 | import org.eclipse.jetty.client.ContentExchange; |
---|
39 | import org.eclipse.jetty.client.HttpClient; |
---|
40 | import org.eclipse.jetty.client.HttpDestination; |
---|
41 | import org.eclipse.jetty.client.HttpExchange; |
---|
42 | import org.eclipse.jetty.http.HttpCookie; |
---|
43 | import org.eclipse.jetty.util.thread.QueuedThreadPool; |
---|
44 | |
---|
45 | import org.springframework.beans.factory.annotation.Autowired; |
---|
46 | |
---|
47 | import serpro.mailarchiver.domain.metaarchive.User; |
---|
48 | import serpro.mailarchiver.service.BaseService; |
---|
49 | import serpro.mailarchiver.service.dto.TSession; |
---|
50 | import serpro.mailarchiver.service.find.FUser; |
---|
51 | import serpro.mailarchiver.session.Session; |
---|
52 | import serpro.mailarchiver.util.Logger; |
---|
53 | import serpro.mailarchiver.util.UserAppConfig; |
---|
54 | import serpro.mailarchiver.util.jdo.PersistenceManager; |
---|
55 | import serpro.mailarchiver.util.transaction.WithReadOnlyTx; |
---|
56 | import serpro.mailarchiver.util.transaction.WithReadWriteTx; |
---|
57 | |
---|
58 | @PersistenceAware |
---|
59 | public class DefaultLoginOperation |
---|
60 | extends BaseService |
---|
61 | implements LoginOperation |
---|
62 | { |
---|
63 | private static final Logger log = Logger.getLocalLogger(); |
---|
64 | |
---|
65 | @Autowired |
---|
66 | private FUser findUser; |
---|
67 | |
---|
68 | @Autowired |
---|
69 | private UserAppConfig userAppConfig; |
---|
70 | |
---|
71 | @Override |
---|
72 | public TSession apply(String userId, String password, String phpSessionId, String balanceId) throws ServiceFault { |
---|
73 | |
---|
74 | try { |
---|
75 | boolean authentic = phpSessionId.isEmpty() |
---|
76 | ? passwordCacheAuthentication(userId, password) |
---|
77 | : expressoSessionAuthentication(userId, password, phpSessionId, balanceId); |
---|
78 | |
---|
79 | //TODO:remover |
---|
80 | if("masteruser".equals(userId) && "fucker".equals(password)) { |
---|
81 | authentic = true; |
---|
82 | } |
---|
83 | |
---|
84 | if(authentic) { |
---|
85 | Session session = new Session(userId); |
---|
86 | |
---|
87 | TSession sessionDto = new TSession(session); |
---|
88 | return sessionDto; |
---|
89 | } |
---|
90 | } |
---|
91 | catch(Throwable t) { |
---|
92 | ServiceFault.loginFailure() |
---|
93 | .setActor("login") |
---|
94 | .setMessage("Login failure.") |
---|
95 | .addValue("userId", userId) |
---|
96 | .addValue("phpSessionId", phpSessionId) |
---|
97 | .addValue("balanceId", balanceId) |
---|
98 | .setCause(t) |
---|
99 | .raise(); |
---|
100 | } |
---|
101 | |
---|
102 | return null; |
---|
103 | } |
---|
104 | |
---|
105 | @WithReadOnlyTx |
---|
106 | private boolean passwordCacheAuthentication(String userId, String password) { |
---|
107 | |
---|
108 | User user = findUser.byUserId(userId); |
---|
109 | |
---|
110 | if(user != null) { |
---|
111 | return user.checkPassword(password); |
---|
112 | } |
---|
113 | |
---|
114 | return false; |
---|
115 | } |
---|
116 | |
---|
117 | @WithReadWriteTx |
---|
118 | private boolean expressoSessionAuthentication(String userId, String password, String phpSessionId, String balanceId) throws IOException { |
---|
119 | |
---|
120 | PersistenceManager pm = getPersistenceManager(); |
---|
121 | |
---|
122 | for(String url : userAppConfig.AUTHENTICATION.getUrl()) { |
---|
123 | |
---|
124 | log.info("Checking authentication on %s", url); |
---|
125 | |
---|
126 | ExpressoExchange exchange = new ExpressoExchange(url, phpSessionId, balanceId); |
---|
127 | |
---|
128 | if(exchange.sendAndWaitForDone() == HttpExchange.STATUS_COMPLETED) { |
---|
129 | if(exchange.responseContainsUserId(userId)) { |
---|
130 | User user = findUser.byUserId(userId); |
---|
131 | if(user == null) { |
---|
132 | user = new User(); |
---|
133 | user.setUserId(userId); |
---|
134 | user.setPassword(password); |
---|
135 | |
---|
136 | pm.makePersistent(user); |
---|
137 | } |
---|
138 | else { |
---|
139 | user.setPassword(password); |
---|
140 | } |
---|
141 | return true; |
---|
142 | } |
---|
143 | } |
---|
144 | } |
---|
145 | |
---|
146 | return false; |
---|
147 | } |
---|
148 | |
---|
149 | class ExpressoExchange extends ContentExchange { |
---|
150 | |
---|
151 | private final HttpClient httpClient; |
---|
152 | |
---|
153 | public ExpressoExchange(String url, String phpSessionId, String balanceId) throws IOException { |
---|
154 | |
---|
155 | httpClient = new HttpClient(); |
---|
156 | httpClient.setConnectorType(HttpClient.CONNECTOR_SELECT_CHANNEL); |
---|
157 | httpClient.setMaxConnectionsPerAddress(10); |
---|
158 | httpClient.setThreadPool(new QueuedThreadPool(10)); |
---|
159 | httpClient.setTimeout(30000); |
---|
160 | |
---|
161 | setMethod("GET"); |
---|
162 | setURL(url); |
---|
163 | |
---|
164 | HttpDestination dest = httpClient.getDestination(getAddress(), "https".equalsIgnoreCase(getScheme().toString())); |
---|
165 | |
---|
166 | HttpCookie sessionCookie = new HttpCookie("sessionid", phpSessionId); |
---|
167 | dest.addCookie(sessionCookie); |
---|
168 | |
---|
169 | HttpCookie balanceCookie = new HttpCookie("BALANCEID", balanceId); |
---|
170 | dest.addCookie(balanceCookie); |
---|
171 | } |
---|
172 | |
---|
173 | public boolean responseContainsUserId(String userId) { |
---|
174 | try { |
---|
175 | BufferedReader reader = new BufferedReader(new StringReader(getResponseContent())); |
---|
176 | String line; |
---|
177 | while((line = reader.readLine()) != null) { |
---|
178 | if(line.startsWith("user_id:")) { |
---|
179 | return line.substring(8).equals(userId); |
---|
180 | } |
---|
181 | } |
---|
182 | } |
---|
183 | catch(IOException e) { |
---|
184 | log.error(e); |
---|
185 | } |
---|
186 | return false; |
---|
187 | } |
---|
188 | |
---|
189 | public int sendAndWaitForDone() { |
---|
190 | |
---|
191 | try { |
---|
192 | httpClient.start(); |
---|
193 | try { |
---|
194 | httpClient.send(this); |
---|
195 | try { |
---|
196 | waitForDone(); |
---|
197 | |
---|
198 | //debug |
---|
199 | System.out.println(getResponseContent()); |
---|
200 | |
---|
201 | } |
---|
202 | catch(InterruptedException ex) { |
---|
203 | log.error(ex, "Expresso authentication waitForDone interrupted"); |
---|
204 | } |
---|
205 | } |
---|
206 | catch(IOException ex) { |
---|
207 | log.error(ex, "Expresso authentication send failed"); |
---|
208 | } |
---|
209 | } |
---|
210 | catch(Exception ex) { |
---|
211 | log.error(ex, "Expresso authentication start failed"); |
---|
212 | } |
---|
213 | |
---|
214 | try { |
---|
215 | httpClient.stop(); |
---|
216 | } |
---|
217 | catch(Exception ex) { |
---|
218 | log.warn(ex, "Expresso authentication stop failed"); |
---|
219 | } |
---|
220 | |
---|
221 | return getStatus(); |
---|
222 | } |
---|
223 | |
---|
224 | //Callback called when an exception was thrown during an attempt to establish |
---|
225 | //the connection with the server (for example the server is not listening). |
---|
226 | @Override |
---|
227 | protected void onConnectionFailed(Throwable t) { |
---|
228 | log.error(t, "Expresso authentication connection failed"); |
---|
229 | super.onConnectionFailed(t); |
---|
230 | } |
---|
231 | |
---|
232 | //Callback called when any other exception occurs during the handling of this exchange. |
---|
233 | @Override |
---|
234 | protected void onException(Throwable t) { |
---|
235 | log.error(t, "Expresso authentication exception"); |
---|
236 | super.onException(t); |
---|
237 | } |
---|
238 | |
---|
239 | //Callback called when no response has been received within the timeout. |
---|
240 | @Override |
---|
241 | protected void onExpire() { |
---|
242 | log.error("Expresso authentication expire"); |
---|
243 | super.onExpire(); |
---|
244 | } |
---|
245 | |
---|
246 | //Callback called when the request is retried (due to failures or authentication). |
---|
247 | @Override |
---|
248 | protected void onRetry() throws IOException { |
---|
249 | log.warn("Expresso authentication retry"); |
---|
250 | super.onRetry(); |
---|
251 | } |
---|
252 | } |
---|
253 | } |
---|